4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Bumjin Im <bj.im@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License
27 #include <sys/types.h>
33 #include <sys/smack.h>
35 #include "security-server-cookie.h"
36 #include "security-server-common.h"
37 #include "security-server-password.h"
38 #include "security-server-comm.h"
40 /* Set cookie as a global variable */
42 pthread_mutex_t cookie_mutex;
43 int thread_status[SECURITY_SERVER_NUM_THREADS];
44 struct security_server_thread_param {
50 /************************************************************************************************/
51 /* Just for test. This code must be removed on release */
52 #include "security-server-util.h"
53 /************************************************************************************************/
56 void printhex(unsigned char *data, int size)
64 printf("%X ", data[i]);
65 if(((i+1) % 16) == 0 && i != 0)
71 void print_cookie(cookie_list *list)
74 printf("%s", "cookie:\n");
75 printhex(list->cookie, SECURITY_SERVER_COOKIE_LEN);
76 printf("path_len: %d\n", list->path_len);
77 printf("permission_len: %d\n", list->permission_len);
78 printf("PID: %d\n", list->pid);
79 printf("path: %s\n", list->path);
80 printf("%s", "permissions: ");
81 for(i=0;i<list->permission_len;i++)
83 printf("%d ", list->permissions[i]);
86 printf("prev: %p\n", list->prev);
87 printf("next: %p\n", list->next);
91 /* Object name is actually name of a Group ID *
92 * This function opens /etc/group file and search group ID and
93 * returns the string */
94 int search_object_name(int gid, char *obj, int obj_size)
97 char *linebuf = NULL, *token = NULL, *token2, *tempstr = NULL;
98 int ret = 0, tmp_gid, bufsize;
99 fp = fopen("/etc/group", "r");
102 /* cannot open /etc/group */
103 SEC_SVR_DBG("%s", "Cannot open /etc/group");
104 return SECURITY_SERVER_ERROR_FILE_OPERATION;
107 linebuf = malloc(128);
111 ret = SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
112 SEC_SVR_DBG("%s", "cannot malloc()");
116 bzero(linebuf, bufsize);
117 ret = SECURITY_SERVER_ERROR_NO_SUCH_OBJECT;
118 while(fgets(linebuf, bufsize, fp) != NULL)
120 while(linebuf[bufsize -2] != 0)
122 linebuf[bufsize -1] = (char) fgetc(fp);
123 tempstr = realloc(linebuf, bufsize + 128);
126 ret = SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
130 bzero(linebuf + bufsize, 128);
131 fgets(linebuf + bufsize, 128, fp);
135 token = strtok(linebuf, ":"); /* group name */
138 SEC_SVR_DBG("/etc/group is not valid. cannot find gid: [%s]", linebuf);
139 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
142 token2 = strtok(NULL, ":"); /* group password */
145 SEC_SVR_DBG("/etc/group is not valid. cannot find gid: [%s]", linebuf);
146 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
149 token2 = strtok(NULL, ":"); /* gid */
152 SEC_SVR_DBG("/etc/group is not valid. cannot find gid: [%s]", linebuf);
153 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
158 tmp_gid = strtoul(token2, 0, 10);
161 SEC_SVR_DBG("cannot change string to integer [%s]", token2);
162 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
169 if(strlen(token) > obj_size)
171 ret = SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL;
172 SEC_SVR_DBG("buffer is too small. %d --> %d", obj_size, strlen(token));
175 strncpy(obj, token, strlen(token));
176 obj[strlen(token)] = 0;
177 ret = SECURITY_SERVER_SUCCESS;
180 bzero(linebuf, bufsize);
191 /* Search GID from group name *
192 * This function opens /etc/group and search group name by given gid */
193 int search_gid(const char *obj)
196 char *linebuf = NULL, *token = NULL, *token2, *tempstr = NULL;
197 int ret = SECURITY_SERVER_ERROR_NO_SUCH_OBJECT, tmp_gid, bufsize;
199 SEC_SVR_DBG("Searching for object %s", obj);
201 fp = fopen("/etc/group", "r");
204 /* cannot open /etc/group */
205 SEC_SVR_DBG("%s", "cannot open /etc/group");
206 return SECURITY_SERVER_ERROR_FILE_OPERATION;
209 linebuf = malloc(128);
213 ret = SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
214 SEC_SVR_DBG("%s", "Out Of Memory");
218 bzero(linebuf, bufsize);
219 while(fgets(linebuf, bufsize, fp) != NULL)
221 while(linebuf[bufsize -2] != 0 )
223 linebuf[bufsize -1] = (char) fgetc(fp);
