From 90562a3a8775ec8318f2d302c63ac464cbd45800 Mon Sep 17 00:00:00 2001
From: Tomasz Swierczek <t.swierczek@samsung.com>
Date: Wed, 25 May 2016 11:50:56 +0200
Subject: [PATCH] Fix issues with local user app instalaltion and inotify file
 watches.

Added per-user context to usage of tzplatform-config.

Change-Id: I20b145169d056bbbd3683713167c9b9655bdcbbd
---
 src/client/client-label-monitor.cpp    | 22 ++++++++++++++--------
 src/common/include/permissible-set.h   |  5 +++--
 src/common/include/tzplatform-config.h |  9 ++++++++-
 src/common/permissible-set.cpp         | 13 ++++++++-----
 src/common/tzplatform-config.cpp       | 20 +++++++++++++++++++-
 5 files changed, 52 insertions(+), 17 deletions(-)

diff --git a/src/client/client-label-monitor.cpp b/src/client/client-label-monitor.cpp
index 96aa4e5..675ff1a 100644
--- a/src/client/client-label-monitor.cpp
+++ b/src/client/client-label-monitor.cpp
@@ -55,6 +55,7 @@ struct app_labels_monitor {
     int user_labels_file_watch;
     bool fresh;
     std::string user_label_file_path;
+    std::string global_label_file_path;
     app_labels_monitor() : inotify(-1), global_labels_file_watch(-1), user_labels_file_watch(-1),
                            fresh(true) {}
 };
@@ -107,10 +108,6 @@ int security_manager_app_labels_monitor_init(app_labels_monitor **monitor)
         }
         int ret;
         lib_retcode ret_lib;
-        const std::string globalFile =
-            PermissibleSet::getPerrmissibleFileLocation(SM_APP_INSTALL_GLOBAL);
-        const std::string userFile =
-            PermissibleSet::getPerrmissibleFileLocation(SM_APP_INSTALL_LOCAL);
 
         *monitor = nullptr;
 
@@ -119,6 +116,14 @@ int security_manager_app_labels_monitor_init(app_labels_monitor **monitor)
             LogError("Bad memory allocation for app_labels_monitor");
             return SECURITY_MANAGER_ERROR_MEMORY;
         }
+
+        uid_t uid = getuid();
+        const std::string globalFile =
+            PermissibleSet::getPerrmissibleFileLocation(uid, SM_APP_INSTALL_GLOBAL);
+        const std::string userFile =
+            PermissibleSet::getPerrmissibleFileLocation(uid, SM_APP_INSTALL_LOCAL);
+
+
         ret = inotify_init();
         if (ret == -1) {
             LogError("Inotify init failed: " << GetErrnoString(errno));
@@ -136,6 +141,7 @@ int security_manager_app_labels_monitor_init(app_labels_monitor **monitor)
             return ret_lib;
         }
         m->user_label_file_path = userFile;
+        m->global_label_file_path = globalFile;
         *monitor = m.release();
         return SECURITY_MANAGER_SUCCESS;
     });
@@ -211,8 +217,6 @@ int security_manager_app_labels_monitor_process(app_labels_monitor *monitor)
             LogWarning("Error input param \"monitor\"");
             return SECURITY_MANAGER_ERROR_INPUT_PARAM;
         }
-        const std::string globalFile =
-            PermissibleSet::getPerrmissibleFileLocation(SM_APP_INSTALL_GLOBAL);
 
         if (monitor->inotify == -1 || monitor->global_labels_file_watch == -1 ||
             monitor->user_labels_file_watch == -1) {
@@ -222,7 +226,8 @@ int security_manager_app_labels_monitor_process(app_labels_monitor *monitor)
 
         if (monitor->fresh) {
             monitor->fresh = false;
-            return apply_relabel_list(globalFile, monitor->user_label_file_path);
+            return apply_relabel_list(monitor->global_label_file_path,
+                   monitor->user_label_file_path);
         }
 
         int avail;
@@ -252,7 +257,8 @@ int security_manager_app_labels_monitor_process(app_labels_monitor *monitor)
                 ((event.wd == monitor->global_labels_file_watch) ||
                  (event.wd == monitor->user_labels_file_watch))
                ){
-                lib_retcode r = apply_relabel_list(globalFile, monitor->user_label_file_path);
+                lib_retcode r = apply_relabel_list(monitor->global_label_file_path,
+                                                   monitor->user_label_file_path);
                 if (r != SECURITY_MANAGER_SUCCESS)
                     return r;
                 break;
diff --git a/src/common/include/permissible-set.h b/src/common/include/permissible-set.h
index 83b69ec..f29debd 100644
--- a/src/common/include/permissible-set.h
+++ b/src/common/include/permissible-set.h
@@ -48,10 +48,11 @@ public:
  * Return path to file with current list of application names
  * installed globally or locally for the user.
  *
+ * @param[in] uid identifier of the user whose application it should be
  * @param[in] installationType type of installation (global or local)
  * @return path to file with names
  */
-std::string getPerrmissibleFileLocation(int installationType);
+std::string getPerrmissibleFileLocation(uid_t uid, int installationType);
 /**
  * Update permissable file with current content of database
  * @throws FileLockError
@@ -62,7 +63,7 @@ std::string getPerrmissibleFileLocation(int installationType);
  * @param[in] installationType type of installation (global or local)
  * @return resulting true on success
  */
-void updatePermissibleFile(const uid_t uid, const int installationType);
+void updatePermissibleFile(uid_t uid, int installationType);
 /**
  * Read names from a file into a vector
  * @throws FileLockError
diff --git a/src/common/include/tzplatform-config.h b/src/common/include/tzplatform-config.h
index f95c76f..f9458cb 100644
--- a/src/common/include/tzplatform-config.h
+++ b/src/common/include/tzplatform-config.h
@@ -44,13 +44,20 @@ public:
 
     std::string ctxGetEnv(enum tzplatform_variable id);
 
