Krzysztof Jackiewicz [Wed, 3 Jul 2013 17:24:23 +0000 (19:24 +0200)]
[Release] libprivilege-control_0.0.34.TIZEN
* SMACK configuration files moved to smack-privilege-config repo
Change-Id: I946b6fbb09d301abb889bb6b2576e581e5954097
Zbigniew Jasinski [Wed, 3 Jul 2013 15:16:54 +0000 (17:16 +0200)]
[Issue#] SSDWSSP-302
[Bug/Feature] Keeping *.smack files in separate repository.
[Cause] SMACK rule changes cause rebuilding many packages due to
libprivilege-control dependencies.
[Solution] Exclude SMACK rules files from libprivilege-control package.
[Verification] Running tests.
Change-Id: I8513740df4afe3ceac4152fd032f8fad3eb1966a
Kidong Kim [Mon, 1 Jul 2013 10:30:57 +0000 (19:30 +0900)]
add new smack rules for OSP se/secureelement privilege
Kidong Kim [Mon, 1 Jul 2013 09:26:06 +0000 (18:26 +0900)]
add smack rules for sdcard
Kidong Kim [Sat, 29 Jun 2013 04:35:58 +0000 (13:35 +0900)]
add new smack rules for user-space access control
Tomasz Swierczek [Thu, 27 Jun 2013 10:16:22 +0000 (12:16 +0200)]
[Release] libprivilege-control_0.0.33.TIZEN
* Fix bugs reported by prevent tool
* Reduced number of logs
Change-Id: If8fa471a8c9ef2240feb032744ad8e89828f5138
Kidong Kim [Thu, 27 Jun 2013 07:01:21 +0000 (16:01 +0900)]
add smack rules for OSP/WEB app to access clipboard
Kidong Kim [Thu, 27 Jun 2013 02:23:45 +0000 (11:23 +0900)]
add smack rules to synchronize with private
Kidong Kim [Tue, 25 Jun 2013 23:40:04 +0000 (08:40 +0900)]
add smack rules
Marcin Niesluchowski [Mon, 24 Jun 2013 12:27:57 +0000 (14:27 +0200)]
Fixing prevent bugs on libprivilege-control:
* 58766; Critical; Resource Leak; In function register_app_for_public_dirs
in src/privilege-control.c
* 58764; Critical; Resource Leak; In function app_register_av_internal
in src/privilege-control.c
* 53409; Critical; Resource Leak; In function register_app_for_av
in src/privilege-control.c
* 51719; Critical; Resource Leak; In function get_app_gids
in src/access-db.c
* 51572; Critical; Explicit null dereferenced; In function get_all_ids_internal
in src/access-db.c
* 55418; Minor; Unchecked return value from library; In function mark_rules_as_loaded
in src/privilege-control.c
[Issue#] SSDWSSP-335
[Bug/Feature] Recent prevent bugs need fix.
[Cause] N/A
[Solution] N/A
[Verification] Running tests.
Change-Id: I381da2083d8a0fac1be930bfdbf3fca688710fc1
Kidong Kim [Sun, 23 Jun 2013 23:28:47 +0000 (08:28 +0900)]
add new smack rule for WRT
Marcin Niesluchowski [Tue, 18 Jun 2013 13:50:38 +0000 (15:50 +0200)]
Reducing error logs number.
[Issue#] SSDWSSP-331
[Bug/Feature] Too many error logs.
[Cause] N/A
[Solution] N/A
[Verification] Running tests.
Change-Id: I7a5516b0cd68d9217db2da9ba185d6cc9536b9dc
Bartlomiej Grzelewski [Thu, 20 Jun 2013 09:16:19 +0000 (11:16 +0200)]
[Release] libprivilege-control_0.0.32.TIZEN
* Fix bugs reported by prevent tool.
* Sensitive information will be loged with SECURE_LOGE instead of C_LOGD.
Change-Id: If57c46e699868c644018a9488c8a85f4ddd217ca
Kidong Kim [Thu, 20 Jun 2013 07:49:42 +0000 (16:49 +0900)]
add smack default rules
Marcin Niesluchowski [Thu, 13 Jun 2013 15:11:14 +0000 (17:11 +0200)]
Fixing prevent critical defects in libprivilege-control and some log messages.
