2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
18 * @file SmackManager.cpp
19 * @brief This is the implementation file for %SmackManager class.
23 #include <unique_ptr.h>
26 #include <FIoRegistry.h>
27 #include <FSecCryptoSha1Hash.h>
28 #include <FBase_StringConverter.h>
30 #include "SmackManager.h"
31 #include "InstallerDefs.h"
32 #include "InstallerUtil.h"
34 using namespace Tizen::App;
35 using namespace Tizen::Base;
36 using namespace Tizen::Base::Collection;
37 using namespace Tizen::Base::Utility;
38 using namespace Tizen::Security::Cert;
39 using namespace Tizen::Security::Crypto;
40 using namespace Tizen::Io;
42 SmackManager::SmackManager(void)
44 ,__isSmackEnable(false)
46 if (IsSmackEnable() == true)
48 __isSmackEnable = true;
52 SmackManager::~SmackManager(void)
57 SmackManager::Construct(InstallationContext* pContext)
59 __pContext = pContext;
65 SmackManager::Install(const PackageId& packageId)
67 if (__isSmackEnable == false)
74 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
75 TryReturn(pPackageId, false, "pPackageId is null.");
77 res = Install(pPackageId.get());
83 SmackManager::Uninstall(const PackageId& packageId)
85 if (__isSmackEnable == false)
92 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
93 TryReturn(pPackageId, false, "pPackageId is null.");
95 res = Uninstall(pPackageId.get());
101 SmackManager::AddLabelDir(const String& label, const String& dirPath, bool rootDirectory)
103 if (__isSmackEnable == false)
111 std::unique_ptr<char[]> pPath(_StringConverter::CopyToCharArrayN(dirPath));
112 TryReturn(pPath, false, "pPath is null.");
114 if (InstallerUtil::IsSymlink(dirPath) == true)
116 res = AddLabelDir("_", pPath.get());
117 InstallerUtil::GetRealPath(dirPath, realPath);
124 std::unique_ptr<char[]> pRealPath(_StringConverter::CopyToCharArrayN(realPath));
125 TryReturn(pRealPath, false, "pRealPath is null");
127 if (rootDirectory == true)
129 res = AddLabelDir("_", pRealPath.get());
131 else if (dirPath.Contains(L"shared") == true)
133 res = AddLabelDir("*", pRealPath.get());
137 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(label));
138 TryReturn(pPackageId, false, "pPackageId is null");
140 res = AddLabelDir(pPackageId.get(), pRealPath.get());
147 SmackManager::AddLabelSharedDir(const PackageId& packageId, const String& dirPath)
149 if (__isSmackEnable == false)
154 TryReturn(__pContext, false, "__pContext is null");
156 if (__pContext->__isVerificationMode == false)
158 AppLog("VerificationMode is off.");
163 String label = packageId;
165 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
166 TryReturn(pPackageId, false, "pPackageId is null.");
168 std::unique_ptr<char[]> pPath(_StringConverter::CopyToCharArrayN(dirPath));
169 TryReturn(pPath, false, "pPath is null.");
171 if (dirPath.Contains(L"shared/data") == true)
174 //label.Append("_shareddata");
176 else if (dirPath.Contains(L"shared/res") == true)
179 //label.Append("_sharedres");
181 else if (dirPath.Contains(L"shared/trusted") == true)
185 result r = E_SUCCESS;
187 IListT<String *>* pAuthorCertList = __pContext->__pAuthorCertList;
188 TryReturn(pAuthorCertList, false, "pAuthorCertList is null.");
190 String *pEntity = null;
191 r = pAuthorCertList->GetAt(0, pEntity);
192 TryReturn(!IsFailed(r), false, "pAuthorCertList->GetAt() is failed.");
193 TryReturn(pEntity, false, "pEntity is null.");
195 std::unique_ptr<ByteBuffer> pEncodedData(StringUtil::DecodeBase64StringN(*pEntity));
196 TryReturn(pEncodedData, false, "pEncodedData is null.");
198 std::unique_ptr<ByteBuffer> pHashValue(hash.GetHashN(*pEncodedData.get()));
199 TryReturn(pHashValue, false, "pHashValue is null.");
201 r = StringUtil::EncodeToBase64String(*pHashValue, base64Value);
202 TryReturn(!IsFailed(r), false, "EncodeToBase64String() is failed.");
204 // in smack, '/' is not allowed for label.
