From c753485c167a8a10512e5502be5449c362a695be Mon Sep 17 00:00:00 2001 From: greatim Date: Fri, 2 Dec 2016 09:30:15 +0900 Subject: [PATCH 01/16] fix a bug (free the static buffer) fix a bug (free the static buffer) Change-Id: If31caa5c8ff36ae7658bb33daa1df07e20f053be Signed-off-by: greatim --- src/plugin_encrypt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/plugin_encrypt.c b/src/plugin_encrypt.c index e8a96a3..51df016 100644 --- a/src/plugin_encrypt.c +++ b/src/plugin_encrypt.c @@ -200,6 +200,8 @@ int security_encrypt(const int nSessionID, apacket* pApacket) release_parameters ( &out ); } + // avoid to free + in.array_of_parameter[1].v_chunk.data = NULL; release_parameters ( &in ); return success; } @@ -228,6 +230,8 @@ int security_decrypt(const int nSessionID, apacket* pApacket) release_parameters ( &out ); } + // avoid to free + in.array_of_parameter[1].v_chunk.data = NULL; release_parameters ( &in ); return success; } -- 2.7.4 From e8b8b9b96255b8bf5f8a838bff20ae12fe9f763d Mon Sep 17 00:00:00 2001 From: greatim Date: Mon, 5 Dec 2016 10:13:14 +0900 Subject: [PATCH 02/16] disable printing log in emulator by default disable printing log in emulator by default Change-Id: I88ad00f7824b055847e0dcb8d580675334e12d7b Signed-off-by: greatim --- src/default_plugin_basic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/default_plugin_basic.c b/src/default_plugin_basic.c index 81f313c..91d8df2 100644 --- a/src/default_plugin_basic.c +++ b/src/default_plugin_basic.c @@ -73,7 +73,7 @@ int get_plugin_capability ( parameters* in, parameters* out ) } else if ( capability == CAPABILITY_PRODUCT_VER ) { make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", PLUGIN_RET_UNKNOWN ); } else if ( capability == CAPABILITY_LOG_ENABLE ) { - make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", PLUGIN_RET_ENABLED ); + make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", PLUGIN_RET_DISABLED ); } else if ( capability == CAPABILITY_LOG_PATH ) { make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", LOG_DIRECTORY ); } else if ( capability == CAPABILITY_APPCMD ) { -- 2.7.4 From 8ca22287c6a2e16dda0f07290e50c442dc924de7 Mon Sep 17 00:00:00 2001 From: greatim Date: Wed, 7 Dec 2016 15:46:39 +0900 Subject: [PATCH 03/16] fix potential bugs fix potential bugs 1. NO_LOCK.STAT for errno in log.h 2. NULL_AFTER_DEREF by asprintf Change-Id: I3470fd2d8d0b86c3417add3657a38b45d1222626 Signed-off-by: greatim --- src/log.h | 9 ++++----- src/services.c | 11 ++++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/log.h b/src/log.h index 3d55707..f237e15 100644 --- a/src/log.h +++ b/src/log.h @@ -73,27 +73,26 @@ void sdb_qemu_trace(const char* fmt, ...); # define D(...) \ do { \ if (SDB_TRACING) { \ - int save_errno = errno; \ sdb_mutex_lock(&D_lock); \ + int save_errno = errno; \ fprintf(stderr, "%s::%s():", \ __FILE__, __FUNCTION__); \ errno = save_errno; \ fprintf(stderr, __VA_ARGS__ ); \ fflush(stderr); \ - sdb_mutex_unlock(&D_lock); \ errno = save_errno; \ + sdb_mutex_unlock(&D_lock); \ } \ } while (0) # define DR(...) \ do { \ if (SDB_TRACING) { \ - int save_errno = errno; \ sdb_mutex_lock(&D_lock); \ - errno = save_errno; \ + int save_errno = errno; \ fprintf(stderr, __VA_ARGS__ ); \ fflush(stderr); \ - sdb_mutex_unlock(&D_lock); \ errno = save_errno; \ + sdb_mutex_unlock(&D_lock); \ } \ } while (0) #else diff --git a/src/services.c b/src/services.c index d2d1500..4395a1d 100644 --- a/src/services.c +++ b/src/services.c @@ -338,12 +338,13 @@ void inoti_service(int fd, void *arg) if (event->mask & IN_CREATE) { if (!(event->mask & IN_ISDIR)) { char *cspath = NULL; - int len = asprintf(&cspath, "%s/%s", CS_PATH, - event->name); - D( "The file %s was created.\n", cspath); - writex(fd, cspath, len); - if (cspath != NULL) { + int len = asprintf(&cspath, "%s/%s", CS_PATH, event->name); + if (len >= 0) { + D( "The file %s was created.\n", cspath); + writex(fd, cspath, len); free(cspath); + } else { + D( "asprintf was failed\n" ); } } } -- 2.7.4 From f7a9e14ff28fdb099abbfba917a2d135e354c080 Mon Sep 17 00:00:00 2001 From: Kim Gunsoo Date: Wed, 9 Dec 2015 13:59:27 +0900 Subject: [PATCH 04/16] Modify the packet size in transport protocol. - increase the transport packet size. (4KB -> 256KB) - read USB transport packet as 4KB block repeatedly Change-Id: I949ff050e51b907523922104bd5683b1132f2b2c Signed-off-by: Kim Gunsoo --- src/sdb.c | 15 ++++++++++++++- src/sdb.h | 9 +++++++-- src/sockets.c | 29 ++++++++++++++++++++++------- src/transport.c | 9 ++++++--- src/transport_local.c | 2 +- src/transport_usb.c | 2 +- src/usb_linux_client.c | 30 +++++++++++++++++++----------- src/utils.h | 8 ++++++++ 8 files changed, 78 insertions(+), 26 deletions(-) diff --git a/src/sdb.c b/src/sdb.c index ac7f573..017bfb0 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -543,7 +543,7 @@ static void send_connect(atransport *t) cp->msg.command = A_CNXN; cp->msg.arg0 = A_VERSION; #ifdef SUPPORT_ENCRYPT - cp->msg.arg1 = MAX_PAYLOAD - 100; // connection 시, sdb server의 패킷 크기를 암호화 오버로드 만큼 줄임 + cp->msg.arg1 = MAX_PAYLOAD - 100; // connection 시, sdb server의 패킷 크기를 암호화 오버로드 만큼 줄임 #else cp->msg.arg1 = MAX_PAYLOAD; #endif @@ -794,6 +794,18 @@ void parse_banner(char *banner, atransport *t) t->connection_state = CS_HOST; } +static void update_version(atransport *t, int version, size_t payload) +{ +#ifdef SUPPORT_ENCRYPT + size_t max_payload = MAX_PAYLOAD - 100; +#else + size_t max_payload = MAX_PAYLOAD; +#endif + t->protocol_version = min(version, A_VERSION); + t->max_payload = min(payload, max_payload); + D("update transport version. version=%x, max_payload=%d\n", t->protocol_version, t->max_payload); +} + void handle_packet(apacket *p, atransport *t) { // Verify pointer p @@ -829,6 +841,7 @@ void handle_packet(apacket *p, atransport *t) t->connection_state = CS_OFFLINE; handle_offline(t); } + update_version(t, p->msg.arg0, p->msg.arg1); parse_banner((char*) p->data, t); handle_online(); if(!HOST) send_connect(t); diff --git a/src/sdb.h b/src/sdb.h index 348a7eb..226da64 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -28,7 +28,9 @@ #endif #include -#define MAX_PAYLOAD 4096 +#define MAX_PAYLOAD_V1 (4*1024) +#define MAX_PAYLOAD_V2 (256*1024) +#define MAX_PAYLOAD MAX_PAYLOAD_V2 #define A_SYNC 0x434e5953 #define A_CNXN 0x4e584e43 @@ -212,6 +214,8 @@ struct atransport /* a list of adisconnect callbacks called when the transport is kicked */ int kicked; adisconnect disconnects; + int protocol_version; + size_t max_payload; #ifdef SUPPORT_ENCRYPT unsigned encryption; // 해당 연결이 암호화 모드인지 확인하는 flag , 0 = no-encryption / 1 = encryption @@ -308,6 +312,7 @@ asocket *create_local_service_socket(const char *destination); asocket *create_remote_socket(unsigned id, atransport *t); void connect_to_remote(asocket *s, const char *destination); void connect_to_smartsocket(asocket *s); +size_t asock_get_max_payload(asocket *s); void fatal(const char *fmt, ...); void fatal_errno(const char *fmt, ...); @@ -428,7 +433,7 @@ int get_emulator_guestip(char str[], int str_size); apacket *get_apacket(void); void put_apacket(apacket *p); -int check_header(apacket *p); +int check_header(apacket *p, atransport *t); int check_data(apacket *p); #if !TRACE_PACKETS diff --git a/src/sockets.c b/src/sockets.c index 801ff42..71d646d 100644 --- a/src/sockets.c +++ b/src/sockets.c @@ -28,6 +28,7 @@ #include "sdb.h" #include "strutils.h" +#include "utils.h" SDB_MUTEX_DEFINE( socket_list_lock ); @@ -322,10 +323,11 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) // sdb server에서 패킷 데이터의 크기를 MAX_PAYLOAD-100보다 작은 지를 체크함. // sdbd에서 패킷 데이터를 MAX_PAYLOAD - 200로 잡아서 암호화 하게되면 // 최대 MAX_PAYLOAD - 100 크기의 패킷을 생성하게 됨. - const size_t max_payload = MAX_PAYLOAD - 200; + const size_t max_payload = asock_get_max_payload(s) - 200; size_t avail = max_payload; #else - size_t avail = MAX_PAYLOAD; + const size_t max_payload = asock_get_max_payload(s); + size_t avail = max_payload; #endif int r = 0; @@ -350,6 +352,7 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) } D("LS(%d): fd=%d post avail loop. r=%d is_eof=%d forced_eof=%d\n", s->id, s->fd, r, is_eof, s->fde.force_eof); + #ifdef SUPPORT_ENCRYPT //변경된 최대 패킷 크기로 코드 수정 if((avail == max_payload) || (s->peer == 0)) { @@ -357,10 +360,10 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) } else { p->len = max_payload - avail; #else - if((avail == MAX_PAYLOAD) || (s->peer == 0)) { + if((avail == max_payload) || (s->peer == 0)) { put_apacket(p); } else { - p->len = MAX_PAYLOAD - avail; + p->len = max_payload - avail; #endif r = s->peer->enqueue(s->peer, p); D("LS(%d): fd=%d post peer->enqueue(). r=%d\n", s->id, s->fd, r); @@ -549,9 +552,9 @@ void connect_to_remote(asocket *s, const char *destination) { D("Connect_to_remote call RS(%d) fd=%d\n", s->id, s->fd); apacket *p = get_apacket(); - int len = strlen(destination) + 1; + size_t len = strlen(destination) + 1; - if(len > (MAX_PAYLOAD-1)) { + if(len > (asock_get_max_payload(s)-1)) { fatal("destination oversized"); } @@ -656,7 +659,7 @@ static int smart_socket_enqueue(asocket *s, apacket *p) s->pkt_first = p; s->pkt_last = p; } else { - if((s->pkt_first->len + p->len) > MAX_PAYLOAD) { + if((s->pkt_first->len + p->len) > asock_get_max_payload(s)) { D("SS(%d): overflow\n", s->id); put_apacket(p); goto fail; @@ -860,3 +863,15 @@ void connect_to_smartsocket(asocket *s) ss->peer = s; s->ready(s); } + +size_t asock_get_max_payload(asocket *s) +{ + size_t max_payload = MAX_PAYLOAD; + if (s->transport) { + max_payload = min(max_payload, s->transport->max_payload); + } + if (s->peer && s->peer->transport) { + max_payload = min(max_payload, s->peer->transport->max_payload); + } + return max_payload; +} diff --git a/src/transport.c b/src/transport.c index 470e55f..616acab 100644 --- a/src/transport.c +++ b/src/transport.c @@ -653,6 +653,9 @@ static void transport_registration_func(int _fd, unsigned ev, void *data) return; } + t->protocol_version = A_VERSION; + t->max_payload = MAX_PAYLOAD; + /* don't create transport threads for inaccessible devices */ if (t->connection_state != CS_NOPERM) { /* initial references are the two threads */ @@ -1187,15 +1190,15 @@ int writex(int fd, const void *ptr, size_t len) return 0; } -int check_header(apacket *p) +int check_header(apacket *p, atransport *t) { if(p->msg.magic != (p->msg.command ^ 0xffffffff)) { D("check_header(): invalid magic\n"); return -1; } - if(p->msg.data_length > MAX_PAYLOAD) { - D("check_header(): %d > MAX_PAYLOAD\n", p->msg.data_length); + if(p->msg.data_length > t->max_payload) { + D("check_header(): %d > transport->max_payload(%d)\n", p->msg.data_length, t->max_payload); return -1; } diff --git a/src/transport_local.c b/src/transport_local.c index a6adb0b..dd145bd 100644 --- a/src/transport_local.c +++ b/src/transport_local.c @@ -87,7 +87,7 @@ static int remote_read(apacket *p, atransport *t) D("read remote packet: %04x arg0=%0x arg1=%0x data_length=%0x data_check=%0x magic=%0x\n", p->msg.command, p->msg.arg0, p->msg.arg1, p->msg.data_length, p->msg.data_check, p->msg.magic); #endif - if(check_header(p)) { + if(check_header(p, t)) { D("bad header: terminated (data)\n"); return -1; } diff --git a/src/transport_usb.c b/src/transport_usb.c index 932e170..96905bf 100644 --- a/src/transport_usb.c +++ b/src/transport_usb.c @@ -57,7 +57,7 @@ static int remote_read(apacket *p, atransport *t) fix_endians(p); - if(check_header(p)) { + if(check_header(p, t)) { D("remote usb: check_header failed\n"); return -1; } diff --git a/src/usb_linux_client.c b/src/usb_linux_client.c index 5d722b4..efeff2c 100644 --- a/src/usb_linux_client.c +++ b/src/usb_linux_client.c @@ -98,17 +98,25 @@ int linux_usb_write(usb_handle *h, const void *data, int len) int linux_usb_read(usb_handle *h, void *data, size_t len) { - int n; - - D("about to read (fd=%d, len=%d)\n", h->fd, len); - n = sdb_read(h->fd, data, len); - if(n != len) { - D("ERROR: fd = %d, n = %d, errno = %d\n", - h->fd, n, errno); - return -1; - } - D("[ done fd=%d ]\n", h->fd); - return 0; + D("about to read (fd=%d, len=%d)\n", h->fd, len); + while (len > 0) { + /* The sdb_read does not support read larger than 4096 bytes at once. + Read 4096 byte block repeatedly when reading data is larger than 4096 bytes. */ + int bytes_to_read = len < 4096 ? len : 4096; + int n = sdb_read(h->fd, data, bytes_to_read); + if(n < 0) { + if(errno == EINTR) { + continue; + } else { + D("ERROR: fd = %d, n = %d, errno = %d\n", h->fd, n, errno); + return -1; + } + } + len -= n; + data = ((char*) data) + n; + } + D("[ done fd=%d ]\n", h->fd); + return 0; } void linux_usb_init() diff --git a/src/utils.h b/src/utils.h index 7e78b6e..a2d0243 100644 --- a/src/utils.h +++ b/src/utils.h @@ -80,5 +80,13 @@ char** str_split(char* a_str, const char a_delim); #define SDB_KEEPALIVE_IDLE (1) #define SDB_KEEPALIVE_INTVL (1) int keep_alive(int fd, int onoff, int cnt, int idle, int interval); +#define min(a,b) \ +({ __typeof__ (a) _a = (a); \ +__typeof__ (b) _b = (b); \ +_a > _b ? _b : _a; }) +#define max(a,b) \ +({ __typeof__ (a) _a = (a); \ +__typeof__ (b) _b = (b); \ +_a > _b ? _a : _b; }) #endif /* _SDB_UTILS_H */ -- 2.7.4 From 046f23e7ea9c15c72de74fc46530c3319bc7622d Mon Sep 17 00:00:00 2001 From: Kim Gunsoo Date: Thu, 6 Oct 2016 21:12:34 +0900 Subject: [PATCH 05/16] Modify the SMACK label for SDB shell. - Previously, there was a problem that the SDB shell has the SMACK authority of sdbd. In order to prevent this, it has been modified to run a separate SMACK label between sdbd and SDB shell. Change-Id: I768ef0b165cf66fe88648cc272638819c4bd96fe Signed-off-by: Kim Gunsoo --- packaging/sdbd.spec | 4 ++++ src/default_plugin_appcmd.c | 5 +++-- src/sdb.c | 54 +++++++++++++++++++++++++++++++++++++++------ src/sdb.h | 3 ++- src/sdktools.h | 1 + src/services.c | 16 ++++++++++++++ 6 files changed, 73 insertions(+), 10 deletions(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index bc9408f..15eb808 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -109,6 +109,10 @@ if ! getent passwd "${TZ_SDK_USER_NAME}" > /dev/null; then done fi +cp -f /bin/sh /bin/sh-user +chsmack -a "_" /bin/sh-user +chsmack -e "User::Shell" /bin/sh-user + %files %manifest sdbd.manifest %license LICENSE diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index 4bc158e..83cecca 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -38,6 +38,7 @@ #include +#define SHELL_COMMAND "/bin/sh" #define APPCMD_RESULT_BUFSIZE (4096) typedef struct appcmd_info appcmd_info; @@ -641,10 +642,10 @@ static void run_appcmd_appinstallpath(appcmd_info* p_info) { p_info->exitcode = -1; - const char* path = tzplatform_getenv(TZ_SDK_HOME); + const char* path = tzplatform_getenv(TZ_SDK_TOOLS); if (path != NULL) { p_info->exitcode = 0; - snprintf(result_buf, sizeof(result_buf), "\n%s:%s/apps_rw/\n", MESSAGE_PREFIX_APPCMD_RETURN, path); + snprintf(result_buf, sizeof(result_buf), "\n%s:%s\n", MESSAGE_PREFIX_APPCMD_RETURN, path); writex(p_info->fd, result_buf, strlen(result_buf)); } else { D("failed to get application install path from tzplatform_getenv."); diff --git a/src/sdb.c b/src/sdb.c index ac7f573..2be2345 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -31,6 +31,7 @@ #include #include #include +#include #include "sysdeps.h" #include "log.h" @@ -58,6 +59,7 @@ #define PROC_CMDLINE_PATH "/proc/cmdline" #define USB_SERIAL_PATH "/sys/class/usb_mode/usb0/iSerial" +#define APPID2PID_PATH "/usr/bin/appid2pid" #include #include @@ -125,6 +127,29 @@ int is_emulator(void) { #endif } +int is_appid2pid_supported(void) { + + if (access(APPID2PID_PATH, F_OK) == 0) { + /* It is necessary to confirm that it is possible + * to run "appid2pid" in the sdk user/group privileges. */ + struct stat st; + if (stat(APPID2PID_PATH, &st) == 0) { + D("appid2pid uid=%d, gid=%d, mode=0x%x.\n", st.st_uid, st.st_gid, st.st_mode); + if ( (st.st_uid == STATIC_SDK_USER_ID && st.st_mode & S_IXUSR) + || (st.st_gid == STATIC_SDK_GROUP_ID && st.st_mode & S_IXGRP) + || (st.st_mode & S_IXOTH) ) { + D("appid2pid is supported.\n"); + return 1; + } + } + } else { + D("failed to access appid2pid file: %d\n", errno); + } + + D("appid2pid is NOT supported.\n"); + return 0; +} + int is_container_enabled(void) { bool value; int ret; @@ -373,7 +398,7 @@ void print_packet(const char *label, apacket *p) #endif #ifdef SUPPORT_ENCRYPT -/* +/* desc. : 암호화 실패 메시지 전송 parameter : [in] apacket* p : sdbd로 들어온 메시지 [in] atransport *t : 현재 연결에 대한 atransport @@ -389,7 +414,7 @@ void send_encr_fail(apacket* p, atransport *t, unsigned failed_value){ //put_apacket(enc_p); } -/* +/* desc. : 암호화 메시지 핸들링 parameter : [in] apacket* p : sdbd로 들어온 메시지 [in/out] atransport *t : 현재 연결에 대한 atransport @@ -403,12 +428,12 @@ int handle_encr_packet(apacket* p, atransport *t){ if(p->msg.arg0 == ENCR_SET_ON_REQ){ // hello 메시지인 경우 t->sessionID = sessionID; - if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init + if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init if(security_parse_server_hello(t->sessionID, p) == 1){ // hello 메시지 파싱 D("security_parse_server_hello success\n"); enc_p = get_apacket(); if(security_gen_client_hello(t->sessionID, enc_p) == 1){ // hello 메시지 생성 - D("security_gen_client_hello success\n"); + D("security_gen_client_hello success\n"); enc_p->msg.command = A_ENCR; enc_p->msg.arg0 = ENCR_SET_ON_REQ; enc_p->msg.arg1 = p->msg.arg1; @@ -419,7 +444,7 @@ int handle_encr_packet(apacket* p, atransport *t){ D("security_gen_client_hello error\n"); send_encr_fail(p, t, ENCR_ON_FAIL); // 암호화 on 실패 메시지 전송 t->encryption = ENCR_OFF; // 암호화 모드는 off - security_deinit(t->sessionID); + security_deinit(t->sessionID); return -1; } } @@ -428,7 +453,7 @@ int handle_encr_packet(apacket* p, atransport *t){ send_encr_fail(p, t, ENCR_ON_FAIL); t->encryption = ENCR_OFF; security_deinit(t->sessionID); - + return -1; } } else { // init 실패 @@ -511,7 +536,7 @@ int handle_encr_packet(apacket* p, atransport *t){ } //put_apacket(enc_p); return 0; - + } #endif @@ -1228,6 +1253,10 @@ void start_device_log(void) return; } + if (smack_setlabel(path, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { + D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); + } + // redirect stdout and stderr to the log file dup2(fd, 1); dup2(fd, 2); @@ -1992,6 +2021,17 @@ static void init_capabilities(void) { "%s", UNKNOWN); } + // appid2pid support + ret = is_appid2pid_supported(); + snprintf(g_capabilities.appid2pid_support, sizeof(g_capabilities.appid2pid_support), + "%s", ret == 1 ? ENABLED : DISABLED); + + + // pkgcmd debug mode support + snprintf(g_capabilities.pkgcmd_debugmode, sizeof(g_capabilities.pkgcmd_debugmode), + "%s", ENABLED); + + // Capability version snprintf(g_capabilities.sdbd_cap_version, sizeof(g_capabilities.sdbd_cap_version), "%d.%d", SDBD_CAP_VERSION_MAJOR, SDBD_CAP_VERSION_MINOR); diff --git a/src/sdb.h b/src/sdb.h index 348a7eb..052d49d 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -275,6 +275,8 @@ typedef struct platform_capabilities char sockproto_support[CAPBUF_ITEMSIZE]; // enabled or disabled char appcmd_support[CAPBUF_ITEMSIZE]; // enabled or disabled char encryption_support[CAPBUF_ITEMSIZE]; // enabled or disabled + char appid2pid_support[CAPBUF_ITEMSIZE]; // enabled or disabled + char pkgcmd_debugmode[CAPBUF_ITEMSIZE]; // enabled or disabled char log_enable[CAPBUF_ITEMSIZE]; // enabled or disabled char log_path[CAPBUF_LL_ITEMSIZE]; // path of sdbd log @@ -542,7 +544,6 @@ int read_line(const int fd, char* ptr, const size_t maxlen); #define USB_FUNCFS_SDB_PATH "/dev/usbgadget/sdb" #define USB_NODE_FILE "/dev/samsung_sdb" -#define SHELL_COMMAND "/bin/sh" int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * const envp[]); void get_env(char *key, char **env); diff --git a/src/sdktools.h b/src/sdktools.h index 9027970..e73bfec 100644 --- a/src/sdktools.h +++ b/src/sdktools.h @@ -37,6 +37,7 @@ struct arg_permit_rule #define APPID_MAX_LENGTH 50 #define SDBD_LABEL_NAME "sdbd" #define SDK_HOME_LABEL_NAME "sdbd::home" +#define SDK_SHELL_LABEL_NAME "User::Shell" int verify_root_commands(const char *arg1); int verify_app_path(const char* path); diff --git a/src/services.c b/src/services.c index d2d1500..76c28d1 100644 --- a/src/services.c +++ b/src/services.c @@ -44,6 +44,7 @@ #include "utils.h" #include #include +#include #include #include @@ -461,6 +462,12 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c return -1; } + if (smack_setlabel(devname, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { + D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); + sdb_close(ptm); + return -1; + } + *pid = fork(); if(*pid < 0) { D("- fork failed: errno:%d -\n", errno); @@ -521,6 +528,7 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c } #endif /* !SDB_HOST */ +#define SHELL_COMMAND "/bin/sh-user" #define LOGIN_COMMAND "/bin/login" #define SUPER_USER "root" #define LOGIN_CONFIG "/etc/login.defs" @@ -1012,6 +1020,14 @@ static void get_capability(int fd, void *cookie) { offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, "appcmd_support", g_capabilities.appcmd_support); + // appid2pid support + offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, + "appid2pid_support", g_capabilities.appid2pid_support); + + // pkgcmd