1/* 2 * Copyright 2011 Tresys Technology, LLC. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * 1. Redistributions of source code must retain the above copyright notice, 8 * this list of conditions and the following disclaimer. 9 * 10 * 2. Redistributions in binary form must reproduce the above copyright notice, 11 * this list of conditions and the following disclaimer in the documentation 12 * and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS 15 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 16 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO 17 * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 18 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 19 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 21 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE 22 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 23 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 * 25 * The views and conclusions contained in the software and documentation are those 26 * of the authors and should not be interpreted as representing official policies, 27 * either expressed or implied, of Tresys Technology, LLC. 28 */ 29 30#include <sepol/policydb/policydb.h> 31 32#include "CuTest.h" 33#include "CilTest.h" 34#include "test_cil_post.h" 35 36#include "../../src/cil_post.h" 37#include "../../src/cil_internal.h" 38 39void test_cil_post_filecon_compare_meta_a_not_b(CuTest *tc) { 40 struct cil_filecon *afilecon; 41 cil_filecon_init(&afilecon); 42 43 struct cil_filecon *bfilecon; 44 cil_filecon_init(&bfilecon); 45 46 afilecon->root_str = "ba.r"; 47 afilecon->path_str = "foo"; 48 49 bfilecon->root_str = "barr"; 50 bfilecon->path_str = "foo"; 51 52 53 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 54 CuAssertTrue(tc, rc < 0); 55} 56 57void test_cil_post_filecon_compare_meta_b_not_a(CuTest *tc) { 58 struct cil_filecon *afilecon; 59 cil_filecon_init(&afilecon); 60 61 struct cil_filecon *bfilecon; 62 cil_filecon_init(&bfilecon); 63 64 afilecon->root_str = "bar"; 65 afilecon->path_str = "foo"; 66 67 bfilecon->root_str = "ba.rr"; 68 bfilecon->path_str = "foo"; 69 70 71 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 72 CuAssertTrue(tc, rc > 0); 73} 74 75void test_cil_post_filecon_compare_meta_a_and_b_strlen_a_greater_b(CuTest *tc) { 76 struct cil_filecon *afilecon; 77 cil_filecon_init(&afilecon); 78 79 struct cil_filecon *bfilecon; 80 cil_filecon_init(&bfilecon); 81 82 afilecon->root_str = ".\\$"; 83 afilecon->path_str = ".$({"; 84 85 bfilecon->root_str = ".?"; 86 bfilecon->path_str = "."; 87 88 89 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 90 CuAssertTrue(tc, rc > 0); 91} 92 93void test_cil_post_filecon_compare_type_atype_greater_btype(CuTest *tc) { 94 struct cil_filecon *afilecon; 95 cil_filecon_init(&afilecon); 96 97 struct cil_filecon *bfilecon; 98 cil_filecon_init(&bfilecon); 99 100 afilecon->root_str = ".