From 01531ec45d3292cd266f41e3812e240d02d6c585 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Tue, 27 Jun 2017 22:32:18 +0900 Subject: [PATCH 01/16] source: align indent I change the tabs to spaces and remove the redundant spaces. Change-Id: Iaed7c815f2d9e04582b1a68bc65d678261824378 Signed-off-by: Sooyoung Ha --- src/TizenConfig.h | 2 +- src/commandline_sdbd.c | 198 ++++++++--------- src/commandline_sdbd.h | 12 +- src/default_plugin_auth.c | 1 - src/fdevent.h | 3 +- src/file_sync_service.h | 4 +- src/init.c | 198 ++++++++--------- src/plugin_encrypt.c | 476 ++++++++++++++++++++--------------------- src/plugin_encrypt.h | 30 +-- src/sdb.c | 394 +++++++++++++++++----------------- src/sdb.h | 6 +- src/services.c | 2 +- src/socket_inaddr_any_server.c | 2 +- src/socket_local.h | 8 +- src/socket_local_server.c | 4 +- src/socket_loopback_server.c | 2 +- src/sockets.c | 10 +- src/sockets.h | 44 ++-- src/transport.c | 24 +-- src/transport_local.c | 8 +- src/transport_usb.c | 2 +- src/usb_funcfs_client.c | 78 +++---- src/utils.c | 152 ++++++------- 23 files changed, 829 insertions(+), 831 deletions(-) diff --git a/src/TizenConfig.h b/src/TizenConfig.h index 81d36f3..7da4f99 100644 --- a/src/TizenConfig.h +++ b/src/TizenConfig.h @@ -15,7 +15,7 @@ */ /* - * Android config -- "CYGWIN_NT-5.1". + * Android config -- "CYGWIN_NT-5.1". * * Cygwin has pthreads, but GDB seems to get confused if you use it to * create threads. By "confused", I mean it freezes up the first time the diff --git a/src/commandline_sdbd.c b/src/commandline_sdbd.c index 63850f3..eee6ac2 100644 --- a/src/commandline_sdbd.c +++ b/src/commandline_sdbd.c @@ -53,115 +53,115 @@ static void print_sdbd_command(FILE *stream, SdbdCommandlineArgs *sdbd_args) { } int parse_sdbd_commandline(SdbdCommandlineArgs *sdbd_args, int argc, char *argv[]) { - int split_retval; - - int opt; - int long_index = 0; - - static struct option long_options[] = { - { ARG_EMULATOR_VM_NAME, required_argument, NULL, ARG_S_EMULATOR_VM_NAME }, - { ARG_SENSORS, required_argument, NULL, ARG_S_SENSORS }, - { ARG_SDB, required_argument, NULL, ARG_S_SDB }, - { ARG_SDBD_LISTEN_PORT, required_argument, NULL, ARG_S_SDBD_LISTEN_PORT }, - { ARG_HELP, no_argument, NULL, ARG_S_HELP }, - { ARG_USAGE, no_argument, NULL, ARG_S_USAGE }, - { NULL, 0, NULL, 0 } - }; - - optind = 1; /* the index of the next element to be processed in argv */ - - while ((opt = getopt_long(argc, argv, "", long_options, &long_index)) != -1) { - switch (opt) { - case ARG_S_EMULATOR_VM_NAME: - split_retval = split_host_port(optarg, - &sdbd_args->emulator.host, - &sdbd_args->emulator.port); - if (split_retval != SDBD_COMMANDLINE_SUCCESS) { - return split_retval; - } - /* if we are on emulator we listen using local transport - * so we should set port to default value but this can - * be overwritten by command line options */ - if (sdbd_args->sdbd_port < 0) { - sdbd_args->sdbd_port = DEFAULT_SDB_LOCAL_TRANSPORT_PORT; - } - print_sdbd_command(stdout, sdbd_args); - break; - case ARG_S_SENSORS: - split_retval = split_host_port(optarg, - &sdbd_args->sensors.host, - &sdbd_args->sensors.port); - if (split_retval != SDBD_COMMANDLINE_SUCCESS) { - return split_retval; - } - print_sdbd_command(stdout, sdbd_args); - break; - case ARG_S_SDB: - split_retval = split_host_port(optarg, - &sdbd_args->sdb.host, - &sdbd_args->sdb.port); - if (split_retval != SDBD_COMMANDLINE_SUCCESS) { - return split_retval; - } - print_sdbd_command(stdout, sdbd_args); - break; - case ARG_S_SDBD_LISTEN_PORT: - if (sscanf(optarg, "%d", &sdbd_args->sdbd_port) < 1) { - return SDBD_COMMANDLINE_FAILURE; - } - print_sdbd_command(stdout, sdbd_args); - break; - case ARG_S_HELP: - return SDBD_COMMANDLINE_HELP; - case ARG_S_USAGE: - return SDBD_COMMANDLINE_USAGE; - case 1: - return SDBD_COMMANDLINE_FAILURE_UNKNOWN_OPT; - case '?': - return SDBD_COMMANDLINE_FAILURE_UNKNOWN_OPT; - default: - return SDBD_COMMANDLINE_FAILURE; - } - } - - print_sdbd_command(stdout, sdbd_args); - - return SDBD_COMMANDLINE_SUCCESS; + int split_retval; + + int opt; + int long_index = 0; + + static struct option long_options[] = { + { ARG_EMULATOR_VM_NAME, required_argument, NULL, ARG_S_EMULATOR_VM_NAME }, + { ARG_SENSORS, required_argument, NULL, ARG_S_SENSORS }, + { ARG_SDB, required_argument, NULL, ARG_S_SDB }, + { ARG_SDBD_LISTEN_PORT, required_argument, NULL, ARG_S_SDBD_LISTEN_PORT }, + { ARG_HELP, no_argument, NULL, ARG_S_HELP }, + { ARG_USAGE, no_argument, NULL, ARG_S_USAGE }, + { NULL, 0, NULL, 0 } + }; + + optind = 1; /* the index of the next element to be processed in argv */ + + while ((opt = getopt_long(argc, argv, "", long_options, &long_index)) != -1) { + switch (opt) { + case ARG_S_EMULATOR_VM_NAME: + split_retval = split_host_port(optarg, + &sdbd_args->emulator.host, + &sdbd_args->emulator.port); + if (split_retval != SDBD_COMMANDLINE_SUCCESS) { + return split_retval; + } + /* if we are on emulator we listen using local transport + * so we should set port to default value but this can + * be overwritten by command line options */ + if (sdbd_args->sdbd_port < 0) { + sdbd_args->sdbd_port = DEFAULT_SDB_LOCAL_TRANSPORT_PORT; + } + print_sdbd_command(stdout, sdbd_args); + break; + case ARG_S_SENSORS: + split_retval = split_host_port(optarg, + &sdbd_args->sensors.host, + &sdbd_args->sensors.port); + if (split_retval != SDBD_COMMANDLINE_SUCCESS) { + return split_retval; + } + print_sdbd_command(stdout, sdbd_args); + break; + case ARG_S_SDB: + split_retval = split_host_port(optarg, + &sdbd_args->sdb.host, + &sdbd_args->sdb.port); + if (split_retval != SDBD_COMMANDLINE_SUCCESS) { + return split_retval; + } + print_sdbd_command(stdout, sdbd_args); + break; + case ARG_S_SDBD_LISTEN_PORT: + if (sscanf(optarg, "%d", &sdbd_args->sdbd_port) < 1) { + return SDBD_COMMANDLINE_FAILURE; + } + print_sdbd_command(stdout, sdbd_args); + break; + case ARG_S_HELP: + return SDBD_COMMANDLINE_HELP; + case ARG_S_USAGE: + return SDBD_COMMANDLINE_USAGE; + case 1: + return SDBD_COMMANDLINE_FAILURE_UNKNOWN_OPT; + case '?': + return SDBD_COMMANDLINE_FAILURE_UNKNOWN_OPT; + default: + return SDBD_COMMANDLINE_FAILURE; + } + } + + print_sdbd_command(stdout, sdbd_args); + + return SDBD_COMMANDLINE_SUCCESS; } void apply_sdbd_commandline_defaults(SdbdCommandlineArgs *sdbd_args) { - sdbd_args->emulator.port = -1; + sdbd_args->emulator.port = -1; - sdbd_args->sensors.host = strdup(QEMU_FORWARD_IP); - sdbd_args->sensors.port = DEFAULT_SENSORS_LOCAL_TRANSPORT_PORT; + sdbd_args->sensors.host = strdup(QEMU_FORWARD_IP); + sdbd_args->sensors.port = DEFAULT_SENSORS_LOCAL_TRANSPORT_PORT; - sdbd_args->sdb.host = strdup(QEMU_FORWARD_IP); - sdbd_args->sdb.port = DEFAULT_SDB_PORT; + sdbd_args->sdb.host = strdup(QEMU_FORWARD_IP); + sdbd_args->sdb.port = DEFAULT_SDB_PORT; - // by default don't listen on local transport - sdbd_args->sdbd_port = -1; + // by default don't listen on local transport + sdbd_args->sdbd_port = -1; } int split_host_port(const char *optarg, char **host, int *port) { - const char *colon = strchr(optarg, ':'); - char *old_val = NULL; - - if (colon) { - old_val = *host; - *host = strndup(optarg, colon - optarg); - if (sscanf(colon + 1, "%d", port) < 1) { - return SDBD_COMMANDLINE_FAILURE; - } - } else { - return SDBD_COMMANDLINE_FAILURE; - } - - if (old_val) { - free(old_val); - } - return SDBD_COMMANDLINE_SUCCESS; + const char *colon = strchr(optarg, ':'); + char *old_val = NULL; + + if (colon) { + old_val = *host; + *host = strndup(optarg, colon - optarg); + if (sscanf(colon + 1, "%d", port) < 1) { + return SDBD_COMMANDLINE_FAILURE; + } + } else { + return SDBD_COMMANDLINE_FAILURE; + } + + if (old_val) { + free(old_val); + } + return SDBD_COMMANDLINE_SUCCESS; } @@ -175,7 +175,7 @@ void clear_sdbd_commandline_args(SdbdCommandlineArgs *sdbd_args) { free(sdbd_args->sensors.host); sdbd_args->sensors.host = NULL; - memset(sdbd_args, 0, sizeof(SdbdCommandlineArgs)); + memset(sdbd_args, 0, sizeof(SdbdCommandlineArgs)); } diff --git a/src/commandline_sdbd.h b/src/commandline_sdbd.h index 598b478..2b026ca 100644 --- a/src/commandline_sdbd.h +++ b/src/commandline_sdbd.h @@ -46,8 +46,8 @@ * @brief A simple host:port tuple */ typedef struct { - char *host; - int port; + char *host; + int port; } HostPort; /*! @@ -55,10 +55,10 @@ typedef struct { * @brief Contains all values, which are read from commandline. */ typedef struct { - HostPort emulator; ///< emulator name and forward port - HostPort sdb; ///< sdb address - HostPort sensors; ///< sensors address - int sdbd_port; ///< Port to listen on in tcp mode + HostPort emulator; ///< emulator name and forward port + HostPort sdb; ///< sdb address + HostPort sensors; ///< sensors address + int sdbd_port; ///< Port to listen on in tcp mode } SdbdCommandlineArgs; #include diff --git a/src/default_plugin_auth.c b/src/default_plugin_auth.c index 8fa743a..103603b 100644 --- a/src/default_plugin_auth.c +++ b/src/default_plugin_auth.c @@ -41,7 +41,6 @@ int auth_support ( parameters* in, parameters* out ) int auth_get_key_file_paths ( parameters* in, parameters* out ) { return PLUGIN_CMD_FAIL; - } int confirm_public_key( parameters* in, int out_fd ) diff --git a/src/fdevent.h b/src/fdevent.h index a6db9ea..d383c1f 100644 --- a/src/fdevent.h +++ b/src/fdevent.h @@ -64,8 +64,7 @@ void fdevent_set_timeout(fdevent *fde, int64_t timeout_ms); */ void fdevent_loop(); -struct fdevent -{ +struct fdevent { fdevent *next; fdevent *prev; diff --git a/src/file_sync_service.h b/src/file_sync_service.h