platform/core/security/security-manager.git
8 years agoPath registration requests - server side implementation 52/68152/15
Krzysztof Jackiewicz [Mon, 2 May 2016 09:16:16 +0000 (11:16 +0200)]
Path registration requests - server side implementation

[Feature] Provide API for package path registration
[Solution] Update server side logic.

[Verification] Run tests

Change-Id: Ie20db0c0764d48b97ef195ea422aa120f38c7125

8 years agoPath registration requests - client side implementation 40/68140/10
Krzysztof Jackiewicz [Mon, 2 May 2016 07:28:33 +0000 (09:28 +0200)]
Path registration requests - client side implementation

[Feature] Provide API for package path registration.
[Solution] Add client side implementation + communication.

[Verification] Run tests. TODO prepare tests.

Change-Id: Iae9a03894a9780fb4b0a9242e278e940d2e2989d

8 years agoMove author_id to pkg - server code adjustment 39/68139/7
Krzysztof Jackiewicz [Mon, 2 May 2016 10:31:58 +0000 (12:31 +0200)]
Move author_id to pkg - server code adjustment

[Problem] Author is not a feature of app anymore. Server code needs to be
adjusted.
[Solution] Get author via pkg instead of app. Rename variables and functions.
Update author's rules in existing ones if a new app with different author is
installed. Separate author rules for app from app-rules-template.smack

[Verification] Run tests (especially author related ones)
TODO: Add author update test case.

Change-Id: I8e42877170809e9e71c8c676b566119e3b16fbd5

8 years agoMove author_id to pkg - db migration 98/67998/7
Krzysztof Jackiewicz [Thu, 28 Apr 2016 15:26:28 +0000 (17:26 +0200)]
Move author_id to pkg - db migration

[Problem] Paths will be registered per pkg but path can be shared between apps
of the same author and the author is a feature of an app.
[Solution] Make author a feature of a pkg. Modify db accordingly and add proper
migration script.

[Verification] Install on v2 version and run tests.

Change-Id: I6a9933ec25094a92f20b76b3f72cbd4064f060c7

8 years agoAdd path registration API stub 44/67844/8
Krzysztof Jackiewicz [Wed, 27 Apr 2016 09:19:43 +0000 (11:19 +0200)]
Add path registration API stub

[Problem] Path registration is package specific and requires a separate
processing.
[Solution] Create API for package path registration.

[Verification] Successfull compilation

Change-Id: Ie31d756b7dc7ca9bca82305b03dd8000ba6b9bc5

8 years agoAdd privilege-group mapping for tethering.admin privilege 83/69083/1
jooseong lee [Wed, 11 May 2016 11:06:59 +0000 (20:06 +0900)]
Add privilege-group mapping for tethering.admin privilege

Refer to :
 * https://review.tizen.org/gerrit/69079
 * https://review.tizen.org/gerrit/69071

Change-Id: Idb914ceaaed4ca208e1de725a22395fd5e82b7d5
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
8 years agoRelease version 1.1.4 00/68700/1 accepted/tizen/common/20160510.050958 accepted/tizen/ivi/20160510.002733 accepted/tizen/mobile/20160510.002727 accepted/tizen/tv/20160510.002730 accepted/tizen/wearable/20160510.002719 submit/tizen/20160509.103316
jooseong lee [Mon, 9 May 2016 10:29:44 +0000 (19:29 +0900)]
Release version 1.1.4

Changes:

Use wildcard user in cynara policy installing a preloaded app

Change-Id: I695c9422a1ff77c493484e18f07fcd9090a2af4e
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
8 years agoUse wildcard user in cynara policy installing a preloaded app 47/68647/1
jooseong lee [Mon, 9 May 2016 06:19:17 +0000 (15:19 +0900)]
Use wildcard user in cynara policy installing a preloaded app

Preloaded app is a global app, which is installed in TZ_SYS_RO.
User credential in cynara app policy should be wildcard.

Change-Id: I54841d051d1e7671e23e2cecae0a1ed1a601395a
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
8 years agoRelease version 1.1.3 71/68071/1 accepted/tizen/common/20160504.125034 accepted/tizen/ivi/20160503.011618 accepted/tizen/mobile/20160503.011518 accepted/tizen/tv/20160503.011539 accepted/tizen/wearable/20160503.011559 submit/tizen/20160502.103854
Tomasz Swierczek [Mon, 2 May 2016 05:51:39 +0000 (07:51 +0200)]
Release version 1.1.3

Changes:

Change logic of security_manager_set_process_groups_from_appid
Don't check permissions on API calls in off-line mode
Fix implementation of filesystem.cpp
Move smack files to new directory
refactoring: use common function template for getting label by libsmack
Add installation types (global, local, preloaded).
Integrate with Cynara, clients must be privileged
db: update schema to version 2
Add constraint error in database logic.
More error messages
Use app instead of app_pkg_view in sqlite queries
security-manager-policy-reload: don't print errors on image build
Add privilege-group mapping for iotcon
Remove unused table version
Adjust Cynara privileges required by privacy manager APIs
Revert "Add installation types (global, local, preloaded)."
DB: Change app ids to app names in private sharing
Revoke subject label of uninstalled application

Change-Id: I0882ea1a261643b942e35cf528d0367599293c3d
Signed-off-by: Tomasz Swierczek <t.swierczek@samsung.com>
8 years agoChange logic of security_manager_set_process_groups_from_appid 81/67981/3
Rafal Krypa [Fri, 29 Apr 2016 18:06:00 +0000 (20:06 +0200)]
Change logic of security_manager_set_process_groups_from_appid

The API function sets groups in application candidate process.
The following changes are applied:
- groups are based on privileges assigned to appId, not pkgId - don't
  consider privileges granted to other apps in the package
- if the process was previously added to any group that is mapped to
  a privilege and app doesn't have access to that privilege, the group
  will be removed from the process
- no group will be added to the process more than once

Change-Id: Ifbb5fe48f2ad0bcc69ca00c13e6d7f2a20b148a2
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoDon't check permissions on API calls in off-line mode 17/68017/1
Rafal Krypa [Fri, 29 Apr 2016 17:44:12 +0000 (19:44 +0200)]
Don't check permissions on API calls in off-line mode

Off-line mode was introduced to be used during image creation, when no
services are running. It enables root to perform some security-manager
operations on the client side.

But in off-line mode not only security-manager isn't running. No services
run, including cynara service. When libsecurity-manager-client tries to
check whether the off-line mode user has access to proper privilege, it
fails because cynara_check() has no off-line mode.

Permission checking in such scenario isn't required. The user is already
checked for UID 0 and even if it gets away from that check, it wouldn't be
able to perform actual operations without being super user.

