tests: Test the getattr permission in unix_socket_client

The client will now do a getsockname() on its socket in order to test
the AppArmor 'getattr' unix rule permission.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org>

tests/regression/apparmor/unix_socket_client.c

@@ -139,6 +139,21 @@ static int get_set_sock_io_timeo(int sock)
 	return 0;
 }
 
+static int test_getattr(int sock)
+{
+	struct sockaddr_un addr;
+	socklen_t addr_len = sizeof(addr);
+	int rc;
+
+	rc = getsockname(sock, (struct sockaddr *)&addr, &addr_len);
+	if (rc == -1) {
+		perror("FAIL - getsockname");
+		return 1;
+	}
+
+	return 0;
+}
+
 int main(int argc, char *argv[])
 {
 	struct sockaddr_un peer_addr, *pa;
@@ -197,6 +212,10 @@ int main(int argc, char *argv[])
 	if (rc)
 		exit(1);
 
+	rc = test_getattr(sock);
+	if (rc)
+		exit(1);
+
 	pa = &peer_addr;
 	pa_len = sun_path_len + sizeof(peer_addr.sun_family);
 

tests/regression/apparmor/unix_socket_pathname.sh

@@ -49,9 +49,10 @@ fi
 # af_unix support requires 'unix create' to call socket()
 # af_unix support requires 'unix getopt' to call getsockopt()
 # af_unix support requires 'unix setopt' to call setsockopt()
+# af_unix support requires 'unix getattr' to call getsockname()
 af_unix=
 if [ "$(have_features network/af_unix)" == "true" ] ; then
-	af_unix="unix:(create,getopt,setopt)"
+	af_unix="unix:(create,getopt,setopt,getattr)"
 fi
 
 okclient=rw