Bartlomiej Grzelewski [Thu, 18 Jul 2013 15:35:24 +0000 (17:35 +0200)]
Add configuration for systemd.
List of changes:
* change socket name for get-get api
* add systemd configuration for get-object-name api
* remove some useless logs from services
[Issue#] N/A
[Bug/Feature] Remove deprecated logs.
[Cause] N/A
[Solution] N/A
[Verification] Build, install, run tests.
Change-Id: I5eed0ab203dee6d3d777f64c6bd495ea01dbd4fb
Janusz Kozerski [Fri, 19 Jul 2013 11:55:14 +0000 (13:55 +0200)]
Remove API function security_server_launch_debug_tool()
[Issue#] SSDWSSP-369
[Bug] Function give an access to run any command as root.
[Cause] Re-witing security-server.
[Solution] Remove function.
[Verification] Build, install, run tests.
Change-Id: I19f202608d54bdd70b4bfd5edc9dcba816854d68
Jan Olszak [Tue, 9 Jul 2013 10:03:56 +0000 (12:03 +0200)]
Implemented security_server_get_object_name function in new framework.
[Issue#] Function for new security-server framework.
[Bug/Feature] Get name in new security-server.
[Cause] N/A
[Solution] Reimplemented solution.
[Verification] Build, install, run tests.
Change-Id: I432170b517f4a3ee20d2db4281e18f7bd7dd449d
Zofia Abramowska [Tue, 16 Jul 2013 10:01:42 +0000 (12:01 +0200)]
Rewriting client socket privilige part and adding exec path service
[Issue#] SSDWSSP-367
[Bug/Feature] N/A
[Cause] Rewriting client API and security-server socket privilige checks
functionality to match recently written security-server services
[Solution] Rewriting client API to use new implementation of sockets,
adding new service for get execution path request
[Verification] Successful build.
Run test 'security-server-test-client-smack'
with 'regexp=sock' argument and check dlog logs whether
execution path is being properly send
(This functionality is not in ss API, so no tests for
this specific service are available)
Change-Id: I49031860de14986f73899cb8c99f061241ede39b
Bartlomiej Grzelewski [Tue, 16 Jul 2013 17:06:47 +0000 (19:06 +0200)]
Fix sendToServer function.
Security server closes connection when protocol is broken.
Client was not able to handle this situation.
[Issue#] N/A
[Bug] Client program may hang.
[Cause] sendToServer function does not support
situation when read returns 0.
[Problem] N/A
[Solution] N/A
[Verification] Run tests.
Change-Id: Ie3002ae88c6ac4b55958b4e0d2d81ca5aacd5c43
Jan Cybulski [Fri, 12 Jul 2013 07:50:23 +0000 (09:50 +0200)]
Add implementation for check_privilege_by_pid in security server 2
[Issue#] SSDWSSP-368
[Bug/Feature] Check privilege by pid via security server 2
[Cause] N/A
[Solution] Old implementation ported to new framework.
[Verification] Build, install, run tests.
Change-Id: If8937113015a435ed14c31b76f9443b39776e030
Bartlomiej Grzelewski [Fri, 12 Jul 2013 11:29:59 +0000 (13:29 +0200)]
Change log destination to system journal.
[Issue#] SSDWSSP-392
[Bug] N/A
[Cause] N/A
[Problem] Security-server logs must be saved in system.
[Solution] N/A
[Verification] Run tests.
Change-Id: I95a0db02b860c961dbea4ea55138298793a295cd
Bartlomiej Grzelewski [Thu, 11 Jul 2013 16:38:26 +0000 (18:38 +0200)]
Add socket activation for get-gid api.
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Problem] Lack of socket activation for api get-gid.
[Solution] Add support for socket activation in security-server.
[Verification] Reinstall security-server. Reboot target. Run tests.
Change-Id: Ia3f1a1630df69da85398e5f53cf34a446d79bc94
Jan Olszak [Tue, 9 Jul 2013 10:03:56 +0000 (12:03 +0200)]
Implemented security_server_get_gid function in new framework.
[Issue#] Function for new security-server framework.
[Bug/Feature] Check GID in new security-server.
[Cause] N/A
[Solution] Used old implementation with small changes.
[Verification] Build, install, run tests.
Change-Id: I3032d80dc2af8d9fa40f4aa7ab8cbf9d0daa0919
Bartlomiej Grzelewski [Mon, 8 Jul 2013 12:56:53 +0000 (14:56 +0200)]
Remove deprecated code and scripts.
Removed:
* init scripts
* deprecated lines from spec file
* remove deprecated code from old security server
[Issue#] SSDWSSP-146
[Bug] N/A
[Cause] N/A
[Problem] Security server starts twice (by systemd and init).
[Solution] Remove init scripts.
[Verification] Reinstall security-server. Reboot target. Run tests.
Change-Id: Ibac028b8b452284e7447b7fcb81b9a8927aded68
Bartlomiej Grzelewski [Fri, 5 Jul 2013 16:54:23 +0000 (18:54 +0200)]
Convert to systemd API.
- enable socket activation
- enable sn_notify (start-up completion notification).
[Issue#] SSDWSSP-146
[Bug] N/A
[Cause] N/A
[Problem] Socket activation is required in security-server.
[Solution] Add support for socket activation in security-server.
