1 /*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <gtest/gtest.h>
18
19 // Below are the header files we want to test.
20 #include <grp.h>
21 #include <pwd.h>
22
23 #include <errno.h>
24 #include <limits.h>
25 #include <sys/cdefs.h>
26 #include <sys/types.h>
27 #include <unistd.h>
28
29 #include <set>
30 #include <vector>
31
32 #include <android-base/file.h>
33 #include <android-base/strings.h>
34 #include <private/android_filesystem_config.h>
35
36 #if defined(__BIONIC__)
37 #include <android/api-level.h>
38 #include <android-base/properties.h>
39 #endif
40
41 // Generated android_ids array
42 #include "generated_android_ids.h"
43
44 #include "utils.h"
45
46 using android::base::Join;
47 using android::base::ReadFileToString;
48 using android::base::Split;
49 using android::base::StartsWith;
50
51 using namespace std::literals;
52
53 enum uid_type_t {
54 TYPE_APP,
55 TYPE_SYSTEM,
56 TYPE_VENDOR,
57 };
58
59 #if defined(__BIONIC__)
60
check_passwd(const passwd * pwd,const char * username,uid_t uid,uid_type_t uid_type,bool check_username)61 static void check_passwd(const passwd* pwd, const char* username, uid_t uid, uid_type_t uid_type,
62 bool check_username) {
63 ASSERT_TRUE(pwd != nullptr);
64 if (check_username) {
65 EXPECT_STREQ(username, pwd->pw_name);
66 }
67 EXPECT_EQ(uid, pwd->pw_uid);
68 EXPECT_EQ(uid, pwd->pw_gid);
69 EXPECT_EQ(nullptr, pwd->pw_passwd);
70 #ifdef __LP64__
71 EXPECT_EQ(nullptr, pwd->pw_gecos);
72 #endif
73
74 if (uid_type == TYPE_APP) {
75 EXPECT_STREQ("/data", pwd->pw_dir);
76 } else {
77 EXPECT_STREQ("/", pwd->pw_dir);
78 }
79
80 // This has changed over time and that causes new GSI + old vendor images testing to fail.
81 // This parameter doesn't matter on Android, so simply ignore its value for older vendor images.
82 if (android::base::GetIntProperty("ro.product.first_api_level", 0) >= 30) {
83 EXPECT_STREQ("/bin/sh", pwd->pw_shell);
84 }
85 }
86
check_getpwuid(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)87 static void check_getpwuid(const char* username, uid_t uid, uid_type_t uid_type,
88 bool check_username) {
89 errno = 0;
90 passwd* pwd = getpwuid(uid);
91 ASSERT_ERRNO(0);
92 SCOPED_TRACE("getpwuid");
93 check_passwd(pwd, username, uid, uid_type, check_username);
94 }
95
check_getpwnam(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)96 static void check_getpwnam(const char* username, uid_t uid, uid_type_t uid_type,
97 bool check_username) {
98 errno = 0;
99 passwd* pwd = getpwnam(username);
100 ASSERT_ERRNO(0);
101 SCOPED_TRACE("getpwnam");
102 check_passwd(pwd, username, uid, uid_type, check_username);
103 }
104
check_getpwuid_r(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)105 static void check_getpwuid_r(const char* username, uid_t uid, uid_type_t uid_type,
106 bool check_username) {
107 passwd pwd_storage;
108 char buf[512];
109 int result;
110
111 errno = 0;
112 passwd* pwd = nullptr;
113 result = getpwuid_r(uid, &pwd_storage, buf, sizeof(buf), &pwd);
114 ASSERT_EQ(0, result);
115 ASSERT_ERRNO(0);
116 SCOPED_TRACE("getpwuid_r");
117 check_passwd(pwd, username, uid, uid_type, check_username);
118 }
119
check_getpwnam_r(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)120 static void check_getpwnam_r(const char* username, uid_t uid, uid_type_t uid_type,
121 bool check_username) {
122 passwd pwd_storage;
123 char buf[512];
124 int result;
125
126 errno = 0;
127 passwd* pwd = nullptr;
128 result = getpwnam_r(username, &pwd_storage, buf, sizeof(buf), &pwd);
129 ASSERT_EQ(0, result);
130 ASSERT_ERRNO(0);
131 SCOPED_TRACE("getpwnam_r");
132 check_passwd(pwd, username, uid, uid_type, check_username);
133 }
134
check_get_passwd(const char * username,uid_t uid,uid_type_t uid_type,bool check_username=true)135 static void check_get_passwd(const char* username, uid_t uid, uid_type_t uid_type,
136 bool check_username = true) {
137 SCOPED_TRACE("username '"s + username + "'");
138 check_getpwuid(username, uid, uid_type, check_username);
139 check_getpwnam(username, uid, uid_type, check_username);
140 check_getpwuid_r(username, uid, uid_type, check_username);
141 check_getpwnam_r(username, uid, uid_type, check_username);
142 }
143
expect_no_passwd_id(uid_t uid)144 static void expect_no_passwd_id(uid_t uid) {
145 SCOPED_TRACE("uid '" + std::to_string(uid) + "'");
146 errno = 0;
147 passwd* passwd = nullptr;
148 passwd = getpwuid(uid);
149 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
150 EXPECT_ERRNO(ENOENT);
151
152 struct passwd passwd_storage;
153 char buf[512];
154 EXPECT_EQ(ENOENT, getpwuid_r(uid, &passwd_storage, buf, sizeof(buf), &passwd));
155 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
156 }
157
