Adrian Szyndela [Tue, 5 Feb 2019 12:57:15 +0000 (13:57 +0100)]
refactoring: eliminate NaivePolicyDb::getPolicy()
Change-Id: I4378947432a01974f27ebf115e785556e52155d5
Adrian Szyndela [Tue, 5 Feb 2019 12:20:08 +0000 (13:20 +0100)]
refactoring: simplify NaivePolicyDb::getGroups
It affects dependencies, which mostly lose unnecessary ItemType
parameter.
Change-Id: I32056de6f2c8edf389909cd816a0de656b4f3830
Adrian Szyndela [Tue, 5 Feb 2019 11:05:53 +0000 (12:05 +0100)]
refactoring: eliminate template params in getDecisionItem
Affects dependencies, which also lost unnecessary params.
Policy classes can be now private, it allows single private
and single public section in NaivePolicyDb.
Change-Id: I5f01d2e43f2ffd3f58ef2aa76b1cd06d83365b7b
Adrian Szyndela [Tue, 5 Feb 2019 10:37:12 +0000 (11:37 +0100)]
refactoring: simplify NaivePolicyDb::getPolicy()
Change-Id: I3be0a3682dd7be9510a0145d16cd3b750ee129c9
Adrian Szyndela [Tue, 5 Feb 2019 10:13:37 +0000 (11:13 +0100)]
refactoring: make Policy classes more private
Change-Id: If2724b9f8de024da28e04710a81ba8435dcdf515
Adrian Szyndela [Tue, 5 Feb 2019 09:20:26 +0000 (10:20 +0100)]
refactoring: group methods from same classes
Change-Id: Id6f8124fc7b5423ee4b9922b017f153b99b249b4
Adrian Szyndela [Mon, 4 Feb 2019 15:25:11 +0000 (16:25 +0100)]
refactoring: make own_tree more const-correct
Change-Id: I4c6f7cb72f743e597f6fa295cb4731e01cfcda55
Adrian Szyndela [Mon, 4 Feb 2019 15:06:33 +0000 (16:06 +0100)]
refactoring: make parsing lazy
We don't need to reset all the potential items on every rule.
This commit resets items on first encounter of given type.
Change-Id: I9bd1abe38516c188dd295697109bfe1a337eaf0b
Adrian Szyndela [Mon, 4 Feb 2019 14:20:47 +0000 (15:20 +0100)]
refactoring: get rid of unnecessary MessageDirection
Things done to accomplish removing MessageDirection:
- used ItemSend/ItemReceive instead of ItemSendReceive
- used MatchItemSend/MatchItemReceive instead of MatchItemSR
- used PolicySend/PolicyReceive instead of PolicySR
- database no longer contains pointers
Change-Id: I1c5957dad2181a6c1c42dee0e77be3e8b0ccc471
Adrian Szyndela [Mon, 4 Feb 2019 11:56:49 +0000 (12:56 +0100)]
refactoring: introduce Send/Receive split types
This will help with getting rid of some unnecessary switches/ifs and types.
Change-Id: I784e133063c78f2b14ee50c81d526253ec173f0c
Adrian Szyndela [Mon, 4 Feb 2019 11:31:30 +0000 (12:31 +0100)]
refactoring: move addItem() declarations
This is a move towards making single public and single private
section in NaivePolicyDb.
Change-Id: Ib300da409a4442b1578f3a48ae888c1982de24fa
Adrian Szyndela [Mon, 4 Feb 2019 11:09:25 +0000 (12:09 +0100)]
refactoring: group maps moved into Policies
Change-Id: I5def57a4ed74a2a72ab76a527091c4e56d5c1b67
Adrian Szyndela [Mon, 4 Feb 2019 09:12:47 +0000 (10:12 +0100)]
refactoring: make common interface for Policy classes
Change-Id: I02efdddbafcce4bbbd8e7f7630cececaa1b362ed
Adrian Szyndela [Mon, 4 Feb 2019 08:00:53 +0000 (09:00 +0100)]
refactoring: move PolicySet methods into proper class
Change-Id: Ia9c72791fd592017ac3e0284f1e72f753f398f10
Adrian Szyndela [Fri, 1 Feb 2019 15:11:29 +0000 (16:11 +0100)]
refactoring: introduce MatchItemOwn for matching
Change-Id: I0c01db965a1b4d61cea0ac7f0b825d93cb331ed9
Adrian Szyndela [Fri, 1 Feb 2019 14:54:47 +0000 (15:54 +0100)]
refactoring: remove params from ItemSendReceive()
Params for ItemSendReceive are never used.
Change-Id: I0c4c6bbaf68a4f65472267b3498c14f335561d12
Adrian Szyndela [Fri, 1 Feb 2019 14:29:14 +0000 (15:29 +0100)]
refactoring: replace char* with C++ strings
Change-Id: I2554b13d0d00ed1b8ce5dbdfba7cb5f9cb6db6c7
Adrian Szyndela [Fri, 1 Feb 2019 11:10:29 +0000 (12:10 +0100)]
refactoring: replaced snprintf with to_string
Moved string conversion to cynara.cpp.
