From 6d51e72cddbaa859ed20d3ab6ee3ff155cd8318c Mon Sep 17 00:00:00 2001 From: jongmyeongko Date: Mon, 4 Jul 2016 19:27:49 +0900 Subject: [PATCH] remove CAP_MAC_OVERRIDE from app2sd-server separate move function to pre_move and pos_move for labeling the contents under .mmc Submit with: https://review.tizen.org/gerrit/#/c/78072/ Change-Id: Iac91cf9fc17f4bb3bb2728bed8e94efa1cdaa9bf Signed-off-by: jongmyeongko --- inc/app2ext_interface.h | 14 +++++-- packaging/app2sd.spec | 2 +- plugin/app2sd/app2sd-server.service.in | 1 + plugin/app2sd/inc/app2sd_client_interface.h | 28 +++++++------ plugin/app2sd/inc/app2sd_interface.h | 5 ++- plugin/app2sd/src/app2sd_client_interface.c | 51 ++++++++++++++++++---- plugin/app2sd/src/app2sd_interface.c | 65 ++++++++++++++++++++++++++++- plugin/app2sd/src/app2sd_internals.c | 21 +--------- plugin/app2sd/src/app2sd_server.c | 57 +++++++++++++++++++++---- test/src/test_app2ext.c | 10 ++++- 10 files changed, 197 insertions(+), 57 deletions(-) diff --git a/inc/app2ext_interface.h b/inc/app2ext_interface.h index 5d8853f..45743ce 100644 --- a/inc/app2ext_interface.h +++ b/inc/app2ext_interface.h @@ -279,9 +279,13 @@ typedef int (*app2ext_client_post_uninstall)(const char *appname); * [Enum: APP2EXT_MOVE_TO_EXT, APP2EXT_MOVE_TO_PHONE] * @return 0 if success, error code(>0) if fail */ -typedef int (*app2ext_client_usr_move)(const char *appname, GList* dir_list, +typedef int (*app2ext_client_usr_pre_move)(const char *appname, GList* dir_list, app2ext_move_type move_type, uid_t uid); -typedef int (*app2ext_client_move)(const char *appname, GList* dir_list, +typedef int (*app2ext_client_pre_move)(const char *appname, GList* dir_list, + app2ext_move_type move_type); +typedef int (*app2ext_client_usr_post_move)(const char *appname, + app2ext_move_type move_type, uid_t uid); +typedef int (*app2ext_client_post_move)(const char *appname, app2ext_move_type move_type); /** @@ -339,7 +343,8 @@ typedef struct app2ext_interface_t { app2ext_client_disable client_disable; app2ext_client_enable_full_pkg client_enable_full_pkg; app2ext_client_disable_full_pkg client_disable_full_pkg; - app2ext_client_move client_move; + app2ext_client_pre_move client_pre_move; + app2ext_client_post_move client_post_move; app2ext_client_usr_pre_install client_usr_pre_install; app2ext_client_usr_post_install client_usr_post_install; @@ -350,7 +355,8 @@ typedef struct app2ext_interface_t { app2ext_client_usr_force_clean client_usr_force_clean; app2ext_client_usr_enable client_usr_enable; app2ext_client_usr_disable client_usr_disable; - app2ext_client_usr_move client_usr_move; + app2ext_client_usr_pre_move client_usr_pre_move; + app2ext_client_usr_post_move client_usr_post_move; } app2ext_interface; /** diff --git a/packaging/app2sd.spec b/packaging/app2sd.spec index d6ff491..61e8bde 100644 --- a/packaging/app2sd.spec +++ b/packaging/app2sd.spec @@ -1,6 +1,6 @@ Name: app2sd Summary: Application installation on external memory -Version: 0.5.42 +Version: 0.5.43 Release: 1 Group: Application Framework/Package Management License: Apache-2.0 diff --git a/plugin/app2sd/app2sd-server.service.in b/plugin/app2sd/app2sd-server.service.in index 5656b13..3389d63 100644 --- a/plugin/app2sd/app2sd-server.service.in +++ b/plugin/app2sd/app2sd-server.service.in @@ -4,3 +4,4 @@ Description=app2sd server [Service] ExecStart=@PREFIX@/bin/app2sd-server CapabilityBoundingSet=~CAP_MAC_ADMIN +CapabilityBoundingSet=~CAP_MAC_OVERRIDE diff --git