CKM FileSystem versioning with file name format update mechanism

 * DKEK format releaseed on kiran
     (key-<uid>-<autoincreased num>)
 * DKEK format on version 0.1.13
     (key-<uid>)
     (key-backup-<uid>)
 * DKEK format on tizen 2.4 which has container feature
   (not merged from knox-tct branch yet,
    so not included about it in this commit)
     (key-<zone name>-<uid>)
     (key-backup-<zone name>-<uid>

Change-Id: I5ce62528d54268cccb7f9705daf0793aec782513
Signed-off-by: kyungwook tak <k.tak@samsung.com>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index f10a0db..73b09dc 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -78,6 +78,12 @@ SET(TARGET_LISTENER "key-manager-listener")
 
 SET(TARGET_TEST_MERGED "ckm-tests-internal")
 
+INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/data/scripts/230.key-manager-migrate-dkek.patch.sh
+    DESTINATION /etc/opt/upgrade
+    PERMISSIONS OWNER_READ
+                OWNER_WRITE
+                OWNER_EXECUTE)
+
 ADD_SUBDIRECTORY(src)
 ADD_SUBDIRECTORY(build)
 ADD_SUBDIRECTORY(systemd)

diff --git a/data/scripts/230.key-manager-migrate-dkek.patch.sh b/data/scripts/230.key-manager-migrate-dkek.patch.sh
new file mode 100755 (executable)
index 0000000..93a9a96
--- /dev/null
+++ b/data/scripts/230.key-manager-migrate-dkek.patch.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+
+CKM_DATA_PATH=/opt/data/ckm
+VERSION_INFO_PATH=${CKM_DATA_PATH}/version-info
+CURRENT_VERSION=1
+
+migrate_from_0_to_1()
+{
+    ARR_UID=()
+    ARR_IDX=()
+
+    # Extract uids from DKEK files
+    for uid in `ls ${CKM_DATA_PATH} | grep "^key-[0-9]*-[0-9]*$" | awk 'BEGIN { FS = "-" }; { print $2 }' | awk '!x[$0]++'`
+    do
+        ARR_UID+=($uid)
+    done
+
+    for (( i = 0; i < ${#ARR_UID[@]}; i++ ))
+    do
+        idx_max=0
+        idx_submax=0
+
+        uid=${ARR_UID[$i]}
+        ARR_IDX=()
+        # Extract autoincremented index per uids
+        for file in `ls ${CKM_DATA_PATH} | grep "^key-${uid}-[0-9]*$"`
+        do
+            idx=`echo $file | awk 'BEGIN { FS = "-" }; { print $3 }'`
+            ARR_IDX+=($idx)
+        done
+
+        # Find max index(for key-<uid>) and submax index(for key-backup-<uid>)
+        for idx in ${ARR_IDX[@]}
+        do
+            if [ $idx -gt $idx_max ]
+            then
+                idx_submax=$idx_max
+                idx_max=$idx
+            fi
+        done
+
+        # Rename file
+        # smack label setting isn't needed.
+        # (Because not remove/add new file, but just rename file)
+        mv "${CKM_DATA_PATH}/key-${uid}-${idx_max}" "${CKM_DATA_PATH}/key-${uid}"
+        if [ -f "${CKM_DATA_PATH}/key-${uid}-${idx_submax}" ]
+        then
+            mv "${CKM_DATA_PATH}/key-${uid}-${idx_submax}" "${CKM_DATA_PATH}/key-backup-${uid}"
+        fi
+
+        # [Optional] Remove other key-<uid>-<numeric> files.
+        for file in `ls ${CKM_DATA_PATH} | grep "^key-${uid}-[0-9]*$"`
+        do
+            rm ${CKM_DATA_PATH}/${file}
+        done
+    done
+}
+
+if [ ! -f ${VERSION_INFO_PATH} ]
+then
+    echo "CKM VERSION_INFO NOT EXIST."
+    echo "$CURRENT_VERSION" > $VERSION_INFO_PATH
+    migrate_from_0_to_1
+fi

diff --git a/packaging/key-manager.manifest b/packaging/key-manager.manifest
index acb3a80..195c0a5 100644 (file)
--- a/packaging/key-manager.manifest
+++ b/packaging/key-manager.manifest
@@ -11,4 +11,7 @@
        <request>
                <domain name="key-manager" />
        </request>
+       <assign>
+               <filesystem path="/etc/opt/upgrade/230.key-manager-migrate-dkek.patch.sh" label="_" exec_label="_"/>
+       </assign>
 </manifest>

diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec
index 0a49d11..e461ff2 100644 (file)
--- a/packaging/key-manager.spec
+++ b/packaging/key-manager.spec
@@ -200,6 +200,7 @@ fi
 %{_datadir}/license/%{name}
 %{_datadir}/ckm/scripts/*.sql
 %attr(444, root, root) %{_datadir}/ckm/scripts/*.sql
+/etc/opt/upgrade/230.key-manager-migrate-dkek.patch.sh
 
 %files -n key-manager-listener
 %manifest key-manager-listener.manifest