1 /*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <gtest/gtest.h>
18
19 // Below are the header files we want to test.
20 #include <grp.h>
21 #include <pwd.h>
22
23 #include <errno.h>
24 #include <limits.h>
25 #include <sys/cdefs.h>
26 #include <sys/types.h>
27 #include <unistd.h>
28
29 #include <set>
30 #include <vector>
31
32 #include <android-base/file.h>
33 #include <android-base/strings.h>
34 #include <private/android_filesystem_config.h>
35
36 #if defined(__BIONIC__)
37 #include <android/api-level.h>
38 #include <android-base/properties.h>
39 #endif
40
41 // Generated android_ids array
42 #include "generated_android_ids.h"
43
44 #include "utils.h"
45
46 using android::base::Join;
47 using android::base::ReadFileToString;
48 using android::base::Split;
49 using android::base::StartsWith;
50
51 using namespace std::literals;
52
53 enum uid_type_t {
54 TYPE_APP,
55 TYPE_SYSTEM,
56 TYPE_VENDOR,
57 };
58
59 #if defined(__BIONIC__)
60
check_passwd(const passwd * pwd,const char * username,uid_t uid,uid_type_t uid_type,bool check_username)61 static void check_passwd(const passwd* pwd, const char* username, uid_t uid, uid_type_t uid_type,
62 bool check_username) {
63 ASSERT_TRUE(pwd != nullptr);
64 if (check_username) {
65 EXPECT_STREQ(username, pwd->pw_name);
66 }
67 EXPECT_EQ(uid, pwd->pw_uid);
68 EXPECT_EQ(uid, pwd->pw_gid);
69 EXPECT_EQ(nullptr, pwd->pw_passwd);
70 #ifdef __LP64__
71 EXPECT_EQ(nullptr, pwd->pw_gecos);
72 #endif
73
74 if (uid_type == TYPE_APP) {
75 EXPECT_STREQ("/data", pwd->pw_dir);
76 } else {
77 EXPECT_STREQ("/", pwd->pw_dir);
78 }
79
80 // This has changed over time and that causes new GSI + old vendor images testing to fail.
81 // This parameter doesn't matter on Android, so simply ignore its value for older vendor images.
82 if (android::base::GetIntProperty("ro.product.first_api_level", 0) >= 30) {
83 EXPECT_STREQ("/bin/sh", pwd->pw_shell);
84 }
85 }
86
check_getpwuid(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)87 static void check_getpwuid(const char* username, uid_t uid, uid_type_t uid_type,
88 bool check_username) {
89 errno = 0;
90 passwd* pwd = getpwuid(uid);
91 ASSERT_ERRNO(0);
92 SCOPED_TRACE("getpwuid");
93 check_passwd(pwd, username, uid, uid_type, check_username);
94 }
95
check_getpwnam(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)96 static void check_getpwnam(const char* username, uid_t uid, uid_type_t uid_type,
97 bool check_username) {
98 errno = 0;
99 passwd* pwd = getpwnam(username);
100 ASSERT_ERRNO(0);
101 SCOPED_TRACE("getpwnam");
102 check_passwd(pwd, username, uid, uid_type, check_username);
103 }
104
check_getpwuid_r(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)105 static void check_getpwuid_r(const char* username, uid_t uid, uid_type_t uid_type,
106 bool check_username) {
107 passwd pwd_storage;
108 char buf[512];
109 int result;
110
111 errno = 0;
112 passwd* pwd = nullptr;
113 result = getpwuid_r(uid, &pwd_storage, buf, sizeof(buf), &pwd);
114 ASSERT_EQ(0, result);
115 ASSERT_ERRNO(0);
116 SCOPED_TRACE("getpwuid_r");
117 check_passwd(pwd, username, uid, uid_type, check_username);
118 }
119
check_getpwnam_r(const char * username,uid_t uid,uid_type_t uid_type,bool check_username)120 static void check_getpwnam_r(const char* username, uid_t uid, uid_type_t uid_type,
121 bool check_username) {
122 passwd pwd_storage;
123 char buf[512];
124 int result;
125
126 errno = 0;
127 passwd* pwd = nullptr;
128 result = getpwnam_r(username, &pwd_storage, buf, sizeof(buf), &pwd);
129 ASSERT_EQ(0, result);
130 ASSERT_ERRNO(0);
131 SCOPED_TRACE("getpwnam_r");
132 check_passwd(pwd, username, uid, uid_type, check_username);
133 }
134
