namespace Cynara {
- bool smack_enabled() {
+bool smack_enabled() noexcept {
#ifdef CYNARA_PERMISSIVE_MODE
- return false;
+ return false;
#else
- return true;
+ return true;
#endif
- }
+}
} // namespace Cynara
namespace Cynara {
- bool smack_enabled();
+[[nodiscard]] bool smack_enabled() noexcept;
+
+inline constexpr char NO_SMACK_LABEL[] = "User::Pkg::default_app_no_Smack_mode";
} // namespace Cynara
SET(LIB_CREDS_COMMONS_PATH ${CYNARA_PATH}/helpers/creds-commons)
SET(LIB_CREDS_COMMONS_SOURCES
+ ${LIB_CREDS_COMMONS_PATH}/copyStr.cpp
${LIB_CREDS_COMMONS_PATH}/creds-commons.cpp
${LIB_CREDS_COMMONS_PATH}/CredsCommonsInner.cpp
)
--- /dev/null
+/*\r
+ * Copyright (c) 2025 Samsung Electronics Co., Ltd All Rights Reserved\r
+ *\r
+ * This file is licensed under the terms of MIT License or the Apache License\r
+ * Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.\r
+ * See the LICENSE file or the notice below for Apache License Version 2.0\r
+ * details.\r
+ *\r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License\r
+ */\r
+/**\r
+ * @file src/helpers/creds-commons/copyStr.cpp\r
+ * @version 1.0\r
+ * @brief Definition of copyStr()\r
+ */\r
+\r
+#include <cstring>\r
+#include <cynara-error.h>\r
+#include <log/log.h>\r
+#include <string_view>\r
+\r
+// Without this attribute, the symbol gets stripped by f****** RPM and is missing after installation\r
+// even though the built shared library contains it.\r
+__attribute__((visibility("default"))) int\r
+copyStr(char** client, const std::string_view& str) noexcept {\r
+ char *clientTmp = strndup(str.data(), str.size());\r
+ if (!clientTmp) {\r
+ LOGE("strndup failed");\r
+ return CYNARA_API_OUT_OF_MEMORY;\r
+ }\r
+ *client = clientTmp;\r
+ return CYNARA_API_SUCCESS;\r
+}\r
--- /dev/null
+/*\r
+ * Copyright (c) 2025 Samsung Electronics Co., Ltd All Rights Reserved\r
+ *\r
+ * This file is licensed under the terms of MIT License or the Apache License\r
+ * Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.\r
+ * See the LICENSE file or the notice below for Apache License Version 2.0\r
+ * details.\r
+ *\r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License\r
+ */\r
+/**\r
+ * @file src/helpers/creds-commons/copyStr.h\r
+ * @version 1.0\r
+ * @brief Declaration of copyStr()\r
+ */\r
+\r
+#pragma once\r
+\r
+#include <string_view>\r
+\r
+int copyStr(char** client, const std::string_view& str) noexcept;\r
dbus_message_unref(reply);
if (!Cynara::smack_enabled()) {
- LOGW("Using default Smack label User::Pkg::default_app_no_Smack_mode, no-smack mode in Cynara");
+ LOGW("Using default Smack label " << Cynara::NO_SMACK_LABEL
+ << ", no-smack mode in Cynara");
if (m_securityLabel)
free(m_securityLabel);
m_isSecuritySet = false;
- m_securityLabel = strdup("User::Pkg::default_app_no_Smack_mode");
+ m_securityLabel = strdup(Cynara::NO_SMACK_LABEL);
if (m_securityLabel == nullptr)
return CYNARA_API_OUT_OF_MEMORY;
m_isSecuritySet = true;
g_variant_unref(reply);
if (!Cynara::smack_enabled()) {
- LOGW("Using default Smack label User::Pkg::default_app_no_Smack_mode, no-smack mode in Cynara");
+ LOGW("Using default Smack label " << Cynara::NO_SMACK_LABEL
+ << ", no-smack mode in Cynara");
if (m_securityLabel)
free(m_securityLabel);
m_isSecuritySet = false;
- m_securityLabel = g_strdup("User::Pkg::default_app_no_Smack_mode");
+ m_securityLabel = g_strdup(Cynara::NO_SMACK_LABEL);
if (m_securityLabel == nullptr)
return CYNARA_API_OUT_OF_MEMORY;
m_isSecuritySet = true;
#include <no_smack/no_smack.h>
+#include <copyStr.h>
+
#include "creds-pid-inner.h"
namespace {
-int dupStr(const char *src, char **dest) {
- char *destTmp = ::strdup(src);
- if (!destTmp) {
- LOGE("strdup failed");
- return CYNARA_API_OUT_OF_MEMORY;
- }
- *dest = destTmp;
- return CYNARA_API_SUCCESS;
-}
-
int getStat(pid_t pid, struct stat *buf) {
std::string path = "/proc/" + std::to_string(pid) + "/";
int getCurrentSecurity(pid_t pid, char**client) {
if (!Cynara::smack_enabled()) {
- LOGW("Using default Smack label User::Pkg::default_app_no_Smack_mode, no-smack mode in Cynara");
- return dupStr("User::Pkg::default_app_no_Smack_mode", client);
