imaevm
)
+###########################################################
+SET(CONSOLE_SRCS
+ console/im-console.c
+)
+
+SET(CMAKE_INSTALL_RPATH "${PREFIX}/bin")
+
+#INCLUDE_DIRECTORIES(
+# ${CMAKE_SOURCE_DIR}/include
+#)
+
+#INCLUDE_DIRECTORIES(SYSTEM
+# ${im-uigadget_pkgs_INCLUDE_DIRS}
+#)
+
+ADD_EXECUTABLE(${TARGET_IM_CONSOLE} ${CONSOLE_SRCS})
+
+TARGET_LINK_LIBRARIES(${TARGET_IM_CONSOLE}
+# ${im-console_pkgs_LIBRARIES}
+# ${im-console_pkgs_LDFLAGS}
+ ${TARGET_IMA_EVM_CLIENT}
+)
###########################################################
SET(IMA_EVM_SERVER_PATH ${PROJECT_SOURCE_DIR}/src)
###########################################################
-INSTALL(TARGETS
- ${TARGET_IM_UIGADGET}
- DESTINATION
- ${BINDIR}
-)
+INSTALL(TARGETS ${TARGET_IM_UIGADGET} DESTINATION ${BINDIR})
+
+INSTALL(TARGETS ${TARGET_IM_CONSOLE} DESTINATION ${BINDIR})
INSTALL(TARGETS ${TARGET_IMA_EVM_CLIENT} DESTINATION ${LIB_INSTALL_DIR})
--- /dev/null
+/**
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file im-console.c
+ * @author Janusz Kozerski (j.kozerski@samsung.com)
+ * @version 1.0
+ * @brief
+ */
+
+#include <ima-evm-server.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+void inval()
+{
+ printf("Invalid param.\n");
+}
+
+void few_args()
+{
+ printf("Too few arguments\n");
+}
+
+void error(int i)
+{
+ printf("Error occurced %d\n", i);
+}
+
+void print_policy(const char** policy)
+{
+ int i = 0;
+ while (policy[i]) {
+ printf("%s\n", policy[i]);
+ ++i;
+ }
+}
+
+void help ()
+{
+ printf("Usage:\n");
+ printf(" im-console option\n");
+ printf("Options:\n");
+ printf(" -h\t\t\tPrint this message\n");
+ printf(" -s ima|evm state\tSet state IMA or EVM\n");
+ printf(" \t\t\tThe state of IMA can be one of: dis|enf|ign|fix\n");
+ printf(" \t\t\tThe state of EVM can be one of: dis|ena|fix\n");
+ printf(" -g ima|evm\t\tGet state of IMA or EVM\n");
+ printf(" -p\t\t\tGet policy from the kernel\n");
+ printf(" -l file\t\tLoad policy from the file into the kernel\n");
+ printf(" \t\t\tThe signature of the policy should be present in location file.sig\n");
+}
+
+int ima_state_to_server(const char* state)
+{
+ if (strcmp(state, "dis") == 0)
+ return IMA_SERVER_API_STATE_DISABLED;
+ else if (strcmp(state, "enf") == 0)
+ return IMA_SERVER_API_STATE_ENFORCE;
+ else if (strcmp(state, "ign") == 0)
+ return IMA_SERVER_API_STATE_IGNORE;
+ else if (strcmp(state, "fix") == 0)
+ return IMA_SERVER_API_STATE_FIX;
+ else {
+ inval();
+ exit(0);
+ }
+}
+
+int evm_state_to_server(const char* state)
+{
+ if (strcmp(state, "dis") == 0)
+ return EVM_SERVER_API_STATE_DISABLED;
+ else if (strcmp(state, "ena") == 0)
+ return EVM_SERVER_API_STATE_ENABLED;
+ else if (strcmp(state, "fix") == 0)
+ return EVM_SERVER_API_STATE_FIX;
+ else {
+ inval();
+ exit(0);
+ }
+}
+
+const char* ima_state_from_server(int state)
+{
+ switch (state) {
+ case IMA_SERVER_API_STATE_DISABLED: return "DISABLED";
+ case IMA_SERVER_API_STATE_IGNORE: return "IGNORE";
+ case IMA_SERVER_API_STATE_ENFORCE: return "ENFORCE";
+ case IMA_SERVER_API_STATE_FIX: return "FIX";
+ default: return "UNKNOWN";
+ }
+}
+
+const char* evm_state_from_server(int state)
+{
+ switch (state) {
+ case EVM_SERVER_API_STATE_DISABLED: return "DISABLED";
+ case EVM_SERVER_API_STATE_ENABLED: return "ENABLED";
+ case EVM_SERVER_API_STATE_FIX: return "FIX";
+ default: return "UNKNOWN";
+ }
+}
+
+int is_ima_module(const char* arg)
+{
+ if (strcmp("ima", arg) == 0 || strcmp("IMA", arg) == 0)
+ return 1;
+ return 0;
+}
+
+int main (int argc, const char* argv[])
+{
+ int i = 1;
+ int ret;
+ int state;
+ char** policy;
+
+ while (i<argc) {
+ if (argv[i][0] != '-'){
+ inval();
+ return 0;
+ }
+ switch (argv[i][1]) {
+ case 'h': help(); return 0;
+ case 's':
+ ++i;
+ if (i+1>=argc) {
+ few_args();
+ return 0;
+ }
+ if (is_ima_module(argv[i]))
+ ret = ima_evm_server_set_ima_state(ima_state_to_server(argv[i+1]));
+ else
+ ret = ima_evm_server_set_evm_state(evm_state_to_server(argv[i+1]));
+ i++;
+ if (ret == IMA_EVM_SERVER_API_SUCCESS)
+ printf("State changed\n");
+ else
+ error(ret);
+ return 0;
+ case 'g':
+ i++;
+ if (i>=argc) {
+ few_args();
+ return 0;
+ }
+ if (is_ima_module(argv[i])) {
+ ret = ima_evm_server_get_ima_state(&state);
+ if (ret == IMA_EVM_SERVER_API_SUCCESS)
+ printf("%s\n", ima_state_from_server(state));
+ } else {
+ ret = ima_evm_server_get_evm_state(&state);
+ if (ret == IMA_EVM_SERVER_API_SUCCESS)
+ printf("%s\n", evm_state_from_server(state));
+ }
+ if (ret != IMA_EVM_SERVER_API_SUCCESS)
+ error(ret);
+ return 0;
+ case 'p':
+ ret = ima_evm_server_get_policy(&policy);
+ if (ret != IMA_EVM_SERVER_API_SUCCESS) {
+ error(ret);
+ return 0;
+ }
+ print_policy(policy);
+ case 'l': break;
+ default: inval(); return 0;
+ }
+ ++i;
+ }
+out:
+ return 0;
+}
+
projects / platform / core / security / ima-evm-reference-utils.git / commitdiff