debug mode support + offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, + "pkgcmd_debugmode", g_capabilities.pkgcmd_debugmode); + offset++; // for '\0' character writex(fd, &offset, sizeof(uint16_t)); -- 2.7.4 From 57917a169d72ead67de0921c6f1a37fe70f99040 Mon Sep 17 00:00:00 2001 From: Jaewon Lim Date: Sun, 11 Dec 2016 20:32:09 -0800 Subject: [PATCH 06/16] Revert "Modify the packet size in transport protocol." This reverts commit f7a9e14ff28fdb099abbfba917a2d135e354c080. Change-Id: I1b6f418aaec7ce07b30e98989841cabb4f01dc1e --- src/sdb.c | 15 +-------------- src/sdb.h | 9 ++------- src/sockets.c | 29 +++++++---------------------- src/transport.c | 9 +++------ src/transport_local.c | 2 +- src/transport_usb.c | 2 +- src/usb_linux_client.c | 30 +++++++++++------------------- src/utils.h | 8 -------- 8 files changed, 26 insertions(+), 78 deletions(-) diff --git a/src/sdb.c b/src/sdb.c index 017bfb0..ac7f573 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -543,7 +543,7 @@ static void send_connect(atransport *t) cp->msg.command = A_CNXN; cp->msg.arg0 = A_VERSION; #ifdef SUPPORT_ENCRYPT - cp->msg.arg1 = MAX_PAYLOAD - 100; // connection 시, sdb server의 패킷 크기를 암호화 오버로드 만큼 줄임 + cp->msg.arg1 = MAX_PAYLOAD - 100; // connection 시, sdb server의 패킷 크기를 암호화 오버로드 만큼 줄임 #else cp->msg.arg1 = MAX_PAYLOAD; #endif @@ -794,18 +794,6 @@ void parse_banner(char *banner, atransport *t) t->connection_state = CS_HOST; } -static void update_version(atransport *t, int version, size_t payload) -{ -#ifdef SUPPORT_ENCRYPT - size_t max_payload = MAX_PAYLOAD - 100; -#else - size_t max_payload = MAX_PAYLOAD; -#endif - t->protocol_version = min(version, A_VERSION); - t->max_payload = min(payload, max_payload); - D("update transport version. version=%x, max_payload=%d\n", t->protocol_version, t->max_payload); -} - void handle_packet(apacket *p, atransport *t) { // Verify pointer p @@ -841,7 +829,6 @@ void handle_packet(apacket *p, atransport *t) t->connection_state = CS_OFFLINE; handle_offline(t); } - update_version(t, p->msg.arg0, p->msg.arg1); parse_banner((char*) p->data, t); handle_online(); if(!HOST) send_connect(t); diff --git a/src/sdb.h b/src/sdb.h index 226da64..348a7eb 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -28,9 +28,7 @@ #endif #include -#define MAX_PAYLOAD_V1 (4*1024) -#define MAX_PAYLOAD_V2 (256*1024) -#define MAX_PAYLOAD MAX_PAYLOAD_V2 +#define MAX_PAYLOAD 4096 #define A_SYNC 0x434e5953 #define A_CNXN 0x4e584e43 @@ -214,8 +212,6 @@ struct atransport /* a list of adisconnect callbacks called when the transport is kicked */ int kicked; adisconnect disconnects; - int protocol_version; - size_t max_payload; #ifdef SUPPORT_ENCRYPT unsigned encryption; // 해당 연결이 암호화 모드인지 확인하는 flag , 0 = no-encryption / 1 = encryption @@ -312,7 +308,6 @@ asocket *create_local_service_socket(const char *destination); asocket *create_remote_socket(unsigned id, atransport *t); void connect_to_remote(asocket *s, const char *destination); void connect_to_smartsocket(asocket *s); -size_t asock_get_max_payload(asocket *s); void fatal(const char *fmt, ...); void fatal_errno(const char *fmt, ...); @@ -433,7 +428,7 @@ int get_emulator_guestip(char str[], int str_size); apacket *get_apacket(void); void put_apacket(apacket *p); -int check_header(apacket *p, atransport *t); +int check_header(apacket *p); int check_data(apacket *p); #if !TRACE_PACKETS diff --git a/src/sockets.c b/src/sockets.c index 71d646d..801ff42 100644 --- a/src/sockets.c +++ b/src/sockets.c @@ -28,7 +28,6 @@ #include "sdb.h" #include "strutils.h" -#include "utils.h" SDB_MUTEX_DEFINE( socket_list_lock ); @@ -323,11 +322,10 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) // sdb server에서 패킷 데이터의 크기를 MAX_PAYLOAD-100보다 작은 지를 체크함. // sdbd에서 패킷 데이터를 MAX_PAYLOAD - 200로 잡아서 암호화 하게되면 // 최대 MAX_PAYLOAD - 100 크기의 패킷을 생성하게 됨. - const size_t max_payload = asock_get_max_payload(s) - 200; + const size_t max_payload = MAX_PAYLOAD - 200; size_t avail = max_payload; #else - const size_t max_payload = asock_get_max_payload(s); - size_t avail = max_payload; + size_t avail = MAX_PAYLOAD; #endif int r = 0; @@ -352,7 +350,6 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) } D("LS(%d): fd=%d post avail loop. r=%d is_eof=%d forced_eof=%d\n", s->id, s->fd, r, is_eof, s->fde.force_eof); - #ifdef SUPPORT_ENCRYPT //변경된 최대 패킷 크기로 코드 수정 if((avail == max_payload) || (s->peer == 0)) { @@ -360,10 +357,10 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) } else { p->len = max_payload - avail; #else - if((avail == max_payload) || (s->peer == 0)) { + if((avail == MAX_PAYLOAD) || (s->peer == 0)) { put_apacket(p); } else { - p->len = max_payload - avail; + p->len = MAX_PAYLOAD - avail; #endif r = s->peer->enqueue(s->peer, p); D("LS(%d): fd=%d post peer->enqueue(). r=%d\n", s->id, s->fd, r); @@ -552,9 +549,9 @@ void connect_to_remote(asocket *s, const char *destination) { D("Connect_to_remote call RS(%d) fd=%d\n", s->id, s->fd); apacket *p = get_apacket(); - size_t len = strlen(destination) + 1; + int len = strlen(destination) + 1; - if(len > (asock_get_max_payload(s)-1)) { + if(len > (MAX_PAYLOAD-1)) { fatal("destination oversized"); } @@ -659,7 +656,7 @@ static int smart_socket_enqueue(asocket *s, apacket *p) s->pkt_first = p; s->pkt_last = p; } else { - if((s->pkt_first->len + p->len) > asock_get_max_payload(s)) { + if((s->pkt_first->len + p->len) > MAX_PAYLOAD) { D("SS(%d): overflow\n", s->id); put_apacket(p); goto fail; @@ -863,15 +860,3 @@ void connect_to_smartsocket(asocket *s) ss->peer = s; s->ready(s); } - -size_t asock_get_max_payload(asocket *s) -{ - size_t max_payload = MAX_PAYLOAD; - if (s->transport) { - max_payload = min(max_payload, s->transport->max_payload); - } - if (s->peer && s->peer->transport) { - max_payload = min(max_payload, s->peer->transport->max_payload); - } - return max_payload; -} diff --git a/src/transport.c b/src/transport.c index 616acab..470e55f 100644 --- a/src/transport.c +++ b/src/transport.c @@ -653,9 +653,6 @@ static void transport_registration_func(int _fd, unsigned ev, void *data) return; } - t->protocol_version = A_VERSION; - t->max_payload = MAX_PAYLOAD; - /* don't create transport threads for inaccessible devices */ if (t->connection_state != CS_NOPERM) { /* initial references are the two threads */ @@ -1190,15 +1187,15 @@ int writex(int fd, const void *ptr, size_t len) return 0; } -int check_header(apacket *p, atransport *t) +int check_header(apacket *p) { if(p->msg.magic != (p->msg.command ^ 0xffffffff)) { D("check_header(): invalid magic\n"); return -1; } - if(p->msg.data_length > t->max_payload) { - D("check_header(): %d > transport->max_payload(%d)\n", p->msg.data_length, t->max_payload); + if(p->msg.data_length > MAX_PAYLOAD) { + D("check_header(): %d > MAX_PAYLOAD\n", p->msg.data_length); return -1; } diff --git a/src/transport_local.c b/src/transport_local.c index dd145bd..a6adb0b 100644 --- a/src/transport_local.c +++ b/src/transport_local.c @@ -87,7 +87,7 @@ static int remote_read(apacket *p, atransport *t) D("read remote packet: %04x arg0=%0x arg1=%0x data_length=%0x data_check=%0x magic=%0x\n", p->msg.command, p->msg.arg0, p->msg.arg1, p->msg.data_length, p->msg.data_check, p->msg.magic); #endif - if(check_header(p, t)) { + if(check_header(p)) { D("bad header: terminated (data)\n"); return -1; } diff --git a/src/transport_usb.c b/src/transport_usb.c index 96905bf..932e170 100644 --- a/src/transport_usb.c +++ b/src/transport_usb.c @@ -57,7 +57,7 @@ static int remote_read(apacket *p, atransport *t) fix_endians(p); - if(check_header(p, t)) { + if(check_header(p)) { D("remote usb: check_header failed\n"); return -1; } diff --git a/src/usb_linux_client.c b/src/usb_linux_client.c index efeff2c..5d722b4 100644 --- a/src/usb_linux_client.c +++ b/src/usb_linux_client.c @@ -98,25 +98,17 @@ int linux_usb_write(usb_handle *h, const void *data, int len) int linux_usb_read(usb_handle *h, void *data, size_t len) { - D("about to read (fd=%d, len=%d)\n", h->fd, len); - while (len > 0) { - /* The sdb_read does not support read larger than 4096 bytes at once. - Read 4096 byte block repeatedly when reading data is larger than 4096 bytes. */ - int bytes_to_read = len < 4096 ? len : 4096; - int n = sdb_read(h->fd, data, bytes_to_read); - if(n < 0) { - if(errno == EINTR) { - continue; - } else { - D("ERROR: fd = %d, n = %d, errno = %d\n", h->fd, n, errno); - return -1; - } - } - len -= n; - data = ((char*) data) + n; - } - D("[ done fd=%d ]\n", h->fd); - return 0; + int n; + + D("about to read (fd=%d, len=%d)\n", h->fd, len); + n = sdb_read(h->fd, data, len); + if(n != len) { + D("ERROR: fd = %d, n = %d, errno = %d\n", + h->fd, n, errno); + return -1; + } + D("[ done fd=%d ]\n", h->fd); + return 0; } void linux_usb_init() diff --git a/src/utils.h b/src/utils.h index a2d0243..7e78b6e 100644 --- a/src/utils.h +++ b/src/utils.h @@ -80,13 +80,5 @@ char** str_split(char* a_str, const char a_delim); #define SDB_KEEPALIVE_IDLE (1) #define SDB_KEEPALIVE_INTVL (1) int keep_alive(int fd, int onoff, int cnt, int idle, int interval); -#define min(a,b) \ -({ __typeof__ (a) _a = (a); \ -__typeof__ (b) _b = (b); \ -_a > _b ? _b : _a; }) -#define max(a,b) \ -({ __typeof__ (a) _a = (a); \ -__typeof__ (b) _b = (b); \ -_a > _b ? _a : _b; }) #endif /* _SDB_UTILS_H */ -- 2.7.4 From 37ca0ed4a0610cc20f954cb94a2ac7698ba52d56 Mon Sep 17 00:00:00 2001 From: Jaewon Lim Date: Sun, 11 Dec 2016 20:32:40 -0800 Subject: [PATCH 07/16] Revert "Modify the SMACK label for SDB shell." This reverts commit 046f23e7ea9c15c72de74fc46530c3319bc7622d. Change-Id: I196d5d4d975e9aec1efd28a39c3f1aaf2a9da6f9 --- packaging/sdbd.spec | 4 ---- src/default_plugin_appcmd.c | 5 ++--- src/sdb.c | 54 ++++++--------------------------------------- src/sdb.h | 3 +-- src/sdktools.h | 1 - src/services.c | 16 -------------- 6 files changed, 10 insertions(+), 73 deletions(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 15eb808..bc9408f 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -109,10 +109,6 @@ if ! getent passwd "${TZ_SDK_USER_NAME}" > /dev/null; then done fi -cp -f /bin/sh /bin/sh-user -chsmack -a "_" /bin/sh-user -chsmack -e "User::Shell" /bin/sh-user - %files %manifest sdbd.manifest %license LICENSE diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index 83cecca..4bc158e 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -38,7 +38,6 @@ #include -#define SHELL_COMMAND "/bin/sh" #define APPCMD_RESULT_BUFSIZE (4096) typedef struct appcmd_info appcmd_info; @@ -642,10 +641,10 @@ static void run_appcmd_appinstallpath(appcmd_info* p_info) { p_info->exitcode = -1; - const char* path = tzplatform_getenv(TZ_SDK_TOOLS); + const char* path = tzplatform_getenv(TZ_SDK_HOME); if (path != NULL) { p_info->exitcode = 0; - snprintf(result_buf, sizeof(result_buf), "\n%s:%s\n", MESSAGE_PREFIX_APPCMD_RETURN, path); + snprintf(result_buf, sizeof(result_buf), "\n%s:%s/apps_rw/\n", MESSAGE_PREFIX_APPCMD_RETURN, path); writex(p_info->fd, result_buf, strlen(result_buf)); } else { D("failed to get application install path from tzplatform_getenv."); diff --git a/src/sdb.c b/src/sdb.c index 2be2345..ac7f573 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -31,7 +31,6 @@ #include #include #include -#include #include "sysdeps.h" #include "log.h" @@ -59,7 +58,6 @@ #define PROC_CMDLINE_PATH "/proc/cmdline" #define USB_SERIAL_PATH "/sys/class/usb_mode/usb0/iSerial" -#define APPID2PID_PATH "/usr/bin/appid2pid" #include #include @@ -127,29 +125,6 @@ int is_emulator(void) { #endif } -int is_appid2pid_supported(void) { - - if (access(APPID2PID_PATH, F_OK) == 0) { - /* It is necessary to confirm that it is possible - * to run "appid2pid" in the sdk user/group privileges. */ - struct stat st; - if (stat(APPID2PID_PATH, &st) == 0) { - D("appid2pid uid=%d, gid=%d, mode=0x%x.