\\$"; 101 afilecon->path_str = ".$({"; 102 afilecon->type = CIL_FILECON_CHAR; 103 104 bfilecon->root_str = ".\\$"; 105 bfilecon->path_str = ".$({"; 106 bfilecon->type = CIL_FILECON_DIR; 107 108 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 109 CuAssertTrue(tc, rc > 0); 110} 111 112void test_cil_post_filecon_compare_type_btype_greater_atype(CuTest *tc) { 113 struct cil_filecon *afilecon; 114 cil_filecon_init(&afilecon); 115 116 struct cil_filecon *bfilecon; 117 cil_filecon_init(&bfilecon); 118 119 afilecon->root_str = ".\\$"; 120 afilecon->path_str = ".$({"; 121 afilecon->type = CIL_FILECON_DIR; 122 123 bfilecon->root_str = ".\\$"; 124 bfilecon->path_str = ".$({"; 125 bfilecon->type = CIL_FILECON_CHAR; 126 127 128 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 129 CuAssertTrue(tc, rc < 0); 130} 131 132void test_cil_post_filecon_compare_meta_a_and_b_strlen_b_greater_a(CuTest *tc) { 133 struct cil_filecon *afilecon; 134 cil_filecon_init(&afilecon); 135 136 struct cil_filecon *bfilecon; 137 cil_filecon_init(&bfilecon); 138 139 afilecon->root_str = "."; 140 afilecon->path_str = "."; 141 142 bfilecon->root_str = ".*+|[({"; 143 bfilecon->path_str = "."; 144 145 146 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 147 CuAssertTrue(tc, rc < 0); 148} 149 150void test_cil_post_filecon_compare_stemlen_a_greater_b(CuTest *tc) { 151 struct cil_filecon *afilecon; 152 cil_filecon_init(&afilecon); 153 154 struct cil_filecon *bfilecon; 155 cil_filecon_init(&bfilecon); 156 157 afilecon->root_str = "bar"; 158 afilecon->path_str = "foo"; 159 160 bfilecon->root_str = "barr"; 161 bfilecon->path_str = "foo"; 162 163 164 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 165 CuAssertTrue(tc, rc < 0); 166} 167 168void test_cil_post_filecon_compare_stemlen_b_greater_a(CuTest *tc) { 169 struct cil_filecon *afilecon; 170 cil_filecon_init(&afilecon); 171 172 struct cil_filecon *bfilecon; 173 cil_filecon_init(&bfilecon); 174 175 afilecon->root_str = "barre"; 176 afilecon->path_str = "foo"; 177 178 bfilecon->root_str = "barr"; 179 bfilecon->path_str = "foo"; 180 181 182 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 183 CuAssertTrue(tc, rc > 0); 184} 185 186void test_cil_post_filecon_compare_equal(CuTest *tc) { 187 struct cil_filecon *afilecon; 188 cil_filecon_init(&afilecon); 189 190 struct cil_filecon *bfilecon; 191 cil_filecon_init(&bfilecon); 192 193 afilecon->root_str = ".\\$"; 194 afilecon->path_str = ".$({"; 195 afilecon->type = CIL_FILECON_DIR; 196 197 bfilecon->root_str = ".\\$"; 198 bfilecon->path_str = ".