Eliminated snprintf, char array in favor of single call to to_string().
Reworked ifs to switch.
Change-Id: Ib57f459183328f55a16412af84214e77f7750f58
Adrian Szyndela [Fri, 8 Feb 2019 14:43:49 +0000 (15:43 +0100)]
tests: make tests passing again
Do not confuse with 'make tests great again'.
But at least they should work and give results now.
Change-Id: I7f0c69f329e7ef1a1813c23eb51387494c717226
Adrian Szyndela [Thu, 7 Feb 2019 12:50:16 +0000 (13:50 +0100)]
tests: build tests in a single build
Spec file makes two builds: one with --enable-tests, and second
without tests. This was used to add a special function for changing
creds and checking config file.
This commit exports the behaviour which is different in both versions
to separate files and uses those files for linking with proper versions.
It also makes the special function not exported anymore, as it is not needed
for static linking with test programs.
Change-Id: I72cc44e35c17da85e73ac503bbd447a4ee24e6cc
Adrian Szyndela [Fri, 8 Feb 2019 07:58:44 +0000 (08:58 +0100)]
internal: fix mistaken getgid()->getuid()
Change-Id: I97a0514e779c3a5efc3e0dc1aae3e770d8769102
sanghyeok.oh [Mon, 28 Jan 2019 07:22:33 +0000 (16:22 +0900)]
svace fix
Change-Id: I33fb1fc35dd8f8edb6dc13545868120528a3885a
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Adrian Szyndela [Wed, 23 Jan 2019 14:45:38 +0000 (15:45 +0100)]
internal: make logs less cluttering
Many logs are under an if-clause, making them take more space
than necessary. This replaces most of if-clause-and-logs
with one-liners to improve readability.
Change-Id: I7e9ada35160974c8cc38de1c6e0217de15912c6e
Adrian Szyndela [Wed, 23 Jan 2019 10:37:22 +0000 (11:37 +0100)]
internal: replaced manual reverse iterator with STL-provided
PolicyConstIterator's purpose is identical to vector::const_reverse_iterator
from vector. This removes the unnecessary code, replacing it with
the usage of vector::const_reverse_iterator.
Change-Id: Ib3063eb6eb2a4fd23f8da8a2cce75c808abb3c00
Adrian Szyndela [Tue, 22 Jan 2019 14:37:34 +0000 (15:37 +0100)]
internal: make debug logs small to be more readable
The logs take relatively large space within actual source code.
This makes them smaller to help with avoiding distraction.
Change-Id: Iafca91f5e30f4446e28215cafbf78325ac9287bd
Adrian Szyndela [Fri, 18 Jan 2019 11:36:18 +0000 (12:36 +0100)]
internal: make nondestructible global static_parser
This should help with destructing global variable
while using it in other thread.
Multi-threaded daemons often kill the main thread before killing the other threads.
This patch prevents instance memory release when the main thread exits.
, and thus required to avoid crash on released memory.
.#0 ldp_xml_parser::ItemBuilder::~ItemBuilder (this=0xb67a980c <ldp_xml_parser::static_parser>, __in_chrg=<optimized out>) at src/internal/policy.cpp:510
.#1 0xb67a5de8 in ldp_xml_parser::XmlParser::~XmlParser (this=0xb67a980c <ldp_xml_parser::static_parser>, __in_chrg=<optimized out>) at /usr/lib/gcc/armv7l-tizen-linux-gnueabi/6.2.1/include/c++/ext/new_allocator.h:110
.#2 0xb695806c in __cxa_finalize (d=0xb67a9438) at cxa_finalize.c:83
.#3 0xb679bcea in __do_global_dtors_aux () from /lib/libdbuspolicy1.so.1
.#4 0xb6fdfa1c in _dl_fini () at dl-fini.c:235
.#5 0xb6957a44 in __run_exit_handlers (status=<optimized out>, listp=<optimized out>, run_list_atexit=run_list_atexit@entry=true, run_dtors=run_dtors@entry=true) at exit.c:106
.#6 0xb6957b6c in __GI_exit (status=<optimized out>) at exit.c:137
.#7 0xb6940640 in __libc_start_main (main=0xbefffe44, argc=-
1230635008, argv=0xb6940640 <__libc_start_main+280>, init=<optimized out>, fini=0x7f55f69c <__libc_csu_fini>, rtld_fini=0xb6fdf7e4 <_dl_fini>, stack_end=0xbefffe44)
. at libc-start.c:323
.#8 0x7f5589e0 in _start () at ../sysdeps/arm/start.S:110
Change-Id: I0cc0a2623eee688b0498fccacb8a2bc219fd3a94
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Adrian Szyndela [Fri, 7 Dec 2018 12:54:36 +0000 (13:54 +0100)]
tests for send_destination_prefix
Change-Id: Ic7943971b11eeae8dae55ccd50b884beb84dba0a
Adrian Szyndela [Tue, 4 Dec 2018 13:26:43 +0000 (14:26 +0100)]
support for send_destination_prefix
This commit introduces support for D-Bus policy extension
send_destination_prefix.
