From 9796fcd3921bc655ee95ca0cb22ba333b3395832 Mon Sep 17 00:00:00 2001 From: Sunmin Lee Date: Thu, 1 Feb 2018 15:55:12 +0900 Subject: [PATCH] Eliminate libsmack dependency For independence of libtota, remove libsmack dependency. Change-Id: Ibf909e32373a8e7814e4196bfff9cffa5055eab4 Signed-off-by: Sunmin Lee --- CMakeLists.txt | 1 - packaging/libtota.spec | 1 - ss_engine/SS_FSUpdate.c | 102 +++++++++++++++++++++++++++++++++++++++--------- 3 files changed, 84 insertions(+), 20 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 8df6b0f..e403e62 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -41,7 +41,6 @@ INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/bsdiff) INCLUDE(FindPkgConfig) pkg_check_modules(packages REQUIRED - libsmack lib7zip ) diff --git a/packaging/libtota.spec b/packaging/libtota.spec index 9dccfbd..48c629a 100755 --- a/packaging/libtota.spec +++ b/packaging/libtota.spec @@ -7,7 +7,6 @@ License: Apache-2.0 and BSD-2-Clause and BSD-3-Clause and PD Source0: %{name}-%{version}.tar.gz BuildRequires: cmake -BuildRequires: pkgconfig(libsmack) BuildRequires: pkgconfig(lib7zip) %description diff --git a/ss_engine/SS_FSUpdate.c b/ss_engine/SS_FSUpdate.c index 0e004c8..577e698 100755 --- a/ss_engine/SS_FSUpdate.c +++ b/ss_engine/SS_FSUpdate.c @@ -28,7 +28,6 @@ #include #include #include -#include #include #include @@ -40,6 +39,17 @@ static int feature_support_capability; +enum smack_label_type { + SMACK_LABEL_ACCESS, + SMACK_LABEL_EXEC, + SMACK_LABEL_MMAP, + SMACK_LABEL_TRANSMUTE, + SMACK_LABEL_IPIN, + SMACK_LABEL_IPOUT, +}; + +#define SMACK_LABEL_LEN 255 + /************************************************************ * common functions ************************************************************/ @@ -742,6 +752,62 @@ void SS_chtoa(int value, char *str) } } +static inline char *SS_get_xattr_name(enum smack_label_type type) +{ + switch (type) { + case SMACK_LABEL_ACCESS: + return "security.SMACK64"; + case SMACK_LABEL_EXEC: + return "security.SMACK64EXEC"; + case SMACK_LABEL_MMAP: + return "security.SMACK64MMAP"; + case SMACK_LABEL_TRANSMUTE: + return "security.SMACK64TRANSMUTE"; + case SMACK_LABEL_IPIN: + return "security.SMACK64IPIN"; + case SMACK_LABEL_IPOUT: + return "security.SMACK64IPOUT"; + default: + /* Should not reach this point */ + return NULL; + } +} + +int SS_smack_lsetlabel(const char *path, const char *label, enum smack_label_type type) +{ + if (path == NULL) { + LOGE("Path is NULL\n"); + return -1; + } + + char *xattr_name = SS_get_xattr_name(type); + if (xattr_name == NULL) { + LOGE("Failed get xattr name\n"); + return -1; + } + + /* Check validity of labels for LABEL_TRANSMUTE */ + if (type == SMACK_LABEL_TRANSMUTE && label != NULL) { + if (!strncmp(label, "0", strlen("0"))) { + label = NULL; + } else if (!strncmp(label, "1", strlen("0"))) { + label = "TRUE"; + } else { + return -1; + } + } + + if (label == NULL || label[0] == '\0') { + return lremovexattr(path, xattr_name); + } else { + int len = strnlen(label, SMACK_LABEL_LEN + 1); + if (len > SMACK_LABEL_LEN) { + return -1; + } + return lsetxattr(path, xattr_name, label, len, 0); + } +} + /*! ******************************************************************************* * Set file attributes.

@@ -938,71 +1004,71 @@ long SS_SetFileAttributes(const char *ui16pFilePath, // Get Smack value -> Set Smack value if (*smack_attr_pos != '\0') { - smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_ACCESS); - smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_EXEC); - smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_MMAP); - smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_TRANSMUTE); + SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_ACCESS); + SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_EXEC); + SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_MMAP); + SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_TRANSMUTE); psmack = strstr(smack_attr_pos, "access=\""); if (psmack) { memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs)); - memcpy(tmpSmackAttribs, psmack, strlen(psmack)); + memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1); smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr); if (smack_value) { smack_value = strtok_r(NULL, "\"", &saveptr); //LOGL(LOG_SSENGINE, "[SMACK_LABEL_ACCESS] smack_value=%s\n", smack_value); if (smack_value) { - ret = smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_ACCESS); + ret = SS_smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_ACCESS); if (ret < 0) - LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n"); + LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n"); } } } psmack = strstr(smack_attr_pos, "execute=\""); if (psmack) { memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs)); - memcpy(tmpSmackAttribs, psmack, strlen(psmack)); + memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1); smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr); if (smack_value) { smack_value = strtok_r(NULL, "\"", &saveptr); //LOGL(LOG_SSENGINE, "[SMACK_LABEL_EXEC] smack_value=%s\n", smack_value); if (smack_value) { - ret = smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_EXEC); + ret = SS_smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_EXEC); if (ret < 0) - LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n"); + LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n"); } } } psmack = strstr(smack_attr_pos, "mmap=\""); if (psmack) { memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs)); - memcpy(tmpSmackAttribs, psmack, strlen(psmack)); + memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1); smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr); if (smack_value) { smack_value = strtok_r(NULL, "\"", &saveptr); //LOGL(LOG_SSENGINE, "[SMACK_LABEL_MMAP] smack_value=%s\n", smack_value); if (smack_value) { - ret = smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_MMAP); + ret = SS_smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_MMAP); if (ret < 0) - LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n"); + LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n"); } } } psmack = strstr(smack_attr_pos, "transmute=\""); if (psmack) { memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs)); - memcpy(tmpSmackAttribs, psmack, strlen(psmack)); + memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1); smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr); if (smack_value) { smack_value = strtok_r(NULL, "\"", &saveptr); //LOGL(LOG_SSENGINE, "[SMACK_LABEL_TRANSMUTE] smack_value=%s\n", smack_value); if (smack_value) { if (strcasecmp(smack_value, "TRUE") == 0) - ret = smack_lsetlabel(setFilePath, "1", SMACK_LABEL_TRANSMUTE); + ret = SS_smack_lsetlabel(setFilePath, "1", SMACK_LABEL_TRANSMUTE); else - ret = smack_lsetlabel(setFilePath, "0", SMACK_LABEL_TRANSMUTE); + ret = SS_smack_lsetlabel(setFilePath, "0", SMACK_LABEL_TRANSMUTE); if (ret < 0) - LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n"); + LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n"); } } } -- 2.7.4