Mateusz Moscicki [Tue, 10 Sep 2024 08:50:51 +0000 (10:50 +0200)]
Add core privilege: isu.admin
Change-Id: Ibe9111abbf1b92e911ebe896c0f21bdd1a8f0c2c
Signed-off-by: Mateusz Moscicki <m.moscicki2@partner.samsung.com>
(cherry picked from commit
9529019fe4a0e6265696245fae85dae07a4dde4e)
(cherry picked from commit
89419df5cc9999e9e9062a725aeecc0a1dc7ef9c)
Dariusz Michaluk [Wed, 5 Jun 2024 12:05:57 +0000 (14:05 +0200)]
Add KR translation to keymanager.extended privilege
Change-Id: I773a1812202a4e0b66b80dc136fab8efa00d59b5
Dariusz Michaluk [Fri, 17 May 2024 11:32:22 +0000 (13:32 +0200)]
Add core privilege: keymanager.extended
- keymanager.extended (platform level): app can use extended CKMC API
Change-Id: I567fe10fbcc62a2a09b3171f23caed8a5161e579
Krzysztof Malysa [Tue, 20 Feb 2024 10:20:00 +0000 (11:20 +0100)]
Add core privilege: wifi.secureinfo
- wifi.secureinfo (platform level): app can read Wi-Fi security information
Change-Id: I69921cab17c57cdb66906b77f20f01173bcb8cfb
Dariusz Michaluk [Wed, 27 Dec 2023 09:52:01 +0000 (10:52 +0100)]
Remove tizen-locale dependency
Change-Id: If262cff1b5117edd543424b47ede4a7404458a5f
Yunjin Lee [Wed, 29 Jun 2022 04:59:15 +0000 (13:59 +0900)]
Release version 1.3.1
- As tizen_6.5 privilege-checker uses 1.2.x, move tizen(_7.0)
privilege-chcker's version to 1.3.x
Change-Id: I329a0ef827f13df46a993522c9e55e7ea9d18980
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 29 Jun 2022 00:46:48 +0000 (09:46 +0900)]
Fix asan build fail
- Fix asan build fail due to the multiple definition
Change-Id: I59d2c4f58d9d065683a30fdf648e1c2d8662ac47
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Tomasz Swierczek [Fri, 25 Feb 2022 13:57:08 +0000 (14:57 +0100)]
Add tests for privilege_info_has_privacy_attr
This patch is supposed to increase code coverage of unit tests.
Change-Id: Ieeb1148c0f7a5bab5abd6591b940f5612c61de88
Tomasz Swierczek [Mon, 20 Dec 2021 14:21:35 +0000 (15:21 +0100)]
Add prefixes for positive & negative test cases
Most test cases in the code of privilege-checker use the:
__tcinfo()
call to setup their name for proper logging. These tests that use this
infrastructure will be properly categorized.
Change-Id: Iae7b3bb79369c0df5eb5e35c4d3254f0687eb16b
Yunjin Lee [Tue, 30 Nov 2021 05:58:45 +0000 (14:58 +0900)]
Fix duplicated privilege error
Change-Id: Ie7e3ad29b2aeb8a84e61f42acb76c7e5493890e5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 29 Nov 2021 04:09:52 +0000 (13:09 +0900)]
Fix print type for 64bit
- aarch and x86_64 expect 'long unsigned int' for '%zu' and build fails
hence fix it to '%u'
Change-Id: I5568ef3616e1542aeeac78bf32f23f61459a4d2f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 26 Nov 2021 06:57:17 +0000 (15:57 +0900)]
Release version 1.2.16
- Fix to handle major version exceed two digits
Change-Id: I1fac70214b40a52bdd8a906d6a9b794a2fc9fb82
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 Nov 2021 11:04:42 +0000 (20:04 +0900)]
Fix to handle major version exceed two digits
- Tizen uses api-version of X.X.X.X form and managed privilege's issued
and deprecated api-version in text form. So far, the major version has
never exceeded two digits. However, dotnet apis have api version 10 from
tizen verion 7.0 and need to handle that cases.
