char *privilege_list_str = NULL;
ret = __make_privilege_list_str(privilege_list, &privilege_list_str);
- _LOGD("check black list with uid = %d, package_type = %d, privilege_list = %s", uid, package_type, privilege_list_str);
char *sql = sqlite3_mprintf("select distinct privilege_name from prevent_list where privilege_name in(%s)and uid=%d and package_type=%d", privilege_list_str, uid, package_type);
sqlite3_free(privilege_list_str);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
- _LOGD("privacy display = %s", (char*) sqlite3_column_text(stmt, 0));
*privacy_display = strdup((char*)sqlite3_column_text(stmt, 0));
TryReturn(*privacy_display != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY, "[PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY] privilege_name's strdup is failed.");
__finalize_db(db, stmt, sql);
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
- _LOGD("privilege_display = %s", (char *)sqlite3_column_text(stmt, 0));
-
*privilege_display = strdup((char *)sqlite3_column_text(stmt, 0));
TryReturn(*privilege_display != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY, "[PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY] privilege_name's strdup is failed.");
__finalize_db(db, stmt, sql);
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
- _LOGD("privilege_description = %s", (char *)sqlite3_column_text(stmt, 0));
-
*privilege_description = strdup((char *)sqlite3_column_text(stmt, 0));
TryReturn(*privilege_description != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY, "[PRIVILEGE_DB_MANAGER_ERR_OUT_OF_MEMORY] privilege_name's strdup is failed.");
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
*privilege_group_id = (int)sqlite3_column_int(stmt, 0);
- _LOGD("privilege_group_id = %d", *privilege_group_id);
__finalize_db(db, stmt, sql);
return PRIVILEGE_DB_MANAGER_ERR_NONE;
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
- _LOGD("privilege: %s, is-privacy : %d, is-internal : %d", (char*)sqlite3_column_text(stmt, 0), sqlite3_column_int(stmt, 1), sqlite3_column_int(stmt, 2));
switch (type) {
case 'v':
res = 1;
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
- _LOGD("%s is disabled for uid: %d", privilege, uid);
ret = 1;
} else {
- _LOGD("%s is not disabled for uid: %d. ret = %s", privilege, uid, sqlite3_errmsg(db));
ret = 0;
}
__finalize_db(db, stmt, sql);
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
int tmp = (int)sqlite3_column_int(stmt, 0);
- _LOGD("privacy_id = %d", tmp);
*privacy_id = tmp;
ret = PRIVILEGE_DB_MANAGER_ERR_NONE;
} else {
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
int tmp = (int)sqlite3_column_int(stmt, 0);
- _LOGD("privacy_id = %d", tmp);
*privacy_id = tmp;
ret = PRIVILEGE_DB_MANAGER_ERR_NONE;
} else {
int ret = __initialize_db(PRIVILEGE_DB_TYPE_POLICY_RO, &db, package_type);
if (ret != PRIVILEGE_DB_MANAGER_ERR_NONE)
return ret;
- _LOGD("Get privilege_name from %s where uid = %d, package_type = %d", __get_policy_table(policy_type), uid, package_type);
char* sql = NULL;
if (policy_type == PRVMGR_POLICY_TYPE_DISABLE)
sql = sqlite3_mprintf("select privilege_name from %Q where (uid=%d or uid=%d)", __get_policy_table(policy_type), uid, GLOBAL_USER);
ret = sqlite3_step(stmt);
if (ret == SQLITE_ROW) {
char *privilege_name = strdup((char *)sqlite3_column_text(stmt, 0));
- _LOGE("privilege name: %s", privilege_name);
temp_privilege_list = g_list_append(temp_privilege_list, privilege_name);
} else if (ret != SQLITE_DONE) {
_LOGE("ret = %d", ret);
GList *l = NULL;
for (l = privilege_list; l != NULL; l = l->next) {
char *privilege_name = (char *)l->data;
- _LOGD("insert into %s uid = %d, package_type = %d, privilege_name = %s", __get_policy_table(policy_type), uid, package_type, privilege_name);
char* sql = NULL;
if (policy_type == PRVMGR_POLICY_TYPE_DISABLE)
sql = sqlite3_mprintf("insert or ignore into %Q (uid, privilege_name) values (%d, %Q)", __get_policy_table(policy_type), uid, privilege_name);
GList *l = NULL;
for (l = privilege_list; l != NULL; l = l->next) {
char *privilege_name = (char *)l->data;
- _LOGD("delete from %s where uid = %d, package_type = %d, privilege_name = %s", __get_policy_table(policy_type), uid, package_type, privilege_name);
