From eaa484756072f34973a377f3486059ee98fb20d8 Mon Sep 17 00:00:00 2001 From: Tomasz Swierczek Date: Fri, 1 Jul 2016 10:16:04 +0200 Subject: [PATCH 01/16] Release version 1.1.10 Don't store application privileges in db Fix return type in setup_smack function Do not exit when security_manager_prepare_app fails Change-Id: Ibeb5737d096f2e9b70ffcc21e89db2441de81200 --- packaging/security-manager.changes | 6 ++++++ packaging/security-manager.spec | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/packaging/security-manager.changes b/packaging/security-manager.changes index fe154de..45834d9 100644 --- a/packaging/security-manager.changes +++ b/packaging/security-manager.changes @@ -1,3 +1,9 @@ +* Fri Jul 01 2016 Tomasz Swierczek +* Version 1.1.10 +- Don't store application privileges in db +- Fix return type in setup_smack function +- Do not exit when security_manager_prepare_app fails + * Tue Jun 28 2016 Tomasz Swierczek - Version 1.1.9 - Define PATH environment variable in scripts. diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 42f5c99..5572868 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -1,6 +1,6 @@ Name: security-manager Summary: Security manager and utilities -Version: 1.1.9 +Version: 1.1.10 Release: 0 Group: Security/Service License: Apache-2.0 -- 2.7.4 From af53178fa6506128b44f942651c82676982dd6ac Mon Sep 17 00:00:00 2001 From: Kidong Kim Date: Mon, 11 Jul 2016 16:52:19 +0900 Subject: [PATCH 02/16] Add systemd option - Restart If service terminates unexpectedly, security-manager should be restarted always. Change-Id: I0bdf66cbdffeb535e48342739ef375fa365e4678 Signed-off-by: Kidong Kim --- systemd/security-manager.service.in | 1 + 1 file changed, 1 insertion(+) diff --git a/systemd/security-manager.service.in b/systemd/security-manager.service.in index 23fd1b2..cec580e 100644 --- a/systemd/security-manager.service.in +++ b/systemd/security-manager.service.in @@ -5,3 +5,4 @@ Description=Start the security manager Type=notify ExecStart=@BIN_INSTALL_DIR@/security-manager Sockets=security-manager.socket +Restart=always -- 2.7.4 From a797a309f0c84b9d4d8340c2bea90f4e8090b1b2 Mon Sep 17 00:00:00 2001 From: jooseong lee Date: Thu, 14 Jul 2016 20:31:59 +0900 Subject: [PATCH 03/16] Update policy template for onlycap feature We add new sub domain('System::Privilege') to System domain. Refers to: https://review.tizen.org/gerrit/#/c/80083/ Change-Id: Ibb4b84ffbc0b3bab73ccb1c8d3c5aa1a200e8a1e Signed-off-by: jooseong lee --- policy/app-rules-template.smack | 2 ++ policy/author-rules-template.smack | 1 + policy/pkg-rules-template.smack | 3 +++ policy/security-manager-policy-reload | 2 +- src/common/smack-rules.cpp | 3 +++ 5 files changed, 10 insertions(+), 1 deletion(-) diff --git a/policy/app-rules-template.smack b/policy/app-rules-template.smack index 02f440f..693d979 100644 --- a/policy/app-rules-template.smack +++ b/policy/app-rules-template.smack @@ -1,5 +1,7 @@ System ~APP~ rwx +System::Privileged ~APP~ rwx ~APP~ System wx +~APP~ System::Privileged wx ~APP~ System::Shared rxl ~APP~ System::Run rwxat ~APP~ System::Log rwxa diff --git a/policy/author-rules-template.smack b/policy/author-rules-template.smack index a40cba8..56e9aa5 100644 --- a/policy/author-rules-template.smack +++ b/policy/author-rules-template.smack @@ -1,2 +1,3 @@ User ~AUTHOR~ rwxat System ~AUTHOR~ rwxat +System::Privileged ~AUTHOR~ rwxat diff --git a/policy/pkg-rules-template.smack b/policy/pkg-rules-template.smack index f94d741..6b98a98 100644 --- a/policy/pkg-rules-template.smack +++ b/policy/pkg-rules-template.smack @@ -1,6 +1,9 @@ System ~PKG~ rwxat System ~PKG~::RO rwxat System ~PKG~::SharedRO rwxat +System::Privileged ~PKG~ rwxat +System::Privileged ~PKG~::RO rwxat +System::Privileged ~PKG~::SharedRO rwxat User ~PKG~ rwxat User ~PKG~::RO rwxat User ~PKG~::SharedRO rwxat diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload index a423e56..fec5318 100755 --- a/policy/security-manager-policy-reload +++ b/policy/security-manager-policy-reload @@ -56,7 +56,7 @@ do done # Non-application programs get access to all privileges -for client in User System +for client in User System System::Privileged do cyad --set-policy --bucket=MANIFESTS --client="$client" --user="*" --privilege="*" --type=ALLOW done diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp index 9903967..b1a3a61 100644 --- a/src/common/smack-rules.cpp +++ b/src/common/smack-rules.cpp @@ -63,6 +63,7 @@ const std::string SMACK_APP_PATH_TARGET_PERMS = "rxl"; const std::string SMACK_APP_DIR_TARGET_PERMS = "x"; const std::string SMACK_USER = "User"; const std::string SMACK_SYSTEM = "System"; +const std::string SMACK_SYSTEM_PRIVILEGED = "System::Privileged"; const std::string SMACK_APP_PATH_SYSTEM_PERMS = "rwxat"; const std::string SMACK_APP_PATH_USER_PERMS = "rwxat"; const std::string TEMPORARY_FILE_SUFFIX = ".temp"; @@ -521,6 +522,7 @@ void SmackRules::applyPrivateSharingRules( } rules.add(SMACK_USER, pathLabel, SMACK_APP_PATH_USER_PERMS); rules.add(SMACK_SYSTEM, pathLabel, SMACK_APP_PATH_SYSTEM_PERMS); + rules.add(SMACK_SYSTEM_PRIVILEGED, pathLabel, SMACK_APP_PATH_SYSTEM_PERMS); } rules.add(targetLabel, pathLabel, SMACK_APP_PATH_TARGET_PERMS); rules.apply(); @@ -548,6 +550,7 @@ void SmackRules::dropPrivateSharingRules( } rules.addModify(SMACK_USER, pathLabel, "", SMACK_APP_PATH_USER_PERMS); rules.addModify(SMACK_SYSTEM, pathLabel, "", SMACK_APP_PATH_SYSTEM_PERMS); + rules.addModify(SMACK_SYSTEM_PRIVILEGED, pathLabel, "", SMACK_APP_PATH_SYSTEM_PERMS); } rules.addModify(targetLabel, pathLabel, "", SMACK_APP_PATH_TARGET_PERMS); rules.apply(); -- 2.7.4 From a066a6392466a3cd4d233d196f017e0ed9ec8dbc Mon Sep 17 00:00:00 2001 From: jooseong lee Date: Thu, 14 Jul 2016 22:03:30 +0900 Subject: [PATCH 04/16] Release version 1.1.11 Add systemd option - Restart Update policy template for onlycap featur Change-Id: Ib3a76acf0f965fbea1d2dc9a275a49e579911aa8 Signed-off-by: jooseong lee --- packaging/security-manager.changes | 5 +++++ packaging/security-manager.spec | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/packaging/security-manager.changes b/packaging/security-manager.changes index 45834d9..62332cb 100644 --- a/packaging/security-manager.changes +++ b/packaging/security-manager.changes @@ -1,3 +1,8 @@ +* Thu Jul 14 2016 Jooseong Lee +* Version 1.1.11 +- Add systemd option - Restart +- Update policy template for onlycap feature + * Fri Jul 01 2016 Tomasz Swierczek * Version 1.1.10 - Don't store application privileges in db diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 5572868..b977b78 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -1,6 +1,6 @@ Name: security-manager Summary: Security manager and utilities -Version: 1.1.10 +Version: 1.1.11 Release: 0 Group: Security/Service License: Apache-2.0 -- 2.7.4 From fb95d645e67d89dc8547a78eeff89137cbed9b61 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Thu, 30 Jun 2016 17:14:08 +0200 Subject: [PATCH 05/16] Handle missing Cynara error codes, throw specific exceptions Some new error codes have been added to Cynara: - CYNARA_API_CONFIGURATION_ERROR - CYNARA_API_INVALID_COMMANDLINE_PARAM - CYNARA_API_BUFFER_TOO_SHORT - CYNARA_API_DATABASE_CORRUPTED Change-Id: Ieb12ca2ff2b7650acbe2478761254bfc7ce7a2c9 Signed-off-by: Rafal Krypa --- src/common/cynara.cpp | 8 ++++++++ src/common/include/cynara.h | 4 ++++ 2 files changed, 12 insertions(+) diff --git a/src/common/cynara.cpp b/src/common/cynara.cpp index f9d1d5f..f66dd38 100644 --- a/src/common/cynara.cpp +++ b/src/common/cynara.cpp @@ -230,6 +230,14 @@ static bool checkCynaraError(int result, const std::string &msg) ThrowMsg(CynaraException::OperationFailed, msg); case CYNARA_API_BUCKET_NOT_FOUND: ThrowMsg(CynaraException::BucketNotFound, msg); + case CYNARA_API_CONFIGURATION_ERROR: + ThrowMsg(CynaraException::ConfigurationError, msg); + case CYNARA_API_INVALID_COMMANDLINE_PARAM: + ThrowMsg(CynaraException::InvalidCommandlineParam, msg); + case CYNARA_API_BUFFER_TOO_SHORT: + ThrowMsg(CynaraException::BufferTooShort, msg); + case CYNARA_API_DATABASE_CORRUPTED: + ThrowMsg(CynaraException::DatabaseCorrupted, msg); default: ThrowMsg(CynaraException::UnknownError, msg); } diff --git a/src/common/include/cynara.h b/src/common/include/cynara.h index 1d267d4..c7c994e 100644 --- a/src/common/include/cynara.h +++ b/src/common/include/cynara.h @@ -67,6 +67,10 @@ public: DECLARE_EXCEPTION_TYPE(Base, OperationFailed) DECLARE_EXCEPTION_TYPE(Base, BucketNotFound) DECLARE_EXCEPTION_TYPE(Base, UnknownError) + DECLARE_EXCEPTION_TYPE(Base, ConfigurationError) + DECLARE_EXCEPTION_TYPE(Base, InvalidCommandlineParam) + DECLARE_EXCEPTION_TYPE(Base, BufferTooShort) + DECLARE_EXCEPTION_TYPE(Base, DatabaseCorrupted) }; struct CynaraAdminPolicy : cynara_admin_policy -- 2.7.4 From 1fae7748b01911cded43e8af093b300cf5c47dc5 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Thu, 30 Jun 2016 17:12:11 +0200 Subject: [PATCH 06/16] Add missing logs in service on several service calls Some service calls do produce debug logs, some other don't. This patch adds missing ones. Change-Id: Ic33c2f2053cf2ee8f4f6b41aa1f0abc92cff1cec Signed-off-by: Rafal Krypa --- src/server/service/service.cpp | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/server/service/service.cpp b/src/server/service/service.cpp index dc3d268..270a37a 100644 --- a/src/server/service/service.cpp +++ b/src/server/service/service.cpp @@ -87,42 +87,55 @@ bool Service::processOne(const ConnectionID &conn, MessageBuffer &buffer, processAppUninstall(buffer, send, creds); break; case SecurityModuleCall::APP_GET_PKG_NAME: + LogDebug("call_type: SecurityModuleCall::APP_GET_PKG_NAME"); processGetPkgName(buffer, send); break; case SecurityModuleCall::APP_GET_GROUPS: + LogDebug("call_type: SecurityModuleCall::APP_GET_GROUPS"); processGetAppGroups(buffer, send, creds); break; case SecurityModuleCall::USER_ADD: + LogDebug("call_type: SecurityModuleCall::USER_ADD"); processUserAdd(buffer, send, creds); break; case SecurityModuleCall::USER_DELETE: + LogDebug("call_type: SecurityModuleCall::USER_DELETE"); processUserDelete(buffer, send, creds); break; case SecurityModuleCall::POLICY_UPDATE: + LogDebug("call_type: SecurityModuleCall::POLICY_UPDATE"); processPolicyUpdate(buffer, send, creds); break; case SecurityModuleCall::GET_CONF_POLICY_ADMIN: + LogDebug("call_type: SecurityModuleCall::GET_CONF_POLICY_ADMIN"); processGetConfiguredPolicy(buffer, send, creds, true); break; case SecurityModuleCall::GET_CONF_POLICY_SELF: + LogDebug("call_type: SecurityModuleCall::GET_CONF_POLICY_SELF"); processGetConfiguredPolicy(buffer, send, creds, false); break; case SecurityModuleCall::GET_POLICY: + LogDebug("call_type: SecurityModuleCall::GET_POLICY"); processGetPolicy(buffer, send, creds); break; case SecurityModuleCall::POLICY_GET_DESCRIPTIONS: + LogDebug("call_type: SecurityModuleCall::POLICY_GET_DESCRIPTIONS"); processPolicyGetDesc(send); break; case SecurityModuleCall::GROUPS_GET: + LogDebug("call_type: SecurityModuleCall::GROUPS_GET"); processGroupsGet(send); break; case SecurityModuleCall::APP_HAS_PRIVILEGE: + LogDebug("call_type: SecurityModuleCall::APP_HAS_PRIVILEGE"); processAppHasPrivilege(buffer, send); break; case SecurityModuleCall::APP_APPLY_PRIVATE_SHARING: + LogDebug("call_type: SecurityModuleCall::APP_APPLY_PRIVATE_SHARING"); processApplyPrivateSharing(buffer, send, creds); break; case SecurityModuleCall::APP_DROP_PRIVATE_SHARING: + LogDebug("call_type: SecurityModuleCall::APP_DROP_PRIVATE_SHARING"); processDropPrivateSharing(buffer, send, creds); break; case SecurityModuleCall::PATHS_REGISTER: -- 2.7.4 From 68aeb87cc84356a24ac336114a35227ec8d5e4d6 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Thu, 28 Apr 2016 15:45:39 +0200 Subject: [PATCH 07/16] Mark old path registration function as deprecated [Problem] security_manager_app_inst_req_add_path is deprecated [Solution] mark as deprecated [Verification] Successfull compilation Change-Id: I55d235d3e98b376348a6373573838fe1489fe750 --- src/include/app-manager.h | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/include/app-manager.h b/src/include/app-manager.h index 0efb77a..d05d451 100644 --- a/src/include/app-manager.h +++ b/src/include/app-manager.h @@ -82,14 +82,21 @@ int security_manager_app_inst_req_add_privilege(app_inst_req *p_req, const char /** * This function is used to add application path to app_inst_req structure, - * it can be called multiple times + * it can be called multiple times. + * + * \deprecated This function is deprecated. Use + * security_manager_path_req_add_path() instead. * * \param[in] p_req Pointer handling app_inst_req structure * \param[in] path Application path * \param[in] path_type Application path type * \return API return code or error code */ -int security_manager_app_inst_req_add_path(app_inst_req *p_req, const char *path, const int path_type); +int security_manager_app_inst_req_add_path( + app_inst_req *p_req, + const char *path, + const int path_type) __attribute__((deprecated( + "Use security_manager_path_req_add_path() instead"))); /** * This function is used to set up user identifier in app_inst_req structure. -- 2.7.4 From a8fd6f712d15593e8bdbcf46bd020dd6556bf149 Mon Sep 17 00:00:00 2001 From: Yunjin Lee Date: Wed, 20 Jul 2016 19:45:02 +0900 Subject: [PATCH 08/16] Set SmackProcessLabel to System::Privileged Change-Id: I01a252b8d209d21440477ff82fc3611f8dc191bf Signed-off-by: Yunjin Lee --- systemd/security-manager-cleanup.service.in | 1 + systemd/security-manager-rules-loader.service.in | 1 + systemd/security-manager.service.in | 1 + 3 files changed, 3 insertions(+) diff --git a/systemd/security-manager-cleanup.service.in b/systemd/security-manager-cleanup.service.in index 9551999..a004d5e 100644 --- a/systemd/security-manager-cleanup.service.in +++ b/systemd/security-manager-cleanup.service.in @@ -7,4 +7,5 @@ Requires=sysinit.target Type=oneshot RemainAfterExit=yes ExecStart = @BIN_INSTALL_DIR@/security-manager-cleanup +SmackProcessLabel=System::Privileged diff --git a/systemd/security-manager-rules-loader.service.in b/systemd/security-manager-rules-loader.service.in index d10a3b5..44a84d5 100644 --- a/systemd/security-manager-rules-loader.service.in +++ b/systemd/security-manager-rules-loader.service.in @@ -7,6 +7,7 @@ DefaultDependencies=no [Service] Type=oneshot ExecStart=/bin/dd if=@LOCAL_STATE_DIR@/security-manager/rules-merged/rules.merged of=/sys/fs/smackfs/load2 bs=20M +SmackProcessLabel=Systemd::Privileged [Install] WantedBy=basic.target diff --git a/systemd/security-manager.service.in b/systemd/security-manager.service.in index cec580e..5205b36 100644 --- a/systemd/security-manager.service.in +++ b/systemd/security-manager.service.in @@ -6,3 +6,4 @@ Type=notify ExecStart=@BIN_INSTALL_DIR@/security-manager Sockets=security-manager.socket Restart=always +SmackProcessLabel=System::Privileged -- 2.7.4 From e3d1a152330636506c602b65d181beb6642d951a Mon Sep 17 00:00:00 2001 From: jooseong lee Date: Thu, 21 Jul 2016 09:56:10 +0900 Subject: [PATCH 09/16] Release version 1.1.12 Handle missing Cynara error codes, throw specific exceptions Add missing logs in service on several service calls Mark old path registration function as deprecated Set SmackProcessLabel to System::Privileged Change-Id: I584efb6ca2783a0ba896512fcbb7a472bdc71c58 Signed-off-by: jooseong lee --- packaging/security-manager.changes | 11 +++++++++-- packaging/security-manager.spec | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/packaging/security-manager.changes b/packaging/security-manager.changes index 62332cb..85c1b15 100644 --- a/packaging/security-manager.changes +++ b/packaging/security-manager.changes @@ -1,10 +1,17 @@ +* Thu Jul 21 2016 Jooseong Lee +- Version 1.1.12 +- Handle missing Cynara error codes, throw specific exceptions +- Add missing logs in service on several service calls +- Mark old path registration function as deprecated +- Set SmackProcessLabel to System::Privileged + * Thu Jul 14 2016 Jooseong Lee -* Version 1.1.11 +- Version 1.1.11 - Add systemd option - Restart - Update policy template for onlycap feature * Fri Jul 01 2016 Tomasz Swierczek -* Version 1.1.10 +- Version 1.1.10 - Don't store application privileges in db - Fix return type in setup_smack function - Do not exit when security_manager_prepare_app fails diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index b977b78..296bfc3 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -1,6 +1,6 @@ Name: security-manager Summary: Security manager and utilities -Version: 1.1.11 +Version: 1.1.12 Release: 0 Group: Security/Service License: Apache-2.0 -- 2.7.4 From 153d2b2d982213697cd67aa0082287836451ac3e Mon Sep 17 00:00:00 2001 From: Yunjin Lee Date: Fri, 22 Jul 2016 10:48:35 +0900 Subject: [PATCH 10/16] Fix typo in service file SmackProcessLabel set Change-Id: I2971f9a7d209869ce3e7919a0b1dd0757225dcd3 Signed-off-by: Yunjin Lee --- systemd/security-manager-rules-loader.service.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systemd/security-manager-rules-loader.service.in b/systemd/security-manager-rules-loader.service.in index 44a84d5..9f597c4 100644 --- a/systemd/security-manager-rules-loader.service.in +++ b/systemd/security-manager-rules-loader.service.in @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=oneshot ExecStart=/bin/dd if=@LOCAL_STATE_DIR@/security-manager/rules-merged/rules.merged of=/sys/fs/smackfs/load2 bs=20M -SmackProcessLabel=Systemd::Privileged +SmackProcessLabel=System::Privileged [Install] WantedBy=basic.target -- 2.7.4 From a6617fad4a4e3b22d5f1f2fdc02c34041128aaf2 Mon Sep 17 00:00:00 2001 From: Yunjin Lee Date: Fri, 22 Jul 2016 10:53:56 +0900 Subject: [PATCH 11/16] Release version 1.1.13 Change-Id: Ifd347ce6176c19b2b08906b11386aac62ce2df14 Signed-off-by: Yunjin Lee --- packaging/security-manager.changes | 4 ++++ packaging/security-manager.spec | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/packaging/security-manager.changes b/packaging/security-manager.changes index 85c1b15..14aed5f 100644 --- a/packaging/security-manager.changes +++ b/packaging/security-manager.changes @@ -1,3 +1,7 @@ +* Fri Jul 22 2016 Yunjin Lee +- Version 1.1.13 +- Fix typo in service file SmackProcessLabel set + * Thu Jul 21 2016 Jooseong Lee - Version 1.1.12 - Handle missing Cynara error codes, throw specific exceptions diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 296bfc3..325ffef 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -1,6 +1,6 @@ Name: security-manager Summary: Security manager and utilities -Version: 1.1.12 +Version: 1.1.13 Release: 0 Group: Security/Service License: Apache-2.0 -- 2.7.4 From 87293e03e6d52ec255a61eaf99f75bbf29a6001c Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Wed, 6 Apr 2016 15:55:20 +0200 Subject: [PATCH 12/16] Fix contraints for app installation. [Problem] It's possible to insert an app similar to existing one (differs with version, pkg name, author name) or pollute the db with unused entries in pkg and author. [Solution] Split app table into app(package) and user_app(instances). Introduce more strict constraint checking. [Verification] Run security-manager-tests --regexp=49 (and all remaining tests as a regression check) Change-Id: I2fb02f75981748024de93c2d486fa6eb8afaf88a --- db/db.sql | 66 +++++++++++++++++++++++++++------------ db/updates/update-db-to-v6.sql | 26 +++++++++++++++ src/common/include/privilege_db.h | 12 +++---- src/common/service_impl.cpp | 7 ----- 4 files changed, 78 insertions(+), 33 deletions(-) create mode 100644 db/updates/update-db-to-v6.sql diff --git a/db/db.sql b/db/db.sql index bc83937..805baa0 100644 --- a/db/db.sql +++ b/db/db.sql @@ -4,7 +4,7 @@ PRAGMA auto_vacuum = NONE; BEGIN EXCLUSIVE TRANSACTION; -PRAGMA user_version = 5; +PRAGMA user_version = 6; CREATE TABLE IF NOT EXISTS pkg ( pkg_id INTEGER PRIMARY KEY, @@ -14,16 +14,24 @@ UNIQUE (name) FOREIGN KEY (author_id) REFERENCES author (author_id) ); +/* Application */ CREATE TABLE IF NOT EXISTS app ( app_id INTEGER PRIMARY KEY, pkg_id INTEGER NOT NULL, -uid INTEGER NOT NULL, name VARCHAR NOT NULL, version VARCHAR NOT NULL, -UNIQUE (name, uid), +UNIQUE (name), FOREIGN KEY (pkg_id) REFERENCES pkg (pkg_id) ); +/* Instance of 'app' installed for given user ('uid') */ +CREATE TABLE IF NOT EXISTS user_app ( +app_id INTEGER NOT NULL, +uid