From c8b3b77ceb88dd8c1b7b221d1340a840d5a80604 Mon Sep 17 00:00:00 2001 From: Sungbae Yoo Date: Wed, 3 Aug 2016 18:49:35 +0900 Subject: [PATCH] Move zone feature out to krate git Signed-off-by: Sungbae Yoo Change-Id: If0dcdaee89d8ebafac85da0a144d21325d3d9dfd --- CMakeLists.txt | 4 - device-policy-manager.manifest | 3 +- libs/common.cmake | 3 + libs/dpm/zone.cpp | 18 +- libs/ivi.cmake | 3 + libs/zone.cpp | 40 +- packaging/device-policy-manager.spec | 93 +--- policy/{zone.hxx => krate.hxx} | 22 +- policy/zone/app-proxy.hxx | 90 --- policy/zone/package-proxy.hxx | 74 --- policy/zone/zone.hxx | 50 -- server/CMakeLists.txt | 6 +- server/common.cmake | 2 + server/ivi.cmake | 2 + server/{zone.cpp => krate.cpp} | 83 ++- server/mobile.cmake | 6 +- server/systemd/device-policy-manager.service.in | 2 + server/zone/app-proxy.cpp | 258 --------- server/zone/package-proxy.cpp | 129 ----- server/zone/zone.cpp | 709 ------------------------ tools/syspopup/po/en_US.po | 32 +- tools/syspopup/po/ko_KR.po | 32 +- tools/syspopup/src/popup-list.c | 6 +- zone/CMakeLists.txt | 28 - zone/cli/CMakeLists.txt | 44 -- zone/cli/zone-admin-cli.cpp | 477 ---------------- zone/gumd-scripts/20_pam-zone-add.post | 4 - zone/gumd-scripts/20_pam-zone-remove.post | 4 - zone/libs/CMakeLists.txt | 61 -- zone/libs/app-proxy.cpp | 106 ---- zone/libs/package-proxy.cpp | 63 --- zone/libs/zone.cpp | 94 ---- zone/libs/zone.pc.in | 12 - zone/libs/zone/app-info-internal.h | 115 ---- zone/libs/zone/app-proxy.cpp | 258 --------- zone/libs/zone/app-proxy.h | 235 -------- zone/libs/zone/array.h | 59 -- zone/libs/zone/debug.h | 26 - zone/libs/zone/package-info-internal.h | 106 ---- zone/libs/zone/package-proxy.cpp | 316 ----------- zone/libs/zone/package-proxy.h | 254 --------- zone/libs/zone/zone.cpp | 157 ------ zone/libs/zone/zone.h | 303 ---------- zone/module/CMakeLists.txt | 57 -- zone/module/data/DefaultZoneManifest.xml | 10 - zone/module/data/zone_indicator_icon.png | Bin 1213 -> 0 bytes zone/module/data/zone_noti_list_sub_icon.png | Bin 4992 -> 0 bytes zone/module/pam.d/systemd-user-zone | 4 - zone/module/session.cpp | 72 --- zone/module/session.h | 35 -- zone/module/zone-builder.cpp | 76 --- zone/module/zone-builder.h | 46 -- zone/module/zone-guard.h | 62 --- zone/module/zone.cpp | 105 ---- zone/volume/CMakeLists.txt | 35 -- zone/volume/ecryptfs.h | 107 ---- zone/volume/kernel-keyring.cpp | 46 -- zone/volume/kernel-keyring.h | 42 -- zone/volume/key-generator.cpp | 322 ----------- zone/volume/key-generator.h | 54 -- zone/volume/key-manager.cpp | 92 --- zone/volume/key-manager.h | 35 -- zone/volume/main.cpp | 194 ------- 63 files changed, 132 insertions(+), 5651 deletions(-) rename policy/{zone.hxx => krate.hxx} (65%) delete mode 100644 policy/zone/app-proxy.hxx delete mode 100644 policy/zone/package-proxy.hxx delete mode 100644 policy/zone/zone.hxx rename server/{zone.cpp => krate.cpp} (58%) mode change 100755 => 100644 delete mode 100644 server/zone/app-proxy.cpp delete mode 100644 server/zone/package-proxy.cpp delete mode 100644 server/zone/zone.cpp delete mode 100755 zone/CMakeLists.txt delete mode 100644 zone/cli/CMakeLists.txt delete mode 100644 zone/cli/zone-admin-cli.cpp delete mode 100644 zone/gumd-scripts/20_pam-zone-add.post delete mode 100644 zone/gumd-scripts/20_pam-zone-remove.post delete mode 100755 zone/libs/CMakeLists.txt delete mode 100644 zone/libs/app-proxy.cpp delete mode 100644 zone/libs/package-proxy.cpp delete mode 100644 zone/libs/zone.cpp delete mode 100644 zone/libs/zone.pc.in delete mode 100644 zone/libs/zone/app-info-internal.h delete mode 100644 zone/libs/zone/app-proxy.cpp delete mode 100644 zone/libs/zone/app-proxy.h delete mode 100644 zone/libs/zone/array.h delete mode 100644 zone/libs/zone/debug.h delete mode 100644 zone/libs/zone/package-info-internal.h delete mode 100644 zone/libs/zone/package-proxy.cpp delete mode 100644 zone/libs/zone/package-proxy.h delete mode 100644 zone/libs/zone/zone.cpp delete mode 100644 zone/libs/zone/zone.h delete mode 100644 zone/module/CMakeLists.txt delete mode 100644 zone/module/data/DefaultZoneManifest.xml delete mode 100755 zone/module/data/zone_indicator_icon.png delete mode 100755 zone/module/data/zone_noti_list_sub_icon.png delete mode 100644 zone/module/pam.d/systemd-user-zone delete mode 100644 zone/module/session.cpp delete mode 100644 zone/module/session.h delete mode 100644 zone/module/zone-builder.cpp delete mode 100644 zone/module/zone-builder.h delete mode 100644 zone/module/zone-guard.h delete mode 100644 zone/module/zone.cpp delete mode 100644 zone/volume/CMakeLists.txt delete mode 100755 zone/volume/ecryptfs.h delete mode 100755 zone/volume/kernel-keyring.cpp delete mode 100755 zone/volume/kernel-keyring.h delete mode 100755 zone/volume/key-generator.cpp delete mode 100755 zone/volume/key-generator.h delete mode 100755 zone/volume/key-manager.cpp delete mode 100644 zone/volume/key-manager.h delete mode 100755 zone/volume/main.cpp diff --git a/CMakeLists.txt b/CMakeLists.txt index 8969033..6f8330a 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -32,7 +32,6 @@ SET(DPM_POLICY ${PROJECT_SOURCE_DIR}/policy) SET(DPM_LIBS ${PROJECT_SOURCE_DIR}/libs) SET(DPM_SERVER ${PROJECT_SOURCE_DIR}/server) SET(DPM_TOOLS ${PROJECT_SOURCE_DIR}/tools) -SET(DPM_ZONE ${PROJECT_SOURCE_DIR}/zone) SET(DPM_TESTS ${PROJECT_SOURCE_DIR}/tests) IF("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU" AND CMAKE_CXX_COMPILER_VERSION VERSION_LESS 4.7) @@ -88,7 +87,4 @@ ADD_DEFINITIONS(-DUG_WAYLAND) ADD_SUBDIRECTORY(${DPM_SERVER}) ADD_SUBDIRECTORY(${DPM_LIBS}) ADD_SUBDIRECTORY(${DPM_TOOLS}) -IF("${TIZEN_PROFILE_NAME}" STREQUAL "mobile") -ADD_SUBDIRECTORY(${DPM_ZONE}) -ENDIF() ADD_SUBDIRECTORY(${DPM_TESTS}) diff --git a/device-policy-manager.manifest b/device-policy-manager.manifest index 1b42923..0d4e726 100644 --- a/device-policy-manager.manifest +++ b/device-policy-manager.manifest @@ -3,7 +3,6 @@ - - + diff --git a/libs/common.cmake b/libs/common.cmake index 3070ec0..5502e91 100644 --- a/libs/common.cmake +++ b/libs/common.cmake @@ -16,9 +16,12 @@ SET(POLICY ${POLICY} password.cpp + krate.cpp dpm/password.cpp + dpm/zone.cpp ) SET(CAPI ${CAPI} dpm/password.h + dpm/zone.h ) diff --git a/libs/dpm/zone.cpp b/libs/dpm/zone.cpp index 584c291..2cd26bc 100755 --- a/libs/dpm/zone.cpp +++ b/libs/dpm/zone.cpp @@ -15,7 +15,7 @@ */ #include "zone.h" -#include "zone.hxx" +#include "krate.hxx" #include "array.h" #include "debug.h" @@ -30,8 +30,8 @@ EXPORT_API int dpm_zone_create(device_policy_manager_h handle, const char* name, RET_ON_FAILURE(pkgname, DPM_ERROR_INVALID_PARAMETER); DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZonePolicy zone = client.createPolicyInterface(); - return zone.createZone(name, pkgname); + KratePolicy krate = client.createPolicyInterface(); + return krate.createKrate(name, pkgname); } EXPORT_API int dpm_zone_destroy(device_policy_manager_h handle, const char* name) @@ -40,8 +40,8 @@ EXPORT_API int dpm_zone_destroy(device_policy_manager_h handle, const char* name RET_ON_FAILURE(name, DPM_ERROR_INVALID_PARAMETER); DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZonePolicy zone = client.createPolicyInterface(); - return zone.removeZone(name); + KratePolicy krate = client.createPolicyInterface(); + return krate.removeKrate(name); } EXPORT_API int dpm_zone_get_state(device_policy_manager_h handle, const char* name, dpm_zone_state_e *state) @@ -51,9 +51,9 @@ EXPORT_API int dpm_zone_get_state(device_policy_manager_h handle, const char* na RET_ON_FAILURE(state, DPM_ERROR_INVALID_PARAMETER); DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZonePolicy zone = client.createPolicyInterface(); + KratePolicy krate = client.createPolicyInterface(); - int result = zone.getZoneState(name); + int result = krate.getKrateState(name); if (result == 0) { return DPM_ERROR_NO_DATA; } @@ -72,8 +72,8 @@ EXPORT_API int dpm_zone_foreach_name(device_policy_manager_h handle, dpm_zone_st RET_ON_FAILURE(mask, DPM_ERROR_INVALID_PARAMETER); DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZonePolicy zone = client.createPolicyInterface(); - std::vector list = zone.getZoneList(state); + KratePolicy krate = client.createPolicyInterface(); + std::vector list = krate.getKrateList(state); for (const std::string& name : list) { if (!callback(name.c_str(), user_data)) break; diff --git a/libs/ivi.cmake b/libs/ivi.cmake index 3070ec0..5502e91 100644 --- a/libs/ivi.cmake +++ b/libs/ivi.cmake @@ -16,9 +16,12 @@ SET(POLICY ${POLICY} password.cpp + krate.cpp dpm/password.cpp + dpm/zone.cpp ) SET(CAPI ${CAPI} dpm/password.h + dpm/zone.h ) diff --git a/libs/zone.cpp b/libs/zone.cpp index 212aefb..f22b582 100644 --- a/libs/zone.cpp +++ b/libs/zone.cpp @@ -13,69 +13,51 @@ * See the License for the specific language governing permissions and * limitations under the License */ -#include "zone.hxx" +#include "krate.hxx" namespace DevicePolicyManager { -ZonePolicy::ZonePolicy(PolicyControlContext& ctx) : +KratePolicy::KratePolicy(PolicyControlContext& ctx) : context(ctx) { } -ZonePolicy::~ZonePolicy() +KratePolicy::~KratePolicy() { } -int ZonePolicy::createZone(const std::string& name, const std::string& setupWizAppid) +int KratePolicy::createKrate(const std::string& name, const std::string& setupWizAppid) { try { - return context->methodCall("ZonePolicy::createZone", name, setupWizAppid); + return context->methodCall("KratePolicy::createKrate", name, setupWizAppid); } catch (runtime::Exception& e) { return -1; } } -int ZonePolicy::removeZone(const std::string& name) +int KratePolicy::removeKrate(const std::string& name) { try { - return context->methodCall("ZonePolicy::removeZone", name); + return context->methodCall("KratePolicy::removeKrate", name); } catch (runtime::Exception& e) { return -1; } } -int ZonePolicy::lockZone(const std::string& name) +int KratePolicy::getKrateState(const std::string& name) { try { - return context->methodCall("ZonePolicy::lockZone", name); + return context->methodCall("KratePolicy::getKrateState", name); } catch (runtime::Exception& e) { return -1; } } -int ZonePolicy::unlockZone(const std::string& name) -{ - try { - return context->methodCall("ZonePolicy::unlockZone", name); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZonePolicy::getZoneState(const std::string& name) -{ - try { - return context->methodCall("ZonePolicy::getZoneState", name); - } catch (runtime::Exception& e) { - return -1; - } -} - -std::vector ZonePolicy::getZoneList(int state) +std::vector KratePolicy::getKrateList(int state) { std::vector empty; try { - return context->methodCall>("ZonePolicy::getZoneList", state); + return context->methodCall>("KratePolicy::getKrateList", state); } catch (runtime::Exception& e) { return empty; } diff --git a/packaging/device-policy-manager.spec b/packaging/device-policy-manager.spec index 323d427..5134574 100755 --- a/packaging/device-policy-manager.spec +++ b/packaging/device-policy-manager.spec @@ -34,14 +34,17 @@ BuildRequires: pkgconfig(capi-network-bluetooth) BuildRequires: pkgconfig(capi-system-system-settings) BuildRequires: pkgconfig(notification) BuildRequires: pkgconfig(key-manager) -BuildRequires: pkgconfig(libgum) -BuildRequires: pkgconfig(cynara-client) -BuildRequires: pkgconfig(cynara-session) +BuildRequires: pkgconfig(cynara-client) +BuildRequires: pkgconfig(cynara-session) %if "%{profile}" != "tv" BuildRequires: pkgconfig(capi-location-manager) BuildRequires: pkgconfig(auth-fw-admin) +%if "%{profile}" != "wearable" +BuildRequires: pkgconfig(krate) %endif +%endif + %description The device-policy-manager package provides a daemon which is responsible for @@ -53,9 +56,9 @@ managing device policies. %attr(755,root,root) %{_bindir}/device-policy-manager %attr(700,root,root) %{_bindir}/factory-reset %attr(700,root,root) %{_bindir}/dpm-admin-cli -%dir %{TZ_SYS_DATA}/dpm -%dir %{TZ_SYS_ETC}/dpm/policy -%{TZ_SYS_ETC}/dpm/policy/PolicyManifest.xml +%attr(711,security_fw,security_fw) %dir %{TZ_SYS_DATA}/dpm +%attr(711,security_fw,security_fw) %dir %{TZ_SYS_ETC}/dpm/policy +%attr(644,security_fw,security_fw) %{TZ_SYS_ETC}/dpm/policy/PolicyManifest.xml %{_unitdir}/device-policy-manager.service %{_unitdir}/multi-user.target.wants/device-policy-manager.service @@ -200,81 +203,3 @@ Tizen DPM system popup interface package %{TZ_SYS_RO_APP}/org.tizen.dpm-syspopup/res/locale/* %{TZ_SYS_RO_PACKAGES}/org.tizen.dpm-syspopup.xml /usr/share/icons/default/small/org.tizen.dpm-syspopup.png - -## Begin of mobile feature ################################################### -%if "%{profile}" == "mobile" - -## Zone Client Package ######################################################## -%package -n libzone -Summary: Tizen Zone Client library -Group: Development/Libraries -BuildRequires: pkgconfig(capi-appfw-application) -BuildRequires: pkgconfig(capi-appfw-app-manager) -BuildRequires: pkgconfig(capi-appfw-package-manager) -BuildRequires: pkgconfig(libtzplatform-config) -Requires: %{name} = %{version}-%{release} -Requires(post): /sbin/ldconfig -Requires(postun): /sbin/ldconfig - -%description -n libzone -The libzone package contains the libraries needed to control inside of the zone. - -%post -n libzone -p /sbin/ldconfig - -%postun -n libzone -p /sbin/ldconfig - -%files -n libzone -%manifest device-policy-manager.manifest -%defattr(644,root,root,755) -%attr(755,root,root) %{_libdir}/libzone.so.%{version} -%{_libdir}/libzone.so.0 - -## Devel Package ############################################################## -%package -n libzone-devel -Summary: Libraries and header files for zone client development -Group: Development/Libraries -Requires: libzone = %{version}-%{release} - -%description -n libzone-devel -The libzone-devel package includes the libraries and header files necessary for -developing the zone client program. - -%files -n libzone-devel -%manifest device-policy-manager.manifest -%defattr(644,root,root,755) -%{_libdir}/libzone.so -%{_includedir}/zone -%{_libdir}/pkgconfig/zone.pc - -## PAM Plugin Package ######################################################## -%package -n dpm-pam-zone -Summary: PAM Plugin for zone policy in device policy manager -Group: Development/Libraries -Requires: systemd - -%description -n dpm-pam-zone -PAM Plugin for zone policy in device policy manager and CLI tool - -%post -n dpm-pam-zone -mv /etc/pam.d/systemd-user /etc/pam.d/systemd-user.keep -cp /etc/pam.d/systemd-user-zone /etc/pam.d/systemd-user - -%postun -n dpm-pam-zone -mv /etc/pam.d/systemd-user.keep /etc/pam.d/systemd-user - -%files -n dpm-pam-zone -%manifest device-policy-manager.manifest -%defattr(600,root,root,700) -%attr(700,root,root) %{_libdir}/security/pam_*.so -%attr(700,root,root) %{_sbindir}/zone-admin-cli -%attr(700,root,root) %{_sbindir}/zone-volume-manager -%attr(700,root,root) %dir %{TZ_SYS_ETC}/dpm/zone -%attr(700,root,root) /etc/gumd/useradd.d/20_pam-zone-add.post -%attr(700,root,root) /etc/gumd/userdel.d/20_pam-zone-remove.post -%attr(600,root,root) %config %{TZ_SYS_ETC}/dpm/zone/owner.xml -%attr(644,root,root) %{TZ_SYS_DATA}/dpm/zone_indicator_icon.png -%attr(644,root,root) %{TZ_SYS_DATA}/dpm/zone_noti_list_sub_icon.png -%config /etc/pam.d/* - -%endif -# End of mobile feature diff --git a/policy/zone.hxx b/policy/krate.hxx similarity index 65% rename from policy/zone.hxx rename to policy/krate.hxx index 848f929..74b2891 100644 --- a/policy/zone.hxx +++ b/policy/krate.hxx @@ -14,35 +14,33 @@ * limitations under the License */ -#ifndef __ZONE_POLICY__ -#define __ZONE_POLICY__ +#ifndef __KRATE_POLICY__ +#define __KRATE_POLICY__ #include "policy-context.hxx" namespace DevicePolicyManager { -class ZonePolicy { +class KratePolicy { public: enum State { Locked = 0x01, Running = 0x02, }; - ZonePolicy(PolicyControlContext& ctxt); - ~ZonePolicy(); + KratePolicy(PolicyControlContext& ctxt); + ~KratePolicy(); - int createZone(const std::string& name, const std::string& setupWizardAppid); - int removeZone(const std::string& name); - int lockZone(const std::string& name); - int unlockZone(const std::string& name); + int createKrate(const std::string& name, const std::string& setupWizardAppid); + int removeKrate(const std::string& name); - int getZoneState(const std::string& name); + int getKrateState(const std::string& name); - std::vector getZoneList(int state); + std::vector getKrateList(int state); private: PolicyControlContext& context; }; } // namespace DevicePolicyManager -#endif // __ZONE_POLICY__ +#endif // __KRATE_POLICY__ diff --git a/policy/zone/app-proxy.hxx b/policy/zone/app-proxy.hxx deleted file mode 100644 index 1339499..0000000 --- a/policy/zone/app-proxy.hxx +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ZONE_APP_PROXY__ -#define __ZONE_APP_PROXY__ - -#include "policy-context.hxx" - -namespace DevicePolicyManager { - -/** - * This class provides APIs to create/remove and manage names. - */ - -class ZoneAppProxy { -public: - ZoneAppProxy(PolicyControlContext& ctxt); - ~ZoneAppProxy(); - - //application information - struct AppInfo { - std::string zone; - std::string id; - std::string locale; - std::string package; - std::string type; - std::string icon; - std::string label; - int componentType; - bool isNoDisplayed; - bool isTaskManaged; - - REFLECTABLE - ( - zone, id, locale, package, type, icon, label, - componentType, isNoDisplayed, isTaskManaged - ); - }; - - AppInfo getAppInfo(const std::string& name, const std::string& appid); - - int createIterator(const std::string& name); - AppInfo getIteratorValue(int iterator); - bool nextIterator(int iterator); - int destroyIterator(int iterator); - - //application bundle - struct Bundle { - std::string operation; - std::string uri; - std::string mime; - std::string category; - std::string appId; - struct Extra { - std::string key; - std::vector value; - REFLECTABLE(key, value); - }; - std::vector extraData; - - REFLECTABLE - ( - operation, uri, mime, category, appId, extraData - ); - }; - - int launch(const std::string& name, const Bundle& bundle); - int resume(const std::string& name, const std::string& appid); - int terminate(const std::string& name, const std::string& appid); - bool isRunning(const std::string& name, const std::string& appid); - -private: - PolicyControlContext& context; -}; - -} // namespace DevicePolicyManager -#endif // __ZONE_APP_PROXY__ diff --git a/policy/zone/package-proxy.hxx b/policy/zone/package-proxy.hxx deleted file mode 100644 index f397d97..0000000 --- a/policy/zone/package-proxy.hxx +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ZONE_PACKAGE_PROXY__ -#define __ZONE_PACKAGE_PROXY__ - -#include "policy-context.hxx" - -namespace DevicePolicyManager { - -/** - * This class provides APIs to control packages in the zones. - */ - -class ZonePackageProxy { -public: - ZonePackageProxy(PolicyControlContext& ctxt); - ~ZonePackageProxy(); - - //package information - struct PackageInfo { - std::string zone; - std::string id; - std::string locale; - std::string type; - std::string icon; - std::string label; - std::string description; - struct { - std::string name; - std::string email; - std::string href; - REFLECTABLE(name, email, href); - } author; - std::string version; - std::string apiVersion; - std::string mainAppId; - bool isSystem; - bool isRemovable; - bool isPreload; - - REFLECTABLE - ( - zone, id, locale, type, icon, label, description, author, - version, apiVersion, mainAppId, isSystem, isRemovable, isPreload - ); - }; - - PackageInfo getPackageInfo(const std::string& name, const std::string& pkgid); - std::vector getPackageList(const std::string& name); - - //package manager request - int install(const std::string& name, const std::string& pkgpath); - int uninstall(const std::string& name, const std::string& pkgid); - -private: - PolicyControlContext& context; -}; - -} // namespace DevicePolicyManager -#endif // __ZONE_PACKAGE_PROXY__ diff --git a/policy/zone/zone.hxx b/policy/zone/zone.hxx deleted file mode 100644 index 3612e0f..0000000 --- a/policy/zone/zone.hxx +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ZONE_MANAGER__ -#define __ZONE_MANAGER__ - -#include "policy-context.hxx" - -namespace DevicePolicyManager { - -class ZoneManager { -public: - enum State { - Locked = 0x01, - Running = 0x02, - }; - - ZoneManager(PolicyControlContext& ctxt); - ~ZoneManager(); - - int createZone(const std::string& name, const std::string& manifest); - int removeZone(const std::string& name); - int lockZone(const std::string& name); - int unlockZone(const