[Verification] Reinstall security-server. Reboot target. Run tests.
Change-Id: I4d8c4f79bf1979df5e9e48b24bae9725441a9a14
Bartlomiej Grzelewski [Thu, 11 Jul 2013 11:16:53 +0000 (13:16 +0200)]
Takes compilation profile from command line.
This command will start compilation with debug(-O0 -g -ggdb)
gbs lb -A armv7l --define "build_type DEBUG"
Default command will use RELEASE profile(-02 -g):
gbs lb -A armv7l
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Problem] N/A
[Solution] N/A
[Verification] Run tests.
Change-Id: Ic1388759b720aebadcfcf98dc0fbd5a73d9eb384
Bartlomiej Grzelewski [Thu, 11 Jul 2013 10:28:26 +0000 (12:28 +0200)]
Remove compilation warnings in security-server-util-common.c
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Problem] N/A
[Solution] N/A
[Verification] Run tests.
Change-Id: Ieb1dfb3d3de91a070286d6dc33cfd5d1340d0700
Zofia Abramowska [Wed, 10 Jul 2013 11:28:10 +0000 (13:28 +0200)]
Refactoring common utility functions
[Issue#] N/A
[Bug/Feature] N/A
[Cause] Some utility functions were not extracted to util source
files. It is needed to properly write new services for ss2
[Solution] Moved some functions out of main file to util file
[Verification] Successfull build
Change-Id: I31af2fe3618dd58c77be7b0e23faeeb6e25d6c32
Bartlomiej Grzelewski [Mon, 8 Jul 2013 14:46:43 +0000 (16:46 +0200)]
Remove deprecated code connected with shared memory.
[Issue#] SSDWSSP-378
[Bug] N/A
[Cause] N/A
[Problem] Some code from tutorial was release on unknown licence.
[Solution] Code was removed.
[Verification] Run tests.
Change-Id: I302d168defb16cad32d665b9046a139843fd9523
Jan Olszak [Thu, 4 Jul 2013 12:59:07 +0000 (14:59 +0200)]
Changed dlog logging buffer.
[Issue#] dlog logged in a wrong buffer.
[Bug/Feature] Recent prevent bugs need fix.
[Cause] N/A
[Solution] N/A
[Verification] Build, install, run "dlogutil -c", run tests, run "dlogutil -b main SECURITY_SERVER" (no loggs), "dlogutil -b system SECURITY_SERVER" (loggs..)
Change-Id: I8680f74ab4452469147e6f348c2a3491b9063bf7
Krzysztof Jackiewicz [Wed, 10 Jul 2013 10:16:14 +0000 (10:16 +0000)]
Merge "Error code for empty passwords."
Jan Olszak [Tue, 2 Jul 2013 13:35:52 +0000 (15:35 +0200)]
Error code for empty passwords.
[Issue] No error code for empty passwords. Needed in tests.
[Feature] N/A
[Cause] N/A
[Solution] Added error code
[Verification] Build
Change-Id: Icb1d6aacaf5b346ab2733245d7d328d48a1e03f5
Krzysztof Jackiewicz [Tue, 9 Jul 2013 17:07:13 +0000 (19:07 +0200)]
Merge rsa/tizen_2.2 into rsa/master
Change-Id: I34bf3347ef19126a5ed6ae7d0bce12e61b466239
Krzysztof Jackiewicz [Tue, 9 Jul 2013 17:06:16 +0000 (19:06 +0200)]
[Release] security-server_0.0.78
* Security server refactoring
* Prevent fixes
Change-Id: Ia136cabf3fb8346eb0d0d2c3cc757af55e90c5e0
Marcin Niesluchowski [Fri, 5 Jul 2013 11:27:22 +0000 (13:27 +0200)]
Fixing prevent defects in security-server
* 63411; Critical; Resource leak; In function
SecurityServer::BinaryQueue::AppendUnmanaged(
void const*,
unsigned int,
void (*)(void const*, unsigned int, void *),
void *)
in src/server2/dpl/core/src/binary_queue.cpp
* 63374; Critical; Explicit null dereferenced; In function
SecurityServer::SharedMemoryService::readOne(SecurityServer::ConnectionID const&,
SecurityServer::SocketBuffer &)
in src/server2/service/data-share.cpp
[Issue#] SSDWSSP-356
[Bug/Feature] Prevent bugs need to be fixed.
[Cause] N/A
[Solution] N/A
[Verification] Running security-server tests.
Change-Id: I816e8b50ff94470256604d37a88a400dbeac59b5
Bartlomiej Grzelewski [Wed, 3 Jul 2013 08:17:35 +0000 (10:17 +0200)]
Socket won't have any smack label when smack is turn off.
[Issue#] SSDWSSP-68
[Bug] Security-server does not work without smack.
[Cause] Smack was mandatory.
[Solution] Add runtime check for smack existance.
[Verfication] Run tests.
Change-Id: I431a2c86a6f110f5c79b3795e07f32e49759cd28
Bartlomiej Grzelewski [Mon, 20 May 2013 09:11:27 +0000 (11:11 +0200)]
Security-server refactoring.
* Rewrite shared-memory-service.
* Each service will run in own thread.
* Import log and exception modules from DPL library.
* Add serialization.
* Hide symbols in client library.
