platform/core/security/vist.git
4 years agoosquery: Remove process
Sangwan Kwon [Tue, 14 Jan 2020 04:52:41 +0000 (13:52 +0900)]
osquery: Remove process

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoosquery: Remove dispatcher
Sangwan Kwon [Tue, 14 Jan 2020 04:16:09 +0000 (13:16 +0900)]
osquery: Remove dispatcher

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoosquery: Remove config
Sangwan Kwon [Tue, 14 Jan 2020 04:01:43 +0000 (13:01 +0900)]
osquery: Remove config

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoosquery: Remove hashing
Sangwan Kwon [Tue, 14 Jan 2020 02:15:48 +0000 (11:15 +0900)]
osquery: Remove hashing

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd ServiceType to rmi::Gateway
Sangwan Kwon [Mon, 13 Jan 2020 09:01:25 +0000 (18:01 +0900)]
Add ServiceType to rmi::Gateway

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoFix stringop-truncation warning
Sangwan Kwon [Fri, 10 Jan 2020 06:58:37 +0000 (15:58 +0900)]
Fix stringop-truncation warning

Pathname sockets: The pathname in sun_path should be null-terminated.
ref: http://man7.org/linux/man-pages/man7/unix.7.html

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoApply shutdown condition to service
Sangwan Kwon [Thu, 9 Jan 2020 09:32:20 +0000 (18:32 +0900)]
Apply shutdown condition to service

If timeout is occured and there are no activated admins,
shutdown the service

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd admin api to check for activation
Sangwan Kwon [Thu, 9 Jan 2020 06:19:46 +0000 (15:19 +0900)]
Add admin api to check for activation

API::Admin::IsActivated() in vist-policy

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoApply timeout to ondemand service
Sangwan Kwon [Thu, 9 Jan 2020 05:39:58 +0000 (14:39 +0900)]
Apply timeout to ondemand service

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd stopper to mainloop
Sangwan Kwon [Thu, 9 Jan 2020 04:54:20 +0000 (13:54 +0900)]
Add stopper to mainloop

Stopper is a predicate what returns a condition to stop mainloop
when timeout is occured.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd mainloop testcase
Sangwan Kwon [Thu, 9 Jan 2020 04:28:15 +0000 (13:28 +0900)]
Add mainloop testcase

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRefactor mainloop
Sangwan Kwon [Tue, 7 Jan 2020 06:19:08 +0000 (15:19 +0900)]
Refactor mainloop

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd compile-time switching to RMI socket
Sangwan Kwon [Mon, 6 Jan 2020 09:56:16 +0000 (18:56 +0900)]
Add compile-time switching to RMI socket

We should apply on-demand service based systemd.
But docker does not support systemd.
So, we need to switch socket at compile-time.

- Docker: boost based socket
- Tizen: systemd based socket

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoReply error message when server's task failed
Sangwan Kwon [Mon, 6 Jan 2020 06:18:26 +0000 (15:18 +0900)]
Reply error message when server's task failed

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoMake Client to abstract class
Sangwan Kwon [Mon, 6 Jan 2020 05:24:43 +0000 (14:24 +0900)]
Make Client to abstract class

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd sever-client by ondemand way
Sangwan Kwon [Fri, 3 Jan 2020 07:57:23 +0000 (16:57 +0900)]
Add sever-client by ondemand way

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd socket connection
Sangwan Kwon [Thu, 2 Jan 2020 06:58:09 +0000 (15:58 +0900)]
Add socket connection

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd unix socket feature
Sangwan Kwon [Thu, 2 Jan 2020 06:19:56 +0000 (15:19 +0900)]
Add unix socket feature

This would be changed to systemd socket.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoDetach server-client interface on RMI
Sangwan Kwon [Thu, 2 Jan 2020 05:57:05 +0000 (14:57 +0900)]
Detach server-client interface on RMI

This is for supporting both general service and on-demand service.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoUpdate README.md
권상완/Security 2Lab(SR)/Engineer/삼성전자 [Mon, 6 Jan 2020 04:40:30 +0000 (13:40 +0900)]
Update README.md

4 years agoMake vist-rmi visibility to hidden
Sangwan Kwon [Thu, 2 Jan 2020 04:57:50 +0000 (13:57 +0900)]
Make vist-rmi visibility to hidden

Library size is reduced from 1.5M 1.4M (DEBUG MODE)
(ref. size --format=SysV ${libname})

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoDetach vist-rmi to shared library
Sangwan Kwon [Thu, 2 Jan 2020 04:38:08 +0000 (13:38 +0900)]
Detach vist-rmi to shared library

