metadata: get and set policies from go

This commit adds in the ability to get and set policy data from go using
the GetPolicy and SetPolicy functions. This is done via a patch of the
x/sys/unix package that exposes the filesystem encryption structures.

Note that not all the fields of the PolicyData protocol buffer are
needed to get and set policies. The wrapped_policy_keys are not used and
will be written and read by other components of fscrypt.

To run the policy tests, the environment variable BASE_TEST_DIR must be
set to a directory for testing on a filesystem that supports encryption.

Change-Id: I13b1d983356845f3ffc1945cedf53234218f32e5

1 files changed, 162 insertions, 0 deletions

diff --git a/metadata/policy_test.go b/metadata/policy_test.go
new file mode 100644
index 0000000..7f8a48b
--- /dev/null
+++ b/metadata/policy_test.go
@@ -0,0 +1,162 @@
+/*
+ * policy_test.go - Tests the getting/setting of encryption policies
+ *
+ * Copyright 2017 Google Inc.
+ * Author: Joe Richey (joerichey@google.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package metadata
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"reflect"
+	"testing"
+)
+
+const goodDescriptor = "0123456789abcdef"
+
+var goodPolicy = &PolicyData{
+	KeyDescriptor: goodDescriptor,
+	Options:       DefaultOptions,
+}
+
+// Creates a temporary directory in BASE_TEST_DIR for testing. Fails if the
+// base directory is not specified.
+func createTestDirectory() (directory string, err error) {
+	baseDirectory := os.Getenv("BASE_TEST_DIR")
+	if s, err := os.Stat(baseDirectory); err != nil || !s.IsDir() {
+		return "", fmt.Errorf("invalid directory %q. Set BASE_TEST_DIR to be a valid directory", baseDirectory)
+	}
+
+	directoryPath := filepath.Join(baseDirectory, "test")
+	return directoryPath, os.MkdirAll(directoryPath, os.ModePerm)
+}
+
+// Makes a test directory, makes a file in the directory, and fills the file
+// with data. Returns the directory name, file name, and error (if one).
+func createTestFile() (directory, file string, err error) {
+	if directory, err = createTestDirectory(); err != nil {
+		return
+	}
+	// Cleanup if the file creation fails
+	defer func() {
+		if err != nil {
+			os.RemoveAll(directory)
+		}
+	}()
+
+	filePath := filepath.Join(directory, "test.txt")
+	fileHandle, err := os.Create(filePath)
+	if err != nil {
+		return directory, filePath, err
+	}
+	defer fileHandle.Close()
+
+	_, err = fileHandle.Write([]byte("Here is some test data!\n"))
+	return directory, filePath, err
+}
+
+// Tests that we can set a policy on an empty directory
+func TestSetPolicyEmptyDirectory(t *testing.T) {
+	directory, err := createTestDirectory()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(directory)
+
+	if err = SetPolicy(directory, goodPolicy); err != nil {
+		t.Error(err)
+	}
+}
+
+// Tests that we cannot set a policy on a nonempty directory
+func TestSetPolicyNonemptyDirectory(t *testing.T) {
+	directory, _, err := createTestFile()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(directory)
+
+	if err = SetPolicy(directory, goodPolicy); err == nil {
+		t.Error("should have failed to set policy on a nonempty directory")
+	}
+}
+
+// Tests that we cannot set a policy on a file
+func TestSetPolicyFile(t *testing.T) {
+	directory, file, err := createTestFile()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(directory)
+
+	if err = SetPolicy(file, goodPolicy); err == nil {
+		t.Error("should have failed to set policy on a file")
+	}
+}
+
+// Tests that we fail when using bad policies
+func TestSetPolicyBadIDs(t *testing.T) {
+	// Policies that are too short, have invalid chars, or are too long
+	badDescriptors := []string{"123456789abcde", "xxxxxxxxxxxxxxxx", "0123456789abcdef00"}
+	for _, badDescriptor := range badDescriptors {
+		badPolicy := &PolicyData{KeyDescriptor: badDescriptor, Options: DefaultOptions}
+		directory, err := createTestDirectory()
+		if err != nil {
+			t.Fatal(err)
+		}
+
+		if err = SetPolicy(directory, badPolicy); err == nil {
+			t.Errorf("id %q should have made SetPolicy fail", badDescriptor)
+		}
+		os.RemoveAll(directory)
+	}
+}
+
+// Tests that we get back the same policy that we set on a directory
+func TestGetPolicyEmptyDirectory(t *testing.T) {
+	directory, err := createTestDirectory()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(directory)
+
+	var actualPolicy *PolicyData
+	if err = SetPolicy(directory, goodPolicy); err != nil {
+		t.Fatal(err)
+	}
+	if actualPolicy, err = GetPolicy(directory); err != nil {
+		t.Fatal(err)
+	}
+
+	if !reflect.DeepEqual(actualPolicy, goodPolicy) {
+		t.Errorf("policy %+v does not equal expected policy %+v", actualPolicy, goodPolicy)
+	}
+}
+
+// Tests that we cannot get a policy on an unencrypted directory
+func TestGetPolicyUnencrypted(t *testing.T) {
+	directory, err := createTestDirectory()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(directory)
+
+	if _, err = GetPolicy(directory); err == nil {
+		t.Error("should have failed to set policy on a file")
+	}
+}