expect_no_passwd_name(const char * username)158 static void expect_no_passwd_name(const char* username) {
159 SCOPED_TRACE("username '"s + username + "'");
160 errno = 0;
161 passwd* passwd = nullptr;
162 passwd = getpwnam(username);
163 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
164 EXPECT_ERRNO(ENOENT);
165
166 struct passwd passwd_storage;
167 char buf[512];
168 EXPECT_EQ(ENOENT, getpwnam_r(username, &passwd_storage, buf, sizeof(buf), &passwd));
169 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
170 }
171
172 #else // !defined(__BIONIC__)
173
check_get_passwd(const char *,uid_t,uid_type_t,bool)174 static void check_get_passwd(const char* /* username */, uid_t /* uid */, uid_type_t /* uid_type */,
175 bool /* check_username */) {
176 GTEST_SKIP() << "bionic-only test";
177 }
178
check_get_passwd(const char *,uid_t,uid_type_t)179 static void check_get_passwd(const char* /* username */, uid_t /* uid */, uid_type_t /* uid_type */) {
180 GTEST_SKIP() << "bionic-only test";
181 }
182
expect_no_passwd_id(uid_t)183 static void expect_no_passwd_id(uid_t /* uid */) {
184 GTEST_SKIP() << "bionic-only test";
185 }
186
expect_no_passwd_name(const char *)187 static void expect_no_passwd_name(const char* /* username */) {
188 GTEST_SKIP() << "bionic-only test";
189 }
190
191 #endif
192
TEST(pwd,getpwnam_platform_ids)193 TEST(pwd, getpwnam_platform_ids) {
194 check_get_passwd("root", 0, TYPE_SYSTEM);
195 check_get_passwd("daemon", 1, TYPE_SYSTEM);
196 check_get_passwd("bin", 2, TYPE_SYSTEM);
197
198 check_get_passwd("system", 1000, TYPE_SYSTEM);
199 check_get_passwd("radio", 1001, TYPE_SYSTEM);
200
201 check_get_passwd("shell", 2000, TYPE_SYSTEM);
202
203 check_get_passwd("nobody", 9999, TYPE_SYSTEM);
204 }
205
TEST(pwd,getpwnam_oem_ids)206 TEST(pwd, getpwnam_oem_ids) {
207 check_get_passwd("oem_2900", 2900, TYPE_VENDOR, false);
208 check_get_passwd("oem_2945", 2945, TYPE_VENDOR, false);
209 check_get_passwd("oem_2999", 2999, TYPE_VENDOR, false);
210 check_get_passwd("oem_5000", 5000, TYPE_VENDOR, false);
211 check_get_passwd("oem_5454", 5454, TYPE_VENDOR, false);
212 check_get_passwd("oem_5999", 5999, TYPE_VENDOR, false);
213 }
214
TEST(pwd,getpwnam_non_exist)215 TEST(pwd, getpwnam_non_exist) {
216 expect_no_passwd_id(999); // End of the system reserved range, unallocated.
217 expect_no_passwd_id(1999); // End of the system reserved range, unallocated.
218 expect_no_passwd_id(2899); // End of the system reserved range, unallocated.
219
220 // These ranges are for GIDs only.
221 expect_no_passwd_id(20000);
222 expect_no_passwd_id(30000);
223 expect_no_passwd_id(40000);
224 expect_no_passwd_id(50000);
225
226 // These should not be parsed as users, only as groups.
227 expect_no_passwd_name("u0_a9999_cache");
228 expect_no_passwd_name("u0_a9999_ext");
229 expect_no_passwd_name("u0_a9999_ext_cache");
230 expect_no_passwd_name("all_a9999");
231 }
232
TEST(pwd,getpwnam_u0_app_ids)233 TEST(pwd, getpwnam_u0_app_ids) {
234 check_get_passwd("u0_a0", 10000, TYPE_APP);
235 check_get_passwd("u0_a1234", 11234, TYPE_APP);
236 check_get_passwd("u0_a9999", 19999, TYPE_APP);
237
238 check_get_passwd("u0_i1", 90001, TYPE_APP);
239 check_get_passwd("u0_i4545", 94545, TYPE_APP);
240 check_get_passwd("u0_i9999", 99999, TYPE_APP);
241 }
242
TEST(pwd,getpwnam_app_id_u1_ids)243 TEST(pwd, getpwnam_app_id_u1_ids) {
244 check_get_passwd("u1_system", 101000, TYPE_SYSTEM);
245 check_get_passwd("u1_radio", 101001, TYPE_SYSTEM);
246
247 check_get_passwd("u1_a0", 110000, TYPE_APP);
248 check_get_passwd("u1_a1234", 111234, TYPE_APP);
249 check_get_passwd("u1_a9999", 119999, TYPE_APP);
250
251 check_get_passwd("u1_i1", 190001, TYPE_APP);
252 check_get_passwd("u1_i4545", 194545, TYPE_APP);
253 check_get_passwd("u1_i9999", 199999, TYPE_APP);
254 }
255
TEST(pwd,getpwnam_app_id_u31_ids)256 TEST(pwd, getpwnam_app_id_u31_ids) {
257 check_get_passwd("u31_system", 3101000, TYPE_SYSTEM);
258 check_get_passwd("u31_radio", 3101001, TYPE_SYSTEM);
259
260 check_get_passwd("u31_a0", 3110000, TYPE_APP);
261 check_get_passwd("u31_a1234", 3111234, TYPE_APP);
262 check_get_passwd("u31_a9999", 3119999, TYPE_APP);
263
264 check_get_passwd("u31_i1", 3190001, TYPE_APP);
265 check_get_passwd("u31_i4545", 3194545, TYPE_APP);
266 check_get_passwd("u31_i9999", 3199999, TYPE_APP);
267 }
268
TEST(pwd,getpwnam_app_id_not_allowed_platform)269 TEST(pwd, getpwnam_app_id_not_allowed_platform) {
270 expect_no_passwd_name("u1_root");
271 expect_no_passwd_name("u1_debuggerd");
272
273 expect_no_passwd_name("u31_root");
274 expect_no_passwd_name("u31_debuggerd");
275 }
276
TEST(pwd,getpwuid_app_id_u1_non_exist)277 TEST(pwd, getpwuid_app_id_u1_non_exist) {
278 expect_no_passwd_id(100000); // There is no 'root' for secondary users.