check_get_passwd(const char * username,uid_t uid,uid_type_t uid_type,bool check_username=true)135 static void check_get_passwd(const char* username, uid_t uid, uid_type_t uid_type,
136 bool check_username = true) {
137 SCOPED_TRACE("username '"s + username + "'");
138 check_getpwuid(username, uid, uid_type, check_username);
139 check_getpwnam(username, uid, uid_type, check_username);
140 check_getpwuid_r(username, uid, uid_type, check_username);
141 check_getpwnam_r(username, uid, uid_type, check_username);
142 }
143
expect_no_passwd_id(uid_t uid)144 static void expect_no_passwd_id(uid_t uid) {
145 SCOPED_TRACE("uid '" + std::to_string(uid) + "'");
146 errno = 0;
147 passwd* passwd = nullptr;
148 passwd = getpwuid(uid);
149 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
150 EXPECT_ERRNO(ENOENT);
151
152 struct passwd passwd_storage;
153 char buf[512];
154 EXPECT_EQ(ENOENT, getpwuid_r(uid, &passwd_storage, buf, sizeof(buf), &passwd));
155 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
156 }
157
expect_no_passwd_name(const char * username)158 static void expect_no_passwd_name(const char* username) {
159 SCOPED_TRACE("username '"s + username + "'");
160 errno = 0;
161 passwd* passwd = nullptr;
162 passwd = getpwnam(username);
163 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
164 EXPECT_ERRNO(ENOENT);
165
166 struct passwd passwd_storage;
167 char buf[512];
168 EXPECT_EQ(ENOENT, getpwnam_r(username, &passwd_storage, buf, sizeof(buf), &passwd));
169 EXPECT_EQ(nullptr, passwd) << "name = '" << passwd->pw_name << "'";
170 }
171
172 #else // !defined(__BIONIC__)
173
check_get_passwd(const char *,uid_t,uid_type_t,bool)174 static void check_get_passwd(const char* /* username */, uid_t /* uid */, uid_type_t /* uid_type */,
175 bool /* check_username */) {
176 GTEST_SKIP() << "bionic-only test";
177 }
178
check_get_passwd(const char *,uid_t,uid_type_t)179 static void check_get_passwd(const char* /* username */, uid_t /* uid */, uid_type_t /* uid_type */) {
180 GTEST_SKIP() << "bionic-only test";
181 }
182
expect_no_passwd_id(uid_t)183 static void expect_no_passwd_id(uid_t /* uid */) {
184 GTEST_SKIP() << "bionic-only test";
185 }
186
expect_no_passwd_name(const char *)187 static void expect_no_passwd_name(const char* /* username */) {
188 GTEST_SKIP() << "bionic-only test";
189 }
190
191 #endif
192
TEST(pwd,getpwnam_platform_ids)193 TEST(pwd, getpwnam_platform_ids) {
194 check_get_passwd("root", 0, TYPE_SYSTEM);
195 check_get_passwd("daemon", 1, TYPE_SYSTEM);
196 check_get_passwd("bin", 2, TYPE_SYSTEM);
197
198 check_get_passwd("system", 1000, TYPE_SYSTEM);
199 check_get_passwd("radio", 1001, TYPE_SYSTEM);
200
201 check_get_passwd("shell", 2000, TYPE_SYSTEM);
202
203 check_get_passwd("nobody", 9999, TYPE_SYSTEM);
204 }
205
TEST(pwd,getpwnam_oem_ids)206 TEST(pwd, getpwnam_oem_ids) {
207 check_get_passwd("oem_2900", 2900, TYPE_VENDOR, false);
208 check_get_passwd("oem_2945", 2945, TYPE_VENDOR, false);
209 check_get_passwd("oem_2999", 2999, TYPE_VENDOR, false);
210 check_get_passwd("oem_5000", 5000, TYPE_VENDOR, false);
211 check_get_passwd("oem_5454", 5454, TYPE_VENDOR, false);
212 check_get_passwd("oem_5999", 5999, TYPE_VENDOR, false);
213 }
214
TEST(pwd,getpwnam_non_exist)215 TEST(pwd, getpwnam_non_exist) {
216 expect_no_passwd_id(999); // End of the system reserved range, unallocated.
217 expect_no_passwd_id(1999); // End of the system reserved range, unallocated.
218 expect_no_passwd_id(2899); // End of the system reserved range, unallocated.
219
220 // These ranges are for GIDs only.
221 expect_no_passwd_id(20000);
222 expect_no_passwd_id(30000);
223 expect_no_passwd_id(40000);
224 expect_no_passwd_id(50000);
225
226 // These should not be parsed as users, only as groups.