INTEGER NOT NULL, +PRIMARY KEY (app_id, uid), +FOREIGN KEY (app_id) REFERENCES app (app_id) +); + CREATE TABLE IF NOT EXISTS shared_path ( path_id INTEGER PRIMARY KEY, path VARCHAR NOT NULL, @@ -52,27 +60,38 @@ CREATE TABLE IF NOT EXISTS author ( UNIQUE (name) ); -DROP VIEW IF EXISTS app_pkg_view; -CREATE VIEW app_pkg_view AS +DROP VIEW IF EXISTS user_app_pkg_view; +CREATE VIEW user_app_pkg_view AS SELECT - app.app_id, + user_app.uid, + user_app.app_id, app.name as app_name, app.pkg_id, - app.uid, - pkg.name as pkg_name, app.version as version, pkg.author_id, + pkg.name as pkg_name, author.name as author_name -FROM app +FROM user_app +LEFT JOIN app USING (app_id) LEFT JOIN pkg USING (pkg_id) LEFT JOIN author USING (author_id); -DROP TRIGGER IF EXISTS app_pkg_view_insert_trigger; -CREATE TRIGGER app_pkg_view_insert_trigger -INSTEAD OF INSERT ON app_pkg_view +DROP TRIGGER IF EXISTS user_app_pkg_view_insert_trigger; +CREATE TRIGGER user_app_pkg_view_insert_trigger +INSTEAD OF INSERT ON user_app_pkg_view BEGIN + SELECT RAISE(ABORT, 'Application already installed with different pkg_name') + WHERE EXISTS (SELECT 1 FROM user_app_pkg_view + WHERE app_name=NEW.app_name + AND pkg_name!=NEW.pkg_name); + + SELECT RAISE(ABORT, 'Application already installed with different version') + WHERE EXISTS (SELECT 1 FROM user_app_pkg_view + WHERE app_name=NEW.app_name + AND version!=NEW.version); + SELECT RAISE(ABORT, 'Another application from this package is already installed with different author') - WHERE EXISTS (SELECT 1 FROM app_pkg_view + WHERE EXISTS (SELECT 1 FROM user_app_pkg_view WHERE pkg_name=NEW.pkg_name AND author_name IS NOT NULL AND NEW.author_name IS NOT NULL @@ -82,20 +101,27 @@ BEGIN INSERT OR IGNORE INTO pkg(name, author_id) VALUES ( NEW.pkg_name, (SELECT author_id FROM author WHERE name=NEW.author_name)); + -- If pkg have already existed with empty author do update it - UPDATE pkg SET author_id=(SELECT author_id FROM author WHERE name=NEW.author_name) WHERE name=NEW.pkg_name AND author_id IS NULL; - INSERT OR IGNORE INTO app(pkg_id, name, uid, version) VALUES ( + UPDATE pkg SET author_id=(SELECT author_id FROM author WHERE name=NEW.author_name) + WHERE name=NEW.pkg_name AND author_id IS NULL; + + INSERT OR IGNORE INTO app (pkg_id, name, version) VALUES ( (SELECT pkg_id FROM pkg WHERE name=NEW.pkg_name), NEW.app_name, - NEW.uid, NEW.version); + + INSERT OR IGNORE INTO user_app (app_id, uid) VALUES ( + (SELECT app_id FROM app WHERE name=NEW.app_name), + NEW.uid); END; -DROP TRIGGER IF EXISTS app_pkg_view_delete_trigger; -CREATE TRIGGER app_pkg_view_delete_trigger -INSTEAD OF DELETE ON app_pkg_view +DROP TRIGGER IF EXISTS user_app_pkg_view_delete_trigger; +CREATE TRIGGER user_app_pkg_view_delete_trigger +INSTEAD OF DELETE ON user_app_pkg_view BEGIN - DELETE FROM app WHERE app_id=OLD.app_id AND uid=OLD.uid; + DELETE FROM user_app WHERE app_id=OLD.app_id AND uid=OLD.uid; + DELETE FROM app WHERE app_id NOT IN (SELECT DISTINCT app_id FROM user_app); DELETE FROM pkg WHERE pkg_id NOT IN (SELECT DISTINCT pkg_id from app); DELETE FROM author WHERE author_id NOT IN (SELECT DISTINCT author_id FROM pkg WHERE author_id IS NOT NULL); END; diff --git a/db/updates/update-db-to-v6.sql b/db/updates/update-db-to-v6.sql new file mode 100644 index 0000000..44491a1 --- /dev/null +++ b/db/updates/update-db-to-v6.sql @@ -0,0 +1,26 @@ +BEGIN EXCLUSIVE TRANSACTION; + +PRAGMA user_version = 6; + +CREATE TABLE app_new ( + app_id INTEGER PRIMARY KEY, + pkg_id INTEGER NOT NULL, + name VARCHAR NOT NULL, + version VARCHAR NOT NULL, + UNIQUE (name), + FOREIGN KEY (pkg_id) REFERENCES pkg (pkg_id) +); + +CREATE TABLE user_app ( + app_id INTEGER NOT NULL, + uid INTEGER NOT NULL, + PRIMARY KEY (app_id, uid), + FOREIGN KEY (app_id) REFERENCES app (app_id) +); + +INSERT INTO user_app SELECT app_id, uid FROM app; +INSERT INTO app_new SELECT app_id, pkg_id, name, version FROM app; +DROP TABLE app; +ALTER TABLE app_new RENAME TO app; + +COMMIT TRANSACTION; diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h index eefdd86..3216401 100644 --- a/src/common/include/privilege_db.h +++ b/src/common/include/privilege_db.h @@ -100,11 +100,11 @@ private: SecurityManager::DB::SqlConnection *mSqlConnection; const std::map Queries = { - { StmtType::EAddApplication, "INSERT INTO app_pkg_view (app_name, pkg_name, uid, version, author_name) VALUES (?, ?, ?, ?, ?)" }, - { StmtType::ERemoveApplication, "DELETE FROM app_pkg_view WHERE app_name=? AND uid=?" }, + { StmtType::EAddApplication, "INSERT INTO user_app_pkg_view (app_name, pkg_name, uid, version, author_name) VALUES (?, ?, ?, ?, ?)" }, + { StmtType::ERemoveApplication, "DELETE FROM user_app_pkg_view WHERE app_name=? AND uid=?" }, { StmtType::EPkgNameExists, "SELECT count(*) FROM pkg WHERE name=?" }, { StmtType::EAppNameExists, "SELECT count(*) FROM app WHERE name=?" }, - { StmtType::EGetAppPkgName, "SELECT pkg_name FROM app_pkg_view WHERE app_name = ?" }, + { StmtType::EGetAppPkgName, "SELECT pkg_name FROM user_app_pkg_view WHERE app_name = ?" }, { StmtType::EGetAppVersion, "SELECT version FROM app WHERE name = ?" }, { StmtType::EGetPathSharedCount, "SELECT COUNT(*) FROM app_private_sharing_view WHERE path = ?"}, { StmtType::EGetTargetPathSharedCount, "SELECT COUNT(*) FROM app_private_sharing_view WHERE target_app_name = ? AND path = ?"}, @@ -118,9 +118,9 @@ private: { StmtType::EClearSharing, "DELETE FROM app_private_sharing;"}, { StmtType::EClearPrivatePaths, "DELETE FROM shared_path;"}, { StmtType::EGetPrivilegeGroups, " SELECT group_name FROM privilege_group WHERE privilege_name = ?" }, - { StmtType::EGetUserApps, "SELECT name FROM app WHERE uid=?" }, - { StmtType::EGetTizen2XPackages, "SELECT DISTINCT pkg_name FROM app_pkg_view WHERE version LIKE '2.%%'" }, - { StmtType::EGetAppsInPkg, " SELECT app_name FROM app_pkg_view WHERE pkg_name = ?" }, + { StmtType::EGetUserApps, "SELECT app_name FROM user_app_pkg_view WHERE uid=?" }, + { StmtType::EGetTizen2XPackages, "SELECT DISTINCT pkg_name FROM user_app_pkg_view WHERE version LIKE '2.%%'" }, + { StmtType::EGetAppsInPkg, " SELECT app_name FROM user_app_pkg_view WHERE pkg_name = ?" }, { StmtType::EGetGroups, "SELECT DISTINCT group_name FROM privilege_group" }, { StmtType::EGetPkgAuthorId, "SELECT author_id FROM pkg WHERE name = ? AND author_id IS NOT NULL"}, { StmtType::EAuthorIdExists, "SELECT count(*) FROM author where author_id=?"}, diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp index 2aa0856..e88ccd6 100644 --- a/src/common/service_impl.cpp +++ b/src/common/service_impl.cpp @@ -463,13 +463,6 @@ int ServiceImpl::appInstall(const Credentials &creds, app_inst_req &&req) ", pkg label: " << pkgLabel); PrivilegeDb::getInstance().BeginTransaction(); - std::string pkg; - PrivilegeDb::getInstance().GetAppPkgName(req.appName, pkg); - if (!pkg.empty() && pkg != req.pkgName) { - LogError("Application already installed with different package name"); - PrivilegeDb::getInstance().RollbackTransaction(); - return SECURITY_MANAGER_ERROR_INPUT_PARAM; - } PrivilegeDb::getInstance().AddApplication(req.appName, req.pkgName, req.uid, req.tizenVersion, req.authorName); /* Get all application ids in the package to generate rules withing the package */ -- 2.7.4 From 555bb3b8b9bd276cb1c09cc8f700b7b12339b0f1 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Wed, 1 Jun 2016 10:24:29 +0200 Subject: [PATCH 13/16] Simplify declaration and generation of unique_ptrs The unique_ptr-based RAII pattern is used in several places in security-manager. Declaration of unique pointer variables can be awkward and hard to read. This patch hides the nasty details of unique_ptr types declaration behind a template function. It is loosely inspired by std::make_unique from C++14. Change-Id: Ifbd8b5ab409fd8646d149d6294cb60bd2ac873a8 --- src/client/check-proper-drop.cpp | 38 +++++++++++------------- src/client/client-label-monitor.cpp | 45 ++++++++++++++--------------- src/client/client-security-manager.cpp | 8 ++--- src/common/filesystem.cpp | 5 ++-- src/common/include/utils.h | 53 ++++++++++++++++++++++++++++++++++ src/common/service_impl.cpp | 3 +- src/common/smack-labels.cpp | 8 ++--- 7 files changed, 103 insertions(+), 57 deletions(-) create mode 100644 src/common/include/utils.h diff --git a/src/client/check-proper-drop.cpp b/src/client/check-proper-drop.cpp index 4d136c5..6c6180c 100644 --- a/src/client/check-proper-drop.cpp +++ b/src/client/check-proper-drop.cpp @@ -24,7 +24,8 @@ #include "check-proper-drop.h" #include "smack-labels.h" -#include +#include "dpl/log/log.h" +#include "utils.h" #include @@ -33,10 +34,6 @@ namespace SecurityManager { -using proctabPtr = std::unique_ptr; -using capPtr = std::unique_ptr<_cap_struct, int (*)(void*)>; -using capStrPtr = std::unique_ptr; - CheckProperDrop::~CheckProperDrop() { for (const auto &thread : m_threads) @@ -47,18 +44,17 @@ CheckProperDrop::~CheckProperDrop() void CheckProperDrop::getThreads() { pid_t pid[2] = {m_pid, 0}; - proctabPtr PT(openproc(PROC_FILLSTATUS | PROC_PID, pid), closeproc); - if (!PT) - ThrowMsg(Exception::ProcError, - "Unable to open proc interface"); + auto proctabPtr = makeUnique(openproc(PROC_FILLSTATUS | PROC_PID, pid), closeproc); + if (!proctabPtr) + ThrowMsg(Exception::ProcError, "Unable to open proc interface"); - m_proc = readproc(PT.get(), nullptr); + m_proc = readproc(proctabPtr.get(), nullptr); if (!m_proc) ThrowMsg(Exception::ProcError, "Unable read process information for " << pid); proc_t *thread; - while ((thread = readtask(PT.get(), m_proc, nullptr))) + while ((thread = readtask(proctabPtr.get(), m_proc, nullptr))) if (thread->tid != m_pid) m_threads.push_back(thread); } @@ -79,29 +75,29 @@ bool CheckProperDrop::checkThreads() std::string smackProc = SmackLabels::getSmackLabelFromPid(m_pid); - capPtr capProc(cap_get_pid(m_pid), cap_free); - if (!capProc) + auto capProcPtr = makeUnique(cap_get_pid(m_pid), cap_free); + if (!capProcPtr) ThrowMsg(Exception::CapError, "Unable to get capabilities for " << m_pid); - capStrPtr capStrProc(cap_to_text(capProc.get(), nullptr), cap_free); - if (!capStrProc) + auto capProcStrPtr = makeUnique(cap_to_text(capProcPtr.get(), nullptr), cap_free); + if (!capProcStrPtr) ThrowMsg(Exception::CapError, "Unable to get capabilities for " << m_pid); for (const auto &thread : m_threads) { - capPtr capThread(cap_get_pid(thread->tid), cap_free); - if (!capThread) + auto capThreadPtr = makeUnique(cap_get_pid(thread->tid), cap_free); + if (!capThreadPtr) ThrowMsg(Exception::CapError, "Unable to get capabilities for " << thread->tid); - if (cap_compare(capProc.get(), capThread.get())) { - capStrPtr capStrThread(cap_to_text(capThread.get(), nullptr), cap_free); - if (!capStrThread) + if (cap_compare(capProcPtr.get(), capThreadPtr.get())) { + auto capStrThreadPtr = makeUnique(cap_to_text(capThreadPtr.get(), nullptr), cap_free); + if (!capStrThreadPtr) ThrowMsg(Exception::CapError, "Unable to get capabilities for " << thread->tid); REPORT_THREAD_ERROR(thread->tid, "capabilities", - capStrProc.get(), capStrThread.get()); + capProcStrPtr.get(), capStrThreadPtr.get()); } std::string smackThread = SmackLabels::getSmackLabelFromPid(thread->tid); diff --git a/src/client/client-label-monitor.cpp b/src/client/client-label-monitor.cpp index 675ff1a..c06a06c 100644 --- a/src/client/client-label-monitor.cpp +++ b/src/client/client-label-monitor.cpp @@ -48,6 +48,7 @@ #include #include #include +#include struct app_labels_monitor { int inotify; @@ -99,7 +100,6 @@ static lib_retcode inotify_add_watch_full(int fd, const char* pathname, uint32_t SECURITY_MANAGER_API int security_manager_app_labels_monitor_init(app_labels_monitor **monitor) { - typedef std::unique_ptr monitorPtr; return try_catch([&] { LogDebug("security_manager_app_labels_monitor_init() called"); if (monitor == nullptr) { @@ -111,8 +111,8 @@ int security_manager_app_labels_monitor_init(app_labels_monitor **monitor) *monitor = nullptr; - monitorPtr m(new app_labels_monitor, security_manager_app_labels_monitor_finish); - if (!m) { + auto monitorPtr = makeUnique(new app_labels_monitor, security_manager_app_labels_monitor_finish); + if (!monitorPtr) { LogError("Bad memory allocation for app_labels_monitor"); return SECURITY_MANAGER_ERROR_MEMORY; } @@ -129,20 +129,20 @@ int security_manager_app_labels_monitor_init(app_labels_monitor **monitor) LogError("Inotify init failed: " << GetErrnoString(errno)); return SECURITY_MANAGER_ERROR_WATCH_ADD_TO_FILE_FAILED; } - m.get()->inotify = ret; - ret_lib = inotify_add_watch_full(m.get()->inotify, globalFile.c_str(), - IN_CLOSE_WRITE, &(m.get()->global_labels_file_watch)); + monitorPtr.get()->inotify = ret; + ret_lib = inotify_add_watch_full(monitorPtr->inotify, globalFile.c_str(), + IN_CLOSE_WRITE, &(monitorPtr->global_labels_file_watch)); if (ret_lib != SECURITY_MANAGER_SUCCESS) { return ret_lib; } - ret_lib = inotify_add_watch_full(m.get()->inotify, - userFile.c_str(), IN_CLOSE_WRITE, &(m.get()->user_labels_file_watch)); + ret_lib = inotify_add_watch_full(monitorPtr->inotify, userFile.c_str(), + IN_CLOSE_WRITE, &(monitorPtr->user_labels_file_watch)); if (ret_lib != SECURITY_MANAGER_SUCCESS) { return ret_lib; } - m->user_label_file_path = userFile; - m->global_label_file_path = globalFile; - *monitor = m.release(); + monitorPtr->user_label_file_path = userFile; + monitorPtr->global_label_file_path = globalFile; + *monitor = monitorPtr.release(); return SECURITY_MANAGER_SUCCESS; }); } @@ -156,25 +156,23 @@ void security_manager_app_labels_monitor_finish(app_labels_monitor *monitor) LogDebug("input param \"monitor\" is nullptr"); return 0; } - std::unique_ptr m(monitor); - if (!m) - LogError("Bad memory allocation for app_labels_monitor"); - if (monitor->inotify != -1) { - if (monitor->global_labels_file_watch != -1) { - int ret = inotify_rm_watch(monitor->inotify, monitor->global_labels_file_watch); + auto monitorPtr = makeUnique(monitor); + if (monitorPtr->inotify != -1) { + if (monitorPtr->global_labels_file_watch != -1) { + int ret = inotify_rm_watch(monitorPtr->inotify, monitorPtr->global_labels_file_watch); if (ret == -1) { LogError("Inotify watch removal failed on file " << Config::APPS_NAME_FILE << ": " << GetErrnoString(errno)); } } - if (monitor->user_labels_file_watch != -1) { - int ret = inotify_rm_watch(monitor->inotify, monitor->user_labels_file_watch); + if (monitorPtr->user_labels_file_watch != -1) { + int ret = inotify_rm_watch(monitorPtr->inotify, monitorPtr->user_labels_file_watch); if (ret == -1) { LogError("Inotify watch removal failed on file " << monitor->user_label_file_path << ": " << GetErrnoString(errno)); } } - close(monitor->inotify); + close(monitorPtr->inotify); } return 0; }); @@ -210,7 +208,6 @@ int security_manager_app_labels_monitor_get_fd(app_labels_monitor const *monitor SECURITY_MANAGER_API int security_manager_app_labels_monitor_process(app_labels_monitor *monitor) { - typedef std::unique_ptr bufPtr; return try_catch([&] { LogDebug("security_manager_app_labels_process() called"); if (monitor == nullptr) { @@ -237,9 +234,9 @@ int security_manager_app_labels_monitor_process(app_labels_monitor *monitor) return SECURITY_MANAGER_ERROR_UNKNOWN; } - bufPtr buffer(static_cast(malloc(avail)), free); + auto bufPtr = makeUnique(avail); for (int pos = 0; pos < avail;) { - int ret = TEMP_FAILURE_RETRY(read(monitor->inotify, buffer.get() + pos, avail - pos)); + int ret = TEMP_FAILURE_RETRY(read(monitor->inotify, bufPtr.get() + pos, avail - pos)); if (ret == -1) { LogError("Inotify read failed: " << GetErrnoString(errno)); return SECURITY_MANAGER_ERROR_UNKNOWN; @@ -251,7 +248,7 @@ int security_manager_app_labels_monitor_process(app_labels_monitor *monitor) struct inotify_event event; /* Event must be copied to avoid memory alignment issues */ - memcpy(&event, buffer.get() + pos, sizeof(struct inotify_event)); + memcpy(&event, bufPtr.get() + pos, sizeof(struct inotify_event)); pos += sizeof(struct inotify_event) + event.len; if ((event.mask & IN_CLOSE_WRITE) && ((event.wd == monitor->global_labels_file_watch) || diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp index 51f1b88..e9dc7d7 100644 --- a/src/client/client-security-manager.cpp +++ b/src/client/client-security-manager.cpp @@ -54,6 +54,7 @@ #include #include #include +#include #include #include @@ -397,7 +398,7 @@ static int getProcessGroups(std::vector &groups) } int cnt = ret; - std::unique_ptr groupsPtr(new gid_t[cnt]); + auto groupsPtr = makeUnique(cnt); if (!groupsPtr) { LogError("Memory allocation failed."); return SECURITY_MANAGER_ERROR_MEMORY; @@ -1179,11 +1180,10 @@ int security_manager_groups_get(char ***groups, size_t *groups_count) const auto vgroups_size = vgroups.size(); LogInfo("Number of groups: " << vgroups_size); - std::unique_ptr> array( - static_cast(calloc(vgroups_size, sizeof(char *))), + auto array = makeUnique(static_cast(calloc(vgroups_size, sizeof(char *))), std::bind(security_manager_groups_free, std::placeholders::_1, vgroups_size)); - if (array == nullptr) + if (!array) return SECURITY_MANAGER_ERROR_MEMORY; for (size_t i = 0; i < vgroups_size; ++i) { diff --git a/src/common/filesystem.cpp b/src/common/filesystem.cpp index 6582104..0993a6a 100644 --- a/src/common/filesystem.cpp +++ b/src/common/filesystem.cpp @@ -38,6 +38,7 @@ #include #include +#include namespace SecurityManager { namespace FS { @@ -57,9 +58,9 @@ FileNameVector getDirContents(const std::string &path, const mode_t &mode) FileNameVector result; dirent tmp, *ptr; int err; - std::unique_ptr dir(opendir(path.c_str()), closedir); + auto dir = makeUnique(opendir(path.c_str()), closedir); - if (!dir.get()) { + if (!dir) { err = errno; ThrowMsg(FS::Exception::FileError, "Error opening directory: " << GetErrnoString(err)); } diff --git a/src/common/include/utils.h b/src/common/include/utils.h new file mode 100644 index 0000000..9367d86 --- /dev/null +++ b/src/common/include/utils.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Rafal Krypa + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file utils.h + * @author Rafal Krypa + * @version 1.0 + * @brief Utility macros and templates + */ + +#pragma once + +#include +#include + +namespace SecurityManager { + +// Pointer +template +std::unique_ptr makeUnique(T *ptr) +{ + return std::unique_ptr(ptr); +} + +// Pointer & deleter func +template +std::unique_ptr makeUnique(T *ptr, F func) +{ + return std::unique_ptr(ptr, func); +} + +// Array - borrowed from C++14 +template +std::unique_ptr makeUnique(size_t size) +{ + return std::unique_ptr(new typename std::remove_extent::type[size]); +} + +} /* namespace SecurityManager */ diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp index e88ccd6..9ce8555 100644 --- a/src/common/service_impl.cpp +++ b/src/common/service_impl.cpp @@ -47,6 +47,7 @@ #include "smack-labels.h" #include "security-manager.h" #include "tzplatform-config.h" +#include "utils.h" #include "service_impl.h" @@ -218,7 +219,7 @@ bool ServiceImpl::isSubDir(const std::string &parent, const std::string &subdir) std::string ServiceImpl::realPath(const std::string &path) { - std::unique_ptr real_pathPtr(realpath(path.c_str(), nullptr), free); + auto real_pathPtr = makeUnique(realpath(path.c_str(), nullptr), free); if (!real_pathPtr) { LogError("Error in realpath(): " << GetErrnoString(errno) << " for: " << path); return std::string(); diff --git a/src/common/smack-labels.cpp b/src/common/smack-labels.cpp index 07394b8..16710a2 100644 --- a/src/common/smack-labels.cpp +++ b/src/common/smack-labels.cpp @@ -43,6 +43,7 @@ #include "security-manager.h" #include "smack-labels.h" +#include "utils.h" namespace SecurityManager { @@ -86,10 +87,7 @@ static void dirSetSmack(const std::string &path, const std::string &label, char *const path_argv[] = {const_cast(path.c_str()), NULL}; FTSENT *ftsent; - std::unique_ptr > fts( - fts_open(path_argv, FTS_PHYSICAL | FTS_NOCHDIR, NULL), - fts_close); - + auto fts = makeUnique(fts_open(path_argv, FTS_PHYSICAL | FTS_NOCHDIR, NULL), fts_close); if (!fts) { LogError("fts_open failed."); ThrowMsg(SmackException::FileError, "fts_open failed."); @@ -265,7 +263,7 @@ static std::string getSmackLabel(FuncType func, ArgsType... args) ssize_t labelLen = func(args..., &label); if (labelLen <= 0) ThrowMsg(SmackException::Base, "Error while getting Smack