279 expect_no_passwd_id(101999); // End of the system reserved range, unallocated.
280 expect_no_passwd_id(102900); // The OEM ranges were never allocated to secondary users.
281 expect_no_passwd_id(105000); // The OEM ranges were never allocated to secondary users.
282
283 // These ranges are for GIDs only.
284 expect_no_passwd_id(120000);
285 expect_no_passwd_id(130000);
286 expect_no_passwd_id(140000);
287 expect_no_passwd_id(150000);
288 }
289
TEST(pwd,getpwuid_app_id_u31_non_exist)290 TEST(pwd, getpwuid_app_id_u31_non_exist) {
291 expect_no_passwd_id(3100000); // There is no 'root' for secondary users.
292 expect_no_passwd_id(3101999); // End of the system reserved range, unallocated.
293 expect_no_passwd_id(3102900); // The OEM ranges were never allocated to secondary users.
294 expect_no_passwd_id(3105000); // The OEM ranges were never allocated to secondary users.
295
296 // These ranges are for GIDs only.
297 expect_no_passwd_id(3120000);
298 expect_no_passwd_id(3130000);
299 expect_no_passwd_id(3140000);
300 expect_no_passwd_id(3150000);
301 }
302
TEST(pwd,getpwnam_r_alignment)303 TEST(pwd, getpwnam_r_alignment) {
304 #if defined(__BIONIC__)
305 passwd pwd_storage;
306 alignas(16) char buf[512];
307 passwd* pwd;
308 int result = getpwnam_r("root", &pwd_storage, buf + 1, sizeof(buf) - 1, &pwd);
309 ASSERT_EQ(0, result);
310 check_passwd(pwd, "root", 0, TYPE_SYSTEM, true);
311 #else
312 GTEST_SKIP() << "bionic-only test";
313 #endif
314 }
315
TEST(pwd,getpwuid_r_alignment)316 TEST(pwd, getpwuid_r_alignment) {
317 #if defined(__BIONIC__)
318 passwd pwd_storage;
319 alignas(16) char buf[512];
320 passwd* pwd;
321 int result = getpwuid_r(0, &pwd_storage, buf + 1, sizeof(buf) - 1, &pwd);
322 ASSERT_EQ(0, result);
323 check_passwd(pwd, "root", 0, TYPE_SYSTEM, true);
324 #else
325 GTEST_SKIP() << "bionic-only test";
326 #endif
327 }
328
TEST(pwd,getpwnam_r_reentrancy)329 TEST(pwd, getpwnam_r_reentrancy) {
330 #if defined(__BIONIC__)
331 passwd pwd_storage[2];
332 char buf[2][512];
333 passwd* pwd[3];
334 int result = getpwnam_r("root", &pwd_storage[0], buf[0], sizeof(buf[0]), &pwd[0]);
335 ASSERT_EQ(0, result);
336 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
337 pwd[1] = getpwnam("system");
338 ASSERT_NE(nullptr, pwd[1]);
339 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
340 result = getpwnam_r("radio", &pwd_storage[1], buf[1], sizeof(buf[1]), &pwd[2]);
341 ASSERT_EQ(0, result);
342 check_passwd(pwd[2], "radio", 1001, TYPE_SYSTEM, true);
343 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
344 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
345 #else
346 GTEST_SKIP() << "bionic-only test";
347 #endif
348 }
349
TEST(pwd,getpwuid_r_reentrancy)350 TEST(pwd, getpwuid_r_reentrancy) {
351 #if defined(__BIONIC__)
352 passwd pwd_storage[2];
353 char buf[2][512];
354 passwd* pwd[3];
355 int result = getpwuid_r(0, &pwd_storage[0], buf[0], sizeof(buf[0]), &pwd[0]);
356 ASSERT_EQ(0, result);
357 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
358 pwd[1] = getpwuid(1000);
359 ASSERT_NE(nullptr, pwd[1]);
360 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
361 result = getpwuid_r(1001, &pwd_storage[1], buf[1], sizeof(buf[1]), &pwd[2]);
362 ASSERT_EQ(0, result);
363 check_passwd(pwd[2], "radio", 1001, TYPE_SYSTEM, true);
364 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
365 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
366 #else
367 GTEST_SKIP() << "bionic-only test";
368 #endif
369 }
370
TEST(pwd,getpwnam_r_large_enough_suggested_buffer_size)371 TEST(pwd, getpwnam_r_large_enough_suggested_buffer_size) {
372 #if defined(__BIONIC__)
373 long size = sysconf(_SC_GETPW_R_SIZE_MAX);
374 ASSERT_GT(size, 0);
375 char buf[size];
376 passwd pwd_storage;
377 passwd* pwd;
378 ASSERT_EQ(0, getpwnam_r("root", &pwd_storage, buf, size, &pwd));
379 check_passwd(pwd, "root", 0, TYPE_SYSTEM, true);
380 #else
381 GTEST_SKIP() << "bionic-only test";
382 #endif
383 }
384
385 #if defined(__BIONIC__)
386 template <typename T>
expect_ids(T ids,bool is_group)387 static void expect_ids(T ids, bool is_group) {
388 std::set<typename T::key_type> expected_ids;
389 // Ensure that all android_ids are iterated through.
