2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
18 * @file SmackManager.cpp
19 * @brief This is the implementation file for %SmackManager class.
23 #include <unique_ptr.h>
26 #include <FIoRegistry.h>
27 #include <FSecCryptoSha1Hash.h>
28 #include <FBase_StringConverter.h>
30 #include "SmackManager.h"
31 #include "InstallerDefs.h"
32 #include "InstallerUtil.h"
34 using namespace Tizen::App;
35 using namespace Tizen::Base;
36 using namespace Tizen::Base::Collection;
37 using namespace Tizen::Base::Utility;
38 using namespace Tizen::Security::Cert;
39 using namespace Tizen::Security::Crypto;
40 using namespace Tizen::Io;
42 SmackManager::SmackManager(void)
44 ,__isSmackEnable(false)
46 if (IsSmackEnable() == true)
48 __isSmackEnable = true;
52 SmackManager::~SmackManager(void)
57 SmackManager::Construct(InstallationContext* pContext)
59 __pContext = pContext;
65 SmackManager::Install(const PackageId& packageId)
67 if (__isSmackEnable == false)
74 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
75 TryReturn(pPackageId, false, "pPackageId is null.");
77 res = Install(pPackageId.get());
83 SmackManager::Uninstall(const PackageId& packageId)
85 if (__isSmackEnable == false)
92 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
93 TryReturn(pPackageId, false, "pPackageId is null.");
95 res = Uninstall(pPackageId.get());
101 SmackManager::AddLabelDir(const String& label, const String& dirPath, bool rootDirectory)
103 if (__isSmackEnable == false)
111 std::unique_ptr<char[]> pPath(_StringConverter::CopyToCharArrayN(dirPath));
112 TryReturn(pPath, false, "pPath is null.");
114 if (InstallerUtil::IsSymlink(dirPath) == true)
116 res = AddLabelDir("_", pPath.get());
117 InstallerUtil::GetRealPath(dirPath, realPath);
124 std::unique_ptr<char[]> pRealPath(_StringConverter::CopyToCharArrayN(realPath));
125 TryReturn(pRealPath, false, "pRealPath is null");
127 if (rootDirectory == true)
129 res = AddLabelDir("_", pRealPath.get());
131 else if (dirPath.Contains(L"shared") == true)
133 res = AddLabelDir("*", pRealPath.get());
137 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(label));
138 TryReturn(pPackageId, false, "pPackageId is null");
140 res = AddLabelDir(pPackageId.get(), pRealPath.get());
147 SmackManager::AddLabelSharedDir(const PackageId& packageId, const String& dirPath)
149 if (__isSmackEnable == false)
154 TryReturn(__pContext, false, "__pContext is null");
156 if (__pContext->__isVerificationMode == false)
158 AppLog("VerificationMode is off.");
163 String label = packageId;
165 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
166 TryReturn(pPackageId, false, "pPackageId is null.");
168 std::unique_ptr<char[]> pPath(_StringConverter::CopyToCharArrayN(dirPath));
169 TryReturn(pPath, false, "pPath is null.");
171 if (dirPath.Contains(L"shared/data") == true)
174 //label.Append("_shareddata");
176 else if (dirPath.Contains(L"shared/res") == true)
179 //label.Append("_sharedres");
181 else if (dirPath.Contains(L"shared/trusted") == true)
185 result r = E_SUCCESS;
187 IListT<String *>* pAuthorCertList = __pContext->__pAuthorCertList;
188 TryReturn(pAuthorCertList, false, "pAuthorCertList is null.");
190 String *pEntity = null;
191 r = pAuthorCertList->GetAt(0, pEntity);
192 TryReturn(!IsFailed(r), false, "pAuthorCertList->GetAt() is failed.");
193 TryReturn(pEntity, false, "pEntity is null.");
195 std::unique_ptr<ByteBuffer> pEncodedData(StringUtil::DecodeBase64StringN(*pEntity));
196 TryReturn(pEncodedData, false, "pEncodedData is null.");
198 std::unique_ptr<ByteBuffer> pHashValue(hash.GetHashN(*pEncodedData.get()));
199 TryReturn(pHashValue, false, "pHashValue is null.");
201 r = StringUtil::EncodeToBase64String(*pHashValue, base64Value);
202 TryReturn(!IsFailed(r), false, "EncodeToBase64String() is failed.");
204 // in smack, '/' is not allowed for label.
