def test_100_default(self):
"""TE rule query with default type exact match."""
q = TERuleQuery(self.p, default="test100d", default_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.type_transition, "test100", "test100", "infoflow7", "test100d")
def test_101_xperm_any(self):
"""Xperm rule query match any perm set."""
q = TERuleQuery(self.p, xperms=[(0x9011, 0x9013)], xperms_equal=False)
r = sorted(q.results())
self.assertEqual(len(r), 4)
self.validate_rule(r[0],
TRT.allowxperm,
"test101a",
"test101a",
"infoflow7",
set([0x9011]),
xperm="ioctl")
self.validate_rule(r[1],
TRT.allowxperm,
"test101b",
"test101b",
"infoflow7",
set([0x9011, 0x9012]),
xperm="ioctl")
self.validate_rule(r[2],
TRT.allowxperm,
"test101c",
"test101c",
"infoflow7",
set([0x9011, 0x9012, 0x9013]),
xperm="ioctl")
self.validate_rule(r[3],
TRT.allowxperm,
"test101d",
"test101d",
"infoflow7",
set([0x9011, 0x9012, 0x9013, 0x9014]),
xperm="ioctl")
def test_007_target_direct_regex(self):
"""TE rule query with regex, direct, target match."""
q = TERuleQuery(self.p, target="test7a.*", target_indirect=False, target_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test7s", "test7aPASS", "infoflow", set(["low_r"]))
def test_100_default(self):
"""TE rule query with default type exact match."""
q = TERuleQuery(self.p, default="test100d", default_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "type_transition", "test100", "test100", "infoflow7", "test100d")
def test_002_source_indirect(self):
"""TE rule query with exact, indirect, source match."""
q = TERuleQuery(self.p, source="test2s", source_indirect=True, source_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test2a", "test2t", "infoflow", set(["hi_w"]))
def test_005_target_direct(self):
"""TE rule query with exact, direct, target match."""
q = TERuleQuery(self.p, target="test5a", target_indirect=False, target_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test5s", "test5a", "infoflow", set(["hi_w"]))
def test_003_source_direct_regex(self):
"""TE rule query with regex, direct, source match."""
q = TERuleQuery(self.p, source="test3a.*", source_indirect=False, source_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test3aS", "test3t", "infoflow", set(["low_r"]))
def test_002_source_indirect(self):
"""Xperm rule query with exact, indirect, source match."""
q = TERuleQuery(self.p, source="test2s", source_indirect=True, source_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allowxperm", "test2a", "test2t", "infoflow", set([0x5411, 0x5451]), xperm="ioctl")
def test_100_std_perm_equal(self):
"""Xperm rule query match by standard permission, equal perm set."""
q = TERuleQuery(self.p, ruletype=["neverallow", "neverallowxperm"],
perms=set(["ioctl", "hi_w"]), perms_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 0)
def test_009_class(self):
"""TE rule query with exact object class match."""
q = TERuleQuery(self.p, tclass="infoflow2", tclass_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test9", "test9", "infoflow2", set(["super_w"]))
def test_009_class(self):
"""TE rule query with exact object class match."""
q = TERuleQuery(self.p, tclass="infoflow2", tclass_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allow, "test9", "test9", "infoflow2", set(["super_w"]))
def test_004_source_indirect_regex(self):
"""TE rule query with regex, indirect, source match."""
q = TERuleQuery(self.p, source="test4(s|t)", source_indirect=True, source_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test4a1", "test4a1", "infoflow", set(["hi_w"]))
self.validate_rule(r[1], "allow", "test4a2", "test4a2", "infoflow", set(["low_r"]))
def test_011_class_regex(self):
"""Xperm rule query with object class regex match."""
q = TERuleQuery(self.p, tclass="infoflow(5|6)", tclass_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allowxperm", "test11", "test11", "infoflow5", set([0x1111]), xperm="ioctl")
self.validate_rule(r[1], "allowxperm", "test11", "test11", "infoflow6", set([0x5555]), xperm="ioctl")
def test_010_class_list(self):
"""Xperm rule query with object class list match."""
q = TERuleQuery(self.p, tclass=["infoflow3", "infoflow4"], tclass_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allowxperm", "test10", "test10", "infoflow3", set([0]), xperm="ioctl")
self.validate_rule(r[1], "allowxperm", "test10", "test10", "infoflow4", set([0x9999]), xperm="ioctl")
def test_008_target_indirect_regex(self):
"""Xperm rule query with regex, indirect, target match."""
q = TERuleQuery(self.p, target="test8(s|t)", target_indirect=True, target_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allowxperm", "test8a1", "test8a1", "infoflow", set([0x9999]), xperm="ioctl")
self.validate_rule(r[1], "allowxperm", "test8a2", "test8a2", "infoflow", set([0x1111]), xperm="ioctl")
def test_006_target_indirect(self):
"""Xperm rule query with exact, indirect, target match."""