224 tempstr = realloc(linebuf, bufsize + 128);
227 ret = SECURITY_SERVER_ERROR_OUT_OF_MEMORY;
231 bzero(linebuf + bufsize, 128);
232 fgets(linebuf + bufsize, 128, fp);
236 token = strtok(linebuf, ":"); /* group name */
237 token2 = strtok(NULL, ":"); /* group password */
238 token2 = strtok(NULL, ":"); /* gid */
241 SEC_SVR_DBG("/etc/group is not valid. cannot find gid: [%s]", linebuf);
242 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
246 tmp_gid = strtoul(token2, 0, 10);
249 SEC_SVR_DBG("cannot change string to integer [%s]", token2);
250 ret = SECURITY_SERVER_ERROR_SERVER_ERROR;
254 if(strcmp(obj, token) == 0)
258 SEC_SVR_DBG("GID of %s is found: %d", obj, ret);
261 bzero(linebuf, bufsize);
272 /* Signal handler for processes */
273 static void security_server_sig_child(int signo, siginfo_t *info, void *data)
279 child_pgid = getpgid(info->si_pid);
280 SEC_SVR_DBG("Signal handler: dead_pid=%d, pgid=%d",info->si_pid,child_pgid);
282 while ((child_pid = waitpid(-1, &status, WNOHANG)) > 0) {
283 if(child_pid == child_pgid)
284 killpg(child_pgid,SIGKILL);
290 /* Execute a debugging tool by fork() and execve() */
291 int execute_debug_tool(int argc, char *const *argv, int server_sockfd, int client_sockfd)
294 SEC_SVR_DBG("%s", "Executing tool");
299 close(client_sockfd);
300 close(server_sockfd);
306 ret = execv(argv[0], argv);
309 SEC_SVR_DBG("Error:Failed to execute [%d]", errno);
315 SEC_SVR_DBG("Error: Failed to fork [%d]", errno);
316 return SECURITY_SERVER_ERROR_SERVER_ERROR;
318 return SECURITY_SERVER_SUCCESS;
321 int process_cookie_request(int sockfd)
323 int retval, client_pid, client_uid;
324 cookie_list *created_cookie = NULL;
326 /* Authenticate client */
327 retval = authenticate_client_application(sockfd, &client_pid, &client_uid);
328 if(retval != SECURITY_SERVER_SUCCESS)
330 SEC_SVR_DBG("%s", "Client Authentication Failed");
331 retval = send_generic_response(sockfd,
332 SECURITY_SERVER_MSG_TYPE_GENERIC_RESPONSE,
333 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
334 if(retval != SECURITY_SERVER_SUCCESS)
336 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
340 /* If client application is root process, just respond default cookie */
344 SEC_SVR_DBG("%s", "Requested application is a root process");
345 created_cookie = c_list;
348 SEC_SVR_DBG("%s", "Cannot read default cookie");
355 //TODO: Remove above code if there will be no crashes without it
356 //All process should be treaded the same
357 /* Create a new cookie. or find existing one */
358 pthread_mutex_lock(&cookie_mutex);
359 created_cookie = create_cookie_item(client_pid, sockfd, c_list);
360 pthread_mutex_unlock(&cookie_mutex);
361 if(created_cookie == NULL)
363 SEC_SVR_DBG("%s","Cannot create a cookie");
367 //let others know if this cookie belongs to root process
369 created_cookie->is_roots_process = 1;
371 created_cookie->is_roots_process = 0;
374 /* send cookie as response */
375 retval = send_cookie(sockfd, created_cookie->cookie);
376 if(retval != SECURITY_SERVER_SUCCESS)
378 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
380 SEC_SVR_DBG("Server: Cookie created for client PID %d LABEL >%s<",
382 (created_cookie->smack_label)?(created_cookie->smack_label):"NULL");
384 SEC_SVR_DBG("%s", "Server: Cookie has been sent to client");
390 int process_check_privilege_request(int sockfd)
392 /* Authenticate client */
393 int retval, client_pid, requested_privilege;
395 unsigned char requested_cookie[SECURITY_SERVER_COOKIE_LEN];
396 cookie_list *search_result = NULL;
398 retval = authenticate_client_middleware(sockfd, &client_pid);
399 if(retval != SECURITY_SERVER_SUCCESS)
401 SEC_SVR_DBG("%s", "Client Authentication Failed");
402 retval = send_generic_response(sockfd,
403 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_RESPONSE,
404 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
405 if(retval != SECURITY_SERVER_SUCCESS)
407 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
412 retval = recv_check_privilege_request(sockfd,
413 requested_cookie, &requested_privilege);
414 if(retval == SECURITY_SERVER_ERROR_RECV_FAILED)
416 SEC_SVR_DBG("%s", "Receiving request failed");
417 retval = send_generic_response(sockfd,