227 expect_no_passwd_name("u0_a9999_cache");
228 expect_no_passwd_name("u0_a9999_ext");
229 expect_no_passwd_name("u0_a9999_ext_cache");
230 expect_no_passwd_name("all_a9999");
231 }
232
TEST(pwd,getpwnam_u0_app_ids)233 TEST(pwd, getpwnam_u0_app_ids) {
234 check_get_passwd("u0_a0", 10000, TYPE_APP);
235 check_get_passwd("u0_a1234", 11234, TYPE_APP);
236 check_get_passwd("u0_a9999", 19999, TYPE_APP);
237
238 check_get_passwd("u0_i1", 90001, TYPE_APP);
239 check_get_passwd("u0_i4545", 94545, TYPE_APP);
240 check_get_passwd("u0_i9999", 99999, TYPE_APP);
241 }
242
TEST(pwd,getpwnam_app_id_u1_ids)243 TEST(pwd, getpwnam_app_id_u1_ids) {
244 check_get_passwd("u1_system", 101000, TYPE_SYSTEM);
245 check_get_passwd("u1_radio", 101001, TYPE_SYSTEM);
246
247 check_get_passwd("u1_a0", 110000, TYPE_APP);
248 check_get_passwd("u1_a1234", 111234, TYPE_APP);
249 check_get_passwd("u1_a9999", 119999, TYPE_APP);
250
251 check_get_passwd("u1_i1", 190001, TYPE_APP);
252 check_get_passwd("u1_i4545", 194545, TYPE_APP);
253 check_get_passwd("u1_i9999", 199999, TYPE_APP);
254 }
255
TEST(pwd,getpwnam_app_id_u31_ids)256 TEST(pwd, getpwnam_app_id_u31_ids) {
257 check_get_passwd("u31_system", 3101000, TYPE_SYSTEM);
258 check_get_passwd("u31_radio", 3101001, TYPE_SYSTEM);
259
260 check_get_passwd("u31_a0", 3110000, TYPE_APP);
261 check_get_passwd("u31_a1234", 3111234, TYPE_APP);
262 check_get_passwd("u31_a9999", 3119999, TYPE_APP);
263
264 check_get_passwd("u31_i1", 3190001, TYPE_APP);
265 check_get_passwd("u31_i4545", 3194545, TYPE_APP);
266 check_get_passwd("u31_i9999", 3199999, TYPE_APP);
267 }
268
TEST(pwd,getpwnam_app_id_not_allowed_platform)269 TEST(pwd, getpwnam_app_id_not_allowed_platform) {
270 expect_no_passwd_name("u1_root");
271 expect_no_passwd_name("u1_debuggerd");
272
273 expect_no_passwd_name("u31_root");
274 expect_no_passwd_name("u31_debuggerd");
275 }
276
TEST(pwd,getpwuid_app_id_u1_non_exist)277 TEST(pwd, getpwuid_app_id_u1_non_exist) {
278 expect_no_passwd_id(100000); // There is no 'root' for secondary users.
279 expect_no_passwd_id(101999); // End of the system reserved range, unallocated.
280 expect_no_passwd_id(102900); // The OEM ranges were never allocated to secondary users.
281 expect_no_passwd_id(105000); // The OEM ranges were never allocated to secondary users.
282
283 // These ranges are for GIDs only.
284 expect_no_passwd_id(120000);
285 expect_no_passwd_id(130000);
286 expect_no_passwd_id(140000);
287 expect_no_passwd_id(150000);
288 }
289
TEST(pwd,getpwuid_app_id_u31_non_exist)290 TEST(pwd, getpwuid_app_id_u31_non_exist) {
291 expect_no_passwd_id(3100000); // There is no 'root' for secondary users.
292 expect_no_passwd_id(3101999); // End of the system reserved range, unallocated.
293 expect_no_passwd_id(3102900); // The OEM ranges were never allocated to secondary users.
294 expect_no_passwd_id(3105000); // The OEM ranges were never allocated to secondary users.
295
296 // These ranges are for GIDs only.
297 expect_no_passwd_id(3120000);
298 expect_no_passwd_id(3130000);
299 expect_no_passwd_id(3140000);
300 expect_no_passwd_id(3150000);
301 }
302
TEST(pwd,getpwnam_r_alignment)303 TEST(pwd, getpwnam_r_alignment) {
304 #if defined(__BIONIC__)
305 passwd pwd_storage;
306 alignas(16) char buf[512];
307 passwd* pwd;
308 int result = getpwnam_r("root", &pwd_storage, buf + 1, sizeof(buf) - 1, &pwd);
309 ASSERT_EQ(0, result);
310 check_passwd(pwd, "root", 0, TYPE_SYSTEM, true);
311 #else
312 GTEST_SKIP() << "bionic-only test";
313 #endif
314 }
315
TEST(pwd,getpwuid_r_alignment)316 TEST(pwd, getpwuid_r_alignment) {
317 #if defined(__BIONIC__)
318 passwd pwd_storage;
319 alignas(16) char buf[512];
320 passwd* pwd;
321 int result = getpwuid_r(0, &pwd_storage, buf + 1, sizeof(buf) - 1, &pwd);
322 ASSERT_EQ(0, result);
323 check_passwd(pwd, "root", 0, TYPE_SYSTEM, true);
324 #else
325 GTEST_SKIP() << "bionic-only test";
326 #endif
327 }
328
TEST(pwd,getpwnam_r_reentrancy)329 TEST(pwd, getpwnam_r_reentrancy) {
330 #if defined(__BIONIC__)
331 passwd pwd_storage[2];
332 char buf[2][512];
333 passwd* pwd[3];
334 int result = getpwnam_r("root", &pwd_storage[0], buf[0], sizeof(buf[0]), &pwd[0]);
335 ASSERT_EQ(0, result);
336 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
337 pwd[1] = getpwnam("system");
338 ASSERT_NE(nullptr, pwd[1]);
339 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
