2 * Copyright (c) 2014-2019 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
21 #include <sys/types.h>
22 #include <sys/smack.h>
26 #include <security-manager-types.h>
28 #include <dpl/test/test_runner.h>
29 #include <tzplatform.h>
30 #include <label_generator.h>
31 #include <tests_common.h>
32 #include <tzplatform.h>
34 #include "app_install_helper.h"
38 const gid_t FILE_GROUP = 100;
40 std::string genSkelPath() {
41 static std::string skelPkgDir;
42 if (!skelPkgDir.empty())
44 std::string app = TzPlatformConfig::getEnv(TZ_USER_APP);
45 std::string home = TzPlatformConfig::getEnv(TZ_USER_HOME);
46 std::string skelDir = "/etc/skel";
48 skelPkgDir.assign(app);
49 skelPkgDir.replace(0, home.length(), skelDir);
54 const AppInstallHelper::TypePathMap typeToPath = {
55 {SECURITY_MANAGER_PATH_RW, "app_rw"},
56 {SECURITY_MANAGER_PATH_RO, "app_ro"},
57 {SECURITY_MANAGER_PATH_PUBLIC_RO, "public_ro"},
58 {SECURITY_MANAGER_PATH_TRUSTED_RW, "trusted_rw"},
59 {SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, "shared_ro"}
63 AppInstallHelper::AppInstallHelper(AppInstallHelper &&other)
64 : m_appName(std::move(other.m_appName)), m_pkgName(std::move(other.m_pkgName)),
65 m_isLocal(other.m_isLocal), m_uidGid(other.m_uidGid),
66 m_version(std::move(other.m_version)), m_installType(other.m_installType),
67 m_isHybrid(other.m_isHybrid),
68 m_rootPaths(std::move(other.m_rootPaths)),
69 m_dirTypeMap(std::move(other.m_dirTypeMap)),
70 m_fileTypeMap(std::move(other.m_fileTypeMap)),
71 m_privileges(std::move(other.m_privileges)),
72 m_appDefinedPrivileges(std::move(other.m_appDefinedPrivileges)),
73 m_author(std::move(other.m_author)),
74 m_creatorPid(other.m_creatorPid)
76 other.m_creatorPid = -1;
79 void AppInstallHelper::setInstallPath(RootType type) const {
80 RootInfo &info = m_rootPaths[type];
81 if (!info.path.empty())
87 info.path = TzPlatformConfig::appDirPath(getUID()) + getPkgId();
89 info.path = TzPlatformConfig::globalAppDir() + "/" + getPkgId();
91 case RootType::EXTENDED:
93 info.path = TzPlatformConfig::extendedSdUserDir(getUID()) + "/" + getPkgId();
95 info.path = TzPlatformConfig::extendedSdDir() + "/" + getPkgId();
98 info.path = genSkelPath() + "/" + getPkgId();
100 case RootType::SHARED:
102 info.path = TzPlatformConfig::appDirPath(getUID()) + ".shared/" + getPkgId();
104 info.path = TzPlatformConfig::globalAppDir() + "/.shared/" + getPkgId();
106 case RootType::SHARED_TMP:
108 info.path = TzPlatformConfig::appDirPath(getUID()) + ".shared_tmp/" + getPkgId();
110 info.path = TzPlatformConfig::globalAppDir() + "/.shared_tmp/" + getPkgId();
115 std::string AppInstallHelper::getInstallDir(RootType type) const {
116 setInstallPath(type);
117 return m_rootPaths[type].path;
120 std::string AppInstallHelper::getPath(app_install_path_type smType, PathType pType, int i, RootType rType) const {
124 path = getInstallDir(rType) + "/" + typeToPath.at(smType) + "_dir" + std::to_string(i);
127 // put files in the directory of the same type
128 path = getPath(smType, PathType::DIR, 0, rType) + "/" + typeToPath.at(smType) + std::to_string(i);
134 std::string AppInstallHelper::getTrustedDir(int i, RootType type) const {
135 return getPath(SECURITY_MANAGER_PATH_TRUSTED_RW, PathType::DIR, i , type);
138 std::string AppInstallHelper::getPrivateDir(int i, RootType type) const {
139 return getPath(SECURITY_MANAGER_PATH_RW, PathType::DIR, i, type);
142 std::string AppInstallHelper::getPrivateRODir(int i, RootType type) const {
143 return getPath(SECURITY_MANAGER_PATH_RO, PathType::DIR, i, type);
146 std::string AppInstallHelper::getPublicDir(RootType type) const {
147 return getPath(SECURITY_MANAGER_PATH_PUBLIC_RO, PathType::DIR, 0, type);
150 std::string AppInstallHelper::getPrivatePath(int i, RootType type) const {
151 return getPath(SECURITY_MANAGER_PATH_RW, PathType::FILE, i, type);
154 std::string AppInstallHelper::getSharedRODir(int i, RootType type) const {
155 return getPath(SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, PathType::DIR, i, type);
158 std::string AppInstallHelper::getSharedROPath(int i, RootType type) const {
159 return getPath(SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, PathType::FILE, i, type);
162 std::string AppInstallHelper::getAppId() const {
163 return m_appName + "_app_id";
166 std::string AppInstallHelper::getPkgId() const {
167 return m_pkgName + "_pkg_id";
170 void AppInstallHelper::setVersion(const std::string &version) {
174 std::string AppInstallHelper::getVersion() const {
178 int AppInstallHelper::getUID() const {
182 int AppInstallHelper::getGID() const {
186 bool AppInstallHelper::createFile(app_install_path_type smType, const std::string &path) {
187 if (creat(path.c_str(), 0751) == 0) {
188 // Local paths need user change
189 m_fileTypeMap[smType].push_back(path);
190 if (!m_isLocal || chown(path.c_str(), m_uidGid, FILE_GROUP) == 0)