q = TERuleQuery(self.p, target="test6t", target_indirect=True, target_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allowxperm", "test6s", "test6a", "infoflow", set([0x9999]), xperm="ioctl")
self.validate_rule(r[1], "allowxperm", "test6s", "test6t", "infoflow", set([0x1111]), xperm="ioctl")
def test_014_ruletype(self):
"""TE rule query with rule type match."""
q = TERuleQuery(self.p, ruletype=["auditallow", "dontaudit"])
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "auditallow", "test14", "test14", "infoflow7", set(["super_both"]))
self.validate_rule(r[1], "dontaudit", "test14", "test14", "infoflow7", set(["super_unmapped"]))
def test_014_ruletype(self):
"""Xperm rule query with rule type match."""
q = TERuleQuery(self.p, ruletype=["auditallowxperm", "dontauditxperm"])
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "auditallowxperm", "test14", "test14", "infoflow7", set([0x1234]), xperm="ioctl")
self.validate_rule(r[1], "dontauditxperm", "test14", "test14", "infoflow7", set([0x4321]), xperm="ioctl")
def test_201_boolean_equal(self):
"""TE rule query with equal Boolean set match."""
q = TERuleQuery(self.p, boolean=["test201a", "test201b"], boolean_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allow, "test201t1", "test201t1", "infoflow7",
set(["super_unmapped"]), cond="test201b && test201a")
def test_010_class_list(self):
"""TE rule query with object class list match."""
q = TERuleQuery(self.p, tclass=["infoflow3", "infoflow4"], tclass_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test10", "test10", "infoflow3", set(["null"]))
self.validate_rule(r[1], "allow", "test10", "test10", "infoflow4", set(["hi_w"]))
def test_003_source_direct_regex(self):
"""TE rule query with regex, direct, source match."""
q = TERuleQuery(
self.p, source="test3a.*", source_indirect=False, source_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test3aS", "test3t", "infoflow", set(["low_r"]))
def test_007_target_direct_regex(self):
"""TE rule query with regex, direct, target match."""
q = TERuleQuery(
self.p, target="test7a.*", target_indirect=False, target_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test7s", "test7aPASS", "infoflow", set(["low_r"]))
def test_002_source_indirect(self):
"""TE rule query with exact, indirect, source match."""
q = TERuleQuery(
self.p, source="test2s", source_indirect=True, source_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test2a", "test2t", "infoflow", set(["hi_w"]))
def test_101_default_regex(self):
"""TE rule query with default type regex match."""
q = TERuleQuery(self.p, default="test101.", default_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "type_transition", "test101", "test101d", "infoflow7", "test101e")
self.validate_rule(r[1], "type_transition", "test101", "test101e", "infoflow7", "test101d")
def test_012_perms_any(self):
"""TE rule query with permission set intersection."""
q = TERuleQuery(self.p, perms=["super_r"], perms_equal=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test12a", "test12a", "infoflow7", set(["super_r"]))
self.validate_rule(r[1], "allow", "test12b", "test12b", "infoflow7", set(["super_r", "super_none"]))
def test_101_xperm_equal(self):
"""Xperm rule query match equal perm set."""
q = TERuleQuery(self.p, xperms=[(0x9011, 0x9013)], xperms_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allowxperm", "test101c", "test101c", "infoflow7",
set([0x9011, 0x9012, 0x9013]), xperm="ioctl")
def test_201_boolean_equal(self):
"""TE rule query with equal Boolean set match."""
q = TERuleQuery(self.p, boolean=["test201a", "test201b"], boolean_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test201t1", "test201t1", "infoflow7",
set(["super_unmapped"]), cond="test201b && test201a")
def test_011_class_regex(self):
"""TE rule query with object class regex match."""
q = TERuleQuery(self.p, tclass="infoflow(5|6)", tclass_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], TRT.allow, "test11", "test11", "infoflow5", set(["low_w"]))
self.validate_rule(r[1], TRT.allow, "test11", "test11", "infoflow6", set(["med_r"]))
def test_005_target_direct(self):
"""TE rule query with exact, direct, target match."""
q = TERuleQuery(
self.p, target="test5a", target_indirect=False, target_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test5s", "test5a", "infoflow", set(["hi_w"]))
def test_011_class_regex(self):
"""TE rule query with object class regex match."""
q = TERuleQuery(self.p, tclass="infoflow(5|6)", tclass_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test11", "test11", "infoflow5", set(["low_w"]))
self.validate_rule(r[1], "allow", "test11", "test11", "infoflow6", set(["med_r"]))
def test_101_default_regex(self):
"""TE rule query with default type regex match."""