418 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_RESPONSE,
419 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
420 if(retval != SECURITY_SERVER_SUCCESS)
422 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
427 if(requested_privilege < 1)
429 SEC_SVR_DBG("Requiring bad privilege [%d]", requested_privilege);
430 retval = send_generic_response(sockfd,
431 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_RESPONSE,
432 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
433 if(retval != SECURITY_SERVER_SUCCESS)
435 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
440 /* Search cookie list */
441 pthread_mutex_lock(&cookie_mutex);
442 privileges[0] = requested_privilege;
443 search_result = search_cookie(c_list, requested_cookie, privileges, 1);
444 pthread_mutex_unlock(&cookie_mutex);
445 if(search_result != NULL)
448 SEC_SVR_DBG("We found the cookie with %d privilege and pid:%d", requested_privilege, client_pid);
449 SEC_SVR_DBG("%s", "Cookie comparison succeeded. Access granted.");
450 retval = send_generic_response(sockfd,
451 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_RESPONSE,
452 SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED);
453 if(retval != SECURITY_SERVER_SUCCESS)
455 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
461 SEC_SVR_DBG("Could not find the cookie with %d privilege", requested_privilege);
462 retval = send_generic_response(sockfd,
463 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_RESPONSE,
464 SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED);
465 if(retval != SECURITY_SERVER_SUCCESS)
467 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
474 int process_check_privilege_new_request(int sockfd)
476 /* Authenticate client */
477 int retval, client_pid, requested_privilege;
478 unsigned char requested_cookie[SECURITY_SERVER_COOKIE_LEN];
479 cookie_list *search_result = NULL;
480 char object_label[MAX_OBJECT_LABEL_LEN+1];
481 char access_rights[MAX_MODE_STR_LEN+1];
483 retval = authenticate_client_middleware(sockfd, &client_pid);
484 if(retval != SECURITY_SERVER_SUCCESS)
486 SEC_SVR_DBG("%s", "Client Authentication Failed");
487 retval = send_generic_response(sockfd,
488 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_RESPONSE,
489 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
490 if(retval != SECURITY_SERVER_SUCCESS)
492 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
497 retval = recv_check_privilege_new_request(
498 sockfd, requested_cookie, object_label, access_rights);
499 if(retval == SECURITY_SERVER_ERROR_RECV_FAILED)
501 SEC_SVR_DBG("%s", "Receiving request failed");
502 retval = send_generic_response(sockfd,
503 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_RESPONSE,
504 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
505 if(retval != SECURITY_SERVER_SUCCESS)
507 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
512 /* Search cookie list */
513 pthread_mutex_lock(&cookie_mutex);
514 search_result = search_cookie_new(c_list, requested_cookie, object_label, access_rights);
515 pthread_mutex_unlock(&cookie_mutex);
517 if(search_result != NULL)
520 SEC_SVR_DBG("We found the cookie with %s rights and pid:%d", access_rights, client_pid);
521 SEC_SVR_DBG("%s", "Cookie comparison succeeded. Access granted.");
522 retval = send_generic_response(sockfd,
523 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_RESPONSE,
524 SECURITY_SERVER_RETURN_CODE_ACCESS_GRANTED);
525 if(retval != SECURITY_SERVER_SUCCESS)
527 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
533 SEC_SVR_DBG("Could not find the cookie with %s rights", access_rights);
534 retval = send_generic_response(sockfd,
535 SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_RESPONSE,
536 SECURITY_SERVER_RETURN_CODE_ACCESS_DENIED);
537 if(retval != SECURITY_SERVER_SUCCESS)
539 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
548 int process_object_name_request(int sockfd)
550 int retval, client_pid, requested_privilege;
551 char object_name[SECURITY_SERVER_MAX_OBJ_NAME];
553 /* Authenticate client */
554 retval = authenticate_client_middleware(sockfd, &client_pid);
555 if(retval != SECURITY_SERVER_SUCCESS)