\n", st.st_uid, st.st_gid, st.st_mode); - if ( (st.st_uid == STATIC_SDK_USER_ID && st.st_mode & S_IXUSR) - || (st.st_gid == STATIC_SDK_GROUP_ID && st.st_mode & S_IXGRP) - || (st.st_mode & S_IXOTH) ) { - D("appid2pid is supported.\n"); - return 1; - } - } - } else { - D("failed to access appid2pid file: %d\n", errno); - } - - D("appid2pid is NOT supported.\n"); - return 0; -} - int is_container_enabled(void) { bool value; int ret; @@ -398,7 +373,7 @@ void print_packet(const char *label, apacket *p) #endif #ifdef SUPPORT_ENCRYPT -/* +/* desc. : 암호화 실패 메시지 전송 parameter : [in] apacket* p : sdbd로 들어온 메시지 [in] atransport *t : 현재 연결에 대한 atransport @@ -414,7 +389,7 @@ void send_encr_fail(apacket* p, atransport *t, unsigned failed_value){ //put_apacket(enc_p); } -/* +/* desc. : 암호화 메시지 핸들링 parameter : [in] apacket* p : sdbd로 들어온 메시지 [in/out] atransport *t : 현재 연결에 대한 atransport @@ -428,12 +403,12 @@ int handle_encr_packet(apacket* p, atransport *t){ if(p->msg.arg0 == ENCR_SET_ON_REQ){ // hello 메시지인 경우 t->sessionID = sessionID; - if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init + if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init if(security_parse_server_hello(t->sessionID, p) == 1){ // hello 메시지 파싱 D("security_parse_server_hello success\n"); enc_p = get_apacket(); if(security_gen_client_hello(t->sessionID, enc_p) == 1){ // hello 메시지 생성 - D("security_gen_client_hello success\n"); + D("security_gen_client_hello success\n"); enc_p->msg.command = A_ENCR; enc_p->msg.arg0 = ENCR_SET_ON_REQ; enc_p->msg.arg1 = p->msg.arg1; @@ -444,7 +419,7 @@ int handle_encr_packet(apacket* p, atransport *t){ D("security_gen_client_hello error\n"); send_encr_fail(p, t, ENCR_ON_FAIL); // 암호화 on 실패 메시지 전송 t->encryption = ENCR_OFF; // 암호화 모드는 off - security_deinit(t->sessionID); + security_deinit(t->sessionID); return -1; } } @@ -453,7 +428,7 @@ int handle_encr_packet(apacket* p, atransport *t){ send_encr_fail(p, t, ENCR_ON_FAIL); t->encryption = ENCR_OFF; security_deinit(t->sessionID); - + return -1; } } else { // init 실패 @@ -536,7 +511,7 @@ int handle_encr_packet(apacket* p, atransport *t){ } //put_apacket(enc_p); return 0; - + } #endif @@ -1253,10 +1228,6 @@ void start_device_log(void) return; } - if (smack_setlabel(path, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { - D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); - } - // redirect stdout and stderr to the log file dup2(fd, 1); dup2(fd, 2); @@ -2021,17 +1992,6 @@ static void init_capabilities(void) { "%s", UNKNOWN); } - // appid2pid support - ret = is_appid2pid_supported(); - snprintf(g_capabilities.appid2pid_support, sizeof(g_capabilities.appid2pid_support), - "%s", ret == 1 ? ENABLED : DISABLED); - - - // pkgcmd debug mode support - snprintf(g_capabilities.pkgcmd_debugmode, sizeof(g_capabilities.pkgcmd_debugmode), - "%s", ENABLED); - - // Capability version snprintf(g_capabilities.sdbd_cap_version, sizeof(g_capabilities.sdbd_cap_version), "%d.%d", SDBD_CAP_VERSION_MAJOR, SDBD_CAP_VERSION_MINOR); diff --git a/src/sdb.h b/src/sdb.h index 052d49d..348a7eb 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -275,8 +275,6 @@ typedef struct platform_capabilities char sockproto_support[CAPBUF_ITEMSIZE]; // enabled or disabled char appcmd_support[CAPBUF_ITEMSIZE]; // enabled or disabled char encryption_support[CAPBUF_ITEMSIZE]; // enabled or disabled - char appid2pid_support[CAPBUF_ITEMSIZE]; // enabled or disabled - char pkgcmd_debugmode[CAPBUF_ITEMSIZE]; // enabled or disabled char log_enable[CAPBUF_ITEMSIZE]; // enabled or disabled char log_path[CAPBUF_LL_ITEMSIZE]; // path of sdbd log @@ -544,6 +542,7 @@ int read_line(const int fd, char* ptr, const size_t maxlen); #define USB_FUNCFS_SDB_PATH "/dev/usbgadget/sdb" #define USB_NODE_FILE "/dev/samsung_sdb" +#define SHELL_COMMAND "/bin/sh" int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * const envp[]); void get_env(char *key, char **env); diff --git a/src/sdktools.h b/src/sdktools.h index e73bfec..9027970 100644 --- a/src/sdktools.h +++ b/src/sdktools.h @@ -37,7 +37,6 @@ struct arg_permit_rule #define APPID_MAX_LENGTH 50 #define SDBD_LABEL_NAME "sdbd" #define SDK_HOME_LABEL_NAME "sdbd::home" -#define SDK_SHELL_LABEL_NAME "User::Shell" int verify_root_commands(const char *arg1); int verify_app_path(const char* path); diff --git a/src/services.c b/src/services.c index 76c28d1..d2d1500 100644 --- a/src/services.c +++ b/src/services.c @@ -44,7 +44,6 @@ #include "utils.h" #include #include -#include #include #include @@ -462,12 +461,6 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c return -1; } - if (smack_setlabel(devname, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { - D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); - sdb_close(ptm); - return -1; - } - *pid = fork(); if(*pid < 0) { D("- fork failed: errno:%d -\n", errno); @@ -528,7 +521,6 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c } #endif /* !SDB_HOST */ -#define SHELL_COMMAND "/bin/sh-user" #define LOGIN_COMMAND "/bin/login" #define SUPER_USER "root" #define LOGIN_CONFIG "/etc/login.defs" @@ -1020,14 +1012,6 @@ static void get_capability(int fd, void *cookie) { offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, "appcmd_support", g_capabilities.appcmd_support); - // appid2pid support - offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, - "appid2pid_support", g_capabilities.appid2pid_support); - - // pkgcmd debug mode support - offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, - "pkgcmd_debugmode", g_capabilities.pkgcmd_debugmode); - offset++; // for '\0' character writex(fd, &offset, sizeof(uint16_t)); -- 2.7.4 From 47e38d695a9a361de82f5ec5761424fffa95d5ea Mon Sep 17 00:00:00 2001 From: greatim Date: Wed, 14 Dec 2016 17:28:38 +0900 Subject: [PATCH 08/16] fix potential bugs remove unnecessary files and code (properties.h and properties.c) fix double close problem of socket pair in file_sync_service.c remove unnecessary manifest file Change-Id: Ic61ca8ffab9e1ee31f3a432acf0e9c138fc26fbe Signed-off-by: greatim --- CMakeLists.txt | 1 - sdbd.manifest | 44 ----- src/file_sync_service.c | 33 ++-- src/properties.c | 467 ------------------------------------------------ src/properties.h | 69 ------- src/sdb.c | 5 - src/services.c | 54 ------ src/sysdeps.h | 1 - src/transport_local.c | 8 - 9 files changed, 18 insertions(+), 664 deletions(-) delete mode 100644 sdbd.manifest delete mode 100644 src/properties.c delete mode 100644 src/properties.h diff --git a/CMakeLists.txt b/CMakeLists.txt index 83b0a0a..e16df2d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -43,7 +43,6 @@ SET(SDBD_SRCS src/socket_loopback_client.c src/socket_loopback_server.c src/socket_network_client.c - src/properties.c src/sdktools.c src/strutils.c src/init.c diff --git a/sdbd.manifest b/sdbd.manifest deleted file mode 100644 index 1effc20..0000000 --- a/sdbd.manifest +++ /dev/null @@ -1,44 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/src/file_sync_service.c b/src/file_sync_service.c index 6c418a5..9377078 100644 --- a/src/file_sync_service.c +++ b/src/file_sync_service.c @@ -637,27 +637,30 @@ void file_sync_service(int fd, void *cookie) D("cannot create service socket pair\n"); exit(-1); } - char *buffer = malloc(SYNC_DATA_MAX); - if(buffer == 0) { - goto fail; - } - - FD_ZERO(&set); /* clear the set */ - FD_SET(fd, &set); /* add our file descriptor to the set */ - - timeout.tv_sec = SYNC_TIMEOUT; - timeout.tv_usec = 0; pid_t pid = fork(); if (pid == 0) { sdb_close(s[0]); //close the parent fd sync_read_label_notify(s[1]); + return; } else if (pid > 0) { sdb_close(s[1]); + + char *buffer = malloc(SYNC_DATA_MAX); + if(buffer == NULL) { + goto fail; + } + for(;;) { D("sync: waiting for command for %d sec\n", SYNC_TIMEOUT); + FD_ZERO(&set); /* clear the set */ + FD_SET(fd, &set); /* add our file descriptor to the set */ + + timeout.tv_sec = SYNC_TIMEOUT; + timeout.tv_usec = 0; + rv = select(fd + 1, &set, NULL, NULL, &timeout); if (rv == -1) { D("sync file descriptor select failed\n"); @@ -713,15 +716,15 @@ void file_sync_service(int fd, void *cookie) goto fail; } } + +fail: + if(buffer != NULL) { + free(buffer); + } } else { sdb_close(s[1]); } - -fail: - if(buffer != 0) { - free(buffer); - } D("sync: done\n"); sync_send_label_notify(s[0], name, 0); sdb_close(s[0]); diff --git a/src/properties.c b/src/properties.c deleted file mode 100644 index aa14fe7..0000000 --- a/src/properties.c +++ /dev/null @@ -1,467 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - - -#include -#include -#include -#include "sockets.h" -#include -#include - -#include "properties.h" -//#include "loghack.h" -#include "sysdeps.h" -#define TRACE_TAG TRACE_PROPERTIES -#include "log.h" - -#include "sdb.h" - -#define HAVE_TIZEN_PROPERTY - -#ifdef HAVE_TIZEN_PROPERTY - -#define HAVE_PTHREADS -#include -#include "strutils.h" -#include "threads.h" - -static mutex_t env_lock = MUTEX_INITIALIZER; - -#define TIZEN_PROPERTY_FILE "/tmp/.sdb.conf" /* tizen specific*/ -#define PROPERTY_SEPARATOR "=" - -struct config_node { - char *key; - char value[PROPERTY_VALUE_MAX]; -} sdbd_config[] = { - { "service.sdb.tcp.port", "0" }, - { NULL, "" } -}; -int sdbd_config_element_cnt = sizeof(sdbd_config) / sizeof(sdbd_config[0]); - -void property_save(); - -static void property_init(void) -{ - int fd; - int i = 0; - char buffer[PROPERTY_KEY_MAX+PROPERTY_VALUE_MAX+1]; - char *tok = NULL; - char *ptr; - - fd = unix_open(TIZEN_PROPERTY_FILE, O_RDONLY); - if (fd < 0) - return; - for(;;) { - if(read_line(fd, buffer, PROPERTY_KEY_MAX+PROPERTY_VALUE_MAX+1) < 0) - break; - tok = strtok_r(buffer, PROPERTY_SEPARATOR, &ptr); - if(tok) { - for (i = 0; i < sdbd_config_element_cnt && sdbd_config[i].key ; i++) { - if (!strcmp(tok, sdbd_config[i].key)) { - tok = strtok_r(NULL, PROPERTY_SEPARATOR, &ptr); - if(tok) { - snprintf(sdbd_config[i].value, PROPERTY_VALUE_MAX, "%s", tok); - D("property init key=%s, value=%s\n", sdbd_config[i].key, tok); - } - } - } - } - } - sdb_close(fd); - D("called property_init\n"); -} - -void property_save() -{ - int fd; - int i = 0; - char buffer[PROPERTY_KEY_MAX+PROPERTY_VALUE_MAX+1]; - - mutex_lock(&env_lock); - if (access(TIZEN_PROPERTY_FILE, F_OK) == 0) // if exist - sdb_unlink(TIZEN_PROPERTY_FILE); - - fd = unix_open(TIZEN_PROPERTY_FILE, O_WRONLY | O_CREAT | O_APPEND, 0640); - if (fd <0 ) { - mutex_unlock(&env_lock); - return; - } - - for (i = 0; i < sdbd_config_element_cnt && sdbd_config[i].key; i++) { - snprintf(buffer, sizeof(buffer), "%s%s%s\n", sdbd_config[i].key, PROPERTY_SEPARATOR, sdbd_config[i].value); - sdb_write(fd, buffer, strlen(buffer)); - } - sdb_close(fd); - mutex_unlock(&env_lock); -} - -int property_set(const char *key, const char *value) -{ - int i = 0; - - mutex_lock(&env_lock); - - for (i = 0; i < sdbd_config_element_cnt && sdbd_config[i].key; i++) { - if (!strcmp(key,sdbd_config[i].key)) { - snprintf(sdbd_config[i].value, PROPERTY_VALUE_MAX, "%s", value); - D("property set key=%s, value=%s\n", key, value); - break; - } - } - mutex_unlock(&env_lock); - property_save(); - return -1; -} - -int property_get(const char *key, char *value, const char *default_value) -{ - int len = 0; - int i = 0; - - property_init(); - mutex_lock(&env_lock); - - for (i = 0; i < sdbd_config_element_cnt && sdbd_config[i].key; i++) { - if (!strcmp(key,sdbd_config[i].key)) { - len = strlen(sdbd_config[i].value); - memcpy(value, sdbd_config[i].value, len + 1); - D("property get key=%s, value=%s\n", key, value); - mutex_unlock(&env_lock); - return len; - } - } - - if(default_value) { - len = strlen(default_value); - memcpy(value, default_value, len + 1); - D("by default, property get key=%s, value=%s\n", key, value); - } - mutex_unlock(&env_lock); - return len; -} - -int property_list(void (*propfn)(const char *key, const char *value, void *cookie), - void *cookie) -{ - return 0; -} - -#elif defined(HAVE_LIBC_SYSTEM_PROPERTIES) - -#define _REALLY_INCLUDE_SYS__SYSTEM_PROPERTIES_H_ -//#include - -int property_set(const char *key, const char *value) -{ - return __system_property_set(key, value); -} - -int property_get(const char *key, char *value, const char *default_value) -{ - int len; - - len = __system_property_get(key, value); - if(len > 0) { - return len; - } - - if(default_value) { - len = strlen(default_value); - memcpy(value, default_value, len + 1); - } - return len; -} - -int property_list(void (*propfn)(const char *key, const char *value, void *cookie), - void *cookie) -{ - char name[PROP_NAME_MAX]; - char value[PROP_VALUE_MAX]; - const prop_info *pi; - unsigned n; - - for(n = 0; (pi = __system_property_find_nth(n)); n++) { - __system_property_read(pi, name, value); - propfn(name, value, cookie); - } - return 0; -} - -#elif defined(HAVE_SYSTEM_PROPERTY_SERVER) - -/* - * The Linux simulator provides a "system property server" that uses IPC - * to set/get/list properties. The file descriptor is shared by all - * threads in the process, so we use a mutex to ensure that requests - * from multiple threads don't get interleaved. - */ -#include -#include -#include -#include -#include - -static pthread_once_t gInitOnce = PTHREAD_ONCE_INIT; -static pthread_mutex_t gPropertyFdLock = PTHREAD_MUTEX_INITIALIZER; -static int gPropFd = -1; - -/* - * Connect to the properties server. - * - * Returns the socket descriptor on success. - */ -static int connectToServer(const char* fileName) -{ - int sock = -1; - int cc; - - struct sockaddr_un addr; - - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) { - D("UNIX domain socket create failed (errno=%d)\n", errno); - return -1; - } - - /* connect to socket; fails if file doesn't exist */ - strcpy(addr.sun_path, fileName); // max 108 bytes - addr.sun_family = AF_UNIX; - cc = connect(sock, (struct sockaddr*) &addr, SUN_LEN(&addr)); - if (cc < 0) { - // ENOENT means socket file doesn't exist - // ECONNREFUSED means socket exists but nobody is listening - D("AF_UNIX connect failed for '%s': errno:%d\n", - fileName, errno); - sdb_close(sock); - return -1; - } - - return sock; -} - -/* - * Perform one-time initialization. - */ -static void init(void) -{ - assert(gPropFd == -1); - - gPropFd = connectToServer(SYSTEM_PROPERTY_PIPE_NAME); - if (gPropFd < 0) { - D("not connected to system property server\n"); - } else { - D("Connected to system property server\n"); - } -} - -int property_get(const char *key, char *value, const char *default_value) -{ - char sendBuf[1+PROPERTY_KEY_MAX]; - char recvBuf[1+PROPERTY_VALUE_MAX]; - int len = -1; - - D("PROPERTY GET [%s]\n", key); - - pthread_once(&gInitOnce, init); - if (gPropFd < 0) { - /* this mimics the behavior of the device implementation */ - if (default_value != NULL) { - strcpy(value, default_value); - len = strlen(value); - } - return len; - } - - if (strlen(key) >= PROPERTY_KEY_MAX) return -1; - - memset(sendBuf, 0xdd, sizeof(sendBuf)); // placate valgrind - - sendBuf[0] = (char) kSystemPropertyGet; - strcpy(sendBuf+1, key); - - pthread_mutex_lock(&gPropertyFdLock); - if (sdb_write(gPropFd, sendBuf, sizeof(sendBuf)) != sizeof(sendBuf)) { - pthread_mutex_unlock(&gPropertyFdLock); - return -1; - } - if (sdb_read(gPropFd, recvBuf, sizeof(recvBuf)) != sizeof(recvBuf)) { - pthread_mutex_unlock(&gPropertyFdLock); - return -1; - } - pthread_mutex_unlock(&gPropertyFdLock); - - /* first byte is 0 if value not defined, 1 if found */ - if (recvBuf[0] == 0) { - if (default_value != NULL) { - strcpy(value, default_value); - len = strlen(value); - } else { - /* - * If the value isn't defined, hand back an empty string and - * a zero length, rather than a failure. This seems wrong, - * since you can't tell the difference between "undefined" and - * "defined but empty", but it's what the device does. - */ - value[0] = '\0'; - len = 0; - } - } else if (recvBuf[0] == 1) { - strcpy(value, recvBuf+1); - len = strlen(value); - } else { - D("Got strange response to property_get request (%d)\n", - recvBuf[0]); - assert(0); - return -1; - } - D("PROP [found=%d def='%s'] (%d) [%s]: [%s]\n", - recvBuf[0], default_value, len, key, value); - - return len; -} - - -int property_set(const char *key, const char *value) -{ - char sendBuf[1+PROPERTY_KEY_MAX+PROPERTY_VALUE_MAX]; - char recvBuf[1]; - int result = -1; - - D("PROPERTY SET [%s]: [%s]\n", key, value); - - pthread_once(&gInitOnce, init); - if (gPropFd < 0) - return -1; - - if (strlen(key) >= PROPERTY_KEY_MAX) return -1; - if (strlen(value) >= PROPERTY_VALUE_MAX) return -1; - - memset(sendBuf, 0xdd, sizeof(sendBuf)); // placate valgrind - - sendBuf[0] = (char) kSystemPropertySet; - strcpy(sendBuf+1, key); - strcpy(sendBuf+1+PROPERTY_KEY_MAX, value); - - pthread_mutex_lock(&gPropertyFdLock); - if (sdb_write(gPropFd, sendBuf, sizeof(sendBuf)) != sizeof(sendBuf)) { - pthread_mutex_unlock(&gPropertyFdLock); - return -1; - } - if (sdb_read(gPropFd, recvBuf, sizeof(recvBuf)) != sizeof(recvBuf)) { - pthread_mutex_unlock(&gPropertyFdLock); - return -1; - } - pthread_mutex_unlock(&gPropertyFdLock); - - if (recvBuf[0] != 1) - return -1; - return 0; -} - -int property_list(void (*propfn)(const char *key, const char *value, void *cookie), - void *cookie) -{ - D("PROPERTY LIST\n"); - pthread_once(&gInitOnce, init); - if (gPropFd < 0) - return -1; - - return 0; -} - -#else - -/* SUPER-cheesy place-holder implementation for Win32 */ -#define HAVE_PTHREADS /*tizen specific */ -#include -#include "threads.h" - -static mutex_t env_lock = MUTEX_INITIALIZER; - -int property_get(const char *key, char *value, const char *default_value) -{ - char ename[PROPERTY_KEY_MAX + 6]; - char *p; - int len; - - len = strlen(key); - if(len >= PROPERTY_KEY_MAX) return -1; - memcpy(ename, "PROP_", 5); - memcpy(ename + 5, key, len + 1); - - mutex_lock(&env_lock); - - p = getenv(ename); - if(p == 0) p = ""; - len = strlen(p); - if(len >= PROPERTY_VALUE_MAX) { - len = PROPERTY_VALUE_MAX - 1; - } - - if((len == 0) && default_value) { - len = strlen(default_value); - memcpy(value, default_value, len + 1); - } else { - memcpy(value, p, len); - value[len] = 0; - } - - mutex_unlock(&env_lock); - D("get [key=%s value='%s:%s']\n", key, ename, value); - return len; -} - - -int property_set(const char *key, const char *value) -{ - char ename[PROPERTY_KEY_MAX + 6]; - char *p; - int len; - int r; - - if(strlen(value) >= PROPERTY_VALUE_MAX) return -1; - - len = strlen(key); - if(len >= PROPERTY_KEY_MAX) return -1; - memcpy(ename, "PROP_", 5); - memcpy(ename + 5, key, len + 1); - - mutex_lock(&env_lock); -#ifdef HAVE_MS_C_RUNTIME - { - char temp[256]; - snprintf( temp, sizeof(temp), "%s=%s", ename, value); - putenv(temp); - r = 0; - } -#else - r = setenv(ename, value, 1); -#endif - mutex_unlock(&env_lock); - D("set [key=%s value='%s%s']\n", key, ename, value); - return r; -} - -int property_list(void (*propfn)(const char *key, const char *value, void *cookie), - void *cookie) -{ - return 0; -} - -#endif diff --git a/src/properties.h b/src/properties.h deleted file mode 100644 index 08f9d18..0000000 --- a/src/properties.