q = TERuleQuery(self.p, default="test101.", default_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "type_transition", "test101", "test101d", "infoflow7", "test101e")
self.validate_rule(r[1], "type_transition", "test101", "test101e", "infoflow7", "test101d")
def test_008_target_indirect_regex(self):
"""TE rule query with regex, indirect, target match."""
q = TERuleQuery(self.p, target="test8(s|t)", target_indirect=True, target_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test8a1", "test8a1", "infoflow", set(["hi_w"]))
self.validate_rule(r[1], "allow", "test8a2", "test8a2", "infoflow", set(["low_r"]))
def test_101_xperm_equal(self):
"""Xperm rule query match equal perm set."""
q = TERuleQuery(self.p, xperms=[(0x9011, 0x9013)], xperms_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test101c", "test101c", "infoflow7",
set([0x9011, 0x9012, 0x9013]), xperm="ioctl")
def test_013_perms_equal(self):
"""TE rule query with permission set equality."""
q = TERuleQuery(
self.p, perms=["super_w", "super_none", "super_both"], perms_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test13c", "test13c", "infoflow7",
set(["super_w", "super_none", "super_both"]))
def test_012_perms_any(self):
"""TE rule query with permission set intersection."""
q = TERuleQuery(self.p, perms=["super_r"], perms_equal=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test12a", "test12a", "infoflow7", set(["super_r"]))
self.validate_rule(r[1], "allow", "test12b", "test12b", "infoflow7",
set(["super_r", "super_none"]))
def test_010_class_list(self):
"""TE rule query with object class list match."""
q = TERuleQuery(
self.p, tclass=["infoflow3", "infoflow4"], tclass_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test10", "test10", "infoflow3", set(["null"]))
self.validate_rule(r[1], "allow", "test10", "test10", "infoflow4", set(["hi_w"]))
def test_005_target_direct(self):
"""Xperm rule query with exact, direct, target match."""
q = TERuleQuery(
self.p, target="test5a", target_indirect=False, target_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test5s", "test5a", "infoflow", set([0x9999]),
xperm="ioctl")
def test_003_source_direct_regex(self):
"""Xperm rule query with regex, direct, source match."""
q = TERuleQuery(
self.p, source="test3a.*", source_indirect=False, source_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test3aS", "test3t", "infoflow",
set([0x1111]), xperm="ioctl")
def test_100_std_perm_equal(self):
"""Xperm rule query match by standard permission, equal perm set."""
q = TERuleQuery(self.p, ruletype=["neverallow", "neverallowxperm"],
perms=set(["ioctl", "hi_w"]), perms_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.neverallow, "test100", "system", "infoflow2",
set(["ioctl", "hi_w"]))
def test_007_target_direct_regex(self):
"""Xperm rule query with regex, direct, target match."""
q = TERuleQuery(
self.p, target="test7a.*", target_indirect=False, target_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test7s", "test7aPASS", "infoflow", set([0x1111]),
xperm="ioctl")
def test_000_unset(self):
"""TE rule query with no criteria."""
# query with no parameters gets all TE rules.
rules = sorted(self.p.terules())
q = TERuleQuery(self.p)
q_rules = sorted(q.results())
self.assertListEqual(rules, q_rules)
def test_052_perms_subset2(self):
"""TE rule query with permission subset (equality)."""
q = TERuleQuery(self.p, perms=["super_w", "super_none", "super_both", "super_unmapped"],
perms_subset=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allow", "test13d", "test13d", "infoflow7",
set(["super_w", "super_none", "super_both", "super_unmapped"]))
def test_052_perms_subset2(self):
"""TE rule query with permission subset (equality)."""
q = TERuleQuery(self.p, perms=["super_w", "super_none", "super_both", "super_unmapped"],
perms_subset=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allow, "test13d", "test13d", "infoflow7",
set(["super_w", "super_none", "super_both", "super_unmapped"]))
def test_003_source_direct_regex(self):
"""Xperm rule query with regex, direct, source match."""
q = TERuleQuery(
self.p, source="test3a.*", source_indirect=False, source_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test3aS", "test3t", "infoflow",
set([0x1111]), xperm="ioctl")
def test_008_target_indirect_regex(self):
"""TE rule query with regex, indirect, target match."""
q = TERuleQuery(
self.p, target="test8(s|t)", target_indirect=True, target_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test8a1", "test8a1", "infoflow", set(["hi_w"]))
self.validate_rule(r[1], "allow", "test8a2", "test8a2", "infoflow", set(["low_r"]))
def test_002_source_indirect(self):
"""Xperm rule query with exact, indirect, source match."""
q = TERuleQuery(
self.p, source="test2s", source_indirect=True, source_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allowxperm", "test2a", "test2t", "infoflow",
set([0x5411, 0x5451]), xperm="ioctl")
def test_001_source_direct(self):
"""Xperm rule query with exact, direct, source match."""