Change-Id: I671560cb71aae96fa3bd47579e5991f08509a6bd
Karol Lewandowski [Tue, 6 Nov 2018 15:04:31 +0000 (15:04 +0000)]
Merge "Secure get_test_id against buffer overflows" into tizen
Karol Lewandowski [Tue, 6 Nov 2018 14:53:15 +0000 (14:53 +0000)]
Merge "Fix Asan Issue buffer overflow" into tizen
Kushagra K [Thu, 1 Nov 2018 13:33:44 +0000 (19:03 +0530)]
Fix Asan Issue buffer overflow
The following bt was obtained on running asan tool on libdbuspolicy before patch fix:
sh-3.2# cat asan.log.nagsam-daemon.599
=================================================================
==nagsam-daemon==599==ERROR: AddressSanitizer: stack-buffer-overflow on address 0xbe4a5720 at pc 0xb6266535 bp 0xbe4a4900 sp 0xbe4a4948
READ of size 1083 at 0xbe4a5720 thread T0
#0 0xb6266533 in printf_common(void*, char const*, std::__va_list) (/usr/lib/libasan.so+0x6f533)
#1 0xb6267cd3 in vsnprintf (/usr/lib/libasan.so+0x70cd3)
#2 0xb6267f49 in __snprintf_chk (/usr/lib/libasan.so+0x70f49)
#3 0xb581c9fd in dbuspolicy1_init (/lib/libdbuspolicy1.so.1+0x89fd)
#4 0x41abead3 in _dbus_transport_open_kdbus (/lib/libdbus-1.so.3+0x41abead3)
#5 0x41aabf8b in _dbus_transport_open (/lib/libdbus-1.so.3+0x41aabf8b)
#6 0x41a93e63 in _dbus_connection_open_internal (/lib/libdbus-1.so.3+0x41a93e63)
#7 0x41a8eb73 in internal_bus_get (/lib/libdbus-1.so.3+0x41a8eb73)
#8 0x4488a195 in TCIPCConnection::m_CreateConnection() (/lib/libtvs-api-ipc.so+0x4488a195)
#9 0x4488a25b in TCIPCConnection::m_Connect(bool) (/lib/libtvs-api-ipc.so+0x4488a25b)
#10 0x4488a48b in TCIPCConnection::TCIPCConnection(std::_cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::_cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, bool) (/lib/libtvs-api-ipc.so+0x4488a48b)
#11 0x4488a59f in IPCConnection__Create (/lib/libtvs-api-ipc.so+0x4488a59f)
#12 0x445282c1 in TVServiceAPIConnection::TVServiceAPIConnection(std::_cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::_cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, bool) (/lib/libtvs-api.so+0x445282c1)
#13 0x444e3f5f in TVServiceAPI::CreateSOSpecApp(EProfile, int, ISOSpecApp**) (/lib/libtvs-api.so+0x444e3f5f)
#14 0xb6090889 in NAGSAM_MW::CSystemInfo::CSystemInfo() (/lib/libnagsam-mw.so+0x301889)
#15 0xb6097053 in NAGSAM_MW::ISystemInfo::Instance() (/lib/libnagsam-mw.so+0x308053)
#16 0xb60c34ed in NAGSAM_MW::TizenSupportManager::TizenSupportManager() (/lib/libnagsam-mw.so+0x3344ed)
#17 0xb60c4c05 in NAGSAM_MW::ISupportManager::Instance() (/lib/libnagsam-mw.so+0x335c05)
#18 0xb60c4c53 in NAGSAM_MW::MainEntryPoint() (/lib/libnagsam-mw.so+0x335c53)
#19 0x111f3 in main (/usr/bin/nagsam-daemon+0x111f3)
#20 0x41096867 in __libc_start_main (/lib/libc.so.6+0x41096867)
Address 0xbe4a5720 is located in stack of thread T0 at offset 1184 in frame
#0 0xb581c35f in dbuspolicy1_init (/lib/libdbuspolicy1.so.1+0x835f)
This frame has 4 object(s):
[32, 64) 'cmd_free'
[96, 106) 'user_suffix'
[160, 1184) 'buf'
[1216, 5312) 'resolved_path' <== Memory access at offset 1184 partially underflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
(longjmp and C++ exceptions are supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow (/usr/lib/libasan.so+0x6f533) in printf_common(void*, char const*, std::__va_list)
Shadow bytes around the buggy address:
0x37c94a90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94aa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94ac0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94ad0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x37c94ae0: 00 00 00 00[f2]f2 f2 f2 00 00 00 00 00 00 00 00
0x37c94af0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94b10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94b20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x37c94b30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Command: /usr/bin/nagsam-daemon
#################################################################
No such issues were reported after NULL terminating the buffer.
