From 9a678bd5894fd42736e2473c133d80fa7ccae56a Mon Sep 17 00:00:00 2001 From: DongHyun Song Date: Thu, 2 Sep 2021 11:19:00 +0900 Subject: [PATCH] [Service] Apply smack label ahead of webapis initialization On webapis side, it is checking privileges by cynara client with smack label (/prod/tid/attr/current), but, this smack label is getting before dropThreadPrivilege(). Thus, it is always 'org.tizen.chromium-efl.wrt-service'. To make correct this problem, this patch change its time ahead of dropThreadPrivilege(). By this logic, there is a new smack error while using systeminfo webapi. Because systeminfo webapi is using their singleton worker thread to get some device information. This must be created by same smack label as pid's smack label. Otherwise, the worker's task will be failed. Therefore, this moves below logic on main thread. tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { }); Later, I will discuss regarding creating this singleton worker by other better way with webapi members. Change-Id: I8c3ab62b775e1aaa895aa70b0ec5f438840ad74b Signed-off-by: DongHyun Song --- wrt_app/service/service_manager.ts | 12 ++++++++++++ wrt_app/service/service_runner.ts | 16 ++++++---------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/wrt_app/service/service_manager.ts b/wrt_app/service/service_manager.ts index 9f8d3e5..8e0c5bb 100644 --- a/wrt_app/service/service_manager.ts +++ b/wrt_app/service/service_manager.ts @@ -1,5 +1,6 @@ import { Worker, isMainThread } from 'worker_threads'; import { wrt } from '../browser/wrt'; +import * as XWalkExtension from '../common/wrt_xwalk_extension'; interface WorkerMap { [id: string]: any; @@ -45,8 +46,19 @@ function terminateWorker(id: string, delay: number) { workers[id].postMessage({ type: 'stop', delay }); } +let initializeExtensionOnMain = () => { + initializeExtensionOnMain = () => {}; + XWalkExtension.initialize(); + // This is workaround solution to make webapis's singleton worker, which has + // same smack label with pid's. + // It must be handled ahead of dropThreadPrivilege() + // Otherwise, smack violation might hanppen from 'libdbuspolicy'. + global.tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { }); +} + export function startService(id: string, filename: string) { console.debug(`startService - ${id}`); + initializeExtensionOnMain(); if (global['serviceType'] === 'STANDALONE') { let ids = id.split(':'); let serviceId = ids[0]; diff --git a/wrt_app/service/service_runner.ts b/wrt_app/service/service_runner.ts index ac17652..b4b3fe1 100644 --- a/wrt_app/service/service_runner.ts +++ b/wrt_app/service/service_runner.ts @@ -67,7 +67,12 @@ let checkLauncherAlive = (id: string) => { } export function start(id: string, filename: string) { + let ids = id.split(':'); + let serviceId = ids[0]; + let packageId = wrt.getPackageId(serviceId); wrt.setServiceAppId(id); + wrt.security?.dropThreadPrivilege(packageId, serviceId); + XWalkExtension.initialize(); XWalkExtension.setRuntimeMessageHandler((type, data) => { if (type === 'tizen://exit') { @@ -78,10 +83,7 @@ export function start(id: string, filename: string) { console.debug(`serviceType : ${global['serviceType']}`) new DeviceAPIRouter(id, isGlobalService()); - - // this is workaround solution to make webapis singleton worker - // ahead of dropThreadPrivilege() - global.tizen.systeminfo.getPropertyValue("CPU", () => { }, () => { }); + printAppControlData(id); // This is for awaking up uv loop. if (isGlobalService()) { @@ -97,12 +99,6 @@ export function start(id: string, filename: string) { } try { - let ids = id.split(':'); - let serviceId = ids[0]; - let packageId = global.webapis.getPackageId(); - wrt.security?.dropThreadPrivilege(packageId, serviceId); - printAppControlData(id); - app = require(filename); if (app.onStart !== undefined) { app.onStart(); -- 2.7.4