Change-Id: I087bbc6b29a702a445d4498b96a950ca1e919efd
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoFix implementation of filesystem.cpp 33/67833/1
Bartlomiej Grzelewski [Thu, 28 Apr 2016 13:06:46 +0000 (15:06 +0200)]
Fix implementation of filesystem.cpp

The function getFilesFromDirectory should not follow
links. It should return the list of files in directlry.

Change-Id: I142f8e0bc3a992da2f14d69e758426aff5df2ab6

8 years agoMove smack files to new directory 96/64996/9
Bartlomiej Grzelewski [Tue, 5 Apr 2016 18:35:53 +0000 (20:35 +0200)]
Move smack files to new directory

All smack rules generated by security-manager will be merged to one
file. This will speed up start process as reading one big file is
much faster than opening and reading a lot of small ones.

The rules related with apps are loaded by security-manager-rules-loader
service after local-fs.target. Before local-fs.terget smack rules
related to user app are not required. We may load this rules in
service that is triggered after local-fs.target and improve systemd
start time.

Change-Id: I64c961b90ee84772815f41dceefa15b567399763

8 years agorefactoring: use common function template for getting label by libsmack 29/61929/2
Rafal Krypa [Fri, 11 Mar 2016 08:10:21 +0000 (09:10 +0100)]
refactoring: use common function template for getting label by libsmack

Merging repeated code pattern where a libsmack function is used to fetch
Smack label, the result must be wrapped into std::string and memory
allocated by libsmack safely freed.

Change-Id: I67136fc5f78fd7974d27feafb0ee2d3164df9461
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoAdd installation types (global, local, preloaded). 95/62995/11
Rafal Krypa [Wed, 20 Apr 2016 15:27:50 +0000 (17:27 +0200)]
Add installation types (global, local, preloaded).

Before this commit installation type was based on UID.
With this commit it is possible to set type of installation (global, local,
preloaded) during app installation request. If type is not specified,
and installation is performed by global user, default 'SM_APP_INSTALL_GLOBAL'
type of installation is set. Otherwise installation type is set to
'SM_APP_INSTALL_LOCAL'.

New API function avaliable:

* int security_manager_app_inst_req_set_install_type(app_inst_req *p_req,
    const enum app_install_type type)

Change-Id: I1abfff547482c7adfedc09d9832569a294752d41

8 years agoIntegrate with Cynara, clients must be privileged 24/61024/14
Rafal Krypa [Wed, 13 Apr 2016 14:55:51 +0000 (16:55 +0200)]
Integrate with Cynara, clients must be privileged

Several API functions now require the caller to hold appropriate privilege.
Ultimately new internal privileges will be created and used by security-manager.
For now, when appropriate privilege is missing, use "notexist" privilege
placeholder.

Privileges required per API:
- security_manager_app_install
  * http://tizen.org/privilege/notexist (private installation)
  * http://tizen.org/privilege/notexist (global installation)

- security_manager_app_uninstall
  * http://tizen.org/privilege/notexist (private uninstallation)
  * http://tizen.org/privilege/notexist (global uninstallation)

- security_manager_private_sharing_apply
  * http://tizen.org/privilege/notexist

- security_manager_private_sharing_drop
  * http://tizen.org/privilege/notexist

- security_manager_policy_update_send
  * http://tizen.org/privilege/notexist (for setting own policy)
  * http://tizen.org/privilege/internal/usermanagement (for setting policy for other or all)

- security_manager_get_configured_policy_for_admin
  * http://tizen.org/privilege/internal/usermanagement

- security_manager_get_configured_policy_for_self
  * http://tizen.org/privilege/notexist

- security_manager_get_policy
  * http://tizen.org/privilege/notexist (for fetching own policy)
  * http://tizen.org/privilege/internal/usermanagement (for fetching policy for other or all)

- security_manager_user_add
  * http://tizen.org/privilege/internal/usermanagement

- security_manager_user_delete
  * http://tizen.org/privilege/internal/usermanagement

Change-Id: Id67473db434b13d977fbd2fa704db3ac1bd1c32b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agodb: update schema to version 2 87/65987/4
Rafal Krypa [Thu, 14 Apr 2016 09:03:16 +0000 (11:03 +0200)]
db: update schema to version 2

Since last release database schema was modified. We now have proper tools
for handling such changes. The update to version 2 covers all schema
differences since last release.

Change-Id: I5bbc3297065468f17f28d15c28c5232c34d3507f
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agodb: Add update script 73/62573/13
Lukasz Kostyra [Wed, 16 Mar 2016 15:36:47 +0000 (16:36 +0100)]
db: Add update script

The script performs update of current security-manager database
by using intermediate schema updaters (located in db/updates) and
by applying views from main db schema (db/db.sql).

Verification:
    Build with higher package version, upgrade package with rpm -Uh.
    The script will activate and update DB version on target to 1.

Change-Id: I4d185f7e47d4ae9df53349627b8f97be22ef2642
Signed-off-by: Lukasz Kostyra <l.kostyra@samsung.com>
Signed-off-by: Zbigniew Jasinski <z.jasinski@samsung.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoAdd constraint error in database logic. 49/65349/6
Krzysztof Jackiewicz [Fri, 8 Apr 2016 13:23:38 +0000 (15:23 +0200)]
Add constraint error in database logic.

[Problem] Constraint errors can't be distinguished from othes.
[Solution] Introduce constraint error, update documentation and add fix
exception handling in service_impl.cpp.

[Verification] Run tests

Change-Id: Ie16e02bdf7028fc28df0e4981d77879cb65eb3bf

8 years agoMore error messages 51/65851/4
Zbigniew Jasinski [Wed, 13 Apr 2016 14:05:05 +0000 (16:05 +0200)]
More error messages

Some error messages were missing. One could get misleading error messages.
For example, during app installation, if app directory doesn't exist,
one get "Failed getting app dir for user uid: ..."

* added more error messages
* added errno info for realpath()

Change-Id: I1cddc007b53417ca664e40a08fd60cf05adb9654
Signed-off-by: Zbigniew Jasinski <z.jasinski@samsung.com>
8 years agoUse app instead of app_pkg_view in sqlite queries 48/65348/5
Krzysztof Jackiewicz [Wed, 6 Apr 2016 14:01:27 +0000 (16:01 +0200)]
Use app instead of app_pkg_view in sqlite queries

[Problem] Few existing queries use app_pkg_view although the app itself is
sufficient.
[Solution] Use app instead of app_pkg_view in queries where possible.

[Verification] Run security-manager-tests

Change-Id: I212651e95982644004876ca426a213fd1a08bc65

8 years agosecurity-manager-policy-reload: don't print errors on image build 08/65808/2
Rafal Krypa [Tue, 12 Apr 2016 14:41:44 +0000 (16:41 +0200)]
security-manager-policy-reload: don't print errors on image build

The policy reload script, when recreating user type buckets for Cynara,
first tries to erase them and then create fresh ones. But on the first run,
during image build, there are no user type buckets in Cynara.