label"); - std::unique_ptr labelPtr(label, free); + auto labelPtr = makeUnique(label, free); return std::string(labelPtr.get(), labelLen); } -- 2.7.4 From 4ab24341b05c733d47a72b60e558bf0064b8a8ab Mon Sep 17 00:00:00 2001 From: Radoslaw Bartosiak Date: Thu, 4 Aug 2016 19:09:53 +0200 Subject: [PATCH 14/16] Moving user and global apps-names files to /opt/var Due to introduction of lazymount, config files must be moved to new destinations (which are mounted earlier) *) /opt/var/security-manager/apps-names (global file) **) /opt/var/security-manager/{USER}/apps-names (local file) Change-Id: Iaf7ec74d8bc596eb377b15aad9cab9f8f857d966 Signed-off-by: Radoslaw Bartosiak --- packaging/security-manager.spec | 12 ++---- src/common/config.cpp | 2 + src/common/include/config.h | 3 ++ src/common/permissible-set.cpp | 10 +++-- src/common/service_impl.cpp | 79 ++++++++++++++++++++++++++++++++++-- src/include/security-manager-types.h | 2 + 6 files changed, 94 insertions(+), 14 deletions(-) diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 325ffef..abec54d 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -63,8 +63,6 @@ Requires(post): tizen-platform-config-tools %description policy Set of security rules that constitute security policy in the system -%define TZ_SKEL_APP %(tzplatform-get TZ_USER_APP | cut -d= -f2 | sed "s|^$HOME|%{_sysconfdir}/skel|") - %prep %setup -q cp %{SOURCE1} . @@ -106,8 +104,7 @@ mkdir -p %{buildroot}/%{TZ_SYS_DB} touch %{buildroot}/%{TZ_SYS_DB}/.security-manager.db touch %{buildroot}/%{TZ_SYS_DB}/.security-manager.db-journal -install -m 0444 -D /dev/null %{buildroot}%{TZ_SKEL_APP}/apps-names -install -m 0444 -D /dev/null %{buildroot}%{TZ_SYS_RW_APP}/apps-names +install -m 0444 -D /dev/null %{buildroot}%{TZ_SYS_VAR}/security-manager/apps-names %clean rm -rf %{buildroot} @@ -131,8 +128,7 @@ fi chsmack -a System %{TZ_SYS_DB}/.security-manager.db chsmack -a System %{TZ_SYS_DB}/.security-manager.db-journal -chsmack -a _ %{TZ_SKEL_APP}/apps-names -chsmack -a _ %{TZ_SYS_RW_APP}/apps-names +chsmack -r -a _ %{TZ_SYS_VAR}/security-manager/ %preun if [ $1 = 0 ]; then @@ -163,8 +159,8 @@ fi %attr(755,root,root) %{_bindir}/security-manager-cleanup %attr(755,root,root) %{_sysconfdir}/gumd/useradd.d/50_security-manager-add.post %attr(755,root,root) %{_sysconfdir}/gumd/userdel.d/50_security-manager-remove.pre -%config(noreplace) %attr(444,root,root) %{TZ_SKEL_APP}/apps-names -%config(noreplace) %attr(444,root,root) %{TZ_SYS_RW_APP}/apps-names +%config(noreplace) %attr(444,root,root) %{TZ_SYS_VAR}/security-manager/apps-names +%dir %attr(711,root,root) %{TZ_SYS_VAR}/security-manager/ %dir %attr(700,root,root) %{TZ_SYS_VAR}/security-manager/rules %dir %attr(700,root,root) %{TZ_SYS_VAR}/security-manager/rules-merged diff --git a/src/common/config.cpp b/src/common/config.cpp index 761a4e2..342e706 100644 --- a/src/common/config.cpp +++ b/src/common/config.cpp @@ -28,6 +28,8 @@ namespace SecurityManager { namespace Config { +const std::string SERVICE_NAME = "security-manager"; + const std::string PRIVILEGE_APPINST_USER = "http://tizen.org/privilege/notexist"; const std::string PRIVILEGE_APPINST_ADMIN = "http://tizen.org/privilege/notexist"; const std::string PRIVILEGE_USER_ADMIN = "http://tizen.org/privilege/internal/usermanagement"; diff --git a/src/common/include/config.h b/src/common/include/config.h index 70f07ed..c6aeb7c 100644 --- a/src/common/include/config.h +++ b/src/common/include/config.h @@ -30,6 +30,9 @@ namespace SecurityManager { namespace Config { +/* Service name */ + +extern const std::string SERVICE_NAME; /* Privileges required from users of our API */ extern const std::string PRIVILEGE_APPINST_USER; diff --git a/src/common/permissible-set.cpp b/src/common/permissible-set.cpp index 6c37bce..d8086a6 100644 --- a/src/common/permissible-set.cpp +++ b/src/common/permissible-set.cpp @@ -74,9 +74,13 @@ std::string getPerrmissibleFileLocation(uid_t uid, int installationType) TizenPlatformConfig tpc(uid); if ((installationType == SM_APP_INSTALL_GLOBAL) || (installationType == SM_APP_INSTALL_PRELOADED)) - return tpc.ctxMakePath(TZ_SYS_RW_APP, Config::APPS_NAME_FILE.c_str()); - else - return tpc.ctxMakePath(TZ_USER_APP, Config::APPS_NAME_FILE.c_str()); + return tpc.ctxMakePath(TZ_SYS_VAR, Config::SERVICE_NAME, + Config::APPS_NAME_FILE.c_str()); + else { + std::string user = tpc.ctxGetEnv(TZ_USER_NAME); + return tpc.ctxMakePath(TZ_SYS_VAR, Config::SERVICE_NAME, user, + Config::APPS_NAME_FILE.c_str()); + } } static void markPermissibleFileValid(int fd, const std::string &nameFile, bool valid) diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp index 9ce8555..5268730 100644 --- a/src/common/service_impl.cpp +++ b/src/common/service_impl.cpp @@ -24,11 +24,15 @@ * @brief Implementation of the service methods */ +#include #include +#include #include #include #include #include +#include +#include #include #include @@ -37,6 +41,7 @@ #include #include +#include #include #include "protocols.h" @@ -154,6 +159,45 @@ bool fileExists(const std::string &path) { return (stat(path.c_str(), &buffer) == 0) && S_ISREG(buffer.st_mode); } +lib_retcode makeDirIfNotExists(const std::string &path, mode_t mode, const std::string &label) +{ + if (mkdir(path.c_str(), mode) != 0 && errno != EEXIST) { + LogError("Creation of directory " + path + "failed"); + return SECURITY_MANAGER_ERROR_FILE_CREATE_FAILED; + } + if (smack_set_label_for_path(path.c_str(), XATTR_NAME_SMACK, 0, label.c_str()) < 0) { + LogError("Setting smack label failed for: " << path); + return SECURITY_MANAGER_ERROR_SETTING_FILE_LABEL_FAILED; + } + return SECURITY_MANAGER_SUCCESS; +} + +lib_retcode initializeUserAppsNameConfig(uid_t userAdded, const std::string &label) { + TizenPlatformConfig tpc(userAdded); + std::string user = tpc.ctxGetEnv(TZ_USER_NAME); + std::string userDirectory = tpc.ctxMakePath(TZ_SYS_VAR, Config::SERVICE_NAME, user); + std::string userFile = tpc.ctxMakePath(TZ_SYS_VAR, Config::SERVICE_NAME, user, + Config::APPS_NAME_FILE); + lib_retcode ret = makeDirIfNotExists(userDirectory, S_IRUSR|S_IXUSR|S_IWUSR|S_IXGRP|S_IXOTH, + label); + if (ret != SECURITY_MANAGER_SUCCESS) + return ret; + int fd = open(userFile.c_str(), O_CREAT|O_WRONLY, S_IRUSR|S_IRGRP|S_IROTH); + if (fd == -1) { + LogError("File creation failed with: " << GetErrnoString(errno) << " for: " << userFile); + return SECURITY_MANAGER_ERROR_FILE_CREATE_FAILED; + } + if (smack_set_label_for_file(fd, XATTR_NAME_SMACK, label.c_str()) < 0) { + LogError("Setting smack label for file: " << userFile << "failed"); + return SECURITY_MANAGER_ERROR_SETTING_FILE_LABEL_FAILED; + } + if (close(fd) == -1) { + LogWarning("Close of file failed with: " << GetErrnoString(errno) << " for: " << userFile); + } + + return