]>
Commit | Line | Data |
---|---|---|
1 | #include <TargetConditionals.h> | |
2 | ||
3 | #if TARGET_OS_EMBEDDED | |
4 | ||
5 | #include <unistd.h> | |
6 | #include <fcntl.h> | |
7 | #include <stdio.h> | |
8 | #include <sys/mman.h> | |
9 | #include <string.h> | |
10 | #include <sys/attr.h> | |
11 | #include <sys/types.h> | |
12 | #include <sys/sysctl.h> | |
13 | #include <sys/stat.h> | |
14 | #include <sys/xattr.h> | |
15 | #include <sys/mount.h> | |
16 | #include <sys/param.h> | |
17 | #include <CommonCrypto/CommonDigest.h> | |
18 | #include <libkern/OSAtomic.h> | |
19 | #include <pthread.h> | |
20 | #include <spawn.h> | |
21 | #include <MobileKeyBag/MobileKeyBag.h> | |
22 | ||
23 | #include "hfs-tests.h" | |
24 | #include "test-utils.h" | |
25 | #include "systemx.h" | |
26 | ||
27 | TEST(chflags, .run_as_root = true) | |
28 | ||
29 | #define PROFILECTL "/usr/local/bin/profilectl" | |
30 | #define TEST_DIR "/tmp" | |
31 | ||
32 | int run_chflags(__unused test_ctx_t *ctx) | |
33 | { | |
34 | // The root file system needs to be HFS | |
35 | struct statfs sfs; | |
36 | ||
37 | assert(statfs("/tmp", &sfs) == 0); | |
38 | if (strcmp(sfs.f_fstypename, "hfs")) { | |
39 | printf("chflags needs hfs as root file system - skipping.\n"); | |
40 | return 0; | |
41 | } | |
42 | ||
43 | char *file; | |
44 | asprintf(&file, "%s/chflags-metadata-test.data", TEST_DIR); | |
45 | ||
46 | int fd; | |
47 | char filedata[4] = "Asdf"; | |
48 | ||
49 | // Change system passcode | |
50 | assert_no_err(systemx(PROFILECTL, "changepass", "", "1234", NULL)); | |
51 | ||
52 | // Unlock the system | |
53 | assert_no_err(systemx(PROFILECTL, "unlock", "1234", NULL)); | |
54 | ||
55 | // Wait until the device is locked | |
56 | while (MKBGetDeviceLockState(NULL) != kMobileKeyBagDeviceIsUnlocked) | |
57 | sleep(1); | |
58 | ||
59 | assert_with_errno((fd = open(file, | |
60 | O_CREAT | O_RDWR | O_TRUNC, 0666)) >= 0); | |
61 | ||
62 | check_io(write(fd, filedata, sizeof(filedata)), sizeof(filedata)); | |
63 | ||
64 | // Set the file to class A | |
65 | assert_no_err(fcntl(fd, F_SETPROTECTIONCLASS, 1)); | |
66 | ||
67 | assert_no_err(fchflags(fd, UF_IMMUTABLE)); | |
68 | ||
69 | close(fd); | |
70 | ||
71 | // lock the system | |
72 | assert_no_err(systemx(PROFILECTL, "lock", NULL)); | |
73 | ||
74 | // Wait until the device is locked | |
75 | while (MKBGetDeviceLockState(NULL) != kMobileKeyBagDeviceIsLocked) | |
76 | sleep(1); | |
77 | ||
78 | // should be able to remove the file. | |
79 | assert_no_err(systemx("/bin/unlink", file, NULL)); | |
80 | free(file); | |
81 | ||
82 | // Unlock the system | |
83 | assert_no_err(systemx(PROFILECTL, "unlock", "1234", NULL)); | |
84 | ||
85 | // Change system passcode back | |
86 | assert_no_err(systemx(PROFILECTL, "changepass", "1234", "", NULL)); | |
87 | ||
88 | return 0; | |
89 | } | |
90 | ||
91 | #endif // TARGET_OS_EMBEDDED |