The error during erase is ignored by the script, as it should be, but misleading
error messages are also printed to stderr.
The error messagess should be silenced.

Change-Id: Ib09651560f15263793d758698e792a01471e1657

8 years agoAdd privilege-group mapping for iotcon 96/65296/2
jooseong lee [Fri, 8 Apr 2016 08:21:25 +0000 (17:21 +0900)]
Add privilege-group mapping for iotcon

iotcon service change server-client APIs to library.
This library need to check access to resources using DAC groups
corresponding to privileges, network.get and internet.

Refers to : https://review.tizen.org/gerrit/#/c/64715/

Change-Id: I8e23a0b25fb06f5196a1db177c1f610da09d1ecd
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
8 years agoRemove unused table version 75/65175/2
Krzysztof Jackiewicz [Thu, 7 Apr 2016 14:39:37 +0000 (16:39 +0200)]
Remove unused table version

[Problem] Version table is unused
[Solution] Remove it

[Verification] Run tests

Change-Id: Ib0b3b1800a8231928e607ca83fd2386828be001b

8 years agoAdjust Cynara privileges required by privacy manager APIs 18/65118/2
Rafal Krypa [Thu, 7 Apr 2016 08:50:08 +0000 (10:50 +0200)]
Adjust Cynara privileges required by privacy manager APIs

The privilege required for administrative policy management APIs is now:
http://tizen.org/privilege/internal/usermanagement

The privilege required for self policy management by users is now:
http://tizen.org/privilege/notexist
(a place holder until proper privilege is created)

Change-Id: Ia2892af7dd6a64ba6aace8c18fb57988b08e4f82
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoRevert "Add installation types (global, local, preloaded)." 19/65119/1
Rafal Krypa [Thu, 7 Apr 2016 07:35:42 +0000 (09:35 +0200)]
Revert "Add installation types (global, local, preloaded)."

Reverting functionality for explicit setting of application type during
installation. This code must be redone to be fully compatible with old
implicit behaviour of security-manager.

This reverts commit 94a21181f58b2ab6570ff06082913c7c751e4e51.
This reverts commit 46fb8b487d05fc36959e8595c742fc10e5fc2ff2.

Change-Id: Ibf1b4e27ad2977c74436c331a6c16d3c508e9cbd

8 years agoDB: Change app ids to app names in private sharing 96/61396/4
Zofia Abramowska [Thu, 3 Mar 2016 15:55:31 +0000 (16:55 +0100)]
DB: Change app ids to app names in private sharing

Applications can be uninstalled during active private sharing.
Having foreign keys from private sharing table to application table
makes uninstallation fail.

Change-Id: Ib9217f6974e13c5542c16daa13a08288e76b9095

8 years agoRevoke subject label of uninstalled application 71/61371/4
Zofia Abramowska [Mon, 7 Mar 2016 09:46:29 +0000 (10:46 +0100)]
Revoke subject label of uninstalled application

Revoking enables better and easier cleanup of dynamic
rules for e.g. private sharing.

Change-Id: Ifbeba447b82d0576d5561c7334d42113a7d98571

8 years agoUpdate release version to 1.1.2 81/63281/1 accepted/tizen/common/20160323.184826 accepted/tizen/ivi/20160323.140558 accepted/tizen/mobile/20160323.134903 accepted/tizen/tv/20160323.135349 accepted/tizen/wearable/20160323.134947 submit/tizen/20160323.060626
Yunjin Lee [Wed, 23 Mar 2016 05:20:41 +0000 (14:20 +0900)]
Update release version to 1.1.2

Change-Id: Ic682dd5aebca3f9ea1b5591f13f24230a0df214f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
8 years agoAdd core privilege: vpnservice, vpnservice.admin 78/63278/1
Yunjin Lee [Wed, 23 Mar 2016 05:17:46 +0000 (14:17 +0900)]
Add core privilege: vpnservice, vpnservice.admin

Change-Id: I38c52ae7e7145d61d868f2d13469e9b7d647a5c3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
8 years agoUpdated version for release 89/62889/1 accepted/tizen/common/20160321.150442 accepted/tizen/ivi/20160322.084408 accepted/tizen/mobile/20160321.113345 accepted/tizen/tv/20160321.113417 accepted/tizen/wearable/20160321.113437 submit/tizen/20160321.014821 submit/tizen_ivi/20160322.052829
keeho.yang [Mon, 21 Mar 2016 04:40:32 +0000 (13:40 +0900)]
Updated version for release

Change-Id: I0de26fc1debe43dc915e5cb06ac8f85c2705fd21

8 years agoRevert "Revert "Fix enum."" 88/62888/2
keeho yang [Mon, 21 Mar 2016 04:31:33 +0000 (21:31 -0700)]
Revert "Revert "Fix enum.""

This reverts commit b8f55196ada616f688d6d9c3b15cd14f696bdee1.

Change-Id: I371c3be10192ec0eab0e22b9e41c05f10dae080c

8 years agoRevert "Revert "Add installation types (global, local, preloaded)."" 86/62886/1
keeho yang [Mon, 21 Mar 2016 04:27:58 +0000 (21:27 -0700)]
Revert "Revert "Add installation types (global, local, preloaded).""

This reverts commit 23a5ce599a85820625250456d1f770ffb835d46a.

Change-Id: If965ebb18f561732b2511fd0e312f10349d18bab

8 years agoRevert "Add installation types (global, local, preloaded)." 38/62738/2 accepted/tizen/common/20160318.145801 accepted/tizen/ivi/20160318.023939 accepted/tizen/mobile/20160318.023831 accepted/tizen/tv/20160318.023854 accepted/tizen/wearable/20160318.023915 submit/tizen/20160318.010420
Yunjin Lee [Fri, 18 Mar 2016 00:55:23 +0000 (17:55 -0700)]
Revert "Add installation types (global, local, preloaded)."

This reverts commit 46fb8b487d05fc36959e8595c742fc10e5fc2ff2.

Change-Id: I67496a1682467ba45a4d368ca8924804f414cc58

8 years agoRevert "Fix enum." 37/62737/2
Yunjin Lee [Fri, 18 Mar 2016 00:54:55 +0000 (17:54 -0700)]
Revert "Fix enum."

This reverts commit 94a21181f58b2ab6570ff06082913c7c751e4e51.