Since the major version has never exceeded two digits, every not deprecated
privileges' to_api_version is set to 9.9 hence updated it to 99.9.
Plus, the previous method compared versions in text and there's a problem
that 9 becomes larger when comparing 9 and 10.
Therefore uses __get_api_version_code() to compare api-versions on code.
Manipulate api-versions to comparable form and store it on DB would be
the clearest way but it will make other burdens (need to update upgrade
script for migration of /opt/dbspace/.privacy.db) and it might harm the
readability of the debugging logs.
So I just modified it to get api-version from DB and manipuate and compare.
Change-Id: I89475ff033c018defc09d2a3524665be1260ec6d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 30 Sep 2021 10:10:11 +0000 (19:10 +0900)]
Release version 1.2.15
- Update privacy whitelist of IoT profile
Change-Id: I582a45a437b484dde004dc07f53e5bf42212526b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Update privacy whitelist of IoT profile
- Add org.tizen.fitness (profile/iot/apps/dotnet/fitness)
Change-Id: I0393266b8c2bdbd4a723f605511fb736e4a32579
Signed-off-by: Piotr Czaja/Advanced Frameworks (PLT) /SRPOL/Engineer/Samsung Electronics <p.czaja@samsung.com>
Yunjin Lee [Thu, 16 Sep 2021 08:50:45 +0000 (17:50 +0900)]
Release version 1.2.14
- Update privacy whitelist of IoT profile
Change-Id: I3b309221905cb63601958aeb576c3e39d36c0b2f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 16 Sep 2021 08:26:26 +0000 (17:26 +0900)]
Update privacy whitelist of IoT profile
- Add org.tizen.MusicPlayer (profile/iot/apps/dotnet/music-player)
Change-Id: I51df70a0fefab51b09880e95379a366739accffc
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Tomasz Swierczek [Thu, 10 Jun 2021 10:35:06 +0000 (12:35 +0200)]
Release 1.2.13
- Fix static analysis issues
Change-Id: I9afe420f103909c3f16db1142b1d283052962141
Dariusz Michaluk [Wed, 9 Jun 2021 11:48:52 +0000 (11:48 +0000)]
Merge "Fix issues from static analysis" into tizen
Tomasz Swierczek [Mon, 24 May 2021 11:48:16 +0000 (13:48 +0200)]
Fix issues from static analysis
Change-Id: I25fbddde6d1ea649217e77095fff1cc546ad16da
Yunjin Lee [Mon, 19 Apr 2021 05:05:32 +0000 (14:05 +0900)]
Release version 1.2.12
- Add core privileges: usb.host and log
Change-Id: I3e620a647301e79db3171ce1ea8915f147efa20c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 9 Apr 2021 04:36:21 +0000 (13:36 +0900)]
Add core privileges: usb.host and log
- usb.host: app can access to connected external USB devices
- log: app can access to platform log data
- both are platform level
Change-Id: Id071a4c4f94f0ccb7312637c7c60153b2e87aa5c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 5 Apr 2021 04:09:13 +0000 (13:09 +0900)]
Release version 1.2.11
- Update privilege description
Change-Id: Iefe21cfe87fd6331fca068beb765c7c55f301d99
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 1 Apr 2021 05:30:20 +0000 (14:30 +0900)]
Update privilege description
- Update description of bugreport.admin privilege and related language files
Change-Id: I62bdefb2e666e62435754e4ccfe06f498cd43a66
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 26 Mar 2021 01:21:32 +0000 (10:21 +0900)]
Add missing privilege-checker package
- privilege-checker package is included in ks files so that if the
package is missing then image will break. We need to remove it by JIRA
process.(with other product side anouncement)
Change-Id: I8145196c3bd7fe84c87461655fd7b7fbcde944f5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 23 Mar 2021 03:00:09 +0000 (12:00 +0900)]
Release version 1.2.10
- Add core privilege: bugreport.admin
- Fix coverage generation in rpm 4.14.1
- Automate code coverage measurement
- Cleanup cmake/spec infrastructure
- Merge all tests into one binary
- Remove unused legacy files
- Fix files access rights
Change-Id: If75b97c8256f19448173ceae0e3a175242a78189
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 23 Mar 2021 02:07:41 +0000 (11:07 +0900)]
Add core privilege: bugreport.admin
- With http://tizen.org/privilege/bugreport.admin, app can request
creation of system or app's bugreport.