[Issue#] SSDWSSP-68
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run security-server tests.
Change-Id: Ib353c4ddaccc2f4211f2bbce74dd890956fa60de
Krzysztof Jackiewicz [Tue, 9 Jul 2013 08:11:21 +0000 (10:11 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.2' into rsa/master
Change-Id: I80f650ab40e251f9a5ad736d1814a3d1872c15c3
Tomasz Swierczek [Thu, 27 Jun 2013 10:11:12 +0000 (12:11 +0200)]
[Release] security-server_0.0.77
* Fixed defects reported by prevent.
Change-Id: I809b7fe45d1308a2d36b1b7f5fd8dd8a19e53f24
Marcin Niesluchowski [Fri, 21 Jun 2013 12:05:25 +0000 (14:05 +0200)]
Fixing prevent defects in security-server.
* 60575; Major; Unsigned compared against 0; In function security_server_thread
in src/server/security-server-main.c
* 52113; Minor; Unchecked return value; In function security_server_thread
in src/server/security-server-main.c
[Issue#] SSDWSSP-335
[Bug/Feature] Prevent detected new defects.
[Cause] N/A
[Solution] N/A
[Verification] Running tests.
Change-Id: Ie74a957585482b3435783c9bcba4dc1e7ce13ee2
Bartlomiej Grzelewski [Thu, 20 Jun 2013 17:31:04 +0000 (19:31 +0200)]
[Release] security-server_0.0.76
* Reduce number of logs.
* Add missing handler for executable path retrieval message.
* Run stylecheck on repository.
* Fix major defects reported by prevent.
Change-Id: I8044fbc6cd98a4fe9fb3af3a838ad37191b393c4
Marcin Niesluchowski [Thu, 20 Jun 2013 07:57:50 +0000 (09:57 +0200)]
Changing some error logs to warnings and turning off debug logs on security-server.
[Issue#] SSDWSSP-331
[Bug/Feature] Too many error logs. Debug logs should be turned off.
[Cause] N/A
[Solution] N/A
[Verification] Checking logs and running tests.
Change-Id: I060a891700e161064980c97a5b90c32eef47fca6
Krzysztof Jackiewicz [Fri, 24 May 2013 15:24:46 +0000 (17:24 +0200)]
Added missing handler for executable path retrieval message
[Issue#] SSDWSSP-274
[Feature/Bug] N/A
[Problem] SECURITY_SERVER_MSG_TYPE_EXE_PATH_REQUEST is not handled
[Cause] Incorrectly resolved conflict. Part of code lost.
[Solution] Missing handler restored
[Verification] Build & install. Run security-server-tests-client-smack
--regexp=tc06_check_privilege_by_sockfd. Security server logs should contain
valid executable path in lines starting with SS_SMACK. There should be no
"Unknown msg ID" message in dlog
Change-Id: I8e384e645291a0563a1ffd4ce47496742e756742
Marcin Niesluchowski [Thu, 20 Jun 2013 12:35:52 +0000 (14:35 +0200)]
All *.c and *.h files changed by stylecheck-for-git.
[Issue#] SSDWSSP-322
[Bug/Feature] Standardization of repository coding style.
[Cause] N/A
[Solution] N/A
[Verification] N/A
Change-Id: Ife70bac31e8fb6a5b0b678dfddbee840ace8c764
Marcin Niesluchowski [Fri, 14 Jun 2013 08:51:30 +0000 (10:51 +0200)]
Fixing prevent major defects in security-server.
In file src/client/security-server-cient.c:
Major "Integer overflowed argument" in function recv_exec_path_response()
In file src/server/security-server-main.c:
Major "Integer overflowed argument" in function security_server_thread()
Major "Various" in security_server_thread()
In file src/communication/sercurity-server-comm.c:
Major "Integer overflowed argument" in function recv_pid_privilege_request()
[Issue#] SSDWSSP-306
[Bug/Feature] Fix prevent defects
[Cause] Prevent server signalizes defects
[Solution] N/A
[Verification] Running tests and checking prevent output.
