Add check if app_label and shared_label are different in app_label_shared_dir

    [Issue#]    SSDWSSP-154
    [Feature]   API function app_label_shared_dir checks if app_label and shared_label are different
    [Cause]   New API feature
    [Verification] Build and tests

Change-Id: I7a923a196a0d93590c96a506caaa6afc0ee07eac

diff --git a/include/privilege-control.h b/include/privilege-control.h
index ebe9daf..a67a2f4 100644 (file)
--- a/include/privilege-control.h
+++ b/include/privilege-control.h
@@ -219,6 +219,7 @@ int app_label_dir(const char* app_label, const char* path);
  * This function should be called once during app installation.
  * Results will be persistent on the file system.
  * It must be called by privileged user.
+ * Labels app_label and shared_label should not be equal.
  *
  * @param app_label label name, used as subject for SMACK rule
  * @param shared_label, used as object for SMACK rule

diff --git a/src/privilege-control.c b/src/privilege-control.c
index 4a1afd9..e35639e 100644 (file)
--- a/src/privilege-control.c
+++ b/src/privilege-control.c
@@ -1285,6 +1285,12 @@ API int app_label_shared_dir(const char* app_label, const char* shared_label, co
        struct smack_accesses *smack = NULL;
 
 
+       if (strcmp(app_label, shared_label) == 0) {
+               C_LOGE("app_label equals shared_label");
+               ret = PC_ERR_INVALID_PARAM;
+               goto out;
+       }
+
        //setting label on everything in given directory and below
        ret = dir_set_smack_r(path, shared_label, SMACK_LABEL_ACCESS, ~0);
        if(ret != PC_OPERATION_SUCCESS){