- DID will be added soon
Change-Id: I06125902f997ce1043e3464d1f0e24c8ef70ca88
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Tomasz Swierczek [Wed, 3 Mar 2021 13:37:04 +0000 (14:37 +0100)]
Fix coverage generation in rpm 4.14.1
Debug source package directories now have different names.
Change-Id: Iaa4e2be1cadd51ab8c9b4db415a91b1efb65547f
Dariusz Michaluk [Fri, 15 Jan 2021 08:19:30 +0000 (09:19 +0100)]
Automate code coverage measurement
To gather unit tests coverage report:
- use COVERAGE build_type,
- install security-privilege-manager-coverage rpm,
- run privilege-checker-coverage.sh script.
Change-Id: I79142f2b87e7ecdc8fae3efad903dfebd3f3a654
Dariusz Michaluk [Thu, 14 Jan 2021 10:01:22 +0000 (11:01 +0100)]
Cleanup cmake/spec infrastructure
Change-Id: I5be717880e1d100b63a0214a87a54fb4c1744d0c
Dariusz Michaluk [Fri, 15 Jan 2021 09:28:58 +0000 (10:28 +0100)]
Merge all tests into one binary
Change-Id: I3b72244f5e74407a9fa98aad04d0385d61b9970b
Dariusz Michaluk [Thu, 14 Jan 2021 17:49:54 +0000 (18:49 +0100)]
Remove unused legacy files
Change-Id: I4bafc918d083795cfd575d7a38afb2a42fac1e85
Dariusz Michaluk [Wed, 13 Jan 2021 15:29:49 +0000 (16:29 +0100)]
Fix files access rights
Change-Id: I5712f848da51cfef24d6b2ac6fb1c3747ddb5135
Yunjin Lee [Tue, 15 Sep 2020 05:19:11 +0000 (14:19 +0900)]
Release version 1.2.9
- Update web networkbearerselection mapping
Change-Id: Ibf94606b56ca17fdeeaa0be251bc60408c3c5f95
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 14 Sep 2020 05:42:28 +0000 (14:42 +0900)]
Update web networkbearerselection mapping
- Some native network.set privilged APIs' were changed to network.route
privileged APIs and web networkbearerselection privileged APIs are
wrapper of those. Hence add mapping for network.route privilege.
Change-Id: I5e9f1138e2d63c1471fee9807a03633e04f0762b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 11 Sep 2020 01:47:52 +0000 (10:47 +0900)]
Release version 1.2.8
- Add privilege_info_has_privacy_attr()
Change-Id: I00c986653b9954ab2178da4813a5474e56edd852
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 9 Sep 2020 10:24:13 +0000 (19:24 +0900)]
Add privilege_info_has_privacy_attr()
- Add API to check whether the given privilege has privacy attribute.
(privilege_info_is_privacy() can return different result according to
the environment whether privacy is enabled or not, but it doesn't.)