340 result = getpwnam_r("radio", &pwd_storage[1], buf[1], sizeof(buf[1]), &pwd[2]);
341 ASSERT_EQ(0, result);
342 check_passwd(pwd[2], "radio", 1001, TYPE_SYSTEM, true);
343 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
344 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
345 #else
346 GTEST_SKIP() << "bionic-only test";
347 #endif
348 }
349
TEST(pwd,getpwuid_r_reentrancy)350 TEST(pwd, getpwuid_r_reentrancy) {
351 #if defined(__BIONIC__)
352 passwd pwd_storage[2];
353 char buf[2][512];
354 passwd* pwd[3];
355 int result = getpwuid_r(0, &pwd_storage[0], buf[0], sizeof(buf[0]), &pwd[0]);
356 ASSERT_EQ(0, result);
357 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
358 pwd[1] = getpwuid(1000);
359 ASSERT_NE(nullptr, pwd[1]);
360 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
361 result = getpwuid_r(1001, &pwd_storage[1], buf[1], sizeof(buf[1]), &pwd[2]);
362 ASSERT_EQ(0, result);
363 check_passwd(pwd[2], "radio", 1001, TYPE_SYSTEM, true);
364 check_passwd(pwd[0], "root", 0, TYPE_SYSTEM, true);
365 check_passwd(pwd[1], "system", 1000, TYPE_SYSTEM, true);
366 #else
367 GTEST_SKIP() << "bionic-only test";
368 #endif
369 }
370
TEST(pwd,getpwnam_r_large_enough_suggested_buffer_size)371 TEST(pwd, getpwnam_r_large_enough_suggested_buffer_size) {
372 #if defined(__BIONIC__)
373 long size = sysconf(_SC_GETPW_R_SIZE_MAX);
374 ASSERT_GT(size, 0);
375 char buf[size];
376 passwd pwd_storage;
377 passwd* pwd;
378 ASSERT_EQ(0, getpwnam_r("root", &pwd_storage, buf, size, &pwd));
379 check_passwd(pwd, "root", 0, TYPE_SYSTEM, true);
380 #else
381 GTEST_SKIP() << "bionic-only test";
382 #endif
383 }
384
385 #if defined(__BIONIC__)
386 template <typename T>
expect_ids(T ids,bool is_group)387 static void expect_ids(T ids, bool is_group) {
388 std::set<typename T::key_type> expected_ids;
389 // Ensure that all android_ids are iterated through.
390 for (size_t n = 0; n < android_id_count; ++n) {
391 EXPECT_EQ(1U, ids.count(android_ids[n].aid)) << "android_ids[n].aid: " << android_ids[n].aid;
392 expected_ids.emplace(android_ids[n].aid);
393 }
394
395 auto expect_range = [&ids, &expected_ids](uid_t start, uid_t end) {
396 for (size_t n = start; n <= end; ++n) {
397 EXPECT_EQ(1U, ids.count(n)) << "n: " << n;
398 expected_ids.emplace(n);
399 }
400 };
401
402 // Ensure that all reserved ranges are iterated through.
403 expect_range(AID_OEM_RESERVED_START, AID_OEM_RESERVED_END);
404 expect_range(AID_OEM_RESERVED_2_START, AID_OEM_RESERVED_2_END);
405 expect_range(AID_APP_START, AID_APP_END);
406 if (is_group) {
407 expect_range(AID_CACHE_GID_START, AID_CACHE_GID_END);
408 expect_range(AID_EXT_GID_START, AID_EXT_GID_END);
409 expect_range(AID_EXT_CACHE_GID_START, AID_EXT_CACHE_GID_END);
410 expect_range(AID_SHARED_GID_START, AID_SHARED_GID_END);
411 }
412 expect_range(AID_ISOLATED_START, AID_ISOLATED_END);
413
414 // Prior to R, we didn't have a mechanism to create vendor AIDs in the system or other non-vendor
415 // partitions, therefore we disabled the rest of these checks for older API levels.
416 if (android::base::GetIntProperty("ro.product.first_api_level", 0) <= 29) {
417 return;
418 }
419
420 auto allow_range = [&ids](uid_t start, uid_t end) {
421 for (size_t n = start; n <= end; ++n) {
422 ids.erase(n);
423 }
424 };
425
426 allow_range(AID_SYSTEM_RESERVED_START, AID_SYSTEM_EXT_RESERVED_END);
427
428 // Ensure that no other ids were returned.
429 auto return_differences = [&ids, &expected_ids] {
430 std::vector<typename T::key_type> missing_from_ids;
431 std::set_difference(expected_ids.begin(), expected_ids.end(), ids.begin(), ids.end(),
432 std::inserter(missing_from_ids, missing_from_ids.begin()));
433 std::vector<typename T::key_type> extra_in_ids;
434 std::set_difference(ids.begin(), ids.end(), expected_ids.begin(), expected_ids.end(),
435 std::inserter(extra_in_ids, extra_in_ids.begin()));
436 std::string result;
437 if (!missing_from_ids.empty()) {
438 result += "Missing ids from results: " + Join(missing_from_ids, " ");
439 }
440 if (!extra_in_ids.empty()) {
441 if (!result.empty()) result += ", ";
442 result += "Extra ids in results: " + Join(extra_in_ids, " ");
443 }
444 return result;
445 };
446
447 // AID_UPROBESTATS (1093) was added in V, but "trunk stable" means
448 // that the 2024Q builds don't have branches like the QPR builds used
449 // to, and are tested with the _previous_ release's CTS.