557 SEC_SVR_DBG("%s", "Client Authentication Failed");
558 retval = send_generic_response(sockfd,
559 SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_RESPONSE,
560 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
561 if(retval != SECURITY_SERVER_SUCCESS)
563 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
569 retval = read(sockfd, &requested_privilege, sizeof(requested_privilege));
570 if (retval < sizeof(requested_privilege))
572 SEC_SVR_DBG("%s", "Receiving request failed");
573 retval = send_generic_response(sockfd,
574 SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_RESPONSE,
575 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
576 if(retval != SECURITY_SERVER_SUCCESS)
578 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
583 /* Search from /etc/group */
584 retval = search_object_name(requested_privilege,
586 SECURITY_SERVER_MAX_OBJ_NAME);
587 if (retval == SECURITY_SERVER_ERROR_NO_SUCH_OBJECT)
590 SEC_SVR_DBG("There is no such object for gid [%d]", requested_privilege);
591 retval = send_generic_response(sockfd,
592 SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_RESPONSE,
593 SECURITY_SERVER_RETURN_CODE_NO_SUCH_OBJECT);
594 if(retval != SECURITY_SERVER_SUCCESS)
596 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
600 if(retval != SECURITY_SERVER_SUCCESS)
603 SEC_SVR_DBG("Error on searching object name [%d]", retval);
604 retval = send_generic_response(sockfd,
605 SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_RESPONSE,
606 SECURITY_SERVER_RETURN_CODE_SERVER_ERROR);
607 if(retval != SECURITY_SERVER_SUCCESS)
609 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
615 SEC_SVR_DBG("We found object: %s", object_name);
616 retval = send_object_name(sockfd, object_name);
617 if(retval != SECURITY_SERVER_SUCCESS)
619 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
626 int process_gid_request(int sockfd, int msg_len)
628 int retval, client_pid;
629 char object_name[SECURITY_SERVER_MAX_OBJ_NAME];
630 /* Authenticate client as middleware daemon */
631 retval = authenticate_client_middleware(sockfd, &client_pid);
632 if(retval != SECURITY_SERVER_SUCCESS)
634 SEC_SVR_DBG("%s", "Client authentication failed");
635 retval = send_generic_response(sockfd,
636 SECURITY_SERVER_MSG_TYPE_GID_RESPONSE,
637 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
638 if(retval != SECURITY_SERVER_SUCCESS)
640 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
645 if(msg_len >= SECURITY_SERVER_MAX_OBJ_NAME)
647 /* Too big ojbect name */
648 SEC_SVR_DBG("%s", "Object name is too big");
649 retval = send_generic_response(sockfd,
650 SECURITY_SERVER_MSG_TYPE_GID_RESPONSE,
651 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
652 if(retval != SECURITY_SERVER_SUCCESS)
654 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
659 /* Receive group name */
660 retval = read(sockfd, object_name, msg_len);
661 if (retval < msg_len )
663 SEC_SVR_DBG("%s", "Failed to read object name");
664 retval = send_generic_response(sockfd,
665 SECURITY_SERVER_MSG_TYPE_GID_RESPONSE,
666 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
667 if(retval != SECURITY_SERVER_SUCCESS)
669 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
673 object_name[msg_len] = 0;
675 /* Search /etc/group for the given group name */
676 retval = search_gid(object_name);
677 if (retval == SECURITY_SERVER_ERROR_NO_SUCH_OBJECT)
680 SEC_SVR_DBG("The object [%s] is not exist", object_name);
681 retval = send_generic_response(sockfd,
682 SECURITY_SERVER_MSG_TYPE_GID_RESPONSE,
683 SECURITY_SERVER_RETURN_CODE_NO_SUCH_OBJECT);
684 if(retval != SECURITY_SERVER_SUCCESS)
686 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
694 SEC_SVR_DBG("Cannot send the response. %d", retval);
695 retval = send_generic_response(sockfd,
696 SECURITY_SERVER_MSG_TYPE_GID_RESPONSE,
697 SECURITY_SERVER_RETURN_CODE_SERVER_ERROR);
698 if(retval != SECURITY_SERVER_SUCCESS)
700 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
706 retval = send_gid(sockfd, retval);
707 if(retval != SECURITY_SERVER_SUCCESS)
709 SEC_SVR_DBG("ERROR: Cannot gid response: %d", retval);
715 int process_pid_request(int sockfd)
717 int retval, client_pid;
