From 87af6c581e244a70be027d6852f7b1265c88f214 Mon Sep 17 00:00:00 2001 From: Bartlomiej Grzelewski Date: Fri, 5 Feb 2016 17:41:05 +0100 Subject: [PATCH] Simplify error codes in project. Change-Id: I8cd78e66cd0e7ebda56f148b7bc52229b73f45c4 --- packaging/security-manager.spec | 1 + src/client/client-common.cpp | 2 +- src/client/client-offline.cpp | 2 +- src/client/client-security-manager.cpp | 210 +++++++++------------------------ src/common/connection.cpp | 52 ++++---- src/common/include/protocols.h | 80 +------------ src/common/service_impl.cpp | 202 +++++++++++++++---------------- src/include/CMakeLists.txt | 1 + src/include/security-manager-types.h | 126 ++++++++++++++++++++ src/include/security-manager.h | 85 +------------ src/server/service/service.cpp | 12 +- 11 files changed, 324 insertions(+), 449 deletions(-) create mode 100644 src/include/security-manager-types.h diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 4306b4f..fe33a0e 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -159,6 +159,7 @@ fi %{_libdir}/libsecurity-manager-client.so %{_libdir}/libsecurity-manager-commons.so %{_includedir}/security-manager/security-manager.h +%{_includedir}/security-manager/security-manager-types.h %{_libdir}/pkgconfig/security-manager.pc %files -n security-manager-policy diff --git a/src/client/client-common.cpp b/src/client/client-common.cpp index 3051cbc..72fb94d 100644 --- a/src/client/client-common.cpp +++ b/src/client/client-common.cpp @@ -64,7 +64,7 @@ int try_catch(const std::function& func) } catch (...) { LogError("Unknown exception occured"); } - return SECURITY_MANAGER_API_ERROR_UNKNOWN; + return SECURITY_MANAGER_ERROR_UNKNOWN; } } // namespace SecurityMANAGER diff --git a/src/client/client-offline.cpp b/src/client/client-offline.cpp index d60911d..159d28b 100644 --- a/src/client/client-offline.cpp +++ b/src/client/client-offline.cpp @@ -52,7 +52,7 @@ ClientOffline::ClientOffline() serviceLock->Unlock(); Serialization::Serialize(send, static_cast(SecurityModuleCall::NOOP)); retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogInfo("Socket activation attempt failed."); serviceLock->Lock(); offlineMode = serviceLock->Locked(); diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp index a5fdfdf..1727bbf 100644 --- a/src/client/client-security-manager.cpp +++ b/src/client/client-security-manager.cpp @@ -181,7 +181,7 @@ int security_manager_app_install(const app_inst_req *p_req) { using namespace SecurityManager; - return try_catch([&] { + return try_catch([&]() -> int { //checking parameters if (!p_req) return SECURITY_MANAGER_ERROR_INPUT_PARAM; @@ -208,27 +208,15 @@ int security_manager_app_install(const app_inst_req *p_req) //send buffer to server retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); } - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - return SECURITY_MANAGER_SUCCESS; - case SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED: - return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; - case SECURITY_MANAGER_API_ERROR_ACCESS_DENIED: - return SECURITY_MANAGER_ERROR_ACCESS_DENIED; - case SECURITY_MANAGER_API_ERROR_INPUT_PARAM: - return SECURITY_MANAGER_ERROR_INPUT_PARAM; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; - } - + return retval; }); } @@ -238,7 +226,7 @@ int security_manager_app_uninstall(const app_inst_req *p_req) using namespace SecurityManager; MessageBuffer send, recv; - return try_catch([&] { + return try_catch([&]() -> int { //checking parameters if (!p_req) return SECURITY_MANAGER_ERROR_INPUT_PARAM; @@ -251,17 +239,14 @@ int security_manager_app_uninstall(const app_inst_req *p_req) //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - if (retval != SECURITY_MANAGER_API_SUCCESS) - return SECURITY_MANAGER_ERROR_UNKNOWN; - - return SECURITY_MANAGER_SUCCESS;; + return retval; }); } @@ -273,7 +258,7 @@ int security_manager_get_app_pkgid(char **pkg_id, const char *app_id) LogDebug("security_manager_get_app_pkgid() called"); - return try_catch([&] { + return try_catch([&]() -> int { //checking parameters if (app_id == NULL) { @@ -292,15 +277,15 @@ int security_manager_get_app_pkgid(char **pkg_id, const char *app_id) //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogDebug("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - if (retval != SECURITY_MANAGER_API_SUCCESS) - return SECURITY_MANAGER_ERROR_UNKNOWN; + if (retval != SECURITY_MANAGER_SUCCESS) + return retval; std::string pkgIdString; Deserialization::Deserialize(recv, pkgIdString); @@ -395,7 +380,7 @@ int security_manager_set_process_label_from_appid(const char *app_id) appLabel = SecurityManager::SmackLabels::generateAppLabel(app_id); } catch (...) { LogError("Failed to generate smack label for appId: " << app_id); - return SECURITY_MANAGER_API_ERROR_NO_SUCH_OBJECT; + return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT; } if ((ret = setup_smack(appLabel.c_str())) != SECURITY_MANAGER_SUCCESS) { @@ -415,7 +400,7 @@ int security_manager_set_process_groups_from_appid(const char *app_id) LogDebug("security_manager_set_process_groups_from_appid() called"); - return try_catch([&] { + return try_catch([&]() -> int { //checking parameters if (app_id == nullptr) { @@ -429,16 +414,16 @@ int security_manager_set_process_groups_from_appid(const char *app_id) //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogDebug("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Failed to get list of groups from security-manager service. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //How many new groups? @@ -603,22 +588,15 @@ int security_manager_user_add(const user_req *p_req) //send buffer to server retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); } - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - return SECURITY_MANAGER_SUCCESS; - case SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED: - return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; - } + return retval; }); } @@ -629,7 +607,7 @@ int security_manager_user_delete(const user_req *p_req) MessageBuffer send, recv; if (!p_req) return SECURITY_MANAGER_ERROR_INPUT_PARAM; - return try_catch([&] { + return try_catch([&]() -> int { //put data into buffer Serialization::Serialize(send, static_cast(SecurityModuleCall::USER_DELETE), @@ -637,21 +615,14 @@ int security_manager_user_delete(const user_req *p_req) //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - return SECURITY_MANAGER_SUCCESS; - case SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED: - return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; - } + return retval; }); } @@ -696,23 +667,14 @@ int security_manager_policy_update_send(policy_update_req *p_req) //send it to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - return SECURITY_MANAGER_SUCCESS; - case SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED: - return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; - case SECURITY_MANAGER_API_ERROR_ACCESS_DENIED: - return SECURITY_MANAGER_ERROR_ACCESS_DENIED; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; - } + return retval; }); } @@ -730,21 +692,23 @@ static inline int security_manager_get_policy_internal( || p_filter == nullptr) return SECURITY_MANAGER_ERROR_INPUT_PARAM; - return try_catch([&] { + return try_catch([&]() -> int { //put request into buffer Serialization::Serialize(send, static_cast(call_type), *p_filter); //send it to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); switch (retval) { - case SECURITY_MANAGER_API_SUCCESS: { + default: + return retval; + case SECURITY_MANAGER_SUCCESS: { //extract and allocate buffers for privs policy entries int entriesCnt = 0; policy_entry **entries = nullptr; @@ -766,14 +730,6 @@ static inline int security_manager_get_policy_internal( *ppp_privs_policy = entries; return SECURITY_MANAGER_SUCCESS; } - case SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED: - return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; - - case SECURITY_MANAGER_API_ERROR_ACCESS_DENIED: - return SECURITY_MANAGER_ERROR_ACCESS_DENIED; - - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; } }); } @@ -927,31 +883,23 @@ int security_manager_policy_levels_get(char ***levels, size_t *levels_count) MessageBuffer send, recv; if (!levels || !levels_count) return SECURITY_MANAGER_ERROR_INPUT_PARAM; - return try_catch([&] { + return try_catch([&]() -> int { //put data into buffer Serialization::Serialize(send, static_cast(SecurityModuleCall::POLICY_GET_DESCRIPTIONS)); //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - // success - continue - break; - case SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY: - return SECURITY_MANAGER_ERROR_MEMORY; - case SECURITY_MANAGER_API_ERROR_INPUT_PARAM: - return SECURITY_MANAGER_ERROR_INPUT_PARAM; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; + if (retval != SECURITY_MANAGER_SUCCESS) { + return retval; } int count; @@ -997,31 +945,23 @@ int security_manager_groups_get(char ***groups, size_t *groups_count) MessageBuffer send, recv; if (!groups || !groups_count) return SECURITY_MANAGER_ERROR_INPUT_PARAM; - return try_catch([&] { + return try_catch([&]() -> int { //put data into buffer Serialization::Serialize(send, static_cast(SecurityModuleCall::GROUPS_GET)); //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - // success - continue - break; - case SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY: - return SECURITY_MANAGER_ERROR_MEMORY; - case SECURITY_MANAGER_API_ERROR_INPUT_PARAM: - return SECURITY_MANAGER_ERROR_INPUT_PARAM; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; + if (retval != SECURITY_MANAGER_SUCCESS) { + return retval; } std::vector vgroups; @@ -1140,28 +1080,20 @@ int security_manager_app_has_privilege(const char *app_id, const char *privilege { using namespace SecurityManager; MessageBuffer send, recv; - return try_catch([&] { + return try_catch([&]() -> int { Serialization::Serialize(send, static_cast(SecurityModuleCall::APP_HAS_PRIVILEGE), std::string(app_id), std::string(privilege), uid); int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } Deserialization::Deserialize(recv, retval); - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - // success - continue - break; - case SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY: - return SECURITY_MANAGER_ERROR_MEMORY; - case SECURITY_MANAGER_API_ERROR_INPUT_PARAM: - return SECURITY_MANAGER_ERROR_INPUT_PARAM; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; + if (retval != SECURITY_MANAGER_SUCCESS) { + return retval; } Deserialization::Deserialize(recv, *result); @@ -1235,7 +1167,7 @@ SECURITY_MANAGER_API int security_manager_private_sharing_apply(const private_sharing_req *p_req) { using namespace SecurityManager; - return try_catch([&] { + return try_catch([&]() -> int { if (!p_req) return SECURITY_MANAGER_ERROR_INPUT_PARAM; if (p_req->ownerAppId.empty() || p_req->targetAppId.empty() || p_req->paths.empty()) @@ -1249,27 +1181,14 @@ int security_manager_private_sharing_apply(const private_sharing_req *p_req) //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - return SECURITY_MANAGER_SUCCESS; - case SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY: - return SECURITY_MANAGER_ERROR_MEMORY; - case SECURITY_MANAGER_API_ERROR_INPUT_PARAM: - return SECURITY_MANAGER_ERROR_INPUT_PARAM; - case SECURITY_MANAGER_API_ERROR_APP_UNKNOWN: - return SECURITY_MANAGER_ERROR_APP_UNKNOWN; - case SECURITY_MANAGER_API_ERROR_APP_NOT_PATH_OWNER: - return SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; - } + return retval; }); } @@ -1277,7 +1196,7 @@ SECURITY_MANAGER_API int security_manager_private_sharing_drop(const private_sharing_req *p_req) { using namespace SecurityManager; - return try_catch([&] { + return try_catch([&]() -> int { if (!p_req) return SECURITY_MANAGER_ERROR_INPUT_PARAM; if (p_req->ownerAppId.empty() || p_req->targetAppId.empty() || p_req->paths.empty()) @@ -1291,27 +1210,14 @@ int security_manager_private_sharing_drop(const private_sharing_req *p_req) //send buffer to server int retval = sendToServer(SERVICE_SOCKET, send.Pop(), recv); - if (retval != SECURITY_MANAGER_API_SUCCESS) { + if (retval != SECURITY_MANAGER_SUCCESS) { LogError("Error in sendToServer. Error code: " << retval); - return SECURITY_MANAGER_ERROR_UNKNOWN; + return retval; } //receive response from server Deserialization::Deserialize(recv, retval); - switch(retval) { - case SECURITY_MANAGER_API_SUCCESS: - return SECURITY_MANAGER_SUCCESS; - case SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY: - return SECURITY_MANAGER_ERROR_MEMORY; - case SECURITY_MANAGER_API_ERROR_INPUT_PARAM: - return SECURITY_MANAGER_ERROR_INPUT_PARAM; - case SECURITY_MANAGER_API_ERROR_APP_UNKNOWN: - return SECURITY_MANAGER_ERROR_APP_UNKNOWN; - case SECURITY_MANAGER_API_ERROR_APP_NOT_PATH_OWNER: - return SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER; - default: - return SECURITY_MANAGER_ERROR_UNKNOWN; - } + return retval; }); } diff --git a/src/common/connection.cpp b/src/common/connection.cpp index e4dc9ee..104a8a2 100644 --- a/src/common/connection.cpp +++ b/src/common/connection.cpp @@ -87,7 +87,7 @@ public: if (m_sock < 0) { int err = errno; LogError("Error creating socket: " << strerror(err)); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } if ((flags = fcntl(m_sock, F_GETFL, 0)) < 0 || @@ -95,7 +95,7 @@ public: { int err = errno; LogError("Error in fcntl: " << strerror(err)); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } memset(&clientAddr, 0, sizeof(clientAddr)); @@ -104,7 +104,7 @@ public: if (strlen(interface) >= sizeof(clientAddr.sun_path)) { LogError("Error: interface name " << interface << "is too long. Max len is:" << sizeof(clientAddr.sun_path)); - return SECURITY_MANAGER_API_ERROR_NO_SUCH_SERVICE; + return SECURITY_MANAGER_ERROR_NO_SUCH_SERVICE; } strcpy(clientAddr.sun_path, interface); @@ -115,7 +115,7 @@ public: if ((retval == -1) && (errno == EINPROGRESS)) { if (0 >= waitForSocket(m_sock, POLLIN, POLL_TIMEOUT)) { LogError("Error in waitForSocket."); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } int error = 0; socklen_t len = sizeof(error); @@ -124,33 +124,33 @@ public: if (-1 == retval) { int err = errno; LogError("Error in getsockopt: " << strerror(err)); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } if (error == EACCES) { LogError("Access denied"); - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; } if (error != 0) { LogError("Error in connect: " << strerror(error)); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } if (-1 == retval) { int err = errno; LogError("Error connecting socket: " << strerror(err)); if (err == EACCES) - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; if (err == ENOTSOCK) - return SECURITY_MANAGER_API_ERROR_NO_SUCH_SERVICE; - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_NO_SUCH_SERVICE; + return SECURITY_MANAGER_ERROR_SOCKET; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int Get() { @@ -171,7 +171,7 @@ int sendToServer(char const * const interface, const RawBuffer &send, MessageBuf ssize_t done = 0; char buffer[2048]; - if (SECURITY_MANAGER_API_SUCCESS != (ret = sock.Connect(interface))) { + if (SECURITY_MANAGER_SUCCESS != (ret = sock.Connect(interface))) { LogError("Error in SockRAII"); return ret; } @@ -179,13 +179,13 @@ int sendToServer(char const * const interface, const RawBuffer &send, MessageBuf while ((send.size() - done) > 0) { if (0 >= waitForSocket(sock.Get(), POLLOUT, POLL_TIMEOUT)) { LogError("Error in poll(POLLOUT)"); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } ssize_t temp = TEMP_FAILURE_RETRY(write(sock.Get(), &send[done], send.size() - done)); if (-1 == temp) { int err = errno; LogError("Error in write: " << strerror(err)); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } done += temp; } @@ -193,24 +193,24 @@ int sendToServer(char const * const interface, const RawBuffer &send, MessageBuf do { if (0 >= waitForSocket(sock.Get(), POLLIN, POLL_TIMEOUT)) { LogError("Error in poll(POLLIN)"); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } ssize_t temp = TEMP_FAILURE_RETRY(read(sock.Get(), buffer, 2048)); if (-1 == temp) { int err = errno; LogError("Error in read: " << strerror(err)); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } if (0 == temp) { LogError("Read return 0/Connection closed by server(?)"); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } RawBuffer raw(buffer, buffer+temp); recv.Push(raw); } while(!recv.Ready()); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int sendToServerAncData(char const * const interface, const RawBuffer &send, struct msghdr &hdr) { @@ -218,7 +218,7 @@ int sendToServerAncData(char const * const interface, const RawBuffer &send, str SockRAII sock; ssize_t done = 0; - if (SECURITY_MANAGER_API_SUCCESS != (ret = sock.Connect(interface))) { + if (SECURITY_MANAGER_SUCCESS != (ret = sock.Connect(interface))) { LogError("Error in SockRAII"); return ret; } @@ -226,20 +226,20 @@ int sendToServerAncData(char const * const interface, const RawBuffer &send, str while ((send.size() - done) > 0) { if (0 >= waitForSocket(sock.Get(), POLLOUT, POLL_TIMEOUT)) { LogError("Error in poll(POLLOUT)"); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } ssize_t temp = TEMP_FAILURE_RETRY(write(sock.Get(), &send[done], send.size() - done)); if (-1 == temp) { int err = errno; LogError("Error in write: " << strerror(err)); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } done += temp; } if (0 >= waitForSocket(sock.Get(), POLLIN, POLL_TIMEOUT)) { LogError("Error in poll(POLLIN)"); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } ssize_t temp = TEMP_FAILURE_RETRY(recvmsg(sock.Get(), &hdr, MSG_CMSG_CLOEXEC)); @@ -247,15 +247,15 @@ int sendToServerAncData(char const * const interface, const RawBuffer &send, str if (temp < 0) { int err = errno; LogError("Error in recvmsg(): " << strerror(err) << " errno: " << err); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } if (0 == temp) { LogError("Read return 0/Connection closed by server(?)"); - return SECURITY_MANAGER_API_ERROR_SOCKET; + return SECURITY_MANAGER_ERROR_SOCKET; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } } // namespace SecurityManager diff --git a/src/common/include/protocols.h b/src/common/include/protocols.h index 1526f87..59a4540 100644 --- a/src/common/include/protocols.h +++ b/src/common/include/protocols.h @@ -30,85 +30,7 @@ #include #include #include -#include - -/** - * \name Return Codes - * exported by the foundation API. - * result codes begin with the start error code and extend into negative direction. - * @{ -*/ - -/*! \brief indicating the result of the one specific API is successful */ -#define SECURITY_MANAGER_API_SUCCESS 0 - -/*! \brief indicating the socket between client and Security Manager has been failed */ -#define SECURITY_MANAGER_API_ERROR_SOCKET -1 - -/*! \brief indicating the request to Security Manager is malformed */ -#define SECURITY_MANAGER_API_ERROR_BAD_REQUEST -2 - -/*! \brief indicating the response from Security Manager is malformed */ -#define SECURITY_MANAGER_API_ERROR_BAD_RESPONSE -3 - -/*! \brief indicating the requested service does not exist */ -#define SECURITY_MANAGER_API_ERROR_NO_SUCH_SERVICE -4 - -/*! \brief indicating requesting object is not exist */ -#define SECURITY_MANAGER_API_ERROR_NO_SUCH_OBJECT -6 - -/*! \brief indicating the authentication between client and server has been failed */ -#define SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED -7 - -/*! \brief indicating the API's input parameter is malformed */ -#define SECURITY_MANAGER_API_ERROR_INPUT_PARAM -8 - -/*! \brief indicating the output buffer size which is passed as parameter is too small */ -#define SECURITY_MANAGER_API_ERROR_BUFFER_TOO_SMALL -9 - -/*! \brief indicating system is running out of memory state */ -#define SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY -10 - -/*! \brief indicating the access has been denied by Security Manager */ -#define SECURITY_MANAGER_API_ERROR_ACCESS_DENIED -11 - -/*! \brief indicating Security Manager has been failed for some reason */ -#define SECURITY_MANAGER_API_ERROR_SERVER_ERROR -12 - -/*! \brief indicating getting smack label from socket failed */ -#define SECURITY_MANAGER_API_ERROR_GETTING_SOCKET_LABEL_FAILED -21 - -/*! \brief indicating getting smack label from file