# Set required packages
INCLUDE(FindPkgConfig)
-SET(pkgs_requires "dlog glib-2.0 gio-2.0 bundle vconf libsmack security-manager pkgmgr-info")
+SET(pkgs_requires "dlog glib-2.0 gio-2.0 bundle vconf security-manager")
IF(_APPFW_FEATURE_SOCKET_ACTIVATION)
SET(pkgs_requires "${pkgs_requires} libsystemd-daemon")
ADD_DEFINITIONS("-D_APPFW_FEATURE_SOCKET_ACTIVATION")
# debug_launchpad_preloading_preinitializing_daemon
SET(DEBUG_LAUNCHPAD "debug_launchpad_preloading_preinitializing_daemon")
add_executable(${DEBUG_LAUNCHPAD}
- src/file_util.c
src/debug_util.c
- src/security_util.c
src/signal_util.c
src/common.c
src/debug-launchpad.c
+++ /dev/null
-/*
- * Copyright (c) 2015 - 2016 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __FILE_UTIL_H__
-#define __FILE_UTIL_H__
-
-#include <sys/stat.h>
-
-int dlp_chmod(const char *path, mode_t mode, int recursive);
-
-#endif /* __FILE_UTIL_H__ */
-
+++ /dev/null
-/*
- * Copyright (c) 2015 - 2016 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __SECURITY_UTIL_H__
-#define __SECURITY_UTIL_H__
-
-int _set_smack_access_label(const char *path, const char *label);
-int _apply_smack_rules(const char *subject, const char *object,
- const char *access_type);
-int _set_access(const char *appid);
-
-#endif /* __SECURITY_UTIL_H__ */
-
BuildRequires: pkgconfig(bundle)
BuildRequires: pkgconfig(dlog)
BuildRequires: pkgconfig(vconf)
-BuildRequires: pkgconfig(libsmack)
-BuildRequires: pkgconfig(pkgmgr-info)
BuildRequires: pkgconfig(security-manager)
%if "%{?profile}" == "wearable"
#include <dlog.h>
#include <bundle.h>
#include <bundle_internal.h>
+#include <security-manager.h>
#include "common.h"
#include "signal_util.h"
-#include "security_util.h"
-#include "file_util.h"
#include "debug_util.h"
#include "perf.h"
#include "defs.h"
/* SET PRIVILEGES */
_D("appid: %s / pkg_type: %s / app_path: %s",
appid, appinfo->pkg_type, app_path);
- ret = _set_access(appid);
- if (ret != 0) {
+ ret = security_manager_prepare_app(appid);
+ if (ret != SECURITY_MANAGER_SUCCESS) {
_E("Failed to set privileges "
"- check your package's credential: %d", ret);
return -1;
return 0;
}
-static int __get_caller_pid(bundle *kb)
-{
- const char *str;
- int pid;
-
- str = bundle_get_val(kb, AUL_K_ORG_CALLER_PID);
- if (str)
- goto end;
-
- str = bundle_get_val(kb, AUL_K_CALLER_PID);
- if (str == NULL)
- return -1;
-
-end:
- pid = atoi(str);
- if (pid <= 1)
- return -1;
-
- return pid;
-}
-
-static int __redirect_stdfds(int caller_pid)
-{
- char buf[PATH_MAX];
- int fd;
- int ret = 0;
-
- /* stdout */
- snprintf(buf, sizeof(buf), "/proc/%d/fd/1", caller_pid);
- fd = open(buf, O_WRONLY);
- if (fd < 0) {
- _E("Failed to open caller(%d) stdout", caller_pid);
- ret = 1;
- } else {
- dup2(fd, 1);
- close(fd);
- }
-
- /* stderr */
- snprintf(buf, sizeof(buf), "/proc/%d/fd/2", caller_pid);
- fd = open(buf, O_WRONLY);
- if (fd < 0) {
- _E("Failed to open caller(%d) stderr", caller_pid);
- ret += 2;
- } else {
- dup2(fd, 2);
- close(fd);
- }
-
- return ret;
-}
-
static int __normal_fork_exec(int argc, char **argv)
{
_D("start real fork and exec\n");
SOCKET_PATH, getuid(), getpid());
unlink(sock_path);
- if (__redirect_stdfds(__get_caller_pid(kb)))
- _E("Failed to redirect caller fds");
-
PERF("prepare exec - fisrt done");