450 if (android::base::GetIntProperty("ro.build.version.sdk", 0) == __ANDROID_API_U__) {
451 #if !defined(AID_UPROBESTATS)
452 #define AID_UPROBESTATS 1093
453 #endif
454 ids.erase(AID_UPROBESTATS);
455 expected_ids.erase(AID_UPROBESTATS);
456 if (getpwuid(AID_UPROBESTATS)) {
457 EXPECT_STREQ(getpwuid(AID_UPROBESTATS)->pw_name, "uprobestats");
458 }
459 }
460 // AID_VIRTUALMACHINE (3013) was added in V, but "trunk stable" means
461 // that the 2024Q builds don't have branches like the QPR builds used
462 // to, and are tested with the _previous_ release's CTS.
463 if (android::base::GetIntProperty("ro.build.version.sdk", 0) == __ANDROID_API_U__) {
464 #if !defined(AID_VIRTUALMACHINE)
465 #define AID_VIRTUALMACHINE 3013
466 #endif
467 ids.erase(AID_VIRTUALMACHINE);
468 expected_ids.erase(AID_VIRTUALMACHINE);
469 if (getpwuid(AID_VIRTUALMACHINE)) {
470 EXPECT_STREQ(getpwuid(AID_VIRTUALMACHINE)->pw_name, "virtualmachine");
471 }
472 }
473
474 EXPECT_EQ(expected_ids, ids) << return_differences();
475 }
476 #endif
477
TEST(pwd,getpwent_iterate)478 TEST(pwd, getpwent_iterate) {
479 #if defined(__BIONIC__)
480 passwd* pwd;
481 std::set<uid_t> uids;
482
483 setpwent();
484 while ((pwd = getpwent()) != nullptr) {
485 ASSERT_TRUE(nullptr != pwd->pw_name);
486
487 EXPECT_EQ(pwd->pw_gid, pwd->pw_uid) << "pwd->pw_uid: " << pwd->pw_uid;
488 EXPECT_EQ(nullptr, pwd->pw_passwd) << "pwd->pw_uid: " << pwd->pw_uid;
489 #ifdef __LP64__
490 EXPECT_TRUE(nullptr == pwd->pw_gecos) << "pwd->pw_uid: " << pwd->pw_uid;
491 #endif
492 EXPECT_TRUE(nullptr != pwd->pw_shell);
493 if (pwd->pw_uid < AID_APP_START || pwd->pw_uid == AID_OVERFLOWUID) {
494 EXPECT_STREQ("/", pwd->pw_dir) << "pwd->pw_uid: " << pwd->pw_uid;
495 } else {
496 EXPECT_STREQ("/data", pwd->pw_dir) << "pwd->pw_uid: " << pwd->pw_uid;
497 }
498
499 EXPECT_EQ(0U, uids.count(pwd->pw_uid)) << "pwd->pw_uid: " << pwd->pw_uid;
500 uids.emplace(pwd->pw_uid);
501 }
502 endpwent();
503
504 expect_ids(uids, false);
505 #else
506 GTEST_SKIP() << "bionic-only test";
507 #endif
508 }
509
check_group(const group * grp,const char * group_name,gid_t gid,bool check_groupname=true)510 static void check_group(const group* grp, const char* group_name, gid_t gid,
511 bool check_groupname = true) {
512 ASSERT_TRUE(grp != nullptr);
513 if (check_groupname) {
514 EXPECT_STREQ(group_name, grp->gr_name);
515 }
516 EXPECT_EQ(gid, grp->gr_gid);
517 ASSERT_TRUE(grp->gr_mem != nullptr);
518 if (check_groupname) {
519 EXPECT_STREQ(group_name, grp->gr_mem[0]);
520 }
521 EXPECT_TRUE(grp->gr_mem[1] == nullptr);
522 }
523
524 #if defined(__BIONIC__)
525
check_getgrgid(const char * group_name,gid_t gid,bool check_groupname)526 static void check_getgrgid(const char* group_name, gid_t gid, bool check_groupname) {
527 errno = 0;
528 group* grp = getgrgid(gid);
529 ASSERT_ERRNO(0);
530 SCOPED_TRACE("getgrgid");
531 check_group(grp, group_name, gid, check_groupname);
532 }
533
check_getgrnam(const char * group_name,gid_t gid,bool check_groupname)534 static void check_getgrnam(const char* group_name, gid_t gid, bool check_groupname) {
535 errno = 0;
536 group* grp = getgrnam(group_name);
537 ASSERT_ERRNO(0);
538 SCOPED_TRACE("getgrnam");
539 check_group(grp, group_name, gid, check_groupname);
540 }
541
check_getgrgid_r(const char * group_name,gid_t gid,bool check_groupname)542 static void check_getgrgid_r(const char* group_name, gid_t gid, bool check_groupname) {
543 group grp_storage;
544 char buf[512];
545 group* grp;
546
547 errno = 0;
548 int result = getgrgid_r(gid, &grp_storage, buf, sizeof(buf), &grp);
549 ASSERT_EQ(0, result);
550 ASSERT_ERRNO(0);
551 SCOPED_TRACE("getgrgid_r");
