From c5d2599eace13706ca0174c8a83ae5bcbc2da2ee Mon Sep 17 00:00:00 2001 From: Sung-Jin Park Date: Wed, 3 Jul 2019 15:08:59 +0900 Subject: [PATCH] pepper_keyrouter: fix to use pepper_security APIs instead of cynara APIs Signed-off-by: Sung-Jin Park --- src/lib/keyrouter/pepper-keyrouter.c | 123 +++------------------------ 1 file changed, 10 insertions(+), 113 deletions(-) diff --git a/src/lib/keyrouter/pepper-keyrouter.c b/src/lib/keyrouter/pepper-keyrouter.c index 96e2945..07c498f 100644 --- a/src/lib/keyrouter/pepper-keyrouter.c +++ b/src/lib/keyrouter/pepper-keyrouter.c @@ -24,14 +24,7 @@ #include "pepper-keyrouter.h" #include "pepper-internal.h" #include -#ifdef HAVE_CYNARA -#include -#include -#include -#include -#include -#include -#endif +#include #define MIN(a,b) ((a)<(b)?(a):(b)) @@ -54,9 +47,7 @@ struct pepper_keyrouter { pepper_view_t *focus_view; pepper_view_t *top_view; -#ifdef HAVE_CYNARA - cynara *p_cynara; -#endif + pepper_bool_t pepper_security_init_done; }; struct resources_data { @@ -80,122 +71,26 @@ struct ungrab_list_data { int err; }; -#ifdef HAVE_CYNARA -static void -_pepper_keyrouter_util_cynara_log(int err, const char *fmt, ...) -{ -#define CYNARA_BUFSIZE 128 - char buf[CYNARA_BUFSIZE] = "\0", tmp[CYNARA_BUFSIZE + CYNARA_BUFSIZE] = "\0"; - va_list args; - int ret; - - if (fmt) { - va_start(args, fmt); - vsnprintf(tmp, CYNARA_BUFSIZE + CYNARA_BUFSIZE, fmt, args); - va_end(args); - } - - ret = cynara_strerror(err, buf, CYNARA_BUFSIZE); - if (ret != CYNARA_API_SUCCESS) { - PEPPER_ERROR("Failed to cynara_strerror: %d (error log about %s: %d)\n", ret, tmp, err); - return; - } - - PEPPER_ERROR("%s is failed: %s\n", tmp, buf); -} -#endif - -static pepper_bool_t -_pepper_keyrouter_util_cynara_init(pepper_keyrouter_t *pepper_keyrouter) -{ -#ifdef HAVE_CYNARA - int ret; - if (pepper_keyrouter->p_cynara) return PEPPER_TRUE; - - ret = cynara_initialize(&pepper_keyrouter->p_cynara, NULL); - if (CYNARA_API_SUCCESS != ret) { - _pepper_keyrouter_util_cynara_log(ret, "cynara_initialize"); - return PEPPER_FALSE; - } -#endif - return PEPPER_TRUE; -} - -static void -_pepper_keyrouter_util_cynara_deinit(pepper_keyrouter_t *pepper_keyrouter) -{ -#ifdef HAVE_CYNARA - if (pepper_keyrouter->p_cynara) cynara_finish(pepper_keyrouter->p_cynara); -#else - ; -#endif -} - static pepper_bool_t _pepper_keyrouter_util_do_privilege_check(pepper_keyrouter_t *pepper_keyrouter, struct wl_client *client, uint32_t mode, uint32_t keycode) { - pepper_bool_t res = PEPPER_TRUE; -#ifdef HAVE_CYNARA - int ret, retry_cnt = 0, len = 0; - char *clientSmack = NULL, *client_session = NULL, uid2[16]={0, }; clients_data_t *cdata; - static pepper_bool_t retried = PEPPER_FALSE; + pid_t pid = 0; uid_t uid = 0; gid_t gid = 0; - res = PEPPER_FALSE; - /* Top position grab is always allowed. This mode do not need privilege.*/ if (mode == TIZEN_KEYROUTER_MODE_TOPMOST) return PEPPER_TRUE; if (!client) return PEPPER_FALSE; - /* If initialize cynara is failed, allow keygrabs regardless of the previlege permition. */ - if (pepper_keyrouter->p_cynara == NULL) { - if (retried == PEPPER_FALSE) { - retried = PEPPER_TRUE; - for(retry_cnt = 0; retry_cnt < 5; retry_cnt++) { - PEPPER_TRACE("Retry cynara initialize: %d\n", retry_cnt + 1); - - ret = cynara_initialize(&pepper_keyrouter->p_cynara, NULL); - if (CYNARA_API_SUCCESS != ret) { - _pepper_keyrouter_util_cynara_log(ret, "cynara_initialize retry.."); - pepper_keyrouter->p_cynara = NULL; - } else { - PEPPER_TRACE("Success cynara initialize to try %d times\n", retry_cnt + 1); - break; - } - } - } - if (!pepper_keyrouter->p_cynara) return PEPPER_TRUE; - } - - pepper_list_for_each(cdata, &pepper_keyrouter->grabbed_clients, link) { + pepper_list_for_each(cdata, &pepper_keyrouter->grabbed_clients, link) { if (cdata->client == client) return PEPPER_TRUE; } wl_client_get_credentials(client, &pid, &uid, &gid); - len = smack_new_label_from_process((int)pid, &clientSmack); - if (len <= 0) goto finish; - - snprintf(uid2, 15, "%d", (int)uid); - client_session = cynara_session_from_pid(pid); - - ret = cynara_check(pepper_keyrouter->p_cynara, clientSmack, client_session, uid2, "http://tizen.org/privilege/keygrab"); - if (CYNARA_API_ACCESS_ALLOWED == ret) { - res = PEPPER_TRUE; - PEPPER_TRACE("Success to check cynara, clientSmack: %s client_session: %s, uid2: %s\n", clientSmack, client_session, uid2); - } else { - //PEPPER_TRACE("Fail to check cynara, error : %d (pid : %d)", ret, pid); - _pepper_keyrouter_util_cynara_log(ret, "clientsmack: %s, pid: %d", clientSmack, pid); - } - -finish: - if (client_session) free(client_session); - if (clientSmack) free(clientSmack); -#endif - return res; + return pepper_security_privilege_check(pid, uid, "http://tizen.org/privilege/keygrab"); } static struct wl_client * @@ -782,8 +677,8 @@ pepper_keyrouter_create(pepper_compositor_t *compositor) pepper_keyrouter->keyrouter = keyrouter_create(); PEPPER_CHECK(pepper_keyrouter->keyrouter, goto failed, "Failed to create keyrouter\n"); - ret = _pepper_keyrouter_util_cynara_init(pepper_keyrouter); - if (!ret) PEPPER_TRACE("cynara initialize is failed, process keyrouter without cynara\n"); + pepper_keyrouter->pepper_security_init_done = ret = pepper_security_init(); + if (!ret) PEPPER_TRACE("pepper_security_init() is failed. Keyrouter will work without pepper_security.\n"); return pepper_keyrouter; @@ -824,7 +719,9 @@ pepper_keyrouter_destroy(pepper_keyrouter_t *pepper_keyrouter) if (pepper_keyrouter->global) wl_global_destroy(pepper_keyrouter->global); - _pepper_keyrouter_util_cynara_deinit(pepper_keyrouter); + if (pepper_keyrouter->pepper_security_init_done) + pepper_security_deinit(); + pepper_keyrouter->pepper_security_init_done = PEPPER_FALSE; free(pepper_keyrouter); pepper_keyrouter = NULL; -- 2.34.1