From: Konrad Lipinski <k.lipinski2@samsung.com>
Date: Mon, 7 Jun 2021 16:44:55 +0000 (+0200)
Subject: Make prepare_app() safer in non-main threads
X-Git-Tag: submit/tizen/20210624.042100~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=815ff9ba033bd5119b03b1500dec21044d3b160f;p=platform%2Fcore%2Fsecurity%2Fsecurity-manager.git

Make prepare_app() safer in non-main threads

Calling prepare_app() from a non-main thread in a multithreaded
process could fail. While labels for other threads were being correctly
set by writing to /proc/<tid>/attr/current, the prepare_app thread used
smack_set_label_for_self() and thus /proc/self/attr/current.

This is easily fixed by reusing label_for_self_internal() so that all
threads are uniformly treated, each using its own tid.

Change-Id: Id5b3071b08057200331d64bf8d6cd172ae729df1
---

diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp
index 34767d6f..b34ce794 100644
--- a/src/client/client-security-manager.cpp
+++ b/src/client/client-security-manager.cpp
@@ -673,8 +673,8 @@ static inline int security_manager_sync_threads_internal(const std::string &app_
         }
     }
 
-    if (g_p_app_label && smack_set_label_for_self(app_label.c_str()) != 0) {
-        LogError("smack_set_label_for_self failed");
+    if (g_p_app_label && label_for_self_internal() != 0) {
+        LogError("label_for_self_internal failed");
         goto err;
     }