205 r = base64Value.Replace(L"/", L"#");
206 TryReturn(!IsFailed(r), false, "base64Value.Replace() is failed.");
208 std::unique_ptr<char[]> pHashEncodedValue(_StringConverter::CopyToCharArrayN(base64Value));
209 TryReturn(pHashEncodedValue, false, "pHashEncodedValue is null.");
211 label = pHashEncodedValue.get();
212 AppLog("pHashEncodedValue = [%s]", pHashEncodedValue.get());
216 AppLog("Invalid Directory = [%ls]", dirPath.GetPointer());
220 std::unique_ptr<char[]> pLabel(_StringConverter::CopyToCharArrayN(label));
221 TryReturn(pLabel, false, "pLabel is null.");
223 res = AddLabelSharedDir(pPackageId.get(), pLabel.get(), pPath.get());
229 SmackManager::AddSharedDirReaders(const Tizen::Base::String& label)
231 if (__isSmackEnable == false)
236 //int AddSharedDirReaders(const char* pSharedLabel, const char** ppAppList);
242 SmackManager::AddFriend(const Tizen::App::PackageId& packageId1, const Tizen::App::PackageId& packageId2)
244 if (__isSmackEnable == false)
249 //int AddFriend(const char* pPackageId1, const char* pPackageId2);
255 SmackManager::EnablePermissions(const PackageId& packageId)
257 if (__isSmackEnable == false)
262 TryReturn(__pContext, false, "__pContext is null");
266 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
267 TryReturn(pPackageId, false, "pPackageId is null.");
269 if (__pContext->__pPrivilegeList)
271 int count = __pContext->__pPrivilegeList->GetCount();
273 const char** pList = new (std::nothrow) const char*[count+1];
274 TryReturn(pList, false, "pList is null.");
276 for (int i = 0; i < count; i++)
278 String* pPrivilege = dynamic_cast < String* >(__pContext->__pPrivilegeList->GetAt(i));
281 char* pPrivilegeString = _StringConverter::CopyToCharArrayN(*pPrivilege);
282 TryReturn(pPrivilegeString, false, "pPrivilegeString is null.");
284 pList[i] = pPrivilegeString;
290 res = EnablePermissions(pPackageId.get(), 1, pList, true);
292 for (int i = 0; pList[i] != null; i++)
294 AppLog("delete Privilege - [%s]", pList[i]);
300 if ((__pContext->__isPreloaded == true) && (__pContext->__isUpdated == false))
302 String smackFile(L"/etc/smack/accesses2.d/");
303 smackFile.Append(packageId);
304 smackFile.Append(L"-temp.rule");
306 String smackContext(packageId);
307 smackContext.Append(L" all.rule include");
309 InstallerUtil::CreateInfoFile(smackFile, &smackContext);
313 String script("/usr/bin/smackload-app.sh");
314 bool exist = File::IsFileExist(script);
316 script.Append(packageId);
318 std::unique_ptr<char[]> pScript(_StringConverter::CopyToCharArrayN(script));
319 TryReturn(pScript, false, "pScript is null.");
323 res = system(pScript.get());
324 AppLog("[smack] system(%s), result = [%d]", pScript.get(), res);
328 AppLog("[%ls] not found", script.GetPointer());
337 SmackManager::AddPermissions(const PackageId& packageId)
339 if (__isSmackEnable == false)
344 TryReturn(__pContext, false, "__pContext is null");
348 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
349 TryReturn(pPackageId, false, "pPackageId is null.");
351 int count = __pContext->__pPrivilegeList->GetCount();
353 const char** pList = new (std::nothrow) const char*[count+1];
354 TryReturn(pList, false, "pList is null.");
356 for (int i = 0; i < count; i++)
358 String* pPrivilege = dynamic_cast < String* >(__pContext->__pPrivilegeList->GetAt(i));
361 char* pPrivilegeString = _StringConverter::CopyToCharArrayN(*pPrivilege);
362 TryReturn(pPrivilegeString, false, "pPrivilegeString is null.");
364 pList[i] = pPrivilegeString;
370 res = AddPermissions(pPackageId.get(), pList);
372 if (__pContext->__isPreloaded == true)
374 String smackFile(L"/etc/smack/accesses2.d/");
375 smackFile.Append(packageId);
376 smackFile.Append(L"-temp.rule");
378 String smackContext(packageId);
379 smackContext.Append(L" all.rule include");
381 InstallerUtil::CreateInfoFile(smackFile, &smackContext);
385 String script("/usr/bin/smackload-app.sh");
386 bool exist = File::IsFileExist(script);
388 script.Append(packageId);
390 std::unique_ptr<char[]> pScript(_StringConverter::CopyToCharArrayN(script));
391 TryReturn(pScript, false, "pScript is null.");
