From: hb.min Date: Wed, 4 Sep 2013 10:24:43 +0000 (+0900) Subject: Modify the initialization module of IpcClient for AccessController X-Git-Tag: accepted/tizen/20130927.081017^2~20^2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2ea33505071228bad13513000c52adfa2adbfddf;p=platform%2Fframework%2Fnative%2Fappfw.git Modify the initialization module of IpcClient for AccessController Change-Id: I442dd6fabe131da970f4b641fec414d0ae97296a Signed-off-by: hb.min --- diff --git a/inc/FSecAccessController.h b/inc/FSecAccessController.h index c53889c..3d66c65 100644 --- a/inc/FSecAccessController.h +++ b/inc/FSecAccessController.h @@ -116,6 +116,7 @@ private: */ AccessController& operator =(const AccessController& rhs); + static void InitIpcClient(void); static void Initialize(void); private: diff --git a/src/security/FSecAccessController.cpp b/src/security/FSecAccessController.cpp index 19c15f1..0249383 100644 --- a/src/security/FSecAccessController.cpp +++ b/src/security/FSecAccessController.cpp @@ -44,9 +44,10 @@ using namespace Tizen::Base; using namespace Tizen::Base::Collection; using namespace Tizen::Io; -static _IpcClient ipcClient; static bool isConstructed = false; +static std::unique_ptr<_IpcClient> pIpcClient(null); static pthread_once_t onceBlock = PTHREAD_ONCE_INIT; +static pthread_once_t ipcOnceBlock = PTHREAD_ONCE_INIT; namespace Tizen { namespace Security { @@ -65,51 +66,63 @@ static _PrivilegeInfo privilegeInfo; void -AccessController::Initialize(void) +AccessController::InitIpcClient(void) { - result r = E_SUCCESS; - result ipcResult = E_SUCCESS; + std::unique_ptr<_IpcClient> pLocalIpcClient(new (std::nothrow) _IpcClient); + SysTryReturnVoidResult(NID_SEC, pLocalIpcClient != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - std::unique_ptr pEncryptedPrivileges(null); - std::unique_ptr pChecksum(null); - std::unique_ptr pEncryptedVisibility(null); - std::unique_ptr pVisibilityChecksum(null); + result r = pLocalIpcClient->Construct(L"osp.security.ipcserver.privilegemanager", null); + SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "Failed to construct the instance of IPC."); - std::unique_ptr pCipherPrivilegeMessage(null); - std::unique_ptr pCipherVisibilityMessage(null); - std::unique_ptr pPrivilegeList(null); + pIpcClient = std::move(pLocalIpcClient); + return; +} - r = ipcClient.Construct(L"osp.security.ipcserver.privilegemanager", null); - SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "Failed to construct the instance of IPC."); +void +AccessController::Initialize(void) +{ + result r = E_SUCCESS; - pEncryptedPrivileges.reset(new (std::nothrow) String()); + if (pIpcClient == null) + { + pthread_once(&ipcOnceBlock, InitIpcClient); + r = GetLastResult(); + if (IsFailed(r)) + { + ipcOnceBlock = PTHREAD_ONCE_INIT; + SysLogException(NID_SEC, r, "[%s] Propagated.", GetErrorMessage(r)); + return; + } + } + + std::unique_ptr pEncryptedPrivileges(new (std::nothrow) String()); SysTryReturnVoidResult(NID_SEC, pEncryptedPrivileges != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - pChecksum.reset(new (std::nothrow) String()); + std::unique_ptr pChecksum(new (std::nothrow) String()); SysTryReturnVoidResult(NID_SEC, pChecksum != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - pPrivilegeList.reset(new ArrayList()); + std::unique_ptr pPrivilegeList(new ArrayList()); SysTryReturnVoidResult(NID_SEC, pPrivilegeList != null, E_OUT_OF_MEMORY, "The memory is insufficient."); pPrivilegeList->Construct(); - pCipherPrivilegeMessage.reset(new (std::nothrow) PrivilegeManagerMsg_retrieve(pEncryptedPrivileges.get(), pChecksum.get(), pPrivilegeList.get(), &r)); + std::unique_ptr pCipherPrivilegeMessage(new (std::nothrow) PrivilegeManagerMsg_retrieve(pEncryptedPrivileges.get(), pChecksum.get(), pPrivilegeList.get(), &r)); SysTryReturnVoidResult(NID_SEC, pCipherPrivilegeMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - ipcResult = ipcClient.SendRequest(pCipherPrivilegeMessage.get()); + result ipcResult = pIpcClient->SendRequest(pCipherPrivilegeMessage.get()); SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message."); SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information"); - pEncryptedVisibility.reset(new (std::nothrow) String()); + std::unique_ptr pEncryptedVisibility(new (std::nothrow) String()); SysTryReturnVoidResult(NID_SEC, pEncryptedVisibility != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - pVisibilityChecksum.reset(new (std::nothrow) String()); + std::unique_ptr pVisibilityChecksum(new (std::nothrow) String()); SysTryReturnVoidResult(NID_SEC, pVisibilityChecksum != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - pCipherVisibilityMessage.reset(new (std::nothrow) PrivilegeManagerMsg_retrieveEx(pEncryptedVisibility.get(), pVisibilityChecksum.get(), &r)); + std::unique_ptr pCipherVisibilityMessage(new (std::nothrow) PrivilegeManagerMsg_retrieveEx(pEncryptedVisibility.get(), pVisibilityChecksum.get(), &r)); SysTryReturnVoidResult(NID_SEC, pCipherVisibilityMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - ipcResult = ipcClient.SendRequest(pCipherVisibilityMessage.get()); + ipcResult = pIpcClient->SendRequest(pCipherVisibilityMessage.get()); SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message."); SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information"); @@ -121,6 +134,7 @@ AccessController::Initialize(void) pPrivilegeList->RemoveAll(true); isConstructed = true; + return; } @@ -129,7 +143,6 @@ AccessController::CheckPrivilege(int privilege) { result r = E_SUCCESS; bool ret = false; - ClearLastResult(); SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid"); @@ -188,7 +201,6 @@ AccessController::CheckPrivilege(const String& privilege) { result r = E_SUCCESS; bool ret = false; - ClearLastResult(); if (!isConstructed) @@ -245,24 +257,20 @@ _PrivilegeManager* AccessController::__pPrivilegeManager = null; result AccessController::CheckPrivilege(const PackageId& packageId, const String& privilege) { - result r = E_SUCCESS; - bool ret = false; - std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(null); - String subAppId; - _PackageInfoImpl infoImpl; - String appType; - String webAppType(L"wgt"); - String cAppType(L"rpm"); - - r = _AccessController::CheckUserPrivilege(_PRV_PRIVILEGEMANAGER_READ); + result r = _AccessController::CheckUserPrivilege(_PRV_PRIVILEGEMANAGER_READ); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_PRIVILEGE_DENIED, "The application does not have the privilege to call this method."); + String subAppId; packageId.SubString(0, MAX_APP_ID_SIZE, subAppId); + _PackageInfoImpl infoImpl; r = infoImpl.Construct(packageId); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); + String appType; + String webAppType(L"wgt"); + String cAppType(L"rpm"); appType = infoImpl.GetAppType(); if (appType.Equals(webAppType, true)) { @@ -282,7 +290,7 @@ AccessController::CheckPrivilege(const PackageId& packageId, const String& privi } SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred."); - pPrivilegeInfo.reset(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); + std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); r = GetLastResult(); if (r == E_SUCCESS) diff --git a/src/security/FSec_AccessController.cpp b/src/security/FSec_AccessController.cpp index a41c454..d7a7420 100644 --- a/src/security/FSec_AccessController.cpp +++ b/src/security/FSec_AccessController.cpp @@ -43,9 +43,10 @@ using namespace Tizen::Base; using namespace Tizen::Base::Collection; using namespace Tizen::Io; -static _IpcClient ipcClient; static bool isConstructed = false; +static std::unique_ptr<_IpcClient> pIpcClient(null); static pthread_once_t onceBlock = PTHREAD_ONCE_INIT; +static pthread_once_t ipcOnceBlock = PTHREAD_ONCE_INIT; namespace Tizen { namespace Security { @@ -74,23 +75,19 @@ _AccessController::~_AccessController(void) result _AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege privilege) { - result r = E_SUCCESS; - bool ret = false; - std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(null); - String subAppId; - _PackageInfoImpl infoImpl; - String appType; - String webAppType(L"wgt"); SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid"); + String subAppId; packageId.SubString(0, MAX_APP_ID_SIZE, subAppId); - r = infoImpl.Construct(subAppId); + _PackageInfoImpl infoImpl; + result r = infoImpl.Construct(subAppId); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); - appType = infoImpl.GetAppType(); + String webAppType(L"wgt"); + String appType = infoImpl.GetAppType(); if (appType.Equals(webAppType, true)) { return