Change-Id: I9380fe1828eb56554a734336f64e892ec59a2cbd

8 years agoChange strerror to strerror_r for SVACE 95/62495/4
keeho.yang [Wed, 16 Mar 2016 10:30:41 +0000 (19:30 +0900)]
Change strerror to strerror_r for SVACE

Change-Id: I3c56f677042b9d4c9acbc4530ae0d3453016aceb

8 years agoFix enum. 53/62553/2 accepted/tizen/common/20160317.160102 accepted/tizen/ivi/20160317.115553 accepted/tizen/mobile/20160317.115507 accepted/tizen/tv/20160317.115519 accepted/tizen/wearable/20160317.115541 submit/tizen/20160316.235943
Zbigniew Jasinski [Wed, 16 Mar 2016 12:56:29 +0000 (13:56 +0100)]
Fix enum.

Change-Id: I809a70832f35981fb1162be3a9bbe1d3b1eb02c7

8 years agoAdd core privilege: location.coarse 60/62060/7 submit/tizen/20160316.111312
Yunjin Lee [Mon, 14 Mar 2016 06:20:59 +0000 (15:20 +0900)]
Add core privilege: location.coarse

Change-Id: I73b61261c1319ee5f00618fbd77f8d991bce6625
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
8 years agoAdd new internal privilege for inputdevice block/unblock requests 35/62435/2
jooseong.lee [Wed, 16 Mar 2016 05:44:48 +0000 (14:44 +0900)]
Add new internal privilege for inputdevice block/unblock requests

Refers to : https://review.tizen.org/gerrit/#/c/61466/

Change-Id: I7b5e72446f05a3567cff4e8092e3d8e21fe4622d
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
8 years agoAdd privilege-group mapping for mapservice 94/62394/2
Yunjin Lee [Wed, 16 Mar 2016 01:58:11 +0000 (10:58 +0900)]
Add privilege-group mapping for mapservice

Change-Id: I36c0a8be95b201176980bf6fed303a48885a01dc
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
8 years agoAdd installation types (global, local, preloaded). 12/61812/15
Zbigniew Jasinski [Thu, 10 Mar 2016 14:46:55 +0000 (15:46 +0100)]
Add installation types (global, local, preloaded).

Before this commit installation type was based on UID.
With this commit it is possible to set type of installation (global, local,
preloaded) during app installation request. If type is not specified,
and installation is performed by global user, default 'SM_APP_INSTALL_GLOBAL'
type of installation is set. Otherwise installation type is set to
'SM_APP_INSTALL_LOCAL'.

New API function avaliable:

* int security_manager_app_inst_req_set_install_type(app_inst_req *p_req,
    const enum app_install_type type)

Change-Id: I745da8fc7a7393c360ed6d281a1f729d22bb89e6

8 years agoResolve symlinks in TZ_SYS_RW_APP/TZ_USER_APP before validating app paths 39/62139/1 accepted/tizen/common/20160316.155924 accepted/tizen/ivi/20160315.122946 accepted/tizen/mobile/20160315.122847 accepted/tizen/tv/20160315.122909 accepted/tizen/wearable/20160315.122929 submit/tizen/20160315.072217
Rafal Krypa [Mon, 14 Mar 2016 13:17:18 +0000 (14:17 +0100)]
Resolve symlinks in TZ_SYS_RW_APP/TZ_USER_APP before validating app paths

Change-Id: Iefa723380df60af802e33bbeb95d4d0ebe543444
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoChange TZ_SYS_RO_SHARE from TZ_SYS_SHARE 35/61835/1 accepted/tizen/ivi/20160311.061827 accepted/tizen/mobile/20160311.061736 accepted/tizen/tv/20160311.061744 accepted/tizen/wearable/20160311.061808 submit/tizen/20160311.044055
keeho.yang [Fri, 11 Mar 2016 02:07:47 +0000 (11:07 +0900)]
Change TZ_SYS_RO_SHARE from TZ_SYS_SHARE

Change-Id: I99c921a7cfe5a03920e8787087b9d38157df851d

8 years agoSanitize naming convention for id/name of an app/pkg/author 17/60617/3
Rafal Krypa [Mon, 29 Feb 2016 10:11:23 +0000 (11:11 +0100)]
Sanitize naming convention for id/name of an app/pkg/author

Until now it was very confusing for security-manager developers what
variables like "appId" or "authorId" meant. We had a mixed convention
for both textual identifiers, supplied by API users and internal numerical
identifiers, assigned by security-manager database.

Since now a new convention is established:
- textual identifiers of application, package or author are called
  respectively: app name, pkg name and author name
- numerical identifiers, assigned by security-manager database are called
  app id, pkg id and author id

For now there remains one exception from the above rules - public headers
of libsecurity-manager-client. API function names and parameters specified
in public headers remain unchanged for backward compatibility.
We might change those too in the future.

Change-Id: Id0df5da9b68f29c6ef0969521cd02732f4f880d4
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoSplit very long public header to smaller, logically consistent parts 07/60507/2
Rafal Krypa [Fri, 26 Feb 2016 15:16:36 +0000 (16:16 +0100)]
Split very long public header to smaller, logically consistent parts

The header security-manager.h is now split into the following parts:
- app-manager.h
- app-runtime.h
- app-sharing.h
- user-manager.h
- policy-manager.h

The original header includes all new headers, so depending applications don't
need to change their code.

Change-Id: I8dd56124b20e675c76daa86752ccb0cbd0126927
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoSmall fixes in functions generating Smack labels 87/60487/1
Rafal Krypa [Fri, 26 Feb 2016 13:05:34 +0000 (14:05 +0100)]
Small fixes in functions generating Smack labels

- properly release memory in SmackLabels::getSmackLabelFromSocket()
- use libsmack function in SmackLabels::getSmackLabelFromPath()

Change-Id: I837947a16dff90d84e751176cab0692cd70278c0

8 years agoRemove d2d.admin and d2d.appcontrol and Add use_ir privilege 13/60013/1 accepted/tizen/common/20160301.120646 accepted/tizen/ivi/20160223.232535 accepted/tizen/mobile/20160223.232444 accepted/tizen/tv/20160223.232456 accepted/tizen/wearable/20160223.232516 submit/tizen/20160223.085802 submit/tizen_common/20160229.190608
Yunjin Lee [Mon, 22 Feb 2016 09:02:04 +0000 (18:02 +0900)]
Remove d2d.admin and d2d.appcontrol and Add use_ir privilege

Change-Id: I2fb4ad8b4a35f498f3a27bfb882b77973ffd9b44
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
8 years agoUpdated version for release 35/59935/1 accepted/tizen/ivi/20160222.012529 accepted/tizen/mobile/20160222.012338 accepted/tizen/tv/20160222.012421 accepted/tizen/wearable/20160222.012456 submit/tizen/20160219.124039
Zbigniew Jasinski [Fri, 19 Feb 2016 12:18:13 +0000 (13:18 +0100)]
Updated version for release

Version:    1.1.0
Release:    3

Change-Id: I2ea66996980c7c61fef3c662479e04eec68c5bc9

8 years agoAdded 'nether' package as required for install. 88/57488/5
Zbigniew Jasinski [Wed, 20 Jan 2016 11:04:27 +0000 (12:04 +0100)]
Added 'nether' package as required for install.

