github.com/hugh712/snapd@v0.0.0-20200910133618-1a99902bd583/interfaces/builtin/mir_test.go

github.com/hugh712/snapd@v0.0.0-20200910133618-1a99902bd583/interfaces/builtin/mir_test.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2016-2018 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package builtin_test
    21  
    22  import (
    23  	. "gopkg.in/check.v1"
    24  
    25  	"github.com/snapcore/snapd/interfaces"
    26  	"github.com/snapcore/snapd/interfaces/apparmor"
    27  	"github.com/snapcore/snapd/interfaces/builtin"
    28  	"github.com/snapcore/snapd/interfaces/seccomp"
    29  	"github.com/snapcore/snapd/interfaces/udev"
    30  	"github.com/snapcore/snapd/snap"
    31  	"github.com/snapcore/snapd/snap/snaptest"
    32  	"github.com/snapcore/snapd/testutil"
    33  )
    34  
    35  type MirInterfaceSuite struct {
    36  	iface           interfaces.Interface
    37  	coreSlotInfo    *snap.SlotInfo
    38  	coreSlot        *interfaces.ConnectedSlot
    39  	classicSlotInfo *snap.SlotInfo
    40  	classicSlot     *interfaces.ConnectedSlot
    41  	plugInfo        *snap.PlugInfo
    42  	plug            *interfaces.ConnectedPlug
    43  }
    44  
    45  var _ = Suite(&MirInterfaceSuite{
    46  	iface: builtin.MustInterface("mir"),
    47  })
    48  
    49  func (s *MirInterfaceSuite) SetUpTest(c *C) {
    50  	// a pulseaudio slot on the core snap (as automatically added on classic)
    51  	const mirMockClassicSlotSnapInfoYaml = `name: core
    52  version: 0
    53  type: os
    54  slots:
    55   mir:
    56    interface: mir
    57  `
    58  	const mirMockSlotSnapInfoYaml = `name: mir-server
    59  version: 1.0
    60  slots:
    61   mir:
    62    interface: mir
    63  apps:
    64   mir:
    65    command: foo
    66    slots: [mir]
    67  `
    68  	const mockPlugSnapInfoYaml = `name: other
    69  version: 1.0
    70  apps:
    71   app2:
    72    command: foo
    73    plugs: [mir]
    74  `
    75  	// mir snap with mir-server slot on an core/all-snap install.
    76  	snapInfo := snaptest.MockInfo(c, mirMockSlotSnapInfoYaml, nil)
    77  	s.coreSlotInfo = snapInfo.Slots["mir"]
    78  	s.coreSlot = interfaces.NewConnectedSlot(s.coreSlotInfo, nil, nil)
    79  	// mir slot on a core snap in a classic install.
    80  	snapInfo = snaptest.MockInfo(c, mirMockClassicSlotSnapInfoYaml, nil)
    81  	s.classicSlotInfo = snapInfo.Slots["mir"]
    82  	s.classicSlot = interfaces.NewConnectedSlot(s.classicSlotInfo, nil, nil)
    83  	// snap with the mir plug
    84  	snapInfo = snaptest.MockInfo(c, mockPlugSnapInfoYaml, nil)
    85  	s.plugInfo = snapInfo.Plugs["mir"]
    86  	s.plug = interfaces.NewConnectedPlug(s.plugInfo, nil, nil)
    87  }
    88  
    89  func (s *MirInterfaceSuite) TestName(c *C) {
    90  	c.Assert(s.iface.Name(), Equals, "mir")
    91  }
    92  
    93  func (s *MirInterfaceSuite) TestUsedSecuritySystems(c *C) {
    94  	apparmorSpec := &apparmor.Specification{}
    95  	err := apparmorSpec.AddPermanentSlot(s.iface, s.coreSlotInfo)
    96  	c.Assert(err, IsNil)
    97  	c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.mir-server.mir"})
    98  	c.Assert(apparmorSpec.SnippetForTag("snap.mir-server.mir"), testutil.Contains, "capability sys_tty_config")
    99  