E_SUCCESS; @@ -102,7 +99,7 @@ _AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege p } SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred."); - pPrivilegeInfo.reset(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); + std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); r = GetLastResult(); if (r == E_SUCCESS) @@ -145,24 +142,20 @@ CATCH: result _AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege privilege1, _Privilege privilege2) { - result r = E_SUCCESS; - bool ret = false; - std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(null); - String subAppId; - _PackageInfoImpl infoImpl; - String appType; - String webAppType(L"wgt"); SysTryReturnResult(NID_SEC, (privilege1 >= 0) && (privilege1 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid"); SysTryReturnResult(NID_SEC, (privilege2 >= 0) && (privilege2 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid"); + String subAppId; packageId.SubString(0, MAX_APP_ID_SIZE, subAppId); - r = infoImpl.Construct(subAppId); + _PackageInfoImpl infoImpl; + result r = infoImpl.Construct(subAppId); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); - appType = infoImpl.GetAppType(); + String webAppType(L"wgt"); + String appType = infoImpl.GetAppType(); if (appType.Equals(webAppType, true)) { return E_SUCCESS; @@ -174,7 +167,7 @@ _AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege p } SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred."); - pPrivilegeInfo.reset(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); + std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); r = GetLastResult(); if (r == E_SUCCESS) @@ -221,21 +214,17 @@ CATCH: result _AccessController::CheckPrivilege(const PackageId& packageId, const String& privilege) { - result r = E_SUCCESS; - bool ret = false; - std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(null); - String subAppId; - _PackageInfoImpl infoImpl; - String appType; - String webAppType(L"wgt"); + String subAppId; packageId.SubString(0, MAX_APP_ID_SIZE, subAppId); - r = infoImpl.Construct(subAppId); + _PackageInfoImpl infoImpl; + result r = infoImpl.Construct(subAppId); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); - appType = infoImpl.GetAppType(); + String webAppType(L"wgt"); + String appType = infoImpl.GetAppType(); if (appType.Equals(webAppType, true)) { return E_SUCCESS; @@ -247,7 +236,7 @@ _AccessController::CheckPrivilege(const PackageId& packageId, const String& priv } SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred."); - pPrivilegeInfo.reset(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); + std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId)); r = GetLastResult(); if (r == E_SUCCESS) @@ -288,16 +277,34 @@ CATCH: } void +_AccessController::InitIpcClient(void) +{ + std::unique_ptr<_IpcClient> pLocalIpcClient(new (std::nothrow) _IpcClient); + SysTryReturnVoidResult(NID_SEC, pLocalIpcClient != null, E_OUT_OF_MEMORY, "The memory is insufficient."); + + result r = pLocalIpcClient->Construct(L"osp.security.ipcserver.privilegemanager", null); + SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "Failed to construct the instance of IPC."); + + pIpcClient = std::move(pLocalIpcClient); + return; +} + +void _AccessController::Initialize(void) { result r = E_SUCCESS; - result ipcResult = E_SUCCESS; - std::unique_ptr pCipherPrivilegeMessage(null); - std::unique_ptr pCipherVisibilityMessage(null); - - r = ipcClient.Construct(L"osp.security.ipcserver.privilegemanager", null); - SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "Failed to construct the instance of IPC."); + if (pIpcClient == null) + { + pthread_once(&ipcOnceBlock, InitIpcClient); + r = GetLastResult(); + if (IsFailed(r)) + { + ipcOnceBlock = PTHREAD_ONCE_INIT; + SysLogException(NID_SEC, r, "[%s] Propagated.", GetErrorMessage(r)); + return; + } + } pEncryptedPrivileges.reset(new (std::nothrow) String()); SysTryReturnVoidResult(NID_SEC, pEncryptedPrivileges != null, E_OUT_OF_MEMORY, "The memory is insufficient."); @@ -307,13 +314,12 @@ _AccessController::Initialize(void) pPrivilegeList.reset(new ArrayList()); SysTryReturnVoidResult(NID_SEC, pPrivilegeList != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - pPrivilegeList->Construct(); - pCipherPrivilegeMessage.reset(new (std::nothrow) PrivilegeManagerMsg_retrieve(pEncryptedPrivileges.get(), pChecksum.get(), pPrivilegeList.get(), &r)); + std::unique_ptr pCipherPrivilegeMessage(new (std::nothrow) PrivilegeManagerMsg_retrieve(pEncryptedPrivileges.get(), pChecksum.get(), pPrivilegeList.get(), &r)); SysTryReturnVoidResult(NID_SEC, pCipherPrivilegeMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - ipcResult = ipcClient.SendRequest(pCipherPrivilegeMessage.get()); + result ipcResult = pIpcClient->SendRequest(pCipherPrivilegeMessage.get()); SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message."); SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information"); @@ -323,15 +329,14 @@ _AccessController::Initialize(void) pVisibilityChecksum.reset(new (std::nothrow) String()); SysTryReturnVoidResult(NID_SEC, pVisibilityChecksum != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - pCipherVisibilityMessage.reset(new (std::nothrow) PrivilegeManagerMsg_retrieveEx(pEncryptedVisibility.get(), pVisibilityChecksum.get(), &r)); + std::unique_ptr pCipherVisibilityMessage(new (std::nothrow) PrivilegeManagerMsg_retrieveEx(pEncryptedVisibility.get(), pVisibilityChecksum.get(), &r)); SysTryReturnVoidResult(NID_SEC, pCipherVisibilityMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient."); - ipcResult = ipcClient.SendRequest(pCipherVisibilityMessage.get()); + ipcResult = pIpcClient->SendRequest(pCipherVisibilityMessage.get()); SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message."); SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information"); isConstructed = true; - return; } @@ -340,9 +345,7 @@ _AccessController::CheckUserPrivilege(_Privilege privilege) { result r = E_SUCCESS; bool ret = false; - _PrivilegeInfo privilegeInfo; - ClearLastResult(); SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid"); @@ -416,9 +419,7 @@ _AccessController::CheckUserPrivilege(_Privilege privilege1, _Privilege privileg { result r = E_SUCCESS; bool ret = false; - _PrivilegeInfo privilegeInfo; - ClearLastResult(); SysTryReturnResult(NID_SEC, (privilege1 >= 0) && (privilege1 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid"); @@ -498,9 +499,7 @@ _AccessController::CheckPrivilege(const String& privilege) { result r = E_SUCCESS; bool ret = false; - _PrivilegeInfo privilegeInfo; - ClearLastResult(); int appType = _AppInfo::GetAppType(); @@ -574,7 +573,6 @@ result _AccessController::CheckPrivacy(const PackageId & packageId, _Privilege privilege) { result r = E_SUCCESS; - int ret = PRIV_MGR_ERROR_SUCCESS; if (privacyListTable[privilege] != true) { @@ -592,7 +590,7 @@ _AccessController::CheckPrivacy(const PackageId & packageId, _Privilege privileg pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(privilegeId)); SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred."); - ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get()); + int ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get()); if (ret != PRIV_MGR_ERROR_SUCCESS) { r = E_USER_NOT_CONSENTED; @@ -606,7 +604,6 @@ result _AccessController::CheckPrivacy(const PackageId & packageId, const String& privilege) { result r = E_SUCCESS; - int ret = PRIV_MGR_ERROR_SUCCESS; std::unique_ptr pPackageId(null); pPackageId.reset(_StringConverter::CopyToCharArrayN(packageId)); @@ -616,7 +613,7 @@ _AccessController::CheckPrivacy(const PackageId & packageId, const String& privi pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(privilege)); SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred."); - ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get()); + int ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get()); if (ret != PRIV_MGR_ERROR_SUCCESS) { r = E_USER_NOT_CONSENTED; diff --git a/src/security/inc/FSec_AccessController.h b/src/security/inc/FSec_AccessController.h index 8ee7b64..ed9936d 100644 --- a/src/security/inc/FSec_AccessController.h +++ b/src/security/inc/FSec_AccessController.h @@ -151,6 +151,7 @@ private: static result CheckPrivacy(const Tizen::App::PackageId& packageId, _Privilege privilege); static result CheckPrivacy(const Tizen::App::PackageId& packageId, const Tizen::Base::String& privilege); + static void InitIpcClient(void); static void Initialize(void); static _PrivilegeManager* __pPrivilegeManager;