Change-Id: Id1d90aeb108b7f5bec751006bf740fb9087b1c4b

8 years agoUpdated version for release 02/59602/1 accepted/tizen/mobile/20160217.011427 accepted/tizen/tv/20160217.011445 accepted/tizen/wearable/20160217.011505 submit/tizen/20160216.163356 submit/tizen_common/20160218.142243
Zbigniew Jasinski [Tue, 16 Feb 2016 16:29:13 +0000 (17:29 +0100)]
Updated version for release

Version:    1.1.0
Release:    2

Change-Id: I49569d258b16bc02bc920215c618afe6692184ef

8 years agoMove pkg rules to new template file. 18/59318/3
Bartlomiej Grzelewski [Thu, 11 Feb 2016 15:05:03 +0000 (16:05 +0100)]
Move pkg rules to new template file.

Change-Id: Ibc0a79a8f0d850ab47d43236a20a975186dfcfbe

8 years agoMove authors rules to new template file. 75/59075/5
Bartlomiej Grzelewski [Tue, 9 Feb 2016 11:09:36 +0000 (12:09 +0100)]
Move authors rules to new template file.

Change-Id: Ic5341e94823ef9e7be44705aeae3e5833b2b2b7b

8 years agoSimplify error codes in project. 94/58994/8
Bartlomiej Grzelewski [Fri, 5 Feb 2016 16:41:05 +0000 (17:41 +0100)]
Simplify error codes in project.

Change-Id: I8cd78e66cd0e7ebda56f148b7bc52229b73f45c4

8 years agoRemove master and slave mode. 00/58900/8
Bartlomiej Grzelewski [Thu, 4 Feb 2016 15:38:37 +0000 (16:38 +0100)]
Remove master and slave mode.

Change-Id: Ia02b2ba10deef665eea203a0147cce301d46db8c

8 years agoSecurity manager reports error druing author removal. 70/58370/5
Bartlomiej Grzelewski [Fri, 29 Jan 2016 15:24:28 +0000 (16:24 +0100)]
Security manager reports error druing author removal.

The function Step will return false if you
run DELETE command in sql language. It's not an error.

Change-Id: I7f6abdb26a5ae9e1e192f3d6477020a4a868e398

8 years agoRemove functionality for handling privilege mapping between Tizen versions 81/57181/2
Rafal Krypa [Thu, 4 Feb 2016 11:14:51 +0000 (12:14 +0100)]
Remove functionality for handling privilege mapping between Tizen versions

This functionality is now implemented in privilege-checker, where it belongs.

Change-Id: Ib6bafa0e4cf5255f6dfec72a21f9d7978e26b4de
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agoAdd cleanup service for shared private paths 39/58339/18
Zofia Abramowska [Fri, 29 Jan 2016 10:39:31 +0000 (11:39 +0100)]
Add cleanup service for shared private paths

Add new systemd service, which at system startup relabels all files
shared before reboot to proper label for application pkd.
This is only required when private sharings aren't dropped before
system shutdwon.

Change-Id: Ie1b6de01c2b8a5fc02de11b67f23d3b3ff545fbf

8 years agoImplement logic of apply/drop sharing in ServiceImpl 38/58338/15
Zofia Abramowska [Fri, 29 Jan 2016 10:06:31 +0000 (11:06 +0100)]
Implement logic of apply/drop sharing in ServiceImpl

Change-Id: I23ca6948cb523c336857f80ec0530f6cfebd25bc

8 years agoAdd dummy support for apply/drop sharing rules in Master 37/58337/11
Zofia Abramowska [Wed, 27 Jan 2016 11:59:18 +0000 (12:59 +0100)]
Add dummy support for apply/drop sharing rules in Master

Add new MasterReq functions for sending Smack rules request
to Master service and dummy handling on Master service side.

Change-Id: I638be66e61f06686a1ffc7d6c15c3e3bcfe991ae

8 years agoAdd dummy handling of apply/drop sharing in server 36/58336/11
Zofia Abramowska [Tue, 26 Jan 2016 18:06:42 +0000 (19:06 +0100)]
Add dummy handling of apply/drop sharing in server

Change-Id: I64dbb7a18296a09617bdbad82794ec246ae716c9

8 years agoSupport labeling shared private paths 54/58254/12
Zofia Abramowska [Thu, 28 Jan 2016 14:36:40 +0000 (15:36 +0100)]
Support labeling shared private paths

Created labels are unique per path by using crypt()
with salt generated from owner package id and path passed as
parameters.
Added getting smack label from file, this will be required to
ascertain that path is a private path of application.

Change-Id: Id82ee50249795be4158acecc6c377e1390ae2d85

8 years agoAdd default empty authorsId to setupPath 67/58367/6
Zofia Abramowska [Fri, 29 Jan 2016 14:58:26 +0000 (15:58 +0100)]
Add default empty authorsId to setupPath

Change-Id: I7e11e6eeab09b7db372003f832f89f38fe0074cf

8 years agoSupport rules for apply/drop sharing in SmackRules 53/58253/9
Zofia Abramowska [Wed, 27 Jan 2016 18:47:07 +0000 (19:47 +0100)]
Support rules for apply/drop sharing in SmackRules

Change-Id: I25c25853dd8af6c77b554505fc9f5d0231fea389

8 years agoSupport private sharing in PrivilegeDb 20/58020/8
Zofia Abramowska [Tue, 26 Jan 2016 15:27:53 +0000 (16:27 +0100)]
Support private sharing in PrivilegeDb

Add proper methods in PrivilegeDb class for handling application
private path sharing.

Change-Id: I280ade4fb8daea7c4f2eac7355bcfa0a1ece73f3

8 years agoAdd private sharing to sqlite database 68/57968/9
Zofia Abramowska [Tue, 26 Jan 2016 11:13:17 +0000 (12:13 +0100)]
Add private sharing to sqlite database

This patch introduces changes to database schema required to store
information about private path sharing.

Change-Id: I5c31decb1af2e062e5fb23108ffc9236c82763b6

8 years agoAdd dummy API for private sharing apply/drop 87/57887/9
Zofia Abramowska [Mon, 25 Jan 2016 15:05:32 +0000 (16:05 +0100)]
Add dummy API for private sharing apply/drop

This patch introduces new client API for sharing private files
between two applications. New request type is added : private_sharing_req,
and functions to send new request to server:

 * security_manager_private_sharing_apply()
 * security_manager_private_sharing_drop()

Change-Id: Ia718a9bb5abeb1dfe886149985b7515242900fa3

8 years agoSupport for removing application. 34/58334/4
Bartlomiej Grzelewski [Fri, 29 Jan 2016 10:04:47 +0000 (11:04 +0100)]
Support for removing application.