718 unsigned char requested_cookie[SECURITY_SERVER_COOKIE_LEN];
720 cookie_list *search_result = NULL;
722 /* Authenticate client */
723 retval = authenticate_client_middleware(sockfd, &client_pid);
724 if(retval != SECURITY_SERVER_SUCCESS)
726 SEC_SVR_DBG("%s", "Client Authentication Failed");
727 retval = send_generic_response(sockfd,
728 SECURITY_SERVER_MSG_TYPE_PID_RESPONSE,
729 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
730 if(retval != SECURITY_SERVER_SUCCESS)
732 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
737 retval = recv_pid_request(sockfd, requested_cookie);
738 if(retval == SECURITY_SERVER_ERROR_RECV_FAILED)
740 SEC_SVR_DBG("%s", "Receiving request failed");
741 retval = send_generic_response(sockfd,
742 SECURITY_SERVER_MSG_TYPE_PID_RESPONSE,
743 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
744 if(retval != SECURITY_SERVER_SUCCESS)
746 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
751 /* Search cookie list */
752 pthread_mutex_lock(&cookie_mutex);
754 retval = get_client_gid_list(sockfd, &privileges);
757 SEC_SVR_DBG("ERROR: Cannot get GID list");
761 search_result = search_cookie(c_list, requested_cookie, privileges, retval);
764 pthread_mutex_unlock(&cookie_mutex);
765 if(search_result != NULL)
768 SEC_SVR_DBG("We found the cookie and pid:%d", search_result->pid);
769 SEC_SVR_DBG("%s", "Cookie comparison succeeded. Access granted.");
770 retval = send_pid(sockfd, search_result->pid);
772 if(retval != SECURITY_SERVER_SUCCESS)
774 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
780 SEC_SVR_DBG("%s", "Could not find the cookie");
781 retval = send_generic_response(sockfd,
782 SECURITY_SERVER_MSG_TYPE_PID_RESPONSE,
783 SECURITY_SERVER_RETURN_CODE_NO_SUCH_COOKIE);
784 if(retval != SECURITY_SERVER_SUCCESS)
786 SEC_SVR_DBG("ERROR: Cannot send pid response: %d", retval);
793 int process_smack_request(int sockfd)
795 int retval, client_pid;
797 unsigned char requested_cookie[SECURITY_SERVER_COOKIE_LEN];
798 cookie_list *search_result = NULL;
799 //handler for SMACK label
801 //buffer for storing file path
802 const int BUFFSIZE = 30;
806 /* Authenticate client */
807 retval = authenticate_client_middleware(sockfd, &client_pid);
808 if(retval != SECURITY_SERVER_SUCCESS)
810 SEC_SVR_DBG("%s", "Client Authentication Failed");
811 retval = send_generic_response(sockfd,
812 SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE,
813 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
814 if(retval != SECURITY_SERVER_SUCCESS)
816 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
821 retval = recv_smack_request(sockfd, requested_cookie);
822 if(retval == SECURITY_SERVER_ERROR_RECV_FAILED)
824 SEC_SVR_DBG("%s", "Receiving request failed");
825 retval = send_generic_response(sockfd,
826 SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE,
827 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
828 if(retval != SECURITY_SERVER_SUCCESS)
830 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
835 /* Search cookie list */
836 pthread_mutex_lock(&cookie_mutex);
838 retval = get_client_gid_list(sockfd, &privileges);
841 SEC_SVR_DBG("ERROR: Cannot get GID list");
845 search_result = search_cookie(c_list, requested_cookie, privileges, retval);
848 pthread_mutex_unlock(&cookie_mutex);
849 if(search_result != NULL)
852 SEC_SVR_DBG("We found the cookie and pid:%d", search_result->pid);
853 SEC_SVR_DBG("%s", "Cookie comparison succeeded. Access granted.");
856 memset(path, 0x00, BUFFSIZE);
858 //preparing file path
859 snprintf(path, BUFFSIZE, "/proc/%d/attr/current", search_result->pid);
860 SEC_SVR_DBG("Path to file: %s\n", path);
862 //allocation place for label
863 label = calloc(SMACK_LABEL_LEN, 1);
866 SEC_SVR_DBG("Client ERROR: Memory allocation error");
870 //clearing buffer for label
871 memset(label, 0x00, SMACK_LABEL_LEN);
873 //opening file /proc/<pid>/attr/curent with SMACK label
874 fd = open(path, O_RDONLY);
877 SEC_SVR_DBG("Client ERROR: Unable to open file in /proc");
881 //reading label from file, it is NOT NULL TERMINATED
882 retval = read(fd, label, SMACK_LABEL_LEN);
886 SEC_SVR_DBG("Client ERROR: Unable to read from file");