Critical "Explicit null dereferenced" in function add_api_feture() in src/privilege-control.c fixed.
Critical "Explicit null dereferenced" in function get_all_ids_internal() in src/access-db.c
seems to be false warning.
[Issue#] SSDWSSP-306
[Bug/Feature] Fix prevent defects
[Cause] Prevent server signalizes defects
[Solution] N/A
[Verification] Running tests and checking prevent output.
Change-Id: Ia0e407428629ddaa7da3df4a672e00cc0cd6bcf6
Zbigniew Jasinski [Mon, 17 Jun 2013 13:59:56 +0000 (15:59 +0200)]
Log messages refactoring
Also fixed segfault in message logging
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] Legal issues with prohibited words in logs (ie. password)
[Solution] Use SECURE_LOG* macro
[Verification] Compile with LOG_DEBUG_ENABLED and run. No tests should fail
Change-Id: I760846428d8708cce5a1beeb88fd2bfdcbaa1a57
Kidong Kim [Wed, 19 Jun 2013 04:28:03 +0000 (13:28 +0900)]
add smack rules for WRT app
Bartlomiej Grzelewski [Tue, 18 Jun 2013 14:33:04 +0000 (14:33 +0000)]
Merge "Added SECURE_LOG* macro"
Zbigniew Jasinski [Tue, 18 Jun 2013 08:52:16 +0000 (10:52 +0200)]
Added SECURE_LOG* macro
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] SECURE_LOG* macro added for log messages refactoring
[Solution] Added SECURE_LOG* macro
[Verification] Compile with LOG_DEBUG_ENABLED and run. No tests should fail
Change-Id: Id2926d7a880f83c890f597aead7adc73b9e0dc72
Kidong Kim [Tue, 18 Jun 2013 08:23:53 +0000 (17:23 +0900)]
add smack rules for WRT app
Kidong Kim [Mon, 17 Jun 2013 14:23:30 +0000 (23:23 +0900)]
add smack rule of OSP apps for e17
Krzysztof Jackiewicz [Mon, 17 Jun 2013 13:13:39 +0000 (15:13 +0200)]
[Release] libprivilege-control_0.0.31.TIZEN
* Another release because previous one was not triggered
Change-Id: Ibc371f520e73c9a49e0f8a35906ae222bb54d59c
Krzysztof Jackiewicz [Mon, 17 Jun 2013 12:44:16 +0000 (14:44 +0200)]
[Release] libprivilege-control_0.0.30.TIZEN
* Remaining smack_accesses_add replaced with smack_accesses_add_modify
Change-Id: I57e3bcc96adc4928d23a990b893e074a1a5d35cc
Tomasz Swierczek [Fri, 31 May 2013 16:03:16 +0000 (18:03 +0200)]
Added missing part of fix for rule overwriting issue
[Issue#] N/A
[Bug] Some rules in apps rule file were overwriting rules
[Cause] smack_accesses_add used instead of smack_accesses_add_modify. Not all required changes from
86da6484f2e4cad76565b8ddac0d126e3b5327fb have been applied on rsa.
[Solution] changed function
[Verification] Install FtApp and see if rules for aospd* label are rx or rwx (should be latter)
Change-Id: Ic863b013b069e9a97d3b04e79c84f5c1a54f1f2a
Kidong Kim [Mon, 17 Jun 2013 06:42:44 +0000 (15:42 +0900)]
add new rules for OSP app
Kidong Kim [Mon, 17 Jun 2013 02:55:25 +0000 (11:55 +0900)]
add smack rules
Kidong Kim [Thu, 13 Jun 2013 02:26:32 +0000 (11:26 +0900)]
fix rules and labeling on db
Kidong Kim [Wed, 12 Jun 2013 06:43:52 +0000 (15:43 +0900)]
add smack rules for app-package::db
Krzysztof Jackiewicz [Mon, 10 Jun 2013 15:05:57 +0000 (17:05 +0200)]
Merge rsa/tizen_2.2 into rsa/master
Change-Id: Ia2e52cf82801cc5bae0575bf53991d0340a5054f
Krzysztof Jackiewicz [Mon, 10 Jun 2013 15:01:25 +0000 (17:01 +0200)]
[Release] libprivilege-control_0.0.29.TIZEN
* Fixed creation of rule sets with missing ----- (change-rule interface)
* New app_type_t values (partner and platform)
* Add error logs in app_give_access.