q = TERuleQuery(
self.p, source="test1a", source_indirect=False, source_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test1a", "test1t", "infoflow",
set(range(0xebe0, 0xebff+1)), xperm="ioctl")
def test_001_source_direct(self):
"""Xperm rule query with exact, direct, source match."""
q = TERuleQuery(
self.p, source="test1a", source_indirect=False, source_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "allowxperm", "test1a", "test1t", "infoflow",
set(range(0xebe0, 0xebff+1)), xperm="ioctl")
def test_013_perms_equal(self):
"""TE rule query with permission set equality."""
q = TERuleQuery(
self.p, perms=["super_w", "super_none", "super_both"], perms_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allow, "test13c", "test13c", "infoflow7",
set(["super_w", "super_none", "super_both"]))
def test_006_target_indirect(self):
"""TE rule query with exact, indirect, target match."""
q = TERuleQuery(
self.p, target="test6t", target_indirect=True, target_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], TRT.allow, "test6s", "test6a", "infoflow", set(["hi_w"]))
self.validate_rule(r[1], TRT.allow, "test6s", "test6t", "infoflow", set(["low_r"]))
def test_007_target_direct_regex(self):
"""Xperm rule query with regex, direct, target match."""
q = TERuleQuery(
self.p, target="test7a.*", target_indirect=False, target_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test7s", "test7aPASS", "infoflow", set([0x1111]),
xperm="ioctl")
def test_100_std_perm_equal(self):
"""Xperm rule query match by standard permission, equal perm set."""
q = TERuleQuery(self.p, ruletype=["neverallow", "neverallowxperm"],
perms=set(["ioctl", "hi_w"]), perms_equal=True)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], "neverallow", "test100", "system", "infoflow2",
set(["ioctl", "hi_w"]))
def test_006_target_indirect(self):
"""TE rule query with exact, indirect, target match."""
q = TERuleQuery(
self.p, target="test6t", target_indirect=True, target_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], TRT.allow, "test6s", "test6a", "infoflow", set(["hi_w"]))
self.validate_rule(r[1], TRT.allow, "test6s", "test6t", "infoflow", set(["low_r"]))
def test_000_unset(self):
"""TE rule query with no criteria."""
# query with no parameters gets all TE rules.
rules = sorted(self.p.terules())
q = TERuleQuery(self.p)
q_rules = sorted(q.results())
self.assertListEqual(rules, q_rules)
def test_005_target_direct(self):
"""Xperm rule query with exact, direct, target match."""
q = TERuleQuery(
self.p, target="test5a", target_indirect=False, target_regex=False)
r = sorted(q.results())
self.assertEqual(len(r), 1)
self.validate_rule(r[0], TRT.allowxperm, "test5s", "test5a", "infoflow", set([0x9999]),
xperm="ioctl")
def test_004_source_indirect_regex(self):
"""TE rule query with regex, indirect, source match."""
q = TERuleQuery(
self.p, source="test4(s|t)", source_indirect=True, source_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test4a1", "test4a1", "infoflow", set(["hi_w"]))
self.validate_rule(r[1], "allow", "test4a2", "test4a2", "infoflow", set(["low_r"]))
def test_014_ruletype(self):
"""TE rule query with rule type match."""
q = TERuleQuery(self.p, ruletype=["auditallow", "dontaudit"])
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "auditallow", "test14", "test14", "infoflow7",
set(["super_both"]))
self.validate_rule(r[1], "dontaudit", "test14", "test14", "infoflow7",
set(["super_unmapped"]))
def test_202_boolean_regex(self):
"""TE rule query with regex Boolean match."""
q = TERuleQuery(self.p, boolean="test202(a|b)", boolean_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allow", "test202t1", "test202t1", "infoflow7",
set(["super_none"]), cond="test202a")
self.validate_rule(r[1], "allow", "test202t2", "test202t2", "infoflow7",
set(["super_unmapped"]), cond="test202b || test202c")
def test_011_class_regex(self):
"""Xperm rule query with object class regex match."""
q = TERuleQuery(self.p, tclass="infoflow(5|6)", tclass_regex=True)
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "allowxperm", "test11", "test11", "infoflow5", set([0x1111]),
xperm="ioctl")
self.validate_rule(r[1], "allowxperm", "test11", "test11", "infoflow6", set([0x5555]),
xperm="ioctl")
def test_014_ruletype(self):
"""Xperm rule query with rule type match."""
q = TERuleQuery(self.p, ruletype=["auditallowxperm", "dontauditxperm"])
r = sorted(q.results())
self.assertEqual(len(r), 2)
self.validate_rule(r[0], "auditallowxperm", "test14", "test14", "infoflow7", set([0x1234]),
xperm="ioctl")
self.validate_rule(r[1], "dontauditxperm", "test14", "test14", "infoflow7", set([0x4321]),
xperm="ioctl")