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRemove timeout feature on docker-rmi
Sangwan Kwon [Tue, 31 Dec 2019 07:22:52 +0000 (16:22 +0900)]
Remove timeout feature on docker-rmi

Since docker does not support systemd, there is no need to exist
timeout feature.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoReorganize rmi direcorty
Sangwan Kwon [Tue, 31 Dec 2019 07:13:54 +0000 (16:13 +0900)]
Reorganize rmi direcorty

- vist/rmi: API header to be exposed
- vist/rmi/impl: Implementation to be hidden

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd systemd socket
Sangwan Kwon [Tue, 31 Dec 2019 04:39:36 +0000 (13:39 +0900)]
Add systemd socket

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd Timer for on-demand service
Sangwan Kwon [Mon, 30 Dec 2019 04:47:43 +0000 (13:47 +0900)]
Add Timer for on-demand service

- Timer::ExecOnce(task, predicate, 1);
Check every 1 second until predicate() returns true and
execute task() once when predicates() returns true.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoChange klass instance type on RMI
Sangwan Kwon [Fri, 27 Dec 2019 06:38:13 +0000 (15:38 +0900)]
Change klass instance type on RMI

There are two main issues that the type is changed from shared_ptr
to reference.

First, if klass instance type is shared_ptr,
the destuctor of klass should be public not private.
(This coflicts with meyer singleton.)

Second, if we pass this pointer of object to EXPOSE method,
the object indicated this pointer should be destroyed by shared_ptr.
In such a case, the object should not be static type.
(It causes SEGFAULT by deallocating invalid pointer.)

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRemove existing plugins before install
Sangwan Kwon [Fri, 27 Dec 2019 04:34:17 +0000 (13:34 +0900)]
Remove existing plugins before install

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoApply on-demand service by systemd
Sangwan Kwon [Thu, 26 Dec 2019 10:04:28 +0000 (19:04 +0900)]
Apply on-demand service by systemd

This patch is only for Tizen. The docker does not include all systemd
features by design. The Docker is designed for process isolation,
not for OS virtualization, so there are no other OS processes and daemons
running inside the container like systemd.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoMake policy plugins testable
Sangwan Kwon [Thu, 26 Dec 2019 04:47:56 +0000 (13:47 +0900)]
Make policy plugins testable

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoEnable dlog only when the vist is running on Tizen
Sangwan Kwon [Mon, 23 Dec 2019 05:13:00 +0000 (14:13 +0900)]
Enable dlog only when the vist is running on Tizen

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd filter to VirtualTable
Sangwan Kwon [Mon, 23 Dec 2019 02:39:20 +0000 (11:39 +0900)]
Add filter to VirtualTable

- usage -
VirtualTable<Policy<int>> table;
auto row = table.filter(&Policy<int>::name, "sample-int-policy");
auto value = row[&Policy<int>::value];

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd convenience macro to RMI
Sangwan Kwon [Fri, 20 Dec 2019 06:56:28 +0000 (15:56 +0900)]
Add convenience macro to RMI

The purpose of these macros(EXPOSE, REMOTE_METHOD) is to allow
users to use RMI only with member function type.

- server side -
EXPOSE(gateway, this, &Vist::query);

- client side -
auto query = REMOTE_METHOD(remote, &Vist::query);
auto rows = query.invoke<Rows>(statement);

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRename RMI Exposer to Gateway
Sangwan Kwon [Wed, 18 Dec 2019 09:22:31 +0000 (18:22 +0900)]
Rename RMI Exposer to Gateway

Also Stringfy is changed to Stringify

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoUpdate README.md
Sangwan Kwon [Tue, 17 Dec 2019 05:51:11 +0000 (14:51 +0900)]
Update README.md

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoEnhance error handling on RMI
Sangwan Kwon [Fri, 13 Dec 2019 06:04:33 +0000 (15:04 +0900)]
Enhance error handling on RMI

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoFix Protocol::Task signature
Sangwan Kwon [Fri, 13 Dec 2019 05:04:11 +0000 (14:04 +0900)]
Fix Protocol::Task signature

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRemove custom deleter on pimpl pattern
Sangwan Kwon [Thu, 12 Dec 2019 11:44:40 +0000 (20:44 +0900)]
Remove custom deleter on pimpl pattern

Custom deleter is needed when 'template constructor' uses.
Because 'template constructor' is defined in header and
the compiler has to know how to delete impl instance.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRemove unix socket based communication
Sangwan Kwon [Thu, 12 Dec 2019 10:24:51 +0000 (19:24 +0900)]
Remove unix socket based communication

