#include "im-load-policy.h"
#include "im-get-policy.h"
-static int ima_state; // 0 for disabled, 1 for enabled
-static int ima_fix_state; // 0 for fix off (ima enabled), 1 for fix on
+static int _ima_state; // 0 for disabled, 1 for enabled
+static int _ima_fix_state; // 0 for fix off (ima enabled), 1 for fix on
+
+static int _evm_state; // 0 for disabled, 1 for enabled
+static int _evm_fix_state; // 0 for fix off (evm enabled), 1 for fix on
/************************ Genlist Item Class ************************/
#define ITC_TYPE_CHECK (int)0
LOGD("Enter function: %s", __func__);
if (!itm)
return;
- // Bypassing FIX check box - FIX checkbox should be active all the time
- itm = elm_genlist_item_next_get(itm);
+
+ itm = elm_genlist_item_next_get(itm); // Bypassing IMA FIX check box -
+ // IMA FIX checkbox should be active all the time
+ itm = elm_genlist_item_next_get(itm); // Bypassing EVM switch
+ itm = elm_genlist_item_next_get(itm); // Bypassing EVM FIX check box
if (!itm)
return;
}
}
+// ------------------ IMA ------------------
+
static void genlist_ima_enable_disable_clicked_cb(void *data, Evas_Object *obj, void *event_info)
{
LOGD("Enter function: %s", __func__);
- (void)event_info;
+ if (!event_info)
+ return;
int ret;
Elm_Object_Item *it = (Elm_Object_Item *) elm_genlist_selected_item_get(obj);
if (it == NULL)
return;
- if (ima_state == 0) { // Turning on the IMA
- if (ima_fix_state == 1) {
+ if (_ima_state == 0) { // Turning on the IMA
+ if (_ima_fix_state == 1) {
ret = ima_set_state(IMA_STATE_FIX);
- printf("result of ima_set_ima_state(IMA_STATE_FIX): %d\n", ret);
+ printf("result of ima_set_state(IMA_STATE_FIX): %d\n", ret);
// FIXME: this code is commented for testing purpose
// if (ret) // Error
// goto out;
}
else {
ret = ima_set_state(IMA_STATE_ENABLED);
- printf("result of ima_set_ima_state(IMA_STATE_ENABLED): %d\n", ret);
+ printf("result of ima_set_state(IMA_STATE_ENABLED): %d\n", ret);
// FIXME: this code is commented for testing purpose
// if (ret) // Error
// goto out;
}
- ima_state = 1;
+ _ima_state = 1;
((ItemData_t *)data)->check_status = EINA_TRUE;
_ima_enable_all_items(it);
}
else { // Turning off the IMA
ret = ima_set_state(IMA_STATE_DISABLED);
- printf("result of ima_set_ima_state(IMA_STATE_DISABLED): %d\n", ret);
+ printf("result of ima_set_state(IMA_STATE_DISABLED): %d\n", ret);
// FIXME: this code is commented for testing purpose
// if (ret) // Error
// goto out;
- ima_state = 0;
+ _ima_state = 0;
((ItemData_t *)data)->check_status = EINA_FALSE;
_ima_disable_all_items(it);
}
if (it == NULL)
return;
- if (ima_fix_state == 0) { // Turning on IMA fix state
- if (ima_state == 1) { // If IMA is enabled then turn on FIX mode
+ if (_ima_fix_state == 0) { // Turning on IMA fix state
+ if (_ima_state == 1) { // If IMA is enabled then turn on FIX mode
ret = ima_set_state(IMA_STATE_FIX);
- printf("result of ima_set_ima_state(FIX): %d\n", ret);
+ printf("result of ima_set_state(FIX): %d\n", ret);
// FIXME: this code is commented for testing purpose
// if (ret) // Error
// goto out;
}
// If IMA is disabled then just change the state in UI
- ima_fix_state = 1;
+ _ima_fix_state = 1;
((ItemData_t *)data)->check_status = EINA_TRUE;
}
else { // Turning off IMA fix state
- if (ima_state == 1) {
+ if (_ima_state == 1) {
ret = ima_set_state(IMA_STATE_ENABLED);
- printf("result of ima_set_ima_state(IMA_STATE_ENABLED): %d\n", ret);
+ printf("result of ima_set_state(IMA_STATE_ENABLED): %d\n", ret);