+ LOGW("Using default Smack label " << Cynara::NO_SMACK_LABEL << ", no-smack mode in Cynara");
+ return copyStr(client, Cynara::NO_SMACK_LABEL);
}
std::string path = "/proc/" + std::to_string(pid) + "/attr/current";
return CYNARA_API_UNKNOWN_ERROR;
}
- return dupStr(label.c_str(), client);
+ return copyStr(client, label.c_str());
}
int getPidStr(pid_t pid, char **client) {
- return dupStr(std::to_string(pid).c_str(), client);
+ return copyStr(client, std::to_string(pid).c_str());
}
}
return ret;
}
- return dupStr(std::to_string(buf.st_uid).c_str(), user);
+ return copyStr(user, std::to_string(buf.st_uid).c_str());
}
int getGroupId(pid_t pid, char **user) {
LOGE("Failed to fetch process: " << pid << " status");
}
- return dupStr(std::to_string(buf.st_gid).c_str(), user);
+ return copyStr(user, std::to_string(buf.st_gid).c_str());
}
}
int getClientSmackLabel(sd_bus *bus, const char *name, char **client) {
return Cynara::tryCatch([&bus, &name, &client]() {
if (!Cynara::smack_enabled()) {
- LOGW("Using default Smack label User::Pkg::default_app_no_Smack_mode, no-smack mode in Cynara");
- return copyStr(client, "User::Pkg::default_app_no_Smack_mode");
+ LOGW("Using default Smack label" << Cynara::NO_SMACK_LABEL
+ << ", no-smack mode in Cynara");
+ return copyStr(client, Cynara::NO_SMACK_LABEL);
}
sd_bus_creds *creds;
SET(LIB_CREDS_SELF_VERSION ${LIB_CREDS_SELF_VERSION_MAJOR}.20.0)
SET(LIB_CREDS_SELF_PATH ${CYNARA_PATH}/helpers/creds-self)
+SET(LIB_CREDS_COMMONS_PATH ${CYNARA_PATH}/helpers/creds-commons)
SET(LIB_CREDS_SELF_SOURCES
${LIB_CREDS_SELF_PATH}/creds-self.cpp
INCLUDE_DIRECTORIES(
${CYNARA_PATH}/include
${LIB_CREDS_SELF_PATH}
+ ${LIB_CREDS_COMMONS_PATH}
)
ADD_LIBRARY(${TARGET_LIB_CREDS_SELF} SHARED ${LIB_CREDS_SELF_SOURCES})
#include <cstring>
#include <fstream>
-#include <string>
+#include <string_view>
#include <sys/types.h>
#include <unistd.h>
#include <no_smack/no_smack.h>
#include <exceptions/TryCatch.h>
#include <log/log.h>
+#include <copyStr.h>
#include <cynara-creds-self.h>
namespace {
- int copyStr(char **client, const std::string &str) {
- char *clientTmp = strdup(str.c_str());
- if (!clientTmp) {
- LOGE("strdup failed");
- return CYNARA_API_OUT_OF_MEMORY;
- }
- *client = clientTmp;
- return CYNARA_API_SUCCESS;
- }
-
int getSelfSmackLabel(char **client) {
return Cynara::tryCatch([&client](){
if (!Cynara::smack_enabled()) {
- LOGW("Using default Smack label User::Pkg::default_app_no_Smack_mode, no-smack mode in Cynara");
- *client = strdup("User::Pkg::default_app_no_Smack_mode");
- if (!(*client)) {
- LOGE("strdup failed");
- return CYNARA_API_OUT_OF_MEMORY;
- }
- return CYNARA_API_SUCCESS;
+ LOGW("Using default Smack label "<< Cynara::NO_SMACK_LABEL
+ << ", no-smack mode in Cynara");
+ return copyStr(client, Cynara::NO_SMACK_LABEL);
}
std::ifstream current("/proc/self/attr/current");
return CYNARA_API_METHOD_NOT_SUPPORTED;
}
}
-
SET(LIB_CREDS_SOCKET_VERSION ${LIB_CREDS_SOCKET_VERSION_MAJOR}.20.0)
SET(LIB_CREDS_SOCKET_PATH ${CYNARA_PATH}/helpers/creds-socket)
+SET(LIB_CREDS_COMMONS_PATH ${CYNARA_PATH}/helpers/creds-commons)
SET(LIB_CREDS_SOCKET_SOURCES
${LIB_CREDS_SOCKET_PATH}/creds-socket.cpp
INCLUDE_DIRECTORIES(
${CYNARA_PATH}/include
${LIB_CREDS_SOCKET_PATH}
+ ${LIB_CREDS_COMMONS_PATH}
)
ADD_LIBRARY(${TARGET_LIB_CREDS_SOCKET} SHARED ${LIB_CREDS_SOCKET_SOURCES})
#include <cerrno>
#include <cstring>
-#include <string>
+#include <cstdlib>
#include <sys/socket.h>
#include <sys/types.h>
#include <cynara-error.h>
+#include <copyStr.h>
+
#include "creds-socket-inner.h"
int getClientSmackLabel(int socketFd, char **client) {
if (!Cynara::smack_enabled()) {
- LOGW("Using default Smack label User::Pkg::default_app_no_Smack_mode, no-smack mode in Cynara");
- *client = strdup("User::Pkg::default_app_no_Smack_mode");
- if (!(*client)) {
- LOGE("strdup failed");
- return CYNARA_API_OUT_OF_MEMORY;
- }
- return CYNARA_API_SUCCESS;
+ LOGW("Using default Smack label " << Cynara::NO_SMACK_LABEL << ", no-smack mode in Cynara");
+ return copyStr(client, Cynara::NO_SMACK_LABEL);
}
char dummy;
int ret;
projects / platform / core / security / cynara.git / commitdiff