Fix RecoverSignature

author Junghyun Yeon <jungh.yeon@samsung.com>

Thu, 5 Sep 2019 06:23:22 +0000 (15:23 +0900)

committer Junghyun Yeon <jungh.yeon@samsung.com>

Fri, 6 Sep 2019 07:54:32 +0000 (07:54 +0000)
author Junghyun Yeon <jungh.yeon@samsung.com>
Thu, 5 Sep 2019 06:23:22 +0000 (15:23 +0900)
committer Junghyun Yeon <jungh.yeon@samsung.com>
Fri, 6 Sep 2019 07:54:32 +0000 (07:54 +0000)
diff --git a/src/common/step/security/step_recover_signature.cc b/src/common/step/security/step_recover_signature.cc

index 23d4424..21ef45e 100644 (file)
--- a/src/common/step/security/step_recover_signature.cc
+++ b/src/common/step/security/step_recover_signature.cc
@@ -77,11 +77,8 @@ Step::Status StepRecoverSignature::RecoveryUpdate() {
  
  Step::Status StepRecoverSignature::RecoveryReadonlyUpdateInstall() {
    std::string error_message;
-  PrivilegeLevel level = PrivilegeLevel::PLATFORM;
-  bf::path signature_root =
-      bf::path(GetRootAppPath(context_->is_readonly_package.get(),
-          context_->uid.get())) / context_->pkgid.get();
-  if (!ValidateSignatures(signature_root, &level,
+  PrivilegeLevel level = PrivilegeLevel::UNTRUSTED;
+  if (!ValidateSignatures(GetSignatureRoot(), &level,
                           &context_->certificate_info.get(), false,
                           &error_message)) {
      LOG(ERROR) << "Failed to verify signature: " << error_message;
@@ -100,6 +97,9 @@ Step::Status StepRecoverSignature::RecoveryReadonlyUpdateInstall() {
    if (!RecoverSignatureFile(context_->pkgid.get(), false))
      return Status::CERT_ERROR;
  
+  if (context_->is_readonly_package.get())
+    level = PrivilegeLevel::PLATFORM;
+
    context_->privilege_level.set(level);
    return Status::OK;
  }
author	Junghyun Yeon <jungh.yeon@samsung.com>
	Thu, 5 Sep 2019 06:23:22 +0000 (15:23 +0900)
committer	Junghyun Yeon <jungh.yeon@samsung.com>
	Fri, 6 Sep 2019 07:54:32 +0000 (07:54 +0000)