395 res = system(pScript.get());
396 AppLog("[smack] system(%s), result = [%d]", pScript.get(), res);
400 AppLog("[%ls] not found", script.GetPointer());
404 for (int i = 0; pList[i] != null; i++)
406 AppLog("delete Privilege - [%s]", pList[i]);
416 SmackManager::RevokePermissions(const PackageId& packageId)
418 if (__isSmackEnable == false)
425 std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(packageId));
426 TryReturn(pPackageId, false, "pPackageId is null.");
428 res = RevokePermissions(pPackageId.get());
434 SmackManager::IsSmackEnable()
438 String section(L"feature");
439 String entry(L"smack");
442 r = reg.Construct(CONFIG_PATH, "r");
443 TryReturn(!IsFailed(r), false, "CONFIG file is not found.");
445 r = reg.GetValue(section, entry, value);
446 TryReturn(!IsFailed(r), false, "GetValue is failed. entry = [%ls]", entry.GetPointer());
448 AppLog("[%ls is %ls.]", entry.GetPointer(), value.GetPointer());
459 SmackManager::Install(const char* pPackageId)
462 void* pHandle = null;
463 char* pErrorMsg = null;
464 int (*app_install)(const char*) = null;
466 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
469 AppLog("Install(): dlopen() failed. [%s]", dlerror());
473 app_install = reinterpret_cast <int (*)(const char*)>(dlsym(pHandle, "app_install"));
474 pErrorMsg = dlerror();
475 if ((pErrorMsg != null) || (app_install == null))
477 AppLog("Install(): dlsym() failed. [%s]", pErrorMsg);
482 AppLog("[smack] app_install(%s)", pPackageId);
483 ret = app_install(pPackageId);
484 AppLog("[smack] app_install(%s), result = [%d]", pPackageId, ret);
492 SmackManager::Uninstall(const char* pPackageId)
495 void* pHandle = null;
496 char* pErrorMsg = null;
497 int (*app_uninstall)(const char*) = null;
499 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
502 AppLog("Uninstall(): dlopen() failed. [%s]", dlerror());
506 app_uninstall = reinterpret_cast <int (*)(const char*)>(dlsym(pHandle, "app_uninstall"));
507 pErrorMsg = dlerror();
508 if ((pErrorMsg != null) || (app_uninstall == null))
510 AppLog("Uninstall(): dlsym() failed. [%s]", pErrorMsg);
515 AppLog("[smack] app_uninstall(%s)", pPackageId);
516 ret = app_uninstall(pPackageId);
517 AppLog("[smack] app_uninstall(%s), result = [%d]", pPackageId, ret);
525 SmackManager::AddLabelDir(const char* pLabel, const char* pDirPath)
528 void* pHandle = null;
529 char* pErrorMsg = null;
530 int (*app_label_dir)(const char*, const char*) = null;
532 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
535 AppLog("AddLabelDir(): dlopen() failed. [%s]", dlerror());
539 app_label_dir = reinterpret_cast <int (*)(const char*, const char*)>(dlsym(pHandle, "app_label_dir"));
540 pErrorMsg = dlerror();
541 if ((pErrorMsg != null) || (app_label_dir == null))
543 AppLog("AddLabelDir(): dlsym() failed. [%s]", pErrorMsg);
548 AppLog("[smack] app_label_dir(%s, %s)", pLabel, pDirPath);
549 ret = app_label_dir(pLabel, pDirPath);
550 AppLog("[smack] app_label_dir(%s, %s), result = [%d]", pLabel, pDirPath, ret);
558 SmackManager::AddLabelSharedDir(const char* pLabel, const char* pSharedLabel, const char* pDirPath)
561 void* pHandle = null;
562 char* pErrorMsg = null;
563 int (*app_label_shared_dir)(const char*, const char*, const char*) = null;
565 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
568 AppLog("AddLabelSharedDir(): dlopen() failed. [%s]", dlerror());
572 app_label_shared_dir = reinterpret_cast <int (*)(const char*, const char*, const char*)>(dlsym(pHandle, "app_label_shared_dir"));
573 pErrorMsg = dlerror();
574 if ((pErrorMsg != null) || (app_label_shared_dir == null))
576 AppLog("AddLabelSharedDir(): dlsym() failed. [%s]", pErrorMsg);
581 AppLog("[smack] app_label_shared_dir(%s, %s, %s)", pLabel, pSharedLabel, pDirPath);
582 ret = app_label_shared_dir(pLabel, pSharedLabel, pDirPath);
583 AppLog("[smack] app_label_shared_dir(%s, %s, %s), result = [%d]", pLabel, pSharedLabel, pDirPath, ret);
591 SmackManager::AddSharedDirReaders(const char* pSharedLabel, const char** ppAppList)
594 void* pHandle = null;
595 char* pErrorMsg = null;