char* sql = NULL;
if (policy_type == PRVMGR_POLICY_TYPE_DISABLE)
sql = sqlite3_mprintf("delete from %Q where uid=%d and privilege_name=%Q", __get_policy_table(policy_type), uid, privilege_name);
ret = privilege_db_manager_get_privacy_by_privilege(privilege_name, &privacy_name);
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE && privacy_name != NULL && strstr(privacy_name, "N/A") == NULL) {
sql = sqlite3_mprintf("insert or replace into privacy_package (uid, pkg_id, privacy_name, privilege_name, api_version, is_privacy_requestable, is_critical) values (%d, %Q, %Q, %Q, %Q, %d, 1)", uid, pkgid, privacy_name, privilege_name, api_version, is_privacy_requestable);
- _LOGD("sql: %s", sql);
TryReturn(sql != NULL, sqlite3_exec(db, "ROLLBACK TRANSACTION", NULL, NULL, NULL); g_list_free_full(mapped_privilege_list, free); free(privacy_name); __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
TryReturn(ret == SQLITE_OK, sqlite3_exec(db, "ROLLBACK TRANSACTION", NULL, NULL, NULL); g_list_free_full(mapped_privilege_list, free); free(privacy_name); __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] fail to prepare database: %s", sqlite3_errmsg(db));
ret = privilege_db_manager_get_privacy_by_privilege(privilege_name, &privacy_name);
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE && privacy_name != NULL && strstr(privacy_name, "N/A") == NULL) {
sql = sqlite3_mprintf("insert or ignore into privacy_package (uid, pkg_id, privacy_name, privilege_name, api_version, is_privacy_requestable, is_critical) values (%d, %Q, %Q, %Q, %Q, %d, 0)", uid, pkgid, privacy_name, privilege_name, api_version, is_privacy_requestable);
- _LOGD("sql: %s", sql);
TryReturn(sql != NULL, sqlite3_exec(db, "ROLLBACK TRANSACTION", NULL, NULL, NULL); g_list_free_full(mapped_privilege_list, free); free(privacy_name); __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
TryReturn(ret == SQLITE_OK, sqlite3_exec(db, "ROLLBACK TRANSACTION", NULL, NULL, NULL); g_list_free_full(mapped_privilege_list, free); free(privacy_name); __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] fail to prepare database: %s", sqlite3_errmsg(db));
char* sql = sqlite3_mprintf("select is_privacy_requestable from privacy_package where (uid=%d or uid=%d) and pkg_id=%Q", uid, GLOBAL_USER, pkgid);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
- _LOGD("sql: %s", sql);
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
TryReturn(ret == SQLITE_OK, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] fail to prepare database: %s", sqlite3_errmsg(db));
char* sql = sqlite3_mprintf("select is_critical from privacy_package where (uid=%d or uid=%d) and pkg_id=%Q and privilege_name=%Q", uid, GLOBAL_USER, pkgid, privilege);
TryReturn(sql != NULL, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] sqlite3_mprintf failed");
- _LOGD("sql: %s", sql);
ret = sqlite3_prepare_v2(db, sql, strlen(sql), &stmt, NULL);
TryReturn(ret == SQLITE_OK, __finalize_db(db, stmt, sql), PRIVILEGE_DB_MANAGER_ERR_INVALID_QUERY, "[DB_FAIL] fail to prepare database: %s", sqlite3_errmsg(db));
int privilege_info_privilege_list_by_pkgid_callback(const char *privilege_name, void *user_data)
{
- LOGD("privilege name = %s", privilege_name);
int ret = privilege_info_is_internal(privilege_name);
if (ret == 1)
return PRVMGR_ERR_NONE;
/* core */
ret = privilege_db_manager_get_privilege_group_id(PRVMGR_PACKAGE_TYPE_CORE, privilege_name, "9.9", &group_id);
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE) {
- LOGD("group_id = %d", group_id);
groupTable[group_id] = 1;
return PRVMGR_ERR_NONE;
/* wrt */
ret = privilege_db_manager_get_privilege_group_id(PRVMGR_PACKAGE_TYPE_WRT, privilege_name, "9.9", &group_id);
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE) {
- LOGD("group_id = %d", group_id);
groupTable[group_id] = 1;
return PRVMGR_ERR_NONE;
int privilege_info_foreach_privilege_group_list_by_pkgid(const char *package_id, privilege_info_privilege_groups_cb callback, void *user_data)
{
- LOGD("package id = %s", package_id);
-
int groupTable[MAX_PRV_GROUP] = { 0, };
int i = 0;
int res = PRVMGR_ERR_NONE;
for (i = 0; i < MAX_PRV_GROUP; i++) {
if (groupTable[i] == 1) {