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd boost::asio based RMI
Sangwan Kwon [Thu, 12 Dec 2019 10:11:15 +0000 (19:11 +0900)]
Add boost::asio based RMI

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd transaction feature to database
Sangwan Kwon [Thu, 12 Dec 2019 02:57:48 +0000 (11:57 +0900)]
Add transaction feature to database

- performance (500 insert statements) -
DatabaseTests.no_transaction (2380 ms)
DatabaseTests.transaction (16 ms)

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoSupport policy activation to client
Sangwan Kwon [Tue, 10 Dec 2019 04:58:50 +0000 (13:58 +0900)]
Support policy activation to client

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd activation property to policy-admin
Sangwan Kwon [Mon, 2 Dec 2019 08:53:23 +0000 (17:53 +0900)]
Add activation property to policy-admin

vist-policy has activated state when any of policy-admins are activated.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoMake vist testable on docker
Sangwan Kwon [Mon, 2 Dec 2019 06:34:16 +0000 (15:34 +0900)]
Make vist testable on docker

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoChange database from klay to internal
Sangwan Kwon [Fri, 29 Nov 2019 06:47:04 +0000 (15:47 +0900)]
Change database from klay to internal

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoImport database code from klay
Sangwan Kwon [Fri, 29 Nov 2019 06:21:29 +0000 (15:21 +0900)]
Import database code from klay

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoChange filesystem from klay to boost
Sangwan Kwon [Fri, 29 Nov 2019 04:59:32 +0000 (13:59 +0900)]
Change filesystem from klay to boost

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoFix to use vist exception
Sangwan Kwon [Thu, 28 Nov 2019 07:55:08 +0000 (16:55 +0900)]
Fix to use vist exception

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRemove rmi of klay
Sangwan Kwon [Thu, 28 Nov 2019 07:46:41 +0000 (16:46 +0900)]
Remove rmi of klay

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoChange rmi from klay to internal
Sangwan Kwon [Thu, 28 Nov 2019 07:32:54 +0000 (16:32 +0900)]
Change rmi from klay to internal

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoImport RMI code for internalize
Sangwan Kwon [Thu, 28 Nov 2019 06:20:13 +0000 (15:20 +0900)]
Import RMI code for internalize

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd string type of policy to client API
Sangwan Kwon [Tue, 26 Nov 2019 08:22:24 +0000 (17:22 +0900)]
Add string type of policy to client API

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd sample plugin
Sangwan Kwon [Tue, 26 Nov 2019 06:23:01 +0000 (15:23 +0900)]
Add sample plugin

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoEnable policy-provider to set compare method
Sangwan Kwon [Tue, 26 Nov 2019 05:06:35 +0000 (14:06 +0900)]
Enable policy-provider to set compare method

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoFix client API to support generic type
Sangwan Kwon [Mon, 25 Nov 2019 09:02:53 +0000 (18:02 +0900)]
Fix client API to support generic type

- example -
VirtualTable<Policy<int>> table;
for(const auto& row : table) {
  Policy<int> policy = { row[&Policy<int>::name], row[&Policy<int>::value] };
  INFO(VIST_CLIENT) << "Policy table:";
  INFO(VIST_CLIENT) << "\t name: " << policy.name;
  INFO(VIST_CLIENT) << "\t value: " << policy.value;
}

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd glog backend as stderr mode
Sangwan Kwon [Fri, 22 Nov 2019 07:16:26 +0000 (16:16 +0900)]
Add glog backend as stderr mode

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoMake logger portable
Sangwan Kwon [Thu, 21 Nov 2019 09:23:55 +0000 (18:23 +0900)]
Make logger portable

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoFix policy-storage to save stringfied value
Sangwan Kwon [Wed, 20 Nov 2019 10:47:10 +0000 (19:47 +0900)]
Fix policy-storage to save stringfied value

If policy type is int, policy storage save the value as 'I/value'.
If policy type is string, policy storage save the value as 'S/value'.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoFix policy-value to include stringfied value
Sangwan Kwon [Wed, 20 Nov 2019 09:44:21 +0000 (18:44 +0900)]
Fix policy-value to include stringfied value

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd stringfy for type-conversion
Sangwan Kwon [Wed, 20 Nov 2019 06:27:18 +0000 (15:27 +0900)]
Add stringfy for type-conversion

Stringfy provides converion from type to string and vice versa

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoRevert "Support conversion between archive and string"
Sangwan Kwon [Wed, 20 Nov 2019 01:20:37 +0000 (10:20 +0900)]
Revert "Support conversion between archive and string"

This reverts commit dae502f799024c3b77afaea1c828f375f4301642.

