From 0af26472074232b77cdc4fa7c0c2a8fba9cdda69 Mon Sep 17 00:00:00 2001 From: Mateusz Cegielka Date: Wed, 5 Aug 2020 13:07:53 +0200 Subject: [PATCH 1/1] Refactor AccessProvider and ScopedAccessProvider AccessProvider is a helper class for setting up Smack rules, user id, group id and process labels before or during a test. CKM tests also contain different AccessProvider and ScopedAccessProvider classes, but only use a single constructor of the latter to pretend to be an app. These classes contain some duplicated code. Also, after the removal of libsmack-tests, the responsibilities of these classes have shrunk to pretending to be an app and nothing else. I have cleaned up src/common/ AccessProvider, renamed it to AppContext and made it flexible enough so that ScopedAccessProvider can be implemented in terms of it and src/ckm/ AccessProvider can be removed. I have then cleaned up ScopedAccessProvider and renamed it to ScopedAppContext. Change-Id: I325f7bd1d9c2ac276960530384682227cefec7da --- src/ckm/privileged/CMakeLists.txt | 4 +- src/ckm/privileged/access_provider2.cpp | 108 --------------- src/ckm/privileged/access_provider2.h | 64 --------- src/ckm/privileged/async-api.cpp | 18 +-- src/ckm/privileged/capi-access_control.cpp | 150 ++++++++++----------- src/ckm/privileged/initial-values.cpp | 6 +- src/ckm/privileged/main.cpp | 28 ++-- src/ckm/privileged/scoped-app-context.cpp | 53 ++++++++ src/ckm/privileged/scoped-app-context.h | 45 +++++++ src/ckm/privileged/system-db.cpp | 34 ++--- src/common/CMakeLists.txt | 2 +- src/common/access_provider.cpp | 67 --------- src/common/app_context.cpp | 91 +++++++++++++ src/common/{access_provider.h => app_context.h} | 48 +++---- src/common/scoped_process_label.cpp | 20 ++- src/common/scoped_process_label.h | 4 +- src/cynara-tests/test_cases_helpers.cpp | 30 ++--- .../test_cases_credentials.cpp | 8 +- 18 files changed, 373 insertions(+), 407 deletions(-) delete mode 100644 src/ckm/privileged/access_provider2.cpp delete mode 100644 src/ckm/privileged/access_provider2.h create mode 100644 src/ckm/privileged/scoped-app-context.cpp create mode 100644 src/ckm/privileged/scoped-app-context.h delete mode 100644 src/common/access_provider.cpp create mode 100644 src/common/app_context.cpp rename src/common/{access_provider.h => app_context.h} (51%) diff --git a/src/ckm/privileged/CMakeLists.txt b/src/ckm/privileged/CMakeLists.txt index 705562c..ee8ce0b 100644 --- a/src/ckm/privileged/CMakeLists.txt +++ b/src/ckm/privileged/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2013-2019 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2013-2020 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -83,12 +83,12 @@ PKG_CHECK_MODULES(CKM_DEP ) SET(CKM_SOURCES - access_provider2.cpp async-api.cpp capi-access_control.cpp ckm-privileged-common.cpp initial-values.cpp main.cpp + scoped-app-context.cpp system-db.cpp ) diff --git a/src/ckm/privileged/access_provider2.cpp b/src/ckm/privileged/access_provider2.cpp deleted file mode 100644 index be26bd6..0000000 --- a/src/ckm/privileged/access_provider2.cpp +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 2013 - 2020 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file access_provider.cpp - * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) - * @version 1.0 - * @brief Common functions and macros used in security-tests package. - */ -#include -#include -#include - -#include -#include -#include -#include - -namespace { - -std::string toSmackLabel(const std::string &ownerId) { - if (ownerId.empty()) - return ownerId; - - if (ownerId[0] == '/') { - return ownerId.substr(1, std::string::npos); - } - - return SMACK_USER_APP_PREFIX + ownerId; -} - -} // anonymous namespace - -AccessProvider::AccessProvider(const std::string &ownerId, int uid, int gid) - : m_mySubject(toSmackLabel(ownerId)) - , m_inSwitchContext(false) -{ - RUNNER_ASSERT_MSG(m_mySubject.size() > 0, "No smack label provided to AccessProvider!"); - allowJournaldLogs(); - applyAndSwithToUser(uid, gid); -} - -AccessProvider::~AccessProvider() -{ - -} - -void AccessProvider::allowAPI(const std::string &api, const std::string &rule) { - m_smackAccess.add(m_mySubject, api, rule); -} - -void AccessProvider::apply() { - // This should be done by security-manager - m_smackAccess.add("System", m_mySubject, "w"); - m_smackAccess.add(m_mySubject, "System", "w"); - m_smackAccess.apply(); -} - -void AccessProvider::applyAndSwithToUser(int uid, int gid) -{ - RUNNER_ASSERT_MSG(m_inSwitchContext == false, "already switched context"); - - clear(); - apply(); - - m_processLabel.reset(new ScopedProcessLabel(m_mySubject)); - - m_origUid = getuid(); - m_origGid = getgid(); - RUNNER_ASSERT_MSG(0 == setegid(gid), - "Error in setgid."); - RUNNER_ASSERT_MSG(0 == seteuid(uid), - "Error in setuid."); - m_inSwitchContext = true; -} - -void AccessProvider::clear() { - m_smackAccess.clear(); -} - -void AccessProvider::allowJournaldLogs() { - allowAPI("System::Run","wx"); // necessary for logging with journald -} - -ScopedAccessProvider::~ScopedAccessProvider() -{ - if(m_inSwitchContext == true) - { - RUNNER_ASSERT_MSG(0 == setegid(m_origGid), "Error in setgid."); - RUNNER_ASSERT_MSG(0 == seteuid(m_origUid), "Error in setuid."); - clear(); - m_processLabel.reset(); - m_inSwitchContext = false; - } -} diff --git a/src/ckm/privileged/access_provider2.h b/src/ckm/privileged/access_provider2.h deleted file mode 100644 index 4552065..0000000 --- a/src/ckm/privileged/access_provider2.h +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 2013 - 2020 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file access_provider2.h - * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 - * @brief Common functions and macros used in security-tests package. - */ -#ifndef _ACCESS_FOR_DUMMIES_H_ -#define _ACCESS_FOR_DUMMIES_H_ - -#include -#include - -#include - -class ScopedProcessLabel; - -class AccessProvider { -public: - AccessProvider(const std::string &ownerId, int uid, int gid); - virtual ~AccessProvider(); - - AccessProvider(const AccessProvider &second) = delete; - AccessProvider& operator=(const AccessProvider &second) = delete; - - void allowAPI(const std::string &api, const std::string &rules); - void apply(); - void applyAndSwithToUser(int uid, int gid); - void clear(); - -private: - void allowJournaldLogs(); - - SmackAccess m_smackAccess; -protected: - std::string m_mySubject; - uid_t m_origUid; - gid_t m_origGid; - std::unique_ptr m_processLabel; - bool m_inSwitchContext; -}; - -class ScopedAccessProvider : public AccessProvider { -public: - ScopedAccessProvider(const std::string &mySubject, int uid, int gid) - : AccessProvider(mySubject, uid, gid) {} - virtual ~ScopedAccessProvider(); -}; - -#endif // _ACCESS_FOR_DUMMIES_H_ diff --git a/src/ckm/privileged/async-api.cpp b/src/ckm/privileged/async-api.cpp index 69f090a..371c488 100644 --- a/src/ckm/privileged/async-api.cpp +++ b/src/ckm/privileged/async-api.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2020 Samsung Electronics Co., Ltd All Rights Reserved * * Contact: Bumjin Im * @@ -40,7 +40,7 @@ #include #include #include -#include +#include #include using namespace CKM; @@ -390,14 +390,14 @@ public: void init(const std::string & str) { RemoveDataEnv::init(str); unlock_user_data(APP_UID, TEST_PASS); - m_ap.reset(new ScopedAccessProvider(TEST_LABEL, APP_UID, APP_GID)); + m_ctx.reset(new ScopedAppContext(TEST_LABEL, APP_UID, APP_GID)); } void finish() { - m_ap.reset(); + m_ctx.reset(); // lock is performed by remove_user_data() in RemoveDataEnv RemoveDataEnv::finish(); } - std::unique_ptr m_ap; + std::unique_ptr m_ctx; }; } // namespace anonymous @@ -421,7 +421,7 @@ RUNNER_TEST(TA1820_allow_access, RemoveDataEnv) std::string alias2 = aliasWithLabel(TEST_LABEL, "alias-2"); std::string alias3 = aliasWithLabel(TEST_LABEL, "alias-3"); { - ScopedAccessProvider ap(TEST_LABEL, APP_UID, APP_GID); + ScopedAppContext ctx(TEST_LABEL, APP_UID, APP_GID); save_data(alias1.c_str(), TEST_DATA); save_data(alias2.c_str(), TEST_DATA); save_data(alias3.c_str(), TEST_DATA); @@ -437,7 +437,7 @@ RUNNER_TEST(TA1820_allow_access, RemoveDataEnv) } { - ScopedAccessProvider ap(TEST_LABEL_2, APP_UID, APP_GID); + ScopedAppContext ctx(TEST_LABEL_2, APP_UID, APP_GID); test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1, ""); test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1); @@ -469,7 +469,7 @@ RUNNER_TEST(TA1920_deny_access, RemoveDataEnv) // prepare: add data std::string alias1 = aliasWithLabel(TEST_LABEL, "alias-1"); { - ScopedAccessProvider ap(TEST_LABEL, APP_UID, APP_GID); + ScopedAppContext ctx(TEST_LABEL, APP_UID, APP_GID); save_data(alias1.c_str(), TEST_DATA); test_positive(&ManagerAsync::setPermission, @@ -483,7 +483,7 @@ RUNNER_TEST(TA1920_deny_access, RemoveDataEnv) } { - ScopedAccessProvider ap(TEST_LABEL_2, APP_UID, APP_GID); + ScopedAppContext ctx(TEST_LABEL_2, APP_UID, APP_GID); test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1, ""); test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1); diff --git a/src/ckm/privileged/capi-access_control.cpp b/src/ckm/privileged/capi-access_control.cpp index db28b1c..351c0b2 100644 --- a/src/ckm/privileged/capi-access_control.cpp +++ b/src/ckm/privileged/capi-access_control.cpp @@ -6,7 +6,7 @@ #include #include -#include +#include #include #include @@ -96,7 +96,7 @@ RUNNER_TEST(T3000_init) // invalid arguments check RUNNER_TEST(T3001_manager_allow_access_invalid) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); RUNNER_ASSERT( CKMC_ERROR_INVALID_PARAMETER == ckmc_set_permission(NULL, "accessor", CKMC_PERMISSION_READ)); @@ -107,7 +107,7 @@ RUNNER_TEST(T3001_manager_allow_access_invalid) // invalid arguments check RUNNER_TEST(T3002_manager_deny_access_invalid) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ckmc_set_permission(NULL, "accessor", CKMC_PERMISSION_NONE)); RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ckmc_set_permission("alias", NULL, CKMC_PERMISSION_NONE)); @@ -116,7 +116,7 @@ RUNNER_TEST(T3002_manager_deny_access_invalid) // tries to allow access for non existing alias RUNNER_CHILD_TEST(T3003_manager_allow_access_non_existing) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); int ret = ckmc_set_permission(NO_ALIAS, "label", CKMC_PERMISSION_READ); RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret, @@ -126,7 +126,7 @@ RUNNER_CHILD_TEST(T3003_manager_allow_access_non_existing) // tries to deny access for non existing alias RUNNER_CHILD_TEST(T3004_manager_deny_access_non_existing) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); int ret = ckmc_set_permission(NO_ALIAS, "label", CKMC_PERMISSION_NONE); RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret, @@ -136,7 +136,7 @@ RUNNER_CHILD_TEST(T3004_manager_deny_access_non_existing) // tries to deny access that does not exist in database RUNNER_CHILD_TEST(T3005_manager_deny_access_non_existing_access) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); ScopedSaveData