From: Dongik Lee <dongik.lee@samsung.com>
Date: Thu, 29 May 2025 06:47:05 +0000 (+0900)
Subject: Remove duplicate setting smack label for domain socket
X-Git-Tag: accepted/tizen/unified/20250604.163032^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fheads%2Ftizen;p=platform%2Fcore%2Fsecurity%2Fauth-fw.git

Remove duplicate setting smack label for domain socket

Change-Id: I89af2e514de00f01dce48b05d9d11a5176f7b914
---

diff --git a/packaging/auth-fw.spec b/packaging/auth-fw.spec
index d4c6439..d0cabaa 100644
--- a/packaging/auth-fw.spec
+++ b/packaging/auth-fw.spec
@@ -11,7 +11,6 @@ Source1003: lib%{name}-client-admin.manifest
 Source1004: %{name}-test.manifest
 BuildRequires: cmake
 BuildRequires: pkgconfig(dlog)
-BuildRequires: pkgconfig(libsmack)
 BuildRequires: pkgconfig(libsystemd)
 BuildRequires: pkgconfig(libtzplatform-config)
 BuildRequires: pkgconfig(cynara-client)
diff --git a/src/server/CMakeLists.txt b/src/server/CMakeLists.txt
index fb23426..e6b5f40 100644
--- a/src/server/CMakeLists.txt
+++ b/src/server/CMakeLists.txt
@@ -1,7 +1,6 @@
 PKG_CHECK_MODULES(SERVER_DEP
     REQUIRED
     hal-api-security
-    libsmack
     libsystemd
     cynara-client
     cynara-creds-socket
@@ -29,7 +28,6 @@ LINK_DIRECTORIES(
 SET(SERVER_SOURCES
     main/generic-socket-manager.cpp
     main/server-main.cpp
-    main/smack-check.cpp
     main/socket-manager.cpp
     service/password.cpp
     service/password-manager.cpp
diff --git a/src/server/main/include/smack-check.h b/src/server/main/include/smack-check.h
deleted file mode 100644
index 76b46b3..0000000
--- a/src/server/main/include/smack-check.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- *  Authentication password
- *
- *  Copyright (c) 2000 - 2016 Samsung Electronics Co., Ltd All Rights Reserved
- *
- *  Contact: Jooseong Lee <jooseong.lee@samsung.com>
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License
- */
-
-#ifndef _SMACK_CHECK_H_
-#define _SMACK_CHECK_H_
-
-#include <string>
-
-namespace AuthPasswd {
-
-extern const std::string CLIENT_WHITELIST;
-extern const std::string ADMIN_CLIENT_WHITELIST;
-
-/*
- * A very simple runtime check for SMACK on the platform
- * Returns 1 if SMACK is present, 0 otherwise. If SMACK_ENABLED is not defined
- * It returns 0.
- */
-int smack_check(void);
-
-} // namespace AuthPasswd
-
-#endif // _SMACK_CHECK_H_
diff --git a/src/server/main/smack-check.cpp b/src/server/main/smack-check.cpp
deleted file mode 100644
index f78875f..0000000
--- a/src/server/main/smack-check.cpp
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- *  Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License
- */
-/*
- * @file        smack-check.cpp
- * @author      Jooseong Lee (jooseong.lee@samsung.com)
- * @version     1.0
- * @brief       Check smck is enabled on device.
- */
-#include "smack-check.h"
-
-#include <fstream>
-#include <sys/smack.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-
-#include <dpl/log/log.h>
-#include <error-description.h>
-
-namespace AuthPasswd {
-
-const char COMMENT = '#';
-const std::string CLIENT_WHITELIST = "/etc/auth-fw/client-whitelist";
-const std::string ADMIN_CLIENT_WHITELIST = "/etc/auth-fw/admin-client-whitelist";
-
-int smack_runtime_check(void)
-{
-	static int smack_present = -1;
-
-	if (-1 == smack_present) {
-		if (NULL == smack_smackfs_path()) {
-			LogDebug("no smack found on device");
-			smack_present = 0;
-		} else {
-			LogDebug("found smack on device");
-			smack_present = 1;
-		}
-	}
-
-	return smack_present;
-}
-
-int smack_check(void)
-{
-#ifndef SMACK_ENABLED
-	return 0;
-#else
-	return smack_runtime_check();
-#endif
-}
-
-} // namespace AuthPasswd
diff --git a/src/server/main/socket-manager.cpp b/src/server/main/socket-manager.cpp
index cdd26d4..a10b8e1 100644
--- a/src/server/main/socket-manager.cpp
+++ b/src/server/main/socket-manager.cpp
@@ -29,7 +29,6 @@
 #include <sys/signalfd.h>
 #include <sys/types.h>
 #include <sys/socket.h>
-#include <sys/smack.h>
 #include <linux/xattr.h>
 #include <sys/un.h>
 #include <sys/stat.h>
@@ -45,7 +44,6 @@
 #include <dpl/assert.h>
 
 #include <error-description.h>
-#include <smack-check.h>
 #include <socket-manager.h>
 
 namespace {
@@ -527,17 +525,6 @@ int SocketManager::CreateDomainSocketHelp(
 		ThrowMsg(Exception::InitFailed, "Error in socket: " << errnoToString(err));
 	}
 
-	if (smack_check()) {
-		LogInfo("Set up smack label: " << desc.smackLabel);
-
-		if (0 != smack_set_label_for_file(sockfd, XATTR_NAME_SMACKIPIN, desc.smackLabel.c_str())) {
-			LogError("Error in smack_set_label_for_file");
-			ThrowMsg(Exception::InitFailed, "Error in smack_set_label_for_file");
-		}
-	} else {
-		LogInfo("No smack on platform. Socket won't be securied with smack label!");
-	}
-
 	int flags;
 
 	if (-1 == (flags = fcntl(sockfd, F_GETFL, 0)))