failed */ -#define SECURITY_MANAGER_API_ERROR_GETTING_FILE_LABEL_FAILED -22 - -/*! \brief indicating setting smack label for file failed */ -#define SECURITY_MANAGER_API_ERROR_SETTING_FILE_LABEL_FAILED -23 - -/*! \brief indicating file already exists */ -#define SECURITY_MANAGER_API_ERROR_FILE_EXIST -24 - -/*! \brief indicating file does not exist */ -#define SECURITY_MANAGER_API_ERROR_FILE_NOT_EXIST -25 - -/*! \brief indicating file open error */ -#define SECURITY_MANAGER_API_ERROR_FILE_OPEN_FAILED -26 - -/*! \brief indicating file creation error */ -#define SECURITY_MANAGER_API_ERROR_FILE_CREATION_FAILED -27 - -/*! \brief indicating file deletion error */ -#define SECURITY_MANAGER_API_ERROR_FILE_DELETION_FAILED -28 - -/*! \brief indicating that application is not present in the database */ -#define SECURITY_MANAGER_API_ERROR_APP_UNKNOWN -29 - -/*! \brief indicating that application is not owner of path */ -#define SECURITY_MANAGER_API_ERROR_APP_NOT_PATH_OWNER -30 - -/*! \brief indicating the error with unknown reason */ -#define SECURITY_MANAGER_API_ERROR_UNKNOWN -255 -/** @}*/ - +#include struct app_inst_req { std::string appId; diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp index ab15ba3..0636991 100644 --- a/src/common/service_impl.cpp +++ b/src/common/service_impl.cpp @@ -71,7 +71,7 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, if (policyEntry.appId.empty() || policyEntry.privilege.empty()) { LogError("Bad admin update request"); - return SECURITY_MANAGER_API_ERROR_BAD_REQUEST; + return SECURITY_MANAGER_ERROR_BAD_REQUEST; }; if (!policyEntry.maxLevel.compare(SECURITY_MANAGER_DELETE)) { @@ -81,7 +81,7 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, level = CynaraAdmin::getInstance().convertToPolicyType(policyEntry.maxLevel); } catch (const std::out_of_range& e) { LogError("policy max level cannot be: " << policyEntry.maxLevel); - return SECURITY_MANAGER_API_ERROR_INPUT_PARAM; + return SECURITY_MANAGER_ERROR_INPUT_PARAM; }; }; forAdmin = true; @@ -93,7 +93,7 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, || policyEntry.appId.empty() || policyEntry.privilege.empty()) { LogError("Bad privacy manager update request"); - return SECURITY_MANAGER_API_ERROR_BAD_REQUEST; + return SECURITY_MANAGER_ERROR_BAD_REQUEST; }; if (!policyEntry.currentLevel.compare(SECURITY_MANAGER_DELETE)) { @@ -103,13 +103,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, level = CynaraAdmin::getInstance().convertToPolicyType(policyEntry.currentLevel); } catch (const std::out_of_range& e) { LogError("policy current level cannot be: " << policyEntry.currentLevel); - return SECURITY_MANAGER_API_ERROR_INPUT_PARAM; + return SECURITY_MANAGER_ERROR_INPUT_PARAM; }; }; forAdmin = false; } else { //neither => bad request - return SECURITY_MANAGER_API_ERROR_BAD_REQUEST; + return SECURITY_MANAGER_ERROR_BAD_REQUEST; }; if (!policyEntry.user.compare(SECURITY_MANAGER_ANY)) @@ -126,7 +126,7 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr, (forAdmin)?CynaraAdmin::Buckets.at(Bucket::ADMIN):CynaraAdmin::Buckets.at(Bucket::PRIVACY_MANAGER))); LogDebug("Policy update request authenticated and validated successfully"); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } bool isTizen2XVersion(const std::string &version) @@ -294,7 +294,7 @@ int ServiceImpl::appInstall(const app_inst_req &req, uid_t uid) if (uid != req.uid) { LogError("User " << uid << " is denied to install application for user " << req.uid); - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; } } else { if (req.uid) @@ -304,7 +304,7 @@ int ServiceImpl::appInstall(const app_inst_req &req, uid_t uid) if (!installRequestAuthCheck(req, uid, appPath)) { LogError("Request from uid " << uid << " for app installation denied"); - return SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED; + return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; } try { @@ -323,7 +323,7 @@ int ServiceImpl::appInstall(const app_inst_req &req, uid_t uid) if (ret == true && pkg != req.pkgId) { LogError("Application already installed with different package id"); PrivilegeDb::getInstance().RollbackTransaction(); - return SECURITY_MANAGER_API_ERROR_INPUT_PARAM; + return SECURITY_MANAGER_ERROR_INPUT_PARAM; } PrivilegeDb::getInstance().AddApplication(req.appId, req.pkgId, uid, req.tizenVersion, req.authorId); @@ -343,23 +343,23 @@ int ServiceImpl::appInstall(const app_inst_req &req, uid_t uid) LogDebug("Application installation commited to database"); } catch (const PrivilegeDb::Exception::IOError &e) { LogError("Cannot access application database: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const PrivilegeDb::Exception::InternalError &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Error while saving application info to database: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const CynaraException::Base &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Error while setting Cynara rules for application: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const SmackException::InvalidLabel &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Error while generating Smack labels: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Memory allocation while setting Cynara rules for application: " << e.what()); - return SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + return SECURITY_MANAGER_ERROR_MEMORY; } try { @@ -378,19 +378,19 @@ int ServiceImpl::appInstall(const app_inst_req &req, uid_t uid) SmackRules::installApplicationRules(req.appId, req.pkgId, authorId, pkgContents, allTizen2XApps, allTizen2XPackages); } catch (const SmackException::InvalidParam &e) { LogError("Invalid paramater during labeling: " << e.GetMessage()); - return SECURITY_MANAGER_API_ERROR_INPUT_PARAM; + return SECURITY_MANAGER_ERROR_INPUT_PARAM; } catch (const SmackException::Base &e) { LogError("Error while applying Smack policy for application: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SETTING_FILE_LABEL_FAILED; + return SECURITY_MANAGER_ERROR_SETTING_FILE_LABEL_FAILED; } catch (const SecurityManager::Exception &e) { LogError("Security Manager exception: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation error: " << e.what()); - return SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + return SECURITY_MANAGER_ERROR_MEMORY; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::appUninstall(const std::string &appId, uid_t uid) @@ -441,23 +441,23 @@ int ServiceImpl::appUninstall(const std::string &appId, uid_t uid) } } catch (const PrivilegeDb::Exception::IOError &e) { LogError("Cannot access application database: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const PrivilegeDb::Exception::InternalError &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Error while removing application