205 r = base64Value.Replace(L"/", L"#");
206 TryReturn(!IsFailed(r), false, "base64Value.Replace() is failed.");
208 std::unique_ptr<char[]> pHashEncodedValue(_StringConverter::CopyToCharArrayN(base64Value));
209 TryReturn(!IsFailed(r), false, "pHashEncodedValue is null.");
211 label = pHashEncodedValue.get();
212 AppLog("pHashEncodedValue = [%s]", pHashEncodedValue.get());
216 AppLog("Invalid Directory = [%ls]", dirPath.GetPointer());
220 std::unique_ptr<char[]> pLabel(_StringConverter::CopyToCharArrayN(label));
221 TryReturn(pLabel, false, "pLabel is null.");
223 res = AddLabelSharedDir(pPackageId.get(), pLabel.get(), pPath.get());
229 SmackManager::AddSharedDirReaders(const Tizen::Base::String& label)
231 if (__isSmackEnable == false)
236 //int AddSharedDirReaders(const char* pSharedLabel, const char** ppAppList);
242 SmackManager::AddFriend(const Tizen::App::PackageId& packageId1, const Tizen::App::PackageId& packageId2)
244 if (__isSmackEnable == false)
249 //int AddFriend(const char* pPackageId1, const char* pPackageId2);
255 SmackManager::EnablePermissions(const PackageId& packageId)
257 if (__isSmackEnable == false)
262 TryReturn(__pContext, false, "__pContext is null");
266 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
267 TryReturn(pPackageId, false, "pPackageId is null.");
269 int count = __pContext->__pPrivilegeList->GetCount();
271 const char** pList = new (std::nothrow) const char*[count+1];
272 TryReturn(pList, false, "pList is null.");
274 for (int i = 0; i < count; i++)
276 String* pPrivilege = dynamic_cast < String* >(__pContext->__pPrivilegeList->GetAt(i));
279 char* pPrivilegeString = _StringConverter::CopyToCharArrayN(*pPrivilege);
280 TryReturn(pPrivilegeString, false, "pPrivilegeString is null.");
282 pList[i] = pPrivilegeString;
288 res = EnablePermissions(pPackageId.get(), 1, pList, true);
290 if ((__pContext->__isPreloaded == true) && (__pContext->__isUpdated == false))
292 String smackFile(L"/etc/smack/accesses2.d/");
293 smackFile.Append(packageId);
294 smackFile.Append(L"-temp.rule");
296 String smackContext(packageId);
297 smackContext.Append(L" all.rule include");
299 InstallerUtil::CreateInfoFile(smackFile, &smackContext);
303 String script("/usr/bin/smackload-app.sh");
304 bool exist = File::IsFileExist(script);
306 script.Append(packageId);
308 std::unique_ptr<char[]> pScript(_StringConverter::CopyToCharArrayN(script));
309 TryReturn(pScript, false, "pScript is null.");
313 res = system(pScript.get());
314 AppLog("[smack] system(%s), result = [%d]", pScript.get(), res);
318 AppLog("[%ls] not found", script.GetPointer());
322 for (int i = 0; pList[i] != null; i++)
324 AppLog("delete Privilege - [%s]", pList[i]);
334 SmackManager::AddPermissions(const PackageId& packageId)
336 if (__isSmackEnable == false)
341 TryReturn(__pContext, false, "__pContext is null");
345 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
346 TryReturn(pPackageId, false, "pPackageId is null.");
348 int count = __pContext->__pPrivilegeList->GetCount();
350 const char** pList = new (std::nothrow) const char*[count+1];
351 TryReturn(pList, false, "pList is null.");
353 for (int i = 0; i < count; i++)
355 String* pPrivilege = dynamic_cast < String* >(__pContext->__pPrivilegeList->GetAt(i));
358 char* pPrivilegeString = _StringConverter::CopyToCharArrayN(*pPrivilege);
359 TryReturn(pPrivilegeString, false, "pPrivilegeString is null.");
361 pList[i] = pPrivilegeString;
367 res = AddPermissions(pPackageId.get(), pList);
369 if (__pContext->__isPreloaded == true)
371 String smackFile(L"/etc/smack/accesses2.d/");
372 smackFile.Append(packageId);
373 smackFile.Append(L"-temp.rule");
375 String smackContext(packageId);
376 smackContext.Append(L" all.rule include");
378 InstallerUtil::CreateInfoFile(smackFile, &smackContext);
382 String script("/usr/bin/smackload-app.sh");
383 bool exist = File::IsFileExist(script);