_D("lock up test log(no error): prepare exec - first done");
#include <stdio.h>
#include <string.h>
#include <stdbool.h>
-#include <pkgmgr-info.h>
#include <bundle.h>
#include <bundle_internal.h>
#include "defs.h"
#include "common.h"
-#include "file_util.h"
-#include "security_util.h"
#include "debug_util.h"
-#define LABEL_SDBD "sdbd"
-#define LABEL_NETWORK "system::debugging_network"
-
#define POLL_VALGRIND_LOGFILE 0x00000001
#define POLL_VALGRIND_XMLFILE 0x00000002
#define POLL_VALGRIND_MASSIFFILE 0x00000004
return valgrind_option;
}
-static int __check_pkginfo(const char *appid)
-{
- int r;
- bool preload = false;
- char *storeclientid = NULL;
- pkgmgrinfo_pkginfo_h handle;
-
- r = pkgmgrinfo_pkginfo_get_usr_pkginfo(appid, getuid(), &handle);
- if (r != PMINFO_R_OK) {
- _E("Failed to get pkginfo: %s", appid);
- return -1;
- }
-
- r = pkgmgrinfo_pkginfo_is_preload(handle, &preload);
- if (r != PMINFO_R_OK) {
- _E("Faield to check preload: %s", appid);
- pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
- return -1;
- }
-
- r = pkgmgrinfo_pkginfo_get_storeclientid(handle, &storeclientid);
- if (r != PMINFO_R_OK) {
- _E("Failed to get store client id: %s", appid);
- pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
- return -1;
- }
-
- if (preload == true || (storeclientid && storeclientid[0] != '\0')) {
- _E("Debugging is not allowed");
- pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
- return -1;
- }
-
- r = pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
- if (r != PMINFO_R_OK) {
- _E("Failed to destroy pkginfo: %s", appid);
- pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
- }
-
- return 0;
-}
-
static int __prepare_gdbserver(bundle *kb, const char *appid)
{
- int r;
const char *path;
- r = __check_pkginfo(appid);
- if (r < 0)
- return -1;
-
path = bundle_get_val(kb, DLP_K_GDBSERVER_PATH);
if (path == NULL)
return -1;
- r = dlp_chmod(path, S_IRUSR | S_IWUSR
- | S_IXUSR | S_IRGRP | S_IXGRP
- | S_IROTH | S_IXOTH, 1);
- if (r != 0)
- _W("Failed to set 755: %s", path);
-
gdbserver = true;
return 0;
return 0;
}
-/* chmod and chsmack to read file without root privilege */
-void _change_file(const char *path)
-{
- int r;
-
- r = dlp_chmod(path, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH, 0);
- if (r)
- _E("Failed to set 644: %s", path);
-
- r = _set_smack_access_label(path, "*");
- if (r)
- _E("Failed to set smack label %s *", path);
-}
-
void _wait_for_valgrind_output(void)
{
int wait_count = 1;
do {
if (valgrind_option & POLL_VALGRIND_LOGFILE) {
- if (access(PATH_VALGRIND_LOGFILE, F_OK) == 0) {
- _change_file(PATH_VALGRIND_LOGFILE);
+ if (access(PATH_VALGRIND_LOGFILE, F_OK) == 0)
valgrind_option &= ~POLL_VALGRIND_LOGFILE;
- }
}
if (valgrind_option & POLL_VALGRIND_XMLFILE) {
- if (access(PATH_VALGRIND_XMLFILE, F_OK) == 0) {
- _change_file(PATH_VALGRIND_XMLFILE);
+ if (access(PATH_VALGRIND_XMLFILE, F_OK) == 0)
valgrind_option &= ~POLL_VALGRIND_XMLFILE;
- }
}
if (valgrind_option & POLL_VALGRIND_MASSIFFILE) {
- if (access(PATH_VALGRIND_MASSIFFILE, F_OK) == 0) {
- _change_file(PATH_VALGRIND_MASSIFFILE);
+ if (access(PATH_VALGRIND_MASSIFFILE, F_OK) == 0)
valgrind_option &= ~POLL_VALGRIND_MASSIFFILE;
- }
}
usleep(50 * 1000); /* 50ms */
+++ /dev/null
-/*
