Fix coverity issue

[platform/core/security/ode.git] / server / server.cpp

/*
 *  Copyright (c) 2015 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License
 */
#include <cynara-client.h>
#include <sys/smack.h>

#include <stdexcept>
#include <chrono>
#include <cassert>
#include <thread>

#include "logger.h"
#include "file-sink.h"
#include "secure-erase.h"
#include "internal-encryption.h"
#include "external-encryption.h"
#include "luks.h"
#include "key-server.h"
#include "key-manager/key-generator.h"
#include "server.h"

using namespace std::placeholders;

audit::LogSink *SINK = nullptr;

namespace ode {

namespace {

std::unique_ptr<FileLogSink> _sink = nullptr;

void dbusBusAcquired(GDBusConnection *connection, const gchar *, gpointer user_data)
{
        DEBUG(SINK, "dbusBusAcquired");

        auto self = static_cast<ServerContext*>(user_data);
        self->dbusRegisterObjects(connection);
}

/*
 * Test:
 * dbus-send --system --dest=org.freedesktop.DBus --type=method_call --print-reply
 * /org/freedesktop/DBus org.freedesktop.DBus.ListNames
 */
void dbusNameAcquired(GDBusConnection *, const gchar *, gpointer )
{
        DEBUG(SINK, "dbusNameAcquired");
}

void dbusNameLost(GDBusConnection *, const gchar *, gpointer user_data)
{
        DEBUG(SINK, "dbusNameLost");
        static_cast<ServerContext*>(user_data)->stop();
}

} // namespace

void ServerContext::dbusRegisterObjects(GDBusConnection *connection)
{
        externalEncryption->dbusRegisterObject(connection);
}

/*
 * Timer thread fuction responsible for detecting a server inactivity period after which it will be
 * stopped.
 *
 * Assumptions & acknowledgements:
 * - Currently there are only 2 ways of stopping the oded server:
 *   - Timeout expiration implemented in the function below
 *   - Terminating with a signal (e.g. SIGTERM from systemd)
 * - There's a risk of race condition for a request that has just been received (the program is
 *   somewhere between klay's epoll_wait() and mutex lock in ServerContext::requestStarted) while
 *   the timerFunc below detects the timeout and stops the server. In such case the newly received
 *   request will not be processed and client will be disconnected. For now this risk is accepted.
 *   To reduce it, the klay's socket & thread handling would have to be modified or replaced.
 * - Request processing callbacks are currently called from one of klay's worker threads.
 * - For requests that require longer processing additional threads are spawned by the server. The
 *   server is considered active as long as the request processing thread is running.
 * - For debugging purpose, a manually started server is not considered inactive until a request
 *   arrives. In other words, the inactivity time measurement starts after a request is processed.
 * - Spurious wakeups will not occur in sleep_for().
 */
void ServerContext::timerFunc()
{
        DEBUG(SINK, "Timer thread started");
        bool requestArrived = false;
        for(;;) {
                std::this_thread::sleep_for(std::chrono::seconds(5));

                std::lock_guard<std::mutex> lock(timerMutex);
                if (!requestArrived) {
                        if (!newRequests)
                                continue;

                        requestArrived = true;
                }
                if (!newRequests && currentRequests == 0)
                        break;

                newRequests = false;
        }
        INFO(SINK, "Timeout reached. ODE server stopping.");
        stop();
}


// This method may be called from different threads
void ServerContext::requestStarted()
{
        std::lock_guard<std::mutex> lock(timerMutex);
        currentRequests++;
        newRequests = true;
        DEBUG(SINK, "New request received. Current count: " << currentRequests);
}

// This method may be called from different threads
void ServerContext::requestFinished()
{
        std::lock_guard<std::mutex> lock(timerMutex);
        assert(currentRequests > 0);
        currentRequests--;
        DEBUG(SINK, "Request processed. Current count:" << currentRequests);
}

ServerContext::ServerContext() : rmi::Service(SOCKET_PATH), currentRequests(0), newRequests(false)
{
        _sink.reset(new FileLogSink("ode.log"));
        SINK = _sink.get();

        INFO(SINK, "ODE server starting.");

        setPrivilegeChecker(std::bind(&ServerContext::checkPeerPrivilege, this, _1, _2));

        expose(this, "", (runtime::FileDescriptor)(ServerContext::registerNotificationSubscriber)(std::string));
        expose(this, "", (int)(ServerContext::unregisterNotificationSubscriber)(std::string, int));

        keys.reset(new KeyServer(*this));

        secureErase.reset(new SecureEraseServer(*this));
        internalEncryption.reset(new InternalEncryptionServer(*this, *keys));
        externalEncryption.reset(new ExternalEncryptionServer(*this, *keys));
        luks.reset(new LuksServer(*this, *keys));

        KeyGenerator::init();

        guint dbusOwnerId = g_bus_own_name(G_BUS_TYPE_SYSTEM,
                                           DBUS_NAME,
                                           G_BUS_NAME_OWNER_FLAGS_DO_NOT_QUEUE,
                                           dbusBusAcquired,
                                           dbusNameAcquired,
                                           dbusNameLost,
                                           this,
                                           NULL);

        if (dbusOwnerId == 0)
                throw runtime::Exception("Dbus failed to own name");

        std::thread timerThread(&ServerContext::timerFunc, this);
        timerThread.detach();
}

ServerContext::~ServerContext()
{
        KeyGenerator::cleanup();
}

bool ServerContext::checkPeerPrivilege(const rmi::Credentials& cred, const std::string& privilege)
{
        cynara *p_cynara;

        if (privilege.empty()) {
                return true;
        }

        if (::cynara_initialize(&p_cynara, NULL) != CYNARA_API_SUCCESS) {
                ERROR(SINK, "Failure in cynara API");
                return false;
        }

        std::string uid = std::to_string(cred.uid);
        if (::cynara_check(p_cynara, cred.security.c_str(), "",
                                           uid.c_str(),
                                           privilege.c_str()) != CYNARA_API_ACCESS_ALLOWED) {
                ::cynara_finish(p_cynara);
                ERROR(SINK, "Access denied: " + cred.security + " : " + privilege);
                return false;
        }

        ::cynara_finish(p_cynara);

        return true;
}

runtime::FileDescriptor ServerContext::registerNotificationSubscriber(const std::string& name)
{
        INFO(SINK, "registerNotificationSubscriber");
        INFO(SINK, name);

        RequestLifetime rl(*this);

        int fd = subscribeNotification(name);

        /**
         *  Set @ label so that smack_file_receive() in kernel succeeds in checking
         *  'w' access between the client and the IPOUT of the socket.
         */
        if (smack_fsetlabel(fd, "@", SMACK_LABEL_IPOUT) != 0) {
                ERROR(SINK, "Setting IPOUT label failed");
                throw runtime::Exception("Setting IPOUT label failed");
        }

        return runtime::FileDescriptor(fd, true);
}

int ServerContext::unregisterNotificationSubscriber(const std::string& name, int id)
{
        RequestLifetime rl(*this);

        return unsubscribeNotification(name, id);
}

} // namespace ode