Change-Id: I7afccaab7448119621fdd36bd5a354da96eb9a4a
Signed-off-by: Kushagra K <kushagra.k@samsung.com>
Karol Lewandowski [Wed, 13 Jul 2016 16:54:56 +0000 (18:54 +0200)]
Remove kdbus interface header
kdbus.h is now provided with other linux kernel headers.
Change-Id: Ida7d06aa1f27d88040f949ddfd73f0d6cfd5f23e
Michal Bloch [Mon, 22 Oct 2018 14:22:52 +0000 (16:22 +0200)]
Secure get_test_id against buffer overflows
So far it's always called safely so this is mostly
for future-proofing and silencing static analysis.
Change-Id: I837aba9024954bdaee6e0adab695d514c753cc19
Signed-off-by: Michal Bloch <m.bloch@samsung.com>
Adrian Szyndela [Fri, 5 Oct 2018 14:53:39 +0000 (16:53 +0200)]
fix svace issues
1. memory leak in dbus_daemon.c
2. Return value of getgrouplist overwritten without checking
Change-Id: I498d2ea22349bace86f3a2a5fc7adec9fd8d5b77
Hyotaek Shim [Tue, 11 Sep 2018 04:56:38 +0000 (13:56 +0900)]
Add .gitignore
Change-Id: I5982dfb5b19aff92fa4d7ad5647a692a4d7bda1e
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Hyotaek Shim [Tue, 11 Sep 2018 03:09:51 +0000 (12:09 +0900)]
Add %license LICENSE.APACHE2.0 in the spec file
Change-Id: Idd0523c8d52e713a949643aa31be212d5749fa3a
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Michal Bloch [Thu, 23 Aug 2018 10:40:06 +0000 (12:40 +0200)]
Fix a file descriptor leak.
Change-Id: I926c3808508e963cb1ea913760f0b09243c04727
Signed-off-by: Michal Bloch <m.bloch@samsung.com>
Michal Bloch [Tue, 21 Aug 2018 17:53:54 +0000 (19:53 +0200)]
Refactor groups proxy
Fixes container misuse. Happens to remove a false positive
SVACE static analysis warning in the process.
Change-Id: I71f3789dbfb33b9dfadf880f70e4f2ca7747b53e
Signed-off-by: Michal Bloch <m.bloch@samsung.com>
Monika Zielinska [Tue, 21 Aug 2018 08:06:06 +0000 (10:06 +0200)]
remove unused variable and redundant comparison
Change-Id: I9dff1a2de258dad5d08d4d99ee360bc2ee5c3de4
Monika Zielinska [Mon, 20 Aug 2018 13:22:10 +0000 (15:22 +0200)]
fix string usage
Change-Id: I768140827bf4928cc0a1220f29f35b0a1bb39b62
Monika Zielinska [Fri, 10 Aug 2018 13:05:48 +0000 (15:05 +0200)]
fix logging
Logging internal definitions moved from libdbuspolicy.h to
dlogger files.
Change-Id: If4040ac2943a860a915681fa5d44855773d5f10f
Monika Zielinska [Thu, 9 Aug 2018 11:08:33 +0000 (13:08 +0200)]
add error logs to bus initializing and policy parsing
Added dlog error logs to dbuspolicy1_init and policy parsing for easier
debugging. Changed behavior when parsing: exceptions thrown while
parsing main system.conf/session.conf files cause interruption
of parsing. Exceptions from parsing other .conf files are logged, but
parsing is continued.
Change-Id: I615d1a49fb552518d0040df1d875ba20ca6839f7
Monika Zielinska [Wed, 25 Jul 2018 13:44:28 +0000 (15:44 +0200)]
Add memory dump functionality
Useful for memory consumption analysis, prints out content of
structures used to keep policy and their memory.
Change-Id: I127e1ab36f498d1dedff85e7a2ce4751b276d75e
Monika Zielinska [Mon, 9 Jul 2018 13:24:05 +0000 (15:24 +0200)]
Added latency & memory usage test
Change-Id: I2daf0306bce9468b397fa78f2f5a8437c5bd8389
sanghyeok.oh [Tue, 3 Jul 2018 05:00:06 +0000 (14:00 +0900)]
svace fix
Change-Id: Ib6b047eb6fe90476d6c28980589ed7eb777eb4e5
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Aleksy Barcz [Fri, 18 May 2018 12:35:32 +0000 (14:35 +0200)]
Use expat SAX parser instead of boost::ptree (DOM)
Modified xml parsing methods to use expat parser, which is much
faster than boost::property_tree (initialization time decreased
by about 30%). Added missing includes after the removal of ptree.