890 SEC_SVR_DBG("Readed label is: %s\n", label);
892 retval = send_smack(sockfd, label);
894 if(retval != SECURITY_SERVER_SUCCESS)
896 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
902 SEC_SVR_DBG("%s", "Could not find the cookie");
903 retval = send_generic_response(sockfd,
904 SECURITY_SERVER_MSG_TYPE_SMACK_RESPONSE,
905 SECURITY_SERVER_RETURN_CODE_NO_SUCH_COOKIE);
906 if(retval != SECURITY_SERVER_SUCCESS)
908 SEC_SVR_DBG("ERROR: Cannot send SMACK label response: %d", retval);
918 int process_tool_request(int client_sockfd, int server_sockfd)
921 char **recved_argv = NULL;
923 /* Authenticate client */
924 retval = authenticate_developer_shell(client_sockfd);
925 if(retval != SECURITY_SERVER_SUCCESS)
927 SEC_SVR_DBG("%s", "Client Authentication Failed");
928 retval = send_generic_response(client_sockfd,
929 SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE,
930 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
931 if(retval != SECURITY_SERVER_SUCCESS)
933 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
938 /* Receive Total number of argv */
940 retval = read(client_sockfd, &argcnum, sizeof(int));
941 if((retval < sizeof(int)) || argcnum > (UINT_MAX/sizeof(char *))-2 || argcnum < 0)
943 SEC_SVR_DBG("Error: argc recieve failed: %d", retval);
944 retval = send_generic_response(client_sockfd,
945 SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE,
946 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
947 if(retval != SECURITY_SERVER_SUCCESS)
949 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
954 recved_argv = (char **)malloc(sizeof(char *) * argcnum);
955 if(recved_argv == NULL)
957 SEC_SVR_DBG("Error: malloc() failed: %d", retval);
958 retval = send_generic_response(client_sockfd,
959 SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE,
960 SECURITY_SERVER_RETURN_CODE_SERVER_ERROR);
961 if(retval != SECURITY_SERVER_SUCCESS)
963 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
967 memset(recved_argv, 0, sizeof(char *) * argcnum);
969 retval = recv_launch_tool_request(client_sockfd, argcnum -1, recved_argv);
970 if(retval == SECURITY_SERVER_ERROR_RECV_FAILED || retval == SECURITY_SERVER_ERROR_OUT_OF_MEMORY)
972 SEC_SVR_DBG("%s", "Receiving request failed");
974 retval = send_generic_response(client_sockfd,
975 SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE,
976 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
977 if(retval != SECURITY_SERVER_SUCCESS)
979 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
985 SEC_SVR_DBG("Error: Too small number of argv [%d]", argcnum);
986 retval = send_generic_response(client_sockfd,
987 SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE,
988 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
989 if(retval != SECURITY_SERVER_SUCCESS)
991 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
995 /* Execute the command */
996 retval = execute_debug_tool(argcnum, recved_argv, server_sockfd, client_sockfd);
997 if(retval != SECURITY_SERVER_SUCCESS)
999 SEC_SVR_DBG("Error: Cannot execute debug tool [%d]", retval);
1000 retval = send_generic_response(client_sockfd,
1001 SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE,
1002 SECURITY_SERVER_RETURN_CODE_SERVER_ERROR);
1003 if(retval != SECURITY_SERVER_SUCCESS)
1005 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
1010 SEC_SVR_DBG("%s", "Tool has been executed");
1011 retval = send_generic_response(client_sockfd,
1012 SECURITY_SERVER_MSG_TYPE_TOOL_RESPONSE,
1013 SECURITY_SERVER_RETURN_CODE_SUCCESS);
1014 if(retval != SECURITY_SERVER_SUCCESS)
1016 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
1020 if(recved_argv != NULL)
1023 free_argv(recved_argv, argcnum);
1030 void *security_server_thread(void *param)
1032 int client_sockfd = -1, client_uid, client_pid;
1033 int server_sockfd, retval, argcnum;
1034 basic_header basic_hdr;
1035 struct security_server_thread_param *my_param;
1037 my_param = (struct security_server_thread_param *) param;
1038 client_sockfd = my_param->client_sockfd;
1039 server_sockfd = my_param->server_sockfd;
1041 /* Receive request header */
1042 retval = recv_hdr(client_sockfd, &basic_hdr);
1043 if(retval == SECURITY_SERVER_ERROR_TIMEOUT || retval == SECURITY_SERVER_ERROR_RECV_FAILED
