// Copyright 2014 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "permission_broker/deny_claimed_hidraw_device_rule.h"

#include <gtest/gtest.h>
#include <libudev.h>

#include <string>

#include "permission_broker/udev_scopers.h"

namespace permission_broker {

class DenyClaimedHidrawDeviceRuleTest : public testing::Test {
 public:
  DenyClaimedHidrawDeviceRuleTest() : udev_(udev_new()) {}

  ~DenyClaimedHidrawDeviceRuleTest() override = default;

 protected:
  ScopedUdevPtr udev_;
  DenyClaimedHidrawDeviceRule rule_;

 private:
  DISALLOW_COPY_AND_ASSIGN(DenyClaimedHidrawDeviceRuleTest);
};

TEST_F(DenyClaimedHidrawDeviceRuleTest, DenyClaimedHidrawDevices) {
  // Run the rule on every available device and verify that it only ignores
  // unclaimed USB HID devices, denying the rest.
  ScopedUdevEnumeratePtr enumerate(udev_enumerate_new(udev_.get()));
  udev_enumerate_add_match_subsystem(enumerate.get(), "hidraw");
  udev_enumerate_scan_devices(enumerate.get());
  struct udev_list_entry* entry = nullptr;
  udev_list_entry_foreach(entry,
                          udev_enumerate_get_list_entry(enumerate.get())) {
    const char* syspath = udev_list_entry_get_name(entry);
    ScopedUdevDevicePtr device(
        udev_device_new_from_syspath(udev_.get(), syspath));
    Rule::Result result = rule_.ProcessHidrawDevice(device.get());

    // This device was ignored by the rule. Make sure that it's a USB device
    // and that it's USB interface is not, in fact, being used by other drivers.
    if (result == Rule::IGNORE) {
      struct udev_device* usb_interface =
          udev_device_get_parent_with_subsystem_devtype(
              device.get(), "usb", "usb_interface");
      struct udev_device* hid_parent =
          udev_device_get_parent_with_subsystem_devtype(
              device.get(), "hid", nullptr);

      ASSERT_NE(nullptr, hid_parent)
          << "We don't support hidraw devices with an HID parent.";

      std::string hid_parent_path(udev_device_get_syspath(hid_parent));
      std::string usb_interface_path;
      if (usb_interface)
        usb_interface_path.assign(udev_device_get_syspath(usb_interface));

      int hid_siblings = 0;
      // Verify that this hidraw device does not share a USB interface with any
      // other drivers' devices. This means we have to enumerate every device
      // to find any with the same ancestral usb_interface, then test for a non-
      // generic subsystem.
      ScopedUdevEnumeratePtr other_enumerate(udev_enumerate_new(udev_.get()));
      udev_enumerate_scan_devices(other_enumerate.get());
      struct udev_list_entry* other_entry = nullptr;
      udev_list_entry_foreach(
          other_entry,
          udev_enumerate_get_list_entry(other_enumerate.get())) {
        const char* other_path = udev_list_entry_get_name(other_entry);
        ScopedUdevDevicePtr other_device(
            udev_device_new_from_syspath(udev_.get(), other_path));
        struct udev_device* other_hid_parent =
            udev_device_get_parent_with_subsystem_devtype(
                other_device.get(), "hid", nullptr);
        if (other_hid_parent) {
          std::string other_hid_parent_path(
              udev_device_get_syspath(other_hid_parent));
          if (hid_parent_path == other_hid_parent_path) {
            hid_siblings++;
          }
        }
        struct udev_device* other_usb_interface =
            udev_device_get_parent_with_subsystem_devtype(
                other_device.get(), "usb", "usb_interface");
        if (!other_usb_interface) {
          continue;
        }
        std::string other_usb_interface_path(
            udev_device_get_syspath(other_usb_interface));
        if (usb_interface_path == other_usb_interface_path) {
          ASSERT_FALSE(
              DenyClaimedHidrawDeviceRule::
                  ShouldSiblingSubsystemExcludeHidAccess(other_device.get()))
              << "This rule should IGNORE claimed devices.";
        }
      }
      ASSERT_FALSE(!usb_interface && hid_siblings > 1)
          << "This rule should DENY all non-USB HID devices.";

    } else if (result != Rule::DENY) {
      FAIL() << "This rule should only either IGNORE or DENY devices.";
    }
  }
}

TEST_F(DenyClaimedHidrawDeviceRuleTest, InputCapabilityExclusions) {
  const char* kKeyboardKeys;
  const char* kMouseKeys;
  const char* kHeadsetKeys;
  const char* kBrailleKeys;

  // The size of these bitfield chunks is the width of a userspace long.
  switch (sizeof(long)) {  // NOLINT(runtime/int)
    case 4:
      kKeyboardKeys =
          "10000 00000007 ff9f207a c14057ff "
          "febeffdf ffefffff ffffffff fffffffe";
      kMouseKeys =
          "1f0000 0 0 0 0 0 0 0 0";
      kHeadsetKeys =
          "18000 178 0 8e0000 0 0 0";
      kBrailleKeys =
          "7fe0000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0";
      break;
    case 8:
      kKeyboardKeys =
          "1000000000007 ff9f207ac14057ff febeffdfffefffff fffffffffffffffe";
      kMouseKeys =
          "1f0000 0 0 0 0";
      kHeadsetKeys =
          "18000 17800000000 8e000000000000 0";
      kBrailleKeys =
          "7fe000000000000 0 0 0 0 0 0 0";
      break;
    default:
      FAIL() << "Unsupported platform long width.";
  }

  // Example capabilities from a real keyboard. Should be excluded.
  EXPECT_TRUE(
      DenyClaimedHidrawDeviceRule::ShouldInputCapabilitiesExcludeHidAccess(
          "0", "0", kKeyboardKeys));

  // Example capabilities from a real mouse. Should be excluded.
  EXPECT_TRUE(
      DenyClaimedHidrawDeviceRule::ShouldInputCapabilitiesExcludeHidAccess(
          "0", "103", kMouseKeys));

  // Example capabilities from a headset with some telephony buttons. Should not
  // be excluded.
  EXPECT_FALSE(
      DenyClaimedHidrawDeviceRule::ShouldInputCapabilitiesExcludeHidAccess(
          "0", "0", kHeadsetKeys));

  // A braille input device (made up). Should be excluded.
  EXPECT_TRUE(
      DenyClaimedHidrawDeviceRule::ShouldInputCapabilitiesExcludeHidAccess(
          "0", "0", kBrailleKeys));
}

}  // namespace permission_broker