info from database: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const CynaraException::Base &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Error while setting Cynara rules for application: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const SmackException::InvalidLabel &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Error while generating Smack labels: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { PrivilegeDb::getInstance().RollbackTransaction(); LogError("Memory allocation while setting Cynara rules for application: " << e.what()); - return SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + return SECURITY_MANAGER_ERROR_MEMORY; } if (appExists) { @@ -479,14 +479,14 @@ int ServiceImpl::appUninstall(const std::string &appId, uid_t uid) } catch (const SmackException::Base &e) { LogError("Error while removing Smack rules for application: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SETTING_FILE_LABEL_FAILED; + return SECURITY_MANAGER_ERROR_SETTING_FILE_LABEL_FAILED; } catch (const std::bad_alloc &e) { LogError("Memory allocation error: " << e.what()); - return SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + return SECURITY_MANAGER_ERROR_MEMORY; } } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::getPkgId(const std::string &appId, std::string &pkgId) @@ -496,16 +496,16 @@ int ServiceImpl::getPkgId(const std::string &appId, std::string &pkgId) try { if (!PrivilegeDb::getInstance().GetAppPkgId(appId, pkgId)) { LogWarning("Application " << appId << " not found in database"); - return SECURITY_MANAGER_API_ERROR_NO_SUCH_OBJECT; + return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT; } else { LogDebug("pkgId: " << pkgId); } } catch (const PrivilegeDb::Exception::Base &e) { LogError("Error while getting pkgId from database: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::getAppGroups( @@ -524,7 +524,7 @@ int ServiceImpl::getAppGroups( if (!PrivilegeDb::getInstance().GetAppPkgId(appId, pkgId)) { LogWarning("Application " << appId << " not found in database"); - return SECURITY_MANAGER_API_ERROR_NO_SUCH_OBJECT; + return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT; } LogDebug("pkgId: " << pkgId); @@ -563,39 +563,39 @@ int ServiceImpl::getAppGroups( } } catch (const PrivilegeDb::Exception::Base &e) { LogError("Database error: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const CynaraException::Base &e) { LogError("Error while querying Cynara for permissions: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const SmackException::InvalidLabel &e) { LogError("Error while generating Smack labels: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation failed: " << e.what()); - return SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + return SECURITY_MANAGER_ERROR_MEMORY; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::userAdd(uid_t uidAdded, int userType, uid_t uid) { if (uid != 0) - return SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED; + return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; try { CynaraAdmin::getInstance().UserInit(uidAdded, static_cast(userType)); } catch (CynaraException::InvalidParam &e) { - return SECURITY_MANAGER_API_ERROR_INPUT_PARAM; + return SECURITY_MANAGER_ERROR_INPUT_PARAM; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::userDelete(uid_t uidDeleted, uid_t uid) { - int ret = SECURITY_MANAGER_API_SUCCESS; + int ret = SECURITY_MANAGER_SUCCESS; if (uid != 0) - return SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED; + return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; /*Uninstall all user apps*/ std::vector userApps; @@ -603,14 +603,14 @@ int ServiceImpl::userDelete(uid_t uidDeleted, uid_t uid) PrivilegeDb::getInstance().GetUserApps(uidDeleted, userApps); } catch (const PrivilegeDb::Exception::Base &e) { LogError("Error while getting user apps from database: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } for (auto &app: userApps) { - if (appUninstall(app, uidDeleted) != SECURITY_MANAGER_API_SUCCESS) { + if (appUninstall(app, uidDeleted) != SECURITY_MANAGER_SUCCESS) { /*if uninstallation of this app fails, just go on trying to uninstall another ones. we do not have anything special to do about that matter - user will be deleted anyway.*/ - ret = SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + ret = SECURITY_MANAGER_ERROR_SERVER_ERROR; } } @@ -633,12 +633,12 @@ int ServiceImpl::policyUpdate(const std::vector &policyEntries, ui if (policyEntries.size() == 0) { LogError("Validation failed: policy update request is empty"); - return SECURITY_MANAGER_API_ERROR_BAD_REQUEST; + return SECURITY_MANAGER_ERROR_BAD_REQUEST; }; if (!Cynara::getInstance().check(smackLabel, SELF_PRIVILEGE, uidStr, pidStr)) { LogError("Not enough permission to call: " << __FUNCTION__); - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; }; std::vector validatedPolicies; @@ -652,13 +652,13 @@ int ServiceImpl::policyUpdate(const std::vector &policyEntries, ui isAdmin = Cynara::getInstance().check(smackLabel, ADMIN_PRIVILEGE, uidStr, pidStr)?IS_ADMIN:IS_NOT_ADMIN; }; - if (ret == SECURITY_MANAGER_API_SUCCESS) { + if (ret == SECURITY_MANAGER_SUCCESS) { if (!forAdmin || (forAdmin && (isAdmin == IS_ADMIN))) { validatedPolicies.push_back(std::move(cyap)); } else { LogError("Not enough privilege to enforce admin policy"); - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; }; } else @@ -670,13 +670,13 @@ int ServiceImpl::policyUpdate(const std::vector &policyEntries, ui } catch (const CynaraException::Base &e) { LogError("Error while updating Cynara rules: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation error while updating Cynara rules: " << e.what()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::getConfiguredPolicy(bool forAdmin, const policy_entry &filter, uid_t uid, pid_t pid, @@ -688,7 +688,7 @@ int ServiceImpl::getConfiguredPolicy(bool forAdmin, const policy_entry &filter, if (!Cynara::getInstance().check(smackLabel, SELF_PRIVILEGE, uidStr, pidStr)) { LogError("Not enough permission to call: " << __FUNCTION__); - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; }; LogDebug("Filter is: C: " << filter.appId @@ -710,7 +710,7 @@ int ServiceImpl::getConfiguredPolicy(bool forAdmin, const policy_entry &filter, if (forAdmin) { if (!Cynara::getInstance().check(smackLabel, ADMIN_PRIVILEGE, uidStr, pidStr)) { LogError("Not enough privilege to access admin enforced policies: " << __FUNCTION__); - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; }; //Fetch privileges from ADMIN bucket @@ -776,17 +776,17 @@ int ServiceImpl::getConfiguredPolicy(bool forAdmin, const policy_entry &filter, } catch (const CynaraException::Base &e) { LogError("Error while listing Cynara rules: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const