gitee.com/mysnapcore/mysnapd@v0.1.0/interfaces/builtin/kernel_crypto_api_test.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2020 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package builtin_test 21 22 import ( 23 . "gopkg.in/check.v1" 24 25 "gitee.com/mysnapcore/mysnapd/interfaces" 26 "gitee.com/mysnapcore/mysnapd/interfaces/apparmor" 27 "gitee.com/mysnapcore/mysnapd/interfaces/builtin" 28 "gitee.com/mysnapcore/mysnapd/interfaces/seccomp" 29 "gitee.com/mysnapcore/mysnapd/snap" 30 "gitee.com/mysnapcore/mysnapd/testutil" 31 ) 32 33 type kernelCryptoAPIInterfaceSuite struct { 34 iface interfaces.Interface 35 coreSlotInfo *snap.SlotInfo 36 coreSlot *interfaces.ConnectedSlot 37 plugInfo *snap.PlugInfo 38 plug *interfaces.ConnectedPlug 39 } 40 41 var _ = Suite(&kernelCryptoAPIInterfaceSuite{ 42 iface: builtin.MustInterface("kernel-crypto-api"), 43 }) 44 45 const kernelCryptoAPIConsumerYaml = `name: consumer 46 version: 0 47 apps: 48 app: 49 plugs: [kernel-crypto-api] 50 ` 51 52 const kernelCryptoAPICoreYaml = `name: core 53 version: 0 54 type: os 55 slots: 56 kernel-crypto-api: 57 ` 58 59 func (s *kernelCryptoAPIInterfaceSuite) SetUpTest(c *C) { 60 s.plug, s.plugInfo = MockConnectedPlug(c, kernelCryptoAPIConsumerYaml, nil, "kernel-crypto-api") 61 s.coreSlot, s.coreSlotInfo = MockConnectedSlot(c, kernelCryptoAPICoreYaml, nil, "kernel-crypto-api") 62 } 63 64 func (s *kernelCryptoAPIInterfaceSuite) TestName(c *C) { 65 c.Assert(s.iface.Name(), Equals, "kernel-crypto-api") 66 } 67 68 func (s *kernelCryptoAPIInterfaceSuite) TestSanitizeSlot(c *C) { 69 c.Assert(interfaces.BeforePrepareSlot(s.iface, s.coreSlotInfo), IsNil) 70 } 71 72 func (s *kernelCryptoAPIInterfaceSuite) TestSanitizePlug(c *C) { 73 c.Assert(interfaces.BeforePreparePlug(s.iface, s.plugInfo), IsNil) 74 } 75 76 func (s *kernelCryptoAPIInterfaceSuite) TestAppArmorSpec(c *C) { 77 spec := &apparmor.Specification{} 78 c.Assert(spec.AddConnectedPlug(s.iface, s.plug, s.coreSlot), IsNil) 79 c.Assert(spec.SecurityTags(), DeepEquals, []string{"snap.consumer.app"}) 80 c.Assert(spec.SnippetForTag("snap.consumer.app"), testutil.Contains, "# Description: Can access the Linux kernel crypto API") 81 c.Assert(spec.SnippetForTag("snap.consumer.app"), testutil.Contains, "network alg seqpacket,") 82 } 83 84 func (s *kernelCryptoAPIInterfaceSuite) TestSeccompSpec(c *C) { 85 spec := &seccomp.Specification{} 86 c.Assert(spec.AddConnectedPlug(s.iface, s.plug, s.coreSlot), IsNil) 87 c.Assert(spec.SecurityTags(), DeepEquals, []string{"snap.consumer.app"}) 88 c.Assert(spec.SnippetForTag("snap.consumer.app"), testutil.Contains, "# Description: Can access the Linux kernel crypto API") 89 c.Assert(spec.SnippetForTag("snap.consumer.app"), testutil.Contains, "socket AF_NETLINK - NETLINK_CRYPTO") 90 } 91 92 func (s *kernelCryptoAPIInterfaceSuite) TestStaticInfo(c *C) { 93 si := interfaces.StaticInfoOf(s.iface) 94 c.Assert(si.ImplicitOnCore, Equals, true) 95 c.Assert(si.ImplicitOnClassic, Equals, true) 96 c.Assert(si.Summary, Equals, `allows access to the Linux kernel crypto API`) 97 c.Assert(si.BaseDeclarationSlots, testutil.Contains, "kernel-crypto-api") 98 c.Assert(si.BaseDeclarationSlots, testutil.Contains, "deny-auto-connection: true") 99 } 100 101 func (s *kernelCryptoAPIInterfaceSuite) TestInterfaces(c *C) { 102 c.Check(builtin.Interfaces(), testutil.DeepContains, s.iface) 103 }