From: JengHyun Kang Date: Wed, 29 Mar 2017 04:08:47 +0000 (+0900) Subject: Modify smack checking method. X-Git-Tag: accepted/tizen/common/20170403.190505~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=21476c3f54d413f7ea027879ad5525c0898c603a;p=platform%2Fcore%2Fuifw%2Fe-mod-tizen-keyrouter.git Modify smack checking method. - Use pid insteads of socket fd Change-Id: Ib25134f4c7245a05712757da16a6c222f7d21d2f --- diff --git a/configure.ac b/configure.ac index a79e004..257f1a1 100644 --- a/configure.ac +++ b/configure.ac @@ -133,7 +133,7 @@ AC_ARG_ENABLE(cynara, [have_cynara=no] ) if test "x${have_cynara}" = "xyes"; then - PKG_CHECK_MODULES(CYNARA, [cynara-client, cynara-creds-socket, cynara-session]) + PKG_CHECK_MODULES(CYNARA, [cynara-client, cynara-creds-socket, cynara-session, libsmack]) AC_DEFINE([ENABLE_CYNARA],[1],[enable cynara]) fi diff --git a/packaging/e-mod-tizen-keyrouter.spec b/packaging/e-mod-tizen-keyrouter.spec index 618d9cf..f72325f 100644 --- a/packaging/e-mod-tizen-keyrouter.spec +++ b/packaging/e-mod-tizen-keyrouter.spec @@ -15,6 +15,7 @@ BuildRequires: pkgconfig(cynara-client) BuildRequires: pkgconfig(cynara-creds-socket) BuildRequires: pkgconfig(capi-system-device) BuildRequires: pkgconfig(libtzplatform-config) +BuildRequires: pkgconfig(libsmack) %description This package is a the Enlightenment Keyrouter Module for Tizen. diff --git a/src/e_mod_main_wl.c b/src/e_mod_main_wl.c index 1d81b95..678b0f4 100644 --- a/src/e_mod_main_wl.c +++ b/src/e_mod_main_wl.c @@ -27,7 +27,7 @@ static Eina_Bool _e_keyrouter_cb_idler(void *data); static void _e_keyrouter_cb_power_change(device_callback_e type, void* value, void* user_data); #ifdef ENABLE_CYNARA static void _e_keyrouter_util_cynara_log(const char *func_name, int err); -static Eina_Bool _e_keyrouter_util_do_privilege_check(struct wl_client *client, int socket_fd, uint32_t mode, uint32_t keycode); +static Eina_Bool _e_keyrouter_util_do_privilege_check(struct wl_client *client, uint32_t mode, uint32_t keycode); #define E_KEYROUTER_CYNARA_ERROR_CHECK_GOTO(func_name, ret, label) \ do \ @@ -49,8 +49,7 @@ _e_keyrouter_keygrab_set(struct wl_client *client, struct wl_resource *surface, int res=0; #ifdef ENABLE_CYNARA - if (EINA_FALSE == _e_keyrouter_util_do_privilege_check(client, - wl_client_get_fd(client), mode, key)) + if (EINA_FALSE == _e_keyrouter_util_do_privilege_check(client, mode, key)) { KLINF("No permission for %d grab mode ! (key=%d)", mode, key); return TIZEN_KEYROUTER_ERROR_NO_PERMISSION; @@ -146,8 +145,7 @@ _e_keyrouter_keygrab_unset(struct wl_client *client, struct wl_resource *surface e_keyrouter_find_and_remove_client_from_list(surface, client, key, TIZEN_KEYROUTER_MODE_TOPMOST); #ifdef ENABLE_CYNARA - if (EINA_FALSE == _e_keyrouter_util_do_privilege_check(client, - wl_client_get_fd(client), TIZEN_KEYROUTER_MODE_NONE, key)) + if (EINA_FALSE == _e_keyrouter_util_do_privilege_check(client, TIZEN_KEYROUTER_MODE_NONE, key)) { goto finish; } @@ -1472,14 +1470,17 @@ _e_keyrouter_util_cynara_log(const char *func_name, int err) } static Eina_Bool -_e_keyrouter_util_do_privilege_check(struct wl_client *client, int socket_fd, uint32_t mode, uint32_t keycode) +_e_keyrouter_util_do_privilege_check(struct wl_client *client, uint32_t mode, uint32_t keycode) { - int ret, pid, retry_cnt=0; - char *clientSmack=NULL, *uid=NULL, *client_session=NULL; + int ret, retry_cnt=0, len=0; + char *clientSmack=NULL, *client_session=NULL, uid2[16]={0, }; Eina_Bool res = EINA_FALSE; Eina_List *l; struct wl_client *wc_data; static Eina_Bool retried = EINA_FALSE; + pid_t pid = 0; + uid_t uid = 0; + gid_t gid = 0; /* Top position grab is always allowed. This mode do not need privilege.*/ if (mode == TIZEN_KEYROUTER_MODE_TOPMOST) @@ -1488,6 +1489,8 @@ _e_keyrouter_util_do_privilege_check(struct wl_client *client, int socket_fd, ui if (krt->HardKeys[keycode].no_privcheck == EINA_TRUE) return EINA_TRUE; + if (!client) return EINA_FALSE; + /* If initialize cynara is failed, allow keygrabs regardless of the previlege permition. */ if (krt->p_cynara == NULL) { @@ -1522,18 +1525,15 @@ _e_keyrouter_util_do_privilege_check(struct wl_client *client, int socket_fd, ui } } - ret = cynara_creds_socket_get_client(socket_fd, CLIENT_METHOD_SMACK, &clientSmack); - E_KEYROUTER_CYNARA_ERROR_CHECK_GOTO("cynara_creds_socket_get_client", ret, finish); - - ret = cynara_creds_socket_get_user(socket_fd, USER_METHOD_UID, &uid); - E_KEYROUTER_CYNARA_ERROR_CHECK_GOTO("cynara_creds_socket_get_user", ret, finish); + wl_client_get_credentials(client, &pid, &uid, &gid); - ret = cynara_creds_socket_get_pid(socket_fd, &pid); - E_KEYROUTER_CYNARA_ERROR_CHECK_GOTO("cynara_creds_socket_get_pid", ret, finish); + len = smack_new_label_from_process((int)pid, &clientSmack); + if (len <= 0) goto finish; + snprintf(uid2, 15, "%d", (int)uid); client_session = cynara_session_from_pid(pid); - ret = cynara_check(krt->p_cynara, clientSmack, client_session, uid, "http://tizen.org/privilege/keygrab"); + ret = cynara_check(krt->p_cynara, clientSmack, client_session, uid2, "http://tizen.org/privilege/keygrab"); if (CYNARA_API_ACCESS_ALLOWED == ret) { res = EINA_TRUE; @@ -1543,9 +1543,8 @@ _e_keyrouter_util_do_privilege_check(struct wl_client *client, int socket_fd, ui KLINF("Fail to check cynara, error : %d (pid : %d)", ret, pid); } finish: - E_FREE(client_session); - E_FREE(clientSmack); - E_FREE(uid); + if (client_session) E_FREE(client_session); + if (clientSmack) E_FREE(clientSmack); return res; } diff --git a/src/e_mod_main_wl.h b/src/e_mod_main_wl.h index 990b055..a3d315d 100644 --- a/src/e_mod_main_wl.h +++ b/src/e_mod_main_wl.h @@ -7,6 +7,7 @@ #include #include #include +#include #endif #include