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __CUTILS_PROPERTIES_H -#define __CUTILS_PROPERTIES_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* System properties are *small* name value pairs managed by the -** property service. If your data doesn't fit in the provided -** space it is not appropriate for a system property. -** -** WARNING: system/bionic/include/sys/system_properties.h also defines -** these, but with different names. (TODO: fix that) -*/ -#define PROPERTY_KEY_MAX 32 -#define PROPERTY_VALUE_MAX 92 - -/* property_get: returns the length of the value which will never be -** greater than PROPERTY_VALUE_MAX - 1 and will always be zero terminated. -** (the length does not include the terminating zero). -** -** If the property read fails or returns an empty value, the default -** value is used (if nonnull). -*/ -int property_get(const char *key, char *value, const char *default_value); - -/* property_set: returns 0 on success, < 0 on failure -*/ -int property_set(const char *key, const char *value); - -int property_list(void (*propfn)(const char *key, const char *value, void *cookie), void *cookie); - -#ifdef HAVE_SYSTEM_PROPERTY_SERVER -/* - * We have an external property server instead of built-in libc support. - * Used by the simulator. - */ -#define SYSTEM_PROPERTY_PIPE_NAME "/tmp/sdb-sysporp" - -enum { - kSystemPropertyUnknown = 0, - kSystemPropertyGet, - kSystemPropertySet, - kSystemPropertyList -}; -#endif /*HAVE_SYSTEM_PROPERTY_SERVER*/ - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/sdb.c b/src/sdb.c index ac7f573..4eb7389 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -1196,11 +1196,6 @@ void start_device_log(void) const char* p_path = getenv("SDBD_LOG_PATH"); // read the trace mask from persistent property persist.sdb.trace_mask // give up if the property is not set or cannot be parsed -#if 0 /* tizen specific */ - property_get("persist.sdb.trace_mask", value, ""); - if (sscanf(value, "%x", &sdb_trace_mask) != 1) - return; -#endif if ((p_trace == NULL ) && !is_enable_sdbd_log()) { return; diff --git a/src/services.c b/src/services.c index 4395a1d..b0f2e08 100644 --- a/src/services.c +++ b/src/services.c @@ -133,52 +133,8 @@ static void recover_service(int s, void *cookie) sdb_close(fd); } -void restart_root_service(int fd, void *cookie) -{ - char buf[100]; - char value[PROPERTY_VALUE_MAX]; - - if (getuid() == 0) { - snprintf(buf, sizeof(buf), "sdbd is already running as root\n"); - writex(fd, buf, strlen(buf)); - sdb_close(fd); - } else { - property_get("ro.debuggable", value, ""); - if (strcmp(value, "1") != 0) { - snprintf(buf, sizeof(buf), "sdbd cannot run as root in production builds\n"); - writex(fd, buf, strlen(buf)); - sdb_close(fd); - return; - } - - property_set("service.sdb.root", "1"); - snprintf(buf, sizeof(buf), "restarting sdbd as root\n"); - writex(fd, buf, strlen(buf)); - sdb_close(fd); - } -} #endif -void restart_tcp_service(int fd, void *cookie) -{ - char buf[100]; - char value[PROPERTY_VALUE_MAX]; - int port = (int)cookie; - - if (port <= 0) { - snprintf(buf, sizeof(buf), "invalid port\n"); - writex(fd, buf, strlen(buf)); - sdb_close(fd); - return; - } - - snprintf(value, sizeof(value), "%d", port); - property_set("service.sdb.tcp.port", value); - snprintf(buf, sizeof(buf), "restarting in TCP mode port: %d\n", port); - writex(fd, buf, strlen(buf)); - sdb_close(fd); -} - static int is_support_rootonoff() { return (!strncmp(g_capabilities.rootonoff_support, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED))); @@ -254,16 +210,6 @@ void get_tzplatform_env(int fd, void *cookie) { sdb_close(fd); } -void restart_usb_service(int fd, void *cookie) -{ - char buf[100]; - - property_set("service.sdb.tcp.port", "0"); - snprintf(buf, sizeof(buf), "restarting in USB mode\n"); - writex(fd, buf, strlen(buf)); - sdb_close(fd); -} - void reboot_service(int fd, void *arg) { #if 0 diff --git a/src/sysdeps.h b/src/sysdeps.h index d99a2d4..a72e798 100644 --- a/src/sysdeps.h +++ b/src/sysdeps.h @@ -278,7 +278,6 @@ static __inline__ int sdb_is_absolute_host_path( const char* path ) #include "fdevent.h" #include "sockets.h" -#include "properties.h" // tizen specific #include #include #include diff --git a/src/transport_local.c b/src/transport_local.c index a6adb0b..ed61ec1 100644 --- a/src/transport_local.c +++ b/src/transport_local.c @@ -612,14 +612,6 @@ void local_init(int port) #else /* For the sdbd daemon in the system image we need to distinguish * between the device, and the emulator. */ -#if 0 /* tizen specific */ - char is_qemu[PROPERTY_VALUE_MAX]; - property_get("ro.kernel.qemu", is_qemu, ""); - if (!strcmp(is_qemu, "1")) { - /* Running inside the emulator: use QEMUD pipe as the transport. */ - func = qemu_socket_thread; - } else -#endif { /* Running inside the device: use TCP socket as the transport. */ func = server_socket_thread; -- 2.7.4 From 5f0c0f99d251123cbb228e953e4309ea4294bc35 Mon Sep 17 00:00:00 2001 From: Jaewon Lim Date: Sun, 18 Dec 2016 20:51:20 -0800 Subject: [PATCH 09/16] Revert "Revert "Modify the packet size in transport protocol."" This reverts commit 57917a169d72ead67de0921c6f1a37fe70f99040. Change-Id: I37a23f2cea79831b3c532c8adba3bfce0b95d05d --- src/sdb.c | 15 ++++++++++++++- src/sdb.h | 9 +++++++-- src/sockets.c | 29 ++++++++++++++++++++++------- src/transport.c | 9 ++++++--- src/transport_local.c | 2 +- src/transport_usb.c | 2 +- src/usb_linux_client.c | 30 +++++++++++++++++++----------- src/utils.h | 8 ++++++++ 8 files changed, 78 insertions(+), 26 deletions(-) diff --git a/src/sdb.c b/src/sdb.c index ac7f573..017bfb0 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -543,7 +543,7 @@ static void send_connect(atransport *t) cp->msg.command = A_CNXN; cp->msg.arg0 = A_VERSION; #ifdef SUPPORT_ENCRYPT - cp->msg.arg1 = MAX_PAYLOAD - 100; // connection 시, sdb server의 패킷 크기를 암호화 오버로드 만큼 줄임 + cp->msg.arg1 = MAX_PAYLOAD - 100; // connection 시, sdb server의 패킷 크기를 암호화 오버로드 만큼 줄임 #else cp->msg.arg1 = MAX_PAYLOAD; #endif @@ -794,6 +794,18 @@ void parse_banner(char *banner, atransport *t) t->connection_state = CS_HOST; } +static void update_version(atransport *t, int version, size_t payload) +{ +#ifdef SUPPORT_ENCRYPT + size_t max_payload = MAX_PAYLOAD - 100; +#else + size_t max_payload = MAX_PAYLOAD; +#endif + t->protocol_version = min(version, A_VERSION); + t->max_payload = min(payload, max_payload); + D("update transport version. version=%x, max_payload=%d\n", t->protocol_version, t->max_payload); +} + void handle_packet(apacket *p, atransport *t) { // Verify pointer p @@ -829,6 +841,7 @@ void handle_packet(apacket *p, atransport *t) t->connection_state = CS_OFFLINE; handle_offline(t); } + update_version(t, p->msg.arg0, p->msg.arg1); parse_banner((char*) p->data, t); handle_online(); if(!HOST) send_connect(t); diff --git a/src/sdb.h b/src/sdb.h index 348a7eb..226da64 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -28,7 +28,9 @@ #endif #include -#define MAX_PAYLOAD 4096 +#define MAX_PAYLOAD_V1 (4*1024) +#define MAX_PAYLOAD_V2 (256*1024) +#define MAX_PAYLOAD MAX_PAYLOAD_V2 #define A_SYNC 0x434e5953 #define A_CNXN 0x4e584e43 @@ -212,6 +214,8 @@ struct atransport /* a list of adisconnect callbacks called when the transport is kicked */ int kicked; adisconnect disconnects; + int protocol_version; + size_t max_payload; #ifdef SUPPORT_ENCRYPT unsigned encryption; // 해당 연결이 암호화 모드인지 확인하는 flag , 0 = no-encryption / 1 = encryption @@ -308,6 +312,7 @@ asocket *create_local_service_socket(const char *destination); asocket *create_remote_socket(unsigned id, atransport *t); void connect_to_remote(asocket *s, const char *destination); void connect_to_smartsocket(asocket *s); +size_t asock_get_max_payload(asocket *s); void fatal(const char *fmt, ...); void fatal_errno(const char *fmt, ...); @@ -428,7 +433,7 @@ int get_emulator_guestip(char str[], int str_size); apacket *get_apacket(void); void put_apacket(apacket *p); -int check_header(apacket *p); +int check_header(apacket *p, atransport *t); int check_data(apacket *p); #if !TRACE_PACKETS diff --git a/src/sockets.c b/src/sockets.c index 801ff42..71d646d 100644 --- a/src/sockets.c +++ b/src/sockets.c @@ -28,6 +28,7 @@ #include "sdb.h" #include "strutils.h" +#include "utils.h" SDB_MUTEX_DEFINE( socket_list_lock ); @@ -322,10 +323,11 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) // sdb server에서 패킷 데이터의 크기를 MAX_PAYLOAD-100보다 작은 지를 체크함. // sdbd에서 패킷 데이터를 MAX_PAYLOAD - 200로 잡아서 암호화 하게되면 // 최대 MAX_PAYLOAD - 100 크기의 패킷을 생성하게 됨. - const size_t max_payload = MAX_PAYLOAD - 200; + const size_t max_payload = asock_get_max_payload(s) - 200; size_t avail = max_payload; #else - size_t avail = MAX_PAYLOAD; + const size_t max_payload = asock_get_max_payload(s); + size_t avail = max_payload; #endif int r = 0; @@ -350,6 +352,7 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) } D("LS(%d): fd=%d post avail loop. r=%d is_eof=%d forced_eof=%d\n", s->id, s->fd, r, is_eof, s->fde.force_eof); + #ifdef SUPPORT_ENCRYPT //변경된 최대 패킷 크기로 코드 수정 if((avail == max_payload) || (s->peer == 0)) { @@ -357,10 +360,10 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) } else { p->len = max_payload - avail; #else - if((avail == MAX_PAYLOAD) || (s->peer == 0)) { + if((avail == max_payload) || (s->peer == 0)) { put_apacket(p); } else { - p->len = MAX_PAYLOAD - avail; + p->len = max_payload - avail; #endif r = s->peer->enqueue(s->peer, p); D("LS(%d): fd=%d post peer->enqueue(). r=%d\n", s->id, s->fd, r); @@ -549,9 +552,9 @@ void connect_to_remote(asocket *s, const char *destination) { D("Connect_to_remote call RS(%d) fd=%d\n", s->id, s->fd); apacket *p = get_apacket(); - int len = strlen(destination) + 1; + size_t len = strlen(destination) + 1; - if(len > (MAX_PAYLOAD-1)) { + if(len > (asock_get_max_payload(s)-1)) { fatal("destination oversized"); } @@ -656,7 +659,7 @@ static int smart_socket_enqueue(asocket *s, apacket *p) s->pkt_first = p; s->pkt_last = p; } else { - if((s->pkt_first->len + p->len) > MAX_PAYLOAD) { + if((s->pkt_first->len + p->len) > asock_get_max_payload(s)) { D("SS(%d): overflow\n", s->id); put_apacket(p); goto fail; @@ -860,3 +863,15 @@ void connect_to_smartsocket(asocket *s) ss->peer = s; s->ready(s); } + +size_t asock_get_max_payload(asocket *s) +{ + size_t max_payload = MAX_PAYLOAD; + if (s->transport) { + max_payload = min(max_payload, s->transport->max_payload); + } + if (s->peer && s->peer->transport) { + max_payload = min(max_payload, s->peer->transport->max_payload); + } + return max_payload; +} diff --git a/src/transport.c b/src/transport.c index 470e55f..616acab 100644 --- a/src/transport.c +++ b/src/transport.c @@ -653,6 +653,9 @@ static void transport_registration_func(int _fd, unsigned ev, void *data) return; } + t->protocol_version = A_VERSION; + t->max_payload = MAX_PAYLOAD; + /* don't create transport threads for inaccessible devices */ if (t->connection_state != CS_NOPERM) { /* initial references are the two threads */ @@ -1187,15 +1190,15 @@ int writex(int fd, const void *ptr, size_t len) return 0; } -int check_header(apacket *p) +int check_header(apacket *p, atransport *t) { if(p->msg.magic != (p->msg.command ^ 0xffffffff)) { D("check_header(): invalid magic\n"); return -1; } - if(p->msg.data_length > MAX_PAYLOAD) { - D("check_header(): %d > MAX_PAYLOAD\n", p->msg.data_length); + if(p->msg.data_length > t->max_payload) { + D("check_header(): %d > transport->max_payload(%d)\n", p->msg.data_length, t->max_payload); return -1; } diff --git a/src/transport_local.c b/src/transport_local.c index a6adb0b..dd145bd 