390 for (size_t n = 0; n < android_id_count; ++n) {
391 EXPECT_EQ(1U, ids.count(android_ids[n].aid)) << "android_ids[n].aid: " << android_ids[n].aid;
392 expected_ids.emplace(android_ids[n].aid);
393 }
394
395 auto expect_range = [&ids, &expected_ids](uid_t start, uid_t end) {
396 for (size_t n = start; n <= end; ++n) {
397 EXPECT_EQ(1U, ids.count(n)) << "n: " << n;
398 expected_ids.emplace(n);
399 }
400 };
401
402 // Ensure that all reserved ranges are iterated through.
403 expect_range(AID_OEM_RESERVED_START, AID_OEM_RESERVED_END);
404 expect_range(AID_OEM_RESERVED_2_START, AID_OEM_RESERVED_2_END);
405 expect_range(AID_APP_START, AID_APP_END);
406 if (is_group) {
407 expect_range(AID_CACHE_GID_START, AID_CACHE_GID_END);
408 expect_range(AID_EXT_GID_START, AID_EXT_GID_END);
409 expect_range(AID_EXT_CACHE_GID_START, AID_EXT_CACHE_GID_END);
410 expect_range(AID_SHARED_GID_START, AID_SHARED_GID_END);
411 }
412 expect_range(AID_ISOLATED_START, AID_ISOLATED_END);
413
414 // Prior to R, we didn't have a mechanism to create vendor AIDs in the system or other non-vendor
415 // partitions, therefore we disabled the rest of these checks for older API levels.
416 if (android::base::GetIntProperty("ro.product.first_api_level", 0) <= 29) {
417 return;
418 }
419
420 auto allow_range = [&ids](uid_t start, uid_t end) {
421 for (size_t n = start; n <= end; ++n) {
422 ids.erase(n);
423 }
424 };
425
426 allow_range(AID_SYSTEM_RESERVED_START, AID_SYSTEM_EXT_RESERVED_END);
427
428 // Ensure that no other ids were returned.
429 auto return_differences = [&ids, &expected_ids] {
430 std::vector<typename T::key_type> missing_from_ids;
431 std::set_difference(expected_ids.begin(), expected_ids.end(), ids.begin(), ids.end(),
432 std::inserter(missing_from_ids, missing_from_ids.begin()));
433 std::vector<typename T::key_type> extra_in_ids;
434 std::set_difference(ids.begin(), ids.end(), expected_ids.begin(), expected_ids.end(),
435 std::inserter(extra_in_ids, extra_in_ids.begin()));
436 std::string result;
437 if (!missing_from_ids.empty()) {
438 result += "Missing ids from results: " + Join(missing_from_ids, " ");
439 }
440 if (!extra_in_ids.empty()) {
441 if (!result.empty()) result += ", ";
442 result += "Extra ids in results: " + Join(extra_in_ids, " ");
443 }
444 return result;
445 };
446
447 // AID_UPROBESTATS (1093) was added in API level 35, but "trunk stable" means
448 // that the 2024Q* builds are tested with the _previous_ release's CTS.
449 if (android::base::GetIntProperty("ro.build.version.sdk", 0) == 34) {
450 #if !defined(AID_UPROBESTATS)
451 #define AID_UPROBESTATS 1093
452 #endif
453 ids.erase(AID_UPROBESTATS);
454 expected_ids.erase(AID_UPROBESTATS);
455 if (getpwuid(AID_UPROBESTATS)) {
456 EXPECT_STREQ(getpwuid(AID_UPROBESTATS)->pw_name, "uprobestats");
457 }
458 }
459 // AID_VIRTUALMACHINE (3013) was added in API level 35, but "trunk stable" means
460 // that the 2024Q* builds are tested with the _previous_ release's CTS.