a/plugin/app2sd/inc/app2sd_client_interface.h b/plugin/app2sd/inc/app2sd_client_interface.h index 119faca..7470e46 100644 --- a/plugin/app2sd/inc/app2sd_client_interface.h +++ b/plugin/app2sd/inc/app2sd_client_interface.h @@ -59,7 +59,6 @@ extern "C" { * @post Installation is done by package installer. * Encryption password is saved in db TZ_SYS_DB/.app2sd.db * @param[in] appname application package name - * [Ex: com.samsung.calculator] *This entry is parsed from application package control/manifest file. * @param[in] dir_list directory structure of the application * @param[in] size size of memory required by application(in MB). @@ -76,7 +75,6 @@ int app2sd_client_pre_app_install(const char *pkgid, * @brief : This API does post installation operations after * the installation in SD card * @param[in] appname application package name - * [Ex: com.samsung.calculator] * @param[in] install_status Status of installation of package *[ enum app2ext_status].If package installation failed then * install_status= APP2EXT_STATUS_FAILURE else if installation @@ -96,7 +94,6 @@ int app2sd_client_post_app_install(const char *pkgid, * @pre vfat type sd card must be present. * @post Upgradation is done by package installer. * @param[in] appname application package name - * [Ex: com.samsung.calculator] * @param[in] dir_list directory structure of the application * @param[in] size size of memory required by application(in MB). *This entry is parsed from application package control/manifest file. @@ -112,7 +109,6 @@ int app2sd_client_pre_app_upgrade(const char *pkgid, * @brief : This API does post upgradation operations after * the installation in SD card * @param[in] appname application package name - * [Ex: com.samsung.calculator] * @param[in] install_status Status of installation of package *[ enum app2extl_status].If package upgradation failed then * upgrade_status= APP2EXT_STATUS_FAILURE else if upgradation @@ -130,7 +126,6 @@ int app2sd_client_post_app_upgrade(const char *pkgid, * @pre Package must be installed in sdcard. * @post Package is uninstalled by the package installer. * @param[in] appname application package name - * [Ex: com.samsung.calculator] * @return 0 if success, error code(>0) if fail * @remark None. */ @@ -143,7 +138,6 @@ int app2sd_client_pre_app_uninstall(const char *pkgid); * @pre Package must be uninstalled . * @post Encryption password is removed from sqlite db. * @param[in] appname application package name - * [Ex: com.samsung.calculator] * @return 0 if success, error code(>0) if fail * @remark None. */ @@ -151,10 +145,9 @@ int app2sd_client_usr_post_app_uninstall(const char *pkgid, uid_t uid); int app2sd_client_post_app_uninstall(const char *pkgid); /** - * @brief : This API moves the package from sd card + * @brief : This API prepare the move of the package from sd card to internal memory and vice versa. * @param[in] pkgid application package id - * [Ex: com.samsung.calculator] * @param[in] move_type Move type[enum app2ext_move_type] * [sd card to internal/internal to sd card] * @param[in] dir_list directory structure of the application @@ -164,16 +157,28 @@ int app2sd_client_post_app_uninstall(const char *pkgid); * @return 0 if success, error code(>0) if fail * @remark None. */ -int app2sd_client_usr_move_installed_app(const char *pkgid, +int app2sd_client_usr_pre_move_installed_app(const char *pkgid, GList *dir_list, app2ext_move_type move_type, uid_t uid); -int app2sd_client_move_installed_app(const