From e0ddc6052379632e003bfab2b3f685695adcd259 Mon Sep 17 00:00:00 2001 From: Dongwoo Lee Date: Thu, 25 Aug 2022 14:47:00 +0900 Subject: [PATCH 01/16] tools: resource-monitor: Check validation of '-n' option argument Change-Id: I28dc6a85d44455043a56c49bdee824d2590757c0 Signed-off-by: Dongwoo Lee --- tools/resource-monitor/resource-monitor.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/tools/resource-monitor/resource-monitor.c b/tools/resource-monitor/resource-monitor.c index 90dfce9..ebb64f4 100644 --- a/tools/resource-monitor/resource-monitor.c +++ b/tools/resource-monitor/resource-monitor.c @@ -177,8 +177,8 @@ struct resource_data { struct resource_monitor_data { unsigned int pid; unsigned int ppid; - unsigned int secs; - unsigned int max; + int secs; + int max; int mon_id; int num_res; @@ -562,12 +562,20 @@ int main(int argc, char *argv[]) g_data.ppid = atoi(argv[opt + 1]); } else if (!strncmp(argv[opt], "-", 1)) { for (i = 1; *(argv[opt] + i); i++) { + int input; + switch (*(argv[opt] + i)) { case 'd': - g_data.secs = atoi(argv[opt + 1]); + input = atoi(argv[opt + 1]); + if (input < 0 || input >= INT_MAX) + break; + g_data.secs = input; break; case 'n': - g_data.max = atoi(argv[opt + 1]); + input = atoi(argv[opt + 1]); + if (input < 0 || input >= INT_MAX) + break; + g_data.max = input; break; case 'p': g_data.pid = atoi(argv[opt + 1]); -- 2.7.4 From 8292dc63f70199454833f9a14f681b110c33dad1 Mon Sep 17 00:00:00 2001 From: Chanwoo Choi Date: Wed, 24 Aug 2022 14:29:31 +0900 Subject: [PATCH 02/16] resource-monitor: Fix coverity issue Change-Id: I1df8b406efd54de3154d3e26f74b97f5f57b8160 Signed-off-by: Chanwoo Choi --- src/resource/resource-display.c | 3 +++ src/util/resource.c | 3 +++ tools/resource-monitor/resource-monitor.c | 8 +++++++- 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/resource/resource-display.c b/src/resource/resource-display.c index bd3b203..b934f01 100644 --- a/src/resource/resource-display.c +++ b/src/resource/resource-display.c @@ -299,6 +299,9 @@ static int display_init(void) int ret; g_fps_monitor.resource_count = get_resource_device_count(RESOURCE_TYPE_DISPLAY); + if (g_fps_monitor.resource_count < 0) + return g_fps_monitor.resource_count; + g_fps_monitor.last_fps = calloc(g_fps_monitor.resource_count, sizeof(double)); if (!g_fps_monitor.last_fps) return -ENOMEM; diff --git a/src/util/resource.c b/src/util/resource.c index 3e7b828..411cb4b 100644 --- a/src/util/resource.c +++ b/src/util/resource.c @@ -150,6 +150,9 @@ int add_resource_device(struct resource_device *device) return -EINVAL; count = get_resource_device_count(device->type); + if (count < 0) + return count; + device->index = count; g_resource_device_head = diff --git a/tools/resource-monitor/resource-monitor.c b/tools/resource-monitor/resource-monitor.c index ebb64f4..ec3e073 100644 --- a/tools/resource-monitor/resource-monitor.c +++ b/tools/resource-monitor/resource-monitor.c @@ -309,7 +309,7 @@ static inline int get_resource_attr_array_value(struct resource_data *res, int i res->mon_id, res->res_id, res->attrs[idx].id, &array, &length); - if (ret < 0) break; + if (ret < 0 || length < 0) break; memset(buf, 0, BUFF_MAX + 1); for (i = 0; i < length; i++) { @@ -465,6 +465,9 @@ static int resource_monitor_init(void) /* 1. Initialize resource-monitor */ id = pass_resource_monitor_init(); + if (id < 0) + return id; + g_data.mon_id = id; /* 2. Get resource count */ @@ -477,6 +480,9 @@ static int resource_monitor_init(void) continue; } + if (count < 0) + continue; + if (g_resource_type[i].ctrl_val < 0) continue; -- 2.7.4 From 0d1192a635a08a686f7616a96dfca3399fcdc524 Mon Sep 17 00:00:00 2001 From: Dongwoo Lee Date: Thu, 25 Aug 2022 17:04:01 +0900 Subject: [PATCH 03/16] pass: Change the unit for gov_timeout into milliseconds from seconds Since comparing two floating point number variable causes unintended result, it converts type of gov_timeout from double to int, and keeps precison by using unint as milliseconds instead of seconds. for instance, 0.2sec can represent as 200ms, so despite of converting type, users can setup gov_timeout with same precision. Change-Id: Ib8efbca7e5d044a6871e2ef6c23274518cf1875e Signed-off-by: Dongwoo Lee --- src/pass/pass-cpuhp.c | 10 +++++----- src/pass/pass-parser.c | 34 +++++++++++++++++----------------- src/pass/pass.h | 4 ++-- 3 files changed, 24 insertions(+), 24 deletions(-) diff --git a/src/pass/pass-cpuhp.c b/src/pass/pass-cpuhp.c index 7848399..27cfeb6 100644 --- a/src/pass/pass-cpuhp.c +++ b/src/pass/pass-cpuhp.c @@ -170,7 +170,7 @@ static int cpuhp_timer_func(void *result, void *user_data) struct pass_resource *res = user_data; struct pass_level *levels; struct pass_cpuhp *cpuhp; - double curr_gov_timeout, next_gov_timeout; + int curr_gov_timeout, next_gov_timeout; int level; if (!res) { @@ -206,12 +206,12 @@ static int cpuhp_timer_func(void *result, void *user_data) * same as the current one */ if (curr_gov_timeout != next_gov_timeout) { - _I("Change the period of governor timer from %fs to %fs\n", + _I("Change the period of governor timer from %dms to %dms\n", curr_gov_timeout, next_gov_timeout); pass_resmon_update_timer_interval(res, cpuhp->timer_id, - next_gov_timeout * 1000); + next_gov_timeout); } return TRUE; @@ -240,7 +240,7 @@ static void cpuhp_governor_start(struct pass_resource *res) /* Register the resource-monitor for CPUHP module */ ret = pass_resmon_register_timer(res, RESMON_SRC_CPUHP, RESMON_TIMER_PERIODIC, - res->config_data.gov_timeout * 1000, + res->config_data.gov_timeout, cpuhp_timer_func, res); if (ret < 0) { @@ -289,7 +289,7 @@ static int cpuhp_governor_init(struct pass_resource *res) struct pass_cpuhp *cpuhp = &res->cpuhp; if (res->config_data.gov_timeout < 0) { - _E("invalid timeout value [%lf]!", res->config_data.gov_timeout); + _E("invalid timeout value [%d]!", res->config_data.gov_timeout); cpuhp_governor_update(res, PASS_OFF); return -EINVAL; } diff --git a/src/pass/pass-parser.c b/src/pass/pass-parser.c index 0c6d4d3..67e3f51 100644 --- a/src/pass/pass-parser.c +++ b/src/pass/pass-parser.c @@ -45,8 +45,8 @@ #include "pass.h" #define MAX_NUM 255 -#define MIN_TIMEOUT_SEC 0.2 /* 200 millisecond */ -#define MAX_TIMEOUT_SEC 3600.0 /* 1 hour */ +#define MIN_TIMEOUT_MS 200 +#define MAX_TIMEOUT_MS 3600000 /* 1 hour */ #define INIT_VALUE -1 static int compare_compatible_name(const char *compatible, @@ -279,7 +279,7 @@ static int parse_level(struct pass_resource *res, json_object *obj, int num_left_cond_freq; int num_left_cond_nr_running; int num_left_cond_busy_cpu; - double governor_timeout_sec; + int governor_timeout_ms; int fault_around_bytes; int cooling_device_state; int charging_status; @@ -334,8 +334,8 @@ static int parse_level(struct pass_resource *res, json_object *obj, ret += get_property(obj, "hotplug,num_left_cond_busy_cpu", DATA_TYPE_INT, false, (void *)&num_left_cond_busy_cpu); - ret += get_property(obj, "hotplug,governor_timeout_sec", DATA_TYPE_DOUBLE, - false, (void *)&governor_timeout_sec); + ret += get_property(obj, "hotplug,governor_timeout_ms", DATA_TYPE_INT, + false, (void *)&governor_timeout_ms); ret += get_property(obj, "memory,fault_around_bytes", DATA_TYPE_INT, false, (void *)&fault_around_bytes); @@ -418,11 +418,11 @@ static int parse_level(struct pass_resource *res, json_object *obj, if (num_right_cond_busy_cpu >= 0) target_level->right_cond[0].busy_cpu = num_right_cond_busy_cpu; - if (governor_timeout_sec >= 0) { - if (governor_timeout_sec < MIN_TIMEOUT_SEC - || governor_timeout_sec > MAX_TIMEOUT_SEC) - governor_timeout_sec = MIN_TIMEOUT_SEC; - target_level->gov_timeout = governor_timeout_sec; + if (governor_timeout_ms >= 0) { + if (governor_timeout_ms < MIN_TIMEOUT_MS + || governor_timeout_ms > MAX_TIMEOUT_MS) + governor_timeout_ms = MIN_TIMEOUT_MS; + target_level->gov_timeout = governor_timeout_ms; } /* @@ -583,7 +583,7 @@ static int parse_cpuhp(struct pass_resource *res, json_object *obj) { int cpuhp_support; int cpuhp_governor; - double cpuhp_timer_interval_sec; + int cpuhp_timer_interval_ms; int cpuhp_min_level; int cpuhp_max_level; int cpuhp_init_level; @@ -598,8 +598,8 @@ static int parse_cpuhp(struct pass_resource *res, json_object *obj) true, (void *)&cpuhp_support); ret += get_property(obj, "cpuhp_governor", DATA_TYPE_INT, false, (void *)&cpuhp_governor); - ret += get_property(obj, "cpuhp_timer_interval_sec", DATA_TYPE_DOUBLE, - false, (void *)&cpuhp_timer_interval_sec); + ret += get_property(obj, "cpuhp_timer_interval_ms", DATA_TYPE_INT, + false, (void *)&cpuhp_timer_interval_ms); ret += get_property(obj, "cpuhp_min_level", DATA_TYPE_INT, false, (void *)&cpuhp_min_level); ret += get_property(obj, "cpuhp_max_level", DATA_TYPE_INT, @@ -638,10 +638,10 @@ static int parse_cpuhp(struct pass_resource *res, json_object *obj) /* - core */ res->config_data.state = cpuhp_support; res->config_data.gov_type = cpuhp_governor; - res->config_data.gov_timeout = cpuhp_timer_interval_sec; - if (res->config_data.gov_timeout < MIN_TIMEOUT_SEC - || res->config_data.gov_timeout > MAX_TIMEOUT_SEC) - res->config_data.gov_timeout = MIN_TIMEOUT_SEC; + res->config_data.gov_timeout = cpuhp_timer_interval_ms; + if (res->config_data.gov_timeout < MIN_TIMEOUT_MS + || res->config_data.gov_timeout > MAX_TIMEOUT_MS) + res->config_data.gov_timeout = MIN_TIMEOUT_MS; /* - properties for rescon module */ res->rescon.min_level = cpuhp_min_level; diff --git a/src/pass/pass.h b/src/pass/pass.h index 509ed2b..7167688 100644 --- a/src/pass/pass.h +++ b/src/pass/pass.h @@ -176,7 +176,7 @@ struct pass_level { * and this property is used for thefollowing resources: * - PASS_RESOURCE_CPU_ID */ - double gov_timeout; + int gov_timeout; /* Properties for the GOV_RADIATION or GOV_STEP governor */ @@ -518,7 +518,7 @@ struct pass_resource_config_data { /** governor type */ enum pass_gov_type gov_type; /** Interval for periodic timer */ - double gov_timeout; + int gov_timeout; /** Default minimum level */ unsigned int default_min_level; /** default maximum level */ -- 2.7.4 From 976b03ad1e72faa812c418c05d30a59d2295e9b9 Mon Sep 17 00:00:00 2001 From: Dongwoo Lee Date: Thu, 25 Aug 2022 16:34:51 +0900 Subject: [PATCH 04/16] pass: Remove unnecessarily included headers Change-Id: I165330bec604d60a46ebb4fca175671cda701b51 Signed-off-by: Dongwoo Lee --- src/pass/pass-resmon.c | 1 - src/resource/resource-display.c | 2 -- src/resource/resource-memory.c | 2 -- src/util/device-notifier.c | 1 - 4 files changed, 6 deletions(-) diff --git a/src/pass/pass-resmon.c b/src/pass/pass-resmon.c index 2c69bd0..f66f06a 100644 --- a/src/pass/pass-resmon.c +++ b/src/pass/pass-resmon.c @@ -40,7 +40,6 @@ #include #include "pass.h" -#include "pass-hal.h" #include "pass-resmon.h" #include "pass-resmon-internal.h" diff --git a/src/resource/resource-display.c b/src/resource/resource-display.c index b934f01..dcba28b 100644 --- a/src/resource/resource-display.c +++ b/src/resource/resource-display.c @@ -25,8 +25,6 @@ #include #include -#include - #include #include #include diff --git a/src/resource/resource-memory.c b/src/resource/resource-memory.c index c3e89d7..5258cd8 100644 --- a/src/resource/resource-memory.c +++ b/src/resource/resource-memory.c @@ -24,8 +24,6 @@ #include -#include - #include #include #include diff --git a/src/util/device-notifier.c b/src/util/device-notifier.c index dee8c08..ab2c6bf 100644 --- a/src/util/device-notifier.c +++ b/src/util/device-notifier.c @@ -20,7 +20,6 @@ #include #include -#include #define DEVICE_NOTIFIER_MAX_COUNT 255 -- 2.7.4 From cdf81502891c18db5ac00a98d194674093aa2dbb Mon Sep 17 00:00:00 2001 From: Dongwoo Lee Date: Thu, 25 Aug 2022 17:06:18 +0900 Subject: [PATCH 05/16] util: kernel: Use snprintf() instead of sprintf() Change-Id: Ibb145e0928f2b582088a302788a33c586ccc4625 Signed-off-by: Dongwoo Lee --- src/util/kernel.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/kernel.c b/src/util/kernel.c index 240ace0..2171e01 100644 --- a/src/util/kernel.c +++ b/src/util/kernel.c @@ -476,7 +476,7 @@ int kernel_get_thread_group_map_info(struct proc_map_info *map_info, FILE *smaps_fd; bool use_smaps_rollup = have_smaps_rollup && !include_gpu_mem; - sprintf(smap_file_path, "/proc/%d/%s", tgid, use_smaps_rollup ? "smaps_rollup" : "smaps"); + snprintf(smap_file_path, BUFF_MAX - 1, "/proc/%d/%s", tgid, use_smaps_rollup ? "smaps_rollup" : "smaps"); smaps_fd = fopen(smap_file_path, "r"); if (!smaps_fd) { -- 2.7.4 From 13ab4024788b9b68cfef985e7286879805909b4e Mon Sep 17 00:00:00 2001 From: Dongwoo Lee Date: Thu, 25 Aug 2022 14:11:42 +0900 Subject: [PATCH 06/16] util: kernel: Get the name of smaps entry with limited width Since sscanf has no limitation for buffer width and thus it can cause overflows for name buffer, this limits the number of reading characters. Change-Id: I83128e01d9b840d41bb14bfda022e27ee80dd78e Signed-off-by: Dongwoo Lee --- src/util/kernel.c | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/src/util/kernel.c b/src/util/kernel.c index 2171e01..996c83d 100644 --- a/src/util/kernel.c +++ b/src/util/kernel.c @@ -439,28 +439,29 @@ static inline bool is_new_entry(const char *str) return ((*str >= '0' && *str <= '9') || (*str >= 'a' && *str <= 'f')); } -static unsigned long get_gpu_mem_size(FILE *smaps_fd, char *entry) +#define LEN_FORMAT(S) "%" #S "[^\n]" +#define STR_LEN_FORMAT(S) LEN_FORMAT(S) + +static unsigned long get_gpu_mem_size(FILE *smaps_fd, char *buffer) { unsigned long mem_size = 0; char name[BUFF_MAX]; - char buffer[BUFF_MAX]; if (!gpu_mem_node) return 0; new_entry: - sscanf(entry, "%*s %*s %*s %*s %*s %[^\n]", name); + /* parsing name from entry line */ + sscanf(buffer, "%*s %*s %*s %*s %*s" STR_LEN_FORMAT(BUFF_MAX), name); - if (strstr(name, gpu_mem_node->path)) { - while (fgets(buffer, sizeof(buffer), smaps_fd)) { - if (strstr(buffer, gpu_mem_node->node)) - mem_size += strtol(buffer + strlen(gpu_mem_node->node), NULL, 10); + if (!strstr(name, gpu_mem_node->path)) + return mem_size; - if (is_new_entry(buffer)) { - entry = buffer; - goto new_entry; - } - } + while (fgets(buffer, BUFF_MAX, smaps_fd)) { + if (strstr(buffer, gpu_mem_node->node)) + mem_size += strtol(buffer + strlen(gpu_mem_node->node), NULL, 10); + else if (is_new_entry(buffer)) + goto new_entry; } return mem_size; @@ -487,8 +488,10 @@ int kernel_get_thread_group_map_info(struct proc_map_info *map_info, memset(map_info, 0, sizeof(struct proc_map_info)); while (fgets(buffer, sizeof(buffer), smaps_fd)) { - if (include_gpu_mem && is_new_entry(buffer)) + if (include_gpu_mem && is_new_entry(buffer)) { map_info->gpu_mem += get_gpu_mem_size(smaps_fd, buffer); + continue; + } if (strstart(buffer, "Rss:")) map_info->rss += strtol(buffer + 4, NULL, 10); -- 2.7.4 From 5993358225c96b43fb44bb4abdcdddf140f72a30 Mon Sep 17 00:00:00 2001 From: Dongwoo Lee Date: Mon, 29 Aug 2022 23:49:49 -0700 Subject: [PATCH 07/16] tools: resource-monitor: Fix to use proper loop bound Change-Id: I06f4561ea5ba3a626b03da5c8b4e7c6212b0bb9b Signed-off-by: Dongwoo Lee --- tools/resource-monitor/resource-monitor.