{"cache", SECURITY_MANAGER_PATH_RW},
{"lib", SECURITY_MANAGER_PATH_RO},
{"res", SECURITY_MANAGER_PATH_RO},
+ {"res/global", SECURITY_MANAGER_PATH_PUBLIC_RO},
+ {"res/allowed", SECURITY_MANAGER_PATH_PUBLIC_RO},
{"shared", SECURITY_MANAGER_PATH_PUBLIC_RO},
{"shared/data", SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO},
{"shared/cache", SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO},
return req_ != NULL;
}
bool PrepareBasic(const std::string& pkg_id, uid_t uid,
- const std::string& type = "" ) {
+ const std::string& type) {
if (pkg_id.empty() || type.empty()) {
LOG(ERROR) << "Invalid parameter";
return false;
int error = security_manager_path_req_new(&req_);
if (error != SECURITY_MANAGER_SUCCESS) {
LOG(ERROR)
- << "Failed while calling security_manager_app_inst_req_new failed "
+ << "Failed while calling security_manager_path_req_new failed "
<< "(error code: " << error << ")";
SetErrorMessage(&error_message_, error);
req_ = NULL;
bool Register() {
int error = security_manager_paths_register(req_);
if (error != SECURITY_MANAGER_SUCCESS) {
- LOG(ERROR) << "Failed while calling security_manager_app_install failed "
- << "(error code: " << error << ")";
+ LOG(ERROR) << "Failed while calling security_manager_paths_register "
+ << "failed (error code: " << error << ")";
SetErrorMessage(&error_message_, error);
return false;
}
return result;
}
-static bool UnregisterSecurityContext(const std::string& pkg_id, uid_t uid,
+static bool UnregisterSecurityContext(const std::string& pkg_id,
+ const std::string& pkg_type, uid_t uid,
const std::vector<std::string>& appids, std::string* error_message) {
SecurityContextRequest req;
if (!req.IsValid()) {
*error_message = req.ErrorMessage();
return false;
}
- if (!req.PrepareBasic(pkg_id, uid)) {
+ if (!req.PrepareBasic(pkg_id, uid, pkg_type)) {
*error_message = req.ErrorMessage();
return false;
}
}
bool UnregisterSecurityContextForManifest(const std::string& pkg_id,
- uid_t uid, manifest_x* manifest, std::string* error_message) {
+ const std::string& pkg_type, uid_t uid, manifest_x* manifest,
+ std::string* error_message) {
std::vector<std::string> appids;
for (application_x* app : GListRange<application_x*>(manifest->application)) {
if (!app->appid) {
}
appids.emplace_back(app->appid);
}
- return UnregisterSecurityContext(pkg_id, uid, appids, error_message);
+ return UnregisterSecurityContext(pkg_id, pkg_type, uid,
+ appids, error_message);
}
bool UnregisterSecurityContextForPkgId(const std::string &pkg_id,
- uid_t uid, std::string* error_message, bool ignore_data_absence) {
+ const std::string& pkg_type, uid_t uid,
+ std::string* error_message, bool ignore_data_absence) {
std::vector<std::string> appids;
ci::PkgQueryInterface pkg_query(pkg_id, uid);
if (!pkg_query.AppidsForPkgId(&appids))
return ignore_data_absence;
- return UnregisterSecurityContext(pkg_id, uid, appids, error_message);
+ return UnregisterSecurityContext(pkg_id, pkg_type, uid,
+ appids, error_message);
}
bool RegisterSecurityContextForPath(const std::string &pkg_id,