res = callback(privilege_group_info_table[i].privilege_group, user_data);
- LOGD("group = %s", privilege_group_info_table[i].privilege_group);
-
TryReturn(res >= 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] return value of callback function is negative.");
}
}
int privilege_info_privilege_list_callback(const char *privilege_name, void *user_data)
{
- LOGD("privilege_name = %s", privilege_name);
-
int res = PRVMGR_ERR_NONE;
privilege_list_cb_data data = *((privilege_list_cb_data *)(user_data));
int group_id = 6;
int ret = privilege_db_manager_get_privilege_group_id(PRVMGR_PACKAGE_TYPE_CORE, privilege_name, "9.9", &group_id);
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE) {
if (group_id == data.privilege_group) {
- LOGD("data.privilege_group = %d", data.privilege_group);
res = data.callback(privilege_name, data.user_data);
TryReturn(res >= 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] return value of callback function is negative.");
ret = privilege_db_manager_get_privilege_group_id(PRVMGR_PACKAGE_TYPE_WRT, privilege_name, "9.9", &group_id);
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE) {
if (group_id == data.privilege_group) {
- LOGD("data.privilege_group = %d", data.privilege_group);
res = data.callback(privilege_name, data.user_data);
TryReturn(res >= 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] return value of callback function is negative.");
else if (ret != 0)
return PRVMGR_ERR_INTERNAL_ERROR;
if (data.privilege_group == EXTRA_GROUP) {
- LOGD("data.privilege_group = %d", data.privilege_group);
res = data.callback(privilege_name, data.user_data);
TryReturn(res >= 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] return value of callback function is negative.");
}
int privilege_info_foreach_privilege_list_by_pkgid_and_privilege_group(const char *package_id, const char *privilege_group, privilege_info_privileges_cb callback, void *user_data)
{
- LOGD("package_id = %s, privilege_group = %s", package_id, privilege_group);
-
int i = 0;
int res = PRVMGR_ERR_NONE;
privilege_list_cb_data data;
int privilege_info_get_group_name_string_id(const char *privilege_group, char **group_string_id)
{
- LOGD("privilege_group = %s", privilege_group);
-
int index = 0;
TryReturn(privilege_group != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] privilege is NULL");
int privilege_info_get_privilege_group_display_name(const char *privilege_group, char **name)
{
- LOGD("privilege_group = %s", privilege_group);
-
int ret = 0;
char *name_string_id = NULL;
/* Check Native */
int ret = privilege_db_manager_get_privilege_display(PRVMGR_PACKAGE_TYPE_CORE, privilege, NULL, &temp);
- LOGD("privilege = %s, string id = %s", privilege, temp);
-
if (ret == PRIVILEGE_DB_MANAGER_ERR_NONE) {
if (temp == NULL) {
*name_string_id = NULL;
*name_string_id = (char *)calloc(strlen(temp) + 1, sizeof(char));
TryReturn(*name_string_id != NULL, free(temp), PRVMGR_ERR_OUT_OF_MEMORY, "[PRVMGR_ERR_OUT_OF_MEMORY] Memory allocation is failed.");
memcpy(*name_string_id, temp, strlen(temp));
- LOGD("display_name_string_id = %s", *name_string_id);
if (temp != NULL) {
free(temp);
temp = NULL;
*name_string_id = (char *)calloc(strlen(temp) + 1, sizeof(char));
TryReturn(*name_string_id != NULL, free(temp), PRVMGR_ERR_OUT_OF_MEMORY, "[PRVMGR_ERR_OUT_OF_MEMORY] Memory allocation is failed.");
memcpy(*name_string_id, temp, strlen(temp));
- LOGE("display_name_string_id = %s", *name_string_id);
if (temp != NULL) {
free(temp);
temp = NULL;
*description_string_id = (char *)calloc(strlen(temp) + 1, sizeof(char));
TryReturn(*description_string_id != NULL, free(temp), PRVMGR_ERR_OUT_OF_MEMORY, "[PRVMGR_ERR_OUT_OF_MEMORY] Memory allocation is failed.");
memcpy(*description_string_id, temp, strlen(temp));
- LOGD("description_string_id = %s", *description_string_id);
if (temp != NULL) {
free(temp);
temp = NULL;
*description_string_id = (char *)calloc(strlen(temp) + 1, sizeof(char));
TryReturn(*description_string_id != NULL, free(temp), PRVMGR_ERR_OUT_OF_MEMORY, "[PRVMGR_ERR_OUT_OF_MEMORY] Memory allocation is failed.");
memcpy(*description_string_id, temp, strlen(temp));
- LOGE("description_string_id = %s", *description_string_id);
if (temp != NULL) {
free(temp);