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tools/resource-monitor/resource-monitor.c b/tools/resource-monitor/resource-monitor.c index ec3e073..ab1ae31 100644 --- a/tools/resource-monitor/resource-monitor.c +++ b/tools/resource-monitor/resource-monitor.c @@ -309,7 +309,14 @@ static inline int get_resource_attr_array_value(struct resource_data *res, int i res->mon_id, res->res_id, res->attrs[idx].id, &array, &length); - if (ret < 0 || length < 0) break; + /* + * Since each array item is represented with %2.2f, they + * occupy 4bytes each at least, for instance, x.xx. So, + * if length is larger than BUFF_MAX/4, it will obviously + * be failed to store in 'buf' and there is no need to proceed. + */ + if (ret < 0 || length < 0 || length > (BUFF_MAX / 4)) + break; memset(buf, 0, BUFF_MAX + 1); for (i = 0; i < length; i++) { -- 2.7.4 From f0776917d1f484d19ef5a31b1431613a0a0d6668 Mon Sep 17 00:00:00 2001 From: Dongwoo Lee Date: Mon, 29 Aug 2022 23:57:18 -0700 Subject: [PATCH 08/16] tests: resource-monitor: Consider failure of monitor_init as fatal Change-Id: Ifd7c90e2e92e7623d01928d933ed3ce7165a567c Signed-off-by: Dongwoo Lee --- tests/integration-test/resource-monitor-tests.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/integration-test/resource-monitor-tests.cpp b/tests/integration-test/resource-monitor-tests.cpp index a17cb3d..62f465f 100644 --- a/tests/integration-test/resource-monitor-tests.cpp +++ b/tests/integration-test/resource-monitor-tests.cpp @@ -71,7 +71,7 @@ TEST_F(ResourceMonitorTest, pass_resource_monitor_get_resource_count_valid) }; int id = pass_resource_monitor_init(); - EXPECT_TRUE(id > 0); + ASSERT_TRUE(id > 0); for (i = 0; i < (int)ARRAY_SIZE(res_types); i++) { int count; @@ -94,7 +94,7 @@ TEST_F(ResourceMonitorTest, pass_resource_monitor_get_resource_count_invalid) }; int id = pass_resource_monitor_init(); - EXPECT_TRUE(id > 0); + ASSERT_TRUE(id > 0); for (i = 0; i < (int)ARRAY_SIZE(res_types); i++) { int count; @@ -118,7 +118,7 @@ TEST_F(ResourceMonitorTest, }; int id = pass_resource_monitor_init(); - EXPECT_TRUE(id > 0); + ASSERT_TRUE(id > 0); int count; int ret = pass_resource_monitor_get_resource_count(id, res_type, &count); -- 2.7.4 From d2f377a50ecaab9ad60b0be0e428711abe318a02 Mon Sep 17 00:00:00 2001 From: Sung-hun Kim Date: Tue, 23 Aug 2022 20:13:57 +0900 Subject: [PATCH 09/16] resource: Add a new property "flag" to attributes To distinguish visibility of resource attributes, a new property is added to each attribute. The visibility of each attribute is pre-defined. Pass allows or rejects user's request for setting interested attributes depends on the combination of the visibility of each resource and the visibility of each attribute. We used a flag variable for representing the visibility of the resource attribute. The flag variable can extend to represent other properties of the resource attribute. Change-Id: Ie48f00f89ec6095e05e9f8fcf395e1ea0da026bb Signed-off-by: Sung-hun Kim --- include/util/resource.h | 5 +++++ src/resource/resource-battery.c | 7 +++++++ src/resource/resource-bus.c | 7 +++++++ src/resource/resource-cpu.c | 7 +++++++ src/resource/resource-disk.c | 5 +++++ src/resource/resource-display.c | 2 ++ src/resource/resource-gpu.c | 7 +++++++ src/resource/resource-memory.c | 9 +++++++++ src/resource/resource-network.c | 1 + src/resource/resource-process-group.c | 11 +++++++++++ src/resource/resource-process.c | 13 +++++++++++++ src/resource/resource-system.c | 8 ++++++++ 12 files changed, 82 insertions(+) diff --git a/include/util/resource.h b/include/util/resource.h index 19a08ab..cd2deb3 100644 --- a/include/util/resource.h +++ b/include/util/resource.h @@ -38,6 +38,10 @@ */ #define RESOURCE_FLAG_PROCESS BIT(1) +/* Flags for resource_attribute */ +#define RESOURCE_ATTR_FLAG_PRIVATE BIT(0) +#define RESOURCE_ATTR_FLAG_PUBLIC BIT(1) + struct resource; struct resource_attribute; @@ -71,6 +75,7 @@ struct resource_attribute { const char name[BUFF_MAX]; const u_int64_t id; const int type; + const u_int64_t flag; const struct resource_attribute_ops ops; }; diff --git a/src/resource/resource-battery.c b/src/resource/resource-battery.c index ed51d39..07699b1 100644 --- a/src/resource/resource-battery.c +++ b/src/resource/resource-battery.c @@ -93,6 +93,7 @@ static const struct resource_attribute battery_attrs[] = { .name = "BATTERY_ATTR_CAPACITY", .id = BATTERY_ATTR_CAPACITY, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = battery_get_info, } @@ -100,6 +101,7 @@ static const struct resource_attribute battery_attrs[] = { .name = "BATTERY_ATTR_STATUS", .id = BATTERY_ATTR_STATUS, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = battery_get_status, } @@ -107,6 +109,7 @@ static const struct resource_attribute battery_attrs[] = { .name = "BATTERY_ATTR_TEMPERATURE", .id = BATTERY_ATTR_TEMPERATURE, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = battery_get_info, } @@ -114,6 +117,7 @@ static const struct resource_attribute battery_attrs[] = { .name = "BATTERY_ATTR_VOLTAGE_NOW", .id = BATTERY_ATTR_VOLTAGE_NOW, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = battery_get_info, } @@ -121,6 +125,7 @@ static const struct resource_attribute battery_attrs[] = { .name = "BATTERY_ATTR_CURRENT_NOW", .id = BATTERY_ATTR_CURRENT_NOW, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = battery_get_info, } @@ -128,6 +133,7 @@ static const struct resource_attribute battery_attrs[] = { .name = "BATTERY_ATTR_PRESENT", .id = BATTERY_ATTR_PRESENT, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = battery_get_info, } @@ -135,6 +141,7 @@ static const struct resource_attribute battery_attrs[] = { .name = "BATTERY_ATTR_ONLINE", .id = BATTERY_ATTR_ONLINE, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = battery_get_info, } diff --git a/src/resource/resource-bus.c b/src/resource/resource-bus.c index 007d1f4..2cbba18 100644 --- a/src/resource/resource-bus.c +++ b/src/resource/resource-bus.c @@ -130,6 +130,7 @@ static const struct resource_attribute bus_attrs[] = { .name = "BUS_ATTR_CUR_FREQ", .id = BUS_ATTR_CUR_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = bus_get_value_from_hal_power, }, @@ -137,6 +138,7 @@ static const struct resource_attribute bus_attrs[] = { .name = "BUS_ATTR_MIN_FREQ", .id = BUS_ATTR_MIN_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = bus_get_value_from_hal_power, }, @@ -144,6 +146,7 @@ static const struct resource_attribute bus_attrs[] = { .name = "BUS_ATTR_MAX_FREQ", .id = BUS_ATTR_MAX_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = bus_get_value_from_hal_power, } @@ -151,6 +154,7 @@ static const struct resource_attribute bus_attrs[] = { .name = "BUS_ATTR_AVAILABLE_MIN_FREQ", .id = BUS_ATTR_AVAILABLE_MIN_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = bus_get_value_from_hal_power, } @@ -158,6 +162,7 @@ static const struct resource_attribute bus_attrs[] = { .name = "BUS_ATTR_AVAILABLE_MAX_FREQ", .id = BUS_ATTR_AVAILABLE_MAX_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = bus_get_value_from_hal_power, } @@ -165,6 +170,7 @@ static const struct resource_attribute bus_attrs[] = { .name = "BUS_ATTR_CUR_GOVERNOR", .id = BUS_ATTR_CUR_GOVERNOR, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = bus_get_string_value, } @@ -172,6 +178,7 @@ static const struct resource_attribute bus_attrs[] = { .name = "BUS_ATTR_NAME", .id = BUS_ATTR_NAME, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = bus_get_string_value, } diff --git a/src/resource/resource-cpu.c b/src/resource/resource-cpu.c index 82ac454..2f316be 100644 --- a/src/resource/resource-cpu.c +++ b/src/resource/resource-cpu.c @@ -129,6 +129,7 @@ static const struct resource_attribute cpu_attrs[] = { .name = "CPU_ATTR_CUR_FREQ", .id = CPU_ATTR_CUR_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = cpu_get_value_from_hal_power, }, @@ -136,6 +137,7 @@ static const struct resource_attribute cpu_attrs[] = { .name = "CPU_ATTR_MIN_FREQ", .id = CPU_ATTR_MIN_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = cpu_get_value_from_hal_power, }, @@ -143,6 +145,7 @@ static const struct resource_attribute cpu_attrs[] = { .name = "CPU_ATTR_MAX_FREQ", .id = CPU_ATTR_MAX_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = cpu_get_value_from_hal_power, } @@ -150,6 +153,7 @@ static const struct resource_attribute cpu_attrs[] = { .name = "CPU_ATTR_AVAILABLE_MIN_FREQ", .id = CPU_ATTR_AVAILABLE_MIN_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = cpu_get_value_from_hal_power, } @@ -157,6 +161,7 @@ static const struct resource_attribute cpu_attrs[] = { .name = "CPU_ATTR_AVAILABLE_MAX_FREQ", .id = CPU_ATTR_AVAILABLE_MAX_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = cpu_get_value_from_hal_power, } @@ -164,6 +169,7 @@ static const struct resource_attribute cpu_attrs[] = { .name = "CPU_ATTR_CUR_GOVERNOR", .id = CPU_ATTR_CUR_GOVERNOR, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = cpu_get_string_value, } @@ -171,6 +177,7 @@ static const struct resource_attribute cpu_attrs[] = { .name = "CPU_ATTR_NAME", .id = CPU_ATTR_NAME, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = cpu_get_string_value, } diff --git a/src/resource/resource-disk.c b/src/resource/resource-disk.c index a28f216..20fce27 100644 --- a/src/resource/resource-disk.c +++ b/src/resource/resource-disk.c @@ -121,6 +121,7 @@ static const struct resource_attribute disk_attrs[] = { .name = "DISK_ATTR_NAME", .id = DISK_ATTR_NAME, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = disk_get_value, }, @@ -128,6 +129,7 @@ static const struct resource_attribute disk_attrs[] = { .name = "DISK_ATTR_READ_PER_SEC", .id = DISK_ATTR_READ_PER_SEC, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = disk_get_value, }, @@ -135,6 +137,7 @@ static const struct resource_attribute disk_attrs[] = { .name = "DISK_ATTR_WRITE_PER_SEC", .id = DISK_ATTR_WRITE_PER_SEC, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = disk_get_value, }, @@ -142,6 +145,7 @@ static const struct resource_attribute disk_attrs[] = { .name = "DISK_ATTR_READ_TOTAL", .id = DISK_ATTR_READ_TOTAL, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = disk_get_value, }, @@ -149,6 +153,7 @@ static const struct resource_attribute disk_attrs[] = { .name = "DISK_ATTR_WRITE_TOTAL", .id = DISK_ATTR_WRITE_TOTAL, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = disk_get_value, }, diff --git a/src/resource/resource-display.c b/src/resource/resource-display.c index dcba28b..ed0f55e 100644 --- a/src/resource/resource-display.c +++ b/src/resource/resource-display.c @@ -184,6 +184,7 @@ static const struct resource_attribute display_attrs[] = { .name = "DISPLAY_ATTR_FPS", .id = DISPLAY_ATTR_FPS, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = display_get_fps, }, @@ -191,6 +192,7 @@ static const struct resource_attribute display_attrs[] = { .name = "DISPLAY_ATTR_NAME", .id = DISPLAY_ATTR_NAME, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = display_get_name, }, diff --git a/src/resource/resource-gpu.c b/src/resource/resource-gpu.c index 5deae14..8e6ac82 100644 --- a/src/resource/resource-gpu.c +++ b/src/resource/resource-gpu.c @@ -130,6 +130,7 @@ static const struct resource_attribute gpu_attrs[] = { .name = "GPU_ATTR_CUR_FREQ", .id = GPU_ATTR_CUR_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = gpu_get_value_from_hal_power, }, @@ -137,6 +138,7 @@ static const struct resource_attribute gpu_attrs[] = { .name = "GPU_ATTR_MIN_FREQ", .id = GPU_ATTR_MIN_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = gpu_get_value_from_hal_power, }, @@ -144,6 +146,7 @@ static const struct resource_attribute gpu_attrs[] = { .name = "GPU_ATTR_MAX_FREQ", .id = GPU_ATTR_MAX_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = gpu_get_value_from_hal_power, } @@ -151,6 +154,7 @@ static const struct resource_attribute gpu_attrs[] = { .name = "GPU_ATTR_AVAILABLE_MIN_FREQ", .id = GPU_ATTR_AVAILABLE_MIN_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = gpu_get_value_from_hal_power, } @@ -158,6 +162,7 @@ static const struct resource_attribute gpu_attrs[] = { .name = "GPU_ATTR_AVAILABLE_MAX_FREQ", .id = GPU_ATTR_AVAILABLE_MAX_FREQ, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = gpu_get_value_from_hal_power, } @@ -165,6 +170,7 @@ static const struct resource_attribute gpu_attrs[] = { .name = "GPU_ATTR_CUR_GOVERNOR", .id = GPU_ATTR_CUR_GOVERNOR, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = gpu_get_string_value, } @@ -172,6 +178,7 @@ static const struct resource_attribute gpu_attrs[] = { .name = "GPU_ATTR_NAME", .id = GPU_ATTR_NAME, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = gpu_get_string_value, } diff --git a/src/resource/resource-memory.c b/src/resource/resource-memory.c index 5258cd8..1ddfa14 100644 --- a/src/resource/resource-memory.c +++ b/src/resource/resource-memory.c @@ -127,6 +127,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_TOTAL", .id = MEMORY_ATTR_TOTAL, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, }, @@ -134,6 +135,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_AVAILABLE", .id = MEMORY_ATTR_AVAILABLE, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, }, @@ -141,6 +143,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_FREE", .id = MEMORY_ATTR_FREE, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, } @@ -148,6 +151,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_BUFFER", .id = MEMORY_ATTR_BUFFER, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, } @@ -155,6 +159,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_CACHED", .id = MEMORY_ATTR_CACHED, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, } @@ -162,6 +167,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_CMA_TOTAL", .id = MEMORY_ATTR_CMA_TOTAL, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, } @@ -169,6 +175,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_CMA_FREE", .id = MEMORY_ATTR_CMA_FREE, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, } @@ -176,6 +183,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_SWAP_TOTAL", .id = MEMORY_ATTR_SWAP_TOTAL, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, } @@ -183,6 +191,7 @@ static const struct resource_attribute memory_attrs[] = { .name = "MEMORY_ATTR_SWAP_FREE", .id = MEMORY_ATTR_SWAP_FREE, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = memory_get_memory_info, } diff --git a/src/resource/resource-network.c b/src/resource/resource-network.c index b05f9ce..016820a 100644 --- a/src/resource/resource-network.c +++ b/src/resource/resource-network.c @@ -67,6 +67,7 @@ static const struct resource_attribute network_attrs[] = { .name = "NETWORK_ATTR_NAME", .id = NETWORK_ATTR_NAME, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = network_get_name, }, diff --git a/src/resource/resource-process-group.c b/src/resource/resource-process-group.c index 5bdbf52..3985ac6 100644 --- a/src/resource/resource-process-group.c +++ b/src/resource/resource-process-group.c @@ -257,6 +257,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_PID_LIST", .id = PROCESS_GROUP_ATTR_PID_LIST, .type = DATA_TYPE_ARRAY, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_pid_list, .is_supported = process_group_check_taskstat_support, @@ -265,6 +266,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_NAME_LIST", .id = PROCESS_GROUP_ATTR_NAME_LIST, .type = DATA_TYPE_ARRAY, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_name_list, .is_supported = process_group_check_taskstat_support, @@ -273,6 +275,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_CPU_UTIL", .id = PROCESS_GROUP_ATTR_CPU_UTIL, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_cpu_util, .is_supported = process_group_check_taskstat_support, @@ -281,6 +284,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_DISK_READ_PER_SEC", .id = PROCESS_GROUP_ATTR_DISK_READ_PER_SEC, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_disk_attrs, .is_supported = process_group_check_taskstat_support, @@ -289,6 +293,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_DISK_WRITE_PER_SEC", .id = PROCESS_GROUP_ATTR_DISK_WRITE_PER_SEC, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_disk_attrs, .is_supported = process_group_check_taskstat_support, @@ -297,6 +302,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_MEM_VIRT", .id = PROCESS_GROUP_ATTR_MEM_VIRT, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_mem, .is_supported = process_group_check_taskstat_support, @@ -305,6 +311,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_MEM_RSS", .id = PROCESS_GROUP_ATTR_MEM_RSS, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_mem, .is_supported = process_group_check_taskstat_support, @@ -313,6 +320,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_MEM_PSS", .id = PROCESS_GROUP_ATTR_MEM_PSS, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_mem, .is_supported = process_group_check_taskstat_support, @@ -321,6 +329,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_MEM_SWAP", .id = PROCESS_GROUP_ATTR_MEM_SWAP, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_mem, .is_supported = process_group_check_taskstat_support, @@ -329,6 +338,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_MEM_SWAP_PSS", .id = PROCESS_GROUP_ATTR_MEM_SWAP_PSS, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_mem, .is_supported = process_group_check_taskstat_support, @@ -337,6 +347,7 @@ static const struct resource_attribute process_group_attrs[] = { .name = "PROCESS_GROUP_ATTR_MEM_GPU", .id = PROCESS_GROUP_ATTR_MEM_GPU, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_group_get_mem, .is_supported = process_group_check_gpu_support, diff --git a/src/resource/resource-process.c b/src/resource/resource-process.c index 4f68a78..f6c2a8b 100644 --- a/src/resource/resource-process.c +++ b/src/resource/resource-process.c @@ -266,6 +266,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_CPU_UTIL", .id = PROCESS_ATTR_CPU_UTIL, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_cpu_util, .is_supported = process_check_taskstat_support, @@ -274,6 +275,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_MEM_VIRT", .id = PROCESS_ATTR_MEM_VIRT, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_mem_attrs, .is_supported = process_check_taskstat_support, @@ -282,6 +284,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_MEM_RSS", .id = PROCESS_ATTR_MEM_RSS, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_mem_attrs, .is_supported = process_check_taskstat_support, @@ -290,6 +293,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_MEM_RSS_PERCENT", .id = PROCESS_ATTR_MEM_RSS_PERCENT, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_mem_attrs, .is_supported = process_check_taskstat_support, @@ -298,6 +302,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_DISK_READ_PER_SEC", .id = PROCESS_ATTR_DISK_READ_PER_SEC, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_disk_attrs, .is_supported = process_check_taskstat_support, @@ -306,6 +311,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_DISK_WRITE_PER_SEC", .id = PROCESS_ATTR_DISK_WRITE_PER_SEC, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_disk_attrs, .is_supported = process_check_taskstat_support, @@ -314,6 +320,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_NAME", .id = PROCESS_ATTR_NAME, .type = DATA_TYPE_STRING, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_context_data, .is_supported = resource_attr_supported_always, @@ -322,6 +329,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_PGID", .id = PROCESS_ATTR_PGID, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_context_data, .is_supported = resource_attr_supported_always, @@ -330,6 +338,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_PPID", .id = PROCESS_ATTR_PPID, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_context_data, .is_supported = resource_attr_supported_always, @@ -338,6 +347,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_MEM_PSS", .id = PROCESS_ATTR_MEM_PSS, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_mem_attrs, .is_supported = resource_attr_supported_always, @@ -346,6 +356,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_MEM_SWAP", .id = PROCESS_ATTR_MEM_SWAP, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_mem_attrs, .is_supported = resource_attr_supported_always, @@ -354,6 +365,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_MEM_SWAP_PSS", .id = PROCESS_ATTR_MEM_SWAP_PSS, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_mem_attrs, .is_supported = resource_attr_supported_always, @@ -362,6 +374,7 @@ static const struct resource_attribute process_attrs[] = { .name = "PROCESS_ATTR_MEM_GPU", .id = PROCESS_ATTR_MEM_GPU, .type = DATA_TYPE_UINT64, + .flag = RESOURCE_ATTR_FLAG_PRIVATE, .ops = { .get = process_get_mem_attrs, .is_supported = process_check_gpu_support, diff --git a/src/resource/resource-system.c b/src/resource/resource-system.c index 42c7d43..010c948 100644 --- a/src/resource/resource-system.c +++ b/src/resource/resource-system.c @@ -186,6 +186,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_CPU_UTIL", .id = SYSTEM_ATTR_CPU_UTIL, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_avg_cpu_util, } @@ -193,6 +194,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_CPU_USER_UTIL", .id = SYSTEM_ATTR_CPU_USER_UTIL, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_avg_cpu_util, } @@ -200,6 +202,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_CPU_SYS_UTIL", .id = SYSTEM_ATTR_CPU_SYS_UTIL, .type = DATA_TYPE_DOUBLE, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_avg_cpu_util, } @@ -207,6 +210,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_PER_CPU_UTIL", .id = SYSTEM_ATTR_PER_CPU_UTIL, .type = DATA_TYPE_ARRAY, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_per_cpu_util, } @@ -214,6 +218,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_PER_CPU_USER_UTIL", .id = SYSTEM_ATTR_PER_CPU_USER_UTIL, .type = DATA_TYPE_ARRAY, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_per_cpu_util, } @@ -221,6 +226,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_PER_CPU_SYS_UTIL", .id = SYSTEM_ATTR_PER_CPU_SYS_UTIL, .type = DATA_TYPE_ARRAY, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_per_cpu_util, } @@ -228,6 +234,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_POSSIBLE_CPU", .id = SYSTEM_ATTR_POSSIBLE_CPU, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_cpu_num, } @@ -235,6 +242,7 @@ static const struct