* Add implementation for appsetting privilege
* Change parameter names app_id to pkg_id in API functions
* Comment to app_revoke_permissions() changed.
* Fast boot optimization
* Add value APP_PATH_ANY_LABEL to enum app_path_type_t.
* Fixing Rule Loading fail for livebox apps on next reboot
Change-Id: Iff3099b508c2927f6c8c4eddcf55fa730a08d0c1
Bumjin Im [Sat, 8 Jun 2013 08:49:19 +0000 (17:49 +0900)]
Fixing Rule Loading fail for livebox apps on next reboot
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Solution] Fixing Rule Loading fail for livebox apps on next reboot
Change-Id: Ia99c5d3bbb0c207a226fe7c70c1bc7652f431746
Kidong Kim [Mon, 10 Jun 2013 11:49:19 +0000 (20:49 +0900)]
synchronize OSP/WRT rules with private repository
Kidong Kim [Mon, 10 Jun 2013 02:26:46 +0000 (11:26 +0900)]
synchronize OSP/WRT rules with private repository
Bartlomiej Grzelewski [Wed, 29 May 2013 15:16:33 +0000 (17:16 +0200)]
Add value APP_PATH_ANY_LABEL to enum app_path_type_t.
[Issue#] SSDWSSP-307
[Bug] N/A
[Cause] Some directories must be set up by installer manually.
[Solution] N/A
[Verification] Run libprivilege-control tests.
Change-Id: Iff482d43b6f5e08603a0c74820b713f8e8def5c9
Janusz Kozerski [Mon, 27 May 2013 08:22:56 +0000 (10:22 +0200)]
Fast boot optimization
[Issue#] SSDWSSP-295
[Feature] Rules for each app are now loaded while first run of the application.
[Cause] N/A
[Solution] N/A
[Verification] Build, install, reboot target. Run libprivilege-control tests.
Change-Id: I11b2c1738a4cfb7770fc680dbc02c88435e995f7
Marcin Niesluchowski [Wed, 22 May 2013 13:37:38 +0000 (15:37 +0200)]
Comment to app_revoke_permissions() changed.
[Issue#] SSDWSSP-260
[Bug/Feature] Comment to app_revoke_permissions() was not consistent with actual function requirements.
[Cause] N/A
[Solution] N/A
[Verification] N/A
Change-Id: I639247fa2af81d4adb1a153d193e94f48b1edc83
Jan Cybulski [Fri, 24 May 2013 08:57:39 +0000 (10:57 +0200)]
Change parameter names app_id to pkg_id in API functions
[Issue#] SSDWSSP-290
[Bug/Feature] N/A
[Cause] N/A
[Solution] N/A
[Verification] Build, run libprivilege tests.
Change-Id: I27a44c9c7a1491b0ff2c3827d76bf1eea4b2e2f2
Jan Cybulski [Thu, 23 May 2013 10:12:28 +0000 (12:12 +0200)]
Add implementation for appsetting privilege
[Issue#] SSDWSSP-241
[Bug/Feature] Implement an unique feature for an appsetting privilege.
The privilege should give RWX access to all registered
setting folders and RX access to all applications.
[Cause] N/A
[Solution] Change in app_add_permissions_internal.
[Verification] Run libprivilege tests.
Test privilege_control16_appsettings_privilege should pass
Change-Id: Icdb2b6dc44395ec7a723064bc2db56ef634e609d
Bartlomiej Grzelewski [Thu, 9 May 2013 14:43:05 +0000 (16:43 +0200)]
Add error logs in app_give_access.
[Issue#] SSDWSSP-226
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Successful compilation. Run test.
