From: Rafal Krypa <r.krypa@samsung.com>
Date: Fri, 27 Feb 2015 16:37:22 +0000 (+0100)
Subject: Generate distinct Smack labels for appId and pkgId
X-Git-Tag: accepted/tizen/3.0.2015.q1/common/20150320.110433~7
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=5464c8863931bce9ff6bf536e09a5fff0c14a890;hp=5a80e0b13efec880d97fb74ad0aa02fa6b0982ab;p=platform%2Fcore%2Fsecurity%2Fsecurity-manager.git

Generate distinct Smack labels for appId and pkgId

Stop hard-wiring Smack labels to "User".
Proper unique labels will be generated:
- "User::App::$appid" for appId
- "User::Pkg::$pkgid" for pkgId

Generated rules are also validated against Smack restrictions for labels.
This imposes the following limitations on appId and pkgId values:
- length up to 244 characters (255 minus prefix length)
- non-printable ASCII characters and space are not allowed
- other prohibited characters: slash, backslash, single quote, double quote

Change-Id: Ib60b1f6fae785919542b2e749bceabbea0b9a89b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
---

diff --git a/src/common/smack-labels.cpp b/src/common/smack-labels.cpp
index feef9f7..0294a42 100644
--- a/src/common/smack-labels.cpp
+++ b/src/common/smack-labels.cpp
@@ -168,20 +168,32 @@ void setupCorrectPath(const std::string &pkgId, const std::string &appId, const
 
 std::string generateAppNameFromLabel(const std::string &label)
 {
-    //TODO: Fix when a label generating mechanism is ready
-    return label;
+    static const char prefix[] = "User::App::";
+
+    if (label.compare(0, sizeof(prefix) - 1, prefix))
+        ThrowMsg(SmackException::InvalidLabel, "Cannot extract appId from Smack label " << label);
+
+    return label.substr(sizeof(prefix) - 1);
 }
 
 std::string generateAppLabel(const std::string &appId)
 {
-    (void) appId;
-    return "User";
+    std::string label = "User::App::" + appId;
+
+    if (smack_label_length(label.c_str()) <= 0)
+        ThrowMsg(SmackException::InvalidLabel, "Invalid Smack label generated from appId " << appId);
+
+    return label;
 }
 
 std::string generatePkgLabel(const std::string &pkgId)
 {
-    (void) pkgId;
-    return "User";
+    std::string label = "User::Pkg::" + pkgId;
+
+    if (smack_label_length(label.c_str()) <= 0)
+        ThrowMsg(SmackException::InvalidLabel, "Invalid Smack label generated from pkgId " << pkgId);
+
+    return label;
 }
 
 } // namespace SmackLabels