// FIXME: this code is commented for testing purpose
// if (ret) // Error
// goto out;
}
// If IMA is disabled then just change the state in UI
- ima_fix_state = 0;
+ _ima_fix_state = 0;
+ ((ItemData_t *)data)->check_status = EINA_FALSE;
+ }
+//out:
+ elm_genlist_item_selected_set(it, EINA_FALSE);
+ elm_genlist_item_update(it);
+}
+
+// ------------------ EVM ------------------
+// FIXME: Copy-paste code. Merge it with IMA switch callbacks if possible
+
+static void genlist_evm_enable_disable_clicked_cb(void *data, Evas_Object *obj, void *event_info)
+{
+ LOGD("Enter function: %s", __func__);
+ if (!event_info)
+ return;
+ int ret;
+
+ Elm_Object_Item *it = (Elm_Object_Item *) elm_genlist_selected_item_get(obj);
+ if (it == NULL)
+ return;
+
+ if (_evm_state == 0) { // Turning on the EVM
+ if (_evm_fix_state == 1) {
+ ret = evm_set_state(EVM_STATE_FIX);
+ printf("result of evm_set_state(EVM_STATE_FIX): %d\n", ret);
+ // FIXME: this code is commented for testing purpose
+ // if (ret) // Error
+ // goto out;
+ }
+ else {
+ ret = evm_set_state(EVM_STATE_ENABLED);
+ printf("result of evm_set_state(EVM_STATE_ENABLED): %d\n", ret);
+ // FIXME: this code is commented for testing purpose
+ // if (ret) // Error
+ // goto out;
+ }
+ _evm_state = 1;
+ ((ItemData_t *)data)->check_status = EINA_TRUE;
+ _ima_enable_all_items(it);
+ }
+ else { // Turning off the EVM
+ ret = evm_set_state(EVM_STATE_DISABLED);
+ printf("result of evm_set_state(EVM_STATE_DISABLED): %d\n", ret);
+ // FIXME: this code is commented for testing purpose
+ // if (ret) // Error
+ // goto out;
+ _evm_state = 0;
+ ((ItemData_t *)data)->check_status = EINA_FALSE;
+ _ima_disable_all_items(it);
+ }
+// out:
+ elm_genlist_item_update(it);
+ elm_genlist_item_selected_set(it, EINA_FALSE);
+}
+
+static void genlist_evm_fix_mode_enable_disable_clicked_cb(void *data, Evas_Object *obj, void *event_info)
+{
+ LOGD("Enter function: %s", __func__);
+ (void)event_info;
+ int ret;
+
+ Elm_Object_Item *it = (Elm_Object_Item *) elm_genlist_selected_item_get(obj);
+ if (it == NULL)
+ return;
+
+ if (_evm_fix_state == 0) { // Turning on EVM fix state
+ if (_evm_state == 1) { // If EVM is enabled then turn on FIX mode
+ ret = evm_set_state(EVM_STATE_FIX);
+ printf("result of evm_set_state(FIX): %d\n", ret);
+ // FIXME: this code is commented for testing purpose
+ // if (ret) // Error
+ // goto out;
+ }
+ // If EVM is disabled then just change the state in UI
+ _evm_fix_state = 1;
+ ((ItemData_t *)data)->check_status = EINA_TRUE;
+ }
+ else { // Turning off EVM fix state
+ if (_evm_state == 1) {
+ ret = evm_set_state(EVM_STATE_ENABLED);
+ printf("result of evm_set_state(EVM_STATE_ENABLED): %d\n", ret);
+ // FIXME: this code is commented for testing purpose
+ // if (ret) // Error
+ // goto out;
+ }
+ // If EVM is disabled then just change the state in UI
+ _evm_fix_state = 0;
((ItemData_t *)data)->check_status = EINA_FALSE;
}
//out:
}
}
-static void _setup(Elm_Object_Item *ima_enable_item, Elm_Object_Item *ima_fix_item)
+static void _setup(Elm_Object_Item *ima_enable_item,
+ Elm_Object_Item *ima_fix_item,
+ Elm_Object_Item *evm_enable_item,
+ Elm_Object_Item *evm_fix_item)
{
LOGD("Enter function: %s", __func__);
-
- // FIXME: When libIMA implementation will be ready ima_get_ima_state() should returns SUCCESS or ERROR_CODE,
- // and is should pass the IMA state via parameter.
int state = 0;
- //TODO: check error code!