Change-Id: I8973fe7ad7bbfe7928ef261fe07305f54e640b76
Aleksy Barcz [Wed, 11 Apr 2018 14:44:19 +0000 (16:44 +0200)]
added checking bus-access rules
Implemented enforcing access/opening dbus rules. Added a check to dbuspolicy1_init method
(dbuspolicy1_init will fail if the application is not allowed to access chosen dbus bus).
Moved opening kbus after the check to avoid situation when a process that isn't allowed to
access the bus will hold an open kbus descriptor. No changes are required in glib and dbus
libraries to work properly with the new behaviour of dbuspolicy1_init, but some reordering
should be made to assure that the attempt to access bus will fail exactly in the same place
as when using dbus-daemon.
Refactored logging items (more refactoring of tslog needed).
More compact decision logging for better logs readability. Fixed incorrect logging of checking own policy.
Refactored updating groups to facilitate mocking and testing.
Addedd access/open bus tests. Removed repetitions from Makefile.
Fixed static_assert error msg.
Change-Id: I5042ba50b21ec6cc2c6423b3ade1e5c78d45625b
Aleksy Barcz [Thu, 26 Apr 2018 14:13:32 +0000 (16:13 +0200)]
refactored parsing xml, added handling <include> tags
Up to now <include> tags were ignored, only <includedir> worked.
Assuming that we won't use selinux, so we can ignore includes
tagged as if_selinux_enabled.
Fixed undefined behaviour when modifying std::string.c_str() using dirname.
Change-Id: Ia56f030ec509721584dd2ccd476976ea8f66a440
Aleksy Barcz [Wed, 11 Apr 2018 14:43:08 +0000 (16:43 +0200)]
removed duplicate code via templates
Removed duplicates. Corrected type of iterator used in switch/case.
Change-Id: I35a6de8bea5ee04b9a107c5b41206623a7e72a4b
Aleksy Barcz [Fri, 6 Apr 2018 09:34:03 +0000 (11:34 +0200)]
refactored parsing policy
Changed unnecessarily recursive code into code that reflects the actual
configuration syntax, for better readability and maintainability.
Removed unused __tag_state and __attr variables.
Fixed potential future bug: ptree api doesn't guarantee that <xmlattr> will be
the first child, so we shouldn't assume it will be first.
Fixed bug, when policy at_console was parsed as the last seen policy type
(or as unitialized type, if it was the first policy read).
Added test case to assure that at_console policies will always be ignored.
Change-Id: I7e28262ee4837547e10ca1b33f7d5a90166f4667
Aleksy Barcz [Wed, 21 Mar 2018 09:33:24 +0000 (10:33 +0100)]
fixed ItemOwn::__name potential memory leak
Bugfix. Fixed leaks reported by valgrind.
Change-Id: Icd81120781313b662fad22d17f6ff9dbadc5cf03
Aleksy Barcz [Mon, 19 Mar 2018 09:30:02 +0000 (10:30 +0100)]
new implementation of own/own_prefix rules handling
Bugfix/rewrite. Previous implementation was based on the incorrect assumption
that "ab" is a prefix of "abc", while according to the dbus specification
"ab" is a prefix of "ab.c" but not "abc" (elements/tokens must be dot-separated).
Added multiple regression tests, covering both simple and exotic cases
(like allowing a prefix "a.b.c", but denying "a.b.c").
All expected test results verified against dbus-daemon (except cynara checks).
All new tests use default-deny-own policy, changed tests directory structure.
Fixed fragile DecisionItem class which assumed ownership of __privilege,
but didn't hide it's copy-constructor, which could result in freeing freed memory.
Change-Id: I98924ccf475ddd5e49e2eac99c9f1b586f982b90
Aleksy Barcz [Wed, 21 Mar 2018 15:24:57 +0000 (16:24 +0100)]
fixed loading incorrect files as configuration
Bugfix. libdbuspolicy should load only files with names ending with ".conf",
as dbus-daemon does. Added an incorrect configuration file as regression test.
Change-Id: I868c04d6475101abfe2ffcd551b8eb9ce9bf4305
sanghyeok.oh [Thu, 15 Mar 2018 09:11:23 +0000 (18:11 +0900)]
naive_policy_db: remove try-catch
* dlopen deadlock issue
Both dlopen and internal try{}catch for stl::map.at() are trying to acquire 'global lock'
Change-Id: I185b3aea9964cb1eb0a87a0f00bce9ec15633315
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Wed, 21 Feb 2018 07:08:27 +0000 (16:08 +0900)]
modify linker option
To prevent unload libdbuspolicy.so at runtime, add linker option 'nodelete'
Change-Id: If92547f63a14473f58d36d9fc07028cbbf13622b
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Mon, 18 Dec 2017 06:55:14 +0000 (15:55 +0900)]
svace fix
add null pointer handling for getpwuid_r
Change-Id: Ic9d33067b4da30cd9d336a4a75766d59f9010c57
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 21 Nov 2017 05:21:23 +0000 (14:21 +0900)]
svace fix
Change-Id: I9290d145b40606711992a4a01fea83d13ed7582b
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 7 Nov 2017 09:03:24 +0000 (18:03 +0900)]
policy checking scheme: add mutex lock for data structure(std::map and std::vector)
Change-Id: I4a213d90dca2447cbd5678083a41c18f10e958fa
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
(cherry picked from commit
82139a81405a9e4ce38ce37439612079643864be)
sanghyeok.oh [Tue, 24 Oct 2017 14:34:18 +0000 (23:34 +0900)]
kdbus: modified to get label for signal
Change-Id: Ia6fa61fe49084e25270b15387980299fe0b40b44
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 19 Sep 2017 15:27:39 +0000 (00:27 +0900)]
policy checking scheme: support supplementary group
Change-Id: I163bc517d0fdcdbbc8b971ccdf927aa5df47af4a
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 10 Oct 2017 02:15:44 +0000 (11:15 +0900)]
dbuspolicy1_check_in: add handling null sender
null sender at dbuspolicy1_check_in meaning sender has no well-known name,
We can change this to garbage char.