596 int (*add_shared_dir_readers)(const char*, const char**) = null;
598 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
601 AppLog("AddSharedDirReaders(): dlopen() failed. [%s]", dlerror());
605 add_shared_dir_readers = reinterpret_cast <int (*)(const char*, const char**)>(dlsym(pHandle, "add_shared_dir_readers"));
606 pErrorMsg = dlerror();
607 if ((pErrorMsg != null) || (add_shared_dir_readers == null))
609 AppLog("AddSharedDirReaders(): dlsym() failed. [%s]", pErrorMsg);
614 AppLog("[smack] add_shared_dir_readers(%s)", pSharedLabel);
615 ret = add_shared_dir_readers(pSharedLabel, ppAppList);
616 AppLog("[smack] add_shared_dir_readers(%s), result = [%d]", pSharedLabel, ret);
624 SmackManager::AddFriend(const char* pPackageId1, const char* pPackageId2)
627 void* pHandle = null;
628 char* pErrorMsg = null;
629 int (*app_add_friend)(const char*, const char*) = null;
631 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
634 AppLog("AddFriend(): dlopen() failed. [%s]", dlerror());
638 app_add_friend = reinterpret_cast <int (*)(const char*, const char*)>(dlsym(pHandle, "app_add_friend"));
639 pErrorMsg = dlerror();
640 if ((pErrorMsg != null) || (app_add_friend == null))
642 AppLog("AddFriend(): dlsym() failed. [%s]", pErrorMsg);
647 AppLog("[smack] app_add_friend(%s, %s)", pPackageId1, pPackageId2);
648 ret = app_add_friend(pPackageId1, pPackageId2);
649 AppLog("[smack] app_add_friend(%s, %s), result = [%d]", pPackageId1, pPackageId2, ret);
657 SmackManager::EnablePermissions(const char* pPackageId, int appType, const char** ppPermissions, bool persistent)
660 void* pHandle = null;
661 char* pErrorMsg = null;
662 int (*app_enable_permissions)(const char*, int, const char**, bool) = null;
664 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
667 AppLog("EnablePermissions(): dlopen() failed. [%s]", dlerror());
671 app_enable_permissions = reinterpret_cast <int (*)(const char*, int, const char**, bool)>(dlsym(pHandle, "app_enable_permissions"));
672 pErrorMsg = dlerror();
673 if ((pErrorMsg != null) || (app_enable_permissions == null))
675 AppLog("EnablePermissions(): dlsym() failed. [%s]", pErrorMsg);
680 AppLog("[smack] app_enable_permissions(%s, %d)", pPackageId, appType);
681 ret = app_enable_permissions(pPackageId, appType, ppPermissions, persistent);
682 AppLog("[smack] app_enable_permissions(%s, %d), result = [%d]", pPackageId, appType, ret);
690 SmackManager::RevokePermissions(const char* pPackageId)
693 void* pHandle = null;
694 char* pErrorMsg = null;
695 int (*app_revoke_permissions)(const char*) = null;
697 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
700 AppLog("RevokePermissions(): dlopen() failed. [%s][%s]", pPackageId, dlerror());
704 app_revoke_permissions = reinterpret_cast <int (*)(const char*)>(dlsym(pHandle, "app_revoke_permissions"));
705 pErrorMsg = dlerror();
706 if ((pErrorMsg != null) || (app_revoke_permissions == null))
708 AppLog("RevokePermissions(): dlsym() failed. [%s][%s]", pPackageId, pErrorMsg);
713 AppLog("[smack] app_revoke_permissions(%s)", pPackageId);
714 ret = app_revoke_permissions(pPackageId);
715 AppLog("[smack] app_revoke_permissions(%s), result = [%d]", pPackageId, ret);
724 SmackManager::AddPermissions(const char* pPackageId, const char** ppPermissions)
727 void* pHandle = null;
728 char* pErrorMsg = null;
729 int (*app_add_permissions)(const char*, const char**) = null;
731 pHandle = dlopen("libprivilege-control.so.0", RTLD_LAZY | RTLD_GLOBAL);
734 AppLog("AddPermissions(): dlopen() failed. [%s][%s]", pPackageId, dlerror());
738 app_add_permissions = reinterpret_cast <int (*)(const char*, const char**)>(dlsym(pHandle, "app_add_permissions"));
739 pErrorMsg = dlerror();
740 if ((pErrorMsg != null) || (app_add_permissions == null))
742 AppLog("AddPermissions(): dlsym() failed. [%s][%s]", pPackageId, pErrorMsg);
747 for (int i = 0; ppPermissions[i] != null; i++)
749 AppLog("Privilege - [%s]", ppPermissions[i]);
752 ret = app_add_permissions(pPackageId, ppPermissions);
753 AppLog("[smack] app_add_permissions(%s), result = [%d]", pPackageId, ret);