[Service] Apply smack label ahead of webapis initialization

On webapis side, it is checking privileges by cynara client with
smack label (/prod/tid/attr/current), but, this smack label is
getting before dropThreadPrivilege().

Thus, it is always 'org.tizen.chromium-efl.wrt-service'.
To make correct this problem, this patch change its time ahead of
dropThreadPrivilege().

By this logic, there is a new smack error while using systeminfo
webapi. Because systeminfo webapi is using their singleton worker
thread to get some device information. This must be created by
same smack label as pid's smack label. Otherwise, the worker's task
will be failed.

Therefore, this moves below logic on main thread.

  tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { });

Later, I will discuss regarding creating this singleton worker by
other better way with webapi members.

Change-Id: I8c3ab62b775e1aaa895aa70b0ec5f438840ad74b
Signed-off-by: DongHyun Song <dh81.song@samsung.com>

diff --git a/wrt_app/service/service_manager.ts b/wrt_app/service/service_manager.ts
index 9f8d3e5..8e0c5bb 100644 (file)
--- a/wrt_app/service/service_manager.ts
+++ b/wrt_app/service/service_manager.ts
@@ -1,5 +1,6 @@
 import { Worker, isMainThread } from 'worker_threads';
 import { wrt } from '../browser/wrt';
+import * as XWalkExtension from '../common/wrt_xwalk_extension';
 
 interface WorkerMap {
   [id: string]: any;
@@ -45,8 +46,19 @@ function terminateWorker(id: string, delay: number) {
   workers[id].postMessage({ type: 'stop', delay });
 }
 
+let initializeExtensionOnMain = () => {
+  initializeExtensionOnMain = () => {};
+  XWalkExtension.initialize();
+  // This is workaround solution to make webapis's singleton worker, which has
+  // same smack label with pid's.
+  // It must be handled ahead of dropThreadPrivilege()
+  // Otherwise, smack violation might hanppen from 'libdbuspolicy'.
+  global.tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { });
+}
+
 export function startService(id: string, filename: string) {
   console.debug(`startService - ${id}`);
+  initializeExtensionOnMain();
   if (global['serviceType'] === 'STANDALONE') {
     let ids = id.split(':');
     let serviceId = ids[0];

diff --git a/wrt_app/service/service_runner.ts b/wrt_app/service/service_runner.ts
index ac17652..b4b3fe1 100644 (file)
--- a/wrt_app/service/service_runner.ts
+++ b/wrt_app/service/service_runner.ts
@@ -67,7 +67,12 @@ let checkLauncherAlive = (id: string) => {
 }
 
 export function start(id: string, filename: string) {
+  let ids = id.split(':');
+  let serviceId = ids[0];
+  let packageId = wrt.getPackageId(serviceId);
   wrt.setServiceAppId(id);
+  wrt.security?.dropThreadPrivilege(packageId, serviceId);
+
   XWalkExtension.initialize();
   XWalkExtension.setRuntimeMessageHandler((type, data) => {
     if (type === 'tizen://exit') {
@@ -78,10 +83,7 @@ export function start(id: string, filename: string) {
 
   console.debug(`serviceType : ${global['serviceType']}`)
   new DeviceAPIRouter(id, isGlobalService());
-
-  // this is workaround solution to make webapis singleton worker
-  // ahead of dropThreadPrivilege()
-  global.tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { });
+  printAppControlData(id);
 
   // This is for awaking up uv loop.
   if (isGlobalService()) {
@@ -97,12 +99,6 @@ export function start(id: string, filename: string) {
   }
 
   try {
-    let ids = id.split(':');
-    let serviceId = ids[0];
-    let packageId = global.webapis.getPackageId();
-    wrt.security?.dropThreadPrivilege(packageId, serviceId);
-    printAppControlData(id);
-
     app = require(filename);
     if (app.onStart !== undefined) {
       app.onStart();