100644 --- a/src/transport_local.c +++ b/src/transport_local.c @@ -87,7 +87,7 @@ static int remote_read(apacket *p, atransport *t) D("read remote packet: %04x arg0=%0x arg1=%0x data_length=%0x data_check=%0x magic=%0x\n", p->msg.command, p->msg.arg0, p->msg.arg1, p->msg.data_length, p->msg.data_check, p->msg.magic); #endif - if(check_header(p)) { + if(check_header(p, t)) { D("bad header: terminated (data)\n"); return -1; } diff --git a/src/transport_usb.c b/src/transport_usb.c index 932e170..96905bf 100644 --- a/src/transport_usb.c +++ b/src/transport_usb.c @@ -57,7 +57,7 @@ static int remote_read(apacket *p, atransport *t) fix_endians(p); - if(check_header(p)) { + if(check_header(p, t)) { D("remote usb: check_header failed\n"); return -1; } diff --git a/src/usb_linux_client.c b/src/usb_linux_client.c index 5d722b4..efeff2c 100644 --- a/src/usb_linux_client.c +++ b/src/usb_linux_client.c @@ -98,17 +98,25 @@ int linux_usb_write(usb_handle *h, const void *data, int len) int linux_usb_read(usb_handle *h, void *data, size_t len) { - int n; - - D("about to read (fd=%d, len=%d)\n", h->fd, len); - n = sdb_read(h->fd, data, len); - if(n != len) { - D("ERROR: fd = %d, n = %d, errno = %d\n", - h->fd, n, errno); - return -1; - } - D("[ done fd=%d ]\n", h->fd); - return 0; + D("about to read (fd=%d, len=%d)\n", h->fd, len); + while (len > 0) { + /* The sdb_read does not support read larger than 4096 bytes at once. + Read 4096 byte block repeatedly when reading data is larger than 4096 bytes. */ + int bytes_to_read = len < 4096 ? len : 4096; + int n = sdb_read(h->fd, data, bytes_to_read); + if(n < 0) { + if(errno == EINTR) { + continue; + } else { + D("ERROR: fd = %d, n = %d, errno = %d\n", h->fd, n, errno); + return -1; + } + } + len -= n; + data = ((char*) data) + n; + } + D("[ done fd=%d ]\n", h->fd); + return 0; } void linux_usb_init() diff --git a/src/utils.h b/src/utils.h index 7e78b6e..a2d0243 100644 --- a/src/utils.h +++ b/src/utils.h @@ -80,5 +80,13 @@ char** str_split(char* a_str, const char a_delim); #define SDB_KEEPALIVE_IDLE (1) #define SDB_KEEPALIVE_INTVL (1) int keep_alive(int fd, int onoff, int cnt, int idle, int interval); +#define min(a,b) \ +({ __typeof__ (a) _a = (a); \ +__typeof__ (b) _b = (b); \ +_a > _b ? _b : _a; }) +#define max(a,b) \ +({ __typeof__ (a) _a = (a); \ +__typeof__ (b) _b = (b); \ +_a > _b ? _a : _b; }) #endif /* _SDB_UTILS_H */ -- 2.7.4 From c694b9b417683f29ddf331ec5122df37a2766403 Mon Sep 17 00:00:00 2001 From: greatim Date: Wed, 21 Dec 2016 10:06:21 +0900 Subject: [PATCH 10/16] fix potential bugs fix NO_LOCK.STAT bugs for errno Change-Id: Ic24d17fdf755d9d7b007db68b50b6fb2b30cee37 Signed-off-by: greatim --- src/file_sync_service.c | 3 +-- src/transport.c | 4 +--- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/src/file_sync_service.c b/src/file_sync_service.c index 9377078..4dd0860 100644 --- a/src/file_sync_service.c +++ b/src/file_sync_service.c @@ -387,8 +387,7 @@ static int handle_send_file(int s, int noti_fd, char *path, mode_t mode, char *b sdb_close(fd); sdb_unlink(path); fd = -1; - errno = saved_errno; - if(fail_errno(s, errno)) return -1; + if(fail_errno(s, saved_errno)) return -1; } } diff --git a/src/transport.c b/src/transport.c index 616acab..7811628 100644 --- a/src/transport.c +++ b/src/transport.c @@ -242,9 +242,7 @@ void send_packet(apacket *p, atransport *t) if (t == NULL) { D("Transport is null \n"); - // Zap errno because print_packet() and other stuff have errno effect. - errno = 0; - fatal_errno("Transport is null"); + fatal("Transport is null"); } if(write_packet(t->transport_socket, t->serial, &p)){ -- 2.7.4 From 8b42e21eaefd8589d4306f0ed26e57e387a56588 Mon Sep 17 00:00:00 2001 From: SangJin Kim Date: Wed, 21 Dec 2016 19:32:08 +0900 Subject: [PATCH 11/16] Fix SVACE issue. Change-Id: I640624dc49117b8eca6034b41ae33b2e52b8eb8c Signed-off-by: SangJin Kim --- src/default_plugin_appcmd.c | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index 4bc158e..07a41d1 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -332,11 +332,15 @@ static void appcmd_receiver_packagelist(int fd_in, int fd_out) char out_buf[4096] = {0,}; int out_ptr = 0; int r; + char* sub1; + char* sub2; snprintf(out_buf, sizeof(out_buf), "\n%s", MESSAGE_PREFIX_APPCMD_RETURN); out_ptr = strlen(out_buf); for(;;) { + sub1 = NULL; + sub2 = NULL; memset(buf, 0, sizeof(buf)); r = read_line(fd_in, buf, sizeof(buf)); if (r == 0) { @@ -350,17 +354,22 @@ static void appcmd_receiver_packagelist(int fd_in, int fd_out) } D("pkgcmd output : %s\n", buf); - char* sub1 = NULL; - char* sub2 = NULL; sub1 = strstr(buf, "pkgid ["); - if (sub1 != NULL) { - sub1 = strstr(sub1, "[")+1; - sub2 = strstr(sub1, "]"); - sub2[0] = '\0'; - - snprintf(out_buf+out_ptr, sizeof(out_buf)-out_ptr, ":%s", sub1); - out_ptr += strlen(sub1)+1; + if (sub1 == NULL) { + continue; + } + sub1 = strstr(sub1, "[")+1; + if (sub1 == NULL) { + continue; } + sub2 = strstr(sub1, "]"); + if (sub2 == NULL) { + continue; + } + sub2[0] = '\0'; + + snprintf(out_buf+out_ptr, sizeof(out_buf)-out_ptr, ":%s", sub1); + out_ptr += strlen(sub1)+1; } snprintf(out_buf+out_ptr, sizeof(out_buf)-out_ptr, "\n"); -- 2.7.4 From cb4d1bb8af186a59661e4e35bdb13fecdc1a0163 Mon Sep 17 00:00:00 2001 From: Jaewon Lim Date: Thu, 22 Dec 2016 23:57:25 -0800 Subject: [PATCH 12/16] Revert "Revert "Modify the SMACK label for SDB shell."" This reverts commit 37ca0ed4a0610cc20f954cb94a2ac7698ba52d56. Change-Id: Idc727cc0a259d750634d3ef70b4f71dc9a160eba --- packaging/sdbd.spec | 4 ++++ src/default_plugin_appcmd.c | 5 +++-- src/sdb.c | 54 +++++++++++++++++++++++++++++++++++++++------ src/sdb.h | 3 ++- src/sdktools.h | 1 + src/services.c | 16 ++++++++++++++ 6 files changed, 73 insertions(+), 10 deletions(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index bc9408f..15eb808 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -109,6 +109,10 @@ if ! getent passwd "${TZ_SDK_USER_NAME}" > /dev/null; then done fi +cp -f /bin/sh /bin/sh-user +chsmack -a "_" /bin/sh-user +chsmack -e "User::Shell" /bin/sh-user + %files %manifest sdbd.manifest %license LICENSE diff --git a/src/default_plugin_appcmd.c b/src/default_plugin_appcmd.c index 4bc158e..83cecca 100644 --- a/src/default_plugin_appcmd.c +++ b/src/default_plugin_appcmd.c @@ -38,6 +38,7 @@ #include +#define SHELL_COMMAND "/bin/sh" #define APPCMD_RESULT_BUFSIZE (4096) typedef struct appcmd_info appcmd_info; @@ -641,10 +642,10 @@ static void run_appcmd_appinstallpath(appcmd_info* p_info) { p_info->exitcode = -1; - const char* path = tzplatform_getenv(TZ_SDK_HOME); + const char* path = tzplatform_getenv(TZ_SDK_TOOLS); if (path != NULL) { p_info->exitcode = 0; - snprintf(result_buf, sizeof(result_buf), "\n%s:%s/apps_rw/\n", MESSAGE_PREFIX_APPCMD_RETURN, path); + snprintf(result_buf, sizeof(result_buf), "\n%s:%s\n", MESSAGE_PREFIX_APPCMD_RETURN, path); writex(p_info->fd, result_buf, strlen(result_buf)); } else { D("failed to get application install path from tzplatform_getenv."); diff --git a/src/sdb.c b/src/sdb.c index ac7f573..2be2345 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -31,6 +31,7 @@ #include #include #include +#include #include "sysdeps.h" #include "log.h" @@ -58,6 +59,7 @@ #define PROC_CMDLINE_PATH "/proc/cmdline" #define USB_SERIAL_PATH "/sys/class/usb_mode/usb0/iSerial" +#define APPID2PID_PATH "/usr/bin/appid2pid" #include #include @@ -125,6 +127,29 @@ int is_emulator(void) { #endif } +int is_appid2pid_supported(void) { + + if (access(APPID2PID_PATH, F_OK) == 0) { + /* It is necessary to confirm that it is possible + * to run "appid2pid" in the sdk user/group privileges. */ + struct stat st; + if (stat(APPID2PID_PATH, &st) == 0) { + D("appid2pid uid=%d, gid=%d, mode=0x%x.\n", st.st_uid, st.st_gid, st.st_mode); + if ( (st.st_uid == STATIC_SDK_USER_ID && st.st_mode & S_IXUSR) + || (st.st_gid == STATIC_SDK_GROUP_ID && st.st_mode & S_IXGRP) + || (st.st_mode & S_IXOTH) ) { + D("appid2pid is supported.\n"); + return 1; + } + } + } else { + D("failed to access appid2pid file: %d\n", errno); + } + + D("appid2pid is NOT supported.\n"); + return 0; +} + int is_container_enabled(void) { bool value; int ret; @@ -373,7 +398,7 @@ void print_packet(const char *label, apacket *p) #endif #ifdef SUPPORT_ENCRYPT -/* +/* desc. : 암호화 실패 메시지 전송 parameter : [in] apacket* p : sdbd로 들어온 메시지 [in] atransport *t : 현재 연결에 대한 atransport @@ -389,7 +414,7 @@ void send_encr_fail(apacket* p, atransport *t, unsigned failed_value){ //put_apacket(enc_p); } -/* +/* desc. : 암호화 메시지 핸들링 parameter : [in] apacket* p : sdbd로 들어온 메시지 [in/out] atransport *t : 현재 연결에 대한 atransport @@ -403,12 +428,12 @@ int handle_encr_packet(apacket* p, atransport *t){ if(p->msg.arg0 == ENCR_SET_ON_REQ){ // hello 메시지인 경우 t->sessionID = sessionID; - if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init + if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init if(security_parse_server_hello(t->sessionID, p) == 1){ // hello 메시지 파싱 D("security_parse_server_hello success\n"); enc_p = get_apacket(); if(security_gen_client_hello(t->sessionID, enc_p) == 1){ // hello 메시지 생성 - D("security_gen_client_hello success\n"); + D("security_gen_client_hello success\n"); enc_p->msg.command = A_ENCR; enc_p->msg.arg0 = ENCR_SET_ON_REQ; enc_p->msg.arg1 = p->msg.arg1; @@ -419,7 +444,7 @@ int handle_encr_packet(apacket* p, atransport *t){ D("security_gen_client_hello error\n"); send_encr_fail(p, t, ENCR_ON_FAIL); // 암호화 on 실패 메시지 전송 t->encryption = ENCR_OFF; // 암호화 모드는 off - security_deinit(t->sessionID); + security_deinit(t->sessionID); return -1; } } @@ -428,7 +453,7 @@ int handle_encr_packet(apacket* p, atransport *t){ send_encr_fail(p, t, ENCR_ON_FAIL); t->encryption = ENCR_OFF; security_deinit(t->sessionID); - + return -1; } } else { // init 실패 @@ -511,7 +536,7 @@ int handle_encr_packet(apacket* p, atransport *t){ } //put_apacket(enc_p); return 0; - + } #endif @@ -1228,6 +1253,10 @@ void start_device_log(void) return; } + if (smack_setlabel(path, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { + D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); + } + // redirect stdout and stderr to the log file dup2(fd, 1); dup2(fd, 2); @@ -1992,6 +2021,17 @@ static void init_capabilities(void) { "%s", UNKNOWN); } + // appid2pid support + ret = is_appid2pid_supported(); + snprintf(g_capabilities.appid2pid_support, sizeof(g_capabilities.appid2pid_support), + "%s", ret == 1 ? ENABLED : DISABLED); + + + // pkgcmd debug mode support + snprintf(g_capabilities.pkgcmd_debugmode, sizeof(g_capabilities.pkgcmd_debugmode), + "%s", ENABLED); + + // Capability version snprintf(g_capabilities.sdbd_cap_version, sizeof(g_capabilities.sdbd_cap_version), "%d.