Change-Id: Iff331cd34c2f3447df79118cfa449e6c37c72091
Zbigniew Jasinski [Mon, 17 Jun 2013 13:41:10 +0000 (15:41 +0200)]
Log messages refactoring continued
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] Legal issues with prohibited words in logs (ie. password)
[Solution] Use SECURE_LOG* macro
[Verification] Compile and run. No tests should fail
Change-Id: I5ed5815d1e105f31765162460350476cba574c00
Zbigniew Jasinski [Mon, 17 Jun 2013 13:39:23 +0000 (15:39 +0200)]
Log messages refactoring continued
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] Legal issues with prohibited words in logs (ie. password)
[Solution] Use SECURE_LOG* macro
[Verification] Compile and run. No tests should fail
Change-Id: I8997084a6fbac44b21b253fa4a8765ebf6625ae9
Zbigniew Jasinski [Mon, 17 Jun 2013 13:34:53 +0000 (15:34 +0200)]
Log messages refactoring
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] Legal issues with prohibited words in logs (ie. password)
[Solution] Use SECURE_LOG* macro
[Verification] Compile and run. No tests should fail
Change-Id: I060ce75cc308fd1890c5b249840e19f40b833fd6
Zbigniew Jasinski [Tue, 18 Jun 2013 08:40:23 +0000 (10:40 +0200)]
Added SECURE_LOG* macro
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] SECURE_LOG* macro added for log messages refactoring
[Solution] Added SECURE_LOG* macro
[Verification] Compile with LOG_DEBUG_ENABLED and run. No tests should fail
Change-Id: Id9181d91c3bc571bd122edbc9e641fbcca39af7e
Pawel Polawski [Mon, 20 May 2013 09:06:33 +0000 (11:06 +0200)]
Add SMACK checking for SS API
[Issue#] SSDWSSP-272
[Bug/Feature] Add SMACK checking for each SS API
[Cause] No SMACK authorization in some SS API
[Solution] Added SMACK checking for each SS API
[Verification] Compile and run. No tests should fail
Change-Id: I4043c7eddd2bab1547f48ffbaf3ab7e28101550c
Krzysztof Jackiewicz [Tue, 4 Jun 2013 14:51:43 +0000 (16:51 +0200)]
Merge rsa/tizen_2.1 into rsa/master
Change-Id: I360ecefb2596ddf47955b2dd9234af5374ba700b
Krzysztof Jackiewicz [Tue, 4 Jun 2013 14:14:53 +0000 (16:14 +0200)]
[Release] security-server_0.0.75
* smack_have_access replaced by smack_pid_have_access
* getgrnam_r used for group searching
* executable path retrieval moved to server
Change-Id: I7f78e51eab61a30e5e1621bf230dc4fe3fecbb87
Krzysztof Jackiewicz [Fri, 24 May 2013 15:24:46 +0000 (17:24 +0200)]
Executable path retrieval moved to security-server
[Issue#] SSDWSSP-274
[Feature/Bug] N/A
[Problem] security_server_check_privilege_by_sockfd should not require root privileges
[Cause] The function reads /proc/[pid]/exe
[Solution] Executable retrieval moved to security-server.
[Verification] Build & install. Run security-server-tests-client-smack --regexp=tc06_check_privilege_by_sockfd
Security server logs should contain valid executable path in lines starting with SS_SMACK
Change-Id: Ib06414e80c9ee992108b7c49b33914e9047e5871
Zbigniew Jasinski [Mon, 27 May 2013 13:10:02 +0000 (15:10 +0200)]
Rewriting search_gid to use POSIX getgrnam_r
[Issue#] N/A
[Bug] N/A
[Cause] Instead of opening /etc/group and search for group name and ID we can
use POSIX getgrnam_r
[Solution] Rewriting function to use POSIX getgrnam_r.
[Verification] Build. Run all security-server tests.
Change-Id: Ia3591db1e11c013229ffd0a725697be797e0a2f1
Janusz Kozerski [Tue, 7 May 2013 12:19:09 +0000 (14:19 +0200)]
Use function smack_pid_have_access() from libprivilege-control instead smack_have_access()
[Issue#] SSDWSSP-220
[Feature] Using function smack_pid_have_access() from libprivilege-control instead smack_have_access()
[Problem] N/A
[Cause] N/A
[Solution] N/A
[Verification] Needs http://slp-info.sec.samsung.net/gerrit/#/c/197481/. Build, install, reboot.
Change-Id: I98b651f7e52c74d794fe96818a61644ece5c9ae5
Krzysztof Jackiewicz [Wed, 22 May 2013 09:08:41 +0000 (11:08 +0200)]
[Release] security-server_0.0.74
* Bugfixing. Code refactoring. Logging updated
Change-Id: Ie0aa660514345a11772dddbcf0f118f27b023f04
Bartlomiej Grzelewski [Fri, 17 May 2013 12:06:14 +0000 (14:06 +0200)]
Fix data control api.
Data control must return SUCCESS on images without smack.
[Issue#] SSDWSSP-277
[Bug] security-server_app_give_access returns error on image
without smack.
[Cause] On image without smack user passed "" as a client label.
"" is not acceptable smack label.
[Solution] Function security_server_app_give_access returns SUCCESS
when smack is turn off.
[Verification] Build. Run all tests. No changes in result should be
noticed on smack image.
Change-Id: I0c740ecda07e3ed97f1d409c8e597bc3b1f0b773
Krzysztof Jackiewicz [Mon, 13 May 2013 15:17:47 +0000 (17:17 +0200)]
Cookie executable path logic fixed and refactored.
[Issue#] SSDWSSP-237 / P130508-4841
[Bug] Security-server has closed unexpectedly
[Problem] N/A
[Cause] Executable paths were improperly compared and triggered pid reusage code
branch.
[Solution] Executable paths logic fixed and refactored.
[Verification] Run all security-server tests
Change-Id: I68219631378be17c980b52fa8995d9bc37d69ed7
Conflicts:
src/server/security-server-cookie.c
Krzysztof Jackiewicz [Mon, 13 May 2013 15:17:47 +0000 (17:17 +0200)]
Cookie executable path logic fixed and refactored.
[Issue#] SSDWSSP-237 / P130508-4841
[Bug] Security-server has closed unexpectedly
[Problem] N/A
[Cause] Executable paths were improperly compared and triggered pid reusage code
branch.
[Solution] Executable paths logic fixed and refactored.