Change-Id: Ic36c335fcd1f7e2f56f1db7d56cb1d1329e52823

8 years agoSupport SECURITY_MANAGER_PATH_TRUSTED_RW during installation. 17/58017/7
Bartlomiej Grzelewski [Tue, 26 Jan 2016 14:13:39 +0000 (15:13 +0100)]
Support SECURITY_MANAGER_PATH_TRUSTED_RW during installation.

All trusted paths should be properly labelled after package
installation.

Change-Id: I766aa029d1f1e85e84ebc388ded389620faa757c

8 years agoStore author information in database. 16/58016/6
Bartlomiej Grzelewski [Fri, 29 Jan 2016 13:47:54 +0000 (14:47 +0100)]
Store author information in database.

Change database schema. New schema will allow to store author
information. Change implementaion of privilege. It is able
to insert author information to database.

Change-Id: I5b16e76dd7d9a1896f63120fbe6928e634b08898

8 years agoAdd author id serialization 64/57364/5
Krzysztof Jackiewicz [Tue, 19 Jan 2016 11:25:55 +0000 (12:25 +0100)]
Add author id serialization

[Verification] Run tests

Change-Id: I07ffd72cc951ac669a9eac22f6cb72804392738c

8 years agoPrepare API stubs for trusted/shared path support 22/56922/10
Krzysztof Jackiewicz [Wed, 13 Jan 2016 13:31:13 +0000 (14:31 +0100)]
Prepare API stubs for trusted/shared path support

[Verification] Compile & run tests.

Change-Id: I8ba2d7fe641292b5d10d2eb90b71059690bde9a9

8 years agoshared folder backward compatibility 84/57984/8
Maciej J. Karpiuk [Tue, 26 Jan 2016 12:26:14 +0000 (13:26 +0100)]
shared folder backward compatibility

Added support for declaring specific shared folder for 2.X apps only.
Added support for installing apps with declared target tizen API type.

When installing app, the package shared folder gets specific label.
The owner application has RWX rules to it's shared folder.
All other applications get no access if are targetted to Tizen 3.0 version,
or RO access when are targetted to Tizen 2.X.
If the installed app is targetted to Tizen 2.X version, it get rules to shared
folders of other 2.X packages.

Change-Id: Ibffebc824176874e627c3f84e51718de1457357a

8 years agoIntroduce API for checking application privileges based on app_id 77/57177/3
Rafal Krypa [Fri, 15 Jan 2016 15:17:48 +0000 (16:17 +0100)]
Introduce API for checking application privileges based on app_id

New API security_manager_app_has_privilege() will enable privilege checks
against applications that are not running at the moment and cannot be
checked against a running process.
The function checks permission against Cynara database, while using a
proper application identifier (Smack label) derived from app_id.

Change-Id: I9ef82896fecf3ac7a20324155f9e7f130c2a071b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agocynara: fix casting Cynara answer into bool type 65/57365/2
Rafal Krypa [Tue, 19 Jan 2016 11:26:38 +0000 (12:26 +0100)]
cynara: fix casting Cynara answer into bool type

Cynara check API returns either CYNARA_API_PERMISSION_DENIED (=1)
CYNARA_API_PERMISSION_ALLOWED (=2). This was badly cast in
SecurityManager::Cynara class to bool type, causing both return values
to be interpreted as true.

Change-Id: I5c96cfab5156e7aae81103cf8cf0d91d1b8293ab

8 years agoAdd 'socket/pid to appId and pkgId' functionality 75/48875/13
Adam Malinowski [Tue, 29 Sep 2015 06:16:11 +0000 (08:16 +0200)]
Add 'socket/pid to appId and pkgId' functionality

This patch introduces client functions for obtaining package Id
and application Id of an application with given socket descriptor
or process identifiers.
To test this functionality run tests added in patch:
https://review.tizen.org/gerrit/#/c/48887/

Change-Id: Ib9bd924563ea932ecf64d421f90bc3dde3bb38ec

8 years agosecurity-manager-cmd: adjust acceptable path types to supported values 49/57049/2
Rafal Krypa [Thu, 14 Jan 2016 16:29:33 +0000 (17:29 +0100)]
security-manager-cmd: adjust acceptable path types to supported values

Change-Id: Ife4354fd2b892ae46658fa8886f2c3599d3ed316

8 years agoFix issue with mutiple install the same app for different users 37/53837/3
Janusz Kozerski [Wed, 9 Dec 2015 15:29:43 +0000 (16:29 +0100)]
Fix issue with mutiple install the same app for different users

If the same application has been installed for more than one user,
then while uninstallation Smack rule file should remain in the system
until the last "instance" of application is present.

Change-Id: Ice8b1b7afe036028efcabf5a77732db0811763c4

8 years agoFix security-manager-policy-reload erasing existing entries 46/55346/2
Rafal Krypa [Wed, 23 Dec 2015 08:39:23 +0000 (09:39 +0100)]
Fix security-manager-policy-reload erasing existing entries

The policy reload script, while reloading user type buckets, used to
unintentionally erase existing entries mapping users to user types.
This was caused by the way in which user type buckets were reloaded:
by removing the bucket and recreating it with intended contents.
Erasing the bucket is wrong - it also erases all links to it.
Changing the reload mechanism to clean the bucket instead.

Change-Id: I6279b2f75d1b7136679edf228d89eb2b001bd76b
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
8 years agosecurity-manager-policy-reload: do not depend on GNU sed 77/50277/2
Patrick Ohly [Wed, 19 Aug 2015 13:02:32 +0000 (15:02 +0200)]
security-manager-policy-reload: do not depend on GNU sed

\U (= make replacement uppercase) is a GNU sed extension which is not
supported by other sed implementation's (like the one from
busybox). When using busybox, the bucket for user profiles became
USER_TYPE_Uadmin instead USER_TYPE_ADMIN.

To make SecurityManager more portable, better use tr to turn the
bucket name into uppercase.

Change-Id: I425256d3e9bd6619678763cbe1657e926116d48d
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
8 years agosystemd: stop using compat libs 76/50276/2
Patrick Ohly [Tue, 24 Mar 2015 11:54:03 +0000 (04:54 -0700)]
systemd: stop using compat libs

libsystemd-journal and libsystemd-daemon are considered obsolete
in systemd since 2.09 and may not be available (not compiled
by default).

The code works fine with the current libsystemd, so just
use that.

Change-Id: I5a272bc3ad1e93dd3bb5001b537a134a4ef856bc
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
8 years agosocket-manager: removes tizen specific call 07/56507/1
José Bollo [Fri, 8 Jan 2016 15:53:46 +0000 (16:53 +0100)]
socket-manager: removes tizen specific call

The function 'smack_fgetlabel' is specific to Tizen
and is no more maintained upstream.