ssd(TEST_ALIAS, TEST_DATA); @@ -149,7 +149,7 @@ RUNNER_CHILD_TEST(T3005_manager_deny_access_non_existing_access) // tries to allow access to application own data RUNNER_CHILD_TEST(T3006_manager_allow_access_to_myself) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); ScopedSaveData ssd(TEST_ALIAS, TEST_DATA); @@ -162,7 +162,7 @@ RUNNER_CHILD_TEST(T3006_manager_allow_access_to_myself) // verifies that alias can not contain forbidden characters RUNNER_CHILD_TEST(T3007_manager_check_alias_valid) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); ScopedSaveData ssd(TEST_ALIAS, TEST_DATA); @@ -177,7 +177,7 @@ RUNNER_CHILD_TEST(T3007_manager_check_alias_valid) // verifies that label can not contain forbidden characters RUNNER_CHILD_TEST(T3008_manager_check_label_valid) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); ScopedSaveData ssd(TEST_ALIAS, TEST_DATA); @@ -210,13 +210,13 @@ RUNNER_TEST(T3020_manager_access_not_allowed, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); std::string TEST_ALIAS_adr = aliasWithLabel(APP_LABEL_1, TEST_ALIAS); check_read_not_visible(TEST_ALIAS_adr.c_str()); @@ -229,14 +229,14 @@ RUNNER_TEST(T3021_manager_access_allowed, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access(TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); } // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_read_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str(), TEST_DATA); } } @@ -246,14 +246,14 @@ RUNNER_TEST(T3022_manager_access_allowed_with_remove, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access(TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE); } // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_read_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str(), TEST_DATA); } } @@ -263,14 +263,14 @@ RUNNER_TEST(T3023_manager_access_allowed_remove_denied, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access(TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); } // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); std::string TEST_ALIAS_adr = aliasWithLabel(APP_LABEL_1, TEST_ALIAS); check_remove_denied(TEST_ALIAS_adr.c_str()); check_read_allowed(TEST_ALIAS_adr.c_str(), TEST_DATA); @@ -282,14 +282,14 @@ RUNNER_TEST(T3025_manager_remove_allowed, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access(TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE); } // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str()); } } @@ -300,7 +300,7 @@ RUNNER_TEST(T3026_manager_double_allow, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); // access should be overwritten @@ -310,7 +310,7 @@ RUNNER_TEST(T3026_manager_double_allow, RemoveDataEnv) // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); std::string TEST_ALIAS_adr = aliasWithLabel(APP_LABEL_1, TEST_ALIAS); check_remove_denied(TEST_ALIAS_adr.c_str()); @@ -324,7 +324,7 @@ RUNNER_TEST(T3027_manager_allow_deny, RemoveDataEnv) // prepare: add data std::string TEST_ALIAS_adr = aliasWithLabel(APP_LABEL_1, TEST_ALIAS); { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access(TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); @@ -332,7 +332,7 @@ RUNNER_TEST(T3027_manager_allow_deny, RemoveDataEnv) // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_denied(TEST_ALIAS_adr.c_str()); check_read_allowed(TEST_ALIAS_adr.c_str(), TEST_DATA); @@ -340,14 +340,14 @@ RUNNER_TEST(T3027_manager_allow_deny, RemoveDataEnv) // remove permission { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); deny_access(TEST_ALIAS, APP_LABEL_2); } // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_not_visible(TEST_ALIAS_adr.c_str()); check_read_not_visible(TEST_ALIAS_adr.c_str()); @@ -359,7 +359,7 @@ RUNNER_TEST(T3028_manager_access_by_label, RemoveDataEnv) // prepare: add data const char *additional_data = "label-2-data"; { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access(TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); @@ -367,7 +367,7 @@ RUNNER_TEST(T3028_manager_access_by_label, RemoveDataEnv) // add data as app 2 { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); save_data(TEST_ALIAS, additional_data); allow_access(TEST_ALIAS, APP_LABEL_1, CKMC_PERMISSION_READ); @@ -378,7 +378,7 @@ RUNNER_TEST(T3028_manager_access_by_label, RemoveDataEnv) // test accessibility to app 2 from app 1 { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); // test if can access label2 alias from label1 domain - should succeed check_read_allowed(aliasWithLabel(APP_LABEL_2, TEST_ALIAS).c_str(), additional_data); @@ -390,7 +390,7 @@ RUNNER_TEST(T3029_manager_access_modification_by_foreign_label, RemoveDataEnv) // prepare: add data size_t count; { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); save_data(TEST_ALIAS2, TEST_DATA); @@ -421,7 +421,7 @@ RUNNER_TEST(T3030_manager_get_all_aliases, RemoveDataEnv) // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); // check that app can access other aliases when it has permission check_alias_count(count - 1); @@ -434,13 +434,13 @@ RUNNER_TEST(T3030_manager_get_all_aliases, RemoveDataEnv) // remove permission { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); deny_access(TEST_ALIAS, APP_LABEL_2); } // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); // check that app can't access other aliases for which permission has been revoked check_alias_count(count - 2); @@ -452,7 +452,7 @@ RUNNER_TEST(T3031_manager_deprecated_access_allowed, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access_deprecated(TEST_ALIAS, APP_LABEL_2, CKMC_AR_READ); @@ -460,7 +460,7 @@ RUNNER_TEST(T3031_manager_deprecated_access_allowed, RemoveDataEnv) // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_read_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str(), TEST_DATA); } @@ -471,7 +471,7 @@ RUNNER_TEST(T3032_manager_deprecated_access_allowed_with_remove, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); allow_access_deprecated(TEST_ALIAS, APP_LABEL_2, CKMC_AR_READ_REMOVE); @@ -519,7 +519,7 @@ RUNNER_TEST(T3034_manager_deprecated_remove_allowed, RemoveDataEnv) // test accessibility from another label { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str()); } @@ -541,7 +541,7 @@ RUNNER_TEST(T3101_control_allow_access_invalid, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } @@ -562,7 +562,7 @@ RUNNER_TEST(T3102_control_deny_access_invalid, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } @@ -600,7 +600,7 @@ RUNNER_TEST(T3105_control_remove_non_existing_access, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } @@ -613,7 +613,7 @@ RUNNER_TEST(T3105_control_remove_non_existing_access, RemoveDataEnv) RUNNER_TEST(T3106_control_allow_access_to_myself, RemoveDataEnv) { // prepare: add data - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); // test @@ -628,7 +628,7 @@ RUNNER_CHILD_TEST(T3110_control_allow_access_as_user, RemoveDataEnv) RUNNER_IGNORED_MSG("Disabled until labeled sockets not available"); // prepare: add data - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); // test @@ -643,7 +643,7 @@ RUNNER_CHILD_TEST(T3111_control_deny_access_as_user, RemoveDataEnv) RUNNER_IGNORED_MSG("Disabled until labeled sockets not available"); // prepare: add data - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); // test @@ -657,13 +657,13 @@ RUNNER_TEST(T3121_control_access_allowed, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_read_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str(), TEST_DATA); } @@ -674,13 +674,13 @@ RUNNER_TEST(T3122_control_access_allowed_with_remove, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_read_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str(), TEST_DATA); } @@ -691,13 +691,13 @@ RUNNER_TEST(T3122_control_access_allowed_remove_denied, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_denied(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str()); } @@ -708,13 +708,13 @@ RUNNER_TEST(T3125_control_remove_allowed, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str()); } @@ -726,7 +726,7 @@ RUNNER_TEST(T3126_control_double_allow, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } @@ -734,7 +734,7 @@ RUNNER_TEST(T3126_control_double_allow, RemoveDataEnv) allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE); allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); std::string TEST_ALIAS_adr = aliasWithLabel(APP_LABEL_1, TEST_ALIAS); check_remove_denied(TEST_ALIAS_adr.c_str()); @@ -747,14 +747,14 @@ RUNNER_TEST(T3127_control_allow_deny, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } std::string TEST_ALIAS_adr = aliasWithLabel(APP_LABEL_1, TEST_ALIAS); allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_denied(TEST_ALIAS_adr.c_str()); check_read_allowed(TEST_ALIAS_adr.c_str(), TEST_DATA); @@ -762,7 +762,7 @@ RUNNER_TEST(T3127_control_allow_deny, RemoveDataEnv) deny_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_not_visible(TEST_ALIAS_adr.c_str()); check_read_not_visible(TEST_ALIAS_adr.c_str()); @@ -775,7 +775,7 @@ RUNNER_TEST(T3130_control_get_all_aliases, RemoveDataEnv) // prepare: add data size_t count; { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); save_data(TEST_ALIAS2, TEST_DATA); @@ -784,7 +784,7 @@ RUNNER_TEST(T3130_control_get_all_aliases, RemoveDataEnv) allow_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_PERMISSION_READ); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); // check that app can access other aliases when it has permission check_alias_count(count - 1); @@ -797,7 +797,7 @@ RUNNER_TEST(T3130_control_get_all_aliases, RemoveDataEnv) deny_access_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); // check that app can't access other aliases for which permission has been revoked check_alias_count(count - 2); @@ -809,7 +809,7 @@ RUNNER_TEST(T3140_control_allow_invalid_user, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } @@ -823,7 +823,7 @@ RUNNER_TEST(T3141_control_deny_invalid_user, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } @@ -837,13 +837,13 @@ RUNNER_TEST(T3142_control_deprecated_access_allowed, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } allow_access_deprecated_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_AR_READ); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_read_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str(), TEST_DATA); } @@ -854,13 +854,13 @@ RUNNER_TEST(T3143_control_deprecated_access_allowed_with_remove, RemoveDataEnv) { // prepare: add data { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); } allow_access_deprecated_by_adm(APP_1, APP_LABEL_1, TEST_ALIAS, APP_LABEL_2, CKMC_AR_READ_REMOVE); { - ScopedAccessProvider ap(APP_LABEL_2, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_2, APP_1, GROUP_1); check_remove_allowed(aliasWithLabel(APP_LABEL_1, TEST_ALIAS).c_str()); } @@ -943,7 +943,7 @@ RUNNER_TEST(utc_ckmc_get_data_alias_info_list_p1) RUNNER_TEST(utc_ckmc_get_data_alias_info_list_p2, RemoveDataEnv) { - ScopedAccessProvider