+    std::string ctxMakePath(enum tzplatform_variable id, const std::string &p);
+
+    std::string ctxMakePath(enum tzplatform_variable id, const std::string &p1, const std::string &p2);
+
+    std::string ctxMakePath(enum tzplatform_variable id, const std::string &p1, const std::string &p2, const std::string &p3);
+
+
     static std::string getEnv(enum tzplatform_variable id);
 
     static std::string makePath(enum tzplatform_variable id, const std::string &p);
 
     static std::string makePath(enum tzplatform_variable id, const std::string &p1, const std::string &p2);
 
-    static std::string makePath(enum tzplatform_variable id, const std::string &p1, const std::string &p2, const std::string p3);
+    static std::string makePath(enum tzplatform_variable id, const std::string &p1, const std::string &p2, const std::string &p3);
 
     static uid_t getUid(enum tzplatform_variable id);
 
diff --git a/src/common/permissible-set.cpp b/src/common/permissible-set.cpp
index 09480ba..6c37bce 100644
--- a/src/common/permissible-set.cpp
+++ b/src/common/permissible-set.cpp
@@ -46,6 +46,8 @@
 #include <security-manager-types.h>
 #include <tzplatform_config.h>
 
+#include "tzplatform-config.h"
+
 typedef std::unique_ptr<FILE, int (*)(FILE *)> filePtr;
 
 namespace SecurityManager {
@@ -67,13 +69,14 @@ static filePtr openAndLockNameFile(const std::string &nameFile, const char* mode
     return file;
 }
 
-std::string getPerrmissibleFileLocation(int installationType)
+std::string getPerrmissibleFileLocation(uid_t uid, int installationType)
 {
+    TizenPlatformConfig tpc(uid);
     if ((installationType == SM_APP_INSTALL_GLOBAL)
             || (installationType == SM_APP_INSTALL_PRELOADED))
-        return tzplatform_mkpath(TZ_SYS_RW_APP, Config::APPS_NAME_FILE.c_str());
-    return tzplatform_mkpath(TZ_USER_APP, Config::APPS_NAME_FILE.c_str());
-
+        return tpc.ctxMakePath(TZ_SYS_RW_APP, Config::APPS_NAME_FILE.c_str());
+    else
+        return tpc.ctxMakePath(TZ_USER_APP, Config::APPS_NAME_FILE.c_str());
 }
 
 static void markPermissibleFileValid(int fd, const std::string &nameFile, bool valid)
@@ -91,7 +94,7 @@ static void markPermissibleFileValid(int fd, const std::string &nameFile, bool v
 
 void updatePermissibleFile(uid_t uid, int installationType)
 {
-    std::string nameFile = getPerrmissibleFileLocation(installationType);
+    std::string nameFile = getPerrmissibleFileLocation(uid, installationType);
     filePtr file = openAndLockNameFile(nameFile, "w");
     markPermissibleFileValid(fileno(file.get()), nameFile, false);
     std::vector<std::string> appNames;
diff --git a/src/common/tzplatform-config.cpp b/src/common/tzplatform-config.cpp
index f7d8c2c..31e421f 100644
--- a/src/common/tzplatform-config.cpp
+++ b/src/common/tzplatform-config.cpp
@@ -62,6 +62,24 @@ std::string TizenPlatformConfig::ctxGetEnv(enum tzplatform_variable id)
     return validate(tzplatform_context_getenv(m_ctx, id));
 }
 
+std::string TizenPlatformConfig::ctxMakePath(enum tzplatform_variable id,
+    const std::string &p)
+{
+    return validate(tzplatform_context_mkpath(m_ctx, id, p.c_str()));
+}
+
+std::string TizenPlatformConfig::ctxMakePath(enum tzplatform_variable id,
+    const std::string &p1, const std::string &p2)
+{
+    return validate(tzplatform_context_mkpath3(m_ctx, id, p1.c_str(), p2.c_str()));
+}
+
+std::string TizenPlatformConfig::ctxMakePath(enum tzplatform_variable id,
+    const std::string &p1, const std::string &p2, const std::string &p3)
+{
+    return validate(tzplatform_context_mkpath4(m_ctx, id, p1.c_str(), p2.c_str(), p3.c_str()));
+}
+
 std::string TizenPlatformConfig::getEnv(enum tzplatform_variable id)
 {
     return validate(tzplatform_getenv(id));
@@ -80,7 +98,7 @@ std::string TizenPlatformConfig::makePath(enum tzplatform_variable id,
 }
 
 std::string TizenPlatformConfig::makePath(enum tzplatform_variable id,
-    const std::string &p1, const std::string &p2, const std::string p3)
+    const std::string &p1, const std::string &p2, const std::string &p3)
 {
     return validate(tzplatform_mkpath4(id, p1.c_str(), p2.c_str(), p3.c_str()));
 }
-- 
2.7.4