SmackException::InvalidLabel &e) { LogError("Error while generating Smack labels: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation error while listing Cynara rules: " << e.what()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::getPolicy(const policy_entry &filter, uid_t uid, pid_t pid, const std::string &smackLabel, std::vector &policyEntries) @@ -797,7 +797,7 @@ int ServiceImpl::getPolicy(const policy_entry &filter, uid_t uid, pid_t pid, con if (!Cynara::getInstance().check(smackLabel, SELF_PRIVILEGE, uidStr, pidStr)) { LogWarning("Not enough permission to call: " << __FUNCTION__); - return SECURITY_MANAGER_API_ERROR_ACCESS_DENIED; + return SECURITY_MANAGER_ERROR_ACCESS_DENIED; }; LogDebug("Filter is: C: " << filter.appId @@ -895,36 +895,36 @@ int ServiceImpl::getPolicy(const policy_entry &filter, uid_t uid, pid_t pid, con } catch (const CynaraException::Base &e) { LogError("Error while listing Cynara rules: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const SmackException::InvalidLabel &e) { LogError("Error while generating Smack labels: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation error while listing Cynara rules: " << e.what()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } int ServiceImpl::policyGetDesc(std::vector &levels) { - int ret = SECURITY_MANAGER_API_SUCCESS; + int ret = SECURITY_MANAGER_SUCCESS; try { CynaraAdmin::getInstance().ListPoliciesDescriptions(levels); } catch (const CynaraException::OutOfMemory &e) { LogError("Error - out of memory while querying Cynara for policy descriptions list: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + return SECURITY_MANAGER_ERROR_MEMORY; } catch (const CynaraException::InvalidParam &e) { LogError("Error - invalid parameter while querying Cynara for policy descriptions list: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_INPUT_PARAM; + return SECURITY_MANAGER_ERROR_INPUT_PARAM; } catch (const CynaraException::ServiceNotAvailable &e) { LogError("Error - service not available while querying Cynara for policy descriptions list: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_NO_SUCH_SERVICE; + return SECURITY_MANAGER_ERROR_NO_SUCH_SERVICE; } catch (const CynaraException::Base &e) { LogError("Error while getting policy descriptions list from Cynara: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } return ret; @@ -932,13 +932,13 @@ int ServiceImpl::policyGetDesc(std::vector &levels) int ServiceImpl::policyGetGroups(std::vector &groups) { - int ret = SECURITY_MANAGER_API_SUCCESS; + int ret = SECURITY_MANAGER_SUCCESS; try { PrivilegeDb::getInstance().GetGroups(groups); } catch (const PrivilegeDb::Exception::Base &e) { LogError("Error while getting groups from database: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } return ret; @@ -957,18 +957,18 @@ int ServiceImpl::appHasPrivilege( LogDebug("result = " << result); } catch (const CynaraException::Base &e) { LogError("Error while querying Cynara for permissions: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const SmackException::InvalidLabel &e) { LogError("Error while generating Smack labels: " << e.DumpToString()); - return SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation failed: " << e.what()); - return SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + return SECURITY_MANAGER_ERROR_MEMORY; } catch (...) { LogError("Unknown exception thrown"); - return SECURITY_MANAGER_API_ERROR_UNKNOWN; + return SECURITY_MANAGER_ERROR_UNKNOWN; } - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } @@ -987,7 +987,7 @@ int ServiceImpl::dropOnePrivateSharing( PrivilegeDb::getInstance().GetPathSharingCount(path, pathCount); PrivilegeDb::getInstance().GetOwnerTargetSharingCount(ownerAppId, targetAppId, ownerTargetCount); if (targetPathCount > 0) { - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } if (pathCount < 1) { SmackLabels::setupPath(ownerPkgId, path, SECURITY_MANAGER_PATH_RW); @@ -995,19 +995,19 @@ int ServiceImpl::dropOnePrivateSharing( std::string pathLabel = SmackLabels::generateSharedPrivateLabel(ownerPkgId, path); SmackRules::dropPrivateSharingRules(ownerPkgId, ownerPkgContents, targetAppId, pathLabel, pathCount < 1, ownerTargetCount < 1); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } catch (const SmackException::Base &e) { LogError("Error performing smack operation: " << e.GetMessage()); - errorRet = SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + errorRet = SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation failed: " << e.what()); - errorRet = SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + errorRet = SECURITY_MANAGER_ERROR_MEMORY; } catch (const std::exception &e) { LogError("Some exception thrown : " << e.what()); - errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN; + errorRet = SECURITY_MANAGER_ERROR_UNKNOWN; } catch (...) { LogError("Unknown exception thrown"); - errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN; + errorRet = SECURITY_MANAGER_ERROR_UNKNOWN; } return errorRet; } @@ -1026,11 +1026,11 @@ int ServiceImpl::applyPrivatePathSharing( std::string targetPkgId; if (!PrivilegeDb::getInstance().GetAppPkgId(ownerAppId, ownerPkgId)) { LogError(ownerAppId << " is not an installed application"); - return SECURITY_MANAGER_API_ERROR_APP_UNKNOWN; + return SECURITY_MANAGER_ERROR_APP_UNKNOWN; } if (!PrivilegeDb::getInstance().GetAppPkgId(targetAppId, targetPkgId)) { LogError(targetAppId << " is not an installed application"); - return SECURITY_MANAGER_API_ERROR_APP_UNKNOWN; + return SECURITY_MANAGER_ERROR_APP_UNKNOWN; } for(const auto &path : paths) { @@ -1040,18 +1040,18 @@ int ServiceImpl::applyPrivatePathSharing( if (generatedPathLabel != pathLabel) { LogError("Path " << path << " has label " << pathLabel << " and dosen't belong" " to application " << ownerAppId); - return SECURITY_MANAGER_API_ERROR_APP_NOT_PATH_OWNER; + return SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER; } } } if (ownerAppId == targetAppId) { LogDebug("Owner application is the same as target application"); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } if (ownerPkgId == targetPkgId) { LogDebug("Owner and target belong to the same package"); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } ScopedTransaction trans; PrivilegeDb::getInstance().GetAppIdsForPkgId(ownerPkgId, pkgContents); @@ -1075,19 +1075,19 @@ int ServiceImpl::applyPrivatePathSharing( pathLabel, (pathCount > 0), (ownerTargetCount > 0)); } trans.commit(); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } catch (const SmackException::Base &e) { LogError("Error performing smack operation: " << e.GetMessage()); - errorRet = SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + errorRet = SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation failed: " << e.what()); - errorRet = SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + errorRet = SECURITY_MANAGER_ERROR_MEMORY; } catch (const std::exception &e) { LogError("Some exception thrown : " << e.what()); - errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN; + errorRet = SECURITY_MANAGER_ERROR_UNKNOWN; } catch (...) { LogError("Unknown exception thrown"); - errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN; + errorRet = SECURITY_MANAGER_ERROR_UNKNOWN; } for (int i = 0; i < sharingAdded; i++) { const std::string &path = paths[i]; @@ -1106,11 +1106,11 @@ int ServiceImpl::dropPrivatePathSharing( std::string ownerPkgId, targetPkgId; if (!PrivilegeDb::getInstance().GetAppPkgId(ownerAppId, ownerPkgId)) { LogError(ownerAppId << " is not an installed application"); - return SECURITY_MANAGER_API_ERROR_APP_UNKNOWN; + return SECURITY_MANAGER_ERROR_APP_UNKNOWN; } if (!PrivilegeDb::getInstance().GetAppPkgId(targetAppId, targetPkgId)) { LogError(targetAppId << " is not an installed application"); - return SECURITY_MANAGER_API_ERROR_APP_UNKNOWN; + return SECURITY_MANAGER_ERROR_APP_UNKNOWN; } for(const auto &path : paths) { @@ -1120,18 +1120,18 @@ int ServiceImpl::dropPrivatePathSharing( if (generatedPathLabel != pathLabel) { LogError("Path " << path << " has label " << pathLabel << " and dosen't belong" " to application " << ownerAppId); - return SECURITY_MANAGER_API_ERROR_APP_NOT_PATH_OWNER; + return SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER; } } } if (ownerAppId == targetAppId) { LogDebug("Owner application is the same as target application"); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } if (ownerPkgId == targetPkgId) { LogDebug("Owner and target belong to the same package"); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } std::vector pkgContents; @@ -1139,24 +1139,24 @@ int ServiceImpl::dropPrivatePathSharing( ScopedTransaction trans; for (const auto &path : paths) { int ret = dropOnePrivateSharing(ownerAppId, ownerPkgId, pkgContents, targetAppId, path); - if (ret != SECURITY_MANAGER_API_SUCCESS) { + if (ret != SECURITY_MANAGER_SUCCESS) { return ret; } } trans.commit(); - return SECURITY_MANAGER_API_SUCCESS; + return SECURITY_MANAGER_SUCCESS; } catch (const SmackException::Base &e) { LogError("Error performing smack operation: " << e.GetMessage()); - errorRet = SECURITY_MANAGER_API_ERROR_SERVER_ERROR; + errorRet = SECURITY_MANAGER_ERROR_SERVER_ERROR; } catch (const std::bad_alloc &e) { LogError("Memory allocation failed: " << e.what()); - errorRet = SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY; + errorRet = SECURITY_MANAGER_ERROR_MEMORY; } catch (const std::exception &e) { LogError("Some exception thrown : " << e.what()); - errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN; + errorRet = SECURITY_MANAGER_ERROR_UNKNOWN; } catch (...) { LogError("Unknown exception thrown"); - errorRet = SECURITY_MANAGER_API_ERROR_UNKNOWN; + errorRet = SECURITY_MANAGER_ERROR_UNKNOWN; } return errorRet; } diff --git a/src/include/CMakeLists.txt b/src/include/CMakeLists.txt index 6f9a45f..353a159 100644 --- a/src/include/CMakeLists.txt +++ b/src/include/CMakeLists.txt @@ -1,4 +1,5 @@ INSTALL(FILES ${INCLUDE_PATH}/security-manager.h + ${INCLUDE_PATH}/security-manager-types.h DESTINATION ${INCLUDE_INSTALL_DIR}/security-manager ) diff --git a/src/include/security-manager-types.h b/src/include/security-manager-types.h new file mode 100644 index 0000000..0acf328 --- /dev/null +++ b/src/include/security-manager-types.h @@ -0,0 +1,126 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Rafal Krypa + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + * + * Security Manager library header + */ +/* + * @file security-manager-types.h + * @author Pawel Polawski (p.polawski@samsung.com) + * @version 1.0 + * @brief This file contains header of security-manager API + */ +#ifndef SECURITY_MANAGER_TYPES_H_ +#define SECURITY_MANAGER_TYPES_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +/*! \brief return code of API functions */ +enum lib_retcode { + SECURITY_MANAGER_SUCCESS, + SECURITY_MANAGER_ERROR_UNKNOWN, + SECURITY_MANAGER_ERROR_INPUT_PARAM, + SECURITY_MANAGER_ERROR_MEMORY, + SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE, + SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED, + SECURITY_MANAGER_ERROR_ACCESS_DENIED, + SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT, + SECURITY_MANAGER_ERROR_APP_UNKNOWN, + SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER, + SECURITY_MANAGER_ERROR_SOCKET, + SECURITY_MANAGER_ERROR_BAD_REQUEST, + SECURITY_MANAGER_ERROR_NO_SUCH_SERVICE, + SECURITY_MANAGER_ERROR_SERVER_ERROR, + SECURITY_MANAGER_ERROR_SETTING_FILE_LABEL_FAILED, +}; + +/*! \brief accesses types for application installation paths*/ +enum app_install_path_type { + //! RO access for all applications + SECURITY_MANAGER_PATH_PUBLIC_RO, + //! RW access for given application package + SECURITY_MANAGER_PATH_RW, + //! RO access for given application package + SECURITY_MANAGER_PATH_RO, + //! RW access for the owner, RO for other 2.X applications + //! (other 3.0 apps will not have access to the shared folder) + SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, + //! RW access for application packages coming from the same author + SECURITY_MANAGER_PATH_TRUSTED_RW, + //! this is only for range limit + SECURITY_MANAGER_ENUM_END +}; + +/** + * This enum has values equivalent to gumd user type. + * The gum-utils help states that + * "usertype can be system(1), admin(2), guest(3), normal(4)." + */ +enum security_manager_user_type { + SM_USER_TYPE_NONE = 0,/*<-this should not be used, if it is used, there will be an error returned by SM*/ + SM_USER_TYPE_SYSTEM = 1, + SM_USER_TYPE_ADMIN = 2, + SM_USER_TYPE_GUEST = 3, + SM_USER_TYPE_NORMAL = 4, + SM_USER_TYPE_ANY = 5,/*<-this value may be used only for setting policies and not during user adding*/ + SM_USER_TYPE_END +}; +typedef enum security_manager_user_type security_manager_user_type; + +/*! \brief data structure responsible for handling informations + * required to install / uninstall application */ +struct app_inst_req; +typedef struct app_inst_req app_inst_req; + +/*! \brief data structure responsible for handling informations + * required to manage users */ +struct user_req; +typedef struct user_req user_req; + +/*! \brief data structure responsible for handling policy updates + * required to manage users' and applications' permissions */ +struct policy_update_req; +typedef struct policy_update_req policy_update_req; + +/*! \brief data structure responsible for handling single policy entry*/ +struct policy_entry; +typedef struct policy_entry policy_entry; + +/*! brief data structure responsible for handling informations required to