Change-Id: I7ee36d3b77bd6cf86cbea0286f0652f7d1a01774
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 10 Oct 2017 02:08:55 +0000 (11:08 +0900)]
dbuspolicy1_check_out/in: enable policy check for signal
Change-Id: I241f69bc5657ab904d2bf5eaba006188e53cb9aa
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Tue, 10 Oct 2017 02:07:25 +0000 (11:07 +0900)]
dbuspolicy1_check_out: enable receive_sender rule
Change-Id: I48ad1e77353424c73371ded14e671fef499782e4
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Fri, 29 Sep 2017 05:10:05 +0000 (14:10 +0900)]
Modification of coding rule violation
Change-Id: I3e0c88f7c85200267d8cca500826da0112ebe323
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
INSUN PYO [Tue, 12 Sep 2017 01:08:34 +0000 (10:08 +0900)]
Modification of coding rule violation
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Id6cafd73c09a8d4c444a04d145da6686ef3ec8ac
(cherry picked from commit
b7b3a3a5986174a460adc96d6d5f4208c3bde4e2)
sanghyeok.oh [Thu, 10 Aug 2017 12:29:40 +0000 (21:29 +0900)]
dbuspolicy1_check_out/in: ignore signal
Change-Id: Ifb95079fe93a04ab1f871c49e13fa0cec54c6935
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Thu, 13 Jul 2017 15:34:37 +0000 (00:34 +0900)]
policy checking scheme: modified to get connection information from kdbus
To check dbus policy it is needed to get every information, especially multiple names and label.
For example,
if Service A have multiple name such as name_A1, name_A2, and name_A3,
and if Service A specify the rule as below,
<deny send_destination="name_A2"/>
<allow send_destination="name_A1"/>
then according to dbus policy,
last specified rule '<allow send_destination="name_A1"/>' is applied,
*** In dbus policy world dbus treat multiple names of Service A as same name,
this also affect every other names of Service A, meaning,
<allow send_destination="name_A1"/> or <allow send_destination="name_A2"/> or <allow send_destination="name_A3"/>
After all, Service B can send message to name_A1, name_A2, and name_A3.
send message to unique name of Service A also allowed by this rule.
*** unique name also treat as same as well-known name of Service A.
Change-Id: I2253296267d8c844c53813455c829bf625f4360c
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
INSUN PYO [Mon, 12 Jun 2017 08:16:54 +0000 (17:16 +0900)]
cynara : modify cyad option. requested by security team
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I5d58b692a30c9c3570d93c04effbada32e61dc1e
sanghyeok.oh [Mon, 12 Jun 2017 05:11:56 +0000 (14:11 +0900)]
dbuspolicy1_check_out: change sender to NULL
if sender is unique id, can_recv will return wrong value
Change-Id: Idf8b3ce964cc4d5d064d8bf125071772b4987a2b
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Hyotaek Shim [Tue, 21 Mar 2017 00:51:06 +0000 (17:51 -0700)]
Merge "Revert "retrieve label on every cynara check"" into tizen
Hyotaek Shim [Mon, 20 Mar 2017 08:00:52 +0000 (01:00 -0700)]
Revert "retrieve label on every cynara check"
This reverts commit
fe403b9aa7ad1ff7e56327af2d88477b26094746.
