Add full get_app_manifest_policy API implementation

author Tomasz Swierczek <t.swierczek@samsung.com>

Mon, 12 Feb 2018 15:41:36 +0000 (16:41 +0100)

committer Tomasz Swierczek <t.swierczek@samsung.com>

Mon, 26 Feb 2018 07:13:59 +0000 (08:13 +0100)
author Tomasz Swierczek <t.swierczek@samsung.com>
Mon, 12 Feb 2018 15:41:36 +0000 (16:41 +0100)
committer Tomasz Swierczek <t.swierczek@samsung.com>
Mon, 26 Feb 2018 07:13:59 +0000 (08:13 +0100)
diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp

index 8d5efe9..e315ecf 100644 (file)
--- a/src/client/client-security-manager.cpp
+++ b/src/client/client-security-manager.cpp
@@ -1025,6 +1025,42 @@ int security_manager_policy_update_send(policy_update_req *p_req)
      });
  }
  
+static inline int security_manager_recv_strings_array_internal(
+        ClientRequest &request,
+        char ***ppp_array,
+        size_t *p_size)
+{
+    int count;
+    request.recv(count);
+    *p_size = count;
+    LogInfo("Number of strings: " << *p_size);
+    char **array = new char *[*p_size];
+
+    for (unsigned int i = 0; i < *p_size; ++i) {
+        std::string str;
+        request.recv(str);
+        if (str.empty()) {
+           LogError("Unexpected empty string");
+           for (unsigned int j = 0; j < i; ++j)
+                free(array[j]);
+           delete [] array;
+           return SECURITY_MANAGER_ERROR_UNKNOWN;
+        }
+
+        array[i] = strdup(str.c_str());
+        if (array[i] == nullptr) {
+            for (unsigned int j = 0; j < i; ++j)
+                free(array[j]);
+            delete [] array;
+            return SECURITY_MANAGER_ERROR_MEMORY;
+        }
+    }
+
+    *ppp_array = array;
+
+    return SECURITY_MANAGER_SUCCESS;
+}
+
  static inline int security_manager_get_policy_internal(
          SecurityManager::SecurityModuleCall call_type,
          policy_entry *p_filter,
@@ -1100,18 +1136,24 @@ int security_manager_get_app_manifest_policy(
          char ***ppp_privileges,
          size_t *p_size)
  {
-    (void) app_name;
-    (void) uid;
-    (void) ppp_privileges;
-    (void) p_size;
-    return SECURITY_MANAGER_SUCCESS;
+    if (!app_name || !ppp_privileges || !p_size)
+        return SECURITY_MANAGER_ERROR_INPUT_PARAM;
+    return try_catch([&]() -> int {
+        ClientRequest request(SecurityModuleCall::GET_APP_MANIFEST_POLICY);
+        if (request.send(std::string(app_name), uid).failed())
+            return request.getStatus();
+        return security_manager_recv_strings_array_internal(request,
+                                                            ppp_privileges,
+                                                            p_size);
+   });
  }
  
  SECURITY_MANAGER_API
  void security_manager_privileges_free(char **pp_privileges, const size_t size)
  {
-    (void) pp_privileges;
-    (void) size;
+    for (size_t i = 0; i < size; ++i)
+        free(pp_privileges[i]);
+    delete [] pp_privileges;
  }
  
  
@@ -1240,40 +1282,9 @@ int security_manager_policy_levels_get(char ***levels, size_t *levels_count)
          ClientRequest request(SecurityModuleCall::POLICY_GET_DESCRIPTIONS);
          if (request.send().failed())
              return request.getStatus();
-
-        int count;
-        request.recv(count);
-        *levels_count = count;
-        LogInfo("Number of policy descriptions: " << *levels_count);
-
-        char **array = new char *[*levels_count];
-
-        for (unsigned int i = 0; i < *levels_count; ++i) {
-            std::string level;
-            request.recv(level);
-
-            if (level.empty()) {
-                LogError("Unexpected empty level");
-                for (unsigned int j = 0; j < i; ++j) {
-                    delete [] array[j];
-                }
-                delete [] array;
-                return SECURITY_MANAGER_ERROR_UNKNOWN;
-            }
-
-            array[i] = strdup(level.c_str());
-            if (array[i] == nullptr) {
-                for (unsigned int j = 0; j < i; ++j) {
-                    delete [] array[j];
-                }
-                delete [] array;
-                return SECURITY_MANAGER_ERROR_MEMORY;
-            }
-        }
-
-        *levels = array;
-
-        return SECURITY_MANAGER_SUCCESS;
+        return security_manager_recv_strings_array_internal(request,
+                                                            levels,
+                                                            levels_count);
      });
  }
  