apply / drop + * private sharing between applications */ +struct private_sharing_req; +typedef struct private_sharing_req private_sharing_req; + +/*! \brief wildcard to be used in requests to match all possible values of given field. + * Use it, for example when it is desired to list or apply policy change for all + * users or all apps for selected user. + */ +#define SECURITY_MANAGER_ANY "#" + +/*! \brief value denoting delete operation on specific policy. It can only be used + * in update policy operation, passed to either security_manager_policy_entry_admin_set_level + * or security_manager_policy_entry_set_level. + */ +#define SECURITY_MANAGER_DELETE "DELETE" + +#ifdef __cplusplus +} +#endif + +#endif /* SECURITY_MANAGER_TYPES_H_ */ + diff --git a/src/include/security-manager.h b/src/include/security-manager.h index 3eacd28..2d990f5 100644 --- a/src/include/security-manager.h +++ b/src/include/security-manager.h @@ -29,93 +29,12 @@ #include +#include "security-manager-types.h" + #ifdef __cplusplus extern "C" { #endif -/*! \brief return code of API functions */ -enum lib_retcode { - SECURITY_MANAGER_SUCCESS, - SECURITY_MANAGER_ERROR_UNKNOWN, - SECURITY_MANAGER_ERROR_INPUT_PARAM, - SECURITY_MANAGER_ERROR_MEMORY, - SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE, - SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED, - SECURITY_MANAGER_ERROR_ACCESS_DENIED, - SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT, - SECURITY_MANAGER_ERROR_APP_UNKNOWN, - SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER -}; - -/*! \brief accesses types for application installation paths*/ -enum app_install_path_type { - //! RO access for all applications - SECURITY_MANAGER_PATH_PUBLIC_RO, - //! RW access for given application package - SECURITY_MANAGER_PATH_RW, - //! RO access for given application package - SECURITY_MANAGER_PATH_RO, - //! RW access for the owner, RO for other 2.X applications - //! (other 3.0 apps will not have access to the shared folder) - SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO, - //! RW access for application packages coming from the same author - SECURITY_MANAGER_PATH_TRUSTED_RW, - //! this is only for range limit - SECURITY_MANAGER_ENUM_END -}; - -/** - * This enum has values equivalent to gumd user type. - * The gum-utils help states that - * "usertype can be system(1), admin(2), guest(3), normal(4)." - */ -enum security_manager_user_type { - SM_USER_TYPE_NONE = 0,/*<-this should not be used, if it is used, there will be an error returned by SM*/ - SM_USER_TYPE_SYSTEM = 1, - SM_USER_TYPE_ADMIN = 2, - SM_USER_TYPE_GUEST = 3, - SM_USER_TYPE_NORMAL = 4, - SM_USER_TYPE_ANY = 5,/*<-this value may be used only for setting policies and not during user adding*/ - SM_USER_TYPE_END -}; -typedef enum security_manager_user_type security_manager_user_type; - -/*! \brief data structure responsible for handling informations - * required to install / uninstall application */ -struct app_inst_req; -typedef struct app_inst_req app_inst_req; - -/*! \brief data structure responsible for handling informations - * required to manage users */ -struct user_req; -typedef struct user_req user_req; - -/*! \brief data structure responsible for handling policy updates - * required to manage users' and applications' permissions */ -struct policy_update_req; -typedef struct policy_update_req policy_update_req; - -/*! \brief data structure responsible for handling single policy entry*/ -struct policy_entry; -typedef struct policy_entry policy_entry; - -/*! brief data structure responsible for handling informations required to apply / drop - * private sharing between applications */ -struct private_sharing_req; -typedef struct private_sharing_req private_sharing_req; - -/*! \brief wildcard to be used in requests to match all possible values of given field. - * Use it, for example when it is desired to list or apply policy change for all - * users or all apps for selected user. - */ -#define SECURITY_MANAGER_ANY "#" - -/*! \brief value denoting delete operation on specific policy. It can only be used - * in update policy operation, passed to either security_manager_policy_entry_admin_set_level - * or security_manager_policy_entry_set_level. - */ -#define SECURITY_MANAGER_DELETE "DELETE" - /** * This function translates lib_retcode error codes to strings describing * errors. diff --git a/src/server/service/service.cpp b/src/server/service/service.cpp index aa9424b..64b79f2 100644 --- a/src/server/service/service.cpp +++ b/src/server/service/service.cpp @@ -84,7 +84,7 @@ bool Service::processOne(const ConnectionID &conn, MessageBuffer &buffer, switch (call_type) { case SecurityModuleCall::NOOP: LogDebug("call_type: SecurityModuleCall::NOOP"); - Serialization::Serialize(send, SECURITY_MANAGER_API_SUCCESS); + Serialization::Serialize(send, static_cast(SECURITY_MANAGER_SUCCESS)); break; case SecurityModuleCall::APP_INSTALL: LogDebug("call_type: SecurityModuleCall::APP_INSTALL"); @@ -195,7 +195,7 @@ void Service::processGetPkgId(MessageBuffer &buffer, MessageBuffer &send) Deserialization::Deserialize(buffer, appId); ret = serviceImpl.getPkgId(appId, pkgId); Serialization::Serialize(send, ret); - if (ret == SECURITY_MANAGER_API_SUCCESS) + if (ret == SECURITY_MANAGER_SUCCESS) Serialization::Serialize(send, pkgId); } @@ -208,7 +208,7 @@ void Service::processGetAppGroups(MessageBuffer &buffer, MessageBuffer &send, ui Deserialization::Deserialize(buffer, appId); ret = serviceImpl.getAppGroups(appId, uid, pid, gids); Serialization::Serialize(send, ret); - if (ret == SECURITY_MANAGER_API_SUCCESS) { + if (ret == SECURITY_MANAGER_SUCCESS) { Serialization::Serialize(send, static_cast(gids.size())); for (const auto &gid : gids) { Serialization::Serialize(send, gid); @@ -291,7 +291,7 @@ void Service::processPolicyGetDesc(MessageBuffer &send) ret = serviceImpl.policyGetDesc(descriptions); Serialization::Serialize(send, ret); - if (ret == SECURITY_MANAGER_API_SUCCESS) { + if (ret == SECURITY_MANAGER_SUCCESS) { Serialization::Serialize(send, static_cast(descriptions.size())); for(std::vector::size_type i = 0; i != descriptions.size(); i++) { @@ -306,7 +306,7 @@ void Service::processGroupsGet(MessageBuffer &send) int ret = serviceImpl.policyGetGroups(groups); Serialization::Serialize(send, ret); - if (ret == SECURITY_MANAGER_API_SUCCESS) { + if (ret == SECURITY_MANAGER_SUCCESS) { Serialization::Serialize(send, groups); } } @@ -325,7 +325,7 @@ void Service::processAppHasPrivilege(MessageBuffer &recv, MessageBuffer &send) int ret = serviceImpl.appHasPrivilege(appId, privilege, uid, result); Serialization::Serialize(send, ret); - if (ret == SECURITY_MANAGER_API_SUCCESS) + if (ret == SECURITY_MANAGER_SUCCESS) Serialization::Serialize(send, static_cast(result)); } -- 2.7.4