$({"; 199 bfilecon->type = CIL_FILECON_DIR; 200 201 202 int rc = cil_post_filecon_compare(&afilecon, &bfilecon); 203 CuAssertIntEquals(tc, 0, rc); 204} 205 206void test_cil_post_portcon_compare_atotal_greater_btotal(CuTest *tc) { 207 struct cil_portcon *aportcon; 208 cil_portcon_init(&aportcon); 209 210 struct cil_portcon *bportcon; 211 cil_portcon_init(&bportcon); 212 213 aportcon->port_low = 15; 214 aportcon->port_high = 30; 215 216 bportcon->port_low = 10; 217 bportcon->port_high = 11; 218 219 int rc = cil_post_portcon_compare(&aportcon, &bportcon); 220 CuAssertTrue(tc, rc > 0); 221} 222 223void test_cil_post_portcon_compare_btotal_greater_atotal(CuTest *tc) { 224 struct cil_portcon *aportcon; 225 cil_portcon_init(&aportcon); 226 227 struct cil_portcon *bportcon; 228 cil_portcon_init(&bportcon); 229 230 aportcon->port_low = 5; 231 aportcon->port_high = 5; 232 233 bportcon->port_low = 11; 234 bportcon->port_high = 20; 235 236 int rc = cil_post_portcon_compare(&aportcon, &bportcon); 237 CuAssertTrue(tc, rc < 0); 238} 239 240void test_cil_post_portcon_compare_aportlow_greater_bportlow(CuTest *tc) { 241 struct cil_portcon *aportcon; 242 cil_portcon_init(&aportcon); 243 244 struct cil_portcon *bportcon; 245 cil_portcon_init(&bportcon); 246 247 aportcon->port_low = 30; 248 aportcon->port_high = 33; 249 250 bportcon->port_low = 17; 251 bportcon->port_high = 20; 252 253 int rc = cil_post_portcon_compare(&aportcon, &bportcon); 254 CuAssertTrue(tc, rc > 0); 255} 256 257void test_cil_post_portcon_compare_bportlow_greater_aportlow(CuTest *tc) { 258 struct cil_portcon *aportcon; 259 cil_portcon_init(&aportcon); 260 261 struct cil_portcon *bportcon; 262 cil_portcon_init(&bportcon); 263 264 aportcon->port_low = 5; 265 aportcon->port_high = 8; 266 267 bportcon->port_low = 17; 268 bportcon->port_high = 20; 269 270 int rc = cil_post_portcon_compare(&aportcon, &bportcon); 271 CuAssertTrue(tc, rc < 0); 272} 273 274void test_cil_post_portcon_compare_equal(CuTest *tc) { 275 struct cil_portcon *aportcon; 276 cil_portcon_init(&aportcon); 277 278 struct cil_portcon *bportcon; 279 cil_portcon_init(&bportcon); 280 281 aportcon->port_low = 17; 282 aportcon->port_high = 20; 283 284 bportcon->port_low = 17; 285 bportcon->port_high = 20; 286 287 int rc = cil_post_portcon_compare(&aportcon, &bportcon); 288 CuAssertTrue(tc, rc == 0); 289} 290 291void test_cil_post_genfscon_compare_atypestr_greater_btypestr(CuTest *tc) { 292 struct cil_genfscon *agenfscon; 293 cil_genfscon_init(&agenfscon); 294 agenfscon->fs_str = "aaaa"; 295 296 struct cil_genfscon *bgenfscon; 297 cil_genfscon_init(&bgenfscon); 298 bgenfscon->fs_str = "bbbb"; 299 300 int rc = cil_post_genfscon_compare(&agenfscon, &bgenfscon); 301 CuAssertTrue(tc, rc < 0); 302} 303 304void test_cil_post_genfscon_compare_btypestr_greater_atypestr(CuTest *tc) { 305 struct cil_genfscon *agenfscon; 306 cil_genfscon_init(&agenfscon); 307 agenfscon->fs_str = "bbbb"; 308 309 struct cil_genfscon *bgenfscon; 310 cil_genfscon_init(&bgenfscon); 311 bgenfscon->fs_str = "aaaa"; 312 313 int rc = cil_post_genfscon_compare(&agenfscon, &bgenfscon); 314 CuAssertTrue(tc, rc > 0); 315} 316 317void test_cil_post_genfscon_compare_apathstr_greater_bpathstr(CuTest *tc) { 318 struct