1044 || retval == SECURITY_SERVER_ERROR_SOCKET)
1046 SEC_SVR_DBG("Receiving header error [%d]",retval);
1047 close(client_sockfd);
1052 if(retval != SECURITY_SERVER_SUCCESS)
1055 SEC_SVR_DBG("Receiving header error [%d]",retval);
1056 retval = send_generic_response(client_sockfd,
1057 SECURITY_SERVER_MSG_TYPE_GENERIC_RESPONSE,
1058 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
1059 if(retval != SECURITY_SERVER_SUCCESS)
1061 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
1064 safe_server_sock_close(client_sockfd);
1069 /* Act different for request message ID */
1070 switch(basic_hdr.msg_id)
1072 case SECURITY_SERVER_MSG_TYPE_COOKIE_REQUEST:
1073 SEC_SVR_DBG("%s", "Cookie request received");
1074 process_cookie_request(client_sockfd);
1077 case SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_REQUEST:
1078 SEC_SVR_DBG("%s", "Privilege check received");
1079 process_check_privilege_request(client_sockfd);
1082 case SECURITY_SERVER_MSG_TYPE_CHECK_PRIVILEGE_NEW_REQUEST:
1083 SEC_SVR_DBG("%s", "Privilege check (new mode) received");
1084 process_check_privilege_new_request(client_sockfd);
1087 case SECURITY_SERVER_MSG_TYPE_OBJECT_NAME_REQUEST:
1088 SEC_SVR_DBG("%s", "Get object name request received");
1089 process_object_name_request(client_sockfd);
1092 case SECURITY_SERVER_MSG_TYPE_GID_REQUEST:
1093 SEC_SVR_DBG("%s", "Get GID received");
1094 process_gid_request(client_sockfd, (int)basic_hdr.msg_len);
1097 case SECURITY_SERVER_MSG_TYPE_PID_REQUEST:
1098 SEC_SVR_DBG("%s", "pid request received");
1099 process_pid_request(client_sockfd);
1102 case SECURITY_SERVER_MSG_TYPE_SMACK_REQUEST:
1103 SEC_SVR_DBG("%s", "SMACK label request received");
1104 process_smack_request(client_sockfd);
1107 case SECURITY_SERVER_MSG_TYPE_TOOL_REQUEST:
1108 SEC_SVR_DBG("%s", "launch tool request received");
1109 process_tool_request(client_sockfd, server_sockfd);
1112 case SECURITY_SERVER_MSG_TYPE_VALID_PWD_REQUEST:
1113 SEC_SVR_DBG("%s", "Server: validate password request received");
1114 process_valid_pwd_request(client_sockfd);
1117 case SECURITY_SERVER_MSG_TYPE_SET_PWD_REQUEST:
1118 SEC_SVR_DBG("%s", "Server: set password request received");
1119 process_set_pwd_request(client_sockfd);
1122 case SECURITY_SERVER_MSG_TYPE_RESET_PWD_REQUEST:
1123 SEC_SVR_DBG("%s", "Server: reset password request received");
1124 process_reset_pwd_request(client_sockfd);
1127 case SECURITY_SERVER_MSG_TYPE_CHK_PWD_REQUEST:
1128 SEC_SVR_DBG("%s", "Server: check password request received");
1129 process_chk_pwd_request(client_sockfd);
1132 case SECURITY_SERVER_MSG_TYPE_SET_PWD_HISTORY_REQUEST:
1133 SEC_SVR_DBG("%s", "Server: set password histroy request received");
1134 process_set_pwd_history_request(client_sockfd);
1137 case SECURITY_SERVER_MSG_TYPE_SET_PWD_MAX_CHALLENGE_REQUEST:
1138 SEC_SVR_DBG("%s", "Server: set password max challenge request received");
1139 process_set_pwd_max_challenge_request(client_sockfd);
1142 case SECURITY_SERVER_MSG_TYPE_SET_PWD_VALIDITY_REQUEST:
1143 SEC_SVR_DBG("%s", "Server: set password validity request received");
1144 process_set_pwd_validity_request(client_sockfd);
1147 /************************************************************************************************/
1148 /* Just for test. This code must be removed on release */
1149 case SECURITY_SERVER_MSG_TYPE_GET_ALL_COOKIES_REQUEST:
1150 SEC_SVR_DBG("%s", "all cookie info request received -- NEED TO BE DELETED ON RELEASE");
1151 retval = authenticate_client_application(client_sockfd, &client_pid, &client_uid);
1152 if(retval != SECURITY_SERVER_SUCCESS)
1154 SEC_SVR_DBG("%s", "Client Authentication Failed");
1155 retval = send_generic_response(client_sockfd,
1156 SECURITY_SERVER_MSG_TYPE_GENERIC_RESPONSE,
1157 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
1158 if(retval != SECURITY_SERVER_SUCCESS)
1160 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
1164 retval = util_process_all_cookie(client_sockfd, c_list);
1165 if(retval != SECURITY_SERVER_SUCCESS)
1167 SEC_SVR_DBG("ERROR: Cannot send all cookie info: %d", retval);
1171 case SECURITY_SERVER_MSG_TYPE_GET_COOKIEINFO_FROM_PID_REQUEST:
