Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/security/apparmor/policy_unpack_test.c
26378 views
1
// SPDX-License-Identifier: GPL-2.0-only

2
/*

3
 * KUnit tests for AppArmor's policy unpack.

4
 */

5


6
#include <kunit/test.h>

7
#include <kunit/visibility.h>

8


9
#include "include/policy.h"

10
#include "include/policy_unpack.h"

11


12
#include <linux/unaligned.h>

13


14
#define TEST_STRING_NAME "TEST_STRING"

15
#define TEST_STRING_DATA "testing"

16
#define TEST_STRING_BUF_OFFSET \

17
	(3 + strlen(TEST_STRING_NAME) + 1)

18


19
#define TEST_U32_NAME "U32_TEST"

20
#define TEST_U32_DATA ((u32)0x01020304)

21
#define TEST_NAMED_U32_BUF_OFFSET \

22
	(TEST_STRING_BUF_OFFSET + 3 + strlen(TEST_STRING_DATA) + 1)

23
#define TEST_U32_BUF_OFFSET \

24
	(TEST_NAMED_U32_BUF_OFFSET + 3 + strlen(TEST_U32_NAME) + 1)

25


26
#define TEST_U16_OFFSET (TEST_U32_BUF_OFFSET + 3)

27
#define TEST_U16_DATA ((u16)(TEST_U32_DATA >> 16))

28


29
#define TEST_U64_NAME "U64_TEST"

30
#define TEST_U64_DATA ((u64)0x0102030405060708)

31
#define TEST_NAMED_U64_BUF_OFFSET (TEST_U32_BUF_OFFSET + sizeof(u32) + 1)

32
#define TEST_U64_BUF_OFFSET \

33
	(TEST_NAMED_U64_BUF_OFFSET + 3 + strlen(TEST_U64_NAME) + 1)

34


35
#define TEST_BLOB_NAME "BLOB_TEST"

36
#define TEST_BLOB_DATA "\xde\xad\x00\xbe\xef"

37
#define TEST_BLOB_DATA_SIZE (ARRAY_SIZE(TEST_BLOB_DATA))

38
#define TEST_NAMED_BLOB_BUF_OFFSET (TEST_U64_BUF_OFFSET + sizeof(u64) + 1)

39
#define TEST_BLOB_BUF_OFFSET \

40
	(TEST_NAMED_BLOB_BUF_OFFSET + 3 + strlen(TEST_BLOB_NAME) + 1)

41


42
#define TEST_ARRAY_NAME "ARRAY_TEST"

43
#define TEST_ARRAY_SIZE 16

44
#define TEST_NAMED_ARRAY_BUF_OFFSET \

45
	(TEST_BLOB_BUF_OFFSET + 5 + TEST_BLOB_DATA_SIZE)

46
#define TEST_ARRAY_BUF_OFFSET \

47
	(TEST_NAMED_ARRAY_BUF_OFFSET + 3 + strlen(TEST_ARRAY_NAME) + 1)

48


49
MODULE_IMPORT_NS("EXPORTED_FOR_KUNIT_TESTING");

50


51
struct policy_unpack_fixture {

52
	struct aa_ext *e;

53
	size_t e_size;

54
};

55


56
static struct aa_ext *build_aa_ext_struct(struct policy_unpack_fixture *puf,

57
					  struct kunit *test, size_t buf_size)

58
{

59
	char *buf;

60
	struct aa_ext *e;

61


62
	buf = kunit_kzalloc(test, buf_size, GFP_USER);

63
	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, buf);

64


65
	e = kunit_kmalloc(test, sizeof(*e), GFP_USER);

66
	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, e);

67


68
	e->start = buf;

69
	e->end = e->start + buf_size;

70
	e->pos = e->start;

71


72
	*buf = AA_NAME;

73
	*(buf + 1) = strlen(TEST_STRING_NAME) + 1;

74
	strscpy(buf + 3, TEST_STRING_NAME, e->end - (void *)(buf + 3));

75


76
	buf = e->start + TEST_STRING_BUF_OFFSET;

77
	*buf = AA_STRING;

78
	*(buf + 1) = strlen(TEST_STRING_DATA) + 1;

79
	strscpy(buf + 3, TEST_STRING_DATA, e->end - (void *)(buf + 3));

80
	buf = e->start + TEST_NAMED_U32_BUF_OFFSET;

81
	*buf = AA_NAME;

82
	*(buf + 1) = strlen(TEST_U32_NAME) + 1;