std::string& name); - - int getZoneState(const std::string& name); - - std::vector getZoneList(int state); - - int resetZonePassword(const std::string& name, const std::string& newPassword); - -private: - PolicyControlContext& context; -}; - -} // namespace DevicePolicyManager -#endif // __ZONE_MANAGER__ diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index b81e16a..255affd 100644 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -35,9 +35,9 @@ SET(POLICY administration.cpp wifi.cpp ) -SET(DEPENDENCY glib-2.0 +SET(DEPENDENCY klay + glib-2.0 gio-2.0 - klay libxml-2.0 sqlite3 bundle @@ -57,7 +57,6 @@ SET(DEPENDENCY glib-2.0 capi-network-connection capi-network-bluetooth notification - libgum cynara-client cynara-session ) @@ -86,3 +85,4 @@ CONFIGURE_FILE(systemd/device-policy-manager.service.in systemd/device-policy-ma INSTALL(TARGETS ${TARGET} DESTINATION bin) INSTALL(FILES systemd/device-policy-manager.service DESTINATION ${SYSTEMD_UNIT_INSTALL_DIR}) INSTALL(FILES data/PolicyManifest.xml DESTINATION ${CONF_INSTALL_DIR}/policy) +INSTALL(DIRECTORY DESTINATION ${DATA_INSTALL_DIR}) diff --git a/server/common.cmake b/server/common.cmake index 1f2cbea..791b0c4 100644 --- a/server/common.cmake +++ b/server/common.cmake @@ -18,6 +18,7 @@ SET(POLICY ${POLICY} bluetooth.cpp location.cpp password.cpp + krate.cpp ) SET(DEPENDENCY ${DEPENDENCY} @@ -25,4 +26,5 @@ SET(DEPENDENCY ${DEPENDENCY} capi-network-bluetooth auth-fw-admin bluetooth-api + krate ) diff --git a/server/ivi.cmake b/server/ivi.cmake index b98bde4..a6c7953 100644 --- a/server/ivi.cmake +++ b/server/ivi.cmake @@ -18,6 +18,7 @@ SET(POLICY ${POLICY} bluetooth.cpp location.cpp password.cpp + krate.cpp ) SET(DEPENDENCY ${DEPENDENCY} @@ -25,4 +26,5 @@ SET(DEPENDENCY ${DEPENDENCY} capi-network-bluetooth auth-fw-admin bluetooth-api + krate ) diff --git a/server/zone.cpp b/server/krate.cpp old mode 100755 new mode 100644 similarity index 58% rename from server/zone.cpp rename to server/krate.cpp index 0e74363..33e3f77 --- a/server/zone.cpp +++ b/server/krate.cpp @@ -24,9 +24,9 @@ #include #include #include +#include -#include "zone.hxx" -#include "zone/zone.hxx" +#include "krate.hxx" #include "launchpad.h" #include "privilege.h" @@ -38,12 +38,11 @@ namespace DevicePolicyManager { namespace { -namespace { -std::regex zoneNamePattern(NAME_PATTERN); -} +krate_manager_h krate_manager; +std::regex krateNamePattern(NAME_PATTERN); bool isAllowedName(const std::string& name) { - if (!std::regex_match(name, zoneNamePattern)) { + if (!std::regex_match(name, krateNamePattern)) { return false; } @@ -56,30 +55,37 @@ bool isAllowedName(const std::string& name) { return !exists; } +bool foreach_krate_cb(const char* name, void* user_data) { + auto pList = (std::vector*)user_data; + pList->push_back(name); + return true; +} + } -ZonePolicy::ZonePolicy(PolicyControlContext& ctx) : +KratePolicy::KratePolicy(PolicyControlContext& ctx) : context(ctx) { - context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::createZone)(std::string, std::string)); - context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::removeZone)(std::string)); - context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::lockZone)(std::string)); - context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(ZonePolicy::unlockZone)(std::string)); - context.registerParametricMethod(this, "", (int)(ZonePolicy::getZoneState)(std::string)); - context.registerParametricMethod(this, "", (std::vector)(ZonePolicy::getZoneList)(int)); - - context.createNotification("ZonePolicy::created"); - context.createNotification("ZonePolicy::removed"); + context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(KratePolicy::createKrate)(std::string, std::string)); + context.registerParametricMethod(this, DPM_PRIVILEGE_ZONE, (int)(KratePolicy::removeKrate)(std::string)); + context.registerParametricMethod(this, "", (int)(KratePolicy::getKrateState)(std::string)); + context.registerParametricMethod(this, "", (std::vector)(KratePolicy::getKrateList)(int)); + + context.createNotification("KratePolicy::created"); + context.createNotification("KratePolicy::removed"); + + krate_manager_create(&krate_manager); } -ZonePolicy::~ZonePolicy() +KratePolicy::~KratePolicy() { + krate_manager_destroy(krate_manager); } -int ZonePolicy::createZone(const std::string& name, const std::string& setupWizAppid) +int KratePolicy::createKrate(const std::string& name, const std::string& setupWizAppid) { - if (!std::regex_match(name, zoneNamePattern)) { + if (!std::regex_match(name, krateNamePattern)) { return -1; } @@ -90,9 +96,9 @@ int ZonePolicy::createZone(const std::string& name, const std::string& setupWizA try { std::vector data = {"app-id", "org.tizen.krate-setup-wizard", "mode", "create", - "zone", name}; + "krate", name}; Bundle bundle; - bundle.add("id", "zone-create"); + bundle.add("id", "krate-create"); bundle.add("user-data", data); Launchpad launchpad(context.getPeerUid()); @@ -105,18 +111,18 @@ int ZonePolicy::createZone(const std::string& name, const std::string& setupWizA return 0; } -int ZonePolicy::removeZone(const std::string& name) +int KratePolicy::removeKrate(const std::string& name) { - if (getZoneState(name) == 0) { + if (getKrateState(name) == 0) { return -1; } try { std::vector data = {"app-id", "org.tizen.krate-setup-wizard", "mode", "remove", - "zone", name}; + "krate", name}; Bundle bundle; - bundle.add("id", "zone-remove"); + bundle.add("id", "krate-remove"); bundle.add("user-data", data); Launchpad launchpad(context.getPeerUid()); @@ -129,29 +135,20 @@ int ZonePolicy::removeZone(const std::string& name) return 0; } -/* [TBD] remove dependency with zoneManager like this */ -extern ZoneManager* zoneManager; - -int ZonePolicy::lockZone(const std::string& name) -{ - return zoneManager->lockZone(name); -} - -int ZonePolicy::unlockZone(const std::string& name) -{ - return zoneManager->unlockZone(name); -} - -int ZonePolicy::getZoneState(const std::string& name) +int KratePolicy::getKrateState(const std::string& name) { - return zoneManager->getZoneState(name); + krate_state_e state = (krate_state_e)0; + krate_manager_get_krate_state(krate_manager, name.c_str(), &state); + return (int)state; } -std::vector ZonePolicy::getZoneList(int state) +std::vector KratePolicy::getKrateList(int state) { - return zoneManager->getZoneList(state); + std::vector list; + krate_manager_foreach_name(krate_manager, (krate_state_e)state, foreach_krate_cb, &list); + return list; } -DEFINE_POLICY(ZonePolicy); +DEFINE_POLICY(KratePolicy); } // namespace DevicePolicyManager diff --git a/server/mobile.cmake b/server/mobile.cmake index 43a2559..a6c7953 100644 --- a/server/mobile.cmake +++ b/server/mobile.cmake @@ -18,10 +18,7 @@ SET(POLICY ${POLICY} bluetooth.cpp location.cpp password.cpp - zone.cpp - zone/zone.cpp - zone/app-proxy.cpp - zone/package-proxy.cpp + krate.cpp ) SET(DEPENDENCY ${DEPENDENCY} @@ -29,4 +26,5 @@ SET(DEPENDENCY ${DEPENDENCY} capi-network-bluetooth auth-fw-admin bluetooth-api + krate ) diff --git a/server/systemd/device-policy-manager.service.in b/server/systemd/device-policy-manager.service.in index bb0c733..4a88166 100644 --- a/server/systemd/device-policy-manager.service.in +++ b/server/systemd/device-policy-manager.service.in @@ -3,6 +3,8 @@ Description=Device Policy Manager [Service] Type=simple +User=security_fw +Group=security_fw SmackProcessLabel=System ExecStart=${CMAKE_INSTALL_PREFIX}/bin/device-policy-manager Restart=on-failure diff --git a/server/zone/app-proxy.cpp b/server/zone/app-proxy.cpp deleted file mode 100644 index 48a400d..0000000 --- a/server/zone/app-proxy.cpp +++ /dev/null @@ -1,258 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include -#include - -#include - -#include -#include -#include - -#include "packman.h" -#include "launchpad.h" -#include "policy-builder.h" - -#include "zone/app-proxy.hxx" - -namespace DevicePolicyManager { - -namespace { - -struct IteratorData { - std::string zone; - std::vector list; - unsigned int current; -}; - -std::unordered_map iteratorMap; -int newIteratorId = 0; - -} // namespace - -ZoneAppProxy::ZoneAppProxy(PolicyControlContext& ctx) : - context(ctx) -{ - context.registerParametricMethod(this, "", (ZoneAppProxy::AppInfo)(ZoneAppProxy::getAppInfo)(std::string, std::string)); - - context.registerParametricMethod(this, "", (int)(ZoneAppProxy::createIterator)(std::string)); - context.registerParametricMethod(this, "", (ZoneAppProxy::AppInfo)(ZoneAppProxy::getIteratorValue)(int)); - context.registerParametricMethod(this, "", (bool)(ZoneAppProxy::nextIterator)(int)); - context.registerParametricMethod(this, "", (int)(ZoneAppProxy::destroyIterator)(int)); - - context.registerParametricMethod(this, "", (int)(ZoneAppProxy::launch)(std::string, ZoneAppProxy::Bundle)); - context.registerParametricMethod(this, "", (int)(ZoneAppProxy::resume)(std::string, std::string)); - context.registerParametricMethod(this, "", (int)(ZoneAppProxy::terminate)(std::string, std::string)); - context.registerParametricMethod(this, "", (int)(ZoneAppProxy::isRunning)(std::string, std::string)); -} - -ZoneAppProxy::~ZoneAppProxy() -{ -} - -ZoneAppProxy::AppInfo ZoneAppProxy::getAppInfo(const std::string& name, const std::string& appid) -{ - AppInfo appInfo; - - try { - runtime::User user(name); - ApplicationInfo appinfo(appid, user.getUid()); - char* locale; - - system_settings_get_value_string(SYSTEM_SETTINGS_KEY_LOCALE_LANGUAGE, &locale); - if (locale == NULL) { - appInfo.locale = "No locale"; - } else { - appInfo.locale = locale; - free(locale); - } - - appInfo.zone = name; - appInfo.id = appid; - appInfo.package = appinfo.getPackage(); - appInfo.type = appinfo.getType(); - appInfo.icon = appinfo.getIcon(); - appInfo.label = appinfo.getLabel(); - appInfo.componentType = appinfo.getComponentType(); - appInfo.isNoDisplayed = appinfo.isNoDisplayed(); - appInfo.isTaskManaged = appinfo.isTaskManaged(); - } catch (runtime::Exception& e) { - ERROR("Failed to retrieve application info installed in the zone: " + appid); - } - - return appInfo; -} - -int ZoneAppProxy::createIterator(const std::string& name) -{ - int iteratorId = -1; - try { - PackageManager& packman = PackageManager::instance(); - runtime::User user(name); - IteratorData data; - - iteratorId = newIteratorId; - - data.zone = name; - data.list = packman.getAppList(user.getUid()); - data.current = 0; - - iteratorMap.insert(std::make_pair(iteratorId, data)); - - if (++newIteratorId < 0) { - newIteratorId = 0; - } - } catch (runtime::Exception& e) { - ERROR("Failed to retrieve package info installed in the zone"); - } - return iteratorId; -} - -ZoneAppProxy::AppInfo ZoneAppProxy::getIteratorValue(int iterator) -{ - AppInfo appInfo; - - auto it = iteratorMap.find(iterator); - if (it == iteratorMap.end()) { - return appInfo; - } - if (it->second.current >= it->second.list.size()) { - return appInfo; - } - - const ApplicationInfo& appinfo = it->second.list.at(it->second.current); - char* locale; - - system_settings_get_value_string(SYSTEM_SETTINGS_KEY_LOCALE_LANGUAGE, &locale); - if (locale == NULL) { - appInfo.locale = "No locale"; - } else { - appInfo.locale = locale; - free(locale); - } - - appInfo.zone = it->second.zone; - appInfo.id = appinfo.getId(); - appInfo.package = appinfo.getPackage(); - appInfo.type = appinfo.getType(); - appInfo.icon = appinfo.getIcon(); - appInfo.label = appinfo.getLabel(); - appInfo.componentType = appinfo.getComponentType(); - appInfo.isNoDisplayed = appinfo.isNoDisplayed(); - appInfo.isTaskManaged = appinfo.isTaskManaged(); - - return appInfo; -} - -bool ZoneAppProxy::nextIterator(int iterator) -{ - auto it = iteratorMap.find(iterator); - if (it != iteratorMap.end()) { - if (++it->second.current < it->second.list.size()) { - return true; - } - } - return false; -} - -int ZoneAppProxy::destroyIterator(int iterator) -{ - auto it = iteratorMap.find(iterator); - if (it != iteratorMap.end()) { - iteratorMap.erase(it); - return 0; - } - return -1; -} - -int ZoneAppProxy::launch(const std::string& name, const ZoneAppProxy::Bundle& bundle) -{ - try { - runtime::User user(name); - ::Bundle b; - - if (!bundle.operation.empty()) { - b.add("__APP_SVC_OP_TYPE__", bundle.operation); - } - if (!bundle.uri.empty()) { - b.add("__APP_SVC_URI__", bundle.uri); - } - if (!bundle.mime.empty()) { - b.add("__APP_SVC_MIME__", bundle.mime); - } - if (!bundle.category.empty()) { - b.add("__APP_SVC_CATEGORY__", bundle.category); - } - - for (Bundle::Extra extra : bundle.extraData) { - if (extra.value.size() > 1) { - b.add(extra.key, extra.value); - } else if (extra.value.size() == 1) { - b.add(extra.key, extra.value.at(0)); - } - } - - Launchpad launchpad(user.getUid()); - launchpad.launch(bundle.appId, b); - } catch (runtime::Exception& e) { - ERROR("Failed to launch app in the zone"); - return -1; - } - return 0; -} - -int ZoneAppProxy::resume(const std::string& name, const std::string& appid) -{ - try { - runtime::User user(name); - Launchpad launchpad(user.getUid()); - launchpad.resume(appid); - } catch (runtime::Exception& e) { - ERROR("Failed to terminate app in the zone"); - return -1; - } - return 0; -} - -int ZoneAppProxy::terminate(const std::string& name, const std::string& appid) -{ - try { - runtime::User user(name); - Launchpad launchpad(user.getUid()); - launchpad.terminate(appid); - } catch (runtime::Exception& e) { - ERROR("Failed to terminate app in the zone"); - return -1; - } - return 0; -} - -bool ZoneAppProxy::isRunning(const std::string& name, const std::string& appid) -{ - try { - runtime::User user(name); - Launchpad launchpad(user.getUid()); - return launchpad.isRunning(appid); - } catch (runtime::Exception& e) { - ERROR("Failed to get app running state in the zone"); - } - return false; -} - -DEFINE_POLICY(ZoneAppProxy); - -} // namespace DevicePolicyManager diff --git a/server/zone/package-proxy.cpp b/server/zone/package-proxy.cpp deleted file mode 100644 index 63d6389..0000000 --- a/server/zone/package-proxy.cpp +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -#include -#include - -#include -#include -#include - -#include "packman.h" -#include "policy-builder.h" - -#include "zone/package-proxy.hxx" - -namespace DevicePolicyManager { - -ZonePackageProxy::ZonePackageProxy(PolicyControlContext& ctx) : - context(ctx) -{ - context.registerParametricMethod(this, "", (ZonePackageProxy::PackageInfo)(ZonePackageProxy::getPackageInfo)(std::string, std::string)); - context.registerParametricMethod(this, "", (std::vector)(ZonePackageProxy::getPackageList)(std::string)); - - context.registerParametricMethod(this, "", (int)(ZonePackageProxy::install)(std::string, std::string)); - context.registerParametricMethod(this, "", (int)(ZonePackageProxy::uninstall)(std::string, std::string)); -} - -ZonePackageProxy::~ZonePackageProxy() -{ -} - -ZonePackageProxy::PackageInfo ZonePackageProxy::getPackageInfo(const std::string& name, const std::string& pkgid) -{ - ZonePackageProxy::PackageInfo package; - char* locale = NULL; - - system_settings_get_value_string(SYSTEM_SETTINGS_KEY_LOCALE_LANGUAGE, &locale); - if (locale == NULL) { - locale = strdup("No locale"); - } - - package.zone = name; - package.id = pkgid; - package.locale = locale; - - free(locale); - - try { - runtime::User user(name); - ::PackageInfo pkginfo(pkgid, user.getUid()); - - package.type = pkginfo.getType(); - package.icon = pkginfo.getIcon(); - package.label = pkginfo.getLabel(); - package.description = pkginfo.getDescription(); - - package.author.name = pkginfo.getAuthorName(); - package.author.email = pkginfo.getAuthorEmail(); - package.author.href = pkginfo.getAuthorHref(); - - package.version = pkginfo.getVersion(); - package.apiVersion = pkginfo.getApiVersion(); - package.mainAppId = pkginfo.getMainAppId(); - - package.isSystem = pkginfo.isSystem(); - package.isRemovable = pkginfo.isRemovable(); - package.isPreload = pkginfo.isPreload(); - } catch (runtime::Exception& e) { - ERROR("Failed to retrieve package info installed in the zone"); - } - - return package; -} - -std::vector ZonePackageProxy::getPackageList(const std::string& name) -{ - try { - runtime::User user(name); - PackageManager& packman = PackageManager::instance(); - return packman.getPackageList(user.getUid()); - } catch (runtime::Exception& e) { - ERROR("Failed to retrieve package info installed in the zone"); - } - return std::vector(); -} - - -int ZonePackageProxy::install(const std::string& name, const std::string& pkgpath) -{ - try { - runtime::User user(name); - PackageManager& packman = PackageManager::instance(); - packman.installPackage(pkgpath, user.getUid()); - } catch (runtime::Exception& e) { - ERROR("Failed to install package in the zone"); - return -1; - } - - return 0; -} - -int ZonePackageProxy::uninstall(const std::string& name, const std::string& pkgid) -{ - try { - runtime::User user(name); - PackageManager& packman = PackageManager::instance(); - packman.uninstallPackage(pkgid, user.getUid()); - } catch (runtime::Exception& e) { - ERROR("Failed to uninstall package of pkgid in the zone"); - return -1; - } - return 0; -} - -DEFINE_POLICY(ZonePackageProxy); - -} // namespace DevicePolicyManager diff --git a/server/zone/zone.cpp b/server/zone/zone.cpp deleted file mode 100644 index c71d8c6..0000000 --- a/server/zone/zone.cpp +++ /dev/null @@ -1,709 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "packman.h" -#include "launchpad.h" -#include "policy-builder.h" - -#include "zone/zone.hxx" - -#define ZONE_DELEGATOR_APP "org.tizen.keyguard" -#define NOTIFICATION_SUB_ICON_PATH DATA_PATH "/zone_noti_list_sub_icon.png" - -namespace DevicePolicyManager { - -namespace { - -const std::vector defaultGroups = { - "audio", - "video", - "display", - "log" -}; - -const std::vector unitsToMask = { - "starter.service", - "scim.service" -}; - -const std::string ZONE_MANIFEST_DIR = CONF_PATH "/zone/"; -const std::string ZONE_SKEL_PATH = "/etc/skel"; -const std::string ZONE_CREATE_HOOK_PATH = "/etc/gumd/useradd.d"; -const std::string ZONE_REMOVE_HOOK_PATH = "/etc/gumd/userdel.d"; - -const std::string ZONE_DEFAULT_OWNER = "owner"; - -const std::string ZONE_GROUP = "users"; - -std::list createdZoneList; -static std::atomic isZoneForeground(false); - -std::unordered_map notiHandleMap; - -inline void maskUserServices(const runtime::User& user) -{ - ::tzplatform_set_user(user.getUid()); - std::string pivot(::tzplatform_getenv(TZ_USER_HOME)); - ::tzplatform_reset_user(); - - runtime::File unitbase(pivot + "/.config/systemd/user"); - unitbase.makeDirectory(true); - unitbase.chmod(S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH); - - for (const std::string& unit : unitsToMask) { - std::string target = unitbase.getPath() + "/" + unit; - if (::symlink("/dev/null", target.c_str()) == -1) { - throw runtime::Exception(runtime::GetSystemErrorMessage()); - } - } -} - -inline void setZoneState(uid_t id, int state) -{ - dbus::Connection& systemDBus = dbus::Connection::getSystem(); - systemDBus.methodcall("org.freedesktop.login1", - "/org/freedesktop/login1", - "org.freedesktop.login1.Manager", - "SetUserLinger", - -1, "", "(ubb)", id, state, 1); -} - -inline const std::string convertPathForOwner(const std::string& path, const runtime::User& user, const runtime::User& owner) -{ - ::tzplatform_set_user(owner.getUid()); - std::string ownerHome(::tzplatform_getenv(TZ_USER_HOME)); - ::tzplatform_reset_user(); - ownerHome += "/.zone"; - - ::tzplatform_set_user(user.getUid()); - std::string userHome(::tzplatform_getenv(TZ_USER_HOME)); - ::tzplatform_reset_user(); - - std::string userHomeForOwner(ownerHome + "/" + user.getName()); - - std::string convertedPath(path); - - if (convertedPath.compare(0, userHome.size(), userHome) == 0) { - convertedPath.replace(0, userHome.size(), userHomeForOwner); - } - - return convertedPath; -} - -inline void prepareFileForOwner(const std::string path, const runtime::User& pkgUser, const runtime::User& owner) -{ - std::string pathLink = convertPathForOwner(path, pkgUser, owner); - - if (path != pathLink) { - runtime::File linkFile(pathLink); - linkFile.makeBaseDirectory(pkgUser.getUid(), pkgUser.getGid()); - if (linkFile.exists()) { - linkFile.remove(); - } - - int ret = ::link(path.c_str(), pathLink.c_str()); - if (ret != 0) { - //TODO: copy the icon instead of linking - throw runtime::Exception("Failed to link from " + path + - " to " + pathLink); - } - } -} - -int packageEventHandler(uid_t target_uid, int req_id, - const char *pkg_type, const char *pkgid, - const char *key, const char *val, - const void *pmsg, void *data) -{ - static std::string type; - std::string keystr = key; - - if (target_uid == tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)) { - return 0; - } - - std::transform(keystr.begin(), keystr.end(), keystr.begin(), ::tolower); - if (keystr == "start") { - type = val; - std::transform(type.begin(), type.end(), type.begin(), ::tolower); - return 0; - } else if (keystr != "end" && keystr != "ok") { - return 0; - } - - try { - runtime::User owner(ZONE_DEFAULT_OWNER), pkgUser(target_uid); - - if (type == "install" || type == "update") { - PackageInfo pkg(pkgid, pkgUser.getUid()); - std::string icon = pkg.getIcon(); - prepareFileForOwner(icon, pkgUser, owner); - - for (const ApplicationInfo& app : pkg.getAppList()) { - std::string icon = app.getIcon(); - prepareFileForOwner(icon, pkgUser, owner); - } - } else { - ::tzplatform_set_user(pkgUser.getUid()); - std::string pkgPath(::tzplatform_getenv(TZ_USER_APP)); - pkgPath = pkgPath + "/" + pkgid; - ::tzplatform_reset_user(); - - runtime::File pkgDirForOwner(convertPathForOwner(pkgPath, pkgUser, owner)); - pkgDirForOwner.remove(true); - } - } catch (runtime::Exception &e) { - ERROR(e.what()); - } - - return 0; -} - -void initializeCreatedZoneList() { - try { - runtime::DirectoryIterator iter(ZONE_MANIFEST_DIR), end; - - while (iter != end) { - const std::string& file = iter->getName(); - const std::string& name(file.substr(0, file.rfind(".xml"))); - createdZoneList.push_back(name); - ++iter; - } - } catch (runtime::Exception& e) {} -} - -#define NT_TITLE NOTIFICATION_TEXT_TYPE_TITLE -#define NT_CONTENT NOTIFICATION_TEXT_TYPE_CONTENT -#define NT_ICON NOTIFICATION_IMAGE_TYPE_ICON -#define NT_INDICATOR NOTIFICATION_IMAGE_TYPE_ICON_FOR_INDICATOR -#define NT_NONE NOTIFICATION_VARIABLE_TYPE_NONE -#define NT_EVENT NOTIFICATION_LY_ONGOING_PROGRESS -#define NT_APP NOTIFICATION_DISPLAY_APP_INDICATOR - -#define NT_ICON_PATH DATA_PATH "/zone_indicator_icon.png" -#define NT_TEXT "Container Mode" -#define NT_APPINFO "Zone Application" - -#define NT_ERROR_NONE NOTIFICATION_ERROR_NONE - -void zoneProcessCallback(GDBusConnection *connection, - const gchar *sender, const gchar *objectPath, - const gchar *interface, const gchar *signalName, - GVariant *params, gpointer userData) -{ - static runtime::User owner(ZONE_DEFAULT_OWNER); - int pid, status; - -// notification_h noti = reinterpret_cast(userData); - - g_variant_get(params, "(ii)", &status, &pid); - - if (status != 5) { - return; - } - - struct stat st; - std::string proc("/proc/" + std::to_string(pid)); - if (::stat(proc.c_str(), &st) != 0) { - return; - } - - // this will have been commented until notification_delete_for_uid can work - /* - if (owner.getUid() != st.st_uid) { - if (!isZoneForeground) { - notification_set_text(noti, NT_CONTENT, NT_APPINFO, NULL, NT_NONE); - notification_post_for_uid(noti, owner.getUid()); - isZoneForeground = true; - } - } else { - if (isZoneForeground) { - notification_delete_for_uid(noti, owner.getUid()); - isZoneForeground = false; - } - }*/ -} - -notification_h createNotification() -{ - notification_h noti = notification_create(NOTIFICATION_TYPE_ONGOING); - if (noti == NULL) { - return NULL; - } - - if (notification_set_text(noti, NT_TITLE, NT_TEXT, NULL, NT_NONE) != NT_ERROR_NONE) { - notification_free(noti); - return NULL; - } - if (notification_set_image(noti, NT_ICON, NT_ICON_PATH) != NT_ERROR_NONE) { - notification_free(noti); - return NULL; - } - - if (notification_set_image(noti, NT_INDICATOR, NT_ICON_PATH) != NT_ERROR_NONE) { - notification_free(noti); - return NULL; - } - - if (notification_set_layout(noti, NT_EVENT) != NT_ERROR_NONE) { - notification_free(noti); - return NULL; - } - - if (notification_set_display_applist(noti, NT_APP) != NT_ERROR_NONE) { - notification_free(noti); - return NULL; - } - - return noti; -} - -void zoneProcessMonitor() -{ - GError *error = NULL; - GDBusConnection* connection; - connection = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, &error); - if (connection == NULL) { - ERROR("GBus Connection failed"); - g_error_free(error); - return; - } - - notification_h noti = createNotification(); - if (noti == NULL) { - ERROR("Failed to created notification"); - return; - } - - g_dbus_connection_signal_subscribe(connection, - NULL, - "org.tizen.resourced.process", - "ProcStatus", - "/Org/Tizen/ResourceD/Process", - NULL, - G_DBUS_SIGNAL_FLAGS_NONE, - zoneProcessCallback, - reinterpret_cast(noti), - NULL); -} - -void notiProxyInsert(const runtime::User& owner, const runtime::User& user, int privId, notification_h noti) -{ - std::string zoneLauncherUri; - notification_h newNoti; - app_control_h appControl; - char* pkgId; - - notification_clone(noti, &newNoti); - - notification_get_pkgname(noti, &pkgId); - PackageInfo pkg(pkgId, user.getUid()); - notification_set_image(newNoti, NOTIFICATION_IMAGE_TYPE_ICON, pkg.getIcon().c_str()); - notification_set_image(newNoti, NOTIFICATION_IMAGE_TYPE_ICON_SUB, NOTIFICATION_SUB_ICON_PATH); - - notification_get_launch_option(newNoti, NOTIFICATION_LAUNCH_OPTION_APP_CONTROL, (void *)&appControl); - if (appControl != NULL) { - char* appId = NULL, *uri = NULL; - - app_control_get_app_id(appControl, &appId); - if (appId == NULL) { - appId = strdup(""); - } - - zoneLauncherUri = "zone://enter/" + user.getName() + "/" + appId; - - app_control_get_uri(appControl, &uri); - if (uri != NULL) { - zoneLauncherUri += "?uri="; - zoneLauncherUri += uri; - free(uri); - } - - free(appId); - app_control_set_app_id(appControl, ZONE_DELEGATOR_APP); - app_control_set_uri(appControl, zoneLauncherUri.c_str()); - notification_set_launch_option(newNoti, NOTIFICATION_LAUNCH_OPTION_APP_CONTROL, appControl); - } - - notification_post_for_uid(newNoti, owner.getUid()); - notiHandleMap.insert(std::make_pair(privId, newNoti)); -} - -void notiProxyDelete(const runtime::User& owner, int privId) -{ - std::unordered_map::iterator it; - - it = notiHandleMap.find(privId); - if (it == notiHandleMap.end()) { - return; - } - notification_delete_for_uid(it->second, owner.getUid()); - notification_free(it->second); - notiHandleMap.erase(it); -} - -void notiProxyUpdate(const runtime::User& owner, const runtime::User& user, int privId, notification_h noti) { - std::unordered_map::iterator it; - double progress; - char *str; - - it = notiHandleMap.find(privId); - if (it == notiHandleMap.end()) { - return; - } - - notification_image_type_e imageTypes[] = { - NOTIFICATION_IMAGE_TYPE_ICON, - NOTIFICATION_IMAGE_TYPE_ICON_FOR_INDICATOR, - NOTIFICATION_IMAGE_TYPE_ICON_FOR_LOCK, - NOTIFICATION_IMAGE_TYPE_THUMBNAIL, - NOTIFICATION_IMAGE_TYPE_THUMBNAIL_FOR_LOCK, - NOTIFICATION_IMAGE_TYPE_ICON_SUB, - NOTIFICATION_IMAGE_TYPE_BACKGROUND, - NOTIFICATION_IMAGE_TYPE_LIST_1, - NOTIFICATION_IMAGE_TYPE_LIST_2, - NOTIFICATION_IMAGE_TYPE_LIST_3, - NOTIFICATION_IMAGE_TYPE_LIST_4, - NOTIFICATION_IMAGE_TYPE_LIST_5, - NOTIFICATION_IMAGE_TYPE_BUTTON_1, - NOTIFICATION_IMAGE_TYPE_BUTTON_2, - NOTIFICATION_IMAGE_TYPE_BUTTON_3, - NOTIFICATION_IMAGE_TYPE_BUTTON_4, - NOTIFICATION_IMAGE_TYPE_BUTTON_5, - NOTIFICATION_IMAGE_TYPE_BUTTON_6 - }; - - for (notification_image_type_e type : imageTypes) { - notification_get_image(noti, type, &str); - notification_set_image(it->second, type, str); - } - - notification_text_type_e textTypes[] = { - NOTIFICATION_TEXT_TYPE_TITLE, - NOTIFICATION_TEXT_TYPE_CONTENT, - NOTIFICATION_TEXT_TYPE_CONTENT_FOR_DISPLAY_OPTION_IS_OFF, - NOTIFICATION_TEXT_TYPE_EVENT_COUNT, - NOTIFICATION_TEXT_TYPE_INFO_1, - NOTIFICATION_TEXT_TYPE_INFO_SUB_1, - NOTIFICATION_TEXT_TYPE_INFO_2, - NOTIFICATION_TEXT_TYPE_INFO_SUB_2, - NOTIFICATION_TEXT_TYPE_INFO_3, - NOTIFICATION_TEXT_TYPE_INFO_SUB_3, - NOTIFICATION_TEXT_TYPE_GROUP_TITLE, - NOTIFICATION_TEXT_TYPE_GROUP_CONTENT, - NOTIFICATION_TEXT_TYPE_GROUP_CONTENT_FOR_DISPLAY_OPTION_IS_OFF, - NOTIFICATION_TEXT_TYPE_BUTTON_1, - NOTIFICATION_TEXT_TYPE_BUTTON_2, - NOTIFICATION_TEXT_TYPE_BUTTON_3, - NOTIFICATION_TEXT_TYPE_BUTTON_4, - NOTIFICATION_TEXT_TYPE_BUTTON_5, - NOTIFICATION_TEXT_TYPE_BUTTON_6, - }; - - for (notification_text_type_e type : textTypes) { - notification_get_text(noti, type, &str); - notification_set_text(it->second, type, str, NULL, NOTIFICATION_VARIABLE_TYPE_NONE); - } - - notification_get_size(noti, &progress); - notification_set_size(it->second, progress); - - notification_get_progress(noti, &progress); - notification_set_progress(it->second, progress); - - notification_update_for_uid(it->second, owner.getUid()); -} - -void notiProxyCallback(void *data, notification_type_e type, notification_op *op_list, int num_op) -{ - static runtime::User owner(ZONE_DEFAULT_OWNER); - runtime::User user(*reinterpret_cast(data)); - - if (user.getName() == owner.getName()) { - // TODO : should remove noti in the zone when related-zone is removed - // This will be imlemented when notification bug is fixed - return; - } - - for (int i = 0; i < num_op; i++) { - notification_h noti = NULL; - int opType, privId; - - notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_TYPE, &opType); - notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_PRIV_ID, &privId); - - switch (opType) { - case NOTIFICATION_OP_INSERT: - notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_NOTI, ¬i); - notiProxyInsert(owner, user, privId, noti); - break; - case NOTIFICATION_OP_DELETE: - notiProxyDelete(owner, privId); - break; - case NOTIFICATION_OP_UPDATE: - notification_op_get_data(op_list + i, NOTIFICATION_OP_DATA_NOTI, ¬i); - notiProxyUpdate(owner, user, privId, noti); - break; - } - } -} - -} // namespace - -ZoneManager* zoneManager = nullptr; - -ZoneManager::ZoneManager(PolicyControlContext& ctx) : - context(ctx) -{ - context.registerParametricMethod(this, "", (int)(ZoneManager::createZone)(std::string, std::string)); - context.registerParametricMethod(this, "", (int)(ZoneManager::removeZone)(std::string)); - context.registerParametricMethod(this, "", (int)(ZoneManager::lockZone)(std::string)); - context.registerParametricMethod(this, "", (int)(ZoneManager::unlockZone)(std::string)); - context.registerParametricMethod(this, "", (int)(ZoneManager::getZoneState)(std::string)); - context.registerParametricMethod(this, "", (std::vector)(ZoneManager::getZoneList)(int)); - context.registerParametricMethod(this, "", (int)(ZoneManager::resetZonePassword)(std::string, std::string)); - - context.createNotification("ZoneManager::created"); - context.createNotification("ZoneManager::removed"); - - PackageManager& packageManager = PackageManager::instance(); - packageManager.setEventCallback(packageEventHandler, this); - - zoneProcessMonitor(); - - initializeCreatedZoneList(); - for (std::string& name : createdZoneList) { - runtime::User zone(name); - notification_register_detailed_changed_cb_for_uid(notiProxyCallback, &name, zone.getUid()); - } - - zoneManager = this; -} - -ZoneManager::~ZoneManager() -{ -} - -int ZoneManager::createZone(const std::string& name, const std::string& manifest) -{ - auto provisioningWorker = [name, manifest, this]() { - std::unique_ptr manifestFile; - - try { - //create zone user by gumd - GumUser* guser = NULL; - while (guser == NULL) { - guser = gum_user_create_sync(FALSE); - } - g_object_set(G_OBJECT(guser), "username", name.c_str(), - "usertype", GUM_USERTYPE_SECURITY, NULL); - gboolean ret = gum_user_add_sync(guser); - g_object_unref(guser); - - if (!ret) { - throw runtime::Exception("Failed to remove user (" + name + ") by gumd"); - } - - runtime::User user(name); - - maskUserServices(user); - - manifestFile.reset(xml::Parser::parseString(manifest)); - manifestFile->write(ZONE_MANIFEST_DIR + name + ".xml", "UTF-8", true); - - //TODO: write container owner info - - //unlock the user - setZoneState(user.getUid(), 1); - - //wait for launchpad in the zone - sleep(1); - - auto it = createdZoneList.insert(createdZoneList.end(), name); - notification_register_detailed_changed_cb_for_uid(notiProxyCallback, &(*it), user.getUid()); - context.notify("ZoneManager::created", name, ""); - } catch (runtime::Exception& e) { - ERROR(e.what()); - context.notify("ZoneManager::created", name, "Error"); - } - }; - - std::thread asyncWork(provisioningWorker); - asyncWork.detach(); - - return 0; -} - -int ZoneManager::removeZone(const std::string& name) -{ - if (lockZone(name) != 0) { - return -1; - } - - auto remove = [name, this] { - //wait for zone session close - sleep(1); - - try { - runtime::User user(name); - - //umount TZ_USER_CONTENT - ::tzplatform_set_user(user.getUid()); - ::umount2(::tzplatform_getenv(TZ_USER_CONTENT), MNT_FORCE); - ::tzplatform_reset_user(); - - //remove zone user - GumUser* guser = NULL; - while (guser == NULL) { - guser = gum_user_get_sync(user.getUid(), FALSE); - } - gboolean ret = gum_user_delete_sync(guser, TRUE); - g_object_unref(guser); - - if (!ret) { - throw runtime::Exception("Failed to remove user " + name + "(" + std::to_string(user.getUid()) + ") by gumd"); - } - - auto it = createdZoneList.begin(); - for (; it != createdZoneList.end(); it++) { - if (*it == name) { - break; - } - } - createdZoneList.erase(it); - - notification_unregister_detailed_changed_cb_for_uid(notiProxyCallback, NULL, user.getUid()); - context.notify("ZoneManager::removed", name, ""); - } catch (runtime::Exception& e) { - ERROR(e.what()); - context.notify("ZoneManager::removed", name, "Error"); - return; - } - }; - - std::thread asyncWork(remove); - asyncWork.detach(); - - return 0; -} - -int ZoneManager::lockZone(const std::string& name) -{ - try { - runtime::User user(name); - setZoneState(user.getUid(), 0); - } catch (runtime::Exception& e) { - ERROR(e.what()); - return -1; - } - - return 0; -} - -int ZoneManager::unlockZone(const std::string& name) -{ - try { - runtime::User user(name); - setZoneState(user.getUid(), 1); - } catch (runtime::Exception& e) { - ERROR(e.what()); - return -1; - } - - return 0; -} - -int ZoneManager::getZoneState(const std::string& name) -{ - auto it = std::find(createdZoneList.begin(), createdZoneList.end(), name); - if (it == createdZoneList.end()) { - return 0; - } - - try { - runtime::User user(name); - try { - dbus::Connection& systemDBus = dbus::Connection::getSystem(); - const dbus::Variant& var = systemDBus.methodcall - ("org.freedesktop.login1", - "/org/freedesktop/login1", - "org.freedesktop.login1.Manager", - "GetUser", - -1, "(o)", "(u)", user.getUid()); - return ZoneManager::State::Running; - } catch (runtime::Exception& e) { - return ZoneManager::State::Locked; - } - } catch (runtime::Exception& e) { - ERROR(e.what()); - return 0; - } - - return 0; -} - -std::vector ZoneManager::getZoneList(int state) -{ - std::vector list; - - for (const std::string& name : createdZoneList) { - if (getZoneState(name) & state) { - list.push_back(name); - } - } - return list; -} - -int ZoneManager::resetZonePassword(const std::string& name, const std::string& newPassword) -{ - try { - runtime::User user(name); - int ret = auth_passwd_reset_passwd(AUTH_PWD_NORMAL, user.getUid(), newPassword.c_str()); - if (ret != AUTH_PASSWD_API_SUCCESS) { - throw runtime::Exception("Failed to reset password for " + name); - } - } catch (runtime::Exception& e) { - ERROR(e.what()); - return -1; - } - - return 0; -} - -DEFINE_POLICY(ZoneManager); - -} // namespace DevicePolicyManager diff --git a/tools/syspopup/po/en_US.po b/tools/syspopup/po/en_US.po index 22dbb6a..5715e0a 100644 --- a/tools/syspopup/po/en_US.po +++ b/tools/syspopup/po/en_US.po @@ -1,26 +1,26 @@ -msgid "IDS_DPM_NOTI_BODY_ZONE_REMOVE" -msgstr "Tap here to delete Separated Zone." +msgid "IDS_DPM_NOTI_BODY_KRATE_REMOVE" +msgstr "Tap here to delete Separated Krate." -msgid "IDS_DPM_NOTI_ZONE_REMOVE" -msgstr "Separated Zone deletion" +msgid "IDS_DPM_NOTI_KRATE_REMOVE" +msgstr "Separated Krate deletion" -msgid "IDS_DPM_BODY_ZONE_REMOVE" -msgstr "Security policy prevent the use of the Separated Zone. Tap OK to remove Separated zone." +msgid "IDS_DPM_BODY_KRATE_REMOVE" +msgstr "Security policy prevent the use of the Separated Krate. Tap OK to remove Separated krate." -msgid "IDS_DPM_ZONE_REMOVE" -msgstr "Remove Separated Zone" +msgid "IDS_DPM_KRATE_REMOVE" +msgstr "Remove Separated Krate" -msgid "IDS_DPM_NOTI_BODY_ZONE_CREATE" -msgstr "Tap here to create Separated Zone." +msgid "IDS_DPM_NOTI_BODY_KRATE_CREATE" +msgstr "Tap here to create Separated Krate." -msgid "IDS_DPM_NOTI_ZONE_CREATE" -msgstr "Separated zone creation" +msgid "IDS_DPM_NOTI_KRATE_CREATE" +msgstr "Separated krate creation" -msgid "IDS_DPM_BODY_ZONE_CREATE" -msgstr "Security policy force to use of the Separated Zone. Tap OK to create Separated zone." +msgid "IDS_DPM_BODY_KRATE_CREATE" +msgstr "Security policy force to use of the Separated Krate. Tap OK to create Separated krate." -msgid "IDS_DPM_ZONE_CREATE" -msgstr "Create Separated Zone" +msgid "IDS_DPM_KRATE_CREATE" +msgstr "Create Separated Krate" msgid "IDS_DPM_CANCEL" msgstr "Cancel" diff --git a/tools/syspopup/po/ko_KR.po b/tools/syspopup/po/ko_KR.po index 48744ed..fd36f8c 100644 --- a/tools/syspopup/po/ko_KR.po +++ b/tools/syspopup/po/ko_KR.po @@ -1,26 +1,26 @@ -msgid "IDS_DPM_NOTI_BODY_ZONE_REMOVE" -msgstr "여기를 누르면 Separated Zone을 제거합니다." +msgid "IDS_DPM_NOTI_BODY_KRATE_REMOVE" +msgstr "여기를 누르면 Separated Krate을 제거합니다." -msgid "IDS_DPM_NOTI_ZONE_REMOVE" -msgstr "Separate Zone 제거" +msgid "IDS_DPM_NOTI_KRATE_REMOVE" +msgstr "Separate Krate 제거" -msgid "IDS_DPM_BODY_ZONE_REMOVE" -msgstr "보안정책에 따라 Separated Zone 사용을 제한합니다. OK 버튼을 누르면 Separated Zone을 제거합니다." +msgid "IDS_DPM_BODY_KRATE_REMOVE" +msgstr "보안정책에 따라 Separated Krate 사용을 제한합니다. OK 버튼을 누르면 Separated Krate을 제거합니다." -msgid "IDS_DPM_ZONE_REMOVE" -msgstr "Separate Zone 제거" +msgid "IDS_DPM_KRATE_REMOVE" +msgstr "Separate Krate 제거" -msgid "IDS_DPM_NOTI_BODY_ZONE_CREATE" -msgstr "여기를 누르면 Separated Zone을 생성합니다." +msgid "IDS_DPM_NOTI_BODY_KRATE_CREATE" +msgstr "여기를 누르면 Separated Krate을 생성합니다." -msgid "IDS_DPM_NOTI_ZONE_CREATE" -msgstr "Separate Zone 생성" +msgid "IDS_DPM_NOTI_KRATE_CREATE" +msgstr "Separate Krate 생성" -msgid "IDS_DPM_BODY_ZONE_CREATE" -msgstr "보안정책에 따라 Separated Zone을 사용합니다. OK 버튼을 누르면 Separated Zone을 생성합니다." +msgid "IDS_DPM_BODY_KRATE_CREATE" +msgstr "보안정책에 따라 Separated Krate을 사용합니다. OK 버튼을 누르면 Separated Krate을 생성합니다." -msgid "IDS_DPM_ZONE_CREATE" -msgstr "Separated Zone 생성" +msgid "IDS_DPM_KRATE_CREATE" +msgstr "Separated Krate 생성" msgid "IDS_DPM_CANCEL" msgstr "취소" diff --git a/tools/syspopup/src/popup-list.c b/tools/syspopup/src/popup-list.c index 890dcf6..7b3fed8 100644 --- a/tools/syspopup/src/popup-list.c +++ b/tools/syspopup/src/popup-list.c @@ -58,9 +58,9 @@ popup_info_s popup_list[] = { {"storage-decryption", true, "IDS_DPM_STORAGE_DECRYPTION", NULL, "toast", NULL, NULL, NULL, NULL}, {"wipe-data", true, "IDS_DPM_WIPE_DATA", NULL, "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", NULL, NULL}, - /* Zone Policy */ - {"zone-create", false, "IDS_DPM_ZONE_CREATE", "IDS_DPM_BODY_ZONE_CREATE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_ZONE_CREATE", "IDS_DPM_NOTI_BODY_ZONE_CREATE"}, - {"zone-remove", false, "IDS_DPM_ZONE_REMOVE", "IDS_DPM_BODY_ZONE_REMOVE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_ZONE_REMOVE", "IDS_DPM_NOTI_BODY_ZONE_REMOVE"}, + /* Krate Policy */ + {"krate-create", false, "IDS_DPM_KRATE_CREATE", "IDS_DPM_BODY_KRATE_CREATE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_KRATE_CREATE", "IDS_DPM_NOTI_BODY_KRATE_CREATE"}, + {"krate-remove", false, "IDS_DPM_KRATE_REMOVE", "IDS_DPM_BODY_KRATE_REMOVE", "default", "IDS_DPM_CANCEL", "IDS_DPM_OK", "IDS_DPM_NOTI_KRATE_REMOVE", "IDS_DPM_NOTI_BODY_KRATE_REMOVE"}, }; popup_info_s *_get_popup_info(const char *id) diff --git a/zone/CMakeLists.txt b/zone/CMakeLists.txt deleted file mode 100755 index 19c6ec8..0000000 --- a/zone/CMakeLists.txt +++ /dev/null @@ -1,28 +0,0 @@ -# -# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -SET(ZONE_MODULE ${DPM_ZONE}/module) -SET(ZONE_LIBS ${DPM_ZONE}/libs) -SET(ZONE_CLI ${DPM_ZONE}/cli) -SET(ZONE_VOLUME ${DPM_ZONE}/volume) - -ADD_SUBDIRECTORY(${ZONE_MODULE}) -ADD_SUBDIRECTORY(${ZONE_LIBS}) -ADD_SUBDIRECTORY(${ZONE_CLI}) -ADD_SUBDIRECTORY(${ZONE_VOLUME}) - -INSTALL(FILES gumd-scripts/20_pam-zone-add.post DESTINATION /etc/gumd/useradd.d) -INSTALL(FILES gumd-scripts/20_pam-zone-remove.post DESTINATION /etc/gumd/userdel.d) diff --git a/zone/cli/CMakeLists.txt b/zone/cli/CMakeLists.txt deleted file mode 100644 index a76e356..0000000 --- a/zone/cli/CMakeLists.txt +++ /dev/null @@ -1,44 +0,0 @@ -# -# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -PROJECT(zone-cli) - -FILE(GLOB ZONE_CLI_SRCS zone-admin-cli.cpp - ${ZONE_MODULE}/session.cpp - ${ZONE_MODULE}/zone-builder.cpp -) - -SET(ZONE_CLI_NAME "zone-admin-cli") - -ADD_EXECUTABLE(${ZONE_CLI_NAME} ${ZONE_CLI_SRCS}) -SET_TARGET_PROPERTIES(${ZONE_CLI_NAME} PROPERTIES PREFIX "" - COMPILE_DEFINITIONS PID_FILE_PATH="${RUN_INSTALL_DIR}/zone" - COMPILE_FLAGS "-fPIE" - LINK_FLAGS "-pie" -) - -PKG_CHECK_MODULES(ZONE_CLI_DEPS REQUIRED - klay - glib-2.0 - libxml-2.0 - capi-appfw-package-manager - capi-appfw-app-manager -) - -INCLUDE_DIRECTORIES(SYSTEM ${ZONE_CLI_DEPS_INCLUDE_DIRS} ${ZONE_MODULE} ${ZONE_LIBS}) -TARGET_LINK_LIBRARIES(${ZONE_CLI_NAME} ${ZONE_CLI_DEPS_LIBRARIES} zone) - -INSTALL(TARGETS ${ZONE_CLI_NAME} DESTINATION sbin) diff --git a/zone/cli/zone-admin-cli.cpp b/zone/cli/zone-admin-cli.cpp deleted file mode 100644 index f5fb71b..0000000 --- a/zone/cli/zone-admin-cli.cpp +++ /dev/null @@ -1,477 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Sungbae Yoo - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -/** - * @file - * @author Sungbae Yoo (sungbae.yoo@samsung.com) - * @brief CLI tool to attach to existing namespace by pam-attach.so - */ - -#define _XOPEN_SOURCE -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include - -#include "session.h" - - -#define DEFAULT_SHELL "/bin/bash" - -typedef std::pair NamespacePair; - -std::vector namespaces = { - {"mnt", CLONE_NEWNS}, - {"net", CLONE_NEWNET}, - {"uts", CLONE_NEWUTS}, - {"user", CLONE_NEWUSER}, - {"ipc", CLONE_NEWIPC}, - {"pid", CLONE_NEWPID} -}; - -extern char** environ; - -static inline void usage(const std::string name) -{ - std::cout << "Usage: " << name << " [Option] -- COMMAND" << std::endl - << "Run a program in the zone" << std::endl - << std::endl - << "Options :" << std::endl - << " -a, --attach=zone execute command in the zone" << std::endl - << " -p, --pkginfo=zone show all packages in the zone" << std::endl - << " -q, --appinfo=zone show all applications in the zone" << std::endl - << " -m, --zone-monitor monitor all zone events" << std::endl - << " -n, --pkg-monitor monitor all package events in the zone" << std::endl - << " -l, --list show all zone instances" << std::endl - << " -h, --help show this" << std::endl - << std::endl; -} - -int showZoneInstances() -{ - try { - runtime::DirectoryIterator iter("/var/run/zone"), end; - - while (iter != end) { - const std::string& path = (*iter).getPath(); - size_t name = path.rfind('/') + 1; - std::cout << path.substr(name) << std::endl; - ++iter; - } - } catch (runtime::Exception& e) { - std::cerr << e.what() << std::endl; - return -1; - } - - return 0; -} - -void attachNamespaces(pid_t pid) -{ - int fd; - for (const NamespacePair& ns : namespaces) { - std::string nspath = "/proc/" + std::to_string(pid) + "/ns/" + ns.first; - - do { - fd = ::open(nspath.c_str(), O_RDONLY); - } while (fd == -1 && errno == EINTR); - - if (fd == -1) { - if (errno != ENOENT) { - throw runtime::Exception("Failed to open namesapce: " + nspath); - } - } else { - if (::setns(fd, ns.second)) { - ::close(fd); - throw runtime::Exception("Failed to attach namespace: " + nspath); - } - ::close(fd); - } - } -} - -void launchProcess(runtime::User& user, char** args) -{ - int status; - - pid_t pid = ::fork(); - if (pid == -1) { - throw runtime::Exception("Failed to create child process"); - } - - if (pid != 0) { - ::waitpid(pid, &status, 0); - if (WEXITSTATUS(status) != EXIT_SUCCESS) { - throw runtime::Exception("Child process terminated abnormally"); - } - return; - } - - if (::initgroups(user.getName().c_str(), user.getGid()) == -1) { - std::cerr << "Failed to initgroups()" << std::endl; - ::exit(EXIT_FAILURE); - } - - if (::setgid(user.getGid()) == -1) { - std::cerr << "Failed to setgid()" << std::endl; - ::exit(EXIT_FAILURE); - } - - if (::setuid(user.getUid()) == -1) { - std::cerr << "Failed to setuid()" << std::endl; - ::exit(EXIT_FAILURE); - } - - char *default_args[2]; - default_args[0] = ::strdup(DEFAULT_SHELL); - default_args[1] = NULL; - - if (args == NULL) { - args = default_args; - } - - ::execve(*args, args, environ); - std::cerr << "Failed to execute " << args[0] << std::endl; - - ::free(default_args[0]); - - ::exit(EXIT_FAILURE); -} - -int attachToZone(const std::string& name, char* args[]) -{ - try { - runtime::User user(name); - - attachNamespaces(getSessionLeader(user)); - launchProcess(user, args); - } catch (runtime::Exception& e) { - std::cerr << e.what() << std::endl; - return -1; - } - - return 0; -} - -bool packgeListCallback(package_info_h info, void *user_data) -{ - bool checked; - char *val; - - std::cout << "Package #" << (*(int*)user_data)++ << " :" << std::endl; - - package_info_get_package(info, &val); - std::cout << val; - free(val); - - package_info_get_version(info, &val); - std::cout << " (" << val << ")" << std::endl; - free(val); - - package_info_get_type(info, &val); - std::cout << " Type : " << val << " ("; - free(val); - - package_info_is_system_package(info, &checked); - if (checked) { - std::cout <<" System "; - } - package_info_is_removable_package(info, &checked); - if (checked) { - std::cout <<" Removable "; - } - package_info_is_preload_package(info, &checked); - if (checked) { - std::cout <<" Preload "; - } - std::cout << ")" << std::endl; - - package_info_get_label(info, &val); - std::cout << " Label : " << val << std::endl; - free(val); - - package_info_get_icon(info, &val); - std::cout << " Icon : " << val << std::endl; - free(val); - - std::cout << std::endl; - - return true; -} - -int showPkgInfo(const std::string& name) -{ - int num = 0; - - zone_manager_h zoneMgr; - zone_package_proxy_h pkgProxy; - - zone_manager_create(&zoneMgr); - zone_package_proxy_create(zoneMgr, name.c_str(), &pkgProxy); - zone_package_proxy_foreach_package_info(pkgProxy, packgeListCallback, &num); - std::cout << num << " packages are found" << std::endl; - zone_package_proxy_destroy(pkgProxy); - zone_manager_destroy(zoneMgr); - - return 0; -} - -bool applicationListCallback(app_info_h info, void *user_data) -{ - bool checked; - char *val; - - std::cout << "Application #" << (*(int*)user_data)++ << " :" << std::endl; - - app_info_get_app_id(info, &val); - std::cout << val; - free(val); - - app_info_get_package(info, &val); - std::cout << " (" << val << ")" << std::endl; - free(val); - - app_info_get_type(info, &val); - std::cout << " Type : " << val << " ("; - free(val); - - app_info_is_nodisplay(info, &checked); - if (checked) { - std::cout <<" NoDisplay "; - } - std::cout << ")"<< std::endl; - - app_info_get_label(info, &val); - std::cout << " Label : " << val << std::endl; - free(val); - - if (app_info_get_icon(info, &val) == APP_MANAGER_ERROR_NONE) { - std::cout << " Icon : " << val << std::endl; - free(val); - } else { - std::cout << "App Manager error" << std::endl; - } - - std::cout << std::endl; - - return true; -} - -int showAppInfo(const std::string& name) -{ - int num = 0; - - zone_manager_h zoneMgr; - zone_app_proxy_h appMgr; - - zone_manager_create(&zoneMgr); - zone_app_proxy_create(zoneMgr, name.c_str(), &appMgr); - zone_app_proxy_foreach_app_info(appMgr, applicationListCallback, &num); - std::cout << num << " applications are found" << std::endl; - zone_app_proxy_destroy(appMgr); - zone_manager_destroy(zoneMgr); - - return 0; -} - -GMainLoop *gmainloop = NULL; - -void monitorSigHandler(int sig) -{ - g_main_loop_quit(gmainloop); -} - -void zoneCallback(const char* name, const char* object, void *user_data) -{ - std::cout << "--- Zone event ---" << std::endl; - std::cout << "Type : " << (char*)user_data << std::endl; - std::cout << "Name : " << name <= argc ? NULL : argv + optind); - break; - case 'p': - ret = showPkgInfo(optarg); - break; - case 'q': - ret = showAppInfo(optarg); - break; - case 'm': - ret = monitorEvent(); - break; - case 'n': - ret = monitorPkgEvent(optarg); - break; - case 'l': - ret = showZoneInstances(); - break; - case 'h': - usage(argv[0]); - break; - default: - usage(argv[0]); - ret = -1; - } - } - - return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE; -} diff --git a/zone/gumd-scripts/20_pam-zone-add.post b/zone/gumd-scripts/20_pam-zone-add.post deleted file mode 100644 index 1d30527..0000000 --- a/zone/gumd-scripts/20_pam-zone-add.post +++ /dev/null @@ -1,4 +0,0 @@ -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -export `tzplatform-get TZ_SYS_ETC` -cp ${TZ_SYS_ETC}/dpm/zone/owner.xml ${TZ_SYS_ETC}/dpm/zone/${1}.xml diff --git a/zone/gumd-scripts/20_pam-zone-remove.post b/zone/gumd-scripts/20_pam-zone-remove.post deleted file mode 100644 index 48bfabe..0000000 --- a/zone/gumd-scripts/20_pam-zone-remove.post +++ /dev/null @@ -1,4 +0,0 @@ -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -export `tzplatform-get TZ_SYS_ETC` -rm ${TZ_SYS_ETC}/dpm/zone/${1}.xml diff --git a/zone/libs/CMakeLists.txt b/zone/libs/CMakeLists.txt deleted file mode 100755 index 85f5d7e..0000000 --- a/zone/libs/CMakeLists.txt +++ /dev/null @@ -1,61 +0,0 @@ -# -# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -PROJECT(zone) -SET(LIB_VERSION "${VERSION}") -SET(LIB_SOVERSION "0") - -SET(PC_FILE "${PROJECT_NAME}.pc") - -SET(SOURCES ${DPM_LIBS}/policy-client.cpp - zone.cpp - package-proxy.cpp - app-proxy.cpp - zone/zone.cpp - zone/package-proxy.cpp - zone/app-proxy.cpp -) - -SET(CAPI_INCLUDE_FILES zone/zone.h - zone/package-proxy.h - zone/app-proxy.h -) - - -SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,noexecstack") - -PKG_CHECK_MODULES(ZONE_LIBS_DEPS REQUIRED - klay - glib-2.0 - capi-appfw-package-manager - capi-appfw-app-manager - capi-appfw-app-control - libtzplatform-config -) - -ADD_LIBRARY(${PROJECT_NAME} SHARED ${SOURCES}) -SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES COMPILE_FLAGS "-fvisibility=hidden") -SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES SOVERSION ${LIB_SOVERSION}) -SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES VERSION ${LIB_VERSION}) - -INCLUDE_DIRECTORIES(SYSTEM ${ZONE_LIBS_DEPS_INCLUDE_DIRS} ${DPM_POLICY} ${DPM_LIBS} ${ZONE_LIBS}) -TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${ZONE_LIBS_DEPS_LIBRARIES} pthread) - -CONFIGURE_FILE(${PC_FILE}.in ${CMAKE_BINARY_DIR}/${PC_FILE} @ONLY) - -INSTALL(FILES ${CMAKE_BINARY_DIR}/${PC_FILE} DESTINATION ${LIB_INSTALL_DIR}/pkgconfig) -INSTALL(TARGETS ${PROJECT_NAME} DESTINATION ${LIB_INSTALL_DIR} COMPONENT RuntimeLibraries) -INSTALL(FILES ${CAPI_INCLUDE_FILES} DESTINATION ${INCLUDE_INSTALL_DIR}/zone) diff --git a/zone/libs/app-proxy.cpp b/zone/libs/app-proxy.cpp deleted file mode 100644 index da64314..0000000 --- a/zone/libs/app-proxy.cpp +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include "zone/app-proxy.hxx" - -namespace DevicePolicyManager { - -ZoneAppProxy::ZoneAppProxy(PolicyControlContext& ctx) - : context(ctx) -{ -} - -ZoneAppProxy::~ZoneAppProxy() -{ -} - -ZoneAppProxy::AppInfo ZoneAppProxy::getAppInfo(const std::string& name, const std::string& appid) -{ - try { - return context->methodCall("ZoneAppProxy::getAppInfo", name, appid); - } catch (runtime::Exception& e) {} - return ZoneAppProxy::AppInfo(); -} - -int ZoneAppProxy::createIterator(const std::string& zone) -{ - try { - return context->methodCall("ZoneAppProxy::createIterator", zone); - } catch (runtime::Exception& e) {} - return -1; -} - -ZoneAppProxy::AppInfo ZoneAppProxy::getIteratorValue(int iterator) -{ - try { - return context->methodCall("ZoneAppProxy::getIteratorValue", iterator); - } catch (runtime::Exception& e) {} - return ZoneAppProxy::AppInfo(); -} - -bool ZoneAppProxy::nextIterator(int iterator) -{ - try { - return context->methodCall("ZoneAppProxy::nextIterator", iterator); - } catch (runtime::Exception& e) {} - return false; -} - -int ZoneAppProxy::destroyIterator(int iterator) -{ - try { - return context->methodCall("ZoneAppProxy::destroyIterator", iterator); - } catch (runtime::Exception& e) {} - return -1; -} - -int ZoneAppProxy::launch(const std::string& name, const ZoneAppProxy::Bundle& bundle) -{ - try { - return context->methodCall("ZoneAppProxy::launch", name, bundle); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZoneAppProxy::resume(const std::string& name, const std::string& appid) -{ - try { - return context->methodCall("ZoneAppProxy::resume", name, appid); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZoneAppProxy::terminate(const std::string& name, const std::string& appid) -{ - try { - return context->methodCall("ZoneAppProxy::terminate", name, appid); - } catch (runtime::Exception& e) { - return -1; - } -} - -bool ZoneAppProxy::isRunning(const std::string& name, const std::string& appid) -{ - try { - return context->methodCall("ZoneAppProxy::isRunning", name, appid); - } catch (runtime::Exception& e) { - return -1; - } -} - -} // namespace DevicePolicyManager diff --git a/zone/libs/package-proxy.cpp b/zone/libs/package-proxy.cpp deleted file mode 100644 index 1fd8e81..0000000 --- a/zone/libs/package-proxy.cpp +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -#include "zone/package-proxy.hxx" - -namespace DevicePolicyManager { - -ZonePackageProxy::ZonePackageProxy(PolicyControlContext& ctx) : - context(ctx) -{ -} - -ZonePackageProxy::~ZonePackageProxy() -{ -} - -ZonePackageProxy::PackageInfo ZonePackageProxy::getPackageInfo(const std::string& name, const std::string& pkgid) -{ - try { - return context->methodCall("ZonePackageProxy::getPackageInfo", name, pkgid); - } catch (runtime::Exception& e) {} - return ZonePackageProxy::PackageInfo(); -} - -std::vector ZonePackageProxy::getPackageList(const std::string& zone) -{ - try { - return context->methodCall>("ZonePackageProxy::getPackageList", zone); - } catch (runtime::Exception& e) {} - return std::vector();; -} - -int ZonePackageProxy::install(const std::string& name, const std::string& pkgid) -{ - try { - return context->methodCall("ZonePackageProxy::install", name, pkgid); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZonePackageProxy::uninstall(const std::string& name, const std::string& pkgid) -{ - try { - return context->methodCall("ZonePackageProxy::uninstall", name, pkgid); - } catch (runtime::Exception& e) { - return -1; - } -} - -} // namespace DevicePolicyManager diff --git a/zone/libs/zone.cpp b/zone/libs/zone.cpp deleted file mode 100644 index 9f6a9ff..0000000 --- a/zone/libs/zone.cpp +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include "zone/zone.hxx" - -namespace DevicePolicyManager { - -ZoneManager::ZoneManager(PolicyControlContext& ctx) : - context(ctx) -{ -} - -ZoneManager::~ZoneManager() -{ -} - -int ZoneManager::createZone(const std::string& name, const std::string& setupWizAppid) -{ - try { - return context->methodCall("ZoneManager::createZone", name, setupWizAppid); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZoneManager::removeZone(const std::string& name) -{ - try { - return context->methodCall("ZoneManager::removeZone", name); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZoneManager::lockZone(const std::string& name) -{ - try { - return context->methodCall("ZoneManager::lockZone", name); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZoneManager::unlockZone(const std::string& name) -{ - try { - return context->methodCall("ZoneManager::unlockZone", name); - } catch (runtime::Exception& e) { - return -1; - } -} - -int ZoneManager::getZoneState(const std::string& name) -{ - try { - return context->methodCall("ZoneManager::getZoneState", name); - } catch (runtime::Exception& e) { - return -1; - } -} - -std::vector ZoneManager::getZoneList(int state) -{ - std::vector empty; - try { - return context->methodCall>("ZoneManager::getZoneList", state); - } catch (runtime::Exception& e) { - return empty; - } -} - -int ZoneManager::resetZonePassword(const std::string& name, const std::string& newPassword) -{ - try { - return context->methodCall("ZoneManager::resetZonePassword", name, newPassword); - } catch (runtime::Exception& e) { - return -1; - } -} - -} // namespace DevicePolicyManager diff --git a/zone/libs/zone.pc.in b/zone/libs/zone.pc.in deleted file mode 100644 index 4a00aa4..0000000 --- a/zone/libs/zone.pc.in +++ /dev/null @@ -1,12 +0,0 @@ -# Package Information for pkg-config - -prefix=@CMAKE_INSTALL_PREFIX@ -exec_prefix=@CMAKE_INSTALL_PREFIX@ -libdir=@LIB_INSTALL_DIR@ -includedir=@INCLUDE_INSTALL_DIR@ - -Name: zone -Description: Tizen Zone Client library -Version: @VERSION@ -Libs: -L${libdir} -lzone -Cflags: -I${includedir}/zone diff --git a/zone/libs/zone/app-info-internal.h b/zone/libs/zone/app-info-internal.h deleted file mode 100644 index 96f1a7a..0000000 --- a/zone/libs/zone/app-info-internal.h +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __DPM_APP_INFO_INTERNAL_H__ -#define __DPM_APP_INFO_INTERNAL_H__ - -#include - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct icon_x { - char *text; - char *lang; - char *section; - char *size; - char *resolution; - char *dpi; -} icon_x; - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct label_x { - char *name; - char *text; - char *lang; -} label_x; - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct application_x { - char *appid; /*attr*/ - char *exec; /*attr*/ - char *nodisplay; /*attr, default: "false"*/ - char *multiple; /*attr, default: "false"*/ - char *taskmanage; /*attr, default: "true"*/ - char *enabled; /*attr, default: "true"*/ - char *type; /*attr*/ - char *categories; /*attr*/ - char *extraid; /*attr*/ - char *hwacceleration; /*attr, default: "default"*/ - char *screenreader; /*attr, default: "use-system-setting"*/ - char *mainapp; /*attr, default: "false"*/ - char *package; /*set from package_x*/ - char *recentimage; /*attr, default: "false"*/ - char *launchcondition; /*attr, default: "false"*/ - char *indicatordisplay; /*attr, default: "true"*/ - char *portraitimg; /*attr*/ - char *landscapeimg; /*attr*/ - char *effectimage_type; /*attr, default: "image"*/ - char *guestmode_visibility; /*attr, default: "true"*/ - char *component; /*no xml part*/ - char *permission_type; /*attr, default: "normal"*/ - char *component_type; /*attr, default: "uiapp"*/ - char *preload; /*no xml part*/ - char *submode; /*attr, default: "false"*/ - char *submode_mainid; /*attr, default: "false"*/ - char *process_pool; /*attr, default: "false"*/ - char *installed_storage; - char *autorestart; /*attr, default: "false"*/ - char *onboot; /*attr, default: "false"*/ - char *support_disable; /*set from package_x*/ - char *ui_gadget; /*attr, default: "false"*/ - char *launch_mode; /*attr, default: "single"*/ - char *ambient_support; /*attr, default: "false"*/ - char *alias_appid; /*attr*/ - char *effective_appid; /*attr*/ - char *package_type; /*set from package_x*/ - char *tep_name; /*set from package_x*/ - char *zip_mount_file; /*set from package_x*/ - char *root_path; /*set from package_x*/ - char *api_version; /*set from package_x*/ - char *for_all_users; /**< Flag that indicates if the package is available for everyone or for current user only, no xml part*/ - char *is_disabled; /**< Flag that indicates if the application is disabled or not, no xml part*/ - char *splash_screen_display; /*attr, default: "true"*/ - GList *label; /*element*/ - GList *icon; /*element*/ - GList *image; /*element*/ - GList *category; /*element*/ - GList *metadata; /*element*/ - GList *permission; /*element*/ - GList *launchconditions; /*element*/ - GList *notification; /*element*/ - GList *datashare; /*element*/ - GList *datacontrol; /*element*/ - GList *background_category; /*element*/ - GList *appcontrol; /*element*/ - GList *splashscreens; /*element*/ -} application_x; - -// pkgmgr-info : include/pkgmgrinfo_private.h -typedef struct _pkgmgr_appinfo_x { - const char *package; - char *locale; - int app_component; - application_x *app_info; -} pkgmgr_appinfo_x; - -// app-manager : src/app_info.c -typedef struct app_info_s { - char *app_id; - pkgmgr_appinfo_x *pkg_app_info; -} app_info_s; - - -#endif //__DPM_APP_INFO_INTERNAL_H__ diff --git a/zone/libs/zone/app-proxy.cpp b/zone/libs/zone/app-proxy.cpp deleted file mode 100644 index d3e568f..0000000 --- a/zone/libs/zone/app-proxy.cpp +++ /dev/null @@ -1,258 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include -#include - -#include "zone.h" -#include "debug.h" -#include "app-proxy.h" -#include "app-info-internal.h" - -#include "policy-client.h" -#include "zone/app-proxy.hxx" - -using namespace DevicePolicyManager; - -struct zone_app_proxy_s { - ZoneAppProxy proxy; - std::string zoneName; -}; - -static inline zone_app_proxy_s* getInstance(zone_app_proxy_h handle) -{ - return reinterpret_cast(handle); -} - -static app_info_h make_app_info_handle(const ZoneAppProxy::AppInfo& info) -{ - if (info.id.empty()) { - return NULL; - } - - application_x* app = (application_x*)::malloc(sizeof(application_x)); - pkgmgr_appinfo_x* pkgappinfo = (pkgmgr_appinfo_x*)::malloc(sizeof(pkgmgr_appinfo_x)); - app_info_s* appinfo = (app_info_s*)::malloc(sizeof(struct app_info_s)); - - ::memset(appinfo, 0, sizeof(app_info_s)); - appinfo->app_id = ::strdup(info.id.c_str()); - appinfo->pkg_app_info = pkgappinfo; - - ::memset(pkgappinfo, 0, sizeof(pkgmgr_appinfo_x)); - pkgappinfo->package = ::strdup(info.package.c_str()); - pkgappinfo->locale = ::strdup(info.locale.c_str()); - pkgappinfo->app_component = info.componentType; - pkgappinfo->app_info = app; - - ::memset(app, 0, sizeof(application_x)); - app->appid = ::strdup(info.id.c_str()); - app->nodisplay = ::strdup(info.isNoDisplayed? "true":"false"); - app->taskmanage = ::strdup(info.isTaskManaged? "true":"false"); - app->type = ::strdup(info.type.c_str()); - - icon_x* icon = (icon_x*)::calloc(1, sizeof(icon_x)); - icon->text = ::strdup(info.icon.c_str()); - icon->lang = ::strdup(info.locale.c_str()); - app->icon = ::g_list_append(NULL, icon); - - label_x* label = (label_x*)::calloc(1, sizeof(label_x)); - label->text = ::strdup(info.label.c_str()); - label->lang = ::strdup(info.locale.c_str()); - app->label = ::g_list_append(NULL, label); - - return reinterpret_cast(appinfo); -} - -int zone_app_proxy_create(zone_manager_h manager, const char* name, zone_app_proxy_h *handle) -{ - RET_ON_FAILURE(manager, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - zone_app_proxy_s* instance = new zone_app_proxy_s { - GetDevicePolicyContext(manager).createPolicyInterface(), - name - }; - - *handle = reinterpret_cast(instance); - return ZONE_ERROR_NONE; -} - -int zone_app_proxy_destroy(zone_app_proxy_h handle) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - delete reinterpret_cast(handle); - - return ZONE_ERROR_NONE; -} - -int zone_app_proxy_get_app_info(zone_app_proxy_h handle, const char* app_id, app_info_h* app_info) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(app_info, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - const auto info = proxy.getAppInfo(name, app_id); - app_info_h ret = make_app_info_handle(info); - if (ret == NULL) { - return ZONE_ERROR_INVALID_PARAMETER; - } - - *app_info = ret; - - return ZONE_ERROR_NONE; -} - -int zone_app_proxy_foreach_app_info(zone_app_proxy_h handle, app_manager_app_info_cb callback, void *user_data) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - int iter = proxy.createIterator(name); - do { - app_info_h info = make_app_info_handle(proxy.getIteratorValue(iter)); - int ret = callback(info, user_data); - app_info_destroy(info); - if (!ret) { - break; - } - } while (proxy.nextIterator(iter)); - proxy.destroyIterator(iter); - - return ZONE_ERROR_NONE; -} - -static bool appExtraCallback(app_control_h app_control, const char *key, void *user_data) -{ - ZoneAppProxy::Bundle *bundle = reinterpret_cast(user_data); - ZoneAppProxy::Bundle::Extra extra; - bool isArray; - - extra.key = key; - - app_control_is_extra_data_array(app_control, key, &isArray); - if (isArray) { - char **values; - int length = 0; - app_control_get_extra_data_array(app_control, key, &values, &length); - for (int i = 0; i < length; i++) { - extra.value.push_back(values[i]); - free(values[i]); - } - free(values); - } else { - char *value; - app_control_get_extra_data(app_control, key, &value); - extra.value.push_back(value); - free(value); - } - bundle->extraData.push_back(extra); - - return true; -} - -int zone_app_proxy_send_launch_request(zone_app_proxy_h handle, app_control_h app_control) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(app_control, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - char *str; - - ZoneAppProxy::Bundle bundle; - app_control_get_operation(app_control, &str); - if (str != NULL) { - bundle.operation = str; - free(str); - str = NULL; - } - app_control_get_uri(app_control, &str); - if (str != NULL) { - bundle.uri = str; - free(str); - str = NULL; - } - app_control_get_mime(app_control, &str); - if (str != NULL) { - bundle.mime = str; - free(str); - str = NULL; - } - app_control_get_category(app_control, &str); - if (str != NULL) { - bundle.category = str; - free(str); - str = NULL; - } - app_control_get_app_id(app_control, &str); - if (str != NULL) { - bundle.appId = str; - free(str); - str = NULL; - } - app_control_foreach_extra_data(app_control, appExtraCallback, &bundle); - - return proxy.launch(name, bundle); -} - -int zone_app_proxy_terminate(zone_app_proxy_h handle, const char* app_id) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - return proxy.terminate(name, app_id); -} - -int zone_app_proxy_resume(zone_app_proxy_h handle, const char* app_id) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - return proxy.resume(name, app_id); -} - -int zone_app_proxy_is_running(zone_app_proxy_h handle, const char* app_id, int *result) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(app_id, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(result, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - *result = proxy.isRunning(name, app_id); - return ZONE_ERROR_NONE; -} diff --git a/zone/libs/zone/app-proxy.h b/zone/libs/zone/app-proxy.h deleted file mode 100644 index fc18a0d..0000000 --- a/zone/libs/zone/app-proxy.h +++ /dev/null @@ -1,235 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __CAPI_ZONE_APP_INFO_H__ -#define __CAPI_ZONE_APP_INFO_H__ - -#include -#include -#include - -#include - -/** - * @file app-info.h - * @brief This file provides APIs to get the information of applications in the zone - */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * @addtogroup CAPI_ZONE_APPLICATION_INFO_MODULE - * @{ - */ - -/** - * @brief The zone application manager handle - * @since_tizen 3.0 - * @see zone_app_proxy_create() - * @see zone_app_proxy_destroy() - */ -typedef void* zone_app_proxy_h; - -/** - * @brief Acquires the zone application manager handle - * @details This API acquires zone application manager handle required to call - * the zone application manager APIs. - * @since_tizen 3.0 - * @param[in] manager The zone manager handle - * @param[in] name The zone name - * @param[out] handle The zone app proxy handle - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_CONNECTION_REFUSED Connection refused - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @see zone_manager_create() - * @see zone_app_proxy_create() - * @see get_last_result() - */ -ZONE_API int zone_app_proxy_create(zone_manager_h manager, const char* name, zone_app_proxy_h* handle); - -/** - * @brief Releases the zone application manager handle - * @details This API must be called if interaction with the zone application - * manager handle is no longer required. - * @since_tizen 3.0 - * @param[in] context The device policy manager context - * @param[in] handle The zone application manager handle - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The handle must be created by zone_app_proxy_create() - * @see zone_app_proxy_create() - */ -ZONE_API int zone_app_proxy_destroy(zone_app_proxy_h handle); - -/** - * @brief Gets the application information for the given application in the zone. - * @details This API gets application information handle required to get - * information of the application in the zone - * @since_tizen 3.0 - * @param[in] handle The zone application manager handle - * @param[in] appid The application ID - * @return Zone application handle on success, otherwise NULL - * @remark The specific error code can be obtained by using the - * get_last_result() method. Error codes are described in - * exception section. - * @exception #ZONE_ERROR_NONE No error - * @exception #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @exception #ZONE_ERROR_TIMED_OUT Time out - * @see zone_app_proxy_create() - * @see zone_app_proxy_create() - * @see zone_application_release() - * @see application_manager_get_application_info() - * @see get_last_result() - */ -ZONE_API int zone_app_proxy_get_app_info(zone_app_proxy_h handle, const char* appid, app_info_h* app_info); - -/** - * @brief Retrieves all the handles of the application in the zone. - * @details This API calls app_manager_app_info_cb() once for each application - * ID with traversing the installed application list in the zone. - * @since_tizen 3.0 - * @param[in] handle The zone application manager handle - * @param[in] callback The iteration callback function - * @param[in] user_data The user data passed to the callback function - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @pre The handle must be created by zone_app_proxy_create(). - * @see zone_app_proxy_create() - * @see zone_app_proxy_create() - * @see application_manager_foreach_app_info() - */ -ZONE_API int zone_app_proxy_foreach_app_info(zone_app_proxy_h handle, app_manager_app_info_cb callback, void *user_data); - -/** - * @brief Launch the application located at the given path into the zone. - * @details Administrator can use this API to launch the application in the - * zone. - * @since_tizen 3.0 - * @param[in] handle The zone application manager handle - * @param[in] app_control The app_control handle - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_NO_SUCH_FILE No such application file - * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have - * the privilege to call this API or the caller is not the owner - * of the zone - * @pre The handle must be created by zone_app_proxy_create(). - * @pre The zone corresponding to the given name must be - * created before use of this API. - * @see zone_app_proxy_create() - * @see zone_app_proxy_destroy() - * @see zone_app_proxy_resume() - * @see zone_app_proxy_terminate() - * @see zone_is_running_app() - * @see app_control_send_launch_request() - */ -ZONE_API int zone_app_proxy_send_launch_request(zone_app_proxy_h handle, app_control_h app_control); - -/** - * @brief Terminate the application located at the given path into the zone. - * @details Administrator can use this API to terminate the application in - * the zone. - * @since_tizen 3.0 - * @param[in] handle The zone application manager handle - * @param[in] appid The application ID to be terminated - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_NO_SUCH_FILE No such application file - * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have - * the privilege to call this API or the caller is not the owner - * of the zone - * @pre The handle must be created by zone_app_proxy_create(). - * @pre The zone corresponding to the given name must be - * created before use of this API. - * @see zone_app_proxy_create() - * @see zone_app_proxy_destroy() - * @see zone_app_proxy_resume() - * @see zone_app_proxy_send_launch_request() - * @see zone_is_running_app() - * @see app_control_send_terminate_request() - * @see app_manager_send_terminate_bt_app() - */ -ZONE_API int zone_app_proxy_terminate(zone_app_proxy_h handle, const char* appid); - -/** - * @brief Resume the application located at the given path into the zone. - * @details Administrator can use this API to resume the application in the - * zone. - * @since_tizen 3.0 - * @param[in] handle The zone application manager handle - * @param[in] appid The application ID to be resumed - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_NO_SUCH_FILE No such application file - * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have - * the privilege to call this API or the caller is not the owner - * of the zone - * @pre The handle must be created by zone_app_proxy_create(). - * @pre The zone corresponding to the given name must be - * created before use of this API. - * @see zone_app_proxy_create() - * @see zone_app_proxy_destroy() - * @see zone_app_proxy_send_launch_request() - * @see zone_app_proxy_terminate() - * @see app_manager_resume_app() - */ -ZONE_API int zone_app_proxy_resume(zone_app_proxy_h handle, const char* appid); - -/** - * @brief Checks whether the application in the zone is running. - * @details This API can be used to check whether the application in the zone - * is running. - * @since_tizen 3.0 - * @param[in] handle The zone application manager handle - * @param[in] appid The application ID - * @param[out] result true if the application is running, - * otherwise false if the application is not running - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_NO_DATA No such pacakge to check - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The handle must be created by zone_app_proxy_create(). - * @see zone_app_proxy_create() - * @see zone_app_proxy_destroy() - * @see zone_app_proxy_send_launch_request() - * @see zone_app_proxy_terminate() - * @see app_manager_is_running_app() - */ -ZONE_API int zone_app_proxy_is_running(zone_app_proxy_h handle, const char* appid, int* result); - -/** - * @} - */ - -#ifdef __cplusplus -} -#endif - -#endif /* __CAPI_ZONE_APP_INFO_H__ */ diff --git a/zone/libs/zone/array.h b/zone/libs/zone/array.h deleted file mode 100644 index 77ac2a3..0000000 --- a/zone/libs/zone/array.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __RUNTIME_ARRAY_H__ -#define __RUNTIME_ARRAY_H__ - -#include -#include - -namespace runtime { - -template -class Array final { -public: - Array() = delete; - Array(std::vector &&list) : - list(std::move(list)), it(this->list.begin()) - { - } - - Array(const std::vector &list) : - list(list), it(this->list.begin()) - { - } - - T *next() - { - if (it != list.end()) { - return &(*it++); - } - return NULL; - } - - bool isEnd() - { - return it == list.end(); - } - -private: - std::vector list; - typename std::vector::iterator it; -}; - -} // namespace runtime - -#endif // __RUNTIME_ARRAY_H__ diff --git a/zone/libs/zone/debug.h b/zone/libs/zone/debug.h deleted file mode 100644 index d5212ba..0000000 --- a/zone/libs/zone/debug.h +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __CAPI_ZONE_ASSERT_H__ -#define __CAPI_ZONE_ASSERT_H__ - -#define RET_ON_FAILURE(cond, ret) \ -{ \ - if (!(cond)) \ - return (ret); \ -} - -#endif //! __CAPI_ZONE_ASSERT_H__ diff --git a/zone/libs/zone/package-info-internal.h b/zone/libs/zone/package-info-internal.h deleted file mode 100644 index 0b7fabf..0000000 --- a/zone/libs/zone/package-info-internal.h +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ZONE_PACKAGE_INFO_INTERNAL_H__ -#define __ZONE_PACKAGE_INFO_INTERNAL_H__ - -#include - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct icon_x { - char *text; - char *lang; - char *section; - char *size; - char *resolution; - char *dpi; -} icon_x; - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct description_x { - char *name; - char *text; - char *lang; -} description_x; - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct label_x { - char *name; - char *text; - char *lang; -} label_x; - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct author_x { - char *email; - char *href; - char *text; - char *lang; -} author_x; - -// pkgmgr-info : include/pkgmgrinfo_basic.h -typedef struct package_x { - char *for_all_users; /**< Flag that indicates if the package is available for everyone or for current user only, no xml part*/ - char *package; /**< package name, attr*/ - char *version; /**< package version, attr*/ - char *installlocation; /**< package install location, attr, default: "internal-only"*/ - char *ns; /** -#include -#include - -#include -#include -#include -#include - -#include "zone.h" -#include "debug.h" -#include "package-proxy.h" -#include "package-info-internal.h" - -#include "policy-client.h" -#include "zone/package-proxy.hxx" - -using namespace DevicePolicyManager; - -struct zone_package_proxy_s { - ZonePackageProxy proxy; - std::string zoneName; - pkgmgr_client* pNativeHandle; - package_manager_event_cb pCallback; - void *pCallbackUserData; -}; - -static inline zone_package_proxy_s* getInstance(zone_package_proxy_h handle) -{ - return reinterpret_cast(handle); -} - -static int packageEventHandler(uid_t target_uid, int req_id, - const char *pkg_type, const char *pkg_name, - const char *key, const char *val, - const void *pmsg, void *data) -{ - static auto event_type = (package_manager_event_type_e)-1; - auto event_state = PACKAGE_MANAGER_EVENT_STATE_FAILED; - auto instance = getInstance(data); - std::string keystr = key; - int progress = 0; - - if (target_uid != tzplatform_getuid(TZ_SYS_GLOBALAPP_USER)) { - try { - runtime::User pkgOwner(target_uid); - if (pkgOwner.getName() != instance->zoneName) { - return PACKAGE_MANAGER_ERROR_NONE; - } - } catch (runtime::Exception &e) { - return PACKAGE_MANAGER_ERROR_NONE; - } - } - - std::transform(keystr.begin(), keystr.end(), keystr.begin(), ::tolower); - - if (keystr == "start") { - if (val == NULL) { - return PACKAGE_MANAGER_ERROR_INVALID_PARAMETER; - } - - std::string valstr = val; - std::transform(valstr.begin(), valstr.end(), valstr.begin(), ::tolower); - if (valstr == "install") { - event_type = PACKAGE_MANAGER_EVENT_TYPE_INSTALL; - } else if (valstr == "uninstall") { - event_type = PACKAGE_MANAGER_EVENT_TYPE_UNINSTALL; - } else if (valstr == "update") { - event_type = PACKAGE_MANAGER_EVENT_TYPE_UPDATE; - } else { - return PACKAGE_MANAGER_ERROR_INVALID_PARAMETER; - } - - event_state = PACKAGE_MANAGER_EVENT_STATE_STARTED; - } else if (keystr == "install_percent" || - keystr == "progress_percent") { - event_state = PACKAGE_MANAGER_EVENT_STATE_PROCESSING; - progress = std::stoi(val); - } else if (keystr == "error") { - event_state = PACKAGE_MANAGER_EVENT_STATE_FAILED; - } else if (keystr == "end" || - keystr == "ok") { - event_state = PACKAGE_MANAGER_EVENT_STATE_COMPLETED; - progress = 100; - } - - instance->pCallback(pkg_type, pkg_name, - event_type, event_state, progress, - PACKAGE_MANAGER_ERROR_NONE, - instance->pCallbackUserData); - - - return PACKAGE_MANAGER_ERROR_NONE; -} - -static package_info_h make_package_info_handle(const ZonePackageProxy::PackageInfo& info) -{ - uid_t zone_uid; - - if (info.id.empty()) { - return NULL; - } - - try { - runtime::User pkgOwner(info.zone); - zone_uid = pkgOwner.getUid(); - } catch (runtime::Exception &e) { - return NULL; - } - - package_x* package = (package_x*)::calloc(1, sizeof(package_x)); - pkgmgr_pkginfo_x* pkginfo = (pkgmgr_pkginfo_x*)::calloc(1, sizeof(pkgmgr_pkginfo_x)); - package_info_s* packageinfo = (package_info_s*)::calloc(1, sizeof(package_info_s)); - - packageinfo->package = ::strdup(info.id.c_str()); - packageinfo->pkgmgr_pkginfo = pkginfo; - - pkginfo->uid = zone_uid; - pkginfo->locale = ::strdup(info.locale.c_str()); - pkginfo->pkg_info = package; - - package->for_all_users = ::strdup("false"); - package->package = ::strdup(info.id.c_str()); - package->version = ::strdup(info.version.c_str()); - package->removable = ::strdup(info.isRemovable? "true":"false"); - package->preload = ::strdup(info.isPreload? "true":"false"); - package->system = ::strdup(info.isSystem? "true":"false"); - package->type = ::strdup(info.type.c_str()); - package->mainapp_id = ::strdup(info.mainAppId.c_str()); - package->api_version = ::strdup(info.apiVersion.c_str()); - - icon_x* icon = (icon_x*)::calloc(1, sizeof(icon_x)); - icon->text = ::strdup(info.icon.c_str()); - icon->lang = ::strdup(info.locale.c_str()); - package->icon = ::g_list_append(NULL, icon); - - label_x* label = (label_x*)::calloc(1, sizeof(label_x)); - label->text = ::strdup(info.label.c_str()); - label->lang = ::strdup(info.locale.c_str()); - package->label = ::g_list_append(NULL, label); - - description_x* desc = (description_x*)::calloc(1, sizeof(description_x)); - desc->text = ::strdup(info.description.c_str()); - desc->lang = ::strdup(info.locale.c_str()); - package->description = ::g_list_append(NULL, desc); - - author_x* author = (author_x*)::calloc(1, sizeof(author_x)); - author->text = ::strdup(info.author.name.c_str()); - author->email = ::strdup(info.author.email.c_str()); - author->href = ::strdup(info.author.href.c_str()); - author->lang = ::strdup(info.locale.c_str()); - package->author = ::g_list_append(NULL, author); - - return reinterpret_cast(packageinfo); -} - -int zone_package_proxy_create(zone_manager_h manager, const char* name, zone_package_proxy_h *handle) -{ - RET_ON_FAILURE(manager, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - zone_package_proxy_s* instance = new zone_package_proxy_s { - GetDevicePolicyContext(manager). - createPolicyInterface(), - name, ::pkgmgr_client_new(PC_LISTENING), NULL, NULL - }; - - *handle = reinterpret_cast(instance); - return ZONE_ERROR_NONE; -} - -int zone_package_proxy_destroy(zone_package_proxy_h handle) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - zone_package_proxy_s* instance = getInstance(handle); - - ::pkgmgr_client_free(instance->pNativeHandle); - - delete instance; - - return ZONE_ERROR_NONE; -} - -int zone_package_proxy_get_package_info(zone_package_proxy_h handle, const char* package_id, package_info_h* package_info) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(package_id, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(package_info, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - const auto& info = proxy.getPackageInfo(name, package_id); - package_info_h ret = make_package_info_handle(info); - - if (ret == NULL) { - return ZONE_ERROR_INVALID_PARAMETER; - } - - *package_info = ret; - - return ZONE_ERROR_NONE; -} - -int zone_package_proxy_foreach_package_info(zone_package_proxy_h handle, package_manager_package_info_cb callback, void *user_data) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - for (const auto& pkgid : proxy.getPackageList(name)) { - package_info_h info_h = make_package_info_handle(proxy.getPackageInfo(name, pkgid)); - int ret = callback(info_h, user_data); - package_info_destroy(info_h); - if (!ret) { - break; - } - } - - return ZONE_ERROR_NONE; -} - -int zone_package_proxy_set_event_status(zone_package_proxy_h handle, int status_type) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - - int ret; - ret = pkgmgrinfo_client_set_status_type(instance->pNativeHandle, status_type); - - if (ret != PACKAGE_MANAGER_ERROR_NONE) - return ZONE_ERROR_INVALID_PARAMETER; - - return ZONE_ERROR_NONE; -} - -int zone_package_proxy_set_event_cb(zone_package_proxy_h handle, package_manager_event_cb callback, void *user_data) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - - instance->pCallback = callback; - instance->pCallbackUserData = user_data; - - int ret; - ret = pkgmgr_client_listen_status(instance->pNativeHandle, packageEventHandler, handle); - - if (ret < 0) - return ZONE_ERROR_INVALID_PARAMETER; - - return ZONE_ERROR_NONE; -} - -int zone_package_proxy_unset_event_cb(zone_package_proxy_h handle) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - - int ret; - ret = pkgmgr_client_remove_listen_status(instance->pNativeHandle); - - if (ret < 0) - return ZONE_ERROR_INVALID_PARAMETER; - - return ZONE_ERROR_NONE; -} - -int zone_package_proxy_install(zone_package_proxy_h handle, const char* package_path) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(package_path, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - return proxy.install(name, package_path); -} - -int zone_package_proxy_uninstall(zone_package_proxy_h handle, const char* package_id) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(package_id, ZONE_ERROR_INVALID_PARAMETER); - - auto instance = getInstance(handle); - auto& proxy = instance->proxy; - const std::string& name = instance->zoneName; - - return proxy.uninstall(name, package_id); -} diff --git a/zone/libs/zone/package-proxy.h b/zone/libs/zone/package-proxy.h deleted file mode 100644 index 1f7e545..0000000 --- a/zone/libs/zone/package-proxy.h +++ /dev/null @@ -1,254 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __CAPI_ZONE_PACKAGE_INFO_H__ -#define __CAPI_ZONE_PACKAGE_INFO_H__ - -#include -#include - -#include - -/** - * @file package-info.h - * @brief This file provides APIs to get the information of packages in the zone - */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * @addtogroup CAPI_ZONE_ZONE_PACKAGE_INFO_MODULE - * @{ - */ - -/** - * @brief The zone package proxy handle - * @since_tizen 3.0 - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - */ -typedef void* zone_package_proxy_h; - -/** - * @brief Acquires the zone package proxy handle. - * @details This API acquires zone package proxy handle required to call - * the zone package_manager APIs. - * @since_tizen 3.0 - * @param[in] manager The zone manager handle - * @param[in] name The zone name - * @param[out] handle The zone package proxy handle - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_CONNECTION_REFUSED Connection refused - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @see zone_manager_create() - * @see zone_package_proxy_destroy() - * @see get_last_result() - */ -ZONE_API int zone_package_proxy_create(zone_manager_h manager, const char* name, zone_package_proxy_h *handle); - -/** - * @brief Releases the zone package proxy handle. - * @details This API must be called if interaction with the zone package - * manager handle is no longer required. - * @since_tizen 3.0 - * @param[in] handle The zone package proxy handle - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The handle must be created by zone_package_proxy_create() - * @see zone_package_proxy_create() - */ -ZONE_API int zone_package_proxy_destroy(zone_package_proxy_h handle); - -/** - * @brief Gets the package information for the given package in the zone. - * @details This API gets package information handle required to get - * information of the pacakge in the zone. - * @since_tizen 3.0 - * @param[in] handle The zone package proxy handle - * @param[in] pakcage_id The package ID - * @return Zone package information handle on success, otherwise NULL - * @remark The specific error code can be obtained by using the - * get_last_result() method. Error codes are described in - * exception section. - * @remark The handle should be destroyed using package_info_destroy(). - * @exception #ZONE_ERROR_NONE No error - * @exception #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @exception #ZONE_ERROR_TIMED_OUT Time out - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - * @see package_manager_get_package_info() - * @see package_manager_destroy() - * @see get_last_result() - */ -ZONE_API int zone_package_proxy_get_package_info(zone_package_proxy_h handle, const char* pakcage_id, package_info_h* package_info); - -/** - * @brief Retrieves all the IDs of the installed package in the zone. - * @details This API calls package_manager_package_info_cb() once for - * each package information handle with traversing the installed - * package list in the zone. - * @since_tizen 3.0 - * @param[in] handle The zone package proxy handle - * @param[in] callback The iteration callback function - * @param[in] user_data The user data passed to the callback function - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @pre The handle must be created by zone_package_proxy_create(). - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - * @see package_manager_foreach_package_info() - */ -ZONE_API int zone_package_proxy_foreach_package_info(zone_package_proxy_h handle, package_manager_package_info_cb callback, void *user_data); - -/** - * @brief Installs the package located at the given path into the zone. - * @details Administrator can use this API to install the package into the - * zone. - * @since_tizen 3.0 - * @param[in] handle The zone package proxy handle - * @param[in] name The zone name - * @param[in] package_path The absolute path to the package to be installed - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_NO_SUCH_FILE No such package file - * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have - * the privilege to call this API or the caller is not the owner - * of the zone - * @pre The handle must be created by zone_package_proxy_create(). - * @pre The zone corresponding to the given name must be - * created before use of this API. - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - * @see zone_package_proxy_uninstall() - * @see package_manager_request_install() - */ -ZONE_API int zone_package_proxy_install(zone_package_proxy_h handle, const char* package_path); - -/** - * @brief Uinstalls the package with the given ID from the zone. - * @details Administrator can use this API to uninstall the package from the - * zone. - * @since_tizen 3.0 - * @param[in] handle The zone package proxy handle - * @param[in] name The zone name - * @param[in] pakcage_id The pakcage ID - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_NO_DATA No such pacakge to unintall - * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have - * the privilege to call this API or the caller is not the owner - * of the zone - * @pre The handle must be created by zone_package_proxy_create(). - * @pre The zone corresponding to the given name must be - * created before use of this API. - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - * @see zone_package_proxy_install() - * @see package_manager_request_uninstall() - */ -ZONE_API int zone_package_proxy_uninstall(zone_package_proxy_h handle, const char* pakcage_id); - -/** - * @brief Sets the event status that presents the package has been - * installed, uninstalled or updated in the zone. - * @details This API sets the event status of the package for monitoring - * whether the package has been installed, uninstalled or updated. - * event status can be combined multiple status using OR operation. - * @since_tizen 3.0 - * @param[in] handle The zone package proxy handle - * @param[in] status_type The status of the package - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The handle must be created by zone_package_proxy_create(). - * @pre the zone corresponding to the given name must be - * created before use of this api. - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - * @see zone_package_proxy_uninstall() - * @see zone_package_proxy_set_event_cb() - * @see zone_package_proxy_unset_event_cb() - * @see package_manager_set_event_status() - */ -ZONE_API int zone_package_proxy_set_event_status(zone_package_proxy_h handle, int status_type); - -/** - * @brief Registers a callback function for package event. - * @details This API sets a callback function to be invoked when the package - * has been installed, uninstalled or updated. - * @since_tizen 3.0 - * @param[in] handle the zone package proxy handle - * @param[in] callback The callback function to be registered - * @param[in] user_data The user data to be passed to the callback function - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre the handle must be created by zone_package_proxy_create(). - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - * @see zone_package_proxy_uninstall() - * @see zone_package_proxy_set_event_status() - * @see zone_package_proxy_unset_event_cb() - * @see package_manager_event_cb() - * @see package_manager_set_event_cb() - */ -ZONE_API int zone_package_proxy_set_event_cb(zone_package_proxy_h handle, package_manager_event_cb callback, void *user_data); - -/** - * @brief Unregisters the callback function. - * @details This API unsets the callback funtion not to be invoked by - * package event status - * @since_tizen 3.0 - * @param[in] handle the zone package proxy handle - * @param[in] name the zone name - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre the handle must be created by zone_package_proxy_create(). - * created before use of this api. - * @see zone_package_proxy_create() - * @see zone_package_proxy_destroy() - * @see zone_package_proxy_uninstall() - * @see zone_package_proxy_set_event_status() - * @see zone_package_proxy_set_event_cb() - * @see package_manager_unset_event_cb() - */ -ZONE_API int zone_package_proxy_unset_event_cb(zone_package_proxy_h handle); - - -/** - * @} - */ - -#ifdef __cplusplus -} -#endif - -#endif /* __CAPI_ZONE_PACKAGE_INFO_H__ */ diff --git a/zone/libs/zone/zone.cpp b/zone/libs/zone/zone.cpp deleted file mode 100644 index 420e322..0000000 --- a/zone/libs/zone/zone.cpp +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include "zone/zone.h" - -#include "debug.h" -#include "array.h" - -#include "policy-client.h" -#include "zone/zone.hxx" - -using namespace DevicePolicyManager; - -DevicePolicyContext& GetDevicePolicyContext(void* handle) -{ - return *reinterpret_cast(handle); -} - -int zone_manager_create(zone_manager_h* handle) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - DevicePolicyContext* client = new(std::nothrow) DevicePolicyContext(); - - RET_ON_FAILURE(handle, ZONE_ERROR_CONNECTION_REFUSED); - - if (client->connect() < 0) { - delete client; - RET_ON_FAILURE(handle, ZONE_ERROR_CONNECTION_REFUSED); - } - - *handle = reinterpret_cast(client); - - return ZONE_ERROR_NONE; -} - -int zone_manager_destroy(zone_manager_h handle) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - - delete &GetDevicePolicyContext(handle); - - return ZONE_ERROR_NONE; -} - -int zone_manager_add_event_cb(zone_manager_h handle, const char* event, zone_event_cb callback, void* user_data, int *id) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(event, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER); - - DevicePolicyContext &context = GetDevicePolicyContext(handle); - int ret = context.subscribeSignal(std::string("ZoneManager::") + event, - callback, user_data); - if (ret < 0) - return ZONE_ERROR_INVALID_PARAMETER; - - *id = ret; - return ZONE_ERROR_NONE; -} - -int zone_manager_remove_event_cb(zone_manager_h handle, int callback_id) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(callback_id >= 0, ZONE_ERROR_INVALID_PARAMETER); - - DevicePolicyContext &context = GetDevicePolicyContext(handle); - int ret = context.unsubscribeSignal(callback_id); - if (ret) - return ZONE_ERROR_INVALID_PARAMETER; - - return ZONE_ERROR_NONE; -} - -int zone_manager_create_zone(zone_manager_h handle, const char* name, const char* manifest) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(manifest, ZONE_ERROR_INVALID_PARAMETER); - - DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZoneManager zone = client.createPolicyInterface(); - return zone.createZone(name, manifest); -} - -int zone_manager_destroy_zone(zone_manager_h handle, const char* name) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER); - - DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZoneManager zone = client.createPolicyInterface(); - return zone.removeZone(name); -} - -int zone_manager_get_zone_state(zone_manager_h handle, const char* name, zone_state_e *state) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER); - - DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZoneManager zone = client.createPolicyInterface(); - - int result = zone.getZoneState(name); - if (result == 0) { - return ZONE_ERROR_NO_DATA; - } - - *state = (zone_state_e)result; - return ZONE_ERROR_NONE; -} - -int zone_manager_foreach_name(zone_manager_h handle, zone_state_e state, - zone_manager_foreach_cb callback, void* user_data) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(callback, ZONE_ERROR_INVALID_PARAMETER); - - DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZoneManager zone = client.createPolicyInterface(); - std::vector list = zone.getZoneList(state); - for (std::vector::iterator it = list.begin(); - it != list.end(); it++) { - if (!callback((*it).c_str(), user_data)) - break; - } - - return ZONE_ERROR_NONE; -} - -int zone_manager_reset_zone_password(zone_manager_h handle, const char* name, const char* new_password) -{ - RET_ON_FAILURE(handle, ZONE_ERROR_INVALID_PARAMETER); - RET_ON_FAILURE(name, ZONE_ERROR_INVALID_PARAMETER); - - if (new_password == NULL) { - new_password = ""; - } - - DevicePolicyContext &client = GetDevicePolicyContext(handle); - ZoneManager zone = client.createPolicyInterface(); - - return zone.resetZonePassword(name, new_password); -} diff --git a/zone/libs/zone/zone.h b/zone/libs/zone/zone.h deleted file mode 100644 index ef12f2c..0000000 --- a/zone/libs/zone/zone.h +++ /dev/null @@ -1,303 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ZONE_ZONE_H__ -#define __ZONE_ZONE_H__ - -#include - -/** - * @file zone.h - * @brief This file defines common data types required to zone APIs. - */ - -#ifndef ZONE_API -#define ZONE_API __attribute__((visibility("default"))) -#endif // API - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * @addtogroup CAPI_ZONE_ZONE_MODULE - * @{ - */ - -/** - * @brief Enumeration of device policy API errors - * @since_tizen 3.0 - */ -typedef enum { - ZONE_ERROR_NONE = TIZEN_ERROR_NONE, /**< The operation was successful */ - ZONE_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */ - ZONE_ERROR_CONNECTION_REFUSED = TIZEN_ERROR_CONNECTION_REFUSED, /**< Connection refused */ - ZONE_ERROR_TIMED_OUT = TIZEN_ERROR_TIMED_OUT, /**< Time out */ - ZONE_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Access privilege is not sufficient */ - ZONE_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED, /**< Operation is not supported */ - ZONE_ERROR_NO_SUCH_FILE = TIZEN_ERROR_NO_SUCH_FILE, /**< No such file or directory */ - ZONE_ERROR_FILE_EXISTS = TIZEN_ERROR_FILE_EXISTS, /**< File exists */ - ZONE_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */ - ZONE_ERROR_NO_DATA = TIZEN_ERROR_NO_DATA /**< No Data */ -} zone_error_type_e; - -/** - * @brief The zone manager handle - * @details The zone manager handle is an abstraction of the - * logical connection between the zone manager and it's client. - * The zone manager handle must be created by using - * zone_manager_create() before attempting to use almost any of - * the zone related APIs, and it should be freed when interaction - * with the zone manager is no longer required. - * To release the handle, use zone_manager_destroy(). - * @since_tizen 3.0 - * @see zone_manager_create() - * @see zone_manager_destroy() - */ -typedef void* zone_manager_h; - -/** - * @brief Creates the zone manager handle. - * @details This API creates zone manager handle required to - * the zone related APIs. - * This API is also used to verify whether caller is authorized - * or not. - * @since_tizen 3.0 - * @param[out] handle The zone manager handle - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_CONNECTION_REFUSED Connection refused - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @see zone_manager_destroy() - * @see get_last_result() - */ -ZONE_API int zone_manager_create(zone_manager_h *handle); - -/** - * @brief Releases the zone manager handle. - * @details This API must be called if interaction with the zone manager is - * no longer required. - * @since_tizen 3.0 - * @param[in] handle The zone manager handle - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @pre The handle must be created by zone_manager_create() - * @see zone_manager_create() - */ -ZONE_API int zone_manager_destroy(zone_manager_h handle); - -/** - * @brief Called when a zone raises a event. - * @since_tizen 3.0 - * @param[in] name The zone name - * @param[in] object The object name triggered the event - * @param[in] user_data The user data passed from zone_manager_add_event_cb - * @see zone_manager_add_event_cb() - * @see zone_manager_remove_event_cb() - */ -typedef void(*zone_event_cb)(const char* name, const char* object, void* user_data); - -/** - * @brief Adds zone event callback. - * @details This API can be used to receive events sent by zone - * The callback specified to this function is automatically called when - * the zone is created or removed. - * @since_tizen 3.0 - * @param[in] context The zone_manager handle - * @param[in] event The event name to receive - * @param[in] callback The event callback - * @param[in] user_data The user data passed to the callback function - * @param[out] id Signal identifier - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The handle must be created by zone_manager_create(). - * @see zone_manager_create() - * @see zone_manager_destroy() - * @see zone_manager_remove_event_cb() - */ -ZONE_API int zone_manager_add_event_cb(zone_manager_h handle, - const char* event, - zone_event_cb callback, void* user_data, - int* id); - -/** - * @brief Removes zone event callback. - * @details This API removes zone event callback - * @since_tizen 3.0 - * @param[in] context The zone manager handle - * @param[in] id Signal identifier - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The context must be created by zone_manager_create(). - * @see zone_manager_create() - * @see zone_manager_destroy() - * @see zone_manager_add_event_cb() - */ -ZONE_API int zone_manager_remove_event_cb(zone_manager_h handle, int id); - -/** - * @brief Creates a new zone. - * @details This API creates a container. All file