step/step_remove_temporary_directory.cc
step/step_revoke_security.cc
step/step_register_security.cc
+ step/step_rollback_deinstallation_security.cc
+ step/step_rollback_installation_security.cc
step/step_unregister_app.cc
step/step_update_app.cc
step/step_update_security.cc
return Status::OK;
}
-Step::Status StepRegisterSecurity::undo() {
- if (!UnregisterSecurityContextForApps(
- context_->pkgid.get(), context_->manifest_data.get())) {
- return Status::ERROR;
- }
- LOG(DEBUG) << "Security context uninstalled";
- return Status::OK;
-}
-
} // namespace security
} // namespace common_installer
using Step::Step;
Status process() override;
- Status undo() override;
+ Status undo() override { return Status::OK; }
Status clean() override { return Status::OK; }
Status precheck() override;
return Step::Status::OK;
}
-Step::Status StepRevokeSecurity::process() {
+Step::Status StepRevokeSecurity::clean() {
if (!UnregisterSecurityContextForApps(
context_->pkgid.get(), context_->manifest_data.get())) {
LOG(ERROR) << "Failure on unregistering security context for app "
return Status::OK;
}
-Step::Status StepRevokeSecurity::undo() {
- if (!RegisterSecurityContextForApps(
- context_->pkgid.get(), context_->pkg_path.get(),
- context_->manifest_data.get())) {
- LOG(ERROR) << "Failure on re-installing security context for app "
- << context_->pkgid.get();
- return Status::ERROR;
- }
- LOG(DEBUG) << "Security context installed";
- return Status::OK;
-}
-
} // namespace security
} // namespace common_installer
namespace security {
// Step that is used during uninstallation
+// Security rules are revoked on cleanup as until that point we need to keep
+// package files present for rollback
class StepRevokeSecurity : public Step {
public:
using Step::Step;
- Status process() override;
- Status undo() override;
- Status clean() override { return Status::OK; }
+ Status process() override { return Status::OK; }
+ Status undo() override { return Status::OK; }
+ Status clean() override;
Status precheck() override;
SCOPE_LOG_TAG(RevokeSecurity)
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache-2.0 license that can be
+// found in the LICENSE file.
+
+#include "common/step/step_rollback_deinstallation_security.h"
+
+#include <boost/filesystem.hpp>
+
+#include "common/security_registration.h"
+
+namespace common_installer {
+namespace security {
+
+Step::Status StepRollbackDeinstallationSecurity::precheck() {
+ if (context_->pkgid.get().empty()) {
+ LOG(ERROR) << "pkgid attribute is empty";
+ return Step::Status::INVALID_VALUE;
+ }
+ if (!context_->manifest_data.get()) {
+ LOG(ERROR) << "manifest_data attribute is empty";
+ return Step::Status::INVALID_VALUE;
+ }
+
+ return Step::Status::OK;
+}
+
+Step::Status StepRollbackDeinstallationSecurity::undo() {
+ if (!RegisterSecurityContextForApps(
+ context_->pkgid.get(), context_->pkg_path.get(),
+ context_->manifest_data.get())) {
+ LOG(ERROR) << "Failure on re-installing security context for app "
+ << context_->pkgid.get();
+ return Status::ERROR;
+ }
+ LOG(DEBUG) << "Security context installed";
+ return Status::OK;
+}
+
+} // namespace security
+} // namespace common_installer
+
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache-2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef COMMON_STEP_STEP_ROLLBACK_DEINSTALLATION_SECURITY_H_
+#define COMMON_STEP_STEP_ROLLBACK_DEINSTALLATION_SECURITY_H_
+
+#include "common/step/step.h"
+#include "common/utils/logging.h"
+
+namespace common_installer {
+namespace security {
+
+// Step that is used during uninstallation to rollback security changes if
+// deinstallation fails
+class StepRollbackDeinstallationSecurity : public Step {
+ public:
+ using Step::Step;
+
+ Status process() override { return Status::OK; }
+ Status undo() override;
+ Status clean() override { return Status::OK; }
+ Status precheck() override;
+
+ SCOPE_LOG_TAG(RollbackDeinstallationSecurity)
+};
+
+} // namespace security
+} // namespace common_installer
+
+#endif // COMMON_STEP_STEP_ROLLBACK_DEINSTALLATION_SECURITY_H_
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache-2.0 license that can be
+// found in the LICENSE file.