temp = NULL;
return 0;
}
ret = privilege_db_manager_is('p', privilege);
- LOGD("%s is privacy? %d", privilege, ret);
if (ret != 0 && ret != 1)
ret = -1;
return ret;
{
TryReturn(pkgid != NULL && privilege != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] pkgid or privilege is NULL");
int ret = PRVMGR_ERR_NONE;
- LOGD("get privilege type for uid: <%d>, pkgid: <%s>, privilege: <%s>", uid, pkgid, privilege);
ret = privilege_db_manager_is('p', privilege);
if (ret == 1) {
ret = privilege_db_manager_is_privacy_white_list(pkgid, privilege);
TryReturn(privilege != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] privilege is NULL");
int ret = privilege_db_manager_is('v', privilege);
- LOGD("%s is valid? %d", privilege, ret);
if (ret != 0 && ret != 1)
ret = -1;
return ret;
TryReturn(privilege != NULL, , PRVMGR_ERR_INVALID_PARAMETER, "[PRVMGR_ERR_INVALID_PARAMETER] privilege is NULL");
int ret = privilege_db_manager_is('i', privilege);
- LOGD("%s is internal? %d", privilege, ret);
if (ret != 0 && ret != 1)
ret = -1;
return ret;
for (l = valid_privilege_list; l != NULL; l = l->next) {
privilege_info_db_row_s *privilege_info_db_row = (privilege_info_db_row_s *)l->data;
if (strcmp(privilege_info_db_row->privilege_name, privilege) == 0) {
- _LOGD("Matched privilege name exist");
api_version_code_t issued_version_code = 0;
api_version_code_t expired_version_code = 0;
ret = __get_api_version_code(privilege_info_db_row->expired_version, &expired_version_code);
- TryReturn(ret == PRVMGR_ERR_NONE && expired_version_code != 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] __get_api_version_code() for expired_version of privilege (%s) failed. expired_version = %s", privilege, privilege_info_db_row->expired_version);
+ TryReturn(ret == PRVMGR_ERR_NONE && expired_version_code != 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] __get_api_version_code() for expired_version failed. expired_version = %s", privilege_info_db_row->expired_version);
ret = __get_api_version_code(privilege_info_db_row->issued_version, &issued_version_code);
- TryReturn(ret == PRVMGR_ERR_NONE && issued_version_code != 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] __get_api_version_code() for issued_version of privilege (%s) failed. issued_version = %s", privilege, privilege_info_db_row->issued_version);
+ TryReturn(ret == PRVMGR_ERR_NONE && issued_version_code != 0, , PRVMGR_ERR_INTERNAL_ERROR, "[PRVMGR_ERR_INTERNAL_ERROR] __get_api_version_code() for issued_version failed. issued_version = %s", privilege_info_db_row->issued_version);
if (api_version_code < issued_version_code) {
- _LOGD("privilege = <%s>, issued version = <%s>, current api-version = <%s>. issude_version > api version.", privilege, privilege_info_db_row->issued_version, api_version);
if (*valid_api_version != NULL) {
free(*valid_api_version);
*valid_api_version = NULL;
ret_val = PRVMGR_ERR_NO_EXIST_PRIVILEGE;
} else if (api_version_code >= expired_version_code) {
- _LOGD("privilege = <%s>, expired version = <%s>, current api-version = <%s>. deprecated version <= api version.", privilege, privilege_info_db_row->expired_version, api_version);
if (*valid_api_version != NULL) {
free(*valid_api_version);
*valid_api_version = NULL;
free(*changed_to);
*changed_to = NULL;
}
- _LOGD("%s was changed to %s.", privilege, privilege_info_db_row->changed_to);
*changed_to = strdup(privilege_info_db_row->changed_to);
TryReturn(changed_to != NULL, ret_val = PRVMGR_ERR_OUT_OF_MEMORY; goto FINISH, PRVMGR_ERR_OUT_OF_MEMORY, "[PRVMGR_ERR_OUT_OF_MEMORY] changed_to's strdup is failed.");
}
int privilege_manager_verify_privilege(uid_t uid, const char *api_version, privilege_manager_package_type_e package_type, GList * privilege_list, privilege_manager_visibility_e visibility, char **error_message)
{
- _LOGD("privilege_manager_verify_privilege called");
GList *l;
int ret;
int ret_val = PRVMGR_ERR_NONE;
int privilege_level_id = PRVMGR_PACKAGE_VISIBILITY_PUBLIC;
char *privilege_name = (char *)l->data;
- _LOGD("Checking privilege = %s", privilege_name);
if (valid_api_version != NULL) {
free(valid_api_version);
valid_api_version = NULL;
projects / platform / core / security / privilege-checker.git / commitdiff