index 94a52b6..089a212 100644 --- a/src/file_sync_service.h +++ b/src/file_sync_service.h @@ -18,7 +18,7 @@ #define _FILE_SYNC_SERVICE_H_ #ifdef HAVE_BIG_ENDIAN -static inline unsigned __swap_uint32(unsigned x) +static inline unsigned __swap_uint32(unsigned x) { return (((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) @@ -72,7 +72,7 @@ typedef union { struct { unsigned id; unsigned msglen; - } status; + } status; } syncmsg; void init_sdk_sync_permit_rule_regx(void); diff --git a/src/init.c b/src/init.c index bec59f2..7fcc70b 100644 --- a/src/init.c +++ b/src/init.c @@ -50,7 +50,7 @@ char *smack_mnt = NULL; void set_smackmnt(const char *mnt) { - smack_mnt = strdup(mnt); + smack_mnt = strdup(mnt); } /* Verify the mount point for smack file system has a smackfs. @@ -62,126 +62,126 @@ void set_smackmnt(const char *mnt) */ static int verify_smackmnt(const char *mnt) { - struct statfs sfbuf; - int rc; - - do { - rc = statfs(mnt, &sfbuf); - } while (rc < 0 && errno == EINTR); - - if (rc == 0) { - if ((uint32_t)sfbuf.f_type == (uint32_t)SMACK_MAGIC) { - struct statvfs vfsbuf; - rc = statvfs(mnt, &vfsbuf); - if (rc == 0) { - if (!(vfsbuf.f_flag & ST_RDONLY)) { - set_smackmnt(mnt); - } - return 0; - } - } - } - - return -1; + struct statfs sfbuf; + int rc; + + do { + rc = statfs(mnt, &sfbuf); + } while (rc < 0 && errno == EINTR); + + if (rc == 0) { + if ((uint32_t)sfbuf.f_type == (uint32_t)SMACK_MAGIC) { + struct statvfs vfsbuf; + rc = statvfs(mnt, &vfsbuf); + if (rc == 0) { + if (!(vfsbuf.f_flag & ST_RDONLY)) { + set_smackmnt(mnt); + } + return 0; + } + } + } + + return -1; } int smackfs_exists(void) { - int exists = 0; - FILE *fp = NULL; - char *buf = NULL; - size_t len; - ssize_t num; - - fp = fopen("/proc/filesystems", "r"); - if (!fp) - return 1; /* Fail as if it exists */ - - __fsetlocking(fp, FSETLOCKING_BYCALLER); - - num = getline(&buf, &len, fp); - while (num != -1) { - if (strstr(buf, SMACKFS)) { - exists = 1; - break; - } - num = getline(&buf, &len, fp); - } - - free(buf); - fclose(fp); - return exists; + int exists = 0; + FILE *fp = NULL; + char *buf = NULL; + size_t len; + ssize_t num; + + fp = fopen("/proc/filesystems", "r"); + if (!fp) + return 1; /* Fail as if it exists */ + + __fsetlocking(fp, FSETLOCKING_BYCALLER); + + num = getline(&buf, &len, fp); + while (num != -1) { + if (strstr(buf, SMACKFS)) { + exists = 1; + break; + } + num = getline(&buf, &len, fp); + } + + free(buf); + fclose(fp); + return exists; } static void init_smackmnt(void) { - char *buf=NULL, *p; - FILE *fp=NULL; - size_t len; - ssize_t num; - - if (smack_mnt) - return; - - if (verify_smackmnt(SMACKFSMNT) == 0) - return; - - if (verify_smackmnt(OLDSMACKFSMNT) == 0) - return; - - /* Drop back to detecting it the long way. */ - if (!smackfs_exists()) - goto out; - - /* At this point, the usual spot doesn't have an smackfs so - * we look around for it */ - fp = fopen("/proc/mounts", "r"); - if (!fp) - goto out; - - __fsetlocking(fp, FSETLOCKING_BYCALLER); - while ((num = getline(&buf, &len, fp)) != -1) { - char *tmp; - p = strchr(buf, ' '); - if (!p) - goto out; - p++; - - tmp = strchr(p, ' '); - if (!tmp) - goto out; - - if (!strncmp(tmp + 1, SMACKFS" ", strlen(SMACKFS)+1)) { - *tmp = '\0'; - break; - } - } - - /* If we found something, dup it */ - if (num > 0) - verify_smackmnt(p); + char *buf=NULL, *p; + FILE *fp=NULL; + size_t len; + ssize_t num; + + if (smack_mnt) + return; + + if (verify_smackmnt(SMACKFSMNT) == 0) + return; + + if (verify_smackmnt(OLDSMACKFSMNT) == 0) + return; + + /* Drop back to detecting it the long way. */ + if (!smackfs_exists()) + goto out; + + /* At this point, the usual spot doesn't have an smackfs so + * we look around for it */ + fp = fopen("/proc/mounts", "r"); + if (!fp) + goto out; + + __fsetlocking(fp, FSETLOCKING_BYCALLER); + while ((num = getline(&buf, &len, fp)) != -1) { + char *tmp; + p = strchr(buf, ' '); + if (!p) + goto out; + p++; + + tmp = strchr(p, ' '); + if (!tmp) + goto out; + + if (!strncmp(tmp + 1, SMACKFS" ", strlen(SMACKFS)+1)) { + *tmp = '\0'; + break; + } + } + + /* If we found something, dup it */ + if (num > 0) + verify_smackmnt(p); out: - free(buf); - if (fp) - fclose(fp); - return; + free(buf); + if (fp) + fclose(fp); + return; } void fini_smackmnt(void) { - free(smack_mnt); - smack_mnt = NULL; + free(smack_mnt); + smack_mnt = NULL; } static void init_lib(void) __attribute__ ((constructor)); static void init_lib(void) { - init_smackmnt(); + init_smackmnt(); } static void fini_lib(void) __attribute__ ((destructor)); static void fini_lib(void) { - fini_smackmnt(); + fini_smackmnt(); } diff --git a/src/plugin_encrypt.c b/src/plugin_encrypt.c index 51df016..b7fc3ab 100644 --- a/src/plugin_encrypt.c +++ b/src/plugin_encrypt.c @@ -1,238 +1,238 @@ - -#include - -//#define LOG_TAG "SDBD" -//#include -#define TRACE_TAG TRACE_SDB -#include "log.h" - -#include "plugin.h" -#include "plugin_encrypt.h" -#include "parameter.h" -#include "sdbd_plugin.h" - -#define SAKEP_AKE_MSG_RECORD_FIXED_LEN 36 -#define SAKEP_AES_ECB_ADDED_PADDING_SIZE 16 - -// return 1 if success -// return 0 otherwise -int security_init(const int nSessionID, const char* pUserID) -{ - int success = 0; - int ret; - parameters in, out; - - if (pUserID == NULL) { - in.number_of_parameter = 1; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - } else { - in.number_of_parameter = 2; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - in.array_of_parameter[1].type = type_string; - in.array_of_parameter[1].v_string.length = strlen(pUserID); - in.array_of_parameter[1].v_string.data = strdup(pUserID); - } - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_INIT, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - success = 1; - release_parameters ( &out ); - } - - release_parameters ( &in ); - return success; -} - -// return 1 if success -// return 0 otherwise -int security_deinit(const int nSessionID) -{ - int success = 0; - int ret; - parameters in, out; - - in.number_of_parameter = 1; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_DEINIT, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - success = 1; - release_parameters ( &out ); - } - - release_parameters ( &in ); - return success; -} - -// return 1 if success -// return 0 otherwise -int security_parse_server_hello(const int nSessionID, apacket* pApacket) -{ - int success = 0; - int ret; - parameters in, out; - - in.number_of_parameter = 2; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - in.array_of_parameter[1].type = type_chunk; - in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; - in.array_of_parameter[1].v_chunk.data = pApacket->data; - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_PARSE_SERVER_HELLO, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - success = 1; - release_parameters ( &out ); - } - - // avoid to free - in.array_of_parameter[1].v_chunk.data = NULL; - release_parameters ( &in ); - return success; -} - -// return 1 if success -// return 0 otherwise -int security_gen_client_hello(const int nSessionID, apacket* pApacket) -{ - int success = 0; - int ret; - parameters in, out; - - in.number_of_parameter = 1; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_GEN_CLIENT_HELLO, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); - pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; - success = 1; - release_parameters ( &out ); - } - - release_parameters ( &in ); - return success; -} - -// return 1 if success -// return 0 otherwise -int security_parse_server_ack(const int nSessionID, apacket* pApacket) -{ - int success = 0; - int ret; - parameters in, out; - - in.number_of_parameter = 2; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - in.array_of_parameter[1].type = type_chunk; - in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; - in.array_of_parameter[1].v_chunk.data = pApacket->data; - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_PARSE_SERVER_ACK, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - success = 1; - release_parameters ( &out ); - } - - // avoid to free - in.array_of_parameter[1].v_chunk.data = NULL; - release_parameters ( &in ); - return success; -} - -// return 1 if success -// return 0 otherwise -int security_gen_client_ack(const int nSessionID, apacket* pApacket) -{ - int success = 0; - int ret; - parameters in, out; - - in.number_of_parameter = 1; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_GEN_CLIENT_ACK, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); - pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; - success = 1; - release_parameters ( &out ); - } - - release_parameters ( &in ); - return success; -} - -// return 1 if success -// return 0 otherwise -int security_encrypt(const int nSessionID, apacket* pApacket) -{ - int success = 0; - int ret; - parameters in, out; - - in.number_of_parameter = 2; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - in.array_of_parameter[1].type = type_chunk; - in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; - in.array_of_parameter[1].v_chunk.data = pApacket->data; - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_ENCRYPT, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); - pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; - success = 1; - release_parameters ( &out ); - } - - // avoid to free - in.array_of_parameter[1].v_chunk.data = NULL; - release_parameters ( &in ); - return success; -} - -// return 1 if success -// return 0 otherwise -int security_decrypt(const int