461 if (android::base::GetIntProperty("ro.build.version.sdk", 0) == 34) {
462 #if !defined(AID_VIRTUALMACHINE)
463 #define AID_VIRTUALMACHINE 3013
464 #endif
465 ids.erase(AID_VIRTUALMACHINE);
466 expected_ids.erase(AID_VIRTUALMACHINE);
467 if (getpwuid(AID_VIRTUALMACHINE)) {
468 EXPECT_STREQ(getpwuid(AID_VIRTUALMACHINE)->pw_name, "virtualmachine");
469 }
470 }
471 // AID_CROS_EC (1094) was added in API level 36, but "trunk stable" means
472 // that the 2024Q* builds are tested with the _previous_ release's CTS.
473 if (android::base::GetIntProperty("ro.build.version.sdk", 0) == 35) {
474 #if !defined(AID_CROS_EC)
475 #define AID_CROS_EC 1094
476 #endif
477 ids.erase(AID_CROS_EC);
478 expected_ids.erase(AID_CROS_EC);
479 if (getpwuid(AID_CROS_EC)) {
480 EXPECT_STREQ(getpwuid(AID_CROS_EC)->pw_name, "cros_ec");
481 }
482 }
483 // AID_MMD (1095) was added in API level 36, but "trunk stable" means
484 // that the 2024Q* builds are tested with the _previous_ release's CTS.
485 if (android::base::GetIntProperty("ro.build.version.sdk", 0) == 35) {
486 #if !defined(AID_MMD)
487 #define AID_MMD 1095
488 #endif
489 ids.erase(AID_MMD);
490 expected_ids.erase(AID_MMD);
491 if (getpwuid(AID_MMD)) {
492 EXPECT_STREQ(getpwuid(AID_MMD)->pw_name, "mmd");
493 }
494 }
495
496 EXPECT_EQ(expected_ids, ids) << return_differences();
497 }
498 #endif
499
TEST(pwd,getpwent_iterate)500 TEST(pwd, getpwent_iterate) {
501 #if defined(__BIONIC__)
502 passwd* pwd;
503 std::set<uid_t> uids;
504
505 setpwent();
506 while ((pwd = getpwent()) != nullptr) {
507 ASSERT_TRUE(nullptr != pwd->pw_name);
508
509 EXPECT_EQ(pwd->pw_gid, pwd->pw_uid) << "pwd->pw_uid: " << pwd->pw_uid;
510 EXPECT_EQ(nullptr, pwd->pw_passwd) << "pwd->pw_uid: " << pwd->pw_uid;
511 #ifdef __LP64__
512 EXPECT_TRUE(nullptr == pwd->pw_gecos) << "pwd->pw_uid: " << pwd->pw_uid;
513 #endif
514 EXPECT_TRUE(nullptr != pwd->pw_shell);
515 if (pwd->pw_uid < AID_APP_START || pwd->pw_uid == AID_OVERFLOWUID) {
516 EXPECT_STREQ("/", pwd->pw_dir) << "pwd->pw_uid: " << pwd->pw_uid;
517 } else {
518 EXPECT_STREQ("/data", pwd->pw_dir) << "pwd->pw_uid: " << pwd->pw_uid;
519 }
520
521 EXPECT_EQ(0U, uids.count(pwd->pw_uid)) << "pwd->pw_uid: " << pwd->pw_uid;
522 uids.emplace(pwd->pw_uid);
523 }
524 endpwent();
525
526 expect_ids(uids, false);
527 #else
528 GTEST_SKIP() << "bionic-only test";
529 #endif
530 }
531
check_group(const group * grp,const char * group_name,gid_t gid,bool check_groupname=true)532 static void check_group(const group* grp, const char* group_name, gid_t gid,
533 bool check_groupname = true) {
534 ASSERT_TRUE(grp != nullptr);
535 if (check_groupname) {
536 EXPECT_STREQ(group_name, grp->gr_name);
537 }
538 EXPECT_EQ(gid, grp->gr_gid);
539 ASSERT_TRUE(grp->gr_mem != nullptr);
540 if (check_groupname) {
541 EXPECT_STREQ(group_name, grp->gr_mem[0]);
542 }
543 EXPECT_TRUE(grp->gr_mem[1] == nullptr);
544 }
545
546 #if defined(__BIONIC__)
547
check_getgrgid(const char * group_name,gid_t gid,bool check_groupname)548 static void check_getgrgid(const char* group_name, gid_t gid, bool check_groupname) {
549 errno = 0;
550 group* grp = getgrgid(gid);
551 ASSERT_ERRNO(0);
552 SCOPED_TRACE("getgrgid");
553 check_group(grp, group_name, gid, check_groupname);
554 }
555
check_getgrnam(const char * group_name,gid_t gid,bool check_groupname)556 static void check_getgrnam(const char* group_name, gid_t gid, bool check_groupname) {
557 errno = 0;
558 group* grp = getgrnam(group_name);
559 ASSERT_ERRNO(0);
560 SCOPED_TRACE("getgrnam");
561 check_group(grp, group_name, gid, check_groupname);
562 }
563
check_getgrgid_r(const char * group_name,gid_t gid,bool check_groupname)564 static void check_getgrgid_r(const char* group_name, gid_t gid, bool check_groupname) {
565 group grp_storage;
566 char buf[512];
567 group* grp;