552 check_group(grp, group_name, gid, check_groupname);
553 }
554
check_getgrnam_r(const char * group_name,gid_t gid,bool check_groupname)555 static void check_getgrnam_r(const char* group_name, gid_t gid, bool check_groupname) {
556 group grp_storage;
557 char buf[512];
558 group* grp;
559
560 errno = 0;
561 int result = getgrnam_r(group_name, &grp_storage, buf, sizeof(buf), &grp);
562 ASSERT_EQ(0, result);
563 ASSERT_ERRNO(0);
564 SCOPED_TRACE("getgrnam_r");
565 check_group(grp, group_name, gid, check_groupname);
566 }
567
check_get_group(const char * group_name,gid_t gid,bool check_groupname=true)568 static void check_get_group(const char* group_name, gid_t gid, bool check_groupname = true) {
569 SCOPED_TRACE("groupname '"s + group_name + "'");
570 check_getgrgid(group_name, gid, check_groupname);
571 check_getgrnam(group_name, gid, check_groupname);
572 check_getgrgid_r(group_name, gid, check_groupname);
573 check_getgrnam_r(group_name, gid, check_groupname);
574 }
575
expect_no_group_id(gid_t gid)576 static void expect_no_group_id(gid_t gid) {
577 SCOPED_TRACE("gid '" + std::to_string(gid) + "'");
578 errno = 0;
579 group* group = nullptr;
580 group = getgrgid(gid);
581 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
582 EXPECT_ERRNO(ENOENT);
583
584 struct group group_storage;
585 char buf[512];
586 EXPECT_EQ(ENOENT, getgrgid_r(gid, &group_storage, buf, sizeof(buf), &group));
587 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
588 }
589
expect_no_group_name(const char * groupname)590 static void expect_no_group_name(const char* groupname) {
591 SCOPED_TRACE("groupname '"s + groupname + "'");
592 errno = 0;
593 group* group = nullptr;
594 group = getgrnam(groupname);
595 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
596 EXPECT_ERRNO(ENOENT);
597
598 struct group group_storage;
599 char buf[512];
600 EXPECT_EQ(ENOENT, getgrnam_r(groupname, &group_storage, buf, sizeof(buf), &group));
601 EXPECT_EQ(nullptr, group) << "name = '" << group->gr_name << "'";
602 }
603
604 #else // !defined(__BIONIC__)
605
check_get_group(const char *,gid_t,bool)606 static void check_get_group(const char*, gid_t, bool) {
607 GTEST_SKIP() << "bionic-only test";
608 }
609
check_get_group(const char *,gid_t)610 static void check_get_group(const char*, gid_t) {
611 GTEST_SKIP() << "bionic-only test";
612 }
613
expect_no_group_id(gid_t)614 static void expect_no_group_id(gid_t /* gid */) {
615 GTEST_SKIP() << "bionic-only test";
616 }
617
expect_no_group_name(const char *)618 static void expect_no_group_name(const char* /* groupname */) {
619 GTEST_SKIP() << "bionic-only test";
620 }
621
622 #endif
623
TEST(grp,getgrnam_platform_ids)624 TEST(grp, getgrnam_platform_ids) {
625 check_get_group("root", 0);
626 check_get_group("daemon", 1);
627 check_get_group("bin", 2);
628
629 check_get_group("system", 1000);
630 check_get_group("radio", 1001);
631
632 check_get_group("shell", 2000);
633
634 check_get_group("nobody", 9999);
635 }
636
TEST(grp,getgrnam_oem_ids)637 TEST(grp, getgrnam_oem_ids) {
638 check_get_group("oem_2900", 2900, false);
639 check_get_group("oem_2945", 2945, false);
640 check_get_group("oem_2999", 2999, false);
641 check_get_group("oem_5000", 5000, false);
642 check_get_group("oem_5454", 5454, false);
643 check_get_group("oem_5999", 5999, false);
644 }
645
TEST(grp,getgrnam_non_exist)646 TEST(grp, getgrnam_non_exist) {
647 expect_no_passwd_id(999); // End of the system reserved range, unallocated.
648 expect_no_passwd_id(1999); // End of the system reserved range, unallocated.
649 expect_no_passwd_id(2899); // End of the system reserved range, unallocated.