[Verification] Run all security-server tests
Change-Id: I68219631378be17c980b52fa8995d9bc37d69ed7
Krzysztof Jackiewicz [Tue, 14 May 2013 15:31:49 +0000 (17:31 +0200)]
Fixed compilation error
[Issue#] SSDWSSP-229
[Feature/Bug] Compilation error
[Problem] N/A
[Cause] Error logs are not yet available
[Solution] Changed to debug logs
[Verification] Successfull compilation
Change-Id: I29a8268cfefc41189e4c1e218387a20a48cf9142
Zofia Abramowska [Mon, 13 May 2013 14:05:38 +0000 (16:05 +0200)]
Reimplementing process_app_get_access_request
[Issue#] SSDWSSP-229
[Feature] No revoking for label given by this function
[Cause] N/A
[Solution] Rewriting function inside security-server code,
not using libprivilege-control
[Verification] Build and run tests (testcases for revoking label
may fail)
Change-Id: Ie1d682f1dc76c108da7c602c958d8db9d33519ad
Krzysztof Jackiewicz [Fri, 10 May 2013 12:53:05 +0000 (14:53 +0200)]
Thread synchronisation fixed. Proper cookie copying.
[Issue#] SSDWSSP-237
[Feature/Bug] N/A
[Problem] security server crashes
[Cause] Because of incorrect synchronisation a race condition was possible
[Solution] Synchronisation fixed. Proper cookie copying applied.
[Verification] Run all security server tests
Change-Id: I464fb0cf05ec707191c32dde8b7b3de2b0fcdeb5
Zofia Abramowska [Mon, 13 May 2013 14:05:38 +0000 (16:05 +0200)]
Reimplementing process_app_get_access_request
[Issue#] SSDWSSP-229
[Feature] No revoking for label given by this function
[Cause] N/A
[Solution] Rewriting function inside security-server code,
not using libprivilege-control
[Verification] Build and run tests (testcases for revoking label
may fail)
Change-Id: Ie1d682f1dc76c108da7c602c958d8db9d33519ad
Bartlomiej Grzelewski [Wed, 8 May 2013 14:29:05 +0000 (16:29 +0200)]
Add SMACK_LOG in client_has_access.
Security-server must inform that client does not have access to
some service provided by him.
Fix problem with random pid client in security-server logs.
[Issue#] SSDWSSP-226
[Bug] Security server shows rundom value as client pid.
[Cause] Function responsible for client pid extraction wass comment out.
[Solution] N/A
[Verification] Run test. Check logs. Pid of client process should be
shown correctly.
Change-Id: Ifdb0712b1d6f22a71a3e90b2264666f0ec7146da
Pawel Polawski [Thu, 9 May 2013 09:37:56 +0000 (11:37 +0200)]
Change logs in SS to correct error logs.
[Issue#] SSDWSSP-234
[Bug/Feature] Security-server SMACK dlog should be "ERROR", not info
[Cause] N/A
[Solution] Log type changed to error
[Verification] Compile and run. SS should generate both: debug and
error logs on dlog
Change-Id: I8e4c609d30cc71ab4395e85ab5bf9c6a7e97abf9
Kidong Kim [Fri, 10 May 2013 08:59:48 +0000 (17:59 +0900)]
merge back from tizen_2.1_smack
Pawel Polawski [Thu, 25 Apr 2013 13:44:25 +0000 (15:44 +0200)]
Add binary path to SMACK log
[Issue#] SSDWSSP-203
[Bug/Feature] Change logs in security_server_check_privilege_by_sockfd
[Cause] N/A
[Solution] N/A
[Verification] Compile. Run tests.
Change-Id: I6ca2cfc97bc795eefa287c82b0a826f2d6c853a9
Rafal Krypa [Mon, 6 May 2013 10:47:20 +0000 (12:47 +0200)]
Merge remote-tracking branch 'tizendev/tizen_2.1_smack' into tizendev
Rafal Krypa [Fri, 3 May 2013 13:44:18 +0000 (15:44 +0200)]
Merge missing code pieces from private repository.
[Issue#] N/A
[Bug] Patches applied in different version in RSA and private repository
[Cause] Developers not careful enough about applying patches in both places
[Solution] Move missing bits of code
[Verification] Build
Change-Id: If1f65e07b44e1a2ad40f9d67f0ae211511948632
Kidong Kim [Tue, 30 Apr 2013 12:39:33 +0000 (21:39 +0900)]
remove set_pmon
Change-Id: I7ac0c26573e52e8ed70e96a32de5962168548811
Rafal Krypa [Fri, 3 May 2013 13:04:45 +0000 (15:04 +0200)]
Merge remote-tracking branch 'tizendev/master' into tizen_2.1_smack
Jan Cybulski [Thu, 25 Apr 2013 11:31:22 +0000 (13:31 +0200)]
Add #ifdef SMACK_ENABLED to private code.
With this define commented, all security-server API
should work as if there was no SMACK error and SMACK
allowed for everything.
[Issue#] SSDWSSP-206 & SSDWSSP-221
[Bug] N/A
[Cause] SS should work without SMACK enabled.
[Solution] As mentioned above.
[Verification] Build with and without ADD_DEFINITIONS( -DSMACK_ENABLED ).