568
569 errno = 0;
570 int result = getgrgid_r(gid, &grp_storage, buf, sizeof(buf), &grp);
571 ASSERT_EQ(0, result);
572 ASSERT_ERRNO(0);
573 SCOPED_TRACE("getgrgid_r");
574 check_group(grp, group_name, gid, check_groupname);
575 }
576
check_getgrnam_r(const char * group_name,gid_t gid,bool check_groupname)577 static void check_getgrnam_r(const char* group_name, gid_t gid, bool check_groupname) {
578 group grp_storage;
579 char buf[512];
580 group* grp;
581
582 errno = 0;
583 int result = getgrnam_r(group_name, &grp_storage, buf, sizeof(buf), &grp);
584 ASSERT_EQ(0, result);
585 ASSERT_ERRNO(0);
586 SCOPED_TRACE("getgrnam_r");
587 check_group(grp, group_name, gid, check_groupname);
588 }
589
check_get_group(const char * group_name,gid_t gid,bool check_groupname=true)590 static void check_get_group(const char* group_name, gid_t gid, bool check_groupname = true) {
591 SCOPED_TRACE("groupname '"s + group_name + "'");
592 check_getgrgid(group_name, gid, check_groupname);
593 check_getgrnam(group_name, gid, check_groupname);
594 check_getgrgid_r(group_name, gid, check_groupname);
595 check_getgrnam_r(group_name, gid, check_groupname);
596 }
597
expect_no_group_id(gid_t gid)598 static void expect_no_group_id(gid_t gid) {
599 SCOPED_TRACE("gid '" + std::to_string(gid) + "'");
600 errno = 0;
601 group* group = nullptr;
602 group = getgrgid(gid);
603 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
604 EXPECT_ERRNO(ENOENT);
605
606 struct group group_storage;
607 char buf[512];
608 EXPECT_EQ(ENOENT, getgrgid_r(gid, &group_storage, buf, sizeof(buf), &group));
609 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
610 }
611
expect_no_group_name(const char * groupname)612 static void expect_no_group_name(const char* groupname) {
613 SCOPED_TRACE("groupname '"s + groupname + "'");
614 errno = 0;
615 group* group = nullptr;
616 group = getgrnam(groupname);
617 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
618 EXPECT_ERRNO(ENOENT);
619
620 struct group group_storage;
621 char buf[512];
622 EXPECT_EQ(ENOENT, getgrnam_r(groupname, &group_storage, buf, sizeof(buf), &group));
623 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
624 }
625
626 #else // !defined(__BIONIC__)
627
check_get_group(const char *,gid_t,bool)628 static void check_get_group(const char*, gid_t, bool) {
629 GTEST_SKIP() << "bionic-only test";
630 }
631
check_get_group(const char *,gid_t)632 static void check_get_group(const char*, gid_t) {
633 GTEST_SKIP() << "bionic-only test";
634 }
635
expect_no_group_id(gid_t)636 static void expect_no_group_id(gid_t /* gid */) {
637 GTEST_SKIP() << "bionic-only test";
638 }
639
expect_no_group_name(const char *)640 static void expect_no_group_name(const char* /* groupname */) {
641 GTEST_SKIP() << "bionic-only test";
642 }
643
644 #endif
645
TEST(grp,getgrnam_platform_ids)646 TEST(grp, getgrnam_platform_ids) {
647 check_get_group("root", 0);
648 check_get_group("daemon", 1);
649 check_get_group("bin", 2);
650
651 check_get_group("system", 1000);
652 check_get_group("radio", 1001);
653
654 check_get_group("shell", 2000);
655
656 check_get_group("nobody", 9999);
657 }
658
TEST(grp,getgrnam_oem_ids)659 TEST(grp, getgrnam_oem_ids) {
660 check_get_group("oem_2900", 2900, false);
661 check_get_group("oem_2945", 2945, false);
662 check_get_group("oem_2999", 2999, false);
663 check_get_group("oem_5000", 5000, false);
664 check_get_group("oem_5454", 5454, false);
665 check_get_group("oem_5999", 5999, false);
666 }
667
TEST(grp,getgrnam_non_exist)668 TEST(grp, getgrnam_non_exist) {
669 expect_no_passwd_id(999); // End of the system reserved range, unallocated.
670 expect_no_passwd_id(1999); // End of the system reserved range, unallocated.
671 expect_no_passwd_id(2899); // End of the system reserved range, unallocated.