Change-Id: I7bb100c39a6fb139414a88e72a73c60282f4168f
Marcin Niesluchowski [Mon, 20 May 2013 09:56:27 +0000 (11:56 +0200)]
privilege-control.c and privilege-control.h extended by new app_type_t values. New WRT_partner.smack, WRT_platform.smack, OSP_partner.smack and OSP_platform.smack created from WRT.smack and OSP.smack.
[Issue#] SSDWSSP-270
[Bug/Feature] Change app_enable_permissions() input app type - extend to new app types.
[Cause] N/A
[Solution] N/A
[Verification] Creating and running tests for new app types.
Change-Id: I4c5525d2dfc9c626b07a8dae33f073db7460ce9c
Tomasz Swierczek [Fri, 31 May 2013 16:03:16 +0000 (18:03 +0200)]
Fixed creation of rule sets with missing ----- (change-rule interface)
[Issue#] N/A
[Bug] Some rules in apps rule file were overwriting rules
[Cause] smack_accesses_add used instead of smack_accesses_add_modify
[Solution] changed function
[Verification] Install FtApp and see if rules for aospd* label are rx or rwx (should be latter)
Change-Id: I66e2cae21865bd4be1b885df8d958a5fa0409d52
Conflicts:
src/privilege-control.c
Krzysztof Jackiewicz [Wed, 29 May 2013 16:17:07 +0000 (18:17 +0200)]
[Release] libprivilege-control_0.0.28.TIZEN
* smack_pid_have_access and get_smack_label_from_process added.
* special handling for http://tizen.org/privilege/antivirus
* New API for labeling directories and files
* Changing way of mapping feature to file name
* refactoring
Change-Id: I0eb10d8dd99178c226cb678263d2026e459f7fb1
Zofia Abramowska [Wed, 29 May 2013 15:50:23 +0000 (17:50 +0200)]
Changing way of mapping feature to file name
[Issue#] SSDWSSP-292
[Feature] Supporting wider variety of feature names
[Cause] Previously there was no difference in mapping features
named like http://<something>/feature.name, no matter what
<something> was. This isn't proper anymore.
[Solution] Mapping whole feature name to file name
[Verification] Build. Run tests. Test for adding api features will fail.
Change-Id: I4c459e845215c7dcab522a415a560e86936b057a
Rafal Krypa [Thu, 23 May 2013 09:54:34 +0000 (11:54 +0200)]
New API for labeling directories and files.
[Issue#] SSDWSSP-240
[Feature] New API for labeling directories and files
[Cause] Redesigned with new requested feature implementation
[Solution] Provide new function app_setup_path(), deprecate app_label_dir(), app_label_shared_dir() and app_add_shared_dir_readers()
[Verification] Build, install, reboot target. Run libprivilege-control tests.
Change-Id: I9e8ad0c279fc8edfe2ef3764382d6726f5615dcc
Rafal Krypa [Wed, 22 May 2013 13:13:57 +0000 (15:13 +0200)]
Code refactoring, new internal function for adding single rule for an application.
[Issue#] N/A
[Feature] New static function app_add_rule()
[Cause] The same functionality implemented in several places.
[Solution] Refactoring for better code reuse.
[Verification] Build, install, reboot target. Run libprivilege-control tests.
Change-Id: Id76ae8a435e38092c219ed40b65b11b0f4690b42
Janusz Kozerski [Mon, 13 May 2013 15:27:53 +0000 (17:27 +0200)]
Implement special handling for tizen.org/privilege/antivirus
[Issue#] SSDWSSP-239
[Bug/Feature] Implement special handling for http://tizen.org/privilege/antivirus
[Cause] app_register_av() is deprecated.
[Solution] N/A
[Verification] Build, install. Install apps.installer.rpm from task (in CAM), and try to install McAfee anti virus (in CAM).
Change-Id: Icd2ba4f8385dedc53fe1e380bef1463e228bcc2e
Krzysztof Jackiewicz [Wed, 29 May 2013 15:20:21 +0000 (17:20 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Janusz Kozerski [Mon, 6 May 2013 12:34:13 +0000 (14:34 +0200)]
Add API functions smack_pid_have_access and get_smack_label_from_process.