83
	strscpy(buf + 3, TEST_U32_NAME, e->end - (void *)(buf + 3));

84
	*(buf + 3 + strlen(TEST_U32_NAME) + 1) = AA_U32;

85
	put_unaligned_le32(TEST_U32_DATA, buf + 3 + strlen(TEST_U32_NAME) + 2);

86


87
	buf = e->start + TEST_NAMED_U64_BUF_OFFSET;

88
	*buf = AA_NAME;

89
	*(buf + 1) = strlen(TEST_U64_NAME) + 1;

90
	strscpy(buf + 3, TEST_U64_NAME, e->end - (void *)(buf + 3));

91
	*(buf + 3 + strlen(TEST_U64_NAME) + 1) = AA_U64;

92
	*((__le64 *)(buf + 3 + strlen(TEST_U64_NAME) + 2)) = cpu_to_le64(TEST_U64_DATA);

93


94
	buf = e->start + TEST_NAMED_BLOB_BUF_OFFSET;

95
	*buf = AA_NAME;

96
	*(buf + 1) = strlen(TEST_BLOB_NAME) + 1;

97
	strscpy(buf + 3, TEST_BLOB_NAME, e->end - (void *)(buf + 3));

98
	*(buf + 3 + strlen(TEST_BLOB_NAME) + 1) = AA_BLOB;

99
	*(buf + 3 + strlen(TEST_BLOB_NAME) + 2) = TEST_BLOB_DATA_SIZE;

100
	memcpy(buf + 3 + strlen(TEST_BLOB_NAME) + 6,

101
		TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE);

102


103
	buf = e->start + TEST_NAMED_ARRAY_BUF_OFFSET;

104
	*buf = AA_NAME;

105
	*(buf + 1) = strlen(TEST_ARRAY_NAME) + 1;

106
	strscpy(buf + 3, TEST_ARRAY_NAME, e->end - (void *)(buf + 3));

107
	*(buf + 3 + strlen(TEST_ARRAY_NAME) + 1) = AA_ARRAY;

108
	put_unaligned_le16(TEST_ARRAY_SIZE, buf + 3 + strlen(TEST_ARRAY_NAME) + 2);

109


110
	return e;

111
}

112


113
static int policy_unpack_test_init(struct kunit *test)

114
{

115
	size_t e_size = TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1;

116
	struct policy_unpack_fixture *puf;

117


118
	puf = kunit_kmalloc(test, sizeof(*puf), GFP_USER);

119
	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, puf);

120


121
	puf->e_size = e_size;

122
	puf->e = build_aa_ext_struct(puf, test, e_size);

123


124
	test->priv = puf;

125
	return 0;

126
}

127


128
static void policy_unpack_test_inbounds_when_inbounds(struct kunit *test)

129
{

130
	struct policy_unpack_fixture *puf = test->priv;

131


132
	KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, 0));

133
	KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size / 2));

134
	KUNIT_EXPECT_TRUE(test, aa_inbounds(puf->e, puf->e_size));

135
}

136


137
static void policy_unpack_test_inbounds_when_out_of_bounds(struct kunit *test)

138
{

139
	struct policy_unpack_fixture *puf = test->priv;

140


141
	KUNIT_EXPECT_FALSE(test, aa_inbounds(puf->e, puf->e_size + 1));

142
}

143


144
static void policy_unpack_test_unpack_array_with_null_name(struct kunit *test)

145
{

146
	struct policy_unpack_fixture *puf = test->priv;

147
	u16 array_size = 0;

148


149
	puf->e->pos += TEST_ARRAY_BUF_OFFSET;

150


151
	KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, NULL, &array_size));

152
	KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE);

153
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

154
		puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1);

155
}

156


157
static void policy_unpack_test_unpack_array_with_name(struct kunit *test)

158
{

159
	struct policy_unpack_fixture *puf = test->priv;

160
	const char name[] = TEST_ARRAY_NAME;

161
	u16 array_size = 0;

162


163
	puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET;

164


165
	KUNIT_EXPECT_TRUE(test, aa_unpack_array(puf->e, name, &array_size));

166
	KUNIT_EXPECT_EQ(test, array_size, (u16)TEST_ARRAY_SIZE);

167
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

168
		puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16) + 1);

169
}

170


171
static void policy_unpack_test_unpack_array_out_of_bounds(struct kunit *test)

172
{

173
	struct policy_unpack_fixture *puf = test->priv;

174
	const char name[] = TEST_ARRAY_NAME;