1. SMACK enabled system.
1.1 -DSMACK_ENABLED on: SS tests should not fail
1.2 -DSMACK_ENABLED off: Following SS tests should fail:
-client-smack:
-tc04_security_server_get_gid_client_is_not_allowed
-tc05_check_privilege_by_cookie
-tc06_check_privilege_by_sockfd
-tc07_check_privilege_by_sockfd
-label:
-tc_security_server_get_smacklabel_cookie
-server:
-tc01a_security_server_app_give_access
-tc02_check_privilege_by_pid
There should be no missing SMACK rules for security server sockets in dmesg
2. SMACK disabled system. Same results for -DSMACK_ENABLED on and off. Beside tests
failing in 1.2 all test cases using smack_accesses_apply and smack_have_access will also fail.
Change-Id: Ia1074d9da4a07e3a60878030b9b8fc3760340c73
Conflicts:
src/client/security-server-client.c
src/server/security-server-cookie.c
src/server/security-server-main.c
Janusz Kozerski [Fri, 26 Apr 2013 10:36:03 +0000 (12:36 +0200)]
Fix error in SMACK object length check in security-server-client
[Issue#] SSDWSSP-212
[Feature/Bug] Error in SMACK object length check in security-server.
[Problem] N/A
[Cause] N/A
[Solution] N/A
[Verification] Build, install, reboot.
Change-Id: I590bd820237941055df18ecb4afbc4e64d651295
Bumjin Im [Sat, 27 Apr 2013 05:50:41 +0000 (14:50 +0900)]
Removing authentication of middleware
Change-Id: I276c83539a09db05500539dfa600bb05a64ceae0
Zofia Abramowska [Fri, 26 Apr 2013 10:17:45 +0000 (12:17 +0200)]
Fixing klocwork bugs
[Issue#] N/A
[Bug] Bugs found by klocwork
[Cause] N/A
[Solution] N/A
[Verficiation] Build and run all tests
Change-Id: I386f3e74820c518fd0437f082246c7fa1177ced4
Bumjin Im [Sat, 27 Apr 2013 05:50:41 +0000 (14:50 +0900)]
[Release] security-server_0.0.73
* Removed authentication of middleware
Change-Id: I430da7b68dc2f2645082e6e82b1e35a9f8e23bbc
Bartlomiej Grzelewski [Mon, 22 Apr 2013 15:02:45 +0000 (17:02 +0200)]
Implemet data control solution for OSP apps.
Function security_server_app_give_access may be called only by
priviledge process (process must have "rw" access to
"security-server::api-data-share"). In current implemnetation security
check is made in user space. It should be moved to kernel space by
creating separate socket with "security-server::api-data-share" label.
[Issue#] SSDWSSP-177
[Bug] N/A
[Cause] OPS application need to share memory.
[Solution] Add cross rules between OSP application.
[Verification] Build.
Change-Id: Ie6bad6e924bbcd1b37af58cb7650f65bebd5d57c
Bartlomiej Grzelewski [Mon, 22 Apr 2013 15:50:14 +0000 (17:50 +0200)]
Fix process_pid_privilege_check function.
Prevent function process_pid_privilege_check from closing random socket
when something fails.
[Issue#] N/A
[Bug] N/A
[Cause] Value was not initialized.
[Solution] N/A
[Verification] Build.
Change-Id: Id77c84c9f2ac1237c56f7cd5ff00258d40680459
Pawel Polawski [Tue, 23 Apr 2013 12:45:05 +0000 (14:45 +0200)]
Change logs in security server connected to SMACK
[Issue#] SSDWSSP-203
[Feature] New logs format
[Cause] Deprecated log format
[Solution] Log format changed
[Verification] Compile, no tests should fail
Change-Id: I38d227b99e341cc76f540a7dc56c4532704ce9e3
Conflicts:
src/server/security-server-cookie.c
Pawel Polawski [Thu, 18 Apr 2013 07:20:02 +0000 (09:20 +0200)]
Add debug log for smack_have_acces in security-server
[Issue#] SSDWSSP-185
[Feature] New security-server API
[Problem] N/A
[Cause] N/A
[Solution] New log message added
[Verification] Build package
Change-Id: I69df34df93a3efec58073667c9ac1a0d4cba031c
Pawel Polawski [Thu, 11 Apr 2013 09:58:21 +0000 (11:58 +0200)]
New API checking SMACK access by client pid in security-server
[Issue#] SSDWSSP-185
[Feature] New security-server API
[Problem] N/A
[Cause] N/A
[Solution] New API function added
[Verification] Build package. No tests should fail
Change-Id: I9d1d5115d0ccf6ca417b56b7b2f8b9ad081fed71
Bartlomiej Grzelewski [Tue, 9 Apr 2013 16:03:52 +0000 (18:03 +0200)]
Implemet data control solution for OSP apps.
[Issue#] SSDWSSP-177
[Bug] N/A
[Cause] OPS application need to share memory.
[Solution] Add cross rules between OSP application.
[Verification] Build.