[Issue#] SSDWSSP-220
[Feature] Add new function: smack_pid_have_access. This function calls smack_have_access, and if there's no access granted then check if process have CAP_MAC_OVERRIDE.
[Problem] N/A
[Cause] N/A
[Solution] N/A
[Verification] Build, install.
Change-Id: If319fd7b176d9a7e1ecb38458f6178e5e7f9865c
Krzysztof Jackiewicz [Wed, 29 May 2013 14:12:06 +0000 (16:12 +0200)]
[Release] libprivilege-control_0.0.27.TIZEN
* Executable link labeling. API deprecation.
Change-Id: Ie9669c42b31aa066fc9955c80c282bcb41f9d04d
Marcin Niesluchowski [Wed, 22 May 2013 12:12:47 +0000 (21:12 +0900)]
Revert "Fixing app_revoke_internal() used by app_revoke_permissions()"
This reverts commit
8b61c02bade31201966fdeb822569b2b5c2da5b3
Kidong Kim [Tue, 28 May 2013 07:42:29 +0000 (16:42 +0900)]
add new smack rule
Krzysztof Jackiewicz [Tue, 7 May 2013 06:37:36 +0000 (08:37 +0200)]
WRT binary link handling updated.
[Issue#] N/A
[Feature/Bug] N/A
[Problem] WRT application label should be retrieved from link to executable
xattrs. Currently widget_id is the label.
[Cause] N/A
[Solution] Smack label is retrieved from link to executable. app_label_dir
has been modified to label links to executable files with proper exec label.
[Verification] Run libprivilege-control-test. Reboot, install a widget and
launch it. http://slp-info.sec.samsung.net/gerrit/#/c/204855/
Change-Id: Iae87854283989f0d3ff0b76c9092c10654f47c7c
Marcin Niesluchowski [Tue, 14 May 2013 15:36:18 +0000 (17:36 +0200)]
Fixing app_revoke_internal() used by app_revoke_permissions()
[Issue#] SSDWSSP-260
[Bug/Feature] Libprivilege-control tests fail
[Cause] N/A
[Solution] N/A
[Verification] Running tests
Change-Id: I72f654279998f4622ce2a9564580242b29ec9d80
Zofia Abramowska [Mon, 13 May 2013 14:10:19 +0000 (16:10 +0200)]
Marking app_give_access & app_revoke_access as deprecated
[Issue#] SSDWSSP-229
[Bug/Feature] N/A
[Cause] Reimplementing process_app_give_access in security-server
[Solution] N/A
[Verification] Successful build
Change-Id: Id81146bc2892353ec2f55976a4d77077d2744e43
Kidong Kim [Tue, 21 May 2013 08:48:34 +0000 (17:48 +0900)]
add rule for wrt_launchpad_daemon
Bumjin Im [Wed, 15 May 2013 10:30:10 +0000 (19:30 +0900)]
Adjusting Rules for boolmark
Kidong Kim [Wed, 15 May 2013 07:26:57 +0000 (16:26 +0900)]
add smack rules for sdcard
Kidong Kim [Tue, 14 May 2013 08:58:30 +0000 (17:58 +0900)]
add smack rules for osp/web app
Bumjin Im [Tue, 14 May 2013 06:03:52 +0000 (15:03 +0900)]
Merge "Update .smack files 2" into tizen_2.1
jinha.hwang [Tue, 14 May 2013 05:54:44 +0000 (14:54 +0900)]
Update .smack files 2
Kidong Kim [Tue, 14 May 2013 05:08:26 +0000 (14:08 +0900)]
add new rules for system::share
Krzysztof Jackiewicz [Mon, 13 May 2013 17:06:30 +0000 (19:06 +0200)]
[Release] libprivilege-control_0.0.26.TIZEN
* Added rules for OSP/WRT apps for app_give_access API usage in security-server
Change-Id: Ia529d15219f89d53f27c504b9715207acf1f8ab0
Tomasz Swierczek [Mon, 13 May 2013 16:25:07 +0000 (18:25 +0200)]
Added rules for OSP/WRT apps for app_give_access API usage in security-server
[Issue#] TDIS-5744
[Bug/Feature] Missing SMACK rules for runtime check for access to API.