175
	u16 array_size;

176


177
	puf->e->pos += TEST_NAMED_ARRAY_BUF_OFFSET;

178
	puf->e->end = puf->e->start + TEST_ARRAY_BUF_OFFSET + sizeof(u16);

179


180
	KUNIT_EXPECT_FALSE(test, aa_unpack_array(puf->e, name, &array_size));

181
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

182
		puf->e->start + TEST_NAMED_ARRAY_BUF_OFFSET);

183
}

184


185
static void policy_unpack_test_unpack_blob_with_null_name(struct kunit *test)

186
{

187
	struct policy_unpack_fixture *puf = test->priv;

188
	char *blob = NULL;

189
	size_t size;

190


191
	puf->e->pos += TEST_BLOB_BUF_OFFSET;

192
	size = aa_unpack_blob(puf->e, &blob, NULL);

193


194
	KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE);

195
	KUNIT_EXPECT_TRUE(test,

196
		memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == 0);

197
}

198


199
static void policy_unpack_test_unpack_blob_with_name(struct kunit *test)

200
{

201
	struct policy_unpack_fixture *puf = test->priv;

202
	char *blob = NULL;

203
	size_t size;

204


205
	puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET;

206
	size = aa_unpack_blob(puf->e, &blob, TEST_BLOB_NAME);

207


208
	KUNIT_ASSERT_EQ(test, size, TEST_BLOB_DATA_SIZE);

209
	KUNIT_EXPECT_TRUE(test,

210
		memcmp(blob, TEST_BLOB_DATA, TEST_BLOB_DATA_SIZE) == 0);

211
}

212


213
static void policy_unpack_test_unpack_blob_out_of_bounds(struct kunit *test)

214
{

215
	struct policy_unpack_fixture *puf = test->priv;

216
	char *blob = NULL;

217
	void *start;

218
	int size;

219


220
	puf->e->pos += TEST_NAMED_BLOB_BUF_OFFSET;

221
	start = puf->e->pos;

222
	puf->e->end = puf->e->start + TEST_BLOB_BUF_OFFSET

223
		+ TEST_BLOB_DATA_SIZE - 1;

224


225
	size = aa_unpack_blob(puf->e, &blob, TEST_BLOB_NAME);

226


227
	KUNIT_EXPECT_EQ(test, size, 0);

228
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);

229
}

230


231
static void policy_unpack_test_unpack_str_with_null_name(struct kunit *test)

232
{

233
	struct policy_unpack_fixture *puf = test->priv;

234
	const char *string = NULL;

235
	size_t size;

236


237
	puf->e->pos += TEST_STRING_BUF_OFFSET;

238
	size = aa_unpack_str(puf->e, &string, NULL);

239


240
	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);

241
	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);

242
}

243


244
static void policy_unpack_test_unpack_str_with_name(struct kunit *test)

245
{

246
	struct policy_unpack_fixture *puf = test->priv;

247
	const char *string = NULL;

248
	size_t size;

249


250
	size = aa_unpack_str(puf->e, &string, TEST_STRING_NAME);

251


252
	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);

253
	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);

254
}

255


256
static void policy_unpack_test_unpack_str_out_of_bounds(struct kunit *test)

257
{

258
	struct policy_unpack_fixture *puf = test->priv;

259
	const char *string = NULL;

260
	void *start = puf->e->pos;

261
	int size;

262


263
	puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET

264
		+ strlen(TEST_STRING_DATA) - 1;

265


266
	size = aa_unpack_str(puf->e, &string, TEST_STRING_NAME);

267


268
	KUNIT_EXPECT_EQ(test, size, 0);

269
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);

270
}

271


272
static void policy_unpack_test_unpack_strdup_with_null_name(struct kunit *test)

273
{

274
	struct policy_unpack_fixture *puf = test->priv;

275
	char *string = NULL;

276
	size_t size;

277


278
	puf->e->pos += TEST_STRING_BUF_OFFSET;

279
	size = aa_unpack_strdup(puf->e, &string, NULL);

280


281
	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);

282
	KUNIT_EXPECT_FALSE(test,

283
			   ((uintptr_t)puf->e->start <= (uintptr_t)string)

284
			   && ((uintptr_t)string <= (uintptr_t)puf->e->end));

285
	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);

286


287
	kfree(string);

288
}

289


290
static void policy_unpack_test_unpack_strdup_with_name(struct kunit *test)

291
{

292
	struct policy_unpack_fixture *puf = test->priv;

293
	char *string = NULL;