resource_attribute system_attrs[] = { .name = "SYSTEM_ATTR_ONLINE_CPU", .id = SYSTEM_ATTR_ONLINE_CPU, .type = DATA_TYPE_INT, + .flag = RESOURCE_ATTR_FLAG_PUBLIC, .ops = { .get = system_get_cpu_num, } -- 2.7.4 From 5081911ad619e90cf0c1734125b1475698d017f3 Mon Sep 17 00:00:00 2001 From: Sung-hun Kim Date: Tue, 23 Aug 2022 20:27:56 +0900 Subject: [PATCH 10/16] monitor: Add a handler function for REQUEST_SET_RESOURCE_FLAG For users of capi, some information such as process information does not be provided. To distinguish users, we set the visibility of each resource to PUBLIC or PRIVATE due to the user's context. When an user sets the visibility of the resource to PUBLIC and then sets the interest of the resource attribute which has PRIVATE visibility, the pass daemon will reject it and return -EPERM error. Change-Id: I23a6b279aa2983aeb6e88cd51458d0c430e8692b Signed-off-by: Sung-hun Kim --- include/monitor/request.h | 2 ++ include/util/resource.h | 3 +++ lib/resource-monitor/resource-monitor.h | 6 +++++ src/monitor/request-handler.c | 43 +++++++++++++++++++++++++++++++++ src/util/resource.c | 38 +++++++++++++++++++++++++++++ 5 files changed, 92 insertions(+) diff --git a/include/monitor/request.h b/include/monitor/request.h index 1be6279..81b95ea 100644 --- a/include/monitor/request.h +++ b/include/monitor/request.h @@ -47,6 +47,7 @@ enum { REQUEST_GET_RESOURCE_TS, REQUEST_GET_RESOURCE_LIST_JSON, REQUEST_IS_RESOURCE_ATTR_SET, + REQUEST_SET_RESOURCE_FLAG, REQUEST_MAX, }; @@ -72,6 +73,7 @@ static const char request_name[][128] = { "REQUEST_GET_RESOURCE_TS", "REQUEST_GET_RESOURCE_LIST_JSON", "REQUEST_IS_RESOURCE_ATTR_SET", + "REQUEST_SET_RESOURCE_FLAG", "REQUEST_MAX", }; diff --git a/include/util/resource.h b/include/util/resource.h index cd2deb3..028e7c7 100644 --- a/include/util/resource.h +++ b/include/util/resource.h @@ -154,6 +154,9 @@ void remove_resource_device(struct resource_device *resource_device); struct resource *create_resource(int resource_type); void delete_resource(struct resource *resource); +/* Set flag of the resource to given flag mask */ +int set_resource_flag(struct resource *resource, u_int64_t flag_mask); + /* Handle resource control */ int set_resource_control(struct resource *resource, u_int64_t ctrl_id, const void *data); const char *get_resource_control_name(struct resource *resource, u_int64_t ctrl_id); diff --git a/lib/resource-monitor/resource-monitor.h b/lib/resource-monitor/resource-monitor.h index 84d3e9f..5469c09 100644 --- a/lib/resource-monitor/resource-monitor.h +++ b/lib/resource-monitor/resource-monitor.h @@ -47,6 +47,12 @@ extern "C" { #define RESOURCE_TYPE_NONSTANDARD 99 /** + * @brief Resource flags + */ +#define RESOURCE_FLAG_PRIVATE BIT(0) +#define RESOURCE_FLAG_PUBLIC BIT(1) + +/** * @brief Define the supported attributes according to resource type */ diff --git a/src/monitor/request-handler.c b/src/monitor/request-handler.c index 068d950..7a5db8f 100644 --- a/src/monitor/request-handler.c +++ b/src/monitor/request-handler.c @@ -261,6 +261,46 @@ static int handle_request_set_resource_attr(struct request_client *client, char return ret; } +static int handle_request_set_resource_flag(struct request_client *client, char *args) +{ + struct resource *res; + int resource_id, ret; + u_int64_t flag_mask; + + if (!client || !args) { + _E("Invalid parameter\n"); + return -ENOENT; + } + + /** + * Format of REQUEST_SET_RESOURCE_ATTR and REQUEST_UNSET_RESOURCE_ATTR args: + * - + */ + if (sscanf(args, "%d$%"PRIu64, &resource_id, &flag_mask) < 2) { + _E("failed to get resource and flag mask, client(%d)\n", + client->socket_fd); + return -EINVAL; + } + + res = get_resource_by_id(client, resource_id); + if (!res) { + _E("failed to get resource, client(%d) | res:name(%s)id(%d)\n", + client->socket_fd, + get_resource_name(res), resource_id); + return -EINVAL; + } + + ret = set_resource_flag(res, flag_mask); + if (ret < 0) { + _E("failed to set flag to %lx, client(%d) | res:name(%s)id(%d)\n", + flag_mask, client->socket_fd, + get_resource_name(res), resource_id); + return ret; + } + + return 0; +} + static int handle_request_is_resource_attr_supported(struct request_client *client, char *args, bool *supported) { struct resource *res; @@ -763,6 +803,9 @@ static int handle_request(struct request_client *client, char *request) case REQUEST_UPDATE_RESOURCE: ret = handle_request_update_resource(client, args); break; + case REQUEST_SET_RESOURCE_FLAG: + ret = handle_request_set_resource_flag(client, args); + break; case REQUEST_GET_RESOURCE_COUNT: { int32_t value; diff --git a/src/util/resource.c b/src/util/resource.c index 411cb4b..46a8e04 100644 --- a/src/util/resource.c +++ b/src/util/resource.c @@ -25,6 +25,8 @@ #include #include +#include + #define RESOURCE_ATTR_MASK (ULLONG_MAX) #define BIT64_INDEX(id) (63 - __builtin_clzll(id)) #define RESOURCE_ATTR_INDEX(id) BIT64_INDEX(id) @@ -45,6 +47,8 @@ struct resource { u_int64_t attr_interest; u_int64_t attr_supported; + u_int64_t flag; + int64_t ts_start; int64_t ts_end; }; @@ -259,6 +263,7 @@ struct resource *create_resource(int resource_type) resource->ctrls = driver->ctrls; resource->num_ctrls = driver->num_ctrls; + resource->flag = RESOURCE_FLAG_PRIVATE; if (driver->ops.create) { ret = driver->ops.create(resource); @@ -273,6 +278,15 @@ struct resource *create_resource(int resource_type) return resource; } +int set_resource_flag(struct resource *resource, u_int64_t flag_mask) +{ + if (!resource) + return -EINVAL; + + resource->flag = flag_mask; + return 0; +} + int set_resource_control(struct resource *resource, u_int64_t ctrl_id, const void *data) { const struct resource_control *ctrl; @@ -928,6 +942,23 @@ int get_resource_attr_ptr(struct resource *resource, u_int64_t attr_id, void **d return 0; } +#define RESOURCE_FLAG_VISIBILITY_MASK (RESOURCE_FLAG_PRIVATE | RESOURCE_FLAG_PUBLIC) +#define RESOURCE_ATTR_FLAG_VISIBILITY_MASK (RESOURCE_ATTR_FLAG_PRIVATE | RESOURCE_ATTR_FLAG_PUBLIC) + +static inline bool is_resource_attr_visible(struct resource *resource, const struct resource_attribute *attr) +{ + u_int64_t res_visibility, attr_visibility; + + res_visibility = resource->flag & RESOURCE_FLAG_VISIBILITY_MASK; + attr_visibility = attr->flag & RESOURCE_ATTR_FLAG_VISIBILITY_MASK; + + /* bigger visibility means smaller privilege */ + if (res_visibility > attr_visibility) + return false; + + return true; +} + int set_resource_attr_interest(struct resource *resource, u_int64_t interest_mask) { struct resource_attribute_value *attr_value; @@ -950,6 +981,13 @@ int set_resource_attr_interest(struct resource *resource, u_int64_t interest_mas goto err; } + if (!is_resource_attr_visible(resource, &resource->attrs[i])) { + _E("res:name(%s) does not have enough privilege to read the attr:name(%s)", + resource->name, resource->attrs[i].name); + ret = -EPERM; + goto err; + } + attr_value = get_resource_attr_value(resource, resource->attrs[i].id); if (!attr_value) { _E("failed to get attribute value, res:type(%s) | attr:name(%s)", -- 2.7.4 From 7f6f9f0094b0d4bf47b6890236591182a5cc3ab6 Mon Sep 17 00:00:00 2001 From: Sung-hun Kim Date: Tue, 23 Aug 2022 20:45:57 +0900 Subject: [PATCH 11/16] lib: Add pass_resource_monitor_set_resource_flag By using the added function, the user of libpass can set the resource as PUBLIC. Note that, the error will be thrown at pass_resource_monitor_set_resource_attr, not at pass_resource_monitor_set_resource_flag. Change-Id: Id012ca5cf2eca90653a17c85b86e6a1913b86d35 Signed-off-by: Sung-hun Kim --- lib/resource-monitor/resource-monitor.c | 19 +++++++++++++++++++ lib/resource-monitor/resource-monitor.h | 9 +++++++++ 2 files changed, 28 insertions(+) diff --git a/lib/resource-monitor/resource-monitor.c b/lib/resource-monitor/resource-monitor.c index d22540e..062bfad 100644 --- a/lib/resource-monitor/resource-monitor.c +++ b/lib/resource-monitor/resource-monitor.c @@ -100,6 +100,7 @@ struct request_data { int resource_type; u_int64_t ctrl_id; int ctrl_value; + u_int64_t flag_mask; u_int64_t attr_mask; u_int64_t attr_id; @@ -164,6 +165,10 @@ static inline int handle_request(struct request_data *data) buffer_len = sprintf(buffer, "%d$%d", data->request, data->resource_id); break; + case REQUEST_SET_RESOURCE_FLAG: + buffer_len = sprintf(buffer, "%d$%d$%"PRIu64, + data->request, data->resource_id, data->flag_mask); + break; default: _E("[libpass] Unknown request type, client(%d) | request(%d)", data->client_id, data->request); @@ -234,6 +239,7 @@ static inline int handle_request(struct request_data *data) case REQUEST_UPDATE_RESOURCE: case REQUEST_DELETE_RESOURCE: case REQUEST_CREATE_RESOURCE: + case REQUEST_SET_RESOURCE_FLAG: case REQUEST_SET_RESOURCE_CTRL: case REQUEST_SET_RESOURCE_ATTR: case REQUEST_UNSET_RESOURCE_ATTR: @@ -384,6 +390,19 @@ int pass_resource_monitor_delete_resource(int id, int resource_id) } EXPORT +int pass_resource_monitor_set_resource_flag(int id, int resource_id, u_int64_t flag_mask) +{ + struct request_data request = { + .request = REQUEST_SET_RESOURCE_FLAG, + .client_id = id, + .resource_id = resource_id, + .flag_mask = flag_mask, + }; + + return handle_request(&request); +} + +EXPORT int pass_resource_monitor_set_resource_ctrl(int id, int resource_id, u_int64_t ctrl_id, int value) { struct request_data request = { diff --git a/lib/resource-monitor/resource-monitor.h b/lib/resource-monitor/resource-monitor.h index 5469c09..5c149ad 100644 --- a/lib/resource-monitor/resource-monitor.h +++ b/lib/resource-monitor/resource-monitor.h @@ -210,6 +210,15 @@ int pass_resource_monitor_create_resource(int id, int resource_type); int pass_resource_monitor_delete_resource(int id, int resource_id); /** + * @brief Set flag of resource of the given resource id to given flag mask + * @param[in] Resource monitor id which be returnted by pass_resource_monitor_init + * @param[in] Resource id + * @param[in] Flag mask including the resource visibility + * @return @c 0 on success, otherwise a negative error value + */ +int pass_resource_monitor_set_resource_flag(int id, int resource_id, u_int64_t flag_mask); + +/** * @brief Set the resource control with value which is diffierential according to resource control id * @param[in] Resource monitor id * @param[in] Resource id -- 2.7.4 From 6758451e0878c8384db5e7a1f6cb3f5b14d8c0ba Mon Sep 17 00:00:00 2001 From: Sung-hun Kim Date: Mon, 29 Aug 2022 15:41:39 +0900 Subject: [PATCH 12/16] tests: resource-monitor-tests: Add a test for pass_resource_monitor_set_resource_flag Add a test for newly added operation which is used for distinguishing PRIVATE and PUBLIC resources. Change-Id: I56d6eed1e68a292aee8075041d402bc7a8a6bb6c Signed-off-by: Sung-hun Kim --- tests/integration-test/resource-monitor-tests.cpp | 28 +++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/integration-test/resource-monitor-tests.cpp b/tests/integration-test/resource-monitor-tests.cpp index 62f465f..8d62db8 100644 --- a/tests/integration-test/resource-monitor-tests.cpp +++ b/tests/integration-test/resource-monitor-tests.cpp @@ -165,6 +165,34 @@ TEST_F(ResourceMonitorTest, EXPECT_EQ(ret, 0); } +TEST_F(ResourceMonitorTest, + pass_resource_monitor_set_resource_flag_invalid) +{ + int ret; + int res_type = RESOURCE_TYPE_PROCESS; /* RESOURCE_TYPE_PROCESS has private visibility */ + u_int64_t res_attr_id = PROCESS_ATTR_CPU_UTIL; + u_int64_t ctrl_id = PROCESS_CTRL_TGID; + + int id = pass_resource_monitor_init(); + EXPECT_TRUE(id > 0); + + int res_id = pass_resource_monitor_create_resource(id, res_type); + ret = pass_resource_monitor_set_resource_flag(id, res_id, RESOURCE_FLAG_PUBLIC); + EXPECT_EQ(ret, 0); + + ret = pass_resource_monitor_set_resource_ctrl(id, res_id, ctrl_id, getpid()); + EXPECT_EQ(ret, 0); + + ret = pass_resource_monitor_set_resource_attr(id, res_id, res_attr_id); + EXPECT_EQ(ret, -EPERM); + + ret = pass_resource_monitor_delete_resource(id, res_id); + EXPECT_EQ(ret, 0); + + ret = pass_resource_monitor_exit(id); + EXPECT_EQ(ret, 0); +} + struct resource_attr_info { u_int64_t attr_id; int attr_type; -- 2.7.4 From 17e5855e7e01907f037df092f95078dd7dad6fbf Mon Sep 17 00:00:00 2001 From: Chanwoo Choi Date: Wed, 31 Aug 2022 22:48:39 +0900 Subject: [PATCH 13/16] monitor: request-handler: Fix build error Fix the following build error by using the proper output type when printing the error log. 45s] /home/abuild/rpmbuild/BUILD/pass-2.0.0/src/monitor/request-handler.c:295:31: note: format string is defined here [ 45s] 295 | _E("failed to set flag to %lx, client(%d) | res:name(%s)id(%d)\n", [ 45s] | ~~^ [ 45s] | | [ 45s] | long unsigned int [ 45s] | %llx Change-Id: I401b2b912ed71d40b8e4a0f06d42d6b9b01c4837 Signed-off-by: Chanwoo Choi --- src/monitor/request-handler.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/monitor/request-handler.c b/src/monitor/request-handler.c index 7a5db8f..5d30833 100644 --- a/src/monitor/request-handler.c +++ b/src/monitor/request-handler.c @@ -292,7 +292,7 @@ static int handle_request_set_resource_flag(struct request_client *client, char ret = set_resource_flag(res, flag_mask); if (ret < 0) { - _E("failed to set flag to %lx, client(%d) | res:name(%s)id(%d)\n", + _E("failed to set flag to %"PRIu64", client(%d) | res:name(%s)id(%d)\n", flag_mask, client->socket_fd, get_resource_name(res), resource_id); return ret; -- 2.7.4 From b5d308519f733d24c0d9623ee3855b4271d21c5c Mon Sep 17 00:00:00 2001 From: Sung-hun Kim Date: Thu, 1 Sep 2022 14:02:05 +0900 Subject: [PATCH 14/16] util: resource: Change error code from -EPERM to -EACCES To match Tizen error code, I changed -EPERM to -EACCES. Which corresponds to TIZEN_ERROR_PERMISSION_DENIED. Change-Id: I1d3675435eba319637710c4cef3981398e7ab96a Signed-off-by: Sung-hun Kim --- src/util/resource.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/resource.c b/src/util/resource.c index 46a8e04..cfb9e94 100644 --- a/src/util/resource.c +++ b/src/util/resource.c @@ -984,7 +984,7 @@ int set_resource_attr_interest(struct resource *resource, u_int64_t interest_mas if (!is_resource_attr_visible(resource, &resource->attrs[i])) { _E("res:name(%s) does not have enough privilege to read the attr:name(%s)", resource->name, resource->attrs[i].name); - ret = -EPERM; + ret = -EACCES; goto err; } -- 2.7.4 From fac3dcb3501756666b3a987fc299243de123a1ab Mon Sep 17 00:00:00 2001 From: Chanwoo Choi Date: Thu, 1 Sep 2022 15:34:57 +0900 Subject: [PATCH 15/16] util: privilege: Add is_privilege_supported function is_privilege_supported checks privilege permission of self process. Change-Id: Ife85a74a494e12de1e1418036d8c84d389518c4b Signed-off-by: Chanwoo Choi --- include/util/privilege.h | 26 +++++++++++++++++ packaging/pass.spec | 2 ++ src/util/privilege.