Change-Id: I678651ee9f8400282621d787fa8346a55597b1c6
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 3 Sep 2020 08:28:16 +0000 (17:28 +0900)]
Release version 1.2.7
- Get privilege notification info list with locale
- Get privilege display name or description with package type
- Update language files and fix wrong DID
Change-Id: If7fb96e75f0c26fd0beba43cecf415f7a720ccdb
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 26 Aug 2020 08:28:28 +0000 (17:28 +0900)]
Get privilege notification info list with locale
- To make privilege-info to wrapper of this package, add proper
functions for that
- Revise privilege_info_get_privilege_info_list() into
privilege_info_get_privilege_noti_info_list()
- Revise privilege_info_free_privilege_info_list() into
privilege_info_free_privilege_noti_info_list()
Change-Id: I8cb7bf764490279aa05a280e01d49cffc09980e8
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 24 Aug 2020 10:03:49 +0000 (19:03 +0900)]
Get privilege display name or description with package type
- To make privilege-info to wrapper of this package, add proper
functions for that
- Revise privilege db APIs to get privilege display name or description
regardless of the package type if the given package type is
PRVMGR_PACKAGE_TYPE_NONE
Change-Id: I98d869f1a238faeaa486f17c831471c46c81b3c6
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 28 Aug 2020 06:09:50 +0000 (15:09 +0900)]
Update language files and fix wrong DID
- Update language files for network.route privilege and fix wrong DID of
it
Change-Id: I83032c7035147d3a3743eb804a0def7a426b9b34
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 19 Aug 2020 07:36:06 +0000 (16:36 +0900)]
Release version 1.2.6
- Add core privilege: network.route
Change-Id: I15c57a880307e7574c44dffe1812c038f9f4cb58
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 19 Aug 2020 05:14:27 +0000 (14:14 +0900)]
Add core privilege: network.route
- network.route: With this privilege, app can add or remove route table
entries.
Change-Id: Id02f70d26b954a3ce2836253e3b89900f11b60bb
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 13 Aug 2020 03:57:54 +0000 (12:57 +0900)]
Release version 1.2.5
- Split APIs not to access DB while trying to access DB
- Update privacy whitelist for IoT profile
Change-Id: I5241cc0dc6d37e1fa46eb17a01eb813dd9fbc2f0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 13 Aug 2020 03:54:20 +0000 (03:54 +0000)]
Merge "Split APIs not to access DB while trying to access DB" into tizen
Yunjin Lee [Tue, 11 Aug 2020 07:13:12 +0000 (16:13 +0900)]
Split APIs not to access DB while trying to access DB
- Split some APIs access DB while trying to access DB
Change-Id: I3a840fbd15a6f4b767c7e7601f4796610d7eeb8b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 10 Aug 2020 02:09:11 +0000 (11:09 +0900)]
Update privacy whitelist for IoT profile
- Update org.tizen.wallpaper-ui-service is changed to
org.tizen.wallpaper-ui-service_common
Change-Id: Ie8609d508125c9ebee55e71a8b03d18b58e700c3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 6 Aug 2020 05:31:58 +0000 (14:31 +0900)]
Release version 1.2.4
- Add default privilege mapping for IoT profile
- Remove unused critical privilege related APIs
- Bind begin and finish transaction
- Rename privilege_info_db_row and related function
- Remove redundancy of statement evaluation
Change-Id: Ic22ea1ee19d9f0f48c607980aea26266349470f7
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 5 Aug 2020 07:45:28 +0000 (16:45 +0900)]
Add default privilege mapping for IoT profile
- Add web default privilege mapping for IoT profile. (core default
privilege mapping has no difference with common profile so there's no
update for core privilege.)
- Minimum api-version for IoT profile is native 5.0 / web & csharp 5.5.
- Fix askuser enable determination of local tc.
It refers to https://review.tizen.org/gerrit/#/c/platform/core/security/privilege-checker/+/234846/
Change-Id: I730d02d879033561b238303bd435bc0a81822db3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 23 Jul 2020 10:31:32 +0000 (19:31 +0900)]
Remove unused critical privilege related APIs
- There was a requirement at first time but was not used hence remove
all of them.
Change-Id: I6919e6c6a84ed6f20ef719d744ae22c18f279ae0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Jul 2020 08:15:24 +0000 (17:15 +0900)]
Bind begin and finish transaction
- Bind begin and finish transaction process as macros.
- Add retry for begin transaction.