Change-Id: I5085e5f0130ff687aaa142006837110077ba00be
Krzysztof Jackiewicz [Wed, 17 Apr 2013 10:23:58 +0000 (12:23 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Krzysztof Jackiewicz [Wed, 17 Apr 2013 10:17:49 +0000 (12:17 +0200)]
[Release] security-server_0.0.72
* fixed release commit message
Change-Id: I7c56fe03e85c5b906b0aac055ab352d18f3d2b2d
Krzysztof Jackiewicz [Tue, 16 Apr 2013 15:43:46 +0000 (17:43 +0200)]
[Release] security-server-0.0.72
* prevent bugfixes
* unnecessary package dependecies removed
Change-Id: I0820cc1656b6405db68aead4cfed609ad7c86175
Bartlomiej Grzelewski [Fri, 12 Apr 2013 13:57:07 +0000 (15:57 +0200)]
Fix bugs reported by prevent.
[Issue#] N/A
[Bug] Sizeof gets wrong argument.
[Cause] N/A
[Solution] Sizeof gets type of struct now.
[Verification] Build. Run security tests.
Change-Id: I300591ae3fa1040d9f316699551b522bf222acce
Bartlomiej Grzelewski [Fri, 12 Apr 2013 14:21:11 +0000 (16:21 +0200)]
Remove package from build dependency that are not requried druing build.
[Issue#] N/A
[Bug] N/A
[Caluse] N/A
[Solution] N/A
[Verification] Build.
Change-Id: Ib13ed0a3c837b85c410633a047212042447ebe27
Krzysztof Jackiewicz [Fri, 12 Apr 2013 14:05:43 +0000 (16:05 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Change-Id: I15d1549c23d65fa677c10065dd5880647c4a3060
Krzysztof Jackiewicz [Fri, 12 Apr 2013 13:09:56 +0000 (15:09 +0200)]
[Release] security-server_0.0.71
* Remove usage of mw-list file in security-server
Change-Id: I6c47b7f6cbe5040147be837112a50a079893d1bd
Jan Cybulski [Thu, 11 Apr 2013 06:08:02 +0000 (08:08 +0200)]
Remove usage of mw-list file in security-server
[Issue#]SSDWSSP-186
[Feature/Bug] N/A
[Problem] N/A
[Cause] N/A
[Solution] Removing hardcoded set of trusted daemon binaries.
Removing function search_middleware_exe_path and file with mw-list entries.
[Verification] Build, tests
Change-Id: I3f7bd1d37bc0b315642884801c80d3e308f78a2a
Krzysztof Jackiewicz [Tue, 2 Apr 2013 08:55:26 +0000 (10:55 +0200)]
Middleware list check fixed.
[Issue#] N/A
[Feature/Bug] N/A
[Problem] Empty line in mw-lists matches everything.
[Cause] N/A
[Solution] Commandline replaced by executable name. Fixed comparison of
executable name with mw-list entries. Empty line removed from mw-list. 50 chars
limit removed
[Verification] Run all security server tests
Change-Id: I872ad45a4089b484a30fc4caa1759ce9d6a584e4
Junfeng [Thu, 21 Mar 2013 13:31:23 +0000 (21:31 +0800)]
Fix for 64 bit compatibility.
- Fix hardcoding path.
- Use %cmake to set default paths.
Change-Id: I102e9d18662ec001eafc48c9826405bf427f6910
Junfeng [Thu, 21 Mar 2013 13:31:23 +0000 (21:31 +0800)]
Fix for 64 bit compatibility.
- Fix hardcoding path.
- Use %cmake to set default paths.
Change-Id: I102e9d18662ec001eafc48c9826405bf427f6910
Krzysztof Jackiewicz [Fri, 29 Mar 2013 10:17:37 +0000 (11:17 +0100)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Krzysztof Jackiewicz [Thu, 28 Mar 2013 14:36:01 +0000 (15:36 +0100)]
[Release] security-server_0.0.70
* Prevent bugfixes from private repo
Change-Id: I52ea4353e5f4092672135323b30f5ae8e295f1d1
Bartlomiej Grzelewski [Fri, 8 Mar 2013 16:38:57 +0000 (17:38 +0100)]
Read or write may be interrupt.
This commits add suport for interruption of read or write. Please note
that we still need to add support for sitation when read or write
returns less that we expect.
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run all security-server tests.
Change-Id: I799fd41245cce004582458f98f49511a2860ff0e
Bartlomiej Grzelewski [Thu, 7 Mar 2013 17:32:28 +0000 (18:32 +0100)]
Reemove compilation warrnings.
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run all security-server tests.
Change-Id: Icedbece62623b2393eb16c3776a909db8443c073
Bartlomiej Grzelewski [Thu, 7 Mar 2013 16:21:12 +0000 (17:21 +0100)]
Fix defects reported by prevent.
[Issue#] SSDWSSP-115
[Bug] N/A
[Cause] N/A
[Soultion] N/A
[Verification] Run all security-server tests.
Change-Id: I61a437f604e94b6897d1b2b76aca8217893a307e
Krzysztof Jackiewicz [Thu, 21 Mar 2013 15:37:04 +0000 (16:37 +0100)]
[Release] security-server_0.0.69
* Table allocation bug fixed
* Password timeout changed
* Merged master into tizen_2.1
Change-Id: I85d41e0f8c1e10491a1fab07586058c1ef5f7271
Krzysztof Jackiewicz [Thu, 21 Mar 2013 10:07:11 +0000 (11:07 +0100)]
[Release] security-server_0.0.69
* Table allocation bug fixed
* Password timeout changed
Change-Id: I70b81639a80600fa83cf93ae08ebced1fa83fe84
Janusz Kozerski [Wed, 20 Mar 2013 10:27:28 +0000 (11:27 +0100)]
Change password timeout from 1 seconds to 500000 microseconds.