294
	size_t size;

295


296
	size = aa_unpack_strdup(puf->e, &string, TEST_STRING_NAME);

297


298
	KUNIT_EXPECT_EQ(test, size, strlen(TEST_STRING_DATA) + 1);

299
	KUNIT_EXPECT_FALSE(test,

300
			   ((uintptr_t)puf->e->start <= (uintptr_t)string)

301
			   && ((uintptr_t)string <= (uintptr_t)puf->e->end));

302
	KUNIT_EXPECT_STREQ(test, string, TEST_STRING_DATA);

303


304
	kfree(string);

305
}

306


307
static void policy_unpack_test_unpack_strdup_out_of_bounds(struct kunit *test)

308
{

309
	struct policy_unpack_fixture *puf = test->priv;

310
	void *start = puf->e->pos;

311
	char *string = NULL;

312
	int size;

313


314
	puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET

315
		+ strlen(TEST_STRING_DATA) - 1;

316


317
	size = aa_unpack_strdup(puf->e, &string, TEST_STRING_NAME);

318


319
	KUNIT_EXPECT_EQ(test, size, 0);

320
	KUNIT_EXPECT_NULL(test, string);

321
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, start);

322


323
	kfree(string);

324
}

325


326
static void policy_unpack_test_unpack_nameX_with_null_name(struct kunit *test)

327
{

328
	struct policy_unpack_fixture *puf = test->priv;

329
	bool success;

330


331
	puf->e->pos += TEST_U32_BUF_OFFSET;

332


333
	success = aa_unpack_nameX(puf->e, AA_U32, NULL);

334


335
	KUNIT_EXPECT_TRUE(test, success);

336
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

337
			    puf->e->start + TEST_U32_BUF_OFFSET + 1);

338
}

339


340
static void policy_unpack_test_unpack_nameX_with_wrong_code(struct kunit *test)

341
{

342
	struct policy_unpack_fixture *puf = test->priv;

343
	bool success;

344


345
	puf->e->pos += TEST_U32_BUF_OFFSET;

346


347
	success = aa_unpack_nameX(puf->e, AA_BLOB, NULL);

348


349
	KUNIT_EXPECT_FALSE(test, success);

350
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

351
			    puf->e->start + TEST_U32_BUF_OFFSET);

352
}

353


354
static void policy_unpack_test_unpack_nameX_with_name(struct kunit *test)

355
{

356
	struct policy_unpack_fixture *puf = test->priv;

357
	const char name[] = TEST_U32_NAME;

358
	bool success;

359


360
	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;

361


362
	success = aa_unpack_nameX(puf->e, AA_U32, name);

363


364
	KUNIT_EXPECT_TRUE(test, success);

365
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

366
			    puf->e->start + TEST_U32_BUF_OFFSET + 1);

367
}

368


369
static void policy_unpack_test_unpack_nameX_with_wrong_name(struct kunit *test)

370
{

371
	struct policy_unpack_fixture *puf = test->priv;

372
	static const char name[] = "12345678";

373
	bool success;

374


375
	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;

376


377
	success = aa_unpack_nameX(puf->e, AA_U32, name);

378


379
	KUNIT_EXPECT_FALSE(test, success);

380
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

381
			    puf->e->start + TEST_NAMED_U32_BUF_OFFSET);

382
}

383


384
static void policy_unpack_test_unpack_u16_chunk_basic(struct kunit *test)

385
{

386
	struct policy_unpack_fixture *puf = test->priv;

387
	char *chunk = NULL;

388
	size_t size;

389


390
	puf->e->pos += TEST_U16_OFFSET;

391
	/*

392
	 * WARNING: For unit testing purposes, we're pushing puf->e->end past

393
	 * the end of the allocated memory. Doing anything other than comparing

394
	 * memory addresses is dangerous.

395
	 */

396
	puf->e->end += TEST_U16_DATA;

397


398
	size = aa_unpack_u16_chunk(puf->e, &chunk);

399


400
	KUNIT_EXPECT_PTR_EQ(test, chunk,

401
			    puf->e->start + TEST_U16_OFFSET + 2);

402
	KUNIT_EXPECT_EQ(test, size, TEST_U16_DATA);

403
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, (chunk + TEST_U16_DATA));

404
}

405


406
static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_1(

407
		struct kunit *test)

408
{

409
	struct policy_unpack_fixture *puf = test->priv;

410
	char *chunk = NULL;

411
	size_t size;

412


413
	puf->e->pos = puf->e->end - 1;