Change-Id: I462356303732bafe1bbbba35581abcd2f6698427
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 10 Jul 2020 05:33:28 +0000 (14:33 +0900)]
Rename privilege_info_db_row and related function
- Originally privilege_info_db_row_s was made to have all privilege info
such as privilege name, level, issued and deprecaed version or so. But
the required privilege info for privilege verification was reduced to
only privilege level and now, the name is not matched to its role. Hence
rename it properly.
- struct
- AS-IS: privilege_info_db_row_s
- TO-BE: privilege_level_info_s
- functions
- AS-IS: privilege_db_manager_get_privilege_list()
- TO-BE: privilege_db_manager_get_privilege_level_info_list()
- AS-IS: free_privilege_info_db_row_list()
- TO-BE: free_privilege_level_info_list()
Change-Id: Ie72fe0fe423742bc1e7b5f12ff243dd56af23a47
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 9 Jul 2020 09:11:12 +0000 (18:11 +0900)]
Remove redundancy of statement evaluation
- Simple statement evaluation
- Remove unnecessary value assign
- Remove redundancy of sqlite3_step and modify
'do-while' to 'while'
- Add free function for list allocated by
privilege_db_manager_get_privilege_list()
- TODO: Add error check for some cases
- TODO: Integrate some sql errors
- TODO: Rename privilege_info_db_row & add functions for it
Change-Id: I2973d22e8a21bbe358a8a773da36a77306794c9d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 21 Jul 2020 03:48:04 +0000 (12:48 +0900)]
Release version 1.2.3 (modified)
- Fix potential memory leak
- Update IoT privacy whitelist
- Modify privilege verification messaging
- Revise logic to get privilege display name and description
- Fix asan build fail
- Bind repeated steps for accessing DB
- Adjust API changes to local test
Remove a commit causing cyclic dependency from the release
Change-Id: I85a479f6624f9a3ff2390e2425df6b8970a2b523
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 21 Jul 2020 02:05:30 +0000 (02:05 +0000)]
Revert "Get package cert level if there's no cert level given"
This reverts commit
cd1a5b8fb247a8a40b5a30d97c5089c94c49d3a2.
- Due to the cyclic dependency, privilege-checker can't use cert-svc APIs.
cert-svc <-> key-manager <-> security-manager <-> privilege-checker
Change-Id: I6a2a289b5c36f07b75e8188c7cc2e7a287b6f09c
Yunjin Lee [Mon, 20 Jul 2020 08:32:23 +0000 (17:32 +0900)]
Release version 1.2.3
- Fix potential memory leak
- Update IoT privacy whitelist
- Get package cert level if there's no cert level given
- Modify privilege verification messaging
- Revise logic to get privilege display name and description
- Fix asan build fail
- Bind repeated steps for accessing DB
- Adjust API changes to local test
Change-Id: If9274e94f004254dc6fb4742e1aeb8b948c25f74
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Jul 2020 10:05:17 +0000 (19:05 +0900)]
Fix potential memory leak
- If TRY_INIT_DB fails, string allocated by __make_privilege_list_str()
will be lost.
Change-Id: I2d7e3b9ccb6b1cf3bd4d1e18a33d6e60f9acbaeb
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Jul 2020 08:20:43 +0000 (17:20 +0900)]
Update IoT privacy whitelist
- Add org.tizen.firmware-update-ui to IoT privacy whitelist
Change-Id: Ia962a8bd1c03e2a5ae5e2d4fbf8a4d46e6c11700
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 7 Jul 2020 10:28:03 +0000 (19:28 +0900)]
Get package cert level if there's no cert level given
- To check whether the package is privacy whitelisted or not, get pkg
cert level from input param. If the given cert level is
PRVMGR_PACKAGE_VISIBILITY_NONE then get package cert level from
pkgmgr-info and certsvc.
Change-Id: I85ca805867a7a17a49eccfd3f6d6cc6edb44fc54
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 26 Jun 2020 10:01:20 +0000 (19:01 +0900)]
Modify privilege verification messaging
- Adjust function/variable name to its role.