SECURITY_MANAGER_SUCCESS; +} + class ScopedTransaction { public: ScopedTransaction() : m_isCommited(false) { @@ -773,12 +817,16 @@ int ServiceImpl::userAdd(const Credentials &creds, uid_t uidAdded, int userType) LogError("Caller is not permitted to manage users"); return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; } - try { + lib_retcode ret; CynaraAdmin::getInstance().UserInit(uidAdded, static_cast(userType), isPrivilegePrivacy); - + if ((ret = initializeUserAppsNameConfig(uidAdded, "_")) != SECURITY_MANAGER_SUCCESS) + return ret; } catch (CynaraException::InvalidParam &e) { return SECURITY_MANAGER_ERROR_INPUT_PARAM; + } catch (const std::exception &e) { + LogError("Memory allocation error while adding user: " << e.what()); + return SECURITY_MANAGER_ERROR_SERVER_ERROR; } return SECURITY_MANAGER_SUCCESS; } @@ -814,7 +862,32 @@ int ServiceImpl::userDelete(const Credentials &creds, uid_t uidDeleted) ret = SECURITY_MANAGER_ERROR_SERVER_ERROR; } } - + try { + TizenPlatformConfig tpc(uidDeleted); + std::string user = tpc.ctxGetEnv(TZ_USER_NAME); + std::string userDirectory = tpc.ctxMakePath(TZ_SYS_VAR, Config::SERVICE_NAME, user); + std::string userFile = tpc.ctxMakePath(TZ_SYS_VAR, Config::SERVICE_NAME, user, + Config::APPS_NAME_FILE); + int res = unlink(userFile.c_str()); + if (res) { + if (errno != ENOENT) { + LogError("File deletion failed with: " << GetErrnoString(errno) << + " for: " << userFile); + ret = SECURITY_MANAGER_ERROR_FILE_DELETE_FAILED; + } + } + res = rmdir(userDirectory.c_str()); + if (res) { + if (errno != ENOENT) { + LogError("Directory deletion failed with: " << GetErrnoString(errno) << + " for: " << userDirectory); + ret = SECURITY_MANAGER_ERROR_FILE_DELETE_FAILED; + } + } + } catch (const std::exception &e) { + LogError("Memory allocation error while deleting user: " << e.what()); + return SECURITY_MANAGER_ERROR_SERVER_ERROR; + } CynaraAdmin::getInstance().UserRemove(uidDeleted); return ret; diff --git a/src/include/security-manager-types.h b/src/include/security-manager-types.h index 26ed29c..0c2891e 100644 --- a/src/include/security-manager-types.h +++ b/src/include/security-manager-types.h @@ -51,6 +51,8 @@ enum lib_retcode { SECURITY_MANAGER_ERROR_FILE_OPEN_FAILED, SECURITY_MANAGER_ERROR_SET_RELABEL_SELF_FAILED, SECURITY_MANAGER_ERROR_NOT_INITIALIZED, + SECURITY_MANAGER_ERROR_FILE_CREATE_FAILED, + SECURITY_MANAGER_ERROR_FILE_DELETE_FAILED, }; /*! \brief accesses types for application installation paths*/ -- 2.7.4 From ab26d47a387af17dd2371dbbcdf8f9f980d58d10 Mon Sep 17 00:00:00 2001 From: Tomasz Swierczek Date: Fri, 12 Aug 2016 19:13:29 +0200 Subject: [PATCH 15/16] Release version 1.1.14 Moving user and global apps-names files to /opt/var Simplify declaration and generation of unique_ptrs Fix contraints for app installation. Change-Id: Ifc962b06f15e18b505d63771b008145fe42b80d7 --- packaging/security-manager.changes | 6 ++++++ packaging/security-manager.spec | 2 +- pc/security-manager.pc.in | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/packaging/security-manager.changes b/packaging/security-manager.changes index 14aed5f..16b68ae 100644 --- a/packaging/security-manager.changes +++ b/packaging/security-manager.changes @@ -1,3 +1,9 @@ +* Fri Aug 12 2016 Tomasz Swierczek +- Version 1.1.14 +- Moving user and global apps-names files to /opt/var +- Simplify declaration and generation of unique_ptrs +- Fix contraints for app installation. + * Fri Jul 22 2016 Yunjin Lee - Version 1.1.13 - Fix typo in service file SmackProcessLabel set diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index abec54d..ac59fbc 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -1,6 +1,6 @@ Name: security-manager Summary: Security manager and utilities -Version: 1.1.13 +Version: 1.1.14 Release: 0 Group: Security/Service License: Apache-2.0 diff --git a/pc/security-manager.pc.in b/pc/security-manager.pc.in index 599e3cf..fcd88f8 100644 --- a/pc/security-manager.pc.in +++ b/pc/security-manager.pc.in @@ -5,7 +5,7 @@ includedir=${prefix}/include Name: security-manager Description: Security Manager Package -Version: 1.1.6 +Version: 1.1.14 Requires: Libs: -L${libdir} -lsecurity-manager-client Cflags: -I${includedir}/security-manager -- 2.7.4 From 730b7a7290e13a4960f9b1d17a13c490d373ae19 Mon Sep 17 00:00:00 2001 From: Yunjin Lee Date: Mon, 22 Aug 2016 10:48:51 +0900 Subject: [PATCH 16/16] Add core privilege: appdir.shareddate Change-Id: I505c39c3e1335fdc2b1c784bd77a1cb633726202 Signed-off-by: Yunjin Lee --- policy/usertype-admin.profile | 1 + policy/usertype-guest.profile | 1 + policy/usertype-normal.profile | 1 + policy/usertype-system.profile | 1 + 4 files changed, 4 insertions(+) diff --git a/policy/usertype-admin.profile b/policy/usertype-admin.profile index 214ee8d..f370af8 100644 --- a/policy/usertype-admin.profile +++ b/policy/usertype-admin.profile @@ -8,6 +8,7 @@ * http://tizen.org/privilege/antivirus.admin * http://tizen.org/privilege/antivirus.scan * http://tizen.org/privilege/antivirus.webprotect +* http://tizen.org/privilege/appdir.shareddata * http://tizen.org/privilege/apphistory.read * http://tizen.org/privilege/appmanager.kill * http://tizen.org/privilege/appmanager.kill.bgapp diff --git a/policy/usertype-guest.profile b/policy/usertype-guest.profile index b628a67..8e09af4 100644 --- a/policy/usertype-guest.profile +++ b/policy/usertype-guest.profile @@ -8,6 +8,7 @@ * http://tizen.org/privilege/antivirus.admin * http://tizen.org/privilege/antivirus.scan * http://tizen.org/privilege/antivirus.webprotect +* http://tizen.org/privilege/appdir.shareddata * http://tizen.org/privilege/apphistory.read * http://tizen.org/privilege/appmanager.kill * http://tizen.org/privilege/appmanager.kill.bgapp diff --git a/policy/usertype-normal.profile b/policy/usertype-normal.profile index 15e1f0d..8ab2375 100644 --- a/policy/usertype-normal.profile +++ b/policy/usertype-normal.profile @@ -8,6 +8,7 @@ * http://tizen.org/privilege/antivirus.admin * http://tizen.org/privilege/antivirus.scan * http://tizen.org/privilege/antivirus.webprotect +* http://tizen.org/privilege/appdir.shareddata * http://tizen.org/privilege/apphistory.read * http://tizen.org/privilege/appmanager.kill * http://tizen.org/privilege/appmanager.kill.bgapp diff --git a/policy/usertype-system.profile b/policy/usertype-system.profile index af2ceec..df5b94b 100644 --- a/policy/usertype-system.profile +++ b/policy/usertype-system.profile @@ -8,6 +8,7 @@ * http://tizen.org/privilege/antivirus.admin * http://tizen.org/privilege/antivirus.scan * http://tizen.org/privilege/antivirus.webprotect +* http://tizen.org/privilege/appdir.shareddata * http://tizen.org/privilege/apphistory.read * http://tizen.org/privilege/appmanager.kill * http://tizen.org/privilege/appmanager.kill.bgapp -- 2.7.4