ap(APP_LABEL_1, APP_1, GROUP_1); + ScopedAppContext ctx(APP_LABEL_1, APP_1, GROUP_1); save_data(TEST_ALIAS, TEST_DATA); ckmc_alias_info_list_s* ppalias_list = NULL; diff --git a/src/ckm/privileged/initial-values.cpp b/src/ckm/privileged/initial-values.cpp index f4d1bb6..f3de2bb 100644 --- a/src/ckm/privileged/initial-values.cpp +++ b/src/ckm/privileged/initial-values.cpp @@ -26,7 +26,7 @@ #include #include #include -#include +#include #include #include #include @@ -153,7 +153,7 @@ RUNNER_TEST(T6010_PARSE_XML_FILE_AT_STARTUP) // [test2] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); check_key(XML_1_EXPECTED_KEY_1_RSA.c_str(), CKMC_ERROR_NOT_EXPORTABLE); check_key_not_visible(XML_1_EXPECTED_KEY_2_RSA.c_str()); @@ -165,7 +165,7 @@ RUNNER_TEST(T6010_PARSE_XML_FILE_AT_STARTUP) // [test3] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL_2, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL_2, USER_APP, GROUP_APP); check_key_not_visible(XML_1_EXPECTED_KEY_1_RSA.c_str()); check_key_allowed(XML_1_EXPECTED_KEY_2_RSA.c_str(), CKMC_KEY_RSA_PRIVATE); diff --git a/src/ckm/privileged/main.cpp b/src/ckm/privileged/main.cpp index 7df9e61..fd5cd13 100644 --- a/src/ckm/privileged/main.cpp +++ b/src/ckm/privileged/main.cpp @@ -26,7 +26,7 @@ #include #include -#include +#include #include #include @@ -77,7 +77,7 @@ RUNNER_TEST(T1511_insert_data) CKM::Alias certimAlias("CertIM"); { ScopedDBUnlock unlock(USER_TEST, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_TEST, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST, GROUP_APP); auto manager = CKM::Manager::create(); RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy())); @@ -91,7 +91,7 @@ RUNNER_TEST(T1511_insert_data) // actual test { ScopedDBUnlock unlock(USER_TEST, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_TEST, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST, GROUP_APP); auto manager = CKM::Manager::create(); int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy()); @@ -116,13 +116,13 @@ RUNNER_TEST(T1701_init_unlock_key) { unlock_user_data(USER_TEST+1, "t170-special-password"); - ScopedAccessProvider ap(TEST_LABEL, USER_TEST+1, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST+1, GROUP_APP); } RUNNER_CHILD_TEST(T1702_insert_data) { int temp; - ScopedAccessProvider ap(TEST_LABEL, USER_TEST+1, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST+1, GROUP_APP); auto certee = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF); @@ -155,7 +155,7 @@ RUNNER_TEST(T1703_removeApplicationData) RUNNER_CHILD_TEST(T1704_data_test) { int temp; - ScopedAccessProvider ap(TEST_LABEL, USER_TEST+1, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST+1, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -202,7 +202,7 @@ RUNNER_TEST(T17101_init) RUNNER_CHILD_TEST(T17102_prep_data_01) { int temp; - ScopedAccessProvider ap(TEST_LABEL, USER_TEST+2, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST+2, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -220,7 +220,7 @@ RUNNER_CHILD_TEST(T17102_prep_data_01) RUNNER_CHILD_TEST(T17103_prep_data_02) { int temp; - ScopedAccessProvider ap(TEST_LABEL_2, USER_TEST+2, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+2, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -238,7 +238,7 @@ RUNNER_CHILD_TEST(T17103_prep_data_02) RUNNER_CHILD_TEST(T17104_prep_data_03) { int temp; - ScopedAccessProvider ap(TEST_LABEL, USER_TEST+3, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST+3, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -256,7 +256,7 @@ RUNNER_CHILD_TEST(T17104_prep_data_03) RUNNER_CHILD_TEST(T17105_prep_data_04) { int temp; - ScopedAccessProvider ap(TEST_LABEL_2, USER_TEST+3, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+3, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -287,7 +287,7 @@ RUNNER_TEST(T17106_remove_application) RUNNER_CHILD_TEST(T17107_check_data_01) { int temp; - ScopedAccessProvider ap(TEST_LABEL, USER_TEST+2, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST+2, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -303,7 +303,7 @@ RUNNER_CHILD_TEST(T17107_check_data_01) RUNNER_CHILD_TEST(T17108_check_data_02) { int temp; - ScopedAccessProvider ap(TEST_LABEL_2, USER_TEST+2, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+2, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -329,7 +329,7 @@ RUNNER_TEST(T17109_unlock_user2) RUNNER_CHILD_TEST(T17110_check_data_03) { int temp; - ScopedAccessProvider ap(TEST_LABEL, USER_TEST+3, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_TEST+3, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); @@ -345,7 +345,7 @@ RUNNER_CHILD_TEST(T17110_check_data_03) RUNNER_CHILD_TEST(T17111_check_data_04) { int temp; - ScopedAccessProvider ap(TEST_LABEL_2, USER_TEST+3, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+3, GROUP_APP); CKM::AliasVector av; auto manager = CKM::Manager::create(); diff --git a/src/ckm/privileged/scoped-app-context.cpp b/src/ckm/privileged/scoped-app-context.cpp new file mode 100644 index 0000000..80f0df9 --- /dev/null +++ b/src/ckm/privileged/scoped-app-context.cpp @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2013 - 2020 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file scoped-app-context.cpp + * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) + * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com) + * @version 1.0 + * @brief RAII guard for pretending to be an app (Smack, uid, gid). + */ + +#include +#include +#include +#include + +#include + +ScopedAppContext::ScopedAppContext(const std::string& owner, uid_t user, gid_t group) + : m_context(SMACK_USER_APP_PREFIX + owner) + , m_oldUser(getuid()) + , m_oldGroup(getgid()) +{ + m_context.allowAccessFrom("System", "w"); + m_context.allowAccessTo("System", "w"); + m_context.allowAccessTo("System::Run", "wx"); // Necessary for logging with journald + + m_context.applyRules(); + m_processLabel = std::make_unique(m_context.applyLabelScoped()); + m_context.applyUserSwitchEffective(user, group); +} + +ScopedAppContext::~ScopedAppContext() +{ + try { + m_context.applyUserSwitchEffective(m_oldUser, m_oldGroup); + m_context.revokeRules(); + } catch (const DPL::Test::TestException& e) { + RUNNER_ERROR_MSG("Exception in ScopedAppContext destructor: " << e.GetMessage()); + } +} diff --git a/src/ckm/privileged/scoped-app-context.h b/src/ckm/privileged/scoped-app-context.h new file mode 100644 index 0000000..eebf705 --- /dev/null +++ b/src/ckm/privileged/scoped-app-context.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2013 - 2020 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file scoped-app-context.h + * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) + * @version 1.0 + * @brief RAII guard for pretending to be an app (Smack, uid, gid). + */ + +#pragma once + +#include +#include + +#include +#include + +#include + +class ScopedAppContext { +public: + ScopedAppContext(const std::string& owner, uid_t user, gid_t group); + ScopedAppContext(const ScopedAppContext&) = delete; + ScopedAppContext& operator=(const ScopedAppContext&) = delete; + ~ScopedAppContext(); + +private: + AppContext m_context; + std::unique_ptr m_processLabel; + uid_t m_oldUser; + gid_t m_oldGroup; +}; diff --git a/src/ckm/privileged/system-db.cpp b/src/ckm/privileged/system-db.cpp index 3fe2528..1a4ee6e 100644 --- a/src/ckm/privileged/system-db.cpp +++ b/src/ckm/privileged/system-db.cpp @@ -24,7 +24,7 @@ #include #include #include -#include +#include #include #include @@ -77,7 +77,7 @@ RUNNER_TEST(T5010_CLIENT_APP_LOCKED_PRIVATE_DB) // [test] { - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_LOCKED); } @@ -95,7 +95,7 @@ RUNNER_TEST(T5020_CLIENT_APP_ADD_TO_PRIVATE_DB) { remove_user_data(USER_APP); ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); ScopedSaveData ssd(TEST_ALIAS, TEST_DATA); check_read(TEST_ALIAS, TEST_LABEL, TEST_DATA); @@ -111,7 +111,7 @@ RUNNER_TEST(T5030_CLIENT_APP_TRY_ADDING_SYSTEM_ITEM, RemoveDataEnv<0, USER_APP>) // [test] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); save_data(aliasWithLabel(SYSTEM_LABEL, TEST_ALIAS).c_str(), TEST_DATA, CKMC_ERROR_PERMISSION_DENIED); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN); @@ -134,7 +134,7 @@ RUNNER_TEST(T5031_CLIENT_APP_ACCESS_WITH_PERMISSION, RemoveDataEnv<0, USER_APP>) // [test] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA); } @@ -155,7 +155,7 @@ RUNNER_TEST(T5032_CLIENT_APP_ACCESS_NO_PERMISSION, RemoveDataEnv<0, USER_APP>) // [test] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN); } @@ -184,7 +184,7 @@ RUNNER_TEST(T5033_CLIENT_APP_PERMISSION_REMOVAL, RemoveDataEnv<0, USER_APP>) // [test] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA); } @@ -195,7 +195,7 @@ RUNNER_TEST(T5033_CLIENT_APP_PERMISSION_REMOVAL, RemoveDataEnv<0, USER_APP>) // [test2] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN); } @@ -211,7 +211,7 @@ RUNNER_TEST(T5034_CLIENT_APP_SET_READ_ACCESS, RemoveDataEnv<0, USER_APP>) // [test] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); ScopedSaveData ssdsystem_user(TEST_ALIAS, TEST_DATA); ScopedSaveData ssdsystem_system(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA, CKMC_ERROR_PERMISSION_DENIED); @@ -236,7 +236,7 @@ RUNNER_TEST(T5035_CLIENT_APP_TRY_REMOVING_SYSTEM_ITEM, RemoveDataEnv<0, USER_APP // [test] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); check_remove_denied(TEST_SYSTEM_ALIAS.c_str()); } @@ -267,7 +267,7 @@ RUNNER_TEST(T5036_CLIENT_LIST_ACCESSIBLE_ITEMS, RemoveDataEnv<0, USER_APP>) // [test2] { ScopedDBUnlock unlock(USER_APP, APP_PASS); - ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP); + ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP); ScopedSaveData user_data(TEST_ALIAS, TEST_DATA); check_alias_list({TEST_SYSTEM_ALIAS.c_str(), @@ -284,7 +284,7 @@ RUNNER_TEST(T5037_CLIENT_APP_TRY_GENERATE_KEY_IN_SYSTEM_DB, RemoveDataEnv) // [test] { - ScopedAccessProvider ap(TEST_LABEL_2, USER_SERVICE_2, GROUP_SERVICE_2); + ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_2, GROUP_SERVICE_2); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA); } @@ -447,7 +447,7 @@ RUNNER_TEST(T5042_SYSTEM_SVC_1234_ADD_ITEM_TO_DB) // [prepare] { - ScopedAccessProvider ap(TEST_LABEL_2, USER_SERVICE_2, GROUP_SERVICE_2); + ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_2, GROUP_SERVICE_2); // [test] ScopedSaveData ssd(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA); @@ -469,7 +469,7 @@ RUNNER_TEST(T5043_SYSTEM_SVC_4999_ACCESS_DB, RemoveDataEnv<0>) // [test] { - ScopedAccessProvider ap(TEST_LABEL_2, USER_SERVICE_MAX, GROUP_SERVICE_MAX); + ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_MAX, GROUP_SERVICE_MAX); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA); } @@ -491,7 +491,7 @@ RUNNER_TEST(T5044_SYSTEM_SVC_5000_ACCESS_DB, RemoveDataEnv<0>) // [test] { - ScopedAccessProvider ap(TEST_LABEL_2, USER_SERVICE_FAIL, GROUP_SERVICE_FAIL); + ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_FAIL, GROUP_SERVICE_FAIL); check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_LOCKED); } diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index b97fc80..367d1e0 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -21,7 +21,7 @@ PKG_CHECK_MODULES(COMMON_TARGET_DEP #files to compile SET(COMMON_TARGET_TEST_SOURCES ${PROJECT_SOURCE_DIR}/src/common/tests_common.cpp - ${PROJECT_SOURCE_DIR}/src/common/access_provider.cpp + ${PROJECT_SOURCE_DIR}/src/common/app_context.cpp ${PROJECT_SOURCE_DIR}/src/common/smack_access.cpp ${PROJECT_SOURCE_DIR}/src/common/dbus_connection.cpp ${PROJECT_SOURCE_DIR}/src/common/dbus_message_in.cpp diff --git a/src/common/access_provider.cpp b/src/common/access_provider.cpp deleted file mode 100644 index fb53d86..0000000 --- a/src/common/access_provider.cpp +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 2013 - 2019 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file access_provider.cpp - * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 - * @brief Common functions and macros used in security-tests package. - */ -#include -#include -#include - -#include - -#include - -#include -#include - -namespace SecurityServer { - -AccessProvider::AccessProvider(const std::string &myLabel) - : m_myLabel(myLabel) -{} - -void AccessProvider::allowSS() { - m_smackAccess.add(m_myLabel, "System::Run", "x"); -} - -void AccessProvider::addSubjectRule(const std::string &subject, const std::string &rule) { - m_smackAccess.add(subject, m_myLabel, rule); -} - -void AccessProvider::addObjectRule(const std::string &object, const std::string &rule) { - m_smackAccess.add(m_myLabel, object, rule); -} - -void AccessProvider::apply() { - m_smackAccess.apply(); -} - -void AccessProvider::applyAndSwithToUser(int uid, int gid) { - RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_myLabel.c_str()), - "Error in smack_revoke_subject(" << m_myLabel << ")"); - apply(); - ScopedProcessLabel spl(m_myLabel, false); - RUNNER_ASSERT_MSG(0 == setgid(gid), - "Error in setgid."); - RUNNER_ASSERT_MSG(0 == setuid(uid), - "Error in setuid."); -} - -} // namespace SecurityServer - diff --git a/src/common/app_context.cpp b/src/common/app_context.cpp new file mode 100644 index 0000000..0a42fe7 --- /dev/null +++ b/src/common/app_context.cpp @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2013 - 2020 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file app_context.cpp + * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) + * @version 1.0 + * @brief Common functions and macros used in security-tests package. + */ + +#include +#include +#include + +#include + +#include +#include + +AppContext::AppContext(const std::string& label) + : m_label(label) +{ +} + +void AppContext::allowAccessFrom(const std::string& subject, const std::string& rule) +{ + m_smackAccess.add(subject, m_label, rule); +} + +void AppContext::allowAccessTo(const std::string& object, const std::string& rule) +{ + m_smackAccess.add(m_label, object, rule); +} + +void AppContext::apply(uid_t user, gid_t group) +{ + revokeAccessToAll(); + applyRules(); + applyLabel(); + applyUserSwitch(user, group); +} + +void AppContext::applyLabel() +{ + ScopedProcessLabel spl(m_label, false); +} + +ScopedProcessLabel AppContext::applyLabelScoped() +{ + return ScopedProcessLabel(m_label, true); +} + +void AppContext::applyRules() +{ + m_smackAccess.apply(); +} + +void AppContext::applyUserSwitch(uid_t user, gid_t group) +{ + RUNNER_ASSERT_MSG(0 == setgid(group), "Error in setgid."); + RUNNER_ASSERT_MSG(0 == setuid(user), "Error in setuid."); +} + +void AppContext::applyUserSwitchEffective(uid_t user, gid_t group) +{ + RUNNER_ASSERT_MSG(0 == setegid(group), "Error in setegid."); + RUNNER_ASSERT_MSG(0 == seteuid(user), "Error in seteuid."); +} + +void AppContext::revokeAccessToAll() +{ + RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_label.c_str()), + "Error in smack_revoke_subject(" << m_label << ")"); +} + +void AppContext::revokeRules() +{ + m_smackAccess.clear(); +} diff --git a/src/common/access_provider.h b/src/common/app_context.h similarity index 51% rename from src/common/access_provider.h rename to src/common/app_context.h index 26124b4..b83282f 100644 --- a/src/common/access_provider.h +++ b/src/common/app_context.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2013 - 2020 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,40 +14,40 @@ * limitations under the License. */ /* - * @file access_provider.h + * @file app_context.h * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) * @version 1.0 * @brief Common functions and macros used in security-tests package. */ -#ifndef _ACCESS_FOR_DUMMIES_H_ -#define _ACCESS_FOR_DUMMIES_H_ -#include +#pragma once +#include #include -namespace SecurityServer { - -class AccessProvider { -public: - AccessProvider(const std::string &myLabel); +#include - AccessProvider(const AccessProvider &second) = delete; - AccessProvider& operator=(const AccessProvider &second) = delete; +#include - void addSubjectRule(const std::string &subject, const std::string &rule); - void addObjectRule(const std::string &object, const std::string &rule); - void allowSS(); - void apply(); - void applyAndSwithToUser(int uid, int gid); +class AppContext { +public: + AppContext(const std::string& label); + AppContext(const AppContext&) = delete; + AppContext& operator=(const AppContext&) = delete; + + void allowAccessFrom(const std::string& subject, const std::string& rule); + void allowAccessTo(const std::string& object, const std::string& rule); + + void apply(uid_t user, gid_t group); + void applyLabel(); + ScopedProcessLabel applyLabelScoped(); + void applyRules(); + void applyUserSwitch(uid_t user, gid_t group); + void applyUserSwitchEffective(uid_t user, gid_t group); + void revokeAccessToAll(); + void revokeRules(); - virtual ~AccessProvider(){} private: - std::string m_myLabel;; + std::string m_label; SmackAccess m_smackAccess; }; - -} // namespace SecurityServer - -#endif // _ACCESS_FOR_DUMMIES_H_ - diff --git a/src/common/scoped_process_label.cpp b/src/common/scoped_process_label.cpp index aa642fe..b7e450c 100644 --- a/src/common/scoped_process_label.cpp +++ b/src/common/scoped_process_label.