385 script.Append(packageId);
387 std::unique_ptr<char[]> pScript(_StringConverter::CopyToCharArrayN(script));
388 TryReturn(pScript, false, "pScript is null.");
392 res = system(pScript.get());
393 AppLog("[smack] system(%s), result = [%d]", pScript.get(), res);
397 AppLog("[%ls] not found", script.GetPointer());
401 for (int i = 0; pList[i] != null; i++)
403 AppLog("delete Privilege - [%s]", pList[i]);
413 SmackManager::RevokePermissions(const PackageId& packageId)
415 if (__isSmackEnable == false)
422 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
423 TryReturn(pPackageId, false, "pPackageId is null.");
425 res = RevokePermissions(pPackageId.get());
431 SmackManager::IsSmackEnable()
435 String section(L"feature");
436 String entry(L"smack");
439 r = reg.Construct(CONFIG_PATH, "r");
440 TryReturn(!IsFailed(r), false, "CONFIG file is not found.");
442 r = reg.GetValue(section, entry, value);
443 TryReturn(!IsFailed(r), false, "GetValue is failed. entry = [%ls]", entry.GetPointer());
445 AppLog("[%ls is %ls.]", entry.GetPointer(), value.GetPointer());
456 SmackManager::Install(const char* pPackageId)
459 void* pHandle = null;
460 char* pErrorMsg = null;
461 int (*app_install)(const char*) = null;
463 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
466 AppLog("Install(): dlopen() failed. [%s]", dlerror());
470 app_install = reinterpret_cast <int (*)(const char*)>(dlsym(pHandle, "app_install"));
471 pErrorMsg = dlerror();
472 if ((pErrorMsg != null) || (app_install == null))
474 AppLog("Install(): dlsym() failed. [%s]", pErrorMsg);
479 ret = app_install(pPackageId);
480 AppLog("[smack] app_install(%s), result = [%d]", pPackageId, ret);
488 SmackManager::Uninstall(const char* pPackageId)
491 void* pHandle = null;
492 char* pErrorMsg = null;
493 int (*app_uninstall)(const char*) = null;
495 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
498 AppLog("Uninstall(): dlopen() failed. [%s]", dlerror());
502 app_uninstall = reinterpret_cast <int (*)(const char*)>(dlsym(pHandle, "app_uninstall"));
503 pErrorMsg = dlerror();
504 if ((pErrorMsg != null) || (app_uninstall == null))
506 AppLog("Uninstall(): dlsym() failed. [%s]", pErrorMsg);
511 ret = app_uninstall(pPackageId);
512 AppLog("[smack] app_uninstall(%s), result = [%d]", pPackageId, ret);
520 SmackManager::AddLabelDir(const char* pLabel, const char* pDirPath)
523 void* pHandle = null;
524 char* pErrorMsg = null;
525 int (*app_label_dir)(const char*, const char*) = null;
527 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
530 AppLog("AddLabelDir(): dlopen() failed. [%s]", dlerror());
534 app_label_dir = reinterpret_cast <int (*)(const char*, const char*)>(dlsym(pHandle, "app_label_dir"));
535 pErrorMsg = dlerror();
536 if ((pErrorMsg != null) || (app_label_dir == null))
538 AppLog("AddLabelDir(): dlsym() failed. [%s]", pErrorMsg);
543 ret = app_label_dir(pLabel, pDirPath);
544 AppLog("[smack] app_label_dir(%s, %s), result = [%d]", pLabel, pDirPath, ret);
552 SmackManager::AddLabelSharedDir(const char* pLabel, const char* pSharedLabel, const char* pDirPath)
555 void* pHandle = null;
556 char* pErrorMsg = null;
557 int (*app_label_shared_dir)(const char*, const char*, const char*) = null;
559 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
562 AppLog("AddLabelSharedDir(): dlopen() failed. [%s]", dlerror());
566 app_label_shared_dir = reinterpret_cast <int (*)(const char*, const char*, const char*)>(dlsym(pHandle, "app_label_shared_dir"));
567 pErrorMsg = dlerror();
568 if ((pErrorMsg != null) || (app_label_shared_dir == null))
570 AppLog("AddLabelSharedDir(): dlsym() failed. [%s]", pErrorMsg);
575 ret = app_label_shared_dir(pLabel, pSharedLabel, pDirPath);
576 AppLog("[smack] app_label_shared_dir(%s, %s, %s), result = [%d]", pLabel, pSharedLabel, pDirPath, ret);
584 SmackManager::AddSharedDirReaders(const char* pSharedLabel, const char** ppAppList)