[Cause] N/A
[Solution] Added rules - temporarily to OSP.smack and WRT.smack
[Verification] use app_enable_permissions() - rule file should contain rule for security-server::api-data-share
Change-Id: Iefc140b1a93e5eec5507e466ea2db11641cff222
Tomasz Swierczek [Mon, 13 May 2013 16:25:07 +0000 (18:25 +0200)]
Added rules for OSP/WRT apps for app_give_access API usage in security-server
[Issue#] TDIS-5744
[Bug/Feature] Missing SMACK rules for runtime check for access to API.
[Cause] N/A
[Solution] Added rules - temporarily to OSP.smack and WRT.smack
[Verification] use app_enable_permissions() - rule file should contain rule for security-server::api-data-share
Change-Id: I63fbe3dadbc147aef663c9bd0b6a5cdfd390702e
Kidong Kim [Mon, 13 May 2013 14:25:55 +0000 (23:25 +0900)]
add new label and rules - system::share
Bumjin Im [Mon, 13 May 2013 06:55:05 +0000 (15:55 +0900)]
Adding x rules for osp-*-services
Bumjin Im [Mon, 13 May 2013 00:57:31 +0000 (09:57 +0900)]
Adjusting overwrapped Rule
Bumjin Im [Sun, 12 May 2013 07:39:57 +0000 (16:39 +0900)]
Removing Label for so files
Bumjin Im [Sun, 12 May 2013 05:18:30 +0000 (14:18 +0900)]
Modifying Smack rules for Apps
Bumjin Im [Sun, 12 May 2013 04:22:29 +0000 (13:22 +0900)]
Modifying Smack rules for Apps
Bumjin Im [Sun, 12 May 2013 03:58:22 +0000 (12:58 +0900)]
Modifying Smack rules for Apps
Bumjin Im [Sun, 12 May 2013 03:52:58 +0000 (12:52 +0900)]
Modifying Smack rules for Apps
jinha.hwang [Sat, 11 May 2013 14:24:20 +0000 (23:24 +0900)]
Update .smack files
Kidong Kim [Sat, 11 May 2013 10:59:46 +0000 (19:59 +0900)]
add default rules
Kidong Kim [Fri, 10 May 2013 08:48:16 +0000 (17:48 +0900)]
merge back from tizen_2.1_smack
Tomasz Swierczek [Wed, 8 May 2013 07:35:50 +0000 (09:35 +0200)]
Revert "Bug in app_install() fixed"
This reverts commit
618655f8840efd978b073ce9239a16e1d061d14b.
Krzysztof Jackiewicz [Tue, 7 May 2013 09:28:18 +0000 (18:28 +0900)]
Merge "Merge remote-tracking branch 'tizendev/tizen_2.1_smack' into tizendev"
Krzysztof Jackiewicz [Mon, 6 May 2013 08:13:50 +0000 (10:13 +0200)]
Clean up libprivilege-control code
[Issue#] SSDWSSP-207
[Feature/Bug] N/A
[Problem] Cleanup the code
[Cause] N/A
[Solution] Unnecessary code removed. Comments updated
[Verification] Successfull compilation
Change-Id: I0bfe450301aee4b6f4f1b94336fef75d5c38dd60
Marcin Niesluchowski [Thu, 2 May 2013 12:18:32 +0000 (14:18 +0200)]
Bug in app_install() fixed
[Issue#] SSDWSSP-223
[Bug/Feature] Fix bugs that make libprivilege-control test fail
[Cause] N/A
[Solution] N/A
[Verification] N/A
Change-Id: I88712168c64c8d35e7700124ff9da4ffefa32493
Rafal Krypa [Mon, 6 May 2013 10:47:58 +0000 (12:47 +0200)]
Merge remote-tracking branch 'tizendev/tizen_2.1_smack' into tizendev
Kidong Kim [Sat, 4 May 2013 04:37:07 +0000 (13:37 +0900)]
add new labels for vconf
Rafal Krypa [Fri, 3 May 2013 13:22:09 +0000 (15:22 +0200)]
Empty commit to trigger OBS build.