- Remove redunant code.
- Remove build warning bypass trick.
- Make messaging logic simpler.
Change-Id: Ib5e113f147bbbaf4597da3ccb2798467f1ddbae3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 Jun 2020 08:39:57 +0000 (17:39 +0900)]
Revise logic to get privilege display name and description
- Remove redundant code and branch that never passed through.
- Return NULL if the given privilege have no DID to display
- The same changes as privilege-info :
https://review.tizen.org/gerrit/#/c/platform/core/security/privilege-info/+/231441/
Change-Id: I7093d1a38970ca2a11b0933025845baed2a1e04b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 9 Jul 2020 08:01:12 +0000 (08:01 +0000)]
Merge "Fix asan build fail" into tizen
Yunjin Lee [Thu, 9 Jul 2020 02:24:07 +0000 (11:24 +0900)]
Fix asan build fail
- How to build with asan:
$ gbs build -A {architecture} --include-all --extra-packs asan-force-options,asan-build-env --define 'asan 1'
Change-Id: I4c655ac01d9061362a1cf1cc53bc6defe14bc55d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 3 Jul 2020 06:24:56 +0000 (15:24 +0900)]
Bind repeated steps for accessing DB
- Bind check query and prepare DB into a function
- Make open / prepare DB as try / return
- Leave comment for TODO
Change-Id: I16b1e150bae44829255baa49f76d349f311a352c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 Jun 2020 04:46:24 +0000 (13:46 +0900)]
Adjust API changes to local test
- adjust privilege_info_get_privilege_type() interface changes
- enable local test build
Change-Id: I42b7b5ef3329ffd026c576eb6510a05abfaa43a0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 16 Jun 2020 02:56:42 +0000 (11:56 +0900)]
Release version 1.2.2
- Add privilege profile type for IoT
- Add privacy whitelist for IoT profile
- Determine askuser enable by security config file
- Add IoT profile
- Add cert level to privacy whitelist table
Change-Id: I619eca0149494e3c5324f69adb7c7c1874b1b833
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 29 May 2020 07:19:49 +0000 (16:19 +0900)]
Add privilege profile type for IoT
Change-Id: Ifdd154343825e2f2783a68e955c1db8c48998d9d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 16 Jun 2020 02:49:54 +0000 (11:49 +0900)]
Add privacy whitelist for IoT profile
- Based on RPI4 IoT headed image (
20200615.1)
Change-Id: I84bc6993185b24aac3aeafc90b7f9d807f46fe4f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 29 May 2020 07:09:17 +0000 (16:09 +0900)]
Determine askuser enable by security config file
- When checking current target support askuser or not, see whether the
askuser_disable file exist or not.
- The profile file is used for checking different storage privacy support
among profiles.
Change-Id: I7be583ac275f10575220c6ace3d1dd64522c14fe
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 28 May 2020 10:52:08 +0000 (10:52 +0000)]
Merge "Add IoT profile" into tizen
Yunjin Lee [Tue, 28 Apr 2020 10:12:35 +0000 (19:12 +0900)]
Add cert level to privacy whitelist table
- Add cert_level to privacy_whitelist table to check privacy whitelisted
app by its pkgid and cert level
Change-Id: Idcb6d3e8f1936b08b226115cf6a33dde52b88970
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 28 May 2020 06:56:56 +0000 (15:56 +0900)]
Release version 1.2.1
- Fix asan build error
- Modify privilege_info_get_privilege_type() interface
Change-Id: If22254236bc8857ccf895643ba0708b89664be8c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 27 May 2020 05:54:15 +0000 (14:54 +0900)]
Fix asan build error
- How to build with ASan:
gbs build -A {architecture} --include-all --extra-packs asan-force-options,asan-build-env --define 'asan 1'
Change-Id: I3f3ffcc29d1b75c7ee08024688399df27320567f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 28 Apr 2020 11:46:09 +0000 (20:46 +0900)]
Add IoT profile
- Provides security-privilege-manager-extension_iot rpm
- Privileges of IoT profile are on the basis of common profile
- TODO: Add privacy whitelist data file for IoT profile
Change-Id: I8aa77524fe2ae74374032f714cc5c972e17035ab
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 3 Apr 2020 03:49:18 +0000 (12:49 +0900)]
Modify privilege_info_get_privilege_type() interface
- Add package type and cert level to privilege_info_get_privilege_type()
parameters.