%d", SDBD_CAP_VERSION_MAJOR, SDBD_CAP_VERSION_MINOR); diff --git a/src/sdb.h b/src/sdb.h index 348a7eb..052d49d 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -275,6 +275,8 @@ typedef struct platform_capabilities char sockproto_support[CAPBUF_ITEMSIZE]; // enabled or disabled char appcmd_support[CAPBUF_ITEMSIZE]; // enabled or disabled char encryption_support[CAPBUF_ITEMSIZE]; // enabled or disabled + char appid2pid_support[CAPBUF_ITEMSIZE]; // enabled or disabled + char pkgcmd_debugmode[CAPBUF_ITEMSIZE]; // enabled or disabled char log_enable[CAPBUF_ITEMSIZE]; // enabled or disabled char log_path[CAPBUF_LL_ITEMSIZE]; // path of sdbd log @@ -542,7 +544,6 @@ int read_line(const int fd, char* ptr, const size_t maxlen); #define USB_FUNCFS_SDB_PATH "/dev/usbgadget/sdb" #define USB_NODE_FILE "/dev/samsung_sdb" -#define SHELL_COMMAND "/bin/sh" int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * const envp[]); void get_env(char *key, char **env); diff --git a/src/sdktools.h b/src/sdktools.h index 9027970..e73bfec 100644 --- a/src/sdktools.h +++ b/src/sdktools.h @@ -37,6 +37,7 @@ struct arg_permit_rule #define APPID_MAX_LENGTH 50 #define SDBD_LABEL_NAME "sdbd" #define SDK_HOME_LABEL_NAME "sdbd::home" +#define SDK_SHELL_LABEL_NAME "User::Shell" int verify_root_commands(const char *arg1); int verify_app_path(const char* path); diff --git a/src/services.c b/src/services.c index d2d1500..76c28d1 100644 --- a/src/services.c +++ b/src/services.c @@ -44,6 +44,7 @@ #include "utils.h" #include #include +#include #include #include @@ -461,6 +462,12 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c return -1; } + if (smack_setlabel(devname, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { + D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); + sdb_close(ptm); + return -1; + } + *pid = fork(); if(*pid < 0) { D("- fork failed: errno:%d -\n", errno); @@ -521,6 +528,7 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c } #endif /* !SDB_HOST */ +#define SHELL_COMMAND "/bin/sh-user" #define LOGIN_COMMAND "/bin/login" #define SUPER_USER "root" #define LOGIN_CONFIG "/etc/login.defs" @@ -1012,6 +1020,14 @@ static void get_capability(int fd, void *cookie) { offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, "appcmd_support", g_capabilities.appcmd_support); + // appid2pid support + offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, + "appid2pid_support", g_capabilities.appid2pid_support); + + // pkgcmd debug mode support + offset += put_key_value_string(cap_buffer, offset, CAPBUF_SIZE, + "pkgcmd_debugmode", g_capabilities.pkgcmd_debugmode); + offset++; // for '\0' character writex(fd, &offset, sizeof(uint16_t)); -- 2.7.4 From 3b551c517915ee6b2c4709a57dc066ea64c29973 Mon Sep 17 00:00:00 2001 From: greatim Date: Fri, 23 Dec 2016 17:32:50 +0900 Subject: [PATCH 13/16] remove smack_setlabel function usage for security reason remove smack_setlabel function usage change sdbd log directory change sdbd smack label to "System" Change-Id: I242c08d177f456768f3b6e3d3ee90bbb70d7dbe9 Signed-off-by: greatim --- packaging/sdbd.spec | 2 ++ packaging/sdbd_device.service | 3 +-- packaging/sdbd_emulator.service | 3 +-- packaging/sdbd_tcp.service | 2 +- src/default_plugin_basic.c | 11 +++++++++-- src/file_sync_service.c | 4 +++- src/sdb.c | 4 ---- src/services.c | 6 ------ 8 files changed, 17 insertions(+), 18 deletions(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 15eb808..6ddcae3 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -112,6 +112,8 @@ fi cp -f /bin/sh /bin/sh-user chsmack -a "_" /bin/sh-user chsmack -e "User::Shell" /bin/sh-user +mkdir -p %{TZ_SDK_HOME}/share/sdbdlog +chown owner:users %{TZ_SDK_HOME}/share/sdbdlog %files %manifest sdbd.manifest diff --git a/packaging/sdbd_device.service b/packaging/sdbd_device.service index cd60922..0537fcd 100644 --- a/packaging/sdbd_device.service +++ b/packaging/sdbd_device.service @@ -6,11 +6,10 @@ After=tmp.mount [Service] Type=forking #location of SDBD log file -#Environment=SDBD_LOG_PATH=/tmp EnvironmentFile=-/run/tizen-system-env PIDFile=/tmp/.sdbd.pid Restart=on-failure -SmackProcessLabel=System::Privileged +SmackProcessLabel=System ExecStart=/usr/sbin/sdbd [Install] diff --git a/packaging/sdbd_emulator.service b/packaging/sdbd_emulator.service index bed8cce..2129436 100644 --- a/packaging/sdbd_emulator.service +++ b/packaging/sdbd_emulator.service @@ -7,12 +7,11 @@ After=tmp.mount dbus.service [Service] Type=forking #location of SDBD log file -#Environment=SDBD_LOG_PATH=/tmp Environment=DISPLAY=:0 PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes #ExecStartPre=/bin/bash -c "/bin/echo '10.0.2.15/32 system::debugging_network' >> /smack/netlabel" -SmackProcessLabel=System::Privileged +SmackProcessLabel=System ExecStart=/bin/sh -c "/usr/sbin/sdbd `/usr/bin/awk '{match($0, /sdb_port=([0-9]+)/,port_match); match($0, /vm_name=([^, ]*)/,vm_match); print \"--emulator=\" vm_match[1] \":\" port_match[1] \" --connect-to=10.0.2.2:26099\" \" --sensors=10.0.2.2:\"port_match[1]+3 }' /proc/cmdline`" [Install] diff --git a/packaging/sdbd_tcp.service b/packaging/sdbd_tcp.service index e360a7c..ade025c 100644 --- a/packaging/sdbd_tcp.service +++ b/packaging/sdbd_tcp.service @@ -7,5 +7,5 @@ Type=forking Environment=DISPLAY=:0 PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes -SmackProcessLabel=System::Privileged +SmackProcessLabel=System ExecStart=/usr/sbin/sdbd --listen-port=26101 diff --git a/src/default_plugin_basic.c b/src/default_plugin_basic.c index 91d8df2..61611f6 100644 --- a/src/default_plugin_basic.c +++ b/src/default_plugin_basic.c @@ -20,6 +20,8 @@ #include #include +#include + #define TRACE_TAG TRACE_SDB #include "log.h" @@ -28,7 +30,7 @@ #include "sdbd_plugin.h" #include "sdktools.h" -#define LOG_DIRECTORY "/tmp" +#define LOG_DIRECTORY "/home/owner/share/sdbdlog" int get_plugin_capability ( parameters* in, parameters* out ) { @@ -75,7 +77,12 @@ int get_plugin_capability ( parameters* in, parameters* out ) } else if ( capability == CAPABILITY_LOG_ENABLE ) { make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", PLUGIN_RET_DISABLED ); } else if ( capability == CAPABILITY_LOG_PATH ) { - make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", LOG_DIRECTORY ); + const char* sdkhome = tzplatform_getenv(TZ_SDK_HOME); + if (sdkhome != NULL) { + make_string_parameter ( & ( out->array_of_parameter[0] ), "%s/share/sdbdlog", sdkhome ); + } else { + make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", LOG_DIRECTORY ); + } } else if ( capability == CAPABILITY_APPCMD ) { make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", PLUGIN_RET_ENABLED ); } else { diff --git a/src/file_sync_service.c b/src/file_sync_service.c index 6c418a5..7efb161 100644 --- a/src/file_sync_service.c +++ b/src/file_sync_service.c @@ -77,6 +77,7 @@ void init_sdk_sync_permit_rule_regx(void) } } +#if 0 static void set_syncfile_smack_label(char *src) { char *label_transmuted = NULL; char *label = NULL; @@ -127,6 +128,7 @@ static void set_syncfile_smack_label(char *src) { */ } } +#endif static int sync_send_label_notify(int s, const char *path, int success) { @@ -157,7 +159,7 @@ static void sync_read_label_notify(int s) char *path = buffer; path++; path++; - set_syncfile_smack_label(path); + // set_syncfile_smack_label(path); } } diff --git a/src/sdb.c b/src/sdb.c index 2be2345..2f6f5d8 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -1253,10 +1253,6 @@ void start_device_log(void) return; } - if (smack_setlabel(path, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { - D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); - } - // redirect stdout and stderr to the log file dup2(fd, 1); dup2(fd, 2); diff --git a/src/services.c b/src/services.c index 76c28d1..a1481f8 100644 --- a/src/services.c +++ b/src/services.c @@ -462,12 +462,6 @@ int create_subprocess(const char *cmd, pid_t *pid, char * const argv[], char * c return -1; } - if (smack_setlabel(devname, SDK_SHELL_LABEL_NAME, SMACK_LABEL_ACCESS) == -1) { - D("unable to set sdk shell smack label %s due to (errno:%d)\n", SDK_SHELL_LABEL_NAME, errno); - sdb_close(ptm); - return -1; - } - *pid = fork(); if(*pid < 0) { D("- fork failed: errno:%d -\n", errno); -- 2.7.4 From 7d1c2eecd0f6ab44be3d4d4d1d9634af9b0a3aa7 Mon Sep 17 00:00:00 2001 From: greatim Date: Tue, 27 Dec 2016 17:41:19 +0900 Subject: [PATCH 14/16] remove mkdir for sdbd log file remove mkdir for sdbd log file Change-Id: I50a7902cd1738a687bc8c315998b29a33a8b720f Signed-off-by: greatim --- packaging/sdbd.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 6ddcae3..dc10820 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -112,8 +112,8 @@ fi cp -f /bin/sh /bin/sh-user chsmack -a "_" /bin/sh-user chsmack -e "User::Shell" /bin/sh-user -mkdir -p %{TZ_SDK_HOME}/share/sdbdlog -chown owner:users %{TZ_SDK_HOME}/share/sdbdlog +#mkdir -p %{TZ_SDK_HOME}/share/sdbdlog +#chown owner:users %{TZ_SDK_HOME}/share/sdbdlog %files %manifest sdbd.manifest -- 2.7.4 From ec96660d649e7eb961046f6f456eade9a0ea6920 Mon Sep 17 00:00:00 2001 From: SangJin Kim Date: Tue, 27 Dec 2016 19:54:36 +0900 Subject: [PATCH 15/16] remove mkdir again for sdbd log file Change-Id: I3ca69e6cce164c1df13dcbee6c453e17d3bf60da Signed-off-by: SangJin Kim --- packaging/sdbd.spec | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index dc10820..1374f57 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.13 +Version: 3.0.14 Release: 0 License: Apache-2.0 Summary: SDB daemon @@ -112,8 +112,6 @@ fi cp -f /bin/sh /bin/sh-user chsmack -a "_" /bin/sh-user chsmack -e "User::Shell" /bin/sh-user -#mkdir -p %{TZ_SDK_HOME}/share/sdbdlog -#chown owner:users %{TZ_SDK_HOME}/share/sdbdlog %files %manifest sdbd.manifest -- 2.7.4 From 22ee2bf467e3e798ee9b0811fef172e6b231f93a Mon Sep 17 00:00:00 2001 From: Sangjin Kim Date: Tue, 27 Dec 2016 04:50:54 -0800 Subject: [PATCH 16/16] Revert "remove mkdir again for sdbd log file" This reverts commit ec96660d649e7eb961046f6f456eade9a0ea6920. Change-Id: I8ed9f39eea79ab0a96dee071e491387843e84345 --- packaging/sdbd.spec | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 1374f57..dc10820 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.14 +Version: 3.0.13 Release: 0 License: Apache-2.0 Summary: SDB daemon @@ -112,6 +112,8 @@ fi cp -f /bin/sh /bin/sh-user chsmack -a "_" /bin/sh-user chsmack -e "User::Shell" /bin/sh-user +#mkdir -p %{TZ_SDK_HOME}/share/sdbdlog +#chown owner:users %{TZ_SDK_HOME}/share/sdbdlog %files %manifest sdbd.manifest -- 2.7.4