cil_genfscon *agenfscon; 319 cil_genfscon_init(&agenfscon); 320 agenfscon->fs_str = "aaaa"; 321 agenfscon->path_str = "ff"; 322 323 struct cil_genfscon *bgenfscon; 324 cil_genfscon_init(&bgenfscon); 325 bgenfscon->fs_str = "aaaa"; 326 bgenfscon->path_str = "gg"; 327 328 int rc = cil_post_genfscon_compare(&agenfscon, &bgenfscon); 329 CuAssertTrue(tc, rc < 0); 330} 331 332void test_cil_post_genfscon_compare_bpathstr_greater_apathstr(CuTest *tc) { 333 struct cil_genfscon *agenfscon; 334 cil_genfscon_init(&agenfscon); 335 agenfscon->fs_str = "bbbb"; 336 agenfscon->path_str = "cccc"; 337 338 struct cil_genfscon *bgenfscon; 339 cil_genfscon_init(&bgenfscon); 340 bgenfscon->fs_str = "bbbb"; 341 bgenfscon->path_str = "aaaa"; 342 343 int rc = cil_post_genfscon_compare(&agenfscon, &bgenfscon); 344 CuAssertTrue(tc, rc > 0); 345} 346 347void test_cil_post_genfscon_compare_equal(CuTest *tc) { 348 struct cil_genfscon *agenfscon; 349 cil_genfscon_init(&agenfscon); 350 agenfscon->fs_str = "bbbb"; 351 agenfscon->path_str = "cccc"; 352 353 struct cil_genfscon *bgenfscon; 354 cil_genfscon_init(&bgenfscon); 355 bgenfscon->fs_str = "bbbb"; 356 bgenfscon->path_str = "cccc"; 357 358 int rc = cil_post_genfscon_compare(&agenfscon, &bgenfscon); 359 CuAssertIntEquals(tc, 0, rc); 360} 361 362void test_cil_post_netifcon_compare_a_greater_b(CuTest *tc) { 363 struct cil_netifcon *anetifcon; 364 cil_netifcon_init(&anetifcon); 365 anetifcon->interface_str = "aaa"; 366 367 struct cil_netifcon *bnetifcon; 368 cil_netifcon_init(&bnetifcon); 369 bnetifcon->interface_str = "bbb"; 370 371 int rc = cil_post_netifcon_compare(&anetifcon, &bnetifcon); 372 CuAssertTrue(tc, rc < 0); 373} 374 375void test_cil_post_netifcon_compare_b_greater_a(CuTest *tc) { 376 struct cil_netifcon *anetifcon; 377 cil_netifcon_init(&anetifcon); 378 anetifcon->interface_str = "bbb"; 379 380 struct cil_netifcon *bnetifcon; 381 cil_netifcon_init(&bnetifcon); 382 bnetifcon->interface_str = "aaa"; 383 384 int rc = cil_post_netifcon_compare(&anetifcon, &bnetifcon); 385 CuAssertTrue(tc, rc > 0); 386} 387 388void test_cil_post_netifcon_compare_equal(CuTest *tc) { 389 struct cil_netifcon *anetifcon; 390 cil_netifcon_init(&anetifcon); 391 anetifcon->interface_str = "aaa"; 392 393 struct cil_netifcon *bnetifcon; 394 cil_netifcon_init(&bnetifcon); 395 bnetifcon->interface_str = "aaa"; 396 397 int rc = cil_post_netifcon_compare(&anetifcon, &bnetifcon); 398 CuAssertTrue(tc, rc == 0); 399} 400 401void test_cil_post_nodecon_compare_aipv4_bipv6(CuTest *tc) { 402 struct cil_nodecon *anodecon; 403 cil_nodecon_init(&anodecon); 404 cil_ipaddr_init(&anodecon->addr); 405 cil_ipaddr_init(&anodecon->mask); 406 407 struct cil_nodecon *bnodecon; 408 cil_nodecon_init(&bnodecon); 409 cil_ipaddr_init(&bnodecon->addr); 410 cil_ipaddr_init(&bnodecon->mask); 411 412 anodecon->addr->ip.v4.s_addr = 103; 413 anodecon->mask->ip.v4.s_addr = 100; 414 