Change-Id: I3802742b1758efe37b33e6d968ff727d68f2fd1f
Signed-off-by: José Bollo <jobol@nonadev.net>
8 years agoAdd new native privileges(d2d.admin, d2d.appcontrol, d2d.datasharing) 63/54963/1 accepted/tizen/ivi/20160218.023847 accepted/tizen/mobile/20151221.101048 accepted/tizen/tv/20151221.101041 accepted/tizen/wearable/20151221.101159 submit/tizen/20151221.050505 submit/tizen_common/20151229.142028 submit/tizen_common/20151229.144031 submit/tizen_common/20151229.154718 submit/tizen_ivi/20160217.000000 submit/tizen_ivi/20160217.000003
jooseong.lee [Mon, 21 Dec 2015 04:50:33 +0000 (13:50 +0900)]
Add new native privileges(d2d.admin, d2d.appcontrol, d2d.datasharing)

Refers to: https://review.tizen.org/gerrit/#/c/54954/

Change-Id: I967d6ee7045854a7621212ee42e72a78bd26fdad
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
8 years agoAdd privilege-group mapping for message.read privilege 95/54695/1 accepted/tizen/mobile/20151217.223736 accepted/tizen/tv/20151217.223753 accepted/tizen/wearable/20151217.223813 submit/tizen/20151217.075828
jooseong.lee [Thu, 17 Dec 2015 07:52:25 +0000 (16:52 +0900)]
Add privilege-group mapping for message.read privilege

Refer to :
 https://review.tizen.org/gerrit/#/c/54684/

Change-Id: Ida34724ac3ad1eece34110ef56de17c855b1757a
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
8 years agoApply ASLR on security-manager 79/53479/1 accepted/tizen/mobile/20151210.023747 accepted/tizen/tv/20151210.014508 accepted/tizen/wearable/20151210.013645 submit/tizen/20151209.005153
Yunjin Lee [Mon, 7 Dec 2015 07:53:49 +0000 (16:53 +0900)]
Apply ASLR on security-manager

Change-Id: I80bc8cb24195db96f98dd7d50fa71fa1ce315fc4
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
8 years agoFix getting a zone name from gid 42/52742/2 accepted/tizen/mobile/20151127.070358 accepted/tizen/tv/20151127.070403 accepted/tizen/wearable/20151127.070408 submit/tizen/20151127.042132
jooseong.lee [Thu, 26 Nov 2015 10:21:53 +0000 (19:21 +0900)]
Fix getting a zone name from gid

Assume there are no containers if cpuset dosen't present

Change-Id: If97fd885595a3ace9691fe2ad88ec4219f43909f
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
8 years agoFix klocwork issues 78/52178/2
Oskar Świtalski [Thu, 19 Nov 2015 13:26:55 +0000 (14:26 +0100)]
Fix klocwork issues

Change-Id: I3f3df9132638e4690ebd6b133c5458867fd52404
Signed-off-by: Oskar Świtalski <o.switalski@samsung.com>
9 years agoAdd privilege-group mapping for four privileges 21/49121/2
Radoslaw Bartosiak [Tue, 6 Oct 2015 15:37:30 +0000 (17:37 +0200)]
Add privilege-group mapping for four privileges

According to Tizen security policy, services might be allowed to check
access to resources using DAC groups corresponding to privileges
https://wiki.tizen.org/wiki/Security/User_and_group_ID_assignment_policy.

This commit introduces mapping between groups and privileges needed by
libmm-camcorder and media-content projects.

Change-Id: I8763bb83a8b294c05b4623c0a921e739d3be7bc5
Signed-off-by: Radoslaw Bartosiak <r.bartosiak@samsung.com>
9 years agoAdded internal/buxton privilege for internal keys. 99/49599/1 accepted/tizen/mobile/20151016.043603 accepted/tizen/tv/20151016.043615 accepted/tizen/wearable/20151016.043624 submit/tizen/20151015.122946 tizen_3.0.m2.a1_mobile_release tizen_3.0.m2.a1_tv_release
jooseong.lee [Thu, 15 Oct 2015 09:35:36 +0000 (18:35 +0900)]
Added internal/buxton privilege for internal keys.

Only trusted system service is accessible to internal key.

Change-Id: Ibe49685a836ab194cfdbff54ff0608627fa7c2a8
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoAdd internal privileges and update mapping table for 'vconf to buxton2' 66/49266/4 submit/tizen/20151015.090000
jooseong.lee [Mon, 12 Oct 2015 07:34:47 +0000 (16:34 +0900)]
Add internal privileges and update mapping table for 'vconf to buxton2'

We have been using vconf key since Tizen2.x and
recommend to converting a Tizen vconf-based app over to Buxton now.
 https://wiki.tizen.org/wiki/Buxton

Buxton uses 'cynara check' to enforce security unlike vconf using Smack.
This patch add some internal privileges to support compatibilites
for 2.x vconf-based app as below:

* http://tizen.org/privilege/internal/default/public
* http://tizen.org/privilege/internal/default/partner
* http://tizen.org/privilege/internal/default/platform
* http://tizen.org/privilege/internal/buxton/account.read
* http://tizen.org/privilege/internal/buxton/camcorder
* http://tizen.org/privilege/internal/buxton/contact.read
* http://tizen.org/privilege/internal/buxton/location
* http://tizen.org/privilege/internal/buxton/message.read
* http://tizen.org/privilege/internal/buxton/network.get
* http://tizen.org/privilege/internal/buxton/nfc
* http://tizen.org/privilege/internal/buxton/nfc.cardemulation
* http://tizen.org/privilege/internal/buxton/readonly
* http://tizen.org/privilege/internal/buxton/telephony
* http://tizen.org/privilege/internal/webappdefault

I will update a detailed history for internal privilges soon.
 https://wiki.tizen.org/wiki/Security/Tizen_3.X_Internal_Privilege_Mapping

Change-Id: Ifadada7299873e42f26b35bfc4d526c04041c0b7
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoUpdate webappdefault privilege mapping 50/48650/1 accepted/tizen/mobile/20150930.115147 accepted/tizen/tv/20150930.115203 accepted/tizen/wearable/20150930.115213 submit/tizen/20150930.043220
Yunjin Lee [Thu, 24 Sep 2015 07:00:26 +0000 (16:00 +0900)]
Update webappdefault privilege mapping

Change-Id: I44d9058f15651cb097cc65c8cbdad80bab966a30
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
9 years agoAdded access to internal/usermanagement privilege for admin user type 37/48637/1 accepted/tizen/mobile/20150925.012347 accepted/tizen/tv/20150925.012400 accepted/tizen/wearable/20150925.012424 submit/tizen/20150924.051224 submit/tizen_common/20151015.190624 submit/tizen_common/20151019.135620
jooseong.lee [Thu, 24 Sep 2015 05:06:46 +0000 (14:06 +0900)]
Added access to internal/usermanagement privilege for admin user type

(https://review.tizen.org/gerrit/#/c/48086/).