4 years agoSupport conversion between archive and string
Sangwan Kwon [Mon, 18 Nov 2019 10:50:09 +0000 (19:50 +0900)]
Support conversion between archive and string

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd archive type to policy-value as buffer
Sangwan Kwon [Mon, 18 Nov 2019 06:55:04 +0000 (15:55 +0900)]
Add archive type to policy-value as buffer

This is for supporting Generic Value Type.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd archive as serializer
Sangwan Kwon [Mon, 18 Nov 2019 04:32:48 +0000 (13:32 +0900)]
Add archive as serializer

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoDetach common library
Sangwan Kwon [Mon, 18 Nov 2019 03:26:42 +0000 (12:26 +0900)]
Detach common library

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoAdd default admin as vist-cli
Sangwan Kwon [Thu, 14 Nov 2019 07:07:57 +0000 (16:07 +0900)]
Add default admin as vist-cli

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
4 years agoApply enum based exception handling
Sangwan Kwon [Mon, 11 Nov 2019 06:05:33 +0000 (15:05 +0900)]
Apply enum based exception handling

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoReorganize directory structure
Sangwan Kwon [Fri, 8 Nov 2019 06:20:40 +0000 (15:20 +0900)]
Reorganize directory structure

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd Result<Value, ErrCode> type for error handling
Sangwan Kwon [Fri, 8 Nov 2019 05:36:11 +0000 (14:36 +0900)]
Add Result<Value, ErrCode> type for error handling

Result<Valud, ErrCode> type contains either value or error_code.
This is inspired by rust's syntax(std::result::Result).
(ref: https://doc.rust-lang.org/std/result/enum.Result.html)

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoFix logger usage with bitwise operator
Sangwan Kwon [Thu, 7 Nov 2019 10:16:28 +0000 (19:16 +0900)]
Fix logger usage with bitwise operator

DEBUG, WARN logs are displayed when debug mode
- usage -
INFO(VIST) << "Info message" << 1;
DEBUG(VIST) << "Debug message" << 2 << 'a';
WARN(VIST) << "Warning message" << 3 << 'b' << true;
ERROR(VIST) << "Error message" << 4 << 'c' << false << 0.0f;

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoRename file extension from .h to .hpp
Sangwan Kwon [Thu, 7 Nov 2019 05:16:12 +0000 (14:16 +0900)]
Rename file extension from .h to .hpp

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd enum based exception handling
Sangwan Kwon [Wed, 6 Nov 2019 05:36:43 +0000 (14:36 +0900)]
Add enum based exception handling

Standard c++ throw can not provide information like function, file,
line number. It makes hard to tracking where the exception occured.
So, add macro(THROW) which can track informations.

Syntax:
- THROW(ErrCode::LogicError) << "Additional information about exception";

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoRefine vist-policy database schema
Sangwan Kwon [Fri, 1 Nov 2019 07:20:07 +0000 (16:20 +0900)]
Refine vist-policy database schema

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoRedesign vist-policy except for multi-user concept
Sangwan Kwon [Thu, 31 Oct 2019 00:54:05 +0000 (09:54 +0900)]
Redesign vist-policy except for multi-user concept

Tizen originally intended to support multiuser platform.
As a result, the logic is complicated to support multi-users.
In practice, However, the multiuser concept is excluded on Tizen.
So we redesign except for the multi-user concept.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoRename policyd to vist-policy
Sangwan Kwon [Wed, 30 Oct 2019 06:53:03 +0000 (15:53 +0900)]
Rename policyd to vist-policy

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoUpdate README.md
Sangwan Kwon [Tue, 29 Oct 2019 08:32:56 +0000 (17:32 +0900)]
Update README.md

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd policy-admin table
Sangwan Kwon [Tue, 29 Oct 2019 06:00:15 +0000 (15:00 +0900)]
Add policy-admin table

Following queries are possible.
- SELECT * FROM policy_admin
- INSERT INTO policy_admin (name, uid) VALUES ('admin', 0)
- DELETE FROM policy_admin WHERE name = 'admin' AND uid = 0

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd INSERT, DELETE features to osquery
Sangwan Kwon [Tue, 29 Oct 2019 05:53:56 +0000 (14:53 +0900)]
Add INSERT, DELETE features to osquery

- DELETE statement logic -
If the statement has a where clause, xFilter is called.
(otherwise, xUpdate is called directly.)
And xFilter calls VirtualTable::generate to find row matched with
the where clause.
When the row comes out, execute the delete statement through xUpdate.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoDetach osquery dependency from client
Sangwan Kwon [Thu, 24 Oct 2019 05:55:21 +0000 (14:55 +0900)]
Detach osquery dependency from client