672 }
673
TEST(grp,getgrnam_u0_app_ids)674 TEST(grp, getgrnam_u0_app_ids) {
675 check_get_group("u0_a0", 10000);
676 check_get_group("u0_a1234", 11234);
677 check_get_group("u0_a9999", 19999);
678
679 check_get_group("u0_a0_cache", 20000);
680 check_get_group("u0_a1234_cache", 21234);
681 check_get_group("u0_a9999_cache", 29999);
682
683 check_get_group("u0_a0_ext", 30000);
684 check_get_group("u0_a4545_ext", 34545);
685 check_get_group("u0_a9999_ext", 39999);
686
687 check_get_group("u0_a0_ext_cache", 40000);
688 check_get_group("u0_a4545_ext_cache", 44545);
689 check_get_group("u0_a9999_ext_cache", 49999);
690
691 check_get_group("all_a0", 50000);
692 check_get_group("all_a4545", 54545);
693 check_get_group("all_a9999", 59999);
694
695 check_get_group("u0_i1", 90001);
696 }
697
TEST(grp,getgrnam_u1_app_ids)698 TEST(grp, getgrnam_u1_app_ids) {
699 check_get_group("u1_system", 101000);
700 check_get_group("u1_radio", 101001);
701
702 check_get_group("u1_a0", 110000);
703 check_get_group("u1_a1234", 111234);
704 check_get_group("u1_a9999", 119999);
705
706 check_get_group("u1_a0_cache", 120000);
707 check_get_group("u1_a1234_cache", 121234);
708 check_get_group("u1_a9999_cache", 129999);
709
710 check_get_group("u1_a0_ext", 130000);
711 check_get_group("u1_a4545_ext", 134545);
712 check_get_group("u1_a9999_ext", 139999);
713
714 check_get_group("u1_a0_ext_cache", 140000);
715 check_get_group("u1_a4545_ext_cache", 144545);
716 check_get_group("u1_a9999_ext_cache", 149999);
717
718 check_get_group("u1_i1", 190001);
719 }
720
TEST(grp,getgrnam_u31_app_ids)721 TEST(grp, getgrnam_u31_app_ids) {
722 check_get_group("u31_system", 3101000);
723 check_get_group("u31_radio", 3101001);
724
725 check_get_group("u31_a0", 3110000);
726 check_get_group("u31_a1234", 3111234);
727 check_get_group("u31_a9999", 3119999);
728
729 check_get_group("u31_a0_cache", 3120000);
730 check_get_group("u31_a1234_cache", 3121234);
731 check_get_group("u31_a9999_cache", 3129999);
732
733 check_get_group("u31_a0_cache", 3120000);
734 check_get_group("u31_a1234_cache", 3121234);
735 check_get_group("u31_a9999_cache", 3129999);
736
737 check_get_group("u31_a0_ext", 3130000);
738 check_get_group("u31_a4545_ext", 3134545);
739 check_get_group("u31_a9999_ext", 3139999);
740
741 check_get_group("u31_a0_ext_cache", 3140000);
742 check_get_group("u31_a4545_ext_cache", 3144545);
743 check_get_group("u31_a9999_ext_cache", 3149999);
744
745 check_get_group("u31_i1", 3190001);
746 }
747
TEST(grp,getpgram_app_id_not_allowed_platform)748 TEST(grp, getpgram_app_id_not_allowed_platform) {
749 expect_no_group_name("u1_root");
750 expect_no_group_name("u1_debuggerd");
751
752 expect_no_group_name("u31_root");
753 expect_no_group_name("u31_debuggerd");
754 }
755
TEST(grp,getgrgid_app_id_u1_non_exist)756 TEST(grp, getgrgid_app_id_u1_non_exist) {
757 expect_no_group_id(100000); // There is no 'root' for secondary users.
758 expect_no_group_id(101999); // End of the system reserved range, unallocated.
759 expect_no_group_id(102900); // The OEM ranges were never allocated to secondary users.
760 expect_no_group_id(105000); // The OEM ranges were never allocated to secondary users.
761
762 // The shared range is shared among users, and therefore doesn't exist for secondary users.
763 expect_no_group_id(150000);
764 }
765
TEST(grp,getgrgid_app_id_u31_non_exist)766 TEST(grp, getgrgid_app_id_u31_non_exist) {
767 expect_no_group_id(3100000); // There is no 'root' for secondary users.
768 expect_no_group_id(3101999); // End of the system reserved range, unallocated.
769 expect_no_group_id(3102900); // The OEM ranges were never allocated to secondary users.
770 expect_no_group_id(3105000); // The OEM ranges were never allocated to secondary users.
771
772 // The shared range is shared among users, and therefore doesn't exist for secondary users.
773 expect_no_group_id(3150000);
774 }
775
TEST(grp,getgrnam_r_alignment)776 TEST(grp, getgrnam_r_alignment) {
777 #if defined(__BIONIC__)
778 group grp_storage;
779 alignas(16) char buf[512];
780 group* grp;
781 int result = getgrnam_r("root", &grp_storage, buf + 1, sizeof(buf) - 1, &grp);
782 ASSERT_EQ(0, result);
783 check_group(grp, "root", 0);
784 #else
785 GTEST_SKIP() << "bionic-only test";
786 #endif
787 }
788
TEST(grp,getgrgid_r_alignment)789 TEST(grp, getgrgid_r_alignment) {
790 #if defined(__BIONIC__)
791 group grp_storage;
792 alignas(16) char buf[512];
793 group* grp;
794 int result = getgrgid_r(0, &grp_storage, buf + 1, sizeof(buf) - 1, &grp);