- * Copyright (c) 2015 - 2016 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/stat.h>
-#include <limits.h>
-#include <fcntl.h>
-
-#include "file_util.h"
-
-static int recurse(const char *path, mode_t mode,
- int (*fn)(const char *, mode_t, int))
-{
- struct stat st;
- char dir[PATH_MAX];
- int n;
-
- if (path == NULL)
- return -1;
-
- if (lstat(path, &st) == -1)
- return -1;
-
- if (strrchr(path, '/') != NULL) {
- n = strlen(path) - strlen(strrchr(path, '/'));
- if (n >= PATH_MAX)
- return -1;
-
- strncpy(dir, path, n);
- dir[n] = '\0';
- fn(dir, mode, 1);
- return 0;
- }
-
- return -1;
-}
-
-int dlp_chmod(const char *path, mode_t mode, int recursive)
-{
- int fd;
- struct stat lstat_info;
- struct stat fstat_info;
-#ifdef HAVE_WIN32_PROC
- fprintf(stderr, "error: dlp_chmod not implemented on Win32 (%s)\n",
- path);
- return -1;
-#else
-
- if (lstat(path, &lstat_info) == -1)
- return -1;
-
- fd = open(path, O_WRONLY, S_IRWXU);
- if (fd == -1)
- return -1;
-
- if (fstat(fd, &fstat_info) == -1) {
- close(fd);
- return -1;
- }
-
- /* this complex check is required because of 'chmod' security issue. */
- /* otherwise hacker can change other file's permission by using race condition and symbolic link. */
- if (lstat_info.st_mode == fstat_info.st_mode
- && lstat_info.st_ino == fstat_info.st_ino
- && lstat_info.st_dev == fstat_info.st_dev) {
- if (fchmod(fd, mode) == -1) {
- close(fd);
- return -1;
- }
- }
-
- close(fd);
-
- if (recursive)
- return recurse(path, mode, dlp_chmod);
-
- return 0;
-#endif
-}
-
+++ /dev/null
-/*
- * Copyright (c) 2015 - 2016 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/smack.h>
-#include <security-manager.h>
-
-#include "common.h"
-#include "security_util.h"
-
-int _set_smack_access_label(const char *path, const char *label)
-{
- return smack_setlabel(path, label, SMACK_LABEL_ACCESS);
-}
-
-int _apply_smack_rules(const char *subject, const char *object,
- const char *access_type)
-{
- int r;
- struct smack_accesses *rules = NULL;
-
- _D("%s %s %s", subject, object, access_type);
-
- r = smack_accesses_new(&rules);
- if (r != 0) {
- _E("smack_accesses_new() is failed.");
- return -1;
- }
-
- r = smack_accesses_add(rules, subject, object, access_type);
- if (r != 0) {
- _E("smack_accesses_add() is failed.");
- smack_accesses_free(rules);
- return -1;
- }
-
- r = smack_accesses_apply(rules);
- if (r != 0) {
- _E("smack_accesses_apply() is failed.");
- smack_accesses_free(rules);
- return -1;
- }
-
- smack_accesses_free(rules);
-
- return 0;
-}
-
-int _set_access(const char *appid)
-{
- return security_manager_prepare_app(appid);
-}
-
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
-#include <sys/smack.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/signalfd.h>
#include "defs.h"
#include "common.h"
-#include "file_util.h"
#include "debug_util.h"
#include "signal_util.h"
static int __sigchild_action(pid_t dead_pid)
{
- char buf[MAX_LOCAL_BUFSZ];
-
if (dead_pid <= 0)
return -1;
if (dead_pid == _get_gdbserver_pid())
dead_pid = _get_gdbserver_app_pid();
- /* valgrind xml file */
- if (access(PATH_VALGRIND_XMLFILE, F_OK) == 0)
- _change_file(PATH_VALGRIND_XMLFILE);
-
_send_app_dead_signal(dead_pid);
_delete_sock_path(dead_pid, getuid());
projects / platform / core / appfw / debug-launchpad.git / commitdiff