650 }
651
TEST(grp,getgrnam_u0_app_ids)652 TEST(grp, getgrnam_u0_app_ids) {
653 check_get_group("u0_a0", 10000);
654 check_get_group("u0_a1234", 11234);
655 check_get_group("u0_a9999", 19999);
656
657 check_get_group("u0_a0_cache", 20000);
658 check_get_group("u0_a1234_cache", 21234);
659 check_get_group("u0_a9999_cache", 29999);
660
661 check_get_group("u0_a0_ext", 30000);
662 check_get_group("u0_a4545_ext", 34545);
663 check_get_group("u0_a9999_ext", 39999);
664
665 check_get_group("u0_a0_ext_cache", 40000);
666 check_get_group("u0_a4545_ext_cache", 44545);
667 check_get_group("u0_a9999_ext_cache", 49999);
668
669 check_get_group("all_a0", 50000);
670 check_get_group("all_a4545", 54545);
671 check_get_group("all_a9999", 59999);
672
673 check_get_group("u0_i1", 90001);
674 }
675
TEST(grp,getgrnam_u1_app_ids)676 TEST(grp, getgrnam_u1_app_ids) {
677 check_get_group("u1_system", 101000);
678 check_get_group("u1_radio", 101001);
679
680 check_get_group("u1_a0", 110000);
681 check_get_group("u1_a1234", 111234);
682 check_get_group("u1_a9999", 119999);
683
684 check_get_group("u1_a0_cache", 120000);
685 check_get_group("u1_a1234_cache", 121234);
686 check_get_group("u1_a9999_cache", 129999);
687
688 check_get_group("u1_a0_ext", 130000);
689 check_get_group("u1_a4545_ext", 134545);
690 check_get_group("u1_a9999_ext", 139999);
691
692 check_get_group("u1_a0_ext_cache", 140000);
693 check_get_group("u1_a4545_ext_cache", 144545);
694 check_get_group("u1_a9999_ext_cache", 149999);
695
696 check_get_group("u1_i1", 190001);
697 }
698
TEST(grp,getgrnam_u31_app_ids)699 TEST(grp, getgrnam_u31_app_ids) {
700 check_get_group("u31_system", 3101000);
701 check_get_group("u31_radio", 3101001);
702
703 check_get_group("u31_a0", 3110000);
704 check_get_group("u31_a1234", 3111234);
705 check_get_group("u31_a9999", 3119999);
706
707 check_get_group("u31_a0_cache", 3120000);
708 check_get_group("u31_a1234_cache", 3121234);
709 check_get_group("u31_a9999_cache", 3129999);
710
711 check_get_group("u31_a0_cache", 3120000);
712 check_get_group("u31_a1234_cache", 3121234);
713 check_get_group("u31_a9999_cache", 3129999);
714
715 check_get_group("u31_a0_ext", 3130000);
716 check_get_group("u31_a4545_ext", 3134545);
717 check_get_group("u31_a9999_ext", 3139999);
718
719 check_get_group("u31_a0_ext_cache", 3140000);
720 check_get_group("u31_a4545_ext_cache", 3144545);
721 check_get_group("u31_a9999_ext_cache", 3149999);
722
723 check_get_group("u31_i1", 3190001);
724 }
725
TEST(grp,getpgram_app_id_not_allowed_platform)726 TEST(grp, getpgram_app_id_not_allowed_platform) {
727 expect_no_group_name("u1_root");
728 expect_no_group_name("u1_debuggerd");
729
730 expect_no_group_name("u31_root");
731 expect_no_group_name("u31_debuggerd");
732 }
733
TEST(grp,getgrgid_app_id_u1_non_exist)734 TEST(grp, getgrgid_app_id_u1_non_exist) {
735 expect_no_group_id(100000); // There is no 'root' for secondary users.
736 expect_no_group_id(101999); // End of the system reserved range, unallocated.
737 expect_no_group_id(102900); // The OEM ranges were never allocated to secondary users.
738 expect_no_group_id(105000); // The OEM ranges were never allocated to secondary users.
739
740 // The shared range is shared among users, and therefore doesn't exist for secondary users.
741 expect_no_group_id(150000);
742 }
743
TEST(grp,getgrgid_app_id_u31_non_exist)744 TEST(grp, getgrgid_app_id_u31_non_exist) {
745 expect_no_group_id(3100000); // There is no 'root' for secondary users.
746 expect_no_group_id(3101999); // End of the system reserved range, unallocated.
747 expect_no_group_id(3102900); // The OEM ranges were never allocated to secondary users.
748 expect_no_group_id(3105000); // The OEM ranges were never allocated to secondary users.
749
750 // The shared range is shared among users, and therefore doesn't exist for secondary users.
751 expect_no_group_id(3150000);
752 }
753
TEST(grp,getgrnam_r_alignment)754 TEST(grp, getgrnam_r_alignment) {
755 #if defined(__BIONIC__)
756 group grp_storage;
757 alignas(16) char buf[512];
758 group* grp;
759 int result = getgrnam_r("root", &grp_storage, buf + 1, sizeof(buf) - 1, &grp);
760 ASSERT_EQ(0, result);
761 check_group(grp, "root", 0);
762 #else
763 GTEST_SKIP() << "bionic-only test";
764 #endif
765 }
766
TEST(grp,getgrgid_r_alignment)767 TEST(grp, getgrgid_r_alignment) {
768 #if defined(__BIONIC__)
769 group grp_storage;
770 alignas(16) char buf[512];
771 group* grp;
772 int result = getgrgid_r(0, &grp_storage, buf + 1, sizeof(buf) - 1, &grp);