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2019 - 2020 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -131,6 +131,24 @@ ScopedProcessLabel::ScopedProcessLabel(std::string label, bool restore) : smackSetLabelForSelf(m_label); } +ScopedProcessLabel::ScopedProcessLabel(ScopedProcessLabel&& other) + : m_label(std::move(other.m_label)) + , m_originalLabel(std::move(other.m_originalLabel)) + , m_originalOnlycap(std::move(other.m_originalOnlycap)) +{ + other.m_originalLabel.clear(); +} + +ScopedProcessLabel& ScopedProcessLabel::operator=(ScopedProcessLabel&& other) +{ + m_label = std::move(other.m_label); + m_originalLabel = std::move(other.m_originalLabel); + m_originalOnlycap = std::move(other.m_originalOnlycap); + + other.m_originalLabel.clear(); + return *this; +} + ScopedProcessLabel::~ScopedProcessLabel() { // it has to be restored diff --git a/src/common/scoped_process_label.h b/src/common/scoped_process_label.h index 5cb0dfc..a90b993 100644 --- a/src/common/scoped_process_label.h +++ b/src/common/scoped_process_label.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2019 - 2020 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -34,6 +34,8 @@ class ScopedProcessLabel: public DPL::Noncopyable public: // if restore == true the original label will be restored explicit ScopedProcessLabel(std::string label, bool restore = true); + ScopedProcessLabel(ScopedProcessLabel&& other); + ScopedProcessLabel& operator=(ScopedProcessLabel&& other); ~ScopedProcessLabel(); private: diff --git a/src/cynara-tests/test_cases_helpers.cpp b/src/cynara-tests/test_cases_helpers.cpp index b8d7f13..86ec5e0 100644 --- a/src/cynara-tests/test_cases_helpers.cpp +++ b/src/cynara-tests/test_cases_helpers.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2019 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2020 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -34,7 +34,7 @@ #include #include -#include +#include #include #include #include @@ -87,8 +87,8 @@ cynara_user_creds getUserDefaultMethod() { void udsServer(SynchronizationPipe &pipe, const struct sockaddr_un &sockaddr, const struct ProcessCredentials &peerCredentials) { - SecurityServer::AccessProvider ap(peerCredentials.label()); - ap.applyAndSwithToUser(peerCredentials.uid(), peerCredentials.gid()); + AppContext ctx(peerCredentials.label()); + ctx.apply(peerCredentials.uid(), peerCredentials.gid()); pipe.claimChildEp(); int sock = UDSHelpers::createServer(&sockaddr); @@ -243,19 +243,15 @@ DBusConnectionPtr createDBusConnection(const std::string &name) { void dbusServer(SynchronizationPipe &pipe, const std::string &requestedName, const ProcessCredentials &peerCredentials) { - // for DBus connection, System must have access to our peer creds as well. - SecurityServer::AccessProvider systemAp("System"); - systemAp.addObjectRule(peerCredentials.label(), "rwx"); - systemAp.apply(); - - SecurityServer::AccessProvider ap(peerCredentials.label()); - ap.addObjectRule("System", "w"); - ap.addObjectRule("System::Run", "x"); - ap.addObjectRule("System::Shared", "rwx"); // for GDB - ap.addSubjectRule("System::Privileged", "rwx"); // for piping - ap.addObjectRule("System::Privileged", "rwx"); // for GDB and piping - ap.addObjectRule("User", "r"); // for /usr/lib/debug access - ap.applyAndSwithToUser(peerCredentials.uid(), peerCredentials.gid()); + AppContext ctx(peerCredentials.label()); + ctx.allowAccessFrom("System", "rwx"); // for DBus connection + ctx.allowAccessFrom("System::Privileged", "rwx"); // for piping + ctx.allowAccessTo("System", "w"); + ctx.allowAccessTo("System::Privileged", "rwx"); // for GDB and piping + ctx.allowAccessTo("System::Run", "x"); + ctx.allowAccessTo("System::Shared", "rwx"); // for GDB + ctx.allowAccessTo("User", "r"); // for /usr/lib/debug access + ctx.apply(peerCredentials.uid(), peerCredentials.gid()); pipe.claimChildEp(); auto conn = createDBusConnection(requestedName); diff --git a/src/security-manager-tests/test_cases_credentials.cpp b/src/security-manager-tests/test_cases_credentials.cpp index 6571f9c..3a5a9d3 100644 --- a/src/security-manager-tests/test_cases_credentials.cpp +++ b/src/security-manager-tests/test_cases_credentials.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ #include #include -#include +#include #include #include #include @@ -60,8 +60,8 @@ private: void udsServer(SynchronizationPipe &pipe, const struct sockaddr_un &sockaddr, const struct ProcessCredentials &peerCredentials) { - SecurityServer::AccessProvider ap(peerCredentials.label()); - ap.applyAndSwithToUser(peerCredentials.uid(), peerCredentials.gid()); + AppContext ctx(peerCredentials.label()); + ctx.apply(peerCredentials.uid(), peerCredentials.gid()); pipe.claimChildEp(); int sock = UDSHelpers::createServer(&sockaddr); -- 2.7.4