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 include/util/privilege.h create mode 100644 src/util/privilege.c diff --git a/include/util/privilege.h b/include/util/privilege.h new file mode 100644 index 0000000..c1bd97f --- /dev/null +++ b/include/util/privilege.h @@ -0,0 +1,26 @@ +/* + * PASS + * + * Copyright (c) 2022 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __PRIVILEGE_H__ +#define __PRIVILEGE_H__ + +#include + +bool is_privilege_supported(const char *privilege_name); + +#endif diff --git a/packaging/pass.spec b/packaging/pass.spec index bde3967..4444495 100644 --- a/packaging/pass.spec +++ b/packaging/pass.spec @@ -27,6 +27,8 @@ BuildRequires: pkgconfig(libnl-3.0) BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(json-c) BuildRequires: pkgconfig(hal-api-power) +BuildRequires: pkgconfig(cynara-client) +BuildRequires: pkgconfig(cynara-session) %description PASS (Power-Aware System Service) diff --git a/src/util/privilege.c b/src/util/privilege.c new file mode 100644 index 0000000..d577223 --- /dev/null +++ b/src/util/privilege.c @@ -0,0 +1,75 @@ +/* + * PASS (Power Aware System Service) + * + * Copyright (c) 2022 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include + +#include +#include + +#include +#include +#include + +extern char *program_invocation_name; + +bool is_privilege_supported(const char *privilege_name) +{ + cynara *cynara = NULL; + FILE *fp = NULL; + char uid[16]; + char *session = NULL; + char smack_label[BUFF_MAX] = {0, }; + int ret; + + if (cynara_initialize(&cynara, NULL) != CYNARA_API_SUCCESS) { + _E("failed to initialize cynara"); + return false; + } + + fp = fopen("/proc/self/attr/current", "r"); + if (fp != NULL) { + int ch = 0; + int idx = 0; + while (EOF != (ch = fgetc(fp))) { + smack_label[idx] = ch; + idx++; + } + fclose(fp); + } + + pid_t pid = getpid(); + session = cynara_session_from_pid(pid); + snprintf(uid, 16, "%d", getuid()); + uid[15] = '\0'; + + ret = cynara_check(cynara, smack_label, session, uid, privilege_name); + if (session) + free(session); + if (cynara) + cynara_finish(cynara); + if (ret != CYNARA_API_ACCESS_ALLOWED) { + _E("'%s' privilege is not supported on %s", + privilege_name, program_invocation_name); + return false; + } + + return true; +} -- 2.7.4 From fccfb02d128c9504e0ba1182416e7e86c8a5a310 Mon Sep 17 00:00:00 2001 From: Chanwoo Choi Date: Thu, 1 Sep 2022 15:36:41 +0900 Subject: [PATCH 16/16] lib: resource-monitor: Check systemmonitor privilege In order to prevent the unauthorized client, check the systemmonitor privilege[1] . [1] http://tizen.org/privilege/systemmonitor For example of rejection when don't have systemmonitor privilege - Connect sdb without root and then executes resource-monitor/resource-monitor-tests. In result, cannot use the resource monitor. I checked it the log as following: E/PASS ( 1395): privilege.c: is_privilege_supported(69) > 'http://tizen.org/privilege/systemmonitor' privilege is not supported on resource-monitor E/PASS ( 1395): privilege.c: is_privilege_supported(69) > 'http://tizen.org/privilege/systemmonitor' privilege is not supported on resource-monitor (snip) E/PASS ( 1429): privilege.c: is_privilege_supported(69) > 'http://tizen.org/privilege/systemmonitor' privilege is not supported on resource-monitor-tests E/PASS ( 1429): privilege.c: is_privilege_supported(69) > 'http://tizen.org/privilege/systemmonitor' privilege is not supported on resource-monitor-tests Change-Id: I77531ca1717b3592f0803cc585e0f205c46edcee Signed-off-by: Chanwoo Choi --- lib/CMakeLists.txt | 7 ++++++- lib/resource-monitor/resource-monitor.c | 18 ++++++++++++++++++ tests/integration-test/CMakeLists.txt | 3 +++ tools/resource-monitor/CMakeLists.txt | 3 +++ 4 files changed, 30 insertions(+), 1 deletion(-) diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index 78a3b9c..fd2f3d1 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -17,6 +17,8 @@ SET(PKG_MODULES dlog gio-2.0 glib-2.0 + cynara-client + cynara-session ) INCLUDE(FindPkgConfig) @@ -31,7 +33,10 @@ SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -g -fno-omit-frame-pointer -finstrument-functi SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -lrt") SET(CMAKE_EXE_LINKER_FLAGS "-pie") -SET(SRCS ./resource-monitor/resource-monitor.c) +SET(SRCS + ${CMAKE_SOURCE_DIR}/src/util/privilege.c + ${CMAKE_SOURCE_DIR}/lib/resource-monitor/resource-monitor.c +) ADD_LIBRARY( ${PROJECT_NAME} SHARED ${SRCS}) TARGET_LINK_LIBRARIES( ${PROJECT_NAME} ${pkgs_LDFLAGS} -ldl -Wl,-z,nodelete,--no-undefined) diff --git a/lib/resource-monitor/resource-monitor.c b/lib/resource-monitor/resource-monitor.c index 062bfad..e7b567e 100644 --- a/lib/resource-monitor/resource-monitor.c +++ b/lib/resource-monitor/resource-monitor.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include @@ -38,6 +39,8 @@ #include "resource-monitor.h" +#define PRIVILEGE_SYSTEMMONITOR "http://tizen.org/privilege/systemmonitor" + #define REQUEST_SERVER_IP "127.0.0.1" #define REQUEST_SERVER_PORT 10001 @@ -125,6 +128,9 @@ static inline int handle_request(struct request_data *data) if (!data) return TIZEN_ERROR_INVALID_PARAMETER; + if (!is_privilege_supported(PRIVILEGE_SYSTEMMONITOR)) + return TIZEN_ERROR_PERMISSION_DENIED; + /* Make buffer with struct request_data according to request */ switch (data->request) { case REQUEST_UPDATE_RESOURCE_ALL: @@ -290,6 +296,9 @@ int pass_resource_monitor_init(void) struct sockaddr_in server_addr; int ret = TIZEN_ERROR_NO_DATA; + if (!is_privilege_supported(PRIVILEGE_SYSTEMMONITOR)) + return TIZEN_ERROR_PERMISSION_DENIED; + client = malloc(sizeof(struct pass_resource_monitor_client)); if (!client) { _E("[libpass] failed to allocate memory"); @@ -334,6 +343,9 @@ int pass_resource_monitor_exit(int id) { struct pass_resource_monitor_client *client; + if (!is_privilege_supported(PRIVILEGE_SYSTEMMONITOR)) + return TIZEN_ERROR_PERMISSION_DENIED; + client = find_client_by_id(id); if (!client) { _E("[libpass] cannot find client-%d", id); @@ -506,6 +518,9 @@ static int pass_resource_monitor_get_json(int id, char *json_string, int request char *buffer; va_list args; + if (!is_privilege_supported(PRIVILEGE_SYSTEMMONITOR)) + return TIZEN_ERROR_PERMISSION_DENIED; + buffer = malloc(HUGE_BUFF_MAX + 1); if (!buffer) return TIZEN_ERROR_OUT_OF_MEMORY; @@ -705,6 +720,9 @@ pass_resource_monitor_get_array(int id, int res_id, u_int64_t attr_id, int data_ int response_req; int ret, i; + if (!is_privilege_supported(PRIVILEGE_SYSTEMMONITOR)) + return TIZEN_ERROR_PERMISSION_DENIED; + buffer = malloc(HUGE_BUFF_MAX + 1); if (!buffer) return TIZEN_ERROR_OUT_OF_MEMORY; diff --git a/tests/integration-test/CMakeLists.txt b/tests/integration-test/CMakeLists.txt index 69ec8ff..24600cd 100644 --- a/tests/integration-test/CMakeLists.txt +++ b/tests/integration-test/CMakeLists.txt @@ -3,6 +3,7 @@ PROJECT(pass C CXX) SET(SRCS ${CMAKE_SOURCE_DIR}/src/pass/pass-hal.c ${CMAKE_SOURCE_DIR}/src/pass/pass-parser.c ${CMAKE_SOURCE_DIR}/src/util/common.c + ${CMAKE_SOURCE_DIR}/src/util/privilege.c ${CMAKE_SOURCE_DIR}/lib/resource-monitor/resource-monitor.c ) @@ -20,6 +21,8 @@ pkg_check_modules(gtest_pkgs REQUIRED dlog json-c hal-api-power + cynara-client + cynara-session ) FOREACH(flag ${gtest_pkgs_CFLAGS}) diff --git a/tools/resource-monitor/CMakeLists.txt b/tools/resource-monitor/CMakeLists.txt index 3e28063..8746e13 100644 --- a/tools/resource-monitor/CMakeLists.txt +++ b/tools/resource-monitor/CMakeLists.txt @@ -2,6 +2,7 @@ PROJECT(pass C CXX) SET(SRCS ${CMAKE_SOURCE_DIR}/src/util/common.c + ${CMAKE_SOURCE_DIR}/src/util/privilege.c ${CMAKE_SOURCE_DIR}/lib/resource-monitor/resource-monitor.c ) @@ -17,6 +18,8 @@ pkg_check_modules(gtest_pkgs REQUIRED gio-2.0 dlog json-c + cynara-client + cynara-session ) FOREACH(flag ${gtest_pkgs_CFLAGS}) -- 2.7.4