- Add enum value to privilege_manager_visibility_e for cert level
unknown.
- TODO: Fix testcase accordingly.
- TODO: Fix logic to use cert level to determine privilege type.
Change-Id: I339bda66c77efffccbbb23f0b8b19c2fe798e207
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 13 Apr 2020 10:17:05 +0000 (19:17 +0900)]
Release version 1.2.0
- Add core privilege: notification.admin
- Update privacy whitelist
Changes numbering due to the differentiate older branches code.
Older branch(tizen_5.5) will continue to use 1.1.x and
current branch will use 1.2.x.
Change-Id: I2eabbcd7814da46c379c687eb6a39732c99d1b7c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 7 Apr 2020 04:10:42 +0000 (13:10 +0900)]
Add core privilege: notification.admin
- notification.admin: Application with this privilege can manage
notifications. For example, the app can get all notificaitons and
update, delete or hide them.
Change-Id: Ie6d215c7120a3550df9be9050b9cd22ff0020bc9
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Shinwoo Kim [Mon, 6 Apr 2020 02:49:45 +0000 (11:49 +0900)]
Update privacy whitelist
Application ID has been changed
from org.tizen.accessibility-setting-wearable/mobile
to org.tizen.accessibility-setting-profile_wearable/mobile
Change-Id: I311f1d466c4e04c3d10e62f9497ba1b5430fb192
Signed-off-by: Shinwoo Kim <cinoo.kim@samsung.com>
Yunjin Lee [Tue, 31 Mar 2020 07:04:30 +0000 (16:04 +0900)]
Release version 1.1.11
- Update language files
Change-Id: Ic664c080e10258d008ecc6d09d6fbc4f683b259f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 31 Mar 2020 06:31:41 +0000 (06:31 +0000)]
Revert "Release version 1.1.11"
This reverts commit
a9bef8c7e9704c9d6e8be79c194e58f27cf68af4.
Change-Id: I970dc36a10149857fc33a14217074e069802e6b3
Yunjin Lee [Mon, 30 Mar 2020 08:25:53 +0000 (17:25 +0900)]
Release version 1.1.11
- Update language files
Change-Id: I7d0a7361a38ce407b82968fc2c6030d1ab38d140
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 30 Mar 2020 08:18:28 +0000 (17:18 +0900)]
Update language files
- WDS_TPLATFORM_BODY_THIS_APP_CAN_RETRIEVE_TELEPHONY_INFORMATION_SUCH_AS_THE_NETWORK_AND_SIM_CARD_USED_AND_THE_STATUSES_OF_CALLS
- WDS_TPLATFORM_BODY_THIS_APP_CAN_READ_YOUR_DEVICES_IMEI_MEID_AND_ICCID
Change-Id: I280c6b81281673e1f3cdc188a059e92aa07223e2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 21 Feb 2020 02:26:07 +0000 (11:26 +0900)]
Release version 1.1.10
- Remove disabled pakcages from privacy package list
Change-Id: I4bcb919c6e918277714df53c4a185a98c4782408
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 20 Feb 2020 07:43:04 +0000 (16:43 +0900)]
Remove disabled pakcages from privacy package list
- Modify package list returned by following APIs not to include disabled
packages.