Change-Id: I642fcd66b10fef0f4a0152ae4e383deb6832f50a
Rafal Krypa [Fri, 3 May 2013 11:51:27 +0000 (13:51 +0200)]
permissions: unify smack config files with private repository
Files are now identical in both repositories, with respect to
com.samsung => org.tizen changes.
[Issue#] N/A
[Feature] Unify Smack configuration
[Cause] Transition of Smack configuration from private to RSA repo
[Solution] N/A
[Verification] N/A
Change-Id: I0be7d73a14746b4e52843b337ed7a4680c7b60cd
Rafal Krypa [Fri, 3 May 2013 11:54:59 +0000 (13:54 +0200)]
Merge remote-tracking branch 'tizendev/master' into tizen_2.1_smack
Rafal Krypa [Fri, 3 May 2013 11:32:40 +0000 (13:32 +0200)]
Merge missing code pieces from private repository.
[Issue#] N/A
[Bug] Patches applied in different version in RSA and private repository
[Cause] Developers not careful enough about applying patches in both places
[Solution] Move missing bits of code
[Verification] N/A
Change-Id: I69234dc73666e146458eb44783c870676a9c523c
Bartlomiej Grzelewski [Tue, 30 Apr 2013 14:16:47 +0000 (16:16 +0200)]
Allow multiple call of app_give_access.
If some permissions were set twice or more by app_give_access
libprivilege should save state from "first call".
[Issue#] N/A
[Feature] N/A
[Cause] N/A
[Solution] N/A
[Verification] N/A
Change-Id: I62392864550cab1f355b3921399ccaa47a1eeffe
Rafal Krypa [Fri, 3 May 2013 10:35:12 +0000 (12:35 +0200)]
Merge remote-tracking branch 'tizendev/tizen_2.1' into tizendev
Conflicts:
packaging/libprivilege-control-conf.manifest
permissions/OSP.smack
src/privilege-control.c
Change-Id: I9ead94857033456cfddc4face120e0cfde07682f
Kidong Kim [Thu, 2 May 2013 08:59:26 +0000 (17:59 +0900)]
add new smack labels for vconf and support IPv6
Rafal Krypa [Mon, 22 Apr 2013 15:20:18 +0000 (17:20 +0200)]
Add DAC config files for DB access control.
[Issue#] SSDWSSP-175
[Feature] Add application to additional groups based on allowe permissions.
[Cause] SQlite databases require SMACK write permissions to be readable (locking).
[Solution] This patch adds config files for already existing code.
[Verification] N/A
Change-Id: I759871b20c764813676085edc114f9aae531f47f
Krzysztof Jackiewicz [Fri, 26 Apr 2013 13:57:58 +0000 (15:57 +0200)]
Klocwork bugfixes
[Issue#] SSDWSSP-213
[Feature/Bug] N/A
[Problem] Issues reported by Klocwork
[Cause] N/A
[Solution] Issues fixed
[Verification] Build and run libprivilege tests
Change-Id: I3328b94d351edf263f316a1c7ae3019604195d22
Janusz Kozerski [Mon, 29 Apr 2013 12:49:04 +0000 (14:49 +0200)]
Add AV custom rule set support
[Issue#] SSDWSSP-205
[Bug] N/A
[Cause] N/A
[Solution] Add predefined rules for antivirus (antiviurs some_app rwx, some_app antivirus rx).
[Verification] Build, install, reboot target, run tests - the 10th test (app_register_av) should fail now.
Change-Id: I1019173b8c31cf6e984c3b12be00bd61dfe84e7e
Rafal Krypa [Wed, 24 Apr 2013 13:53:47 +0000 (15:53 +0200)]
Fix for complimentary groups setting.
[Issue#] N/A
[Bug] Adding applications to additional groups depends on SMACK.
[Cause] In AUL context app_id is unknown and it was guessed from current SMACK label.
[Solution] Read SMACK label from file xattrs, which are available even without SMACK support in kernel.
[Verification] Build, install on non-SMACK system, reboot target, run some apps.