Change-Id: I8dc57d2e6d821650e5d0d5198c6e1a0cd79fed84
sanghyeok.oh [Sat, 11 Feb 2017 03:04:08 +0000 (12:04 +0900)]
svace fix
Change-Id: I72700b1e9a1929388c181eb536214eaa98a696f2
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Thu, 19 Jan 2017 05:11:22 +0000 (21:11 -0800)]
Merge "modified to init global instance once" into tizen
sanghyeok.oh [Wed, 18 Jan 2017 06:03:44 +0000 (15:03 +0900)]
modified to init global instance once
Change-Id: Ib5092c6bee952b7a51f7da90d9d65414a0f10697
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Fri, 6 Jan 2017 07:49:59 +0000 (16:49 +0900)]
fix build error for gcc 6.2
Change-Id: Idec2ea8f8d55140eb1864d0f981f0071b5898bba
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
(cherry picked from commit
74494cf8da978299c73034518e0900ac0488bd23)
sanghyeok.oh [Fri, 6 Jan 2017 07:49:59 +0000 (16:49 +0900)]
fix build error for gcc 6.2
Change-Id: Idec2ea8f8d55140eb1864d0f981f0071b5898bba
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Thu, 5 Jan 2017 03:22:57 +0000 (12:22 +0900)]
svace:handling wrong policy syntax
Change-Id: I8871c77bf5f58ad89885c128f96442ce009197a8
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Kazimierz Krosman [Mon, 19 Dec 2016 13:02:50 +0000 (14:02 +0100)]
tests: Add test package for libdbuspolicy - again
This reverts commit
376f38dafa0b7ee5eae3d8f0ba0333c84a79742d,
which reverted commit
bb7d32bb63f1d0fc463255000fbc773a119314a9.
This is different from commit
bb7d32bb63f1d0fc463255000fbc773a119314a9
in handling builds - it provides single spec file.
Additionally, corrections for tests, mostly
excluding initialization of the library from "test cases".
Author: Kazimierz Krosman
with some corrections by Adrian Szyndela <adrian.s@samsung.com>
Change-Id: I64a58818c5c7f692db38f8225bec1e7a11954de6
(cherry picked from commit
575b04077b18ca810aa1974314785e32340d4bb6)
Kazimierz Krosman [Mon, 19 Dec 2016 13:02:50 +0000 (14:02 +0100)]
tests: Add test package for libdbuspolicy - again
This reverts commit
376f38dafa0b7ee5eae3d8f0ba0333c84a79742d,
which reverted commit
bb7d32bb63f1d0fc463255000fbc773a119314a9.
This is different from commit
bb7d32bb63f1d0fc463255000fbc773a119314a9
in handling builds - it provides single spec file.
Additionally, corrections for tests, mostly
excluding initialization of the library from "test cases".
Author: Kazimierz Krosman
with some corrections by Adrian Szyndela <adrian.s@samsung.com>
Change-Id: I64a58818c5c7f692db38f8225bec1e7a11954de6
sanghyeok oh [Fri, 2 Dec 2016 05:05:33 +0000 (21:05 -0800)]
Revert "tests: Add test package for libdbuspolicy"
This reverts commit
bb7d32bb63f1d0fc463255000fbc773a119314a9.
Change-Id: I6bc92edf4cd438c07f6ed99acf4e8bfe531d1d1a
(cherry picked from commit
376f38dafa0b7ee5eae3d8f0ba0333c84a79742d)
sanghyeok.oh [Tue, 6 Dec 2016 12:22:59 +0000 (21:22 +0900)]
svace:handling wrong policy syntax
Change-Id: I6230b4487625240a0ee9f422c0203f0ec33a5d19
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok oh [Fri, 2 Dec 2016 05:11:00 +0000 (21:11 -0800)]
Merge "Revert "tests: Add test package for libdbuspolicy"" into tizen_3.0
sanghyeok oh [Fri, 2 Dec 2016 05:05:33 +0000 (21:05 -0800)]
Revert "tests: Add test package for libdbuspolicy"
This reverts commit
bb7d32bb63f1d0fc463255000fbc773a119314a9.
Change-Id: I6bc92edf4cd438c07f6ed99acf4e8bfe531d1d1a
Konrad Lipinski [Tue, 22 Nov 2016 16:21:16 +0000 (17:21 +0100)]
retrieve label on every cynara check
Change-Id: I5e6fb0f44589ebb295af1db43b8aa5f1838d3c72
(cherry picked from commit
fe403b9aa7ad1ff7e56327af2d88477b26094746)
Konrad Lipinski [Tue, 22 Nov 2016 15:43:04 +0000 (16:43 +0100)]
remove unused g_udesc.{user,group}
Change-Id: I767b9c7b095692466c0bb4d25cb8ed707e088a23
(cherry picked from commit
3b8cddc1e85c5cde1c9ed30a5d374e70c959c318)
Konrad Lipinski [Thu, 24 Nov 2016 14:37:09 +0000 (15:37 +0100)]
libdbuspolicy.spec: disable tests [fix critical runtime breakage]
Change-Id: I9c3be5ccbbd1f5326542d11ac818b350038076f6
(cherry picked from commit
d260c0a6cb0ca0e6552e0370bfd93eff85b0107c)
Konrad Lipinski [Tue, 22 Nov 2016 16:21:16 +0000 (17:21 +0100)]
retrieve label on every cynara check
Change-Id: I5e6fb0f44589ebb295af1db43b8aa5f1838d3c72
Konrad Lipinski [Tue, 22 Nov 2016 15:43:04 +0000 (16:43 +0100)]
remove unused g_udesc.{user,group}
Change-Id: I767b9c7b095692466c0bb4d25cb8ed707e088a23
Konrad Lipinski [Thu, 24 Nov 2016 14:37:09 +0000 (15:37 +0100)]
libdbuspolicy.spec: disable tests [fix critical runtime breakage]
Change-Id: I9c3be5ccbbd1f5326542d11ac818b350038076f6
Kazimierz Krosman [Thu, 29 Sep 2016 13:13:18 +0000 (15:13 +0200)]
tests: Add test package for libdbuspolicy
This patch introduces several modification that
allows test package building.
