projects / platform / core / security / security-manager.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 63fbe64)
Check some poll() and mount() errors 78/193178/2
authorKonrad Lipinski <k.lipinski2@partner.samsung.com>
Thu, 15 Nov 2018 14:26:40 +0000 (15:26 +0100)
committerDariusz Michaluk <d.michaluk@samsung.com>
Wed, 21 Nov 2018 12:50:26 +0000 (12:50 +0000)
Change-Id: I62a7769a70dd35f5cfb8ba781216318105844e3f

src/common/cynara.cpp patch | blob | history
src/common/mount-monitor.cpp patch | blob | history
src/common/service_impl.cpp patch | blob | history
src/common/worker.cpp patch | blob | history

diff --git a/src/common/cynara.cpp b/src/common/cynara.cpp
index f4a69839468b8d4d4c0bebdf992701436752fa97..e8e392dc5397ec941de69e22241e665d84791564 100644 (file)
--- a/src/common/cynara.cpp
+++ b/src/common/cynara.cpp
@@ -978,8 +978,7 @@ void Cynara::run()
         int ret = poll(pollFds, 2, -1);
 
         if (ret == -1) {
-            if (errno != EINTR)
-                LogError("Unexpected error returned by poll: " << GetErrnoString(errno));
+            Assert(errno == EINTR);
             continue;
         }
 
diff --git a/src/common/mount-monitor.cpp b/src/common/mount-monitor.cpp
index 0d424fca5b42bc1b92b5108177464027a25a1125..54f3331a30dfbb32b8eeece23236880d7512f0f3 100644 (file)
--- a/src/common/mount-monitor.cpp
+++ b/src/common/mount-monitor.cpp
@@ -24,6 +24,7 @@
 
 #include <mount-monitor.h>
 
+#include <dpl/assert.h>
 #include <dpl/errno_string.h>
 #include <dpl/log/log.h>
 #include <utils.h>
@@ -161,8 +162,7 @@ void MntMonitor::run()
         int ret = poll(pollFds, 2, -1);
 
         if (ret == -1) {
-            if (errno != EINTR)
-                //LogError("Unexpected error returned by poll: " << GetErrnoString(errno));
+            Assert(errno == EINTR);
             continue;
         }
 
diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp
index 7c5372d887171ab3b549cfe257880e4b92f79350..035f75e0baf09ed0848c3cb1df8f2e09c6ecf80d 100644 (file)
--- a/src/common/service_impl.cpp
+++ b/src/common/service_impl.cpp
@@ -1326,7 +1326,8 @@ int ServiceImpl::policyUpdate(const Credentials &creds, const std::vector<policy
 
         // Update mount namespaces
         // TODO: Don't update all users, apps and privileges, filter by policyEntries
-        m_NSMountLogic.check();
+        if (!m_NSMountLogic.check())
+            return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
     } catch (const CynaraException::Base &e) {
         LogError("Error while updating Cynara rules: " << e.DumpToString());
         return SECURITY_MANAGER_ERROR_SERVER_ERROR;
diff --git a/src/common/worker.cpp b/src/common/worker.cpp
index d0cc2eb9f0b5cfdff10e018f5988ebb6e66165d4..64b80f3f02f24c4cae5ddbe19841dc7284557a2c 100644 (file)
--- a/src/common/worker.cpp
+++ b/src/common/worker.cpp
@@ -72,7 +72,8 @@ int Worker::doWork(const NSMountLogic::EntryVector &entries)
                     continue;
 
                 for (auto &privilegePath : mapIter->second)
-                    applyPrivilegePath(allowed, privilegePath);
+                    if (SECURITY_MANAGER_SUCCESS != applyPrivilegePath(allowed, privilegePath))
+                        status = -1;
             }
         } catch (...) {
             status = -1;
Domain: Security / Access Control;