gitee.com/mysnapcore/mysnapd@v0.1.0/interfaces/builtin/modem_manager_test.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2016-2017 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package builtin_test 21 22 import ( 23 "fmt" 24 25 . "gopkg.in/check.v1" 26 27 "gitee.com/mysnapcore/mysnapd/dirs" 28 "gitee.com/mysnapcore/mysnapd/interfaces" 29 "gitee.com/mysnapcore/mysnapd/interfaces/apparmor" 30 "gitee.com/mysnapcore/mysnapd/interfaces/builtin" 31 "gitee.com/mysnapcore/mysnapd/interfaces/dbus" 32 "gitee.com/mysnapcore/mysnapd/interfaces/seccomp" 33 "gitee.com/mysnapcore/mysnapd/interfaces/udev" 34 "gitee.com/mysnapcore/mysnapd/release" 35 "gitee.com/mysnapcore/mysnapd/snap" 36 "gitee.com/mysnapcore/mysnapd/snap/snaptest" 37 "gitee.com/mysnapcore/mysnapd/testutil" 38 ) 39 40 type ModemManagerInterfaceSuite struct { 41 iface interfaces.Interface 42 slotInfo *snap.SlotInfo 43 slot *interfaces.ConnectedSlot 44 plugInfo *snap.PlugInfo 45 plug *interfaces.ConnectedPlug 46 } 47 48 const modemmgrMockSlotSnapInfoYaml = `name: modem-manager 49 version: 1.0 50 apps: 51 mm: 52 command: foo 53 slots: [modem-manager] 54 ` 55 56 const modemmgrMockPlugSnapInfoYaml = `name: modem-manager 57 version: 1.0 58 plugs: 59 modem-manager: 60 interface: modem-manager 61 apps: 62 mmcli: 63 command: foo 64 plugs: 65 - modem-manager 66 ` 67 68 var _ = Suite(&ModemManagerInterfaceSuite{ 69 iface: builtin.MustInterface("modem-manager"), 70 }) 71 72 func (s *ModemManagerInterfaceSuite) SetUpTest(c *C) { 73 s.plugInfo = &snap.PlugInfo{ 74 Snap: &snap.Info{SuggestedName: "modem-manager"}, 75 Name: "mmcli", 76 Interface: "modem-manager", 77 } 78 s.plug = interfaces.NewConnectedPlug(s.plugInfo, nil, nil) 79 slotSnap := snaptest.MockInfo(c, modemmgrMockSlotSnapInfoYaml, nil) 80 s.slotInfo = slotSnap.Slots["modem-manager"] 81 s.slot = interfaces.NewConnectedSlot(s.slotInfo, nil, nil) 82 } 83 84 func (s *ModemManagerInterfaceSuite) TestName(c *C) { 85 c.Assert(s.iface.Name(), Equals, "modem-manager") 86 } 87 88 // The label glob when all apps are bound to the modem-manager slot 89 func (s *ModemManagerInterfaceSuite) TestConnectedPlugSnippetUsesSlotLabelAll(c *C) { 90 app1 := &snap.AppInfo{Name: "app1"} 91 app2 := &snap.AppInfo{Name: "app2"} 92 slot := interfaces.NewConnectedSlot(&snap.SlotInfo{ 93 Snap: &snap.Info{ 94 SuggestedName: "modem-manager-prod", 95 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 96 }, 97 Name: "modem-manager", 98 Interface: "modem-manager", 99 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 100 }, nil, nil) 101 102 release.OnClassic = false 103 104 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 105 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 106 107 apparmorSpec := &apparmor.Specification{} 108 err := apparmorSpec.AddConnectedPlug(s.iface, plug, slot) 109 c.Assert(err, IsNil) 110 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.modem-manager.mmcli"}) 111 c.Assert(apparmorSpec.SnippetForTag("snap.modem-manager.mmcli"), testutil.Contains, `peer=(label="snap.modem-manager-prod.