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run all security-server tests.
Jinkun Jang [Fri, 15 Mar 2013 16:17:58 +0000 (01:17 +0900)]
merge with master
Jinkun Jang [Tue, 12 Mar 2013 16:51:34 +0000 (01:51 +0900)]
Tizen 2.1 base
Pawel Polawski [Tue, 5 Mar 2013 10:28:38 +0000 (11:28 +0100)]
Fix bug in table allocation.
[Issue#] N/A
[Bug] Wrong pointer passed to allocating fuinction
[Cause] N/A
[Soultion] Changed to correct pointer
[Verification] No warnings while compilation
Change-Id: I54d00e11862f1986b0518009bdb30a5942f127b7
Bartlomiej Grzelewski [Mon, 4 Mar 2013 16:37:03 +0000 (17:37 +0100)]
[Release] security-server_0.0.67
* Fix bug with searching cookie with no privileges.
Change-Id: I46ab72148143df3f1a76956aa8f4474147ef3338
Pawel Polawski [Tue, 26 Feb 2013 07:51:09 +0000 (08:51 +0100)]
Fix bug with searching cookie with no privileges.
[Issue#] SSDWSSP-102
[Bug] Bug with get_smack_label in security-server
[Cause] Error in searching cookie with no privileges set
[Soulution] Special trading cookies with no privileges set
[Verification] Code compiles with success
Change-Id: I25debbc88315f316ed08b1cda2895bd3d9d90116
Mariusz Domanski [Wed, 27 Feb 2013 10:46:25 +0000 (11:46 +0100)]
[Release] security-server_0.0.65
* Proper %post and %postun scripts in spec file
* Removing unused code and separating deprecated files
* Fix for several issues detected by Prevent
Change-Id: I494fba79e6c11e9c298a4972a99a4847e9caffe6
Rafal Krypa [Mon, 25 Feb 2013 14:45:51 +0000 (23:45 +0900)]
Merge "Proper %post and %postun scripts in spec file"
Zofia Abramowska [Mon, 18 Feb 2013 12:44:57 +0000 (13:44 +0100)]
Removing unused code and separating deprecated files
[Issue#] SSDWSSP-98
[Feature] N/A
[Cause] Removal of unwanted files from security-server
[Solution] N/A
[Verification] Successful build
Change-Id: I27fbd9ca4d597c71b65400c4ed71458b406f557b
Mariusz Domanski [Tue, 19 Feb 2013 15:43:15 +0000 (16:43 +0100)]
Fix for several issues detected by Prevent
[Issue#] SSDWSSP-106
[Problem] Issues detected by Prevent
[Cause] N/A
[Solution] N/A
[Verification] Build and run tests
Change-Id: Ie0d469e73685fd518da2a374cf0c0e5dea5829eb
Mariusz Domanski [Wed, 20 Feb 2013 14:43:36 +0000 (15:43 +0100)]
Proper %post and %postun scripts in spec file
[Issue#] N/A
[Bug] errors when upgrading rpm package via rpm -U command
[Cause] bugged %post and %postun scripts in spec file
[Solution] fixed %post and %postun scripts to handle upgrades properly
[Verification] Build and install rpm files, then increment version
number in spec file and build and install with rpm -U.
No security-server related errors should appear after
second installation, S10security-server symlinks in
/etc/rc.d/rc3.d/ and /etc/rc.d/rc5.d/ should exist.
After package uninstallation symlinks should be gone.
Change-Id: I5f0ec6e640f14c12335de0338d3e75d883d1a79e
Janusz Majnert [Mon, 18 Feb 2013 12:39:30 +0000 (13:39 +0100)]
Fix for several issues detected by Prevent
[Issue#] SSDWSSP-107
[Problem] Issues detected by Prevent
[Cause] N/A
[Solution] Please see comments below
[Verification] Build and run
Changes:
* Added a sanity check for new_pwd_len in (prevent #42100)
* Added a check for result of setuid in security server test case
(prevent #42102)
* Fixed a bug in one of the test cases (comparing smack labels)
(prevent #43435)
* Fixed a bug where one error condition was not handled properly, which in turn
led to double free.
Change-Id: I54562981cf5e1201f8f62852da5cb6b3473df138
Tomasz Swierczek [Tue, 5 Feb 2013 08:40:00 +0000 (09:40 +0100)]
[Release] security-server_0.0.64
* Fixed bug with searching cookie for root process in security-server
Change-Id: Ic499ef20918e791351d1a3acdf30697532481618
Pawel Polawski [Mon, 4 Feb 2013 16:50:45 +0000 (17:50 +0100)]
Fixing bug with searching cookie and privileges in security-server.
[Issue#] SSDWSSP-71
[Cause] Fix bug with access to security-server API
by some root processes.
[Problem] Access to security server API returns error
for alarm service.
[Solution] Removed special treating root processes when searching
cookies for caller.
[Verification] Security-serwer should return no error while
calling security_server_check_privilege()
with correct parameters. Setting clock alarm should
return no errors in DLOGUTIL.
Change-Id: I86a950afedd326c021ab00d7ba6a868034d647f9
projects / framework / security / security-server.git / log