diff --git a/src/common/include/protocols.h b/src/common/include/protocols.h

index ad4faf7..c694aef 100644 (file)
--- a/src/common/include/protocols.h
+++ b/src/common/include/protocols.h
@@ -128,6 +128,7 @@ enum class SecurityModuleCall
      GET_CLIENT_PRIVILEGE_LICENSE,
      APP_SETUP_NAMESPACE,
      APP_CLEAN_NAMESPACE,
+    GET_APP_MANIFEST_POLICY,
      NOOP = 0x90,
  };
  
diff --git a/src/server/service/include/service.h b/src/server/service/include/service.h

index 1188935..a71e128 100644 (file)
--- a/src/server/service/include/service.h
+++ b/src/server/service/include/service.h
@@ -59,6 +59,15 @@ private:
       */
      bool processOne(const ConnectionID &conn, MessageBuffer &buffer, InterfaceID interfaceID);
  
+
+    /**
+     * Process getting application manifest policy
+     * @param buffer    Raw received data buffer
+     * @param send      Raw data buffer to be sent
+     * @param creds     credentials of the requesting process
+     */
+    void processAppGetManifestPolicy(MessageBuffer &buffer, MessageBuffer &send, const Credentials &creds);
+
      /**
       * Process application installation
       *
diff --git a/src/server/service/service.cpp b/src/server/service/service.cpp

index 5d81500..d4f6e41 100644 (file)
--- a/src/server/service/service.cpp
+++ b/src/server/service/service.cpp
@@ -169,6 +169,10 @@ bool Service::processOne(const ConnectionID &conn, MessageBuffer &buffer,
                      LogDebug("call_type: SecurityModuleCall::APP_CLEAN_NAMESPACE");
                      processAppCleanNamespace(buffer, send, creds);
                      break;
+                case SecurityModuleCall::GET_APP_MANIFEST_POLICY:
+                    LogDebug("call_type: SecurityModuleCall::GET_APP_MANIFEST_POLICY");
+                    processAppGetManifestPolicy(buffer, send, creds);
+                    break;
                  default:
                      LogError("Invalid call: " << call_type_int);
                      Throw(ServiceException::InvalidAction);
@@ -199,6 +203,26 @@ bool Service::processOne(const ConnectionID &conn, MessageBuffer &buffer,
      return retval;
  }
  
+void Service::processAppGetManifestPolicy(MessageBuffer &buffer, MessageBuffer &send, const Credentials &creds)
+{
+    std::string appName;
+    uid_t uid;
+    int ret;
+    std::vector<std::string> privileges;
+
+    Deserialization::Deserialize(buffer, appName);
+    Deserialization::Deserialize(buffer, uid);
+
+    ret = serviceImpl.getAppManifestPolicy(creds, appName, uid, privileges);
+
+    Serialization::Serialize(send, ret);
+    if (ret == SECURITY_MANAGER_SUCCESS) {
+        Serialization::Serialize(send, static_cast<int>(privileges.size()));
+        for (const auto &privilege : privileges)
+            Serialization::Serialize(send, privilege);
+    }
+}
+
  void Service::processAppInstall(MessageBuffer &buffer, MessageBuffer &send, const Credentials &creds)
  {
      app_inst_req req;
author	Tomasz Swierczek <t.swierczek@samsung.com>
	Mon, 12 Feb 2018 15:41:36 +0000 (16:41 +0100)
committer	Tomasz Swierczek <t.swierczek@samsung.com>
	Mon, 26 Feb 2018 07:13:59 +0000 (08:13 +0100)
src/client/client-security-manager.cpp		patch \| blob \| history
src/common/include/protocols.h		patch \| blob \| history
src/server/service/include/service.h		patch \| blob \| history
src/server/service/service.cpp		patch \| blob \| history