Fix permission check of tizen boot sequence

After this patch is applied, partner level signed packages are allosed
to use tizen boot sequence. The feature is available for preloaded packages or
platform level signed packages or partner level signed packages.

Change-Id: Iae83cacd732e07ad94d337c51858bd7f6e1865fe
Signed-off-by: Hwankyu Jhun <h.jhun@samsung.com>

diff --git a/parser/boot-sequencer/cert_checker.cc b/parser/boot-sequencer/cert_checker.cc
index 4c23a91..5050c3d 100644 (file)
--- a/parser/boot-sequencer/cert_checker.cc
+++ b/parser/boot-sequencer/cert_checker.cc
@@ -107,7 +107,7 @@ int GetVisibilityFromCertSvc(const std::string& cert_value) {
 }  // namespace
 
 
-bool CertChecker::IsPlatform(const std::string& pkgid, uid_t uid) {
+bool CertChecker::IsPrivilegedPackage(const std::string& pkgid, uid_t uid) {
   if (IsPreload(pkgid, uid)) {
     _W("%s is preload package", pkgid.c_str());
     return true;
@@ -115,7 +115,8 @@ bool CertChecker::IsPlatform(const std::string& pkgid, uid_t uid) {
 
   int visibility = GetVisibilityFromCertSvc(
       GetCertValueFromPkgInfo(pkgid, uid));
-  if (visibility & CERTSVC_VISIBILITY_PLATFORM)
+  if (visibility & CERTSVC_VISIBILITY_PLATFORM ||
+      visibility & CERTSVC_VISIBILITY_PARTNER)
     return true;
 
   return false;

diff --git a/parser/boot-sequencer/cert_checker.hh b/parser/boot-sequencer/cert_checker.hh
index c19ecc6..4c64188 100644 (file)
--- a/parser/boot-sequencer/cert_checker.hh
+++ b/parser/boot-sequencer/cert_checker.hh
@@ -25,7 +25,7 @@ namespace boot_sequencer {
 
 class CertChecker {
  public:
-  static bool IsPlatform(const std::string& pkgid, uid_t uid);
+  static bool IsPrivilegedPackage(const std::string& pkgid, uid_t uid);
 };
 
 }  // namespace boot_sequencer

diff --git a/parser/boot-sequencer/parser_plugin.cc b/parser/boot-sequencer/parser_plugin.cc
index c44a3a1..e771d25 100644 (file)
--- a/parser/boot-sequencer/parser_plugin.cc
+++ b/parser/boot-sequencer/parser_plugin.cc
@@ -176,7 +176,7 @@ int ParserPlugin::StepBackup() {
 }
 
 int ParserPlugin::StepInstall() {
-  if (!CertChecker::IsPlatform(args_->GetPackage(), GetTargetUid())) {
+  if (!CertChecker::IsPrivilegedPackage(args_->GetPackage(), GetTargetUid())) {
     _W("%s is not a platform package", args_->GetPackage().c_str());
     return 0;
   }