Change-Id: I714de6763b6f75e5f5c8bbc6f505abe7c0fa278d
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoRewrite and fix CynaraAdmin::SetPolicies 94/48094/6 accepted/tizen/mobile/20150920.232640 accepted/tizen/tv/20150920.232654 accepted/tizen/wearable/20150920.232713 submit/tizen/20150918.090201
Rafal Krypa [Wed, 16 Sep 2015 09:03:51 +0000 (11:03 +0200)]
Rewrite and fix CynaraAdmin::SetPolicies

Method CynaraAdmin::Setpolicies, updating Cynara policy for an application,
was previously written to accept two vectors of privileges:
previously enabled privileges and privileges that should be enabled.
Vectors were used to calculate privileges to disable and privileges to
enable in Cynara. It required that both vectors are sorted and without
duplicates. Callers of this method fetched privileges from data base, which
provides sorting and unification.

This was broken in commit 626f947e0bb6fd90d4c20fd914981d5b752ab1e6
(Change smack labeling to be appId based). The second vector was taken
directly from application installation request, that wasn't necessarily
sorted or unique.

This method can be simplified now withot the need for sorted vectors. In
fact only one vector is necessarry now, because cynara-admin provides
support for listing policies (it didn't when the method was initially
written). Now it only takes vector of privileges that should be enabled,
in arbitrary order, that may contain duplicates. It lists previously enabled
privileges directly from Cynara, calculates the difference and sends
updated policies back to Cynara.

Change-Id: I15ca331cf5f46ae43c7665977df7eb4d3c7e986c
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAdded access to internal DBus privilege for all user types 40/48040/1
Tomasz Swierczek [Fri, 11 Sep 2015 10:07:03 +0000 (12:07 +0200)]
Added access to internal DBus privilege for all user types
(the privielge: http://tizen.org/privilege/internal/dbus).

This is needed for user-level services to access dbus session bus.
Applications will not be given access to the privilege because
their manifests should not contain that privilege.

Change-Id: Ibaed2522f96b6d99c139e333540618ee3f91b4ad
Signed-off-by: Tomasz Swierczek <t.swierczek@samsung.com>
9 years agoUpdate privilege list: Add missing privileges to mapping 86/47886/3 tizen_3.0.m1_mobile tizen_3.0.m1_tv accepted/tizen/mobile/20150910.110049 accepted/tizen/tv/20150910.110059 accepted/tizen/wearable/20150910.110105 submit/tizen/20150910.050309 submit/tizen_common/20151023.083358 submit/tizen_common/20151026.085049 tizen_3.0.m1_mobile_release tizen_3.0.m1_tv_release
jooseong.lee [Wed, 9 Sep 2015 14:04:04 +0000 (23:04 +0900)]
Update privilege list: Add missing privileges to mapping

Change-Id: If63103f7ab8c5b96c4ca122765388acbb2e635e8
Signed-off-by: jooseong.lee <jooseong.lee@samsung.com>
9 years agoRelease version 1.1.0 79/47479/2 accepted/tizen/mobile/20150903.233747 accepted/tizen/tv/20150903.233800 accepted/tizen/wearable/20150903.233809 submit/tizen/20150903.160942
Rafal Krypa [Thu, 3 Sep 2015 15:13:59 +0000 (17:13 +0200)]
Release version 1.1.0

Change-Id: Idf0c77468200bea93b28b8d12ca4970cfdbe9b9d

9 years agoAdd missing Smack rules from System to ~PKG~ and ~PKG~::RO 74/47474/1 submit/tizen/20150903.151748
Rafal Krypa [Thu, 3 Sep 2015 14:31:30 +0000 (16:31 +0200)]
Add missing Smack rules from System to ~PKG~ and ~PKG~::RO

System domain must also access files labeled with pkgId-based label.

Change-Id: I35ec4c092945b12480caae035055a4b00659d013
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoFix labeling of SECURITY_MANAGER_PATH_RW paths 63/47463/1
Rafal Krypa [Thu, 3 Sep 2015 12:20:49 +0000 (14:20 +0200)]
Fix labeling of SECURITY_MANAGER_PATH_RW paths

- Don't set exec label on executables. Smack label should be set only by
  launcher. Also that exec label was wrong. Apps run with appId-based label,
  not pkgId-based.
- Set transmute attribute. To keep all files in SECURITY_MANAGER_PATH_RW
  labeled with pkgId-based label, directories must be transmutable.

Change-Id: I3ce69ae70796d2d591b57c75bd175c9c3ea99028
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAlways print warning log messages 80/47180/4 accepted/tizen/mobile/20150903.053522 accepted/tizen/tv/20150903.053645 accepted/tizen/wearable/20150903.053733 submit/tizen/20150903.001243
Rafal Krypa [Mon, 31 Aug 2015 16:07:06 +0000 (18:07 +0200)]
Always print warning log messages

Several types of log messages are printed only when the code is build in DEBUG
mode. This includes warning messages, but they should be printed always.
Warning logs are generated in erroneous situation and they should not be lost
int RELEASE builds.

Change-Id: I9e9934c13b066492294cb5bd76d94030b6ee43c7
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoAdapt application file labeling to new requirements 41/46841/7
Rafal Krypa [Mon, 31 Aug 2015 18:07:21 +0000 (20:07 +0200)]
Adapt application file labeling to new requirements

The following changes has been made:
- application base path must now be APPS_ROOT/$pkgID, not
  APPS_ROOT/$pkgID/$appID
- application base path is now enforced, no files outside base path allowed
- application base path will be labeled with User::Pkg::$pkgID, no transmute
- SECURITY_MANAGER_PATH_TYPE_RO will be labeled with User::Pkg::$pkgID::RO
- applications get a Smack rule for RO access to User::Pkg::$pkgID::RO
- SECURITY_MANAGER_PATH_PUBLIC_RO will be labeled with User::Home
- SECURITY_MANAGER_PATH_PRIVATE and SECURITY_MANAGER_PATH_PUBLIC path types

Change-Id: I2d0260effcbe8da0c0e9130b89b4b34e7e104d29
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
9 years agoConvert ServiceImpl namespace to a class 21/39221/5
Rafal Krypa [Mon, 31 Aug 2015 08:50:03 +0000 (10:50 +0200)]
Convert ServiceImpl namespace to a class

This class will be used in future patches:
- to hold ownership of Cynara and PrivilegeDb objects
- to polymorph into basic, slave and off-line versions
- to synchronize multiple concurrent clients (multi-threading is coming)

Change-Id: I54f0ecda081db17350209c3e56debd91927e364e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>