From patchwork Thu Apr 30 09:52:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Petazzoni X-Patchwork-Id: 1280110 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=bootlin.com Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49CW0q1LgBz9sPF for ; Thu, 30 Apr 2020 19:53:31 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id AA90586D17; Thu, 30 Apr 2020 09:53:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WEGYn_Wgd4As; Thu, 30 Apr 2020 09:53:28 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 7296686D02; Thu, 30 Apr 2020 09:53:28 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id 207981BF86C for ; Thu, 30 Apr 2020 09:53:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 1D44788688 for ; Thu, 30 Apr 2020 09:53:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7soxswpoHkSE for ; Thu, 30 Apr 2020 09:53:13 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [217.70.183.199]) by hemlock.osuosl.org (Postfix) with ESMTPS id 9F3C88867F for ; Thu, 30 Apr 2020 09:53:12 +0000 (UTC) X-Originating-IP: 86.210.146.109 Received: from localhost (lfbn-tou-1-915-109.w86-210.abo.wanadoo.fr [86.210.146.109]) (Authenticated sender: thomas.petazzoni@bootlin.com) by relay9-d.mail.gandi.net (Postfix) with ESMTPSA id C92C7FF80A; Thu, 30 Apr 2020 09:53:09 +0000 (UTC) From: Thomas Petazzoni To: Buildroot List Date: Thu, 30 Apr 2020 11:52:48 +0200 Message-Id: <20200430095249.782597-12-thomas.petazzoni@bootlin.com> X-Mailer: git-send-email 2.25.4 In-Reply-To: <20200430095249.782597-1-thomas.petazzoni@bootlin.com> References: <20200430095249.782597-1-thomas.petazzoni@bootlin.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 11/11] support/testing/tests: add test for file overwrite detection X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Korsgaard , "Yann E. MORIN" , Thomas Petazzoni Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Signed-off-by: Thomas Petazzoni --- .gitlab-ci.yml | 2 + .../br2-external/detect-overwrite/Config.in | 1 + .../detect-overwrite/external.desc | 1 + .../br2-external/detect-overwrite/external.mk | 1 + .../package/detect-overwrite/Config.in | 5 ++ .../detect-overwrite/detect-overwrite.mk | 19 ++++++++ .../testing/tests/core/test_file_overwrite.py | 47 +++++++++++++++++++ 7 files changed, 76 insertions(+) create mode 100644 support/testing/tests/core/br2-external/detect-overwrite/Config.in create mode 100644 support/testing/tests/core/br2-external/detect-overwrite/external.desc create mode 100644 support/testing/tests/core/br2-external/detect-overwrite/external.mk create mode 100644 support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/Config.in create mode 100644 support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/detect-overwrite.mk create mode 100644 support/testing/tests/core/test_file_overwrite.py diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index dd69fb9d50..64266d8783 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -356,6 +356,8 @@ tests.boot.test_syslinux.TestSysLinuxX86_64EFI: { extends: .runtime_test } tests.boot.test_syslinux.TestSysLinuxX86_64LegacyBios: { extends: .runtime_test } tests.core.test_bad_arch.DetectBadArchTest: { extends: .runtime_test } tests.core.test_file_capabilities.TestFileCapabilities: { extends: .runtime_test } +tests.core.test_file_overwrite.DetectHostFileOverwriteTest: { extends: .runtime_test } +tests.core.test_file_overwrite.DetectTargetFileOverwriteTest: { extends: .runtime_test } tests.core.test_hardening.TestFortifyConserv: { extends: .runtime_test } tests.core.test_hardening.TestFortifyNone: { extends: .runtime_test } tests.core.test_hardening.TestRelro: { extends: .runtime_test } diff --git a/support/testing/tests/core/br2-external/detect-overwrite/Config.in b/support/testing/tests/core/br2-external/detect-overwrite/Config.in new file mode 100644 index 0000000000..b5514510bd --- /dev/null +++ b/support/testing/tests/core/br2-external/detect-overwrite/Config.in @@ -0,0 +1 @@ +source "$BR2_EXTERNAL_DETECT_OVERWRITE_PATH/package/detect-overwrite/Config.in" diff --git a/support/testing/tests/core/br2-external/detect-overwrite/external.desc b/support/testing/tests/core/br2-external/detect-overwrite/external.desc new file mode 100644 index 0000000000..6fedc276e8 --- /dev/null +++ b/support/testing/tests/core/br2-external/detect-overwrite/external.desc @@ -0,0 +1 @@ +name: DETECT_OVERWRITE diff --git a/support/testing/tests/core/br2-external/detect-overwrite/external.mk b/support/testing/tests/core/br2-external/detect-overwrite/external.mk new file mode 100644 index 0000000000..90927b33ef --- /dev/null +++ b/support/testing/tests/core/br2-external/detect-overwrite/external.mk @@ -0,0 +1 @@ +include $(sort $(wildcard $(BR2_EXTERNAL_DETECT_OVERWRITE_PATH)/package/*/*.mk)) diff --git a/support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/Config.in b/support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/Config.in new file mode 100644 index 0000000000..fff8b0320f --- /dev/null +++ b/support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/Config.in @@ -0,0 +1,5 @@ +config BR2_PACKAGE_DETECT_OVERWRITE + bool "detect-overwrite" + +config BR2_PACKAGE_HOST_DETECT_OVERWRITE + bool "host-detect-overwrite" diff --git a/support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/detect-overwrite.mk b/support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/detect-overwrite.mk new file mode 100644 index 0000000000..c6df2a339d --- /dev/null +++ b/support/testing/tests/core/br2-external/detect-overwrite/package/detect-overwrite/detect-overwrite.mk @@ -0,0 +1,19 @@ +################################################################################ +# +# detect-overwrite +# +################################################################################ + +define DETECT_OVERWRITE_INSTALL_TARGET_CMDS + grep -q "^foo" $(TARGET_DIR)/etc/passwd || \ + echo "foo" >> $(TARGET_DIR)/etc/passwd +endef + +HOST_DETECT_OVERWRITE_DEPENDENCIES = host-pkgconf + +define HOST_DETECT_OVERWRITE_INSTALL_CMDS + $(SED) 's/manipulating/tweaking/' $(HOST_DIR)/lib/pkgconfig/libpkgconf.pc +endef + +$(eval $(generic-package)) +$(eval $(host-generic-package)) diff --git a/support/testing/tests/core/test_file_overwrite.py b/support/testing/tests/core/test_file_overwrite.py new file mode 100644 index 0000000000..526ed55e43 --- /dev/null +++ b/support/testing/tests/core/test_file_overwrite.py @@ -0,0 +1,47 @@ +import infra +import infra.basetest +import subprocess + + +class DetectTargetFileOverwriteTest(infra.basetest.BRConfigTest): + config = \ + infra.basetest.BASIC_TOOLCHAIN_CONFIG + \ + infra.basetest.MINIMAL_CONFIG + \ + """ + BR2_PER_PACKAGE_DIRECTORIES=y + BR2_PACKAGE_DETECT_OVERWRITE=y + """ + br2_external = [infra.filepath("tests/core/br2-external/detect-overwrite")] + + def test_run(self): + with self.assertRaises(SystemError): + self.b.build() + logf_path = infra.log_file_path(self.b.builddir, "build", + infra.basetest.BRConfigTest.logtofile) + if logf_path: + s = './etc/passwd: FAILED' + logf = open(logf_path, "r") + ret = subprocess.call(["grep", "-q", s], stdin=logf) + self.assertEqual(ret, 0) + + +class DetectHostFileOverwriteTest(infra.basetest.BRConfigTest): + config = \ + infra.basetest.BASIC_TOOLCHAIN_CONFIG + \ + infra.basetest.MINIMAL_CONFIG + \ + """ + BR2_PER_PACKAGE_DIRECTORIES=y + BR2_PACKAGE_HOST_DETECT_OVERWRITE=y + """ + br2_external = [infra.filepath("tests/core/br2-external/detect-overwrite")] + + def test_run(self): + with self.assertRaises(SystemError): + self.b.build() + logf_path = infra.log_file_path(self.b.builddir, "build", + infra.basetest.BRConfigTest.logtofile) + if logf_path: + s = './lib/pkgconfig/libpkgconf.pc: FAILED' + logf = open(logf_path, "r") + ret = subprocess.call(["grep", "-q", s], stdin=logf) + self.assertEqual(ret, 0)