From: DongHyun Song Date: Thu, 2 Sep 2021 02:19:00 +0000 (+0900) Subject: [Service] Apply smack label ahead of webapis initialization X-Git-Tag: submit/tizen/20210902.160017^0 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=9a678bd5894fd42736e2473c133d80fa7ccae56a;p=platform%2Fframework%2Fweb%2Fwrtjs.git [Service] Apply smack label ahead of webapis initialization On webapis side, it is checking privileges by cynara client with smack label (/prod/tid/attr/current), but, this smack label is getting before dropThreadPrivilege(). Thus, it is always 'org.tizen.chromium-efl.wrt-service'. To make correct this problem, this patch change its time ahead of dropThreadPrivilege(). By this logic, there is a new smack error while using systeminfo webapi. Because systeminfo webapi is using their singleton worker thread to get some device information. This must be created by same smack label as pid's smack label. Otherwise, the worker's task will be failed. Therefore, this moves below logic on main thread. tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { }); Later, I will discuss regarding creating this singleton worker by other better way with webapi members. Change-Id: I8c3ab62b775e1aaa895aa70b0ec5f438840ad74b Signed-off-by: DongHyun Song --- diff --git a/wrt_app/service/service_manager.ts b/wrt_app/service/service_manager.ts index 9f8d3e5a..8e0c5bbc 100644 --- a/wrt_app/service/service_manager.ts +++ b/wrt_app/service/service_manager.ts @@ -1,5 +1,6 @@ import { Worker, isMainThread } from 'worker_threads'; import { wrt } from '../browser/wrt'; +import * as XWalkExtension from '../common/wrt_xwalk_extension'; interface WorkerMap { [id: string]: any; @@ -45,8 +46,19 @@ function terminateWorker(id: string, delay: number) { workers[id].postMessage({ type: 'stop', delay }); } +let initializeExtensionOnMain = () => { + initializeExtensionOnMain = () => {}; + XWalkExtension.initialize(); + // This is workaround solution to make webapis's singleton worker, which has + // same smack label with pid's. + // It must be handled ahead of dropThreadPrivilege() + // Otherwise, smack violation might hanppen from 'libdbuspolicy'. + global.tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { }); +} + export function startService(id: string, filename: string) { console.debug(`startService - ${id}`); + initializeExtensionOnMain(); if (global['serviceType'] === 'STANDALONE') { let ids = id.split(':'); let serviceId = ids[0]; diff --git a/wrt_app/service/service_runner.ts b/wrt_app/service/service_runner.ts index ac176526..b4b3fe1d 100644 --- a/wrt_app/service/service_runner.ts +++ b/wrt_app/service/service_runner.ts @@ -67,7 +67,12 @@ let checkLauncherAlive = (id: string) => { } export function start(id: string, filename: string) { + let ids = id.split(':'); + let serviceId = ids[0]; + let packageId = wrt.getPackageId(serviceId); wrt.setServiceAppId(id); + wrt.security?.dropThreadPrivilege(packageId, serviceId); + XWalkExtension.initialize(); XWalkExtension.setRuntimeMessageHandler((type, data) => { if (type === 'tizen://exit') { @@ -78,10 +83,7 @@ export function start(id: string, filename: string) { console.debug(`serviceType : ${global['serviceType']}`) new DeviceAPIRouter(id, isGlobalService()); - - // this is workaround solution to make webapis singleton worker - // ahead of dropThreadPrivilege() - global.tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { }); + printAppControlData(id); // This is for awaking up uv loop. if (isGlobalService()) { @@ -97,12 +99,6 @@ export function start(id: string, filename: string) { } try { - let ids = id.split(':'); - let serviceId = ids[0]; - let packageId = global.webapis.getPackageId(); - wrt.security?.dropThreadPrivilege(packageId, serviceId); - printAppControlData(id); - app = require(filename); if (app.onStart !== undefined) { app.onStart();