char *pkgid, +int app2sd_client_pre_move_installed_app(const char *pkgid, GList *dir_list, app2ext_move_type move_type); /** + * @brief : This API remove the resources created during the move. + * @param[in] pkgid application package id + * @param[in] move_type Move type[enum app2ext_move_type] + * [sd card to internal/internal to sd card] + * @return 0 if success, error code(>0) if fail + * @remark None. + */ +int app2sd_client_usr_post_move_installed_app(const char *pkgid, + app2ext_move_type move_type, uid_t uid); +int app2sd_client_post_move_installed_app(const char *pkgid, + app2ext_move_type move_type); + +/** * @brief : This API Enables the application in sd card for use. This API should be called by AUL. * @param[in] pkgid application package id -* [Ex: com.samsung.calculator] * @pre Package must be installed * @post application is enabled in SD card. * @return 0 if success, error code(>0) if fail @@ -187,7 +192,6 @@ int app2sd_client_on_demand_setup_init(const char *pkgid); . This API should be called by Launchpad callback which will be registered during app launch for exit action of the application * @param[in] pkgid application package id -* [Ex: com.samsung.calculator] * @pre Package must be installed and enabled * and application must be running in SD card * @post application is disabked in SD card. diff --git a/plugin/app2sd/inc/app2sd_interface.h b/plugin/app2sd/inc/app2sd_interface.h index 5d0cd8a..99c1565 100644 --- a/plugin/app2sd/inc/app2sd_interface.h +++ b/plugin/app2sd/inc/app2sd_interface.h @@ -47,9 +47,12 @@ int app2sd_usr_pre_app_uninstall(const char *pkgid, uid_t uid); int app2sd_usr_post_app_uninstall(const char *pkgid, uid_t uid); -int app2sd_usr_move_installed_app(const char *pkgid, +int app2sd_usr_pre_move_installed_app(const char *pkgid, GList *dir_list, app2ext_move_type move_type, uid_t uid); +int app2sd_usr_post_move_installed_app(const char *pkgid, + app2ext_move_type move_type, uid_t uid); + int app2sd_usr_on_demand_setup_init(const char *pkgid, uid_t uid); int app2sd_usr_on_demand_setup_exit(const char *pkgid, uid_t uid); diff --git a/plugin/app2sd/src/app2sd_client_interface.c b/plugin/app2sd/src/app2sd_client_interface.c index 7c4dbb1..852e6fe 100644 --- a/plugin/app2sd/src/app2sd_client_interface.c +++ b/plugin/app2sd/src/app2sd_client_interface.c @@ -496,7 +496,7 @@ int app2sd_client_on_demand_setup_exit(const char *pkgid) return ret; } -int app2sd_client_usr_move_installed_app(const char *pkgid, GList *dir_list, +int app2sd_client_usr_pre_move_installed_app(const char *pkgid, GList *dir_list, app2ext_move_type move_type, uid_t uid) { int ret = 0; @@ -515,32 +515,63 @@ int app2sd_client_usr_move_installed_app(const char *pkgid, GList *dir_list, if (move_type == APP2EXT_MOVE_TO_EXT) cmd = APP2SD_MOVE_APP_TO_MMC; - ret = __app2sd_create_default_directories(pkgid, cmd, uid); - if (ret) - return ret; + if (cmd == APP2SD_MOVE_APP_TO_MMC) { + ret = __app2sd_create_default_directories(pkgid, cmd, uid); + if (ret) + return ret; + } builder = g_variant_builder_new(G_VARIANT_TYPE("a(si)")); g_list_foreach(dir_list, __app2sd_create_dir_list_builder, builder); param = g_variant_new("(sia(si)i)", pkgid, move_type, builder, uid); - ret = __app2sd_call_server_method("MoveInstalledApp", param); + ret = __app2sd_call_server_method("PreMoveInstalledApp", param); if (builder) g_variant_builder_unref(builder); return ret; } -int app2sd_client_move_installed_app(const char *pkgid, GList *dir_list, +int app2sd_client_pre_move_installed_app(const char *pkgid, GList *dir_list, app2ext_move_type move_type) { int ret = 0; - ret = app2sd_client_usr_move_installed_app(pkgid, + ret = app2sd_client_usr_pre_move_installed_app(pkgid, dir_list, move_type, getuid()); return ret; } +int app2sd_client_usr_post_move_installed_app(const char *pkgid, + app2ext_move_type move_type, uid_t uid) +{ + int ret = 0; + GVariant *param = NULL; + + /* validate the function parameter recieved */ + if (pkgid == NULL || move_type < APP2EXT_MOVE_TO_EXT + || move_type > APP2EXT_MOVE_TO_PHONE) { + _E("invalid function arguments"); + return APP2EXT_ERROR_INVALID_ARGUMENTS; + } + + param = g_variant_new("(sii)", pkgid, move_type, uid); + ret = __app2sd_call_server_method("PostMoveInstalledApp", param); + + return ret; +} +int app2sd_client_post_move_installed_app(const char *pkgid, + app2ext_move_type move_type) +{ + int ret = 0; + + ret = app2sd_client_usr_post_move_installed_app(pkgid, + move_type, getuid()); + + return ret; +} + void app2ext_on_load(app2ext_interface *interface) { /* Plug-in Binding.*/ @@ -555,7 +586,8 @@ void app2ext_on_load(app2ext_interface *interface) interface->client_disable = app2sd_client_on_demand_setup_exit; interface->client_enable_full_pkg = app2sd_client_enable_full_pkg; interface->client_disable_full_pkg = app2sd_client_disable_full_pkg; - interface->client_move = app2sd_client_move_installed_app; + interface->client_pre_move = app2sd_client_pre_move_installed_app; + interface->client_post_move = app2sd_client_post_move_installed_app; interface->client_usr_pre_install = app2sd_client_usr_pre_app_install; interface->client_usr_post_install = app2sd_client_usr_post_app_install; @@ -566,5 +598,6 @@ void app2ext_on_load(app2ext_interface *interface) interface->client_usr_force_clean = app2sd_client_usr_force_clean; interface->client_usr_enable = app2sd_client_usr_on_demand_setup_init; interface->client_usr_disable = app2sd_client_usr_on_demand_setup_exit; - interface->client_usr_move = app2sd_client_usr_move_installed_app; + interface->client_usr_pre_move = app2sd_client_usr_pre_move_installed_app; + interface->client_usr_post_move = app2sd_client_usr_post_move_installed_app; } diff --git a/plugin/app2sd/src/app2sd_interface.c b/plugin/app2sd/src/app2sd_interface.c index 7e52583..d7144fd 100644 --- a/plugin/app2sd/src/app2sd_interface.c +++ b/plugin/app2sd/src/app2sd_interface.c @@ -734,8 +734,8 @@ END: return ret; } -int app2sd_usr_move_installed_app(const char *pkgid, GList *dir_list, - app2ext_move_type move_type, uid_t uid) +int app2sd_usr_pre_move_installed_app(const char *pkgid, + GList *dir_list, app2ext_move_type move_type, uid_t uid) { int ret = 0; int pkgmgr_ret = 0; @@ -810,6 +810,67 @@ int app2sd_usr_move_installed_app(const char *pkgid, GList *dir_list, return APP2EXT_SUCCESS; } +int app2sd_usr_post_move_installed_app(const char *pkgid, + app2ext_move_type move_type, uid_t uid) +{ + int ret = 0; + char application_path[FILENAME_MAX] = { 0, }; + char loopback_device[FILENAME_MAX] = { 0, }; + char *encoded_id = NULL; + + /* validate function arguments */ + if (pkgid == NULL || move_type < APP2EXT_MOVE_TO_EXT + || move_type > APP2EXT_MOVE_TO_PHONE) { + _E("invalid function arguments"); + return APP2EXT_ERROR_INVALID_ARGUMENTS; + } + + if (move_type == APP2EXT_MOVE_TO_PHONE) + return APP2EXT_SUCCESS; + + /* check whether MMC is present or not */ + ret = _app2sd_check_mmc_status(); + if (ret) { + _E("MMC not preset OR Not ready(%d)", ret); + return APP2EXT_ERROR_MMC_STATUS; + } + + encoded_id = _app2sd_get_encoded_name(pkgid, uid); + if (encoded_id == NULL) + return APP2EXT_ERROR_MEMORY_ALLOC_FAILED; + + snprintf(loopback_device, FILENAME_MAX - 1, "%s/%s", + APP2SD_PATH, encoded_id); + free(encoded_id); + if (_is_global(uid)) { + snprintf(application_path, FILENAME_MAX - 1, "%s/%s", + tzplatform_getenv(TZ_SYS_RW_APP), pkgid); + } else { + tzplatform_set_user(uid); + snprintf(application_path, FILENAME_MAX - 1, "%s/%s", + tzplatform_getenv(TZ_USER_APP), pkgid); + tzplatform_reset_user(); + } + + ret = _app2sd_unmount_app_content(application_path); + if (ret) + _E("unmount error (%d)", ret); + +#ifdef TIZEN_FEATURE_APP2SD_DMCRYPT_ENCRYPTION + ret = _app2sd_dmcrypt_close_device(pkgid, uid); + if (ret) + _E("close dmcrypt device error(%d)", ret); +#else + ret = _app2sd_remove_loopback_encryption_setup(loopback_device); + if (ret) + _E("unable to detach loopback setup for (%s)", + loopback_device); +#endif + + sync(); + return APP2EXT_SUCCESS; +} + int app2sd_usr_pre_app_upgrade(const char *pkgid, GList *dir_list, int size, uid_t uid) { diff --git a/plugin/app2sd/src/app2sd_internals.c b/plugin/app2sd/src/app2sd_internals.c index 1605050..58f6f67 100644 --- a/plugin/app2sd/src/app2sd_internals.c +++ b/plugin/app2sd/src/app2sd_internals.c @@ -789,7 +789,8 @@ int _app2sd_mount_app_content(const char *application_path, const char *pkgid, break; } - if (cmd == APP2SD_PRE_UNINSTALL || cmd == APP2SD_PRE_UPGRADE) { + if (cmd == APP2SD_PRE_UNINSTALL || cmd == APP2SD_MOVE_APP_TO_PHONE || + cmd == APP2SD_PRE_UPGRADE) { /* delete lost+found dir */ snprintf(temp_path, FILENAME_MAX - 1, "%s/lost+found", application_mmc_path); @@ -1082,24 +1083,6 @@ int _app2sd_move_app_to_external(const char *pkgid, GList *dir_list, uid_t uid) goto ERR; } - /* re-mount the loopback encrypted pseudo device on application installation path - * as with Read Only permission - */ - ret = _app2sd_unmount_app_content(application_path); - if (ret) - _E("unmount error (%d)", ret); - -#ifdef TIZEN_FEATURE_APP2SD_DMCRYPT_ENCRYPTION - ret = _app2sd_dmcrypt_close_device(pkgid, uid); - if (ret) - _E("close dmcrypt device error(%d)", ret); -#else - ret = _app2sd_remove_loopback_encryption_setup(loopback_device); - if (ret) - _E("unable to detach loopback setup for (%s)", - loopback_device); -#endif - sync(); return APP2EXT_SUCCESS; diff --git a/plugin/app2sd/src/app2sd_server.c b/plugin/app2sd/src/app2sd_server.c index 0837b70..7744c43 100644 --- a/plugin/app2sd/src/app2sd_server.c +++ b/plugin/app2sd/src/app2sd_server.c @@ -158,13 +158,19 @@ static const gchar introspection_xml[] = " " " " " " -" " +" " " " " " " " " " " " " " +" " +" " +" " +" " +" " +" " " " " " " " @@ -507,8 +513,9 @@ static void _app2sd_server_ondemand_setup_exit(GDBusConnection *connection, cons g_dbus_method_invocation_return_value(invocation, param); } -static void _app2sd_server_move_installed_app(GDBusConnection *connection, const gchar *sender, - GVariant *parameters, GDBusMethodInvocation *invocation, uid_t sender_uid) +static void _app2sd_server_pre_move_installed_app(GDBusConnection *connection, + const gchar *sender, GVariant *parameters, + GDBusMethodInvocation *invocation, uid_t sender_uid) { GVariant *param = NULL; int result = APP2EXT_SUCCESS; @@ -563,9 +570,42 @@ static void _app2sd_server_move_installed_app(GDBusConnection *connection, const