+
+#include "common/step/step_rollback_installation_security.h"
+
+#include <boost/filesystem.hpp>
+
+#include "common/security_registration.h"
+
+namespace common_installer {
+namespace security {
+
+Step::Status StepRollbackInstallationSecurity::precheck() {
+ if (context_->pkgid.get().empty()) {
+ LOG(ERROR) << "pkgid attribute is empty";
+ return Step::Status::INVALID_VALUE;
+ }
+ if (!context_->manifest_data.get()) {
+ LOG(ERROR) << "manifest_data attribute is empty";
+ return Step::Status::INVALID_VALUE;
+ }
+
+ return Step::Status::OK;
+}
+
+Step::Status StepRollbackInstallationSecurity::undo() {
+ if (!UnregisterSecurityContextForApps(
+ context_->pkgid.get(), context_->manifest_data.get())) {
+ return Status::ERROR;
+ }
+ LOG(DEBUG) << "Security context uninstalled";
+ return Status::OK;
+}
+
+} // namespace security
+} // namespace common_installer
--- /dev/null
+// Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache-2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef COMMON_STEP_STEP_ROLLBACK_INSTALLATION_SECURITY_H_
+#define COMMON_STEP_STEP_ROLLBACK_INSTALLATION_SECURITY_H_
+
+#include "common/step/step.h"
+#include "common/utils/logging.h"
+
+namespace common_installer {
+namespace security {
+
+// Step that is used during installation to rollback security changes if
+// installation fails. Those changes cannot be reverted in StepSecurity
+// because its to early. We need to remove package files first.
+class StepRollbackInstallationSecurity : public Step {
+ public:
+ using Step::Step;
+
+ Status process() override { return Status::OK; }
+ Status undo() override;
+ Status clean() override { return Status::OK; }
+ Status precheck() override;
+
+ SCOPE_LOG_TAG(RollbackInstallationSecurity)
+};
+
+} // namespace security
+} // namespace common_installer
+
+#endif // COMMON_STEP_STEP_ROLLBACK_INSTALLATION_SECURITY_H_
#include "common/step/step_revoke_security.h"
#include "common/step/step_remove_temporary_directory.h"
#include "common/step/step_register_security.h"
+#include "common/step/step_rollback_deinstallation_security.h"
+#include "common/step/step_rollback_installation_security.h"
#include "common/step/step_check_signature.h"
#include "common/step/step_unregister_app.h"
#include "common/step/step_unzip.h"
AddStep<ci::filesystem::StepUnzip>();
AddStep<tpk::parse::StepParse>();
AddStep<ci::security::StepCheckSignature>();
+ AddStep<ci::security::StepRollbackInstallationSecurity>();
AddStep<ci::filesystem::StepCopy>();
AddStep<ci::filesystem::StepCreateStorageDirectories>();
AddStep<tpk::filesystem::StepCreateSymbolicLink>();
AddStep<ci::parse::StepParse>();
AddStep<ci::backup::StepBackupManifest>();
AddStep<ci::pkgmgr::StepUnregisterApplication>();
- AddStep<ci::security::StepRevokeSecurity>();
+ AddStep<ci::security::StepRollbackDeinstallationSecurity>();
AddStep<ci::filesystem::StepRemoveFiles>();
AddStep<ci::filesystem::StepRemoveIcons>();
+ AddStep<ci::security::StepRevokeSecurity>();
}
void TpkInstaller::ReinstallSteps() {
#include "common/step/step_remove_temporary_directory.h"
#include "common/step/step_revoke_security.h"
#include "common/step/step_register_security.h"
+#include "common/step/step_rollback_deinstallation_security.h"
+#include "common/step/step_rollback_installation_security.h"
#include "common/step/step_old_manifest.h"
#include "common/step/step_check_signature.h"
#include "common/step/step_unregister_app.h"
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::encrypt::StepEncryptResources>();
AddStep<wgt::filesystem::StepWgtResourceDirectory>();
+ AddStep<ci::security::StepRollbackInstallationSecurity>();
AddStep<ci::filesystem::StepCopy>();
AddStep<wgt::filesystem::StepWgtCreateStorageDirectories>();
AddStep<wgt::filesystem::StepCreateSymbolicLink>();
AddStep<ci::parse::StepParse>();
AddStep<ci::backup::StepBackupManifest>();
AddStep<ci::pkgmgr::StepUnregisterApplication>();
- AddStep<ci::security::StepRevokeSecurity>();
+ AddStep<ci::security::StepRollbackDeinstallationSecurity>();
AddStep<ci::filesystem::StepRemoveFiles>();
AddStep<ci::filesystem::StepRemoveIcons>();
AddStep<wgt::encrypt::StepRemoveEncryptionData>();
+ AddStep<ci::security::StepRevokeSecurity>();
break;
}
case ci::RequestType::Reinstall: {