   100  	apparmorSpec = &apparmor.Specification{}
   101  	err = apparmorSpec.AddPermanentSlot(s.iface, s.classicSlotInfo)
   102  	c.Assert(err, IsNil)
   103  	c.Assert(apparmorSpec.SecurityTags(), HasLen, 0)
   104  
   105  	apparmorSpec = &apparmor.Specification{}
   106  	err = apparmorSpec.AddConnectedSlot(s.iface, s.plug, s.coreSlot)
   107  	c.Assert(err, IsNil)
   108  	c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.mir-server.mir"})
   109  	c.Assert(apparmorSpec.SnippetForTag("snap.mir-server.mir"), testutil.Contains, "unix (receive, send) type=seqpacket addr=none peer=(label=\"snap.other")
   110  
   111  	apparmorSpec = &apparmor.Specification{}
   112  	err = apparmorSpec.AddConnectedPlug(s.iface, s.plug, s.coreSlot)
   113  	c.Assert(err, IsNil)
   114  	c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.other.app2"})
   115  	c.Assert(apparmorSpec.SnippetForTag("snap.other.app2"), testutil.Contains, "/run/mir_socket rw,")
   116  }
   117  
   118  const mirMockSlotSnapInfoYaml = `name: mir-server
   119  version: 1.0
   120  slots:
   121   mir-server:
   122    interface: mir
   123  apps:
   124   mir:
   125    command: foo
   126    slots:
   127     - mir-server
   128  `
   129  
   130  func (s *MirInterfaceSuite) TestSecComp(c *C) {
   131  	seccompSpec := &seccomp.Specification{}
   132  	err := seccompSpec.AddPermanentSlot(s.iface, s.coreSlotInfo)
   133  	c.Assert(err, IsNil)
   134  	c.Assert(seccompSpec.SecurityTags(), DeepEquals, []string{"snap.mir-server.mir"})
   135  	c.Check(seccompSpec.SnippetForTag("snap.mir-server.mir"), testutil.Contains, "listen\n")
   136  }
   137  
   138  func (s *MirInterfaceSuite) TestSecCompOnClassic(c *C) {
   139  	seccompSpec := &seccomp.Specification{}
   140  	err := seccompSpec.AddPermanentSlot(s.iface, s.classicSlotInfo)
   141  	c.Assert(err, IsNil)
   142  	snippets := seccompSpec.Snippets()
   143  	// no permanent seccomp snippet for the slot
   144  	c.Assert(len(snippets), Equals, 0)
   145  }
   146  
   147  func (s *MirInterfaceSuite) TestUDevSpec(c *C) {
   148  	udevSpec := &udev.Specification{}
   149  	c.Assert(udevSpec.AddPermanentSlot(s.iface, s.coreSlotInfo), IsNil)
   150  	c.Assert(udevSpec.Snippets(), HasLen, 6)
   151  	c.Assert(udevSpec.Snippets(), testutil.Contains, `# mir
   152  KERNEL=="tty[0-9]*", TAG+="snap_mir-server_mir"`)
   153  	c.Assert(udevSpec.Snippets(), testutil.Contains, `# mir
   154  KERNEL=="mice", TAG+="snap_mir-server_mir"`)
   155  	c.Assert(udevSpec.Snippets(), testutil.Contains, `# mir
   156  KERNEL=="mouse[0-9]*", TAG+="snap_mir-server_mir"`)
   157  	c.Assert(udevSpec.Snippets(), testutil.Contains, `# mir
   158  KERNEL=="event[0-9]*", TAG+="snap_mir-server_mir"`)
   159  	c.Assert(udevSpec.Snippets(), testutil.Contains, `# mir
   160  KERNEL=="ts[0-9]*", TAG+="snap_mir-server_mir"`)
   161  	c.Assert(udevSpec.Snippets(), testutil.Contains, `TAG=="snap_mir-server_mir", RUN+="/usr/lib/snapd/snap-device-helper $env{ACTION} snap_mir-server_mir $devpath $major:$minor"`)
   162  	c.Assert(udevSpec.TriggeredSubsystems(), DeepEquals, []string{"input"})
   163  }
   164  
   165  func (s *MirInterfaceSuite) TestInterfaces(c *C) {
   166  	c.Check(builtin.Interfaces(), testutil.DeepContains, s.iface)
   167  }