587 void* pHandle = null;
588 char* pErrorMsg = null;
589 int (*add_shared_dir_readers)(const char*, const char**) = null;
591 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
594 AppLog("AddSharedDirReaders(): dlopen() failed. [%s]", dlerror());
598 add_shared_dir_readers = reinterpret_cast <int (*)(const char*, const char**)>(dlsym(pHandle, "add_shared_dir_readers"));
599 pErrorMsg = dlerror();
600 if ((pErrorMsg != null) || (add_shared_dir_readers == null))
602 AppLog("AddSharedDirReaders(): dlsym() failed. [%s]", pErrorMsg);
607 ret = add_shared_dir_readers(pSharedLabel, ppAppList);
608 AppLog("[smack] add_shared_dir_readers(%s), result = [%d]", pSharedLabel, ret);
616 SmackManager::AddFriend(const char* pPackageId1, const char* pPackageId2)
619 void* pHandle = null;
620 char* pErrorMsg = null;
621 int (*app_add_friend)(const char*, const char*) = null;
623 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
626 AppLog("AddFriend(): dlopen() failed. [%s]", dlerror());
630 app_add_friend = reinterpret_cast <int (*)(const char*, const char*)>(dlsym(pHandle, "app_add_friend"));
631 pErrorMsg = dlerror();
632 if ((pErrorMsg != null) || (app_add_friend == null))
634 AppLog("AddFriend(): dlsym() failed. [%s]", pErrorMsg);
639 ret = app_add_friend(pPackageId1, pPackageId2);
640 AppLog("[smack] app_add_friend(%s, %s), result = [%d]", pPackageId1, pPackageId2, ret);
648 SmackManager::EnablePermissions(const char* pPackageId, int appType, const char** ppPermissions, bool persistent)
651 void* pHandle = null;
652 char* pErrorMsg = null;
653 int (*app_enable_permissions)(const char*, int, const char**, bool) = null;
655 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
658 AppLog("EnablePermissions(): dlopen() failed. [%s]", dlerror());
662 app_enable_permissions = reinterpret_cast <int (*)(const char*, int, const char**, bool)>(dlsym(pHandle, "app_enable_permissions"));
663 pErrorMsg = dlerror();
664 if ((pErrorMsg != null) || (app_enable_permissions == null))
666 AppLog("EnablePermissions(): dlsym() failed. [%s]", pErrorMsg);
671 ret = app_enable_permissions(pPackageId, appType, ppPermissions, persistent);
672 AppLog("[smack] app_enable_permissions(%s, %d), result = [%d]", pPackageId, appType, ret);
680 SmackManager::RevokePermissions(const char* pPackageId)
683 void* pHandle = null;
684 char* pErrorMsg = null;
685 int (*app_revoke_permissions)(const char*) = null;
687 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
690 AppLog("RevokePermissions(): dlopen() failed. [%s][%s]", pPackageId, dlerror());
694 app_revoke_permissions = reinterpret_cast <int (*)(const char*)>(dlsym(pHandle, "app_revoke_permissions"));
695 pErrorMsg = dlerror();
696 if ((pErrorMsg != null) || (app_revoke_permissions == null))
698 AppLog("RevokePermissions(): dlsym() failed. [%s][%s]", pPackageId, pErrorMsg);
703 ret = app_revoke_permissions(pPackageId);
704 AppLog("[smack] app_revoke_permissions(%s), result = [%d]", pPackageId, ret);
713 SmackManager::AddPermissions(const char* pPackageId, const char** ppPermissions)
716 void* pHandle = null;
717 char* pErrorMsg = null;
718 int (*app_add_permissions)(const char*, const char**) = null;
720 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
723 AppLog("AddPermissions(): dlopen() failed. [%s][%s]", pPackageId, dlerror());
727 app_add_permissions = reinterpret_cast <int (*)(const char*, const char**)>(dlsym(pHandle, "app_add_permissions"));
728 pErrorMsg = dlerror();
729 if ((pErrorMsg != null) || (app_add_permissions == null))
731 AppLog("AddPermissions(): dlsym() failed. [%s][%s]", pPackageId, pErrorMsg);
736 for (int i = 0; ppPermissions[i] != null; i++)
738 AppLog("Privilege - [%s]", ppPermissions[i]);
741 ret = app_add_permissions(pPackageId, ppPermissions);
742 AppLog("[smack] app_add_permissions(%s), result = [%d]", pPackageId, ret);