795 ASSERT_EQ(0, result);
796 check_group(grp, "root", 0);
797 #else
798 GTEST_SKIP() << "bionic-only test";
799 #endif
800 }
801
TEST(grp,getgrnam_r_reentrancy)802 TEST(grp, getgrnam_r_reentrancy) {
803 #if defined(__BIONIC__)
804 group grp_storage[2];
805 char buf[2][512];
806 group* grp[3];
807 int result = getgrnam_r("root", &grp_storage[0], buf[0], sizeof(buf[0]), &grp[0]);
808 ASSERT_EQ(0, result);
809 check_group(grp[0], "root", 0);
810 grp[1] = getgrnam("system");
811 check_group(grp[1], "system", 1000);
812 result = getgrnam_r("radio", &grp_storage[1], buf[1], sizeof(buf[1]), &grp[2]);
813 ASSERT_EQ(0, result);
814 check_group(grp[2], "radio", 1001);
815 check_group(grp[0], "root", 0);
816 check_group(grp[1], "system", 1000);
817 #else
818 GTEST_SKIP() << "bionic-only test";
819 #endif
820 }
821
TEST(grp,getgrgid_r_reentrancy)822 TEST(grp, getgrgid_r_reentrancy) {
823 #if defined(__BIONIC__)
824 group grp_storage[2];
825 char buf[2][512];
826 group* grp[3];
827 int result = getgrgid_r(0, &grp_storage[0], buf[0], sizeof(buf[0]), &grp[0]);
828 ASSERT_EQ(0, result);
829 check_group(grp[0], "root", 0);
830 grp[1] = getgrgid(1000);
831 check_group(grp[1], "system", 1000);
832 result = getgrgid_r(1001, &grp_storage[1], buf[1], sizeof(buf[1]), &grp[2]);
833 ASSERT_EQ(0, result);
834 check_group(grp[2], "radio", 1001);
835 check_group(grp[0], "root", 0);
836 check_group(grp[1], "system", 1000);
837 #else
838 GTEST_SKIP() << "bionic-only test";
839 #endif
840 }
841
TEST(grp,getgrnam_r_large_enough_suggested_buffer_size)842 TEST(grp, getgrnam_r_large_enough_suggested_buffer_size) {
843 long size = sysconf(_SC_GETGR_R_SIZE_MAX);
844 ASSERT_GT(size, 0);
845 char buf[size];
846 group grp_storage;
847 group* grp;
848 ASSERT_EQ(0, getgrnam_r("root", &grp_storage, buf, size, &grp));
849 check_group(grp, "root", 0);
850 }
851
TEST(grp,getgrent_iterate)852 TEST(grp, getgrent_iterate) {
853 #if defined(__BIONIC__)
854 group* grp;
855 std::set<gid_t> gids;
856
857 setgrent();
858 while ((grp = getgrent()) != nullptr) {
859 ASSERT_TRUE(grp->gr_name != nullptr) << "grp->gr_gid: " << grp->gr_gid;
860 ASSERT_TRUE(grp->gr_mem != nullptr) << "grp->gr_gid: " << grp->gr_gid;
861 EXPECT_STREQ(grp->gr_name, grp->gr_mem[0]) << "grp->gr_gid: " << grp->gr_gid;
862 EXPECT_TRUE(grp->gr_mem[1] == nullptr) << "grp->gr_gid: " << grp->gr_gid;
863
864 EXPECT_EQ(0U, gids.count(grp->gr_gid)) << "grp->gr_gid: " << grp->gr_gid;
865 gids.emplace(grp->gr_gid);
866 }
867 endgrent();
868
869 expect_ids(gids, true);
870 #else
871 GTEST_SKIP() << "bionic-only test";
872 #endif
873 }
874
TEST(grp,getgrouplist)875 TEST(grp, getgrouplist) {
876 #if defined(__BIONIC__)
877 // Query the number of groups.
878 int ngroups = 0;
879 ASSERT_EQ(-1, getgrouplist("root", 123, nullptr, &ngroups));
880 ASSERT_EQ(1, ngroups);
881
882 // Query the specific groups (just the one you pass in on Android).
883 ngroups = 8;
884 gid_t groups[ngroups];
885 ASSERT_EQ(1, getgrouplist("root", 123, groups, &ngroups));
886 ASSERT_EQ(1, ngroups);
887 ASSERT_EQ(123u, groups[0]);
888 #else
889 GTEST_SKIP() << "bionic-only test (groups too unpredictable)";
890 #endif
891 }
892
TEST(grp,initgroups)893 TEST(grp, initgroups) {
894 if (getuid() != 0) GTEST_SKIP() << "test requires root";
895 ASSERT_EQ(0, initgroups("root", 0));
896 }
897
898 #if defined(__BIONIC__)
TestAidNamePrefix(const std::string & file_path)899 static void TestAidNamePrefix(const std::string& file_path) {
900 std::string file_contents;
901 if (!ReadFileToString(file_path, &file_contents)) {
902 // If we cannot read this file, then there are no vendor defind AID names, in which case this
903 // test passes by default.
904 return;
905 }
906 auto lines = Split(file_contents, "\n");
907 for (const auto& line : lines) {
908 if (line.empty()) continue;
909 auto name = Split(line, ":")[0];
910 EXPECT_TRUE(StartsWith(name, "vendor_"));
911 }
912 }
913 #endif
914
TEST(pwd,vendor_prefix_users)915 TEST(pwd, vendor_prefix_users) {
916 #if defined(__BIONIC__)
917 if (android::base::GetIntProperty("ro.product.first_api_level", 0) <= 28) {
918 return;
919 }
920
921 TestAidNamePrefix("/vendor/etc/passwd");
922 #else
923 GTEST_SKIP() << "bionic-only test";
924 #endif
925 }
926
TEST(pwd,vendor_prefix_groups)927 TEST(pwd, vendor_prefix_groups) {
928 #if defined(__BIONIC__)
929 if (android::base::GetIntProperty("ro.product.first_api_level", 0) <= 28) {
930 return;
931 }
932
933 TestAidNamePrefix("/vendor/etc/group");
934 #else
935 GTEST_SKIP() << "bionic-only test";
936 #endif
937 }
938