From: Tomasz Iwanek <t.iwanek@samsung.com>
Date: Wed, 10 Jun 2015 14:48:30 +0000 (+0200)
Subject: Privilege level check
X-Git-Tag: accepted/tizen/mobile/20150629.021649~5
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=5204c3d868da06af75e8918f27936cb417b6565c;p=platform%2Fcore%2Fappfw%2Fapp-installers.git

Privilege level check

Implementation of privilege level check with use of privilege-checker

Change-Id: Ie2a5c6e8b9c6450580a1700c3e6c339de5e1f217
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b299611..fbaa5b1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -56,6 +56,7 @@ PKG_CHECK_MODULES(CERT_SVC_DEPS_VCORE REQUIRED cert-svc-vcore)
 PKG_CHECK_MODULES(PKGMGR_PARSER_DEPS REQUIRED pkgmgr-parser)
 PKG_CHECK_MODULES(PKGMGR_INFO_DEPS REQUIRED pkgmgr-info)
 PKG_CHECK_MODULES(LIBXML_DEPS REQUIRED libxml-2.0)
+PKG_CHECK_MODULES(PRIVILEGE_CHECKER_DEPS REQUIRED capi-security-privilege-manager)
 
 FIND_PACKAGE(Boost REQUIRED COMPONENTS system filesystem)
 FIND_PACKAGE(GTest REQUIRED)
diff --git a/packaging/app-installers.spec b/packaging/app-installers.spec
index f2cccb1..6403d02 100644
--- a/packaging/app-installers.spec
+++ b/packaging/app-installers.spec
@@ -32,6 +32,7 @@ BuildRequires:  pkgconfig(vconf)
 BuildRequires:  pkgconfig(cert-svc-vcore)
 BuildRequires:  pkgconfig(manifest-parser)
 BuildRequires:  pkgconfig(manifest-handlers)
+BuildRequires:  pkgconfig(capi-security-privilege-manager)
 
 Requires: ca-certificates-tizen
 Requires: libtzplatform-config
diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt
index bab306b..a9ce29d 100644
--- a/src/common/CMakeLists.txt
+++ b/src/common/CMakeLists.txt
@@ -43,6 +43,7 @@ APPLY_PKG_CONFIG(${TARGET_LIBNAME_COMMON} PUBLIC
   CERT_SVC_DEPS_VCORE
   MINIZIP_DEPS
   ZLIB_DEPS
+  PRIVILEGE_CHECKER_DEPS
   Boost
 )
 
diff --git a/src/common/step/step_check_signature.cc b/src/common/step/step_check_signature.cc
index 3745cd4..a046728 100644
--- a/src/common/step/step_check_signature.cc
+++ b/src/common/step/step_check_signature.cc
@@ -6,6 +6,8 @@
 
 #include <boost/filesystem/operations.hpp>
 #include <boost/filesystem/path.hpp>
+#include <glib.h>
+#include <privilege_manager.h>
 #include <tzplatform_config.h>
 #include <vcore/Certificate.h>
 #include <vcore/SignatureReader.h>
@@ -13,8 +15,12 @@
 #include <vcore/WrtSignatureValidator.h>
 #include <vcore/VCore.h>
 
+#include <cassert>
+#include <cstdlib>
 #include <string>
 
+#include "common/utils/clist_helpers.h"
+
 namespace bf = boost::filesystem;
 
 namespace {
@@ -37,6 +43,20 @@ common_installer::PrivilegeLevel CertStoreIdToPrivilegeLevel(
   }
 }
 
+privilege_manager_visibility_e PrivilegeLevelToVisibility(
+    common_installer::PrivilegeLevel level) {
+  switch (level) {
+    case common_installer::PrivilegeLevel::PUBLIC:
+      return PRVMGR_PACKAGE_VISIBILITY_PUBLIC;
+    case common_installer::PrivilegeLevel::PARTNER:
+      return PRVMGR_PACKAGE_VISIBILITY_PARTNER;
+    case common_installer::PrivilegeLevel::PLATFORM:
+      return PRVMGR_PACKAGE_VISIBILITY_PLATFORM;
+    default:
+      assert(false && "Not reached");
+  }
+}
+
 common_installer::Step::Status ValidateSignatureFile(
     const bf::path& base_path,
     const ValidationCore::SignatureFileInfo& file_info,
@@ -97,6 +117,45 @@ common_installer::Step::Status ValidateSignatureFile(
   return common_installer::Step::Status::OK;
 }
 
+bool ValidatePrivilegeLevel(common_installer::PrivilegeLevel level,
+    bool is_webapp, const char* api_version, privileges_x *privileges) {
+  GList* list = nullptr;
+  privileges_x* pvlg = nullptr;
+  PKGMGR_LIST_MOVE_NODE_TO_HEAD(privileges, pvlg);
+  for (; pvlg != nullptr; pvlg = pvlg->next) {
+    privilege_x* pv = nullptr;
+    PKGMGR_LIST_MOVE_NODE_TO_HEAD(pvlg->privilege, pv);
+    for (; pv != nullptr; pv = pv->next) {
+      list = g_list_append(list, const_cast<char*>(pv->text));
+    }
+  }
+
+  if (level == common_installer::PrivilegeLevel::UNTRUSTED) {
+    if (list) {
+      g_list_free(list);
+      LOG(ERROR) << "Untrusted application cannot declare privileges";
+      return false;
+    } else {
+      return true;
+    }
+  }
+
+  char* error = nullptr;
+  int status = privilege_manager_verify_privilege(api_version,
+      is_webapp ? PRVMGR_PACKAGE_TYPE_WRT : PRVMGR_PACKAGE_TYPE_CORE, list,
+      PrivilegeLevelToVisibility(level),
+      &error);
+  if (list)
+    g_list_free(list);
+  if (status != PRVMGR_ERR_NONE) {
+    LOG(ERROR) << "Error while verifing privilege level: " << error;
+    free(error);
+    return false;
+  }
+  LOG(INFO) << "Privilege level checked";
+  return true;
+}
+
 }  // namespace
 
 namespace common_installer {
@@ -156,7 +215,12 @@ Step::Status StepCheckSignature::process() {
 
   // TODO(t.iwanek): check settings for privilege level...
 
-  // TODO(t.iwanek): verify privileges according to privilege level...
+  // TODO(t.iwanek): refactoring, move to wgt backend
+  bool is_webapp = context_->pkg_type.get() == "wgt";
+  if (!ValidatePrivilegeLevel(level, is_webapp,
+      context_->config_data.get().required_version.get().c_str(),
+      context_->manifest_data.get()->privileges))
+    return Status::ERROR;
 
   // TODO(t.iwanek): check old certificate during update...