Make logger as common

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd policy virtual table
Sangwan Kwon [Thu, 24 Oct 2019 02:42:37 +0000 (11:42 +0900)]
Add policy virtual table

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoRename Property API to VirtualTable
Sangwan Kwon [Thu, 24 Oct 2019 02:21:40 +0000 (11:21 +0900)]
Rename Property API to VirtualTable

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoMove APIs to vist-service
Sangwan Kwon [Wed, 23 Oct 2019 04:51:10 +0000 (13:51 +0900)]
Move APIs to vist-service

Osquery-manager is deprecated

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoApply server-client feature
Sangwan Kwon [Mon, 21 Oct 2019 08:57:38 +0000 (17:57 +0900)]
Apply server-client feature

- Add daemon named vistd
- Expose client api "Query::Execute()"

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoRename package to ViST
Sangwan Kwon [Mon, 21 Oct 2019 05:24:37 +0000 (14:24 +0900)]
Rename package to ViST

ViST(Virtual Security Table) is a security monitoring framework using SQL query

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoEnable wifi plugin
Sangwan Kwon [Fri, 18 Oct 2019 06:45:04 +0000 (15:45 +0900)]
Enable wifi plugin

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoMake database at run-time
Sangwan Kwon [Thu, 17 Oct 2019 05:01:03 +0000 (14:01 +0900)]
Make database at run-time

Now policy-provider is able to set the initial value at run-time

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd server-client feature
Sangwan Kwon [Tue, 15 Oct 2019 08:13:40 +0000 (17:13 +0900)]
Add server-client feature

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoExpose policyd API
Sangwan Kwon [Mon, 14 Oct 2019 06:30:53 +0000 (15:30 +0900)]
Expose policyd API

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoDisable user, group table
Sangwan Kwon [Mon, 14 Oct 2019 04:41:43 +0000 (13:41 +0900)]
Disable user, group table

These tables are coflict with update-feature

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoExclude policy-test at docker-build
Sangwan Kwon [Mon, 14 Oct 2019 04:26:08 +0000 (13:26 +0900)]
Exclude policy-test at docker-build

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoSupport update feature with policyd
Sangwan Kwon [Fri, 11 Oct 2019 07:59:03 +0000 (16:59 +0900)]
Support update feature with policyd

Example: UPDATE policy SET value = '3' WHERE name = 'bluetooth'

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoEnable policyd to be called from osquery
Sangwan Kwon [Thu, 10 Oct 2019 06:25:57 +0000 (15:25 +0900)]
Enable policyd to be called from osquery

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoMinimize build dependencies
Sangwan Kwon [Tue, 8 Oct 2019 06:31:39 +0000 (15:31 +0900)]
Minimize build dependencies

Removed: rocksdb, lz4, zstd, snappy

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoEnable policy-manager to use policy-storage method
Sangwan Kwon [Wed, 2 Oct 2019 05:50:40 +0000 (14:50 +0900)]
Enable policy-manager to use policy-storage method

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoSupport to update policy-storage as strictest
Sangwan Kwon [Mon, 30 Sep 2019 04:16:44 +0000 (13:16 +0900)]
Support to update policy-storage as strictest

Strictest returns the strongest policy when there are multiple admins

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoEnable to enroll policy admin
Sangwan Kwon [Fri, 27 Sep 2019 07:54:58 +0000 (16:54 +0900)]
Enable to enroll policy admin

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoApply meyer's singleton to policy-manager
Sangwan Kwon [Wed, 25 Sep 2019 11:17:43 +0000 (20:17 +0900)]
Apply meyer's singleton to policy-manager

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd policy-storage to policy-core
Sangwan Kwon [Wed, 25 Sep 2019 11:07:26 +0000 (20:07 +0900)]
Add policy-storage to policy-core

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd policy-loader to policyd
Sangwan Kwon [Tue, 24 Sep 2019 06:39:56 +0000 (15:39 +0900)]
Add policy-loader to policyd

Disable whole features without policy-core and sdk.
* Restore the features before PR to master branch.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>
5 years agoAdd policyd-sdk as header only library
Sangwan Kwon [Mon, 23 Sep 2019 01:09:43 +0000 (10:09 +0900)]
Add policyd-sdk as header only library

Policyd-sdk includes the minimum headers that policyd-sever and
policyd-provider look at in common.
Policy provider just needs policyd-sdk to make the plugin.

Signed-off-by: Sangwan Kwon <sangwan.kwon@samsung.com>