anodecon->addr->family = AF_INET; 415 416 bnodecon->addr->ip.v4.s_addr = 100; 417 bnodecon->mask->ip.v4.s_addr = 100; 418 bnodecon->addr->family = AF_INET6; 419 420 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 421 CuAssertTrue(tc, rc < 0); 422} 423 424void test_cil_post_nodecon_compare_aipv6_bipv4(CuTest *tc) { 425 struct cil_nodecon *anodecon; 426 cil_nodecon_init(&anodecon); 427 cil_ipaddr_init(&anodecon->addr); 428 cil_ipaddr_init(&anodecon->mask); 429 430 struct cil_nodecon *bnodecon; 431 cil_nodecon_init(&bnodecon); 432 cil_ipaddr_init(&bnodecon->addr); 433 cil_ipaddr_init(&bnodecon->mask); 434 435 anodecon->addr->ip.v4.s_addr = 103; 436 anodecon->mask->ip.v4.s_addr = 100; 437 anodecon->addr->family = AF_INET6; 438 439 bnodecon->addr->ip.v4.s_addr = 100; 440 bnodecon->mask->ip.v4.s_addr = 100; 441 bnodecon->addr->family = AF_INET; 442 443 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 444 CuAssertTrue(tc, rc > 0); 445} 446 447void test_cil_post_nodecon_compare_aipv4_greaterthan_bipv4(CuTest *tc) { 448 struct cil_nodecon *anodecon; 449 cil_nodecon_init(&anodecon); 450 cil_ipaddr_init(&anodecon->addr); 451 cil_ipaddr_init(&anodecon->mask); 452 453 struct cil_nodecon *bnodecon; 454 cil_nodecon_init(&bnodecon); 455 cil_ipaddr_init(&bnodecon->addr); 456 cil_ipaddr_init(&bnodecon->mask); 457 458 anodecon->addr->ip.v4.s_addr = 103; 459 anodecon->mask->ip.v4.s_addr = 100; 460 anodecon->addr->family = AF_INET; 461 462 bnodecon->addr->ip.v4.s_addr = 100; 463 bnodecon->mask->ip.v4.s_addr = 100; 464 bnodecon->addr->family = AF_INET; 465 466 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 467 CuAssertTrue(tc, rc > 0); 468} 469 470void test_cil_post_nodecon_compare_aipv4_lessthan_bipv4(CuTest *tc) { 471 struct cil_nodecon *anodecon; 472 cil_nodecon_init(&anodecon); 473 cil_ipaddr_init(&anodecon->addr); 474 cil_ipaddr_init(&anodecon->mask); 475 476 struct cil_nodecon *bnodecon; 477 cil_nodecon_init(&bnodecon); 478 cil_ipaddr_init(&bnodecon->addr); 479 cil_ipaddr_init(&bnodecon->mask); 480 481 anodecon->addr->ip.v4.s_addr = 99; 482 anodecon->mask->ip.v4.s_addr = 100; 483 anodecon->addr->family = AF_INET; 484 485 bnodecon->addr->ip.v4.s_addr = 100; 486 bnodecon->mask->ip.v4.s_addr = 100; 487 bnodecon->addr->family = AF_INET; 488 489 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 490 CuAssertTrue(tc, rc < 0); 491} 492 493void test_cil_post_nodecon_compare_amaskipv4_greaterthan_bmaskipv4(CuTest *tc) { 494 struct cil_nodecon *anodecon; 495 cil_nodecon_init(&anodecon); 496 cil_ipaddr_init(&anodecon->addr); 497 cil_ipaddr_init(&anodecon->mask); 498 499 struct cil_nodecon *bnodecon; 500 cil_nodecon_init(&bnodecon); 501 cil_ipaddr_init(&bnodecon->addr); 502 cil_ipaddr_init(&bnodecon->mask); 503 504 anodecon->addr->ip.v4.s_addr = 103; 505 anodecon->mask->ip.v4.s_addr = 101; 506 anodecon->addr->family = AF_INET; 507 508 bnodecon->addr->ip.v4.s_addr = 100; 509 bnodecon->mask->ip.v4.s_addr = 100; 510 bnodecon->addr->family = AF_INET; 511 512 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 513 CuAssertTrue(tc, rc < 0); 514} 515 516void test_cil_post_nodecon_compare_amaskipv4_lessthan_bmaskipv4(CuTest *tc) { 517 struct cil_nodecon *anodecon; 518 cil_nodecon_init(&anodecon); 519 cil_ipaddr_init(&anodecon->addr); 520 cil_ipaddr_init(&anodecon->mask); 521 522 struct cil_nodecon *bnodecon; 523 cil_nodecon_init(&bnodecon); 524 cil_ipaddr_init(&bnodecon->addr); 525 cil_ipaddr_init(&bnodecon->mask); 526 527 anodecon->addr->ip.v4.s_addr = 99; 528 anodecon->mask->ip.v4.s_addr = 99; 529 anodecon->addr->family = AF_INET; 530 531 bnodecon->addr->ip.v4.s_addr = 100; 532 bnodecon->mask->ip.v4.s_addr = 100; 533 bnodecon->addr->family = AF_INET; 534 535 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 536 CuAssertTrue(tc, rc > 0); 537} 538 539void test_cil_post_nodecon_compare_aipv6_greaterthan_bipv6(CuTest *tc) { 540 struct cil_nodecon *anodecon; 541 cil_nodecon_init(&anodecon); 542 cil_ipaddr_init(&anodecon->addr); 543 cil_ipaddr_init(&anodecon->mask); 544 545 struct cil_nodecon *bnodecon; 546 cil_nodecon_init(&bnodecon); 547 cil_ipaddr_init(&bnodecon->addr); 548 cil_ipaddr_init(&bnodecon->mask); 549 550 anodecon->addr->ip.v6.s6_addr[0] = '5'; 551 anodecon->mask->ip.v6.s6_addr[0] = '9'; 552 anodecon->addr->family = AF_INET6; 553 554 bnodecon->addr->ip.v6.s6_addr[0] = '3'; 555 bnodecon->mask->ip.v6.s6_addr[0] = '9'; 556 bnodecon->addr->family = AF_INET6; 557 558 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 559 CuAssertTrue(tc, rc > 0); 560} 561 562void test_cil_post_nodecon_compare_aipv6_lessthan_bipv6(CuTest *tc) { 563 struct cil_nodecon *anodecon; 564 cil_nodecon_init(&anodecon); 565 cil_ipaddr_init(&anodecon->addr); 566 cil_ipaddr_init(&anodecon->mask); 567 568 struct cil_nodecon *bnodecon; 569 cil_nodecon_init(&bnodecon); 570 cil_ipaddr_init(&bnodecon->addr); 571 cil_ipaddr_init(&bnodecon->mask); 572 573 anodecon->addr->ip.v6.s6_addr[0] = '3'; 574 anodecon->mask->ip.v6.s6_addr[0] = '1'; 575 anodecon->addr->family = AF_INET6; 576 577 bnodecon->addr->ip.v6.s6_addr[0] = '5'; 578 bnodecon->mask->ip.v6.s6_addr[0] = '1'; 579 bnodecon->addr->family = AF_INET6; 580 581 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 582 CuAssertTrue(tc, rc < 0); 583} 584 585void test_cil_post_nodecon_compare_amaskipv6_greaterthan_bmaskipv6(CuTest *tc) { 586 struct cil_nodecon *anodecon; 587 cil_nodecon_init(&anodecon); 588 cil_ipaddr_init(&anodecon->addr); 589 cil_ipaddr_init(&anodecon->mask); 590 591 struct cil_nodecon *bnodecon; 592 cil_nodecon_init(&bnodecon); 593 cil_ipaddr_init(&bnodecon->addr); 594 cil_ipaddr_init(&bnodecon->mask); 595 596 anodecon->addr->ip.v6.s6_addr[0] = '1'; 597 anodecon->mask->ip.v6.s6_addr[0] = '4'; 598 anodecon->addr->family = AF_INET6; 599 600 bnodecon->addr->ip.v6.s6_addr[0] = '1'; 