- ima_get_state(&state);
+
+ if (ima_get_state(&state) != LIB_SUCCESS)
+ goto out_ima;
LOGD("IMA state returns: %d", state);
if(IMA_STATE_DISABLED == state) {
- ima_state = 0;
- ima_fix_state = 0;
+ _ima_state = 0;
+ _ima_fix_state = 0;
((ItemData_t *)elm_object_item_data_get(ima_enable_item))->check_status = EINA_FALSE;
((ItemData_t *)elm_object_item_data_get(ima_fix_item))->check_status = EINA_FALSE;
_ima_disable_all_items(ima_enable_item);
}
else if (IMA_STATE_ENABLED == state) {
- ima_state = 1;
- ima_fix_state = 0;
+ _ima_state = 1;
+ _ima_fix_state = 0;
((ItemData_t *)elm_object_item_data_get(ima_enable_item))->check_status = EINA_TRUE;
((ItemData_t *)elm_object_item_data_get(ima_fix_item))->check_status = EINA_FALSE;
_ima_enable_all_items(ima_enable_item);
}
else if(IMA_STATE_FIX == state) {
- ima_state = 1;
- ima_fix_state = 1;
+ _ima_state = 1;
+ _ima_fix_state = 1;
((ItemData_t *)elm_object_item_data_get(ima_enable_item))->check_status = EINA_TRUE;
((ItemData_t *)elm_object_item_data_get(ima_fix_item))->check_status = EINA_TRUE;
_ima_enable_all_items(ima_enable_item);
}
else { // Error while getting IMA state
- LOGE("Unknown state of IMA: %d. Is IMA pressent in system?", state);
+out_ima:
+ LOGE("Unknown state of IMA: %d. Is IMA present in system?", state);
// How the switches should be set if there's no IMA? Now they are disabled
- ima_state = 0;
- ima_fix_state = 0;
+ _ima_state = 0;
+ _ima_fix_state = 0;
((ItemData_t *)elm_object_item_data_get(ima_enable_item))->check_status = EINA_FALSE;
((ItemData_t *)elm_object_item_data_get(ima_fix_item))->check_status = EINA_FALSE;
_ima_disable_all_items(ima_enable_item);
}
+
+ // EVM state should not change the state of others controls
+ if (evm_get_state(&state) != LIB_SUCCESS)
+ goto out_evm;
+ LOGD("EVM state returns: %d", state);
+ if(EVM_STATE_DISABLED == state) {
+ _evm_state = 0;
+ _evm_fix_state = 0;
+ ((ItemData_t *)elm_object_item_data_get(evm_enable_item))->check_status = EINA_FALSE;
+ ((ItemData_t *)elm_object_item_data_get(evm_fix_item))->check_status = EINA_FALSE;
+ }
+ else if (EVM_STATE_ENABLED == state) {
+ _evm_state = 1;
+ _evm_fix_state = 0;
+ ((ItemData_t *)elm_object_item_data_get(evm_enable_item))->check_status = EINA_TRUE;
+ ((ItemData_t *)elm_object_item_data_get(evm_fix_item))->check_status = EINA_FALSE;
+ }
+ else if(EVM_STATE_FIX == state) {
+ _evm_state = 1;
+ _evm_fix_state = 1;
+ ((ItemData_t *)elm_object_item_data_get(evm_enable_item))->check_status = EINA_TRUE;
+ ((ItemData_t *)elm_object_item_data_get(evm_fix_item))->check_status = EINA_TRUE;
+ }
+ else { // Error while getting EVM state
+out_evm:
+ LOGE("Unknown state of EVM: %d. Is EVM present in system?", state);
+ _evm_state = 0;
+ _evm_fix_state = 0;
+ ((ItemData_t *)elm_object_item_data_get(evm_enable_item))->check_status = EINA_FALSE;
+ ((ItemData_t *)elm_object_item_data_get(evm_fix_item))->check_status = EINA_FALSE;
+ }
+
}
// elm_genlist_item_append wrapper
"check", genlist_ima_fix_mode_enable_disable_clicked_cb, NULL);
elm_object_item_domain_text_translatable_set(ima_fix_item, PACKAGE, EINA_TRUE);
+ Elm_Object_Item *evm_enable_item = _add_genlist_item(genlist, ITC_TYPE_CHECK,
+ dgettext(PACKAGE, "IDS_ST_EVM_ENABLE_DISABLE_SWITCH"), "on&off", genlist_evm_enable_disable_clicked_cb, NULL);
+ elm_object_item_domain_text_translatable_set(evm_enable_item, PACKAGE, EINA_TRUE);
+
+ Elm_Object_Item *evm_fix_item = _add_genlist_item(genlist, ITC_TYPE_CHECK, dgettext(PACKAGE, "IDS_ST_EVM_FIX_MODE_CHECKBOX"),
+ "check", genlist_evm_fix_mode_enable_disable_clicked_cb, NULL);
+ elm_object_item_domain_text_translatable_set(evm_fix_item, PACKAGE, EINA_TRUE);
+
nf_it = _add_genlist_item(genlist, ITC_TYPE_LIST, dgettext(PACKAGE, "IDS_ST_COMPROMISED_FILES_LIST"),
NULL, im_compromised_list_cb, ad);
elm_object_item_domain_text_translatable_set(nf_it, PACKAGE, EINA_TRUE);
_free_itc();
- _setup(ima_enable_item, ima_fix_item);
+ _setup(ima_enable_item, ima_fix_item, evm_enable_item, evm_fix_item);
elm_naviframe_item_pop_cb_set(nf_it, quit_cb, data);
projects / platform / core / security / ima-evm-reference-utils.git / commitdiff