196 bool AppInstallHelper::createDir(app_install_path_type smType, const std::string &path, bool isBasePath) {
197 mktreeSafe(path, 0777);
198 // Dont pass base pkg dirs to SM, because transmute will be forced on RO subdirs
200 m_dirTypeMap[smType].push_back(path);
201 if (!m_isLocal || chown(path.c_str(), m_uidGid, FILE_GROUP) == 0)
207 void AppInstallHelper::createInstallDir(RootType type) {
208 setInstallPath(type);
209 RootInfo &info = m_rootPaths[type];
212 createDir(SECURITY_MANAGER_PATH_PUBLIC_RO, info.path, true);
213 info.isCreated = true;
216 void AppInstallHelper::createPath(app_install_path_type smType, PathType pType, int i, RootType rType) {
217 createInstallDir(rType);
218 std::string path = getPath(smType, pType, i, rType);
221 createDir(smType, path);
224 createPath(smType, PathType::DIR, 0, rType);
225 createFile(smType, path);
230 void AppInstallHelper::createDirLink(app_install_path_type smType, const std::string &dest, int i,
233 createInstallDir(rType);
234 std::string linkPath = getPath(smType, PathType::DIR, i, rType);
235 if (symlink(dest.c_str(), linkPath.c_str()) == 0) {
236 m_fileTypeMap[smType].push_back(linkPath);
238 chown(linkPath.c_str(), m_uidGid, FILE_GROUP);
243 void AppInstallHelper::createTrustedDir(int i, RootType type) {
244 createPath(SECURITY_MANAGER_PATH_TRUSTED_RW, PathType::DIR, i, type);
247 void AppInstallHelper::createPrivateDir(int i, RootType type) {
248 createPath(SECURITY_MANAGER_PATH_RW, PathType::DIR, i, type);
251 void AppInstallHelper::createPublicDir(RootType type) {
252 createPath(SECURITY_MANAGER_PATH_PUBLIC_RO, PathType::DIR, 0, type);
255 void AppInstallHelper::createPrivateFile(int i, RootType type) {
256 createPath(SECURITY_MANAGER_PATH_RW, PathType::FILE, i, type);
259 void AppInstallHelper::createSharedRODir(int i, RootType type) {
260 createPath(SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, PathType::DIR, i, RootType::SHARED);
261 createInstallDir(RootType::SHARED_TMP);
262 auto linkPath = getSharedRODir(i, RootType::SHARED);
263 createDirLink(SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, linkPath, i, type);
266 void AppInstallHelper::createSharedROFile(int i, RootType type) {
267 createPath(SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, PathType::FILE, i, type);
270 void AppInstallHelper::createPrivateRODir(int i, RootType type) {
271 createPath(SECURITY_MANAGER_PATH_RO, PathType::DIR, i, type);
274 void AppInstallHelper::setHybrid() {
278 bool AppInstallHelper::getIsHybrid() const {
282 void AppInstallHelper::addPrivileges(const std::vector<std::string> &privileges) {
283 for (auto &p : privileges) {
284 addPrivilege(Privilege(p));
288 std::vector<std::string> AppInstallHelper::getPrivilegesNames() const {
289 std::vector<std::string> privileges;
290 for (auto &p : m_privileges) {
291 privileges.push_back(p.getName());
296 void AppInstallHelper::addPrivilege(Privilege privilege) {
297 m_privileges.push_back(std::move(privilege));
300 void AppInstallHelper::addPrivileges(const PrivilegeVector &privileges) {
301 std::copy(privileges.begin(), privileges.end(), std::back_inserter(m_privileges));
304 const PrivilegeVector& AppInstallHelper::getPrivileges() const {
308 void AppInstallHelper::addAppDefinedPrivilege(Privilege privilege) {
309 m_appDefinedPrivileges.push_back(std::move(privilege));
312 const PrivilegeVector& AppInstallHelper::getAppDefinedPrivileges() const {
313 return m_appDefinedPrivileges;
316 void AppInstallHelper::revokeRules() const {
318 0 == smack_revoke_subject(generateAppLabel().c_str()),
319 "Revoking smack subject failed");
322 std::string AppInstallHelper::generateAppLabel() const {
323 return generateProcessLabel(getAppId(), getPkgId(), getIsHybrid());
326 std::string AppInstallHelper::generatePkgLabel() const {
327 return generatePathRWLabel(getPkgId());
330 const AppInstallHelper::TypePathsMap& AppInstallHelper::getDirsMap() const {
334 const AppInstallHelper::TypePathsMap& AppInstallHelper::getFilesMap() const {
335 return m_fileTypeMap;
338 void AppInstallHelper::removePaths() {
339 for (const auto &oneTypePaths : m_dirTypeMap)
340 for (const auto& path : oneTypePaths.second)
343 m_dirTypeMap.clear();
345 for (const auto &oneTypePaths : m_fileTypeMap)
346 for (const auto& path : oneTypePaths.second)
347 unlink(path.c_str());
349 m_fileTypeMap.clear();
351 for (auto& rootInfo : m_rootPaths) {
352 if (rootInfo.second.isCreated)
353 rmdir(rootInfo.second.path.c_str());
354 rootInfo.second.isCreated = false;
358 void AppInstallHelper::setAuthor(const std::string &author) {
361 std::string AppInstallHelper::getAuthor() const {
365 void AppInstallHelper::setInstallType(app_install_type type) {
366 m_installType = type;
368 app_install_type AppInstallHelper::getInstallType() const {
369 return m_installType;