1172 SEC_SVR_DBG("%s", "cookie info from pid request received -- NEED TO BE DELETED ON RELEASE");
1173 if(retval != SECURITY_SERVER_SUCCESS)
1175 SEC_SVR_DBG("%s", "Client Authentication Failed");
1176 retval = send_generic_response(client_sockfd,
1177 SECURITY_SERVER_MSG_TYPE_GENERIC_RESPONSE,
1178 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
1179 if(retval != SECURITY_SERVER_SUCCESS)
1181 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
1185 util_process_cookie_from_pid(client_sockfd, c_list);
1188 case SECURITY_SERVER_MSG_TYPE_GET_COOKIEINFO_FROM_COOKIE_REQUEST:
1189 SEC_SVR_DBG("%s", "cookie info from cookie request received -- NEED TO BE DELETED ON RELEASE");
1190 if(retval != SECURITY_SERVER_SUCCESS)
1192 SEC_SVR_DBG("%s", "Client Authentication Failed");
1193 retval = send_generic_response(client_sockfd,
1194 SECURITY_SERVER_MSG_TYPE_GENERIC_RESPONSE,
1195 SECURITY_SERVER_RETURN_CODE_AUTHENTICATION_FAILED);
1196 if(retval != SECURITY_SERVER_SUCCESS)
1198 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
1202 util_process_cookie_from_cookie(client_sockfd, c_list);
1204 /************************************************************************************************/
1208 SEC_SVR_DBG("Unknown msg ID :%d", basic_hdr.msg_id);
1209 /* Unknown message ID */
1210 retval = send_generic_response(client_sockfd,
1211 SECURITY_SERVER_MSG_TYPE_GENERIC_RESPONSE,
1212 SECURITY_SERVER_RETURN_CODE_BAD_REQUEST);
1213 if(retval != SECURITY_SERVER_SUCCESS)
1215 SEC_SVR_DBG("ERROR: Cannot send generic response: %d", retval);
1220 if(client_sockfd > 0)
1222 safe_server_sock_close(client_sockfd);
1227 if(client_sockfd > 0)
1228 close(client_sockfd);
1229 thread_status[my_param->thread_status] = 0;
1230 pthread_detach(pthread_self());
1234 void *security_server_main_thread(void *data)
1236 int server_sockfd = 0, retval, client_sockfd = -1, args[2], rc;
1237 struct sigaction act, dummy;
1238 pthread_t threads[SECURITY_SERVER_NUM_THREADS];
1239 struct security_server_thread_param param[SECURITY_SERVER_NUM_THREADS];
1241 SEC_SVR_DBG("%s", "Starting Security Server main thread");
1243 /* security server must be executed by root */
1246 fprintf(stderr, "%s\n", "You are not root. exiting...");
1250 for(retval = 0 ; retval < SECURITY_SERVER_NUM_THREADS; retval++)
1251 thread_status[retval] = 0;
1254 /* Create and bind a Unix domain socket */
1255 retval = create_new_socket(&server_sockfd);
1256 if(retval != SECURITY_SERVER_SUCCESS)
1258 SEC_SVR_DBG("%s", "cannot create socket. exiting...");
1262 if(listen(server_sockfd, 5) < 0)
1264 SEC_SVR_DBG("%s", "listen() failed. exiting...");
1268 /* Create a default cookie --> Cookie for root process */
1269 c_list = create_default_cookie();
1272 SEC_SVR_DBG("%s", "cannot make a default cookie. exiting...");
1276 /* Init signal handler */
1277 act.sa_handler = NULL;
1278 act.sa_sigaction = security_server_sig_child;
1279 sigemptyset(&act.sa_mask);
1280 act.sa_flags = SA_NOCLDSTOP | SA_SIGINFO;
1282 if (sigaction(SIGCHLD, &act, &dummy) < 0)
1284 SEC_SVR_DBG("%s", "cannot change session");
1287 pthread_mutex_init(&cookie_mutex, NULL);
1291 /* Accept a new client */
1292 if(client_sockfd < 0)
1293 client_sockfd = accept_client(server_sockfd);
1295 if(client_sockfd == SECURITY_SERVER_ERROR_TIMEOUT)
1297 if(client_sockfd < 0)
1299 SEC_SVR_DBG("Server: new connection has been accepted: %d", client_sockfd);
1303 if(thread_status[retval] == 0)
1305 thread_status[retval] = 1;
1306 param[retval].client_sockfd = client_sockfd;
1307 param[retval].server_sockfd = server_sockfd;
1308 param[retval].thread_status= retval;
1309 SEC_SVR_DBG("Server: Creating a new thread: %d", retval);
1310 rc =pthread_create(&threads[retval], NULL, security_server_thread, (void *)¶m[retval]);
1313 SEC_SVR_DBG("Error: Server: Cannot create thread:%d", rc);
1319 if(retval >= SECURITY_SERVER_NUM_THREADS)
1325 if(server_sockfd > 0)
1326 close(server_sockfd);
1328 pthread_detach(pthread_self());
1332 int main(int argc, char* argv[])
1335 pthread_t main_thread;
1337 res = pthread_create(&main_thread, NULL, security_server_main_thread, NULL);
1345 SEC_SVR_DBG("Error: Server: Cannot create main security server thread: %d", res);