Change-Id: Ie69ea5d60b48a0358bb0a266281a146a05aa9eb1
Rafal Krypa [Wed, 24 Apr 2013 13:42:02 +0000 (15:42 +0200)]
Remove SMACK_ENABLED ifdefs.
[Issue#] N/A
[Feature] Remove possibility to compile this lib with no SMACK support.
[Cause] The code is highly SMACK specific, and there is a run time check for SMACK anyway.
[Solution] Remove ifdefs and alternative code.
[Verification] Build.
Change-Id: I3fb546829d9a8701bcbadce77dd9aefb77292ce0
Conflicts:
src/privilege-control.c
Tomasz Swierczek [Wed, 24 Apr 2013 12:22:10 +0000 (14:22 +0200)]
Setting WebAPP label to pkgId again. This reverts commit
9bbaf8f2f2be6b59b2b6fc0c1624fc9cf58878a0.
[Issue#] SSDWSSP-94
[Feature] Changed WebApp SMACK label set in AUL
[Cause] N/A
[Solution] Hybrid apps need this
[Verification] Build, install, reboot target. Run any widget. It should run properly.
Change-Id: I3efe0731d72941337df579589f922ff382e835bb
Rafal Krypa [Mon, 22 Apr 2013 15:03:19 +0000 (17:03 +0200)]
Simplify cleanup code by using GCC extension for variable scoping.
[Issue#] N/A
[Feature] Simplify cleanup code in functions.
[Cause] N/A
[Solution] Use GCC's cleanup attribute for automatic resource reclaim.
[Verification] Build, install, reboot target. Run tests from security-tests.
Change-Id: Id874ff958f2065b61c04875c362ec3331d603865
Conflicts:
src/privilege-control.c
Jan Cybulski [Thu, 18 Apr 2013 13:43:35 +0000 (15:43 +0200)]
app_shared_dir_add_readers() accepts NULL in 'app_list' not ""
[Issue#] SSDWSSP-196
[Feature/Bug] app_shared_dir_add_readers() does not accept NULL in a list of arguments
[Problem] N/A
[Cause] Unification to other API functions
[Solution] check if there if a NULL in a list of readers. Threat it as an end of a list.
[Verification] libprivilege-control-test --output=text
Change-Id: I13079b349b9cdfb1ca6a01924e4e0f563f1b7e0f
Rafal Krypa [Thu, 18 Apr 2013 15:08:06 +0000 (17:08 +0200)]
Create separate source file for internal, common code.
[Issue#] N/A
[Feature] Refactorization.
[Cause] Code starts to be duplicated.
[Solution] Common internal source file.
[Verification] Build, install, run tests.
Change-Id: I233eede546d6a7bb9c0ab9cefd1e349be10364b1
Conflicts:
src/privilege-control.c
Kidong Kim [Mon, 22 Apr 2013 10:04:32 +0000 (19:04 +0900)]
add new smack rules for tizenprv00.privacy-popup
Rafal Krypa [Thu, 18 Apr 2013 15:35:15 +0000 (17:35 +0200)]
Don't delete SMACK rules file for app in function app_reset_permissions()
[Issue#] N/A
[Bug] app_reset_permission() should only read the file, but it removes it afterwards.
[Cause] Internal usage of app_revoke_permissions(), which should remove the file.
[Solution] Create internal version of app_revoke_permissions(), that takes additional argument.
[Verification] Build, install, reboot target. Run tests, launch a widget twice.
Change-Id: I2c62dc1dbf99738a3752b3959412d68c032c60e1
Rafal Krypa [Thu, 18 Apr 2013 14:18:05 +0000 (16:18 +0200)]
Temporary workaround for complimentary groups not working on non-SMACK system.
[Issue#] N/A
[Bug] set_app_privilege() fails when SMACK is not available.
[Cause] Complimentary groups setting depend on getting app_id from process' SMACK label.
[Solution] Temporarily turn this off for non-SMACK systems.
[Verification] Build, install on non-SMACK system, reboot target, run some apps.
Change-Id: I9733c1d28ab810de6b40c56a2a79747978ab2911