nSessionID, apacket* pApacket) -{ - int success = 0; - int ret; - parameters in, out; - - in.number_of_parameter = 2; - in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); - in.array_of_parameter[0].type = type_int32; - in.array_of_parameter[0].v_int32 = nSessionID; - in.array_of_parameter[1].type = type_chunk; - in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; - in.array_of_parameter[1].v_chunk.data = pApacket->data; - - ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_DECRYPT, &in, &out ); - if ( ret == PLUGIN_CMD_SUCCESS ) { - memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); - pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; - success = 1; - release_parameters ( &out ); - } - - // avoid to free - in.array_of_parameter[1].v_chunk.data = NULL; - release_parameters ( &in ); - return success; -} - + +#include + +//#define LOG_TAG "SDBD" +//#include +#define TRACE_TAG TRACE_SDB +#include "log.h" + +#include "plugin.h" +#include "plugin_encrypt.h" +#include "parameter.h" +#include "sdbd_plugin.h" + +#define SAKEP_AKE_MSG_RECORD_FIXED_LEN 36 +#define SAKEP_AES_ECB_ADDED_PADDING_SIZE 16 + +// return 1 if success +// return 0 otherwise +int security_init(const int nSessionID, const char* pUserID) +{ + int success = 0; + int ret; + parameters in, out; + + if (pUserID == NULL) { + in.number_of_parameter = 1; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + } else { + in.number_of_parameter = 2; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + in.array_of_parameter[1].type = type_string; + in.array_of_parameter[1].v_string.length = strlen(pUserID); + in.array_of_parameter[1].v_string.data = strdup(pUserID); + } + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_INIT, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + success = 1; + release_parameters ( &out ); + } + + release_parameters ( &in ); + return success; +} + +// return 1 if success +// return 0 otherwise +int security_deinit(const int nSessionID) +{ + int success = 0; + int ret; + parameters in, out; + + in.number_of_parameter = 1; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_DEINIT, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + success = 1; + release_parameters ( &out ); + } + + release_parameters ( &in ); + return success; +} + +// return 1 if success +// return 0 otherwise +int security_parse_server_hello(const int nSessionID, apacket* pApacket) +{ + int success = 0; + int ret; + parameters in, out; + + in.number_of_parameter = 2; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + in.array_of_parameter[1].type = type_chunk; + in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; + in.array_of_parameter[1].v_chunk.data = pApacket->data; + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_PARSE_SERVER_HELLO, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + success = 1; + release_parameters ( &out ); + } + + // avoid to free + in.array_of_parameter[1].v_chunk.data = NULL; + release_parameters ( &in ); + return success; +} + +// return 1 if success +// return 0 otherwise +int security_gen_client_hello(const int nSessionID, apacket* pApacket) +{ + int success = 0; + int ret; + parameters in, out; + + in.number_of_parameter = 1; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_GEN_CLIENT_HELLO, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); + pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; + success = 1; + release_parameters ( &out ); + } + + release_parameters ( &in ); + return success; +} + +// return 1 if success +// return 0 otherwise +int security_parse_server_ack(const int nSessionID, apacket* pApacket) +{ + int success = 0; + int ret; + parameters in, out; + + in.number_of_parameter = 2; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + in.array_of_parameter[1].type = type_chunk; + in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; + in.array_of_parameter[1].v_chunk.data = pApacket->data; + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_PARSE_SERVER_ACK, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + success = 1; + release_parameters ( &out ); + } + + // avoid to free + in.array_of_parameter[1].v_chunk.data = NULL; + release_parameters ( &in ); + return success; +} + +// return 1 if success +// return 0 otherwise +int security_gen_client_ack(const int nSessionID, apacket* pApacket) +{ + int success = 0; + int ret; + parameters in, out; + + in.number_of_parameter = 1; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_GEN_CLIENT_ACK, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); + pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; + success = 1; + release_parameters ( &out ); + } + + release_parameters ( &in ); + return success; +} + +// return 1 if success +// return 