*"),`) 112 } 113 114 // The label uses alternation when some, but not all, apps is bound to the modem-manager slot 115 func (s *ModemManagerInterfaceSuite) TestConnectedPlugSnippetUsesSlotLabelSome(c *C) { 116 app1 := &snap.AppInfo{Name: "app1"} 117 app2 := &snap.AppInfo{Name: "app2"} 118 app3 := &snap.AppInfo{Name: "app3"} 119 slot := interfaces.NewConnectedSlot(&snap.SlotInfo{ 120 Snap: &snap.Info{ 121 SuggestedName: "modem-manager", 122 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2, "app3": app3}, 123 }, 124 Name: "modem-manager", 125 Interface: "modem-manager", 126 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 127 }, nil, nil) 128 129 release.OnClassic = false 130 131 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 132 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 133 134 apparmorSpec := &apparmor.Specification{} 135 err := apparmorSpec.AddConnectedPlug(s.iface, plug, slot) 136 c.Assert(err, IsNil) 137 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.modem-manager.mmcli"}) 138 c.Assert(apparmorSpec.SnippetForTag("snap.modem-manager.mmcli"), testutil.Contains, `peer=(label="snap.modem-manager.{app1,app2}"),`) 139 } 140 141 // The label uses short form when exactly one app is bound to the modem-manager slot 142 func (s *ModemManagerInterfaceSuite) TestConnectedPlugSnippetUsesSlotLabelOne(c *C) { 143 app := &snap.AppInfo{Name: "app"} 144 slot := interfaces.NewConnectedSlot(&snap.SlotInfo{ 145 Snap: &snap.Info{ 146 SuggestedName: "modem-manager", 147 Apps: map[string]*snap.AppInfo{"app": app}, 148 }, 149 Name: "modem-manager", 150 Interface: "modem-manager", 151 Apps: map[string]*snap.AppInfo{"app": app}, 152 }, nil, nil) 153 154 release.OnClassic = false 155 156 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 157 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 158 159 apparmorSpec := &apparmor.Specification{} 160 err := apparmorSpec.AddConnectedPlug(s.iface, plug, slot) 161 c.Assert(err, IsNil) 162 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.modem-manager.mmcli"}) 163 c.Assert(apparmorSpec.SnippetForTag("snap.modem-manager.mmcli"), testutil.Contains, `peer=(label="snap.modem-manager.app"),`) 164 } 165 166 func (s *ModemManagerInterfaceSuite) TestConnectedPlugSnippetUsesUnconfinedLabelNot(c *C) { 167 release.OnClassic = false 168 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 169 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 170 171 apparmorSpec := &apparmor.Specification{} 172 err := apparmorSpec.AddConnectedPlug(s.iface, plug, s.slot) 173 c.Assert(err, IsNil) 174 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.modem-manager.mmcli"}) 175 snippet := apparmorSpec.SnippetForTag("snap.modem-manager.mmcli") 176 c.Assert(snippet, Not(testutil.Contains), "peer=(label=unconfined),") 177 c.Assert(snippet, testutil.Contains, "org/freedesktop/ModemManager1") 178 } 179 180 func (s *ModemManagerInterfaceSuite) TestConnectedPlugSnippetUsesUnconfinedLabelOnClassic(c *C) { 181 release.OnClassic = true 182 183 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 184 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 185 apparmorSpec := &apparmor.Specification{} 186 err := apparmorSpec.AddConnectedPlug(s.iface, plug, s.slot) 187 c.Assert(err, IsNil) 188 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.modem-manager.mmcli"}) 189 c.Assert(apparmorSpec.SnippetForTag("snap.modem-manager.mmcli"), testutil.Contains, "peer=(label=unconfined),") 190 } 191 192 func (s *ModemManagerInterfaceSuite) TestUsedSecuritySystems(c *C) { 193 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 194 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 195 apparmorSpec := &apparmor.Specification{} 196 err := apparmorSpec.AddConnectedPlug(s.iface, plug, s.slot) 197 c.Assert(err, IsNil) 198 c.Assert(apparmorSpec.SecurityTags(), HasLen, 1) 199 200 dbusSpec := &dbus.Specification{} 201 err = dbusSpec.AddConnectedPlug(s.iface, plug, s.slot) 202 c.Assert(err, IsNil) 203 c.Assert(dbusSpec.SecurityTags(), HasLen, 0) 204 205 dbusSpec = &dbus.Specification{} 206 err = dbusSpec.AddPermanentSlot(s.iface, s.slotInfo) 207 c.Assert(err, IsNil) 208 c.Assert(dbusSpec.SecurityTags(), HasLen, 1) 209 210 udevSpec := &udev.Specification{} 211 c.Assert(udevSpec.AddPermanentSlot(s.iface, s.slotInfo), IsNil) 212 c.Assert(udevSpec.Snippets(), HasLen, 3) 213 c.Assert(udevSpec.Snippets()[0], testutil.Contains, `SUBSYSTEMS=="usb"`) 214 c.Assert(udevSpec.Snippets(), testutil.Contains, `# modem-manager 215 KERNEL=="rfcomm*|tty[a-zA-Z]*[0-9]*|cdc-wdm[0-9]*|*MBIM|*QMI|*AT|*QCDM", TAG+="snap_modem-manager_mm"`) 216 c.Assert(udevSpec.Snippets(), testutil.Contains, fmt.Sprintf(`TAG=="snap_modem-manager_mm", RUN+="%v/snap-device-helper $env{ACTION} snap_modem-manager_mm $devpath $major:$minor"`, dirs.DistroLibExecDir)) 217 } 218 219 func (s *ModemManagerInterfaceSuite) TestPermanentSlotDBus(c *C) { 220 dbusSpec := &dbus.Specification{} 221 err := dbusSpec.AddPermanentSlot(s.iface, s.slotInfo) 222 c.Assert(err, IsNil) 223 c.Assert(dbusSpec.SecurityTags(), DeepEquals, []string{"snap.modem-manager.mm"}) 224 snippet := dbusSpec.SnippetForTag("snap.modem-manager.mm") 225 c.Assert(snippet, testutil.Contains, "allow own=\"org.freedesktop.ModemManager1\"") 226 c.Assert(snippet, testutil.Contains, "allow send_destination=\"org.freedesktop.ModemManager1\"") 227 } 228 229 func (s *ModemManagerInterfaceSuite) TestPermanentSlotSecComp(c *C) { 230 seccompSpec := &seccomp.Specification{} 231 err := seccompSpec.AddPermanentSlot(s.iface, s.slotInfo) 232 c.Assert(err, IsNil) 233 c.Assert(seccompSpec.SecurityTags(), DeepEquals, []string{"snap.modem-manager.mm"}) 234 c.Check(seccompSpec.SnippetForTag("snap.modem-manager.mm"), testutil.Contains, "listen\n") 235 } 236 237 func (s *ModemManagerInterfaceSuite) TestConnectedPlugDBus(c *C) { 238 release.OnClassic = false 239 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 240 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 241 242 dbusSpec := &dbus.Specification{} 243 err := dbusSpec.AddConnectedPlug(s.iface, plug, s.slot) 244 c.Assert(err, IsNil) 245 c.Assert(dbusSpec.SecurityTags(), DeepEquals, []string(nil)) 246 } 247 248 func (s *ModemManagerInterfaceSuite) TestConnectedPlugDBusClassic(c *C) { 249 plugSnap := snaptest.MockInfo(c, modemmgrMockPlugSnapInfoYaml, nil) 250 plug := interfaces.NewConnectedPlug(plugSnap.Plugs["modem-manager"], nil, nil) 251 252 release.OnClassic = true 253 dbusSpec := &dbus.Specification{} 254 err := dbusSpec.AddConnectedPlug(s.iface, plug, s.slot) 255 c.Assert(err, IsNil) 256 c.Assert(dbusSpec.SecurityTags(), DeepEquals, []string(nil)) 257 } 258 259 func (s *ModemManagerInterfaceSuite) TestInterfaces(c *C) { 260 c.Check(builtin.Interfaces(), testutil.DeepContains, s.iface) 261 }