system objects neeeded - * will be also created. manifest XML passed by parameter will be - * used when the zone is running. - * @since_tizen 3.0 - * @param[in] handle The zone manager handle - * @param[in] name The zone name to be created - * @param[in] manifest The manifest XML to be used when the zone is runned. - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have - * the privilege to call this API - * @pre The handle must be created by zone_manager_create(). - * @see zone_manager_create() - * @see zone_manager_destroy() - * @see zone_manager_destroy_zone() - * @see zone_manager_create_zone_iterator() - */ -ZONE_API int zone_manager_create_zone(zone_manager_h handle, const char* name, const char* manifest); - -/** - * @brief Removes existing zone. - * @details This removes zone. All file system objects created for the zone - * will be also erased. - * @since_tizen 3.0 - * @param[in] handle The zone manager handle - * @param[in] name The zone name to be removed - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_PERMISSION_DENIED The application does not have - * the privilege to call this API or the caller is not the owner - * of the zone - * @pre The handle must be created by zone_manager_create(). - * @pre The zone corresponding to the given name must be - * created before use of this API. - * @see zone_manager_create() - * @see zone_manager_destroy() - * @see zone_manager_create_zone() - * @see zone_manager_create_zone_iterator() - */ -ZONE_API int zone_manager_destroy_zone(zone_manager_h handle, const char* name); - -/* - * @brief Enumeration for zone state - * @since_tizen 3.0 - */ -typedef enum { - ZONE_STATE_LOCKED = 0x01, /**< Zone has been defined, but it can not start. */ - ZONE_STATE_RUNNING = 0x02, /**< Zone has been started. */ - ZONE_STATE_ALL = 0xff /**< This presents all of the state */ -} zone_state_e; - -/** - * @brief Gets the zone state. - * @details This API can be used to get the state of the zone. The zone can - * have one of the three states(running, locked). - * @since_tizen 3.0 - * @param[in] handle The zone policy handle - * @param[in] name The zone name - * @param[out] state The zone state - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_NO_DATA No such zone to get state - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The handle must be created by zone_manager_create(). - * @see zone_manager_create() - * @see zone_manager_destroy() - * @see zone_manager_create_zone() - * @see zone_manager_destroy_zone() - */ -ZONE_API int zone_manager_get_zone_state(zone_manager_h handle, const char* name, zone_state_e* state); - -/** - * @brief Called to get all the name of created zones. - * @since_tizen 3.0 - * @param[in] name The zone name - * @param[in] user_data The user data passed from zone_manager_foreach_name - * @return true to continue with the next iteration of the loop, otherwise false to break out out the loop - * @see zone_manager_foreach_name() - */ -typedef bool(*zone_manager_foreach_cb)(const char* name, void* user_data); - -/** - * @brief Retrieves all the name of created zones - * @details This API calls zone_manager_foreach_cb() once for each zone name - * with traversing the created zones list. - * @since_tizen 3.0 - * @param[in] handle The zone policy handle - * @param[in] state a combination of the zone state to look - * @param[in] callback The iteration callback function - * @param[in] user_data The user data passed to the callback function - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @pre The handle must be created by zone_manager_create(). - * @see zone_manager_create() - * @see zone_manager_destroy() - * @see zone_manager_create_zone() - * @see zone_manager_destroy_zone() - */ -ZONE_API int zone_manager_foreach_name(zone_manager_h handle, - zone_state_e state, - zone_manager_foreach_cb callback, - void* user_data); - -/** - * @brief Reset password for the zone. - * @details This API can be used to set password for the zone. The password - * of the zone can be used for authenticating user. - * @since_tizen 3.0 - * @param[in] handle The zone policy handle - * @param[in] name The zone name - * @param[out] new_password new password if NULL, existing password will be removed - * @return #ZONE_ERROR_NONE on success, otherwise a negative value - * @retval #ZONE_ERROR_NONE Successful - * @retval #ZONE_ERROR_NO_DATA No such zone to get state - * @retval #ZONE_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #ZONE_ERROR_TIMED_OUT Time out - * @pre The handle must be created by zone_manager_create(). - * @see zone_manager_create() - * @see zone_manager_destroy() - */ -ZONE_API int zone_manager_reset_zone_password(zone_manager_h handle, const char* name, const char* new_password); - -/** - * @} - */ - -#ifdef __cplusplus -} -#endif - -#endif /* __ZONE_ZONE_H__ */ diff --git a/zone/module/CMakeLists.txt b/zone/module/CMakeLists.txt deleted file mode 100644 index 024ff11..0000000 --- a/zone/module/CMakeLists.txt +++ /dev/null @@ -1,57 +0,0 @@ -# -# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -PROJECT(zone-provider) - -FILE(GLOB ZONE_PAM_SRCS zone-builder.cpp - session.cpp - zone.cpp -) - -SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,noexecstack") - -SET(ZONE_PAM_NAME "pam_zone") -ADD_LIBRARY(${ZONE_PAM_NAME} MODULE ${ZONE_PAM_SRCS}) -SET_TARGET_PROPERTIES(${ZONE_PAM_NAME} PROPERTIES PREFIX "" - COMPILE_DEFINITIONS PID_FILE_PATH="${RUN_INSTALL_DIR}/zone" - COMPILE_FLAGS "-fvisibility=hidden" -) - -FIND_PATH(PAM_INCLUDE_DIR NAMES security/pam_appl.h security/pam_ext.h security/pam_modules.h - HINTS ${PAM_ROOT_DIR} PATH_SUFFIXES include) -FIND_LIBRARY(PAM_LIBRARY pam HINTS ${PAM_ROOT_DIR} PATH_SUFFIXES ${LIB_INSTALL_DIR}) -MARK_AS_ADVANCED(PAM_INCLUDE_DIR PAM_LIBRARY) - -INCLUDE(FindPackageHandleStandardArgs) -FIND_PACKAGE_HANDLE_STANDARD_ARGS(PAM DEFAULT_MSG PAM_LIBRARY PAM_INCLUDE_DIR) - -PKG_CHECK_MODULES(ZONE_PAM_DEPS REQUIRED - klay - libxml-2.0 -) - -INCLUDE_DIRECTORIES(${PAM_INCLUDE_DIR} ${ZONE_PAM_DEPS_INCLUDE_DIRS}) -TARGET_LINK_LIBRARIES(${ZONE_PAM_NAME} ${PAM_LIBRARY} ${ZONE_PAM_DEPS_LIBRARIES} pthread) - -TARGET_COMPILE_DEFINITIONS(${ZONE_PAM_NAME} PRIVATE - CONF_PATH="${CONF_INSTALL_DIR}" -) - -INSTALL(TARGETS ${ZONE_PAM_NAME} DESTINATION ${LIB_INSTALL_DIR}/security) -INSTALL(FILES data/DefaultZoneManifest.xml DESTINATION ${CONF_INSTALL_DIR}/zone RENAME owner.xml) -INSTALL(FILES data/zone_indicator_icon.png DESTINATION /opt/data/dpm) -INSTALL(FILES data/zone_noti_list_sub_icon.png DESTINATION /opt/data/dpm) -INSTALL(FILES pam.d/systemd-user-zone DESTINATION ${PAMD_INSTALL_DIR}) diff --git a/zone/module/data/DefaultZoneManifest.xml b/zone/module/data/DefaultZoneManifest.xml deleted file mode 100644 index 0660025..0000000 --- a/zone/module/data/DefaultZoneManifest.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - - diff --git a/zone/module/data/zone_indicator_icon.png b/zone/module/data/zone_indicator_icon.png deleted file mode 100755 index c386ea578e3d1f20f20085df047bd38430148469..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1213 zcmbVMO>Em#9CudMwS`vOU_u=qGR}$$EViE=JBih-bMg`zM!JwjY7R)PW52Xs>yO&* zlJ>H-0x3nH3JIo7+hGL;J3u8gfe;8qNC8w195^9B8ti~HqzRDF)J>JT=Qb%EsvWTW z@&51qf4~2?mvY0;cXu7`A_$^8GX(Sa+v`6a?fBie`Ksy*UaIJgSY@xGIEauntAxmm zp-iAWQnb05H8emFZDqYs^orRRCDk%$#n+*$hK zTAUgcvTW8)qDg&d-a#Yt!v%GIN{wmM;4yNbDq#Wxc?wxIrcGC>#;Gk{39tQah9b9A zys0>~?Nl+FBa@bcNP*@3q$u(R16V$*FV3a5;zDmDXXmN5)Jt}SiX%cFnY*j3vt%-M*^BiEXBR9ug8 zum#4syT2h{5ql$@baY%4Wg1%Qtbt4~1LG7vp*3BTSTO>kDM94JLMp`r5M{-%oRkGF zkxaxm09zcpVbdTI1~E1%@>~RfR5+TFc?iQo6oQ1D2C)`4W4fMVs;FgG$99|8#C@?+ z(m{%6IR(p_ZgoIz((){K(z40qh)DL2>ZWE@+-LmqY)1=`qn}1v+OZ6BE5DMyi+#XC zo=uC8i->$G41gSo3Ni@G0!#}m2cuLItNovxG1wW#Z;t;oOKS^vpugN{eJtz@4>Iw@ zICwO=PCVjI=dBEs3)P=W8=IShZ65_5>^ybhZ1J($*9+^1_KyW_oPjqVxbsTKrJly} z=DUmE=4KY}E`2R*A3ycvZ@J|+kIn?r2d}jSW9M?+Y-#OpW}*1{ z9)4_P-xK1At1o@e{t*AH{Yu~9!uqpsy}#5~U-KLZ*U+IBfRsybQWXdwQbLP>6pAqfylh#{fb6;Z(vMMVS~$e@S=j*ftg6;Uhf59&ghTmgWD0l;*T zI709Y^p6lP1rIRMx#05C~cW=H_Aw*bJ-5DT&Z2n+x)QHX^p z00esgV8|mQcmRZ%02D^@S3L16t`O%c004NIvOKvYIYoh62rY33S640`D9%Y2D-rV&neh&#Q1i z007~1e$oCcFS8neI|hJl{-P!B1ZZ9hpmq0)X0i`JwE&>$+E?>%_LC6RbVIkUx0b+_+BaR3cnT7Zv!AJxW zizFb)h!jyGOOZ85F;a?DAXP{m@;!0_IfqH8(HlgRxt7s3}k3K`kFu>>-2Q$QMFfPW!La{h336o>X zu_CMttHv6zR;&ZNiS=X8v3CR#fknUxHUxJ0uoBa_M6WNWeqIg~6QE69c9o#eyhGvpiOA@W-aonk<7r1(?fC{oI5N*U!4 zfg=2N-7=cNnjjOr{yriy6mMFgG#l znCF=fnQv8CDz++o6_Lscl}eQ+l^ZHARH>?_s@|##Rr6KLRFA1%Q+=*RRWnoLsR`7U zt5vFIcfW3@?wFpwUVxrVZ>QdQz32KIeJ}k~{cZZE^+ya? z2D1z#2HOnI7(B%_ac?{wFUQ;QQA1tBKtrWrm0_3Rgps+?Jfqb{jYbcQX~taRB;#$y zZN{S}1|}gUOHJxc?wV3fxuz+mJ4`!F$IZ;mqRrNsHJd##*D~ju=bP7?-?v~|cv>vB zsJ6IeNwVZxrdjT`yl#bBIa#GxRa#xMMy;K#CDyyGyQdMSxlWT#tDe?p!?5wT$+oGt z8L;Kp2HUQ-ZMJ=3XJQv;x5ci*?vuTfeY$;({XGW_huIFR9a(?@3)XSs8O^N5RyOM=TTmp(3=8^+zpz2r)C z^>JO{deZfso3oq3?Wo(Y?l$ge?uXo;%ru`Vo>?<<(8I_>;8Eq#KMS9gFl*neeosSB zfoHYnBQIkwkyowPu(zdms`p{<7e4kra-ZWq<2*OsGTvEV%s0Td$hXT+!*8Bnh2KMe zBmZRodjHV?r+_5^X9J0WL4jKW`}lf%A-|44I@@LTvf1rHjG(ze6+w@Jt%Bvjts!X0 z?2xS?_ve_-kiKB_KiJlZ$9G`c^=E@oNG)mWWaNo-3TIW8)$Hg0Ub-~8?KhvJ>$ z3*&nim@mj(aCxE5!t{lw7O5^0EIO7zOo&c6l<+|iDySBWCGrz@C5{St!X3hAA}`T4 z(TLbXTq+(;@<=L8dXnssyft|w#WSTW<++3>sgS%(4NTpeI-VAqb|7ssJvzNHgOZVu zaYCvgO_R1~>SyL=cFU|~g|hy|Zi}}s9+d~lYqOB71z9Z$wnC=pR9Yz4DhIM>Wmjgu z&56o6maCpC&F##y%G;1PobR9i?GnNg;gYtchD%p19a!eQtZF&3JaKv33gZ<8D~47E ztUS1iwkmDaPpj=$m#%)jCVEY4fnLGNg2A-`YwHVD3gv};>)hAvT~AmqS>Lr``i7kw zJ{5_It`yrBmlc25DBO7E8;5VoznR>Ww5hAaxn$2~(q`%A-YuS64wkBy=9dm`4cXeX z4c}I@?e+FW+b@^RDBHV(wnMq2zdX3SWv9u`%{xC-q*U}&`cyXV(%rRT*Z6MH?i+i& z_B8C(+grT%{XWUQ+f@NoP1R=AW&26{v-dx)iK^-Nmiuj8txj!m?Z*Ss1N{dh4z}01 z)YTo*JycSU)+_5r4#yw9{+;i4Ee$peRgIj+;v;ZGdF1K$3E%e~4LaI(jC-u%2h$&R z9cLXcYC@Xwnns&bn)_Q~Te?roKGD|d-g^8;+aC{{G(1^(O7m37Y1-+6)01cN&y1aw zoqc{T`P^XJqPBbIW6s}d4{z_f5Om?vMgNQEJG?v2T=KYd^0M3I6IZxbny)%vZR&LD zJpPl@Psh8QyPB@KTx+@RdcC!KX7}kEo;S|j^u2lU7XQ}Oo;f|;z4Ll+_r>@1-xl3| zawq-H%e&ckC+@AhPrP6BKT#_XdT7&;F71j}Joy zkC~6lh7E@6o;W@^IpRNZ{ptLtL(gQ-CY~4mqW;US7Zxvm_|@yz&e53Bp_lTPlfP|z zrTyx_>lv@x#=^!PzR7qqF<$gm`|ZJZ+;<)Cqu&ot2z=0000WV@Og>004R=004l4008;_004mL004C`008P>0026e000+nl3&F} z000Q9Nkl&yJ!q4RzzDroy!6~J;;;m_@TH2kIe))j7jxuxsq zLoaM-rSCuR7JzR4*&!3m05QPkod1q;*@M>aBwHyBKny?}fC)giJL&^a2%ro=Ie@C# zh58*&?-*;?y0NICvb=O2rlP>WF^p*ik)szEw>Qb%ZfjwJ(!fnm%v$e;{hEHgpE%1>7 zOaf2xcus}hN~m&ka)orazfx{OfD9)X^lM6 zw(tOuBqQ-OO0!#P@?3_;Ht9@8b5q(d8NyOqSQ7zx6iai0J*s*jGTiJkpA*pXdnpYF z${Sh;!NT#fZ4r_bB)0AmoZ41gi$&1eJ&3+RA9O>Kme`%z2p(Vu)D)DmC!IX(!KNgu zVh^3y+i7sC7DgP;@4AT7C*$_-s<3!b3Xgs}is~xUV-eX_^2k{u#2zEfDiB$imMzjs z6WqWV#cd10z~0^GC1C3n3j6WX=N4dcQt}mNrIjon3(nsjx^A#;S;B@Q*(Q?ew(n!( zS8<|M&)L{mRKeRl3#1^Hf?0t(SwpAv6b!JiZNW}0fo3|u0+I2VlWRCq zlAVLelVBu|rYygzRBTwCrTdRt)8hhdgt5IG!;+}LkM{)d%k+RtDyovF0wLp_oRo z@^UV*zzHD3Go3t7=5!-ft)Ly$7AYnQaUhk8D8S(tqyUw-h$)u{E>aGfMTXQns z!!!!t|d#Wx27@Q0A=r8}isx{c}i)1E~ ztRg{X-rEIYW?0UVx0%s5R&agSvDL>K11+O-fd+uiH#(}%B@^;`L!Q28P<#$Y$hx86 zbWhbqQ&7j;ju3341GiJZET_ zg5G%MwKe;O2FS3yDx}FJ2Y9AqJPTN-gvb5j*QZv$r0KpBje!<^PtX8*51w86%He-6 zeRViYYz@6<6Chh94GuADTZ~Nj@Yjy|6VD%Cd7v@S^3KgVRB!w4p$*UY$W*>^XYaj> zYlWhyGaRZ2ILBzYwpVs7m=GHEaqGKvCwK1O{KLjTOWUl@@bie1vkxEK^z&bxSi7g| zvQJNF>`sGTt1!=)JrcT#uB!#+3vD0!-HzYh^+aQ!<;?%<@x{5_Evpl!-(A%I?ENPn zyM2*Xv2YPXQO)U+aP}ZDVI-;|I66;z^4O-P*3Ozgaa;3+oALPKM!&096>iwK{msU8 z)xo=K>r|zrl#qD}Kq?T|fOyhnp;$sif0+1E)(vd(M7x&;GN^{{Wyp*mOkH zuipw3AADb*ZneF7p>Fgq7i&X%x1aj@r>^%lEUxua#R7orqpe8HhtLS4bE5WN559Q! zZ%je0!KNcu9EFs;|MX@&lDlFGYW~(sn=jn8;*JwPzURy%)nl>Bs)Y)M!wN>?^R-_b zU-#@Q=j)FG_-C-`h$j_%Fwn3;+Lt`OExftwYwgc{ -#include -#include -#include -#include -#include -#include - -#include "session.h" -#include "exception.h" -#include "filesystem.h" - -bool isValidSessionLeader(pid_t pid) -{ - runtime::File proc("/proc/" + std::to_string(pid)); - return proc.exists(); -} - -void createSession(const runtime::User& user, const SessionBuilder& sessionBuilder) -{ - runtime::File file("/var/run/zone/" + user.getName()); - if (file.exists()) { - if (isValidSessionLeader(getSessionLeader(user))) { - throw runtime::Exception("Session already opened"); - } - file.remove(); - } else { - file.makeBaseDirectory(); - } - - sessionBuilder(user); - - file.create(0600); - file.lock(); - file.chown(user.getUid(), user.getGid()); - pid_t pid = ::getpid(); - file.write(&pid, sizeof(pid_t)); - file.unlock(); -} - -pid_t getSessionLeader(const runtime::User& user) -{ - runtime::File file("/var/run/zone/" + user.getName(), O_RDONLY); - file.lock(); - pid_t pid = -1; - file.read(&pid, sizeof(pid_t)); - file.unlock(); - - return pid; -} - -void destroySession(const runtime::User& user) -{ - std::string path = "/var/run/zone/" + user.getName(); - ::unlink(path.c_str()); -} diff --git a/zone/module/session.h b/zone/module/session.h deleted file mode 100644 index df01173..0000000 --- a/zone/module/session.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ZONE_SESSION_ENV_H__ -#define __ZONE_SESSION_ENV_H__ - -#include -#include - -#include -#include - -#include "auth/user.h" - -typedef std::function SessionBuilder; - -bool isValidSessionLeader(pid_t pid); -void createSession(const runtime::User& user, const SessionBuilder& sessionBuilder); -pid_t getSessionLeader(const runtime::User& user); -void destroySession(const runtime::User& user); - -#endif //!__ZONE_SESSION_ENV_H__ diff --git a/zone/module/zone-builder.cpp b/zone/module/zone-builder.cpp deleted file mode 100644 index d786a0d..0000000 --- a/zone/module/zone-builder.cpp +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - #include - #include - #include - #include - #include - #include - -#include "zone-builder.h" - -#include "exception.h" -#include "filesystem.h" - -ZoneBuilder::ZoneBuilder(const runtime::User& user, const std::string& manifestPath) : - name(user.getName()), uid(user.getUid()), gid(user.getGid()) -{ - manifest.reset(xml::Parser::parseFile(manifestPath)); -} - -ZoneBuilder::~ZoneBuilder() -{ -} - -void ZoneBuilder::bindFilesystemNode(const std::string& source, const std::string& target, - const std::string& type, const std::string& options, - bool create) -{ - if (create) { - runtime::File dir(target); - if (!dir.exists()) { - dir.makeDirectory(true, uid, gid); - } - } - - runtime::Mount::mountEntry(source, target, type, options); -} - -void ZoneBuilder::containerize(bool create) -{ - int nsFlags = CLONE_NEWIPC | CLONE_NEWNS; - - if (::unshare(nsFlags)) { - throw runtime::Exception("Failed to unshare namespace"); - } - - if (::mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) == -1) { - throw runtime::Exception("Failed to mount root filesystem"); - } - - xml::Node::NodeList entries = manifest->evaluate("/manifest/filesystem/entry"); - for (const xml::Node& entry : entries) { - bindFilesystemNode(entry.getProp("source"), entry.getProp("target"), - entry.getProp("type"), entry.getProp("options")); - } - - bindFilesystemNode("/home/" + name, - "/home/" + name + "/.zone/" + name, - "none", "rw,bind"); - - bindFilesystemNode("/home/" + name + "/.zone", "/home", - "none", "rw,rbind"); -} diff --git a/zone/module/zone-builder.h b/zone/module/zone-builder.h deleted file mode 100644 index 7a1890d..0000000 --- a/zone/module/zone-builder.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - - #ifndef __ZONE_BUILDER_H__ - #define __ZONE_BUILDER_H__ - -#include -#include -#include - -#include "xml/parser.h" -#include "xml/document.h" -#include "auth/user.h" - -class ZoneBuilder { -public: - ZoneBuilder(const runtime::User& user, const std::string& manifestPath); - virtual ~ZoneBuilder(); - - void containerize(bool create = true); - -protected: - void bindFilesystemNode(const std::string& source, const std::string& target, - const std::string& type, const std::string& options, - bool create = true); -private: - std::string name; - uid_t uid; - gid_t gid; - std::unique_ptr manifest; -}; - - #endif //!__ZONE_BUILDER_H__ diff --git a/zone/module/zone-guard.h b/zone/module/zone-guard.h deleted file mode 100644 index 1e33d2f..0000000 --- a/zone/module/zone-guard.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef __ZONE_GUARD_H__ -#define __ZONE_GUARD_H__ - -#include -#include -#include -#include - -#include - -#include "exception.h" - -class ZoneGuard { -public: - ZoneGuard(const std::string& name) : - zoneName(name), semaphore(nullptr) - { - semaphore = ::sem_open(zoneName.c_str(), O_CREAT, 0700, 1); - if (semaphore == nullptr) { - throw runtime::Exception("Filed to create semaphore for zone guard"); - } - } - - ~ZoneGuard() - { - if (semaphore == nullptr) { - return; - } - - ::sem_post(semaphore); - ::sem_close(semaphore); - ::sem_unlink(zoneName.c_str()); - } - - void wait() - { - while ((::sem_wait(semaphore) == -1) && (errno == EINTR)); - } - -private: - std::string zoneName; - sem_t* semaphore; -}; - -#endif //!__ZONE_GUARD_H__ diff --git a/zone/module/zone.cpp b/zone/module/zone.cpp deleted file mode 100644 index b702454..0000000 --- a/zone/module/zone.cpp +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include -#include -#include - -#include -#include - -#include "zone-guard.h" -#include "zone-builder.h" -#include "session.h" - -#include "exception.h" -#include "filesystem.h" -#include "xml/parser.h" -#include "xml/document.h" - -#define ZONE_MANIFEST_DIR CONF_PATH "/zone/" - -std::string buildZoneManifestPath(const std::string& name) -{ - return ZONE_MANIFEST_DIR + name + ".xml"; -} - -std::string getZoneName(pam_handle_t* handle) -{ - const void* retItem; - int error = ::pam_get_item(handle, PAM_USER, &retItem); - if (error != PAM_SUCCESS) { - throw runtime::Exception("Failed to get user"); - } - - return static_cast(retItem); -} - -void openZoneSession(const std::string& name) -{ - auto sessionBuilder = [](const runtime::User& user) { - ZoneBuilder builder(user, buildZoneManifestPath(user.getName())); - builder.containerize(); - }; - - createSession(runtime::User(name), sessionBuilder); -} - -void closeZoneSession(const std::string& name) -{ - destroySession(runtime::User(name)); -} - -extern "C" { -PAM_EXTERN __attribute__((visibility("default"))) -int pam_sm_open_session(pam_handle_t* pamh, int flags, int argc, const char* argv[]) -{ - try { - std::string name = getZoneName(pamh); - ZoneGuard zoneGuard(name); - zoneGuard.wait(); - - openZoneSession(name); - } catch (runtime::Exception& e) { - ::pam_syslog(pamh, LOG_ERR, "%s", e.what()); - return PAM_SESSION_ERR; - } - - return PAM_SUCCESS; -} - -PAM_EXTERN __attribute__((visibility("default"))) -int pam_sm_close_session(pam_handle_t* pamh, int flags, int argc, const char* argv[]) -{ - try { - std::string name = getZoneName(pamh); - ZoneGuard zoneGuard(name); - zoneGuard.wait(); - - closeZoneSession(name); - } catch (runtime::Exception& e) { - ::pam_syslog(pamh, LOG_ERR, "%s", e.what()); - return PAM_SESSION_ERR; - } - - return PAM_SUCCESS; -} - -#ifdef PAM_MODULE_ENTRY -PAM_MODULE_ENTRY("pam_zone"); -#endif - -} diff --git a/zone/volume/CMakeLists.txt b/zone/volume/CMakeLists.txt deleted file mode 100644 index 171d839..0000000 --- a/zone/volume/CMakeLists.txt +++ /dev/null @@ -1,35 +0,0 @@ -# -# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -SET(ZONE_VOLUME_MANAGER_TARGET "zone-volume-manager") - -SET(ZONE_VOLUME_MANAGER_SOURCES key-manager.cpp - key-generator.cpp - kernel-keyring.cpp - main.cpp -) - -PKG_CHECK_MODULES(ZONE_VOLUME_MANAGER_DEPS REQUIRED - klay - key-manager -) - -ADD_EXECUTABLE(${ZONE_VOLUME_MANAGER_TARGET} ${ZONE_VOLUME_MANAGER_SOURCES}) - -INCLUDE_DIRECTORIES(SYSTEM ${ZONE_VOLUME_MANAGER_DEPS_INCLUDE_DIRS} ${ZONE_LIBS}) - -TARGET_LINK_LIBRARIES(${ZONE_VOLUME_MANAGER_TARGET} ${ZONE_VOLUME_MANAGER_DEPS_LIBRARIES}) - -INSTALL(TARGETS ${ZONE_VOLUME_MANAGER_TARGET} DESTINATION sbin) diff --git a/zone/volume/ecryptfs.h b/zone/volume/ecryptfs.h deleted file mode 100755 index 9962e34..0000000 --- a/zone/volume/ecryptfs.h +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ECRYPTFS_H__ -#define __ECRYPTFS_H__ - -#include -#include - -// this is versions of ecryptfs module -#define ECRYPTFS_MAJOR_VERSION 0x00 -#define ECRYPTFS_MINOR_VERSION 0x04 -#define ECRYPTFS_VERSION ((ECRYPTFS_MAJOR_VERSION << 8) | ECRYPTFS_MINOR_VERSION) - -#define ECRYPTFS_MAX_PKI_NAME_BYTES 16 -#define ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET 0x02 - -#define PGP_DIGEST_ALGO_SHA512 10 - -#define ECRYPTFS_FEK_CIPHER "aes" -#define ECRYPTFS_MOUNT_DEVICE "ecryptfs" - -#define ECRYPTFS_MAX_OPTIONS 1024 - -#define ECRYPTFS_MAX_SIG_SIZE 8 -#define ECRYPTFS_MAX_SIG_HEX (ECRYPTFS_MAX_SIG_SIZE*2) -#define ECRYPTFS_PASSWORD_SIG_SIZE ECRYPTFS_MAX_SIG_HEX - -#define ECRYPTFS_MAX_KEY_SIZE 32 -#define ECRYPTFS_MAX_KEY_HEX (ECRYPTFS_MAX_KEY_SIZE * 2) - -#define ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES 512 -#define ECRYPTFS_MAX_PKI_NAME_BYTES 16 - -#define ECRYPTFS_MAX_SALT_SIZE 4 -#define ECRYPTFS_MAX_SALT_HEX 8 - -#define ECRYPTFS_PWD_PAYLOAD_TYPE 0 // password - -struct ecryptfs_session_key { -#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_DECRYPT 0x00000001 -#define ECRYPTFS_USERSPACE_SHOULD_TRY_TO_ENCRYPT 0x00000002 -#define ECRYPTFS_CONTAINS_DECRYPTED_KEY 0x00000004 -#define ECRYPTFS_CONTAINS_ENCRYPTED_KEY 0x00000008 - int32_t flags; - int32_t encrypted_key_size; - int32_t decrypted_key_size; - u_int8_t encrypted_key[ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES]; - u_int8_t decrypted_key[ECRYPTFS_MAX_KEY_HEX]; -}; - -struct ecryptfs_password { - int32_t password_bytes; - int32_t hash_algo; - int32_t hash_iterations; - int32_t session_key_encryption_key_bytes; -#define ECRYPTFS_PERSISTENT_PASSWORD 0x01 -#define ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET 0x02 - u_int32_t flags; - /* Iterated-hash concatenation of salt and passphrase */ - u_int8_t session_key_encryption_key[ECRYPTFS_MAX_KEY_HEX]; - u_int8_t signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1]; - /* Always in expanded hex */ - u_int8_t salt[ECRYPTFS_MAX_SALT_SIZE]; -}; - -enum ecryptfs_token_types { - ECRYPTFS_PASSWORD, - ECRYPTFS_PRIVATE_KEY -}; - -struct ecryptfs_private_key { - u_int32_t key_size; - u_int32_t data_len; - u_int8_t signature[ECRYPTFS_PASSWORD_SIG_SIZE + 1]; - char pki_type[ECRYPTFS_MAX_PKI_NAME_BYTES + 1]; - u_int8_t data[]; -}; - -struct ecryptfs_auth_tok { - u_int16_t version; /* 8-bit major and 8-bit minor */ - u_int16_t token_type; -#define ECRYPTFS_ENCRYPT_ONLY 0x00000001 - u_int32_t flags; - struct ecryptfs_session_key session_key; - u_int8_t reserved[32]; - union { - struct ecryptfs_password password; - struct ecryptfs_private_key private_key; - } token; -} __attribute__((packed)); - -typedef struct ecryptfs_auth_tok ecryptfs_payload; -#endif diff --git a/zone/volume/kernel-keyring.cpp b/zone/volume/kernel-keyring.cpp deleted file mode 100755 index 11d2373..0000000 --- a/zone/volume/kernel-keyring.cpp +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include -#include -#include -#include - -#include "kernel-keyring.h" - -#ifndef KEYCTL_SEARCH -#define KEYCTL_SEARCH 10 -#endif - -KeySerial KernelKeyRing::add(const char *type, const char* description, const void* payload, size_t plen, KeySerial ringid) -{ - return ::syscall(__NR_add_key, type, description, payload, plen, ringid); -} - -long KernelKeyRing::search(KeySerial ringid, const char* type, const char* description, KeySerial destringid) -{ - return ::syscall(__NR_keyctl, KEYCTL_SEARCH, ringid, type, description, destringid); -} - -long KernelKeyRing::link(KeySerial keyid, KeySerial ringid) -{ - return ::syscall(__NR_keyctl, KEYCTL_LINK, keyid, ringid); -} - -long KernelKeyRing::unlink(KeySerial keyid, KeySerial ringid) -{ - return ::syscall(__NR_keyctl, KEYCTL_UNLINK, keyid, ringid); -} diff --git a/zone/volume/kernel-keyring.h b/zone/volume/kernel-keyring.h deleted file mode 100755 index c23d70f..0000000 --- a/zone/volume/kernel-keyring.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __KERNEL_KEY_RING_H__ -#define __KERNEL_KEY_RING_H__ - -#include -#include - -#include - -typedef int32_t KeySerial; - -class KernelKeyRing { -public: - KernelKeyRing() = delete; - KernelKeyRing(const KernelKeyRing&) = delete; - KernelKeyRing(KernelKeyRing&&) = delete; - - KernelKeyRing& operator=(const KernelKeyRing&) = delete; - KernelKeyRing& operator=(KernelKeyRing&&) = delete; - - static KeySerial add(const char* type, const char* description, const void* payload, size_t plen, KeySerial ringid); - static long search(KeySerial ringid, const char* type, const char* description, KeySerial destringid); - static long link(KeySerial keyid, KeySerial ringid); - static long unlink(KeySerial keyid, KeySerial ringid); -}; - -#endif //!__KERNEL_KEY_RING_H__ diff --git a/zone/volume/key-generator.cpp b/zone/volume/key-generator.cpp deleted file mode 100755 index d6440f6..0000000 --- a/zone/volume/key-generator.cpp +++ /dev/null @@ -1,322 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include - -#include "key-generator.h" - -#define RAND_READ_BYTES 8 -#define PBKDF2_ITERATION 1000 -#define SHA_BLOCKSIZE 64 - -#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) - -#if defined (BYTE_ORDER) && defined(BIG_ENDIAN) && (BYTE_ORDER == BIG_ENDIAN) -#define WORDS_BIGENDIAN 1 -#endif -#ifdef _BIG_ENDIAN -#define WORDS_BIGENDIAN 1 -#endif - -#ifdef WORDS_BIGENDIAN -#define blk0(i) block->l[i] -#else -#define blk0(i) (block->l[i] = (rol(block->l[i], 24)&0xff00ff00) \ - |(rol(block->l[i], 8)&0x00ff00ff)) -#endif -#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ - ^block->l[(i+2)&15]^block->l[i&15], 1)) - -/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */ -#define R0(v, w, x, y, z, i) \ - z+=((w&(x^y))^y)+blk0(i)+0x5a827999+rol(v, 5);w=rol(w, 30); -#define R1(v, w, x, y, z, i) \ - z+=((w&(x^y))^y)+blk(i)+0x5a827999+rol(v, 5);w=rol(w, 30); -#define R2(v, w, x, y, z, i) \ - z+=(w^x^y)+blk(i)+0x6ed9eba1+rol(v, 5);w=rol(w, 30); -#define R3(v, w, x, y, z, i) \ - z+=(((w|x)&y)|(w&x))+blk(i)+0x8f1bbcdc+rol(v, 5);w=rol(w, 30); -#define R4(v, w, x, y, z, i) \ - z+=(w^x^y)+blk(i)+0xca62c1d6+rol(v, 5);w=rol(w, 30); - -#define __min__(a, b) (((a) < (b)) ? (a) : (b)) - -std::string KeyGenerator::hexConvert(unsigned char* src, int srcLen) -{ - std::ostringstream ss; - - for (int i = 0; i state[0] = 0x67452301; - context->state[1] = 0xefcdab89; - context->state[2] = 0x98badcfe; - context->state[3] = 0x10325476; - context->state[4] = 0xc3d2e1f0; - context->count[0] = context->count[1] = 0; -} - -void KeyGenerator::sha1Update(SHA1_CTX* context, const void* p, unsigned int len) -{ - const unsigned char* data = (unsigned char*)p; - unsigned int i, j; - - j = (context->count[0] >> 3) & 63; - if ((context->count[0] += (len << 3)) < (len << 3)) { - context->count[1]++; - } - context->count[1] += (len >> 29); - if ((j + len) > 63) { - ::memcpy(&context->buffer[j], data, (i = 64 - j)); - sha1Transform(context->state, context->buffer); - for (; i + 63 < len; i += 64) { - sha1Transform(context->state, data + i); - } - j = 0; - } else { - i = 0; - } - - ::memcpy(&context->buffer[j], &data[i], len - i); -} - -void KeyGenerator::sha1Final(unsigned char digest[SHA1_DIGEST_SIZE], SHA1_CTX* context) -{ - unsigned int i; - unsigned char finalcount[8]; - for (i = 0; i < 8; i++) { - finalcount[i] = (unsigned char) ((context->count[(i >= 4 ? 0 : 1)] - >> ((3 - (i & 3)) * 8)) & 255); - } - sha1Update(context, (unsigned char*) "\200", 1); - while ((context->count[0] & 504) != 448) { - sha1Update(context, (unsigned char*) "\0", 1); - } - sha1Update(context, finalcount, 8); - /* Should cause SHA1_Transform */ - for (i = 0; i < SHA1_DIGEST_SIZE; i++) { - digest[i] = (unsigned char) - ((context->state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255); - } - /* Wipe variables */ - i = 0; - ::memset(context->buffer, 0, 64); - ::memset(context->state, 0, 20); - ::memset(context->count, 0, 8); - ::memset(finalcount, 0, 8); /* SWR */ - -#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite its own static vars */ - transform(context->state, context->buffer); -#endif -} - -void KeyGenerator::sha1Transform(unsigned int state[5], const unsigned char buffer[64]) -{ - uint32_t a, b, c, d, e; - typedef union { - unsigned char c[64]; - unsigned int l[16]; - } CHAR64LONG16; - CHAR64LONG16 *block; - -#ifdef SHA1HANDSOFF - CHAR64LONG16 workspace; - block = &workspace; - ::memcpy(block, buffer, 64); -#else - block = (CHAR64LONG16*)buffer; -#endif - - a = state[0]; - b = state[1]; - c = state[2]; - d = state[3]; - e = state[4]; - - /* 4 rounds of 20 operations each. Loop unrolled. */ - R0(a, b, c, d, e, 0); R0(e, a, b, c, d, 1); R0(d, e, a, b, c, 2); R0(c, d, e, a, b, 3); - R0(b, c, d, e, a, 4); R0(a, b, c, d, e, 5); R0(e, a, b, c, d, 6); R0(d, e, a, b, c, 7); - R0(c, d, e, a, b, 8); R0(b, c, d, e, a, 9); R0(a, b, c, d, e, 10); R0(e, a, b, c, d, 11); - R0(d, e, a, b, c, 12); R0(c, d, e, a, b, 13); R0(b, c, d, e, a, 14); R0(a, b, c, d, e, 15); - R1(e, a, b, c, d, 16); R1(d, e, a, b, c, 17); R1(c, d, e, a, b, 18); R1(b, c, d, e, a, 19); - R2(a, b, c, d, e, 20); R2(e, a, b, c, d, 21); R2(d, e, a, b, c, 22); R2(c, d, e, a, b, 23); - R2(b, c, d, e, a, 24); R2(a, b, c, d, e, 25); R2(e, a, b, c, d, 26); R2(d, e, a, b, c, 27); - R2(c, d, e, a, b, 28); R2(b, c, d, e, a, 29); R2(a, b, c, d, e, 30); R2(e, a, b, c, d, 31); - R2(d, e, a, b, c, 32); R2(c, d, e, a, b, 33); R2(b, c, d, e, a, 34); R2(a, b, c, d, e, 35); - R2(e, a, b, c, d, 36); R2(d, e, a, b, c, 37); R2(c, d, e, a, b, 38); R2(b, c, d, e, a, 39); - R3(a, b, c, d, e, 40); R3(e, a, b, c, d, 41); R3(d, e, a, b, c, 42); R3(c, d, e, a, b, 43); - R3(b, c, d, e, a, 44); R3(a, b, c, d, e, 45); R3(e, a, b, c, d, 46); R3(d, e, a, b, c, 47); - R3(c, d, e, a, b, 48); R3(b, c, d, e, a, 49); R3(a, b, c, d, e, 50); R3(e, a, b, c, d, 51); - R3(d, e, a, b, c, 52); R3(c, d, e, a, b, 53); R3(b, c, d, e, a, 54); R3(a, b, c, d, e, 55); - R3(e, a, b, c, d, 56); R3(d, e, a, b, c, 57); R3(c, d, e, a, b, 58); R3(b, c, d, e, a, 59); - R4(a, b, c, d, e, 60); R4(e, a, b, c, d, 61); R4(d, e, a, b, c, 62); R4(c, d, e, a, b, 63); - R4(b, c, d, e, a, 64); R4(a, b, c, d, e, 65); R4(e, a, b, c, d, 66); R4(d, e, a, b, c, 67); - R4(c, d, e, a, b, 68); R4(b, c, d, e, a, 69); R4(a, b, c, d, e, 70); R4(e, a, b, c, d, 71); - R4(d, e, a, b, c, 72); R4(c, d, e, a, b, 73); R4(b, c, d, e, a, 74); R4(a, b, c, d, e, 75); - R4(e, a, b, c, d, 76); R4(d, e, a, b, c, 77); R4(c, d, e, a, b, 78); R4(b, c, d, e, a, 79); - - /* Add the working vars back into context.state[] */ - state[0] += a; - state[1] += b; - state[2] += c; - state[3] += d; - state[4] += e; - - /* Wipe variables */ - a = b = c = d = e = 0; -} - -void KeyGenerator::sha1Hmac(const unsigned char* key, int keyLen, const unsigned char* data, int dataLen, unsigned char out[SHA1_DIGEST_SIZE]) -{ - SHA1_CTX ctx; - unsigned char buf[SHA_BLOCKSIZE], outPad[SHA_BLOCKSIZE], inPad[SHA_BLOCKSIZE]; - unsigned char tempKey[SHA1_DIGEST_SIZE]; - int i; - - ::memset(buf, 0, SHA_BLOCKSIZE); - - if (keyLen > SHA_BLOCKSIZE) { - sha1Init(&ctx); - sha1Update(&ctx, key, keyLen); - sha1Final(tempKey, &ctx); - key = tempKey; - keyLen = SHA1_DIGEST_SIZE; - } - - ::memcpy(buf, key, keyLen); - ::memset(inPad, 0, SHA_BLOCKSIZE); - ::memset(outPad, 0, SHA_BLOCKSIZE); - - for (i = 0; i < SHA_BLOCKSIZE; i++) { - outPad[i] = buf[i] ^ 0x5c; - inPad[i]= buf[i] ^ 0x36; - } - - sha1Init(&ctx); - sha1Update(&ctx, inPad, SHA_BLOCKSIZE); - sha1Update(&ctx, data, dataLen); - sha1Final(out, &ctx); - - sha1Init(&ctx); - sha1Update(&ctx, outPad, SHA_BLOCKSIZE); - sha1Update(&ctx, out, SHA1_DIGEST_SIZE); - sha1Final(out, &ctx); -} - -int KeyGenerator::pbkdf2(const char * pass, int passLen, const unsigned char* salt, int saltLen, int iter, int keyLen, unsigned char* out) -{ - unsigned char digtmp1[SHA1_DIGEST_SIZE], digtmp2[SHA1_DIGEST_SIZE], itmp[saltLen + 4]; - int j, k; - int genKeyLen = 0, toWriteLen; - unsigned long i = 1; - - if (passLen <= 0 || saltLen <= 0 || iter <= 0 || keyLen <= 0) - return -1; - - ::memcpy(itmp, salt, saltLen); - while (genKeyLen < keyLen) { - itmp[saltLen + 0] = (unsigned char)((i >> 24) & 0xff); - itmp[saltLen + 1] = (unsigned char)((i >> 16) & 0xff); - itmp[saltLen + 2] = (unsigned char)((i >> 8) & 0xff); - itmp[saltLen + 3] = (unsigned char)(i & 0xff); - - sha1Hmac((unsigned char*)pass, passLen, itmp, saltLen+4, digtmp1); - ::memcpy(digtmp2, digtmp1, SHA1_DIGEST_SIZE); - - for (j = 1; j < iter; j++) { - sha1Hmac((unsigned char*)pass, passLen, digtmp1, SHA1_DIGEST_SIZE, digtmp1); - for (k = 0; k < SHA1_DIGEST_SIZE; k++) { - digtmp2[k] ^= digtmp1[k]; - } - } - toWriteLen = __min__((keyLen - genKeyLen), SHA1_DIGEST_SIZE); - ::memcpy(out+genKeyLen, digtmp2, toWriteLen); - genKeyLen += toWriteLen; - ++i; - } - - return 1; -} diff --git a/zone/volume/key-generator.h b/zone/volume/key-generator.h deleted file mode 100755 index e0d9796..0000000 --- a/zone/volume/key-generator.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __VOLUME_MANAGER_KEY_GENERATOR_H__ -#define __VOLUME_MANAGER_KEY_GENERATOR_H__ - -#include "ecryptfs.h" - -#define SHA1_DIGEST_SIZE 20 - -typedef struct { - unsigned int state[5]; - unsigned int count[2]; - unsigned char buffer[64]; -} SHA1_CTX; - -class KeyGenerator { -public: - KeyGenerator() = delete; - KeyGenerator(const KeyGenerator&) = delete; - KeyGenerator(KeyGenerator&&) = delete; - - KeyGenerator& operator=(const KeyGenerator&) = delete; - KeyGenerator& operator=(KeyGenerator&&) = delete; - - static std::string wrapKey(const std::string& decrypted, const std::string& salt, int len); - static std::string generateKey(int len); - static void generateToken(char* key, ecryptfs_payload** outToken); - -private: - static void sha1Init(SHA1_CTX* context); - static void sha1Update(SHA1_CTX* context, const void* p, unsigned int len); - static void sha1Final(unsigned char digsest[SHA1_DIGEST_SIZE], SHA1_CTX* context); - static void sha1Transform(unsigned int state[5], const unsigned char buffer[64]); - static void sha1Hmac(const unsigned char* key, int keyLen, const unsigned char* data, int dataLen, unsigned char out[SHA1_DIGEST_SIZE]); - - static int pbkdf2(const char* pass, int passLen, const unsigned char* salt, int saltLen, int iter, int keyLen, unsigned char* out); - static std::string hexConvert(unsigned char* src, int srcLen); -}; - -#endif //!__VOLUME_MANAGER_KEY_GENERATOR_H__ diff --git a/zone/volume/key-manager.cpp b/zone/volume/key-manager.cpp deleted file mode 100755 index d143c31..0000000 --- a/zone/volume/key-manager.cpp +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include - -#include -#include - -#include "key-manager.h" - - -#define addAliasPrefix(alias) \ - (ckmcIdSystem + ckmcIdSeperator + alias) - -namespace { - -const std::string ckmcIdSystem = ckmc_owner_id_system; -const std::string ckmcIdSeperator = ckmc_owner_id_separator; - -} //namespace - -bool KeyManager::isKeyExist(const std::string& keyName) -{ - int ret; - ckmc_raw_buffer_s* keyData = NULL; - std::string ckmAlias = addAliasPrefix(keyName); - - ret = ::ckmc_get_data(ckmAlias.c_str(), NULL, &keyData); - ::ckmc_buffer_free(keyData); - - return (ret != CKMC_ERROR_DB_ALIAS_UNKNOWN); -} - -void KeyManager::addKey(const std::string& keyName, const std::string& data) -{ - int ret; - const std::string ckmAlias = addAliasPrefix(keyName); - ckmc_raw_buffer_s keyData; - ckmc_policy_s keyPolicy; - - keyData.data = (unsigned char*)data.c_str(); - keyData.size = data.size(); - - keyPolicy.password = NULL; - keyPolicy.extractable = true; - - ret = ::ckmc_save_data(ckmAlias.c_str(), keyData, keyPolicy); - if (ret != 0) { - throw runtime::Exception("Failed to add key data"); - } -} - -std::string KeyManager::getKey(const std::string& keyName) -{ - int ret; - const std::string ckmAlias = addAliasPrefix(keyName); - ckmc_raw_buffer_s* keyData; - std::string result; - - ret = ::ckmc_get_data(ckmAlias.c_str(), NULL, &keyData); - if (ret != CKMC_ERROR_NONE) { - throw runtime::Exception("Failed to get key data"); - } - - result = std::string(reinterpret_cast(keyData->data), keyData->size); - - ::ckmc_buffer_free(keyData); - - return result; -} - -void KeyManager::removeKey(const std::string& keyName) -{ - const std::string ckmAlias = addAliasPrefix(keyName); - - if (::ckmc_remove_data(ckmAlias.c_str()) != 0) { - throw runtime::Exception("Failed to remove key data"); - } -} diff --git a/zone/volume/key-manager.h b/zone/volume/key-manager.h deleted file mode 100644 index 6baf4ca..0000000 --- a/zone/volume/key-manager.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#ifndef __ZONE_KEY_MANAGER_H__ -#define __ZONE_KEY_MANAGER_H__ - -class KeyManager { -public: - KeyManager() = delete; - KeyManager(const KeyManager&) = delete; - KeyManager(KeyManager&&) = delete; - - KeyManager& operator=(const KeyManager&) = delete; - KeyManager& operator=(KeyManager&&) = delete; - - static bool isKeyExist(const std::string& keyName); - static void addKey(const std::string& keyName, const std::string& data); - static std::string getKey(const std::string& keyName); - static void removeKey(const std::string& keyName); -}; - -#endif //!__ZONE_KEY_MANAGER_H__*/ diff --git a/zone/volume/main.cpp b/zone/volume/main.cpp deleted file mode 100755 index c5ad1ba..0000000 --- a/zone/volume/main.cpp +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -#include -#include -#include - -#include "ecryptfs.h" -#include "kernel-keyring.h" -#include "key-manager.h" -#include "key-generator.h" - -int generateKey(const std::string& keyName) -{ - if (KeyManager::isKeyExist(keyName)) { - ERROR("Key already registered"); - return -1; - } - - try { - std::string pass = KeyGenerator::generateKey(ECRYPTFS_MAX_KEY_SIZE); - std::string salt = KeyGenerator::generateKey(ECRYPTFS_MAX_SALT_SIZE); - std::string wrappedKey = KeyGenerator::wrapKey(pass, salt, ECRYPTFS_MAX_KEY_SIZE); - - KeyManager::addKey(keyName, wrappedKey); - } catch (runtime::Exception& e) { - ERROR(e.what()); - return -1; - } - - return 0; -} - -ecryptfs_payload* generateToken(char* key) -{ - struct ecryptfs_password* tokenKey; - - unsigned char keyBuffer[ECRYPTFS_MAX_KEY_SIZE+1]; - - ecryptfs_payload* authToken = (ecryptfs_payload *)::malloc(sizeof(ecryptfs_payload)); - if (authToken == NULL) { - return NULL; - } - - ::memset(authToken, 0, sizeof(ecryptfs_payload)); - ::strncpy((char*)keyBuffer, key, ECRYPTFS_MAX_KEY_SIZE); - keyBuffer[ECRYPTFS_MAX_KEY_SIZE] = '\0'; - - tokenKey = &authToken->token.password; - - authToken->version = ECRYPTFS_VERSION; - authToken->token_type = ECRYPTFS_PWD_PAYLOAD_TYPE; - tokenKey->session_key_encryption_key_bytes = ECRYPTFS_MAX_KEY_SIZE; - tokenKey->flags = ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET; - ::memcpy(tokenKey->session_key_encryption_key, keyBuffer, ECRYPTFS_MAX_KEY_SIZE); - ::memcpy(tokenKey->signature, keyBuffer, ECRYPTFS_MAX_SIG_HEX); - - return authToken; -} - -int mountEcryptfs(const std::string& src, const std::string& keyName) -{ - int rc; - char ecryptfsOpts[1024]; - ecryptfs_payload* authTok = NULL; - - std::string key; - try { - key = KeyManager::getKey(keyName); - } catch (runtime::Exception& e) { - ERROR(e.what()); - return -1; - } - - if (KernelKeyRing::link(KEY_SPEC_USER_KEYRING, KEY_SPEC_SESSION_KEYRING) != 0) { - ERROR("Failed to link key"); - return -1; - } - - if ((authTok = generateToken((char*)key.c_str())) == NULL) { - ERROR("Failed to generate Token"); - return -1; - } - - const char* signature = (const char*)authTok->token.password.signature; - rc = KernelKeyRing::search(KEY_SPEC_USER_KEYRING, - "user", - signature, - 0); - if (rc == -1 && errno != ENOKEY) { - ERROR("Failed to find key"); - return -1; - } - if (rc == -1) { - rc = KernelKeyRing::add("user", - signature, - (void*)authTok, - sizeof(ecryptfs_payload), - KEY_SPEC_USER_KEYRING); - if (rc == -1) { - ERROR("Failed to add key"); - return -1; - } - } - - ::snprintf(ecryptfsOpts, 1024, - "ecryptfs_passthrough," - "ecryptfs_cipher=aes," - "ecryptfs_key_bytes=%d," - "ecryptfs_sig=%s," - "smackfsroot=*,smackfsdef=*", - ECRYPTFS_MAX_KEY_SIZE, signature); - - rc = ::mount(src.c_str(), src.c_str(), "ecryptfs", MS_NODEV, ecryptfsOpts); - if (rc != 0) { - ERROR(runtime::GetSystemErrorMessage()); - return -1; - } - - return 0; -} - -int mountEcryptfsToAll() -{ - return 0; -} - -void usage(const std::string& prog) -{ - std::cout << "Usage: " << prog << std::endl - << "-a : Automount" << std::endl - << "-g name : Generate key for zone" << std::endl - << "-m name : Apply filesystem encrytion to zone" << std::endl; -} - -int main(int argc, char* argv[]) -{ - int opt, index, ret = -1; - struct option options[] = { - {"automount", no_argument, 0, 'a'}, - {"generate", required_argument, 0, 'g'}, - {"mount", required_argument, 0, 'm'}, - {0, 0, 0, 0} - }; - - while ((opt = getopt_long(argc, argv, "ag:m:", options, &index)) != -1) { - switch (opt) { - case 'a': - ret = mountEcryptfsToAll(); - break; - case 'g': - ret = generateKey(optarg); - break; - case 'm': - ret = mountEcryptfs("/home/" + std::string(optarg), optarg); - break; - default: - std::cerr << "unknown" << std::endl; - usage(argv[0]); - break; - } - } - - if (ret != 0) { - return EXIT_FAILURE; - } - - return EXIT_SUCCESS; -} -- 2.7.4