773 ASSERT_EQ(0, result);
774 check_group(grp, "root", 0);
775 #else
776 GTEST_SKIP() << "bionic-only test";
777 #endif
778 }
779
TEST(grp,getgrnam_r_reentrancy)780 TEST(grp, getgrnam_r_reentrancy) {
781 #if defined(__BIONIC__)
782 group grp_storage[2];
783 char buf[2][512];
784 group* grp[3];
785 int result = getgrnam_r("root", &grp_storage[0], buf[0], sizeof(buf[0]), &grp[0]);
786 ASSERT_EQ(0, result);
787 check_group(grp[0], "root", 0);
788 grp[1] = getgrnam("system");
789 check_group(grp[1], "system", 1000);
790 result = getgrnam_r("radio", &grp_storage[1], buf[1], sizeof(buf[1]), &grp[2]);
791 ASSERT_EQ(0, result);
792 check_group(grp[2], "radio", 1001);
793 check_group(grp[0], "root", 0);
794 check_group(grp[1], "system", 1000);
795 #else
796 GTEST_SKIP() << "bionic-only test";
797 #endif
798 }
799
TEST(grp,getgrgid_r_reentrancy)800 TEST(grp, getgrgid_r_reentrancy) {
801 #if defined(__BIONIC__)
802 group grp_storage[2];
803 char buf[2][512];
804 group* grp[3];
805 int result = getgrgid_r(0, &grp_storage[0], buf[0], sizeof(buf[0]), &grp[0]);
806 ASSERT_EQ(0, result);
807 check_group(grp[0], "root", 0);
808 grp[1] = getgrgid(1000);
809 check_group(grp[1], "system", 1000);
810 result = getgrgid_r(1001, &grp_storage[1], buf[1], sizeof(buf[1]), &grp[2]);
811 ASSERT_EQ(0, result);
812 check_group(grp[2], "radio", 1001);
813 check_group(grp[0], "root", 0);
814 check_group(grp[1], "system", 1000);
815 #else
816 GTEST_SKIP() << "bionic-only test";
817 #endif
818 }
819
TEST(grp,getgrnam_r_large_enough_suggested_buffer_size)820 TEST(grp, getgrnam_r_large_enough_suggested_buffer_size) {
821 long size = sysconf(_SC_GETGR_R_SIZE_MAX);
822 ASSERT_GT(size, 0);
823 char buf[size];
824 group grp_storage;
825 group* grp;
826 ASSERT_EQ(0, getgrnam_r("root", &grp_storage, buf, size, &grp));
827 check_group(grp, "root", 0);
828 }
829
TEST(grp,getgrent_iterate)830 TEST(grp, getgrent_iterate) {
831 #if defined(__BIONIC__)
832 group* grp;
833 std::set<gid_t> gids;
834
835 setgrent();
836 while ((grp = getgrent()) != nullptr) {
837 ASSERT_TRUE(grp->gr_name != nullptr) << "grp->gr_gid: " << grp->gr_gid;
838 ASSERT_TRUE(grp->gr_mem != nullptr) << "grp->gr_gid: " << grp->gr_gid;
839 EXPECT_STREQ(grp->gr_name, grp->gr_mem[0]) << "grp->gr_gid: " << grp->gr_gid;
840 EXPECT_TRUE(grp->gr_mem[1] == nullptr) << "grp->gr_gid: " << grp->gr_gid;
841
842 EXPECT_EQ(0U, gids.count(grp->gr_gid)) << "grp->gr_gid: " << grp->gr_gid;
843 gids.emplace(grp->gr_gid);
844 }
845 endgrent();
846
847 expect_ids(gids, true);
848 #else
849 GTEST_SKIP() << "bionic-only test";
850 #endif
851 }
852
TEST(grp,getgrouplist)853 TEST(grp, getgrouplist) {
854 #if defined(__BIONIC__)
855 // Query the number of groups.
856 int ngroups = 0;
857 ASSERT_EQ(-1, getgrouplist("root", 123, nullptr, &ngroups));
858 ASSERT_EQ(1, ngroups);
859
860 // Query the specific groups (just the one you pass in on Android).
861 ngroups = 8;
862 gid_t groups[ngroups];
863 ASSERT_EQ(1, getgrouplist("root", 123, groups, &ngroups));
864 ASSERT_EQ(1, ngroups);
865 ASSERT_EQ(123u, groups[0]);
866 #else
867 GTEST_SKIP() << "bionic-only test (groups too unpredictable)";
868 #endif
869 }
870
TEST(grp,initgroups)871 TEST(grp, initgroups) {
872 if (getuid() != 0) GTEST_SKIP() << "test requires root";
873 ASSERT_EQ(0, initgroups("root", 0));
874 }
875
876 #if defined(__BIONIC__)
TestAidNamePrefix(const std::string & file_path)877 static void TestAidNamePrefix(const std::string& file_path) {
878 std::string file_contents;
879 if (!ReadFileToString(file_path, &file_contents)) {
880 // If we cannot read this file, then there are no vendor defind AID names, in which case this
881 // test passes by default.
882 return;
883 }
884 auto lines = Split(file_contents, "\n");
885 for (const auto& line : lines) {
886 if (line.empty()) continue;
887 auto name = Split(line, ":")[0];
888 EXPECT_TRUE(StartsWith(name, "vendor_"));
889 }
890 }
891 #endif
892
TEST(pwd,vendor_prefix_users)893 TEST(pwd, vendor_prefix_users) {
894 #if defined(__BIONIC__)
895 if (android::base::GetIntProperty("ro.product.first_api_level", 0) <= 28) {
896 return;
897 }
898
899 TestAidNamePrefix("/vendor/etc/passwd");
900 #else
901 GTEST_SKIP() << "bionic-only test";
902 #endif
903 }
904
TEST(pwd,vendor_prefix_groups)905 TEST(pwd, vendor_prefix_groups) {
906 #if defined(__BIONIC__)
907 if (android::base::GetIntProperty("ro.product.first_api_level", 0) <= 28) {
908 return;
909 }
910
911 TestAidNamePrefix("/vendor/etc/group");
912 #else
913 GTEST_SKIP() << "bionic-only test";
914 #endif
915 }
916