* Test version of libdbuspolicy shared library reads
policy files from /usr/lib/dbus-tests/config/ instead
of /etc/dbus-1/ ...
* new package libdbuspolicy1-test contains test
version of libdbuspolicy library with test policies
and test binaries.
* test-runner binary is compatible with dbus tests
framework.
Change-Id: I87bffc8bd24c05180441d74df546d4148a238ef1
(cherry picked from commit
42f084f08653aa5020342451c3c1a82aebf65a7a)
Kazimierz Krosman [Thu, 29 Sep 2016 13:13:18 +0000 (15:13 +0200)]
tests: Add test package for libdbuspolicy
This patch introduces several modification that
allows test package building.
* Test version of libdbuspolicy shared library reads
policy files from /usr/lib/dbus-tests/config/ instead
of /etc/dbus-1/ ...
* new package libdbuspolicy1-test contains test
version of libdbuspolicy library with test policies
and test binaries.
* test-runner binary is compatible with dbus tests
framework.
Change-Id: I87bffc8bd24c05180441d74df546d4148a238ef1
Konrad Lipinski [Wed, 9 Nov 2016 08:59:35 +0000 (09:59 +0100)]
remove unnecessary cynara_finish() call
Change-Id: Ifcf14f42b8fc2b65c8a5598525b7b0a905f42aee
(cherry picked from commit
dadb0935c68e2d09cbedbda1b3afd552f75abc43)
Konrad Lipinski [Wed, 9 Nov 2016 08:59:35 +0000 (09:59 +0100)]
remove unnecessary cynara_finish() call
Change-Id: Ifcf14f42b8fc2b65c8a5598525b7b0a905f42aee
Konrad Lipinski [Mon, 7 Nov 2016 18:03:53 +0000 (19:03 +0100)]
circumvent destruction of ::policy_checker, remove destructors that are empty or never called
Motivated by KONA bugs (ex.
DF161028-00875). VD product environment
apparently likes calling libdbuspolicy1 public functions while exit
handlers are being called (and thus global objects are being destroyed).
Solution: circumvent destruction of relevant globals altogether.
Change-Id: Ibeab05ed83cc24dc6a5da926fb542f31d8a33af1
(cherry picked from commit
1e961ec457d48198118bbff42204d668d714bccb)
Konrad Lipinski [Mon, 7 Nov 2016 16:05:44 +0000 (17:05 +0100)]
turn DbAdapter into direct member of XmlParser
Change-Id: Ic807550cabd2cad3177c35a6af14d142b29eaf0b
(cherry picked from commit
1c8bd17ca32a21ca16f2bf625fe788eacf2e0a72)
Konrad Lipinski [Mon, 7 Nov 2016 12:43:48 +0000 (13:43 +0100)]
remove unused PolicyIterator
Change-Id: I06de62c3359186b094b51def7beff47752bfa998
(cherry picked from commit
b9c833dbfa425b51f93feff09a827b4222bb7820)
Konrad Lipinski [Mon, 7 Nov 2016 18:03:53 +0000 (19:03 +0100)]
circumvent destruction of ::policy_checker, remove destructors that are empty or never called
Motivated by KONA bugs (ex.
DF161028-00875). VD product environment
apparently likes calling libdbuspolicy1 public functions while exit
handlers are being called (and thus global objects are being destroyed).
Solution: circumvent destruction of relevant globals altogether.
Change-Id: Ibeab05ed83cc24dc6a5da926fb542f31d8a33af1
Konrad Lipinski [Mon, 7 Nov 2016 16:05:44 +0000 (17:05 +0100)]
turn DbAdapter into direct member of XmlParser
Change-Id: Ic807550cabd2cad3177c35a6af14d142b29eaf0b
Konrad Lipinski [Mon, 7 Nov 2016 12:43:48 +0000 (13:43 +0100)]
remove unused PolicyIterator
Change-Id: I06de62c3359186b094b51def7beff47752bfa998
Krystian Kisielak [Fri, 2 Sep 2016 13:40:41 +0000 (15:40 +0200)]
Removes file xml_policy.hpp. It is part of old implementation and is no longer used.
Change-Id: Ife804864f767ddd92a979e983cd45164e89c6315
Signed-off-by: Krystian Kisielak <k.kisielak@samsung.com>
(cherry picked from commit
9cce1d8723e29a83db77f1d90d8fac74f19eb6cc)