414


415
	size = aa_unpack_u16_chunk(puf->e, &chunk);

416


417
	KUNIT_EXPECT_EQ(test, size, 0);

418
	KUNIT_EXPECT_NULL(test, chunk);

419
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->end - 1);

420
}

421


422
static void policy_unpack_test_unpack_u16_chunk_out_of_bounds_2(

423
		struct kunit *test)

424
{

425
	struct policy_unpack_fixture *puf = test->priv;

426
	char *chunk = NULL;

427
	size_t size;

428


429
	puf->e->pos += TEST_U16_OFFSET;

430
	/*

431
	 * WARNING: For unit testing purposes, we're pushing puf->e->end past

432
	 * the end of the allocated memory. Doing anything other than comparing

433
	 * memory addresses is dangerous.

434
	 */

435
	puf->e->end = puf->e->pos + TEST_U16_DATA - 1;

436


437
	size = aa_unpack_u16_chunk(puf->e, &chunk);

438


439
	KUNIT_EXPECT_EQ(test, size, 0);

440
	KUNIT_EXPECT_NULL(test, chunk);

441
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos, puf->e->start + TEST_U16_OFFSET);

442
}

443


444
static void policy_unpack_test_unpack_u32_with_null_name(struct kunit *test)

445
{

446
	struct policy_unpack_fixture *puf = test->priv;

447
	bool success;

448
	u32 data = 0;

449


450
	puf->e->pos += TEST_U32_BUF_OFFSET;

451


452
	success = aa_unpack_u32(puf->e, &data, NULL);

453


454
	KUNIT_EXPECT_TRUE(test, success);

455
	KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA);

456
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

457
			puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + 1);

458
}

459


460
static void policy_unpack_test_unpack_u32_with_name(struct kunit *test)

461
{

462
	struct policy_unpack_fixture *puf = test->priv;

463
	const char name[] = TEST_U32_NAME;

464
	bool success;

465
	u32 data = 0;

466


467
	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;

468


469
	success = aa_unpack_u32(puf->e, &data, name);

470


471
	KUNIT_EXPECT_TRUE(test, success);

472
	KUNIT_EXPECT_EQ(test, data, TEST_U32_DATA);

473
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

474
			puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32) + 1);

475
}

476


477
static void policy_unpack_test_unpack_u32_out_of_bounds(struct kunit *test)

478
{

479
	struct policy_unpack_fixture *puf = test->priv;

480
	const char name[] = TEST_U32_NAME;

481
	bool success;

482
	u32 data = 0;

483


484
	puf->e->pos += TEST_NAMED_U32_BUF_OFFSET;

485
	puf->e->end = puf->e->start + TEST_U32_BUF_OFFSET + sizeof(u32);

486


487
	success = aa_unpack_u32(puf->e, &data, name);

488


489
	KUNIT_EXPECT_FALSE(test, success);

490
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

491
			puf->e->start + TEST_NAMED_U32_BUF_OFFSET);

492
}

493


494
static void policy_unpack_test_unpack_u64_with_null_name(struct kunit *test)

495
{

496
	struct policy_unpack_fixture *puf = test->priv;

497
	bool success;

498
	u64 data = 0;

499


500
	puf->e->pos += TEST_U64_BUF_OFFSET;

501


502
	success = aa_unpack_u64(puf->e, &data, NULL);

503


504
	KUNIT_EXPECT_TRUE(test, success);

505
	KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA);

506
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

507
			puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + 1);

508
}

509


510
static void policy_unpack_test_unpack_u64_with_name(struct kunit *test)

511
{

512
	struct policy_unpack_fixture *puf = test->priv;

513
	const char name[] = TEST_U64_NAME;

514
	bool success;

515
	u64 data = 0;

516


517
	puf->e->pos += TEST_NAMED_U64_BUF_OFFSET;

518


519
	success = aa_unpack_u64(puf->e, &data, name);

520


521
	KUNIT_EXPECT_TRUE(test, success);

522
	KUNIT_EXPECT_EQ(test, data, TEST_U64_DATA);

523
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

524
			puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64) + 1);

525
}

526


527
static void policy_unpack_test_unpack_u64_out_of_bounds(struct kunit *test)

528
{

529
	struct policy_unpack_fixture *puf = test->priv;

530
	const char name[] = TEST_U64_NAME;

531
	bool success;

532
	u64 data = 0;

533


534
	puf->e->pos += TEST_NAMED_U64_BUF_OFFSET;