0 otherwise +int security_encrypt(const int nSessionID, apacket* pApacket) +{ + int success = 0; + int ret; + parameters in, out; + + in.number_of_parameter = 2; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + in.array_of_parameter[1].type = type_chunk; + in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; + in.array_of_parameter[1].v_chunk.data = pApacket->data; + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_ENCRYPT, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); + pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; + success = 1; + release_parameters ( &out ); + } + + // avoid to free + in.array_of_parameter[1].v_chunk.data = NULL; + release_parameters ( &in ); + return success; +} + +// return 1 if success +// return 0 otherwise +int security_decrypt(const int nSessionID, apacket* pApacket) +{ + int success = 0; + int ret; + parameters in, out; + + in.number_of_parameter = 2; + in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + in.array_of_parameter[0].type = type_int32; + in.array_of_parameter[0].v_int32 = nSessionID; + in.array_of_parameter[1].type = type_chunk; + in.array_of_parameter[1].v_chunk.size = pApacket->msg.data_length; + in.array_of_parameter[1].v_chunk.data = pApacket->data; + + ret = request_sync_cmd ( PLUGIN_SYNC_CMD_SEC_DECRYPT, &in, &out ); + if ( ret == PLUGIN_CMD_SUCCESS ) { + memcpy(pApacket->data, out.array_of_parameter[0].v_chunk.data, out.array_of_parameter[0].v_chunk.size); + pApacket->msg.data_length = out.array_of_parameter[0].v_chunk.size; + success = 1; + release_parameters ( &out ); + } + + // avoid to free + in.array_of_parameter[1].v_chunk.data = NULL; + release_parameters ( &in ); + return success; +} + diff --git a/src/plugin_encrypt.h b/src/plugin_encrypt.h index c54ff2b..93d2363 100644 --- a/src/plugin_encrypt.h +++ b/src/plugin_encrypt.h @@ -1,15 +1,15 @@ -#ifndef __TRANSPORT_SECURITY_H__ -#define __TRANSPORT_SECURITY_H__ - -#include "sdb.h" - -int security_init(const int nID, const char* pUserID); -int security_deinit(const int nSessionID); -int security_parse_server_hello(const int nSessionID, apacket* pApacket); -int security_gen_client_hello(const int nSessionID, apacket* pApacket); -int security_parse_server_ack(const int nSessionID, apacket* pApacket); -int security_gen_client_ack(const int nSessionID, apacket* pApacket); -int security_encrypt(const int nID, apacket* pApacket); -int security_decrypt(const int nID, apacket* pApacket); - -#endif +#ifndef __TRANSPORT_SECURITY_H__ +#define __TRANSPORT_SECURITY_H__ + +#include "sdb.h" + +int security_init(const int nID, const char* pUserID); +int security_deinit(const int nSessionID); +int security_parse_server_hello(const int nSessionID, apacket* pApacket); +int security_gen_client_hello(const int nSessionID, apacket* pApacket); +int security_parse_server_ack(const int nSessionID, apacket* pApacket); +int security_gen_client_ack(const int nSessionID, apacket* pApacket); +int security_encrypt(const int nID, apacket* pApacket); +int security_decrypt(const int nID, apacket* pApacket); + +#endif diff --git a/src/sdb.c b/src/sdb.c index 39ea547..21653e3 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -369,141 +369,141 @@ void print_packet(const char *label, apacket *p) /* desc. : 암호화 실패 메시지 전송 parameter : [in] apacket* p : sdbd로 들어온 메시지 - [in] atransport *t : 현재 연결에 대한 atransport - [in] unsigned failed_value : 실패 값 + [in] atransport *t : 현재 연결에 대한 atransport + [in] unsigned failed_value : 실패 값 */ void send_encr_fail(apacket* p, atransport *t, unsigned failed_value){ - apacket* enc_p; - enc_p = get_apacket(); - enc_p->msg.command = A_ENCR; // 암호화 메시지 - enc_p->msg.arg0 = failed_value; // 실패값 - enc_p->msg.arg1 = p->msg.arg1; - send_packet(enc_p, t); - //put_apacket(enc_p); + apacket* enc_p; + enc_p = get_apacket(); + enc_p->msg.command = A_ENCR; // 암호화 메시지 + enc_p->msg.arg0 = failed_value; // 실패값 + enc_p->msg.arg1 = p->msg.arg1; + send_packet(enc_p, t); + //put_apacket(enc_p); } /* desc. : 암호화 메시지 핸들링 parameter : [in] apacket* p : sdbd로 들어온 메시지 - [in/out] atransport *t : 현재 연결에 대한 atransport + [in/out] atransport *t : 현재 연결에 대한 atransport ret : 0 : 정상적으로 메시지 전송 - -1: 메시지 전송 실패 + -1: 메시지 전송 실패 */ int handle_encr_packet(apacket* p, atransport *t){ - static int sessionID = 0; - int retVal = 0; + static int sessionID = 0; + int retVal = 0; apacket* enc_p = NULL; - if(p->msg.arg0 == ENCR_SET_ON_REQ){ // hello 메시지인 경우 - t->sessionID = sessionID; - if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init - if(security_parse_server_hello(t->sessionID, p) == 1){ // hello 메시지 파싱 - D("security_parse_server_hello success\n"); + if(p->msg.arg0 == ENCR_SET_ON_REQ){ // hello 메시지인 경우 + t->sessionID = sessionID; + if((retVal = security_init(t->sessionID, NULL)) == 1){ // 암호화 handshaking을 위한 init + if(security_parse_server_hello(t->sessionID, p) == 1){ // hello 메시지 파싱 + D("security_parse_server_hello success\n"); enc_p = get_apacket(); - if(security_gen_client_hello(t->sessionID, enc_p) == 1){ // hello 메시지 생성 - D("security_gen_client_hello success\n"); - enc_p->msg.command = A_ENCR; - enc_p->msg.arg0 = ENCR_SET_ON_REQ; - enc_p->msg.arg1 = p->msg.arg1; - sessionID++; - send_packet(enc_p, t); - } - else { // hello 메시지 생성 실패 - D("security_gen_client_hello error\n"); - send_encr_fail(p, t, ENCR_ON_FAIL); // 암호화 on 실패 메시지 전송 - t->encryption = ENCR_OFF; // 암호화 모드는 off - security_deinit(t->sessionID); - return -1; - } - } - else{ // hello 메시지 파싱 실패 - D("security_parse_server_hello error\n"); - send_encr_fail(p, t, ENCR_ON_FAIL); - t->encryption = ENCR_OFF; - security_deinit(t->sessionID); - - return -1; - } - } else { // init 실패 - D("security_init error\n"); - send_encr_fail(p, t, ENCR_ON_FAIL); - t->encryption = ENCR_OFF; - if (retVal == -1) - { - security_deinit(t->sessionID); - } - //here!! do security_deinit(), but when plugin pointer is null -> not deinit - return -1; - } - } - else if(p->msg.arg0 == ENCR_SET_ON_OK){ // ack 메시지인 경우 - if(security_parse_server_ack(t->sessionID, p) == 1){ // ack 메시지 파싱 + if(security_gen_client_hello(t->sessionID, enc_p) == 1){ // hello 메시지 생성 + D("security_gen_client_hello success\n"); + enc_p->msg.command = A_ENCR; + enc_p->msg.arg0 = ENCR_SET_ON_REQ; + enc_p->msg.arg1 = p->msg.arg1; + sessionID++; + send_packet(enc_p, t); + } + else { // hello 메시지 생성 실패 + D("security_gen_client_hello error\n"); + send_encr_fail(p, t, ENCR_ON_FAIL); // 암호화 on 실패 메시지 전송 + t->encryption = ENCR_OFF; // 암호화 모드는 off + security_deinit(t->sessionID); + return -1; + } + } + else{ // hello 메시지 파싱 실패 + D("security_parse_server_hello error\n"); + send_encr_fail(p, t, ENCR_ON_FAIL); + t->encryption = ENCR_OFF; + security_deinit(t->sessionID); + + return -1; + } + } else { // init 실패 + D("security_init error\n"); + send_encr_fail(p, t, ENCR_ON_FAIL); + t->encryption = ENCR_OFF; + if (retVal == -1) + { + security_deinit(t->sessionID); + } + //here!! do security_deinit(), but when plugin pointer is null -> not deinit + return -1; + } + } + else if(p->msg.arg0 == ENCR_SET_ON_OK){ // ack 메시지인 경우 + if(security_parse_server_ack(t->sessionID, p) == 1){ // ack 메시지 파싱 enc_p = get_apacket(); - if(security_gen_client_ack(t->sessionID, enc_p) == 1){ // ack 메시지 생성 - D("security_gen_client_ack success\n"); - enc_p->msg.command = A_ENCR; - enc_p->msg.arg0 = ENCR_SET_ON_OK; - enc_p->msg.arg1 = p->msg.arg1; - t->encryption = ENCR_ON; - send_packet(enc_p, t); - } - else { // ack 메시지 생성에 실패한 경우 - D("security_gen_client_ack error\n"); - send_encr_fail(p, t, ENCR_ON_FAIL); - t->encryption = ENCR_OFF; - security_deinit(t->sessionID); - return -1; - } - } - else { // ack 메시지 파싱에 실패한 경우 - D("security_parse_server_ack error\n"); - send_encr_fail(p, t, ENCR_ON_FAIL); - t->encryption = ENCR_OFF; - security_deinit(t->sessionID); - return -1; - } - } - else if(p->msg.arg0 == ENCR_SET_OFF){ // 암호화 모드 off 요청 메시지 - if(t->encryption == ENCR_ON && security_deinit(t->sessionID) == 1){ // 현재 암호화 모드가 on 상태인 경우 - enc_p = get_apacket(); - t->encryption = ENCR_OFF; // 현재 연결에 대한 암호화 모드 off - enc_p->msg.command = A_ENCR; - enc_p->msg.arg0 = ENCR_SET_OFF; - enc_p->msg.arg1 = p->msg.arg1; - send_packet(enc_p, t); - } - else { // 암호화 모드 off에 실패한 경우 - D("security_deinit error\n"); - send_encr_fail(p, t, ENCR_OFF_FAIL); // 암호화 모드 off 실패 메시지 전송 - return -1; - } - } - else if(p->msg.arg0 == ENCR_GET){ // 암호화 모드의 상태 요청 메시지인 경우 - enc_p = get_apacket(); - enc_p->msg.command = A_ENCR; - enc_p->msg.arg0 = ENCR_GET; // 암호화 모드 status get메시지 - enc_p->msg.arg1 = p->msg.arg1; - if(t->encryption == ENCR_ON){ // 암호화 모드가 on인 경우 - enc_p->msg.data_length = 13; - strncpy((char*)enc_p->data, "encryption:on", enc_p->msg.data_length); // encryption:on 메시지 전송 - } else if(t->encryption == ENCR_OFF){ // 암호화 모드가 off인 경우 - enc_p->msg.data_length = 14; - strncpy((char*)enc_p->data, "encryption:off", enc_p->msg.data_length); // encryption:off 메시지 전송 - } - send_packet(enc_p, t); - } - else if (p->msg.arg0 == ENCR_ON_FAIL) // 암호화 모드를 on 하는 도중 실패한 경우 받는 메시지 - { - t->encryption = ENCR_OFF; // 암호화 모드를 다시 off - D("encryption on failed\n"); - } - else if (p->msg.arg0 == ENCR_OFF_FAIL) // 암호화 모드를 off하는 도중 실패한 경우 받는 메시지 - { - //t->encryption = ENCR_ON; - D("encryption off failed\n"); - } - //put_apacket(enc_p); - return 0; + if(security_gen_client_ack(t->sessionID, enc_p) == 1){ // ack 메시지 생성 + D("security_gen_client_ack success\n"); + enc_p->msg.command = A_ENCR; + enc_p->msg.arg0 = ENCR_SET_ON_OK; + enc_p->msg.arg1 = p->msg.arg1; + t->encryption = ENCR_ON; + send_packet(enc_p, t); + } + else { // ack 메시지 생성에 실패한 경우 + D("security_gen_client_ack error\n"); + send_encr_fail(p, t, ENCR_ON_FAIL); + t->encryption = ENCR_OFF; + security_deinit(t->sessionID); + return -1; + } + } + else { // ack 메시지 파싱에 실패한 경우 + D("security_parse_server_ack error\n"); + send_encr_fail(p, t, ENCR_ON_FAIL); + t->encryption = ENCR_OFF; + security_deinit(t->sessionID); + return -1; + } + } + else if(p->msg.arg0 == ENCR_SET_OFF){ // 암호화 모드 off 요청 메시지 + if(t->encryption == ENCR_ON && security_deinit(t->sessionID) == 1){ // 현재 암호화 모드가 on 상태인 경우 + enc_p = get_apacket(); + t->encryption = ENCR_OFF; // 현재 연결에 대한 암호화 모드 off + enc_p->msg.command = A_ENCR; + enc_p->msg.arg0 = ENCR_SET_OFF; + enc_p->msg.arg1 = p->msg.arg1; + send_packet(enc_p, t); + } + else { // 암호화 모드 off에 실패한 경우 + D("security_deinit error\n"); + send_encr_fail(p, t, ENCR_OFF_FAIL); // 암호화 모드 off 실패 메시지 전송 + return -1; + } + } + else if(p->msg.arg0 == ENCR_GET){ // 암호화 모드의 상태 요청 메시지인 경우 + enc_p = get_apacket(); + enc_p->msg.command = A_ENCR; + enc_p->msg.arg0 = ENCR_GET; // 암호화 모드 status get메시지 + enc_p->msg.arg1 = p->msg.arg1; + if(t->encryption == ENCR_ON){ // 암호화 모드가 on인 경우 + enc_p->msg.data_length = 13; + strncpy((char*)enc_p->data, "encryption:on", enc_p->msg.data_length); // encryption:on 메시지 전송 + } else if(t->encryption == ENCR_OFF){ // 암호화 모드가 off인 경우 + enc_p->msg.data_length = 14; + strncpy((char*)enc_p->data, "encryption:off", enc_p->msg.data_length); // encryption:off 메시지 전송 + } + send_packet(enc_p, t); + } + else if (p->msg.arg0 == ENCR_ON_FAIL) // 암호화 모드를 on 하는 도중 실패한 경우 받는 메시지 + { + t->encryption = ENCR_OFF; // 암호화 모드를 다시 off + D("encryption on failed\n"); + } + else if (p->msg.arg0 == ENCR_OFF_FAIL) // 암호화 모드를 off하는 도중 실패한 경우 받는 메시지 + { + //t->encryption = ENCR_ON; + D("encryption off failed\n"); + } + //put_apacket(enc_p); + return 0; } #endif @@ -892,11 +892,11 @@ void handle_packet(apacket *p, atransport *t) } break; #ifdef SUPPORT_ENCRYPT - case A_ENCR: // 암호화 메시지인 경우 - if(t->connection_state != CS_OFFLINE) { - handle_encr_packet(p, t); - } - break; + case A_ENCR: // 암호화 메시지인 경우 + if(t->connection_state != CS_OFFLINE) { + handle_encr_packet(p, t); + } + break; #endif default: @@ -1301,91 +1301,91 @@ int should_drop_privileges() { #define SDBD_BOOT_INFO_FILE "/tmp/sdbd_boot_info" static DBusHandlerResult __sdbd_dbus_signal_filter(DBusConnection *conn, - DBusMessage *message, void *user_data) { - D("got dbus message\n"); - const char *interface; - - DBusError error; - dbus_error_init(&error); - - interface = dbus_message_get_interface(message); - if (interface == NULL) { - D("reject by security issue - no interface\n"); - return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; - } - - if (dbus_message_is_signal(message, DEVICED_CORE_INTERFACE, - BOOTING_DONE_SIGNAL)) { - booting_done = 1; - if (access(SDBD_BOOT_INFO_FILE, F_OK) == 0) { - D("booting is done before\n"); - } else { - FILE *f = fopen(SDBD_BOOT_INFO_FILE, "w"); - if (f != NULL) { - fprintf(f, "%d", 1); - fclose(f); - } - } - D("booting is done\n"); - } - - D("handled dbus message\n"); - return DBUS_HANDLER_RESULT_HANDLED; + DBusMessage *message, void *user_data) { + D("got dbus message\n"); + const char *interface; + + DBusError error; + dbus_error_init(&error); + + interface = dbus_message_get_interface(message); + if (interface == NULL) { + D("reject by security issue - no interface\n"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + if (dbus_message_is_signal(message, DEVICED_CORE_INTERFACE, + BOOTING_DONE_SIGNAL)) { + booting_done = 1; + if (access(SDBD_BOOT_INFO_FILE, F_OK) == 0) { + D("booting is done before\n"); + } else { + FILE *f = fopen(SDBD_BOOT_INFO_FILE, "w"); + if (f != NULL) { + fprintf(f, "%d", 1); + fclose(f); + } + } + D("booting is done\n"); + } + + D("handled dbus message\n"); + return DBUS_HANDLER_RESULT_HANDLED; } static void *bootdone_cb(void *x) { - int MAX_LOCAL_BUFSZ = 128; - DBusError error; - DBusConnection *bus; - char rule[MAX_LOCAL_BUFSZ]; - GMainLoop *mainloop; + int MAX_LOCAL_BUFSZ = 128; + DBusError error; + DBusConnection *bus; + char rule[MAX_LOCAL_BUFSZ]; + GMainLoop *mainloop; /* g_type_init() is deprecated for glib version 2.35.0 or greater, */ #if !GLIB_CHECK_VERSION(2,35,0) - g_type_init(); + g_type_init(); #endif - dbus_error_init(&error); - bus = dbus_bus_get(DBUS_BUS_SYSTEM, &error); - if (!bus) { - D("Failed to connect to the D-BUS daemon: %s", error.message); - dbus_error_free(&error); - return NULL; - } - dbus_connection_setup_with_g_main(bus, NULL); - - snprintf(rule, MAX_LOCAL_BUFSZ, "type='signal',interface='%s'", - DEVICED_CORE_INTERFACE); - /* listening to messages */ - dbus_bus_add_match(bus, rule, &error); - if (dbus_error_is_set(&error)) { - D("Fail