601 bnodecon->mask->ip.v6.s6_addr[0] = '3'; 602 bnodecon->addr->family = AF_INET6; 603 604 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 605 CuAssertTrue(tc, rc < 0); 606} 607 608void test_cil_post_nodecon_compare_amaskipv6_lessthan_bmaskipv6(CuTest *tc) { 609 struct cil_nodecon *anodecon; 610 cil_nodecon_init(&anodecon); 611 cil_ipaddr_init(&anodecon->addr); 612 cil_ipaddr_init(&anodecon->mask); 613 614 struct cil_nodecon *bnodecon; 615 cil_nodecon_init(&bnodecon); 616 cil_ipaddr_init(&bnodecon->addr); 617 cil_ipaddr_init(&bnodecon->mask); 618 619 anodecon->addr->ip.v6.s6_addr[0] = '5'; 620 anodecon->mask->ip.v6.s6_addr[0] = '1'; 621 anodecon->addr->family = AF_INET6; 622 623 bnodecon->addr->ip.v6.s6_addr[0] = '5'; 624 bnodecon->mask->ip.v6.s6_addr[0] = '6'; 625 bnodecon->addr->family = AF_INET6; 626 627 int rc = cil_post_nodecon_compare(&anodecon, &bnodecon); 628 CuAssertTrue(tc, rc > 0); 629} 630 631void test_cil_post_fsuse_compare_type_a_greater_b(CuTest *tc) { 632 struct cil_fsuse *afsuse; 633 cil_fsuse_init(&afsuse); 634 afsuse->type = CIL_FSUSE_XATTR; 635 636 struct cil_fsuse *bfsuse; 637 cil_fsuse_init(&bfsuse); 638 bfsuse->type = CIL_FSUSE_TASK; 639 640 int rc = cil_post_fsuse_compare(&afsuse, &bfsuse); 641 CuAssertTrue(tc, rc < 0); 642} 643 644void test_cil_post_fsuse_compare_type_b_greater_a(CuTest *tc) { 645 struct cil_fsuse *afsuse; 646 cil_fsuse_init(&afsuse); 647 afsuse->type = CIL_FSUSE_TASK; 648 649 struct cil_fsuse *bfsuse; 650 cil_fsuse_init(&bfsuse); 651 bfsuse->type = CIL_FSUSE_XATTR; 652 653 int rc = cil_post_fsuse_compare(&afsuse, &bfsuse); 654 CuAssertTrue(tc, rc > 0); 655} 656 657void test_cil_post_fsuse_compare_fsstr_a_greater_b(CuTest *tc) { 658 struct cil_fsuse *afsuse; 659 cil_fsuse_init(&afsuse); 660 afsuse->type = CIL_FSUSE_XATTR; 661 afsuse->fs_str = "aaa"; 662 663 struct cil_fsuse *bfsuse; 664 cil_fsuse_init(&bfsuse); 665 bfsuse->type = CIL_FSUSE_XATTR; 666 bfsuse->fs_str = "bbb"; 667 668 int rc = cil_post_fsuse_compare(&afsuse, &bfsuse); 669 CuAssertTrue(tc, rc < 0); 670} 671 672void test_cil_post_fsuse_compare_fsstr_b_greater_a(CuTest *tc) { 673 struct cil_fsuse *afsuse; 674 cil_fsuse_init(&afsuse); 675 afsuse->type = CIL_FSUSE_XATTR; 676 afsuse->fs_str = "bbb"; 677 678 struct cil_fsuse *bfsuse; 679 cil_fsuse_init(&bfsuse); 680 bfsuse->type = CIL_FSUSE_XATTR; 681 bfsuse->fs_str = "aaa"; 682 683 int rc = cil_post_fsuse_compare(&afsuse, &bfsuse); 684 CuAssertTrue(tc, rc > 0); 685} 686 687void test_cil_post_fsuse_compare_equal(CuTest *tc) { 688 struct cil_fsuse *afsuse; 689 cil_fsuse_init(&afsuse); 690 afsuse->type = CIL_FSUSE_XATTR; 691 afsuse->fs_str = "foo"; 692 693 struct cil_fsuse *bfsuse; 694 cil_fsuse_init(&bfsuse); 695 bfsuse->type = CIL_FSUSE_XATTR; 696 bfsuse->fs_str = "foo"; 697 698 int rc = cil_post_fsuse_compare(&afsuse, &bfsuse); 699 CuAssertTrue(tc, rc == 0); 700} 701 702 703 704