535
	puf->e->end = puf->e->start + TEST_U64_BUF_OFFSET + sizeof(u64);

536


537
	success = aa_unpack_u64(puf->e, &data, name);

538


539
	KUNIT_EXPECT_FALSE(test, success);

540
	KUNIT_EXPECT_PTR_EQ(test, puf->e->pos,

541
			puf->e->start + TEST_NAMED_U64_BUF_OFFSET);

542
}

543


544
static void policy_unpack_test_unpack_X_code_match(struct kunit *test)

545
{

546
	struct policy_unpack_fixture *puf = test->priv;

547
	bool success = aa_unpack_X(puf->e, AA_NAME);

548


549
	KUNIT_EXPECT_TRUE(test, success);

550
	KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start + 1);

551
}

552


553
static void policy_unpack_test_unpack_X_code_mismatch(struct kunit *test)

554
{

555
	struct policy_unpack_fixture *puf = test->priv;

556
	bool success = aa_unpack_X(puf->e, AA_STRING);

557


558
	KUNIT_EXPECT_FALSE(test, success);

559
	KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start);

560
}

561


562
static void policy_unpack_test_unpack_X_out_of_bounds(struct kunit *test)

563
{

564
	struct policy_unpack_fixture *puf = test->priv;

565
	bool success;

566


567
	puf->e->pos = puf->e->end;

568
	success = aa_unpack_X(puf->e, AA_NAME);

569


570
	KUNIT_EXPECT_FALSE(test, success);

571
}

572


573
static struct kunit_case apparmor_policy_unpack_test_cases[] = {

574
	KUNIT_CASE(policy_unpack_test_inbounds_when_inbounds),

575
	KUNIT_CASE(policy_unpack_test_inbounds_when_out_of_bounds),

576
	KUNIT_CASE(policy_unpack_test_unpack_array_with_null_name),

577
	KUNIT_CASE(policy_unpack_test_unpack_array_with_name),

578
	KUNIT_CASE(policy_unpack_test_unpack_array_out_of_bounds),

579
	KUNIT_CASE(policy_unpack_test_unpack_blob_with_null_name),

580
	KUNIT_CASE(policy_unpack_test_unpack_blob_with_name),

581
	KUNIT_CASE(policy_unpack_test_unpack_blob_out_of_bounds),

582
	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_null_name),

583
	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_code),

584
	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_name),

585
	KUNIT_CASE(policy_unpack_test_unpack_nameX_with_wrong_name),

586
	KUNIT_CASE(policy_unpack_test_unpack_str_with_null_name),

587
	KUNIT_CASE(policy_unpack_test_unpack_str_with_name),

588
	KUNIT_CASE(policy_unpack_test_unpack_str_out_of_bounds),

589
	KUNIT_CASE(policy_unpack_test_unpack_strdup_with_null_name),

590
	KUNIT_CASE(policy_unpack_test_unpack_strdup_with_name),

591
	KUNIT_CASE(policy_unpack_test_unpack_strdup_out_of_bounds),

592
	KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_basic),

593
	KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_1),

594
	KUNIT_CASE(policy_unpack_test_unpack_u16_chunk_out_of_bounds_2),

595
	KUNIT_CASE(policy_unpack_test_unpack_u32_with_null_name),

596
	KUNIT_CASE(policy_unpack_test_unpack_u32_with_name),

597
	KUNIT_CASE(policy_unpack_test_unpack_u32_out_of_bounds),

598
	KUNIT_CASE(policy_unpack_test_unpack_u64_with_null_name),

599
	KUNIT_CASE(policy_unpack_test_unpack_u64_with_name),

600
	KUNIT_CASE(policy_unpack_test_unpack_u64_out_of_bounds),

601
	KUNIT_CASE(policy_unpack_test_unpack_X_code_match),

602
	KUNIT_CASE(policy_unpack_test_unpack_X_code_mismatch),

603
	KUNIT_CASE(policy_unpack_test_unpack_X_out_of_bounds),

604
	{},

605
};

606


607
static struct kunit_suite apparmor_policy_unpack_test_module = {

608
	.name = "apparmor_policy_unpack",

609
	.init = policy_unpack_test_init,

610
	.test_cases = apparmor_policy_unpack_test_cases,

611
};

612


613
kunit_test_suite(apparmor_policy_unpack_test_module);

614


615
MODULE_DESCRIPTION("KUnit tests for AppArmor's policy unpack");

616
MODULE_LICENSE("GPL");

617


618