g_variant_iter_free(iter); dir_list = g_list_first(list); - ret = app2sd_usr_move_installed_app(pkgid, dir_list, move_type, target_uid); + ret = app2sd_usr_pre_move_installed_app(pkgid, dir_list, move_type, target_uid); + if (ret) { + _E("pre_move error(%d)", ret); + result = ret; + } + + param = g_variant_new("(i)", result); + g_dbus_method_invocation_return_value(invocation, param); +} + +static void _app2sd_server_post_move_installed_app(GDBusConnection *connection, + const gchar *sender, GVariant *parameters, + GDBusMethodInvocation *invocation, uid_t sender_uid) +{ + GVariant *param = NULL; + int result = APP2EXT_SUCCESS; + int move_type; + char *pkgid = NULL; + int ret = 0; + uid_t target_uid = -1; + + g_variant_get(parameters, "(&sii)", &pkgid, &move_type, &target_uid); + + _D("pkgid(%s), move_type(%d),sender_uid(%d), target_uid(%d)", + pkgid, move_type, sender_uid, target_uid); + + if (sender_uid != 0 && sender_uid != target_uid) { + _E("Not permitted user!"); + _app2sd_server_return_method_error(invocation, + APP2EXT_ERROR_OPERATION_NOT_PERMITTED); + return; + } + + ret = app2sd_usr_post_move_installed_app(pkgid, move_type, target_uid); if (ret) { - _E("usr_move error(%d)", ret); + _E("post_move error(%d)", ret); result = ret; } @@ -690,8 +730,11 @@ static void handle_method_call(GDBusConnection *connection, } else if (g_strcmp0(method_name, "OndemandSetupExit") == 0) { _app2sd_server_ondemand_setup_exit(connection, sender, parameters, invocation, sender_uid); - } else if (g_strcmp0(method_name, "MoveInstalledApp") == 0) { - _app2sd_server_move_installed_app(connection, sender, + } else if (g_strcmp0(method_name, "PreMoveInstalledApp") == 0) { + _app2sd_server_pre_move_installed_app(connection, sender, + parameters, invocation, sender_uid); + } else if (g_strcmp0(method_name, "PostMoveInstalledApp") == 0) { + _app2sd_server_post_move_installed_app(connection, sender, parameters, invocation, sender_uid); } else if (g_strcmp0(method_name, "ForceClean") == 0) { _app2sd_server_force_clean(connection, sender, diff --git a/test/src/test_app2ext.c b/test/src/test_app2ext.c index 32861ad..9cc64e9 100644 --- a/test/src/test_app2ext.c +++ b/test/src/test_app2ext.c @@ -469,18 +469,24 @@ static int app_move() if (ret == APP2EXT_SD_CARD) { printf("pkg %s is in sd card\n", TEST_PKGNAME); printf("pkg %s will be moved to internal memory\n", TEST_PKGNAME); - ret = handle->interface.client_move(TEST_PKGNAME, + ret = handle->interface.client_pre_move(TEST_PKGNAME, dir_list, APP2EXT_MOVE_TO_PHONE); print_error_code(__func__, ret); + ret = handle->interface.client_post_move(TEST_PKGNAME, + APP2EXT_MOVE_TO_PHONE); + print_error_code(__func__, ret); ret_check = app2ext_usr_get_app_location(TEST_PKGNAME, getuid()); if (ret_check == APP2EXT_INTERNAL_MEM) printf("pkg %s is moved to internal memory\n", TEST_PKGNAME); } else if (ret == APP2EXT_INTERNAL_MEM) { printf("pkg %s is in internal memory\n", TEST_PKGNAME); printf("pkg %s will be moved to sd card\n", TEST_PKGNAME); - ret = handle->interface.client_move(TEST_PKGNAME, + ret = handle->interface.client_pre_move(TEST_PKGNAME, dir_list, APP2EXT_MOVE_TO_EXT); print_error_code(__func__, ret); + ret = handle->interface.client_post_move(TEST_PKGNAME, + APP2EXT_MOVE_TO_EXT); + print_error_code(__func__, ret); ret_check = app2ext_usr_get_app_location(TEST_PKGNAME, getuid()); if (ret_check == APP2EXT_SD_CARD) printf("pkg %s is moved to sd card\n", TEST_PKGNAME); -- 2.7.4