- privilege_package_info_get_package_list_by_privacy()
- privilege_package_info_get_all_privacy_package_list()
Change-Id: Ib1de0d07d0c3b395dec05bbfbf9774506e94f8a9
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 29 Jan 2020 06:40:08 +0000 (15:40 +0900)]
Release version 1.1.9
- Add null check before strdup()
Change-Id: Iaf7dd06ba9318d1d11e9902c08c5d089327896ec
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 29 Jan 2020 06:33:50 +0000 (15:33 +0900)]
Add null check before strdup()
Change-Id: I9779bb2ef4f827b591edb0d5226354cdc6fbbe8b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 11:10:09 +0000 (20:10 +0900)]
Release version 1.1.8
- Add gcc version check for diagnostic pragmas
Change-Id: I5c14604209f91b07a02cf78fc4e6a9f6e14a8397
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 10:43:18 +0000 (19:43 +0900)]
Add gcc version check for diagnostic pragmas
- Add gcc version check for diagnostics that are not supported at lower gcc version
Change-Id: I1f4c9160d475f395a7e61f03980580043c1a8e6d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 09:34:57 +0000 (18:34 +0900)]
Release version 1.1.7
- Fix build errors from toolchain upgrade (gcc & iniparser)
- Fix remained build errors from toolchain upgrade (gcc)
Change-Id: Id015fa870c47475bb4b3b6f7d2837282012e4a83
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 09:59:07 +0000 (18:59 +0900)]
Fix remained build errors from toolchain upgrade (gcc)
- Fix errors that are remained, not checked from previous obs logs
Change-Id: I3293d0993a9c89205bfd4c5bef24c3a3d9b4c5cf
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 08:45:38 +0000 (17:45 +0900)]
Fix build errors from toolchain upgrade (gcc & iniparser)
Change-Id: I86b18f1d24b9aa5ce2515df8c4f58f2e740257d8
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 27 Dec 2019 02:17:16 +0000 (11:17 +0900)]
Release version 1.1.6
- Update DID of telephony and securesysteminfo privilege
Change-Id: Icc4ef7bdcf37b453bb03dcb32b8202c6ed20cef9
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 26 Dec 2019 08:50:05 +0000 (17:50 +0900)]
Update DID of telephony and securesysteminfo privilege
Change-Id: I41577c3329dfb0a7d5cff5f5956dcc34ca600bd3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 26 Nov 2019 07:10:04 +0000 (16:10 +0900)]
Release version 1.1.5
- Update language files
Change-Id: Ibf303b0501363ac8bef2a64b86ef8fad11799622
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 26 Nov 2019 07:09:44 +0000 (16:09 +0900)]
Update language files
Change-Id: Ib774ee6ad9aac6306d7867dbbdbf02307d8ab306
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 23 Oct 2019 02:35:09 +0000 (11:35 +0900)]
Release version 1.1.4
- Update mobile/wearable privacy whitelist
- Update language files and set duid privacy DID
Change-Id: I21614b95b7c57b8a59536bdf99317efb0afd3ada
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 23 Oct 2019 02:27:40 +0000 (11:27 +0900)]
Update language files and set duid privacy DID
Change-Id: Ieb2c00ef8ea813f0843cf89d5c6e3a240986bcf3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 17 Oct 2019 09:03:24 +0000 (18:03 +0900)]
Update mobile/wearable privacy whitelist
- tizen-unified_20191016.1 (TM1, TW3)
Change-Id: I7dd2246d0416045b2135a27832a0fcab5dadd68a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 11 Oct 2019 07:28:28 +0000 (16:28 +0900)]
Release version 1.1.3
- Add core privileges: securesysteminfo, voicecontrol.tts and new privacy: duid
Change-Id: I81b967162777b7827202194506f70e966af8f00a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 11 Oct 2019 07:23:26 +0000 (16:23 +0900)]
Add core privileges: securesysteminfo, voicecontrol.tts and new privacy: duid
- securesysteminfo: This privilege allows app to read non-resettable
secure deivce information such as IMEI.
- voicecontrol.tts: This privilege allows app to request voice control
engine to synthesize text to speech using its own voice.
- duid: Privacy related to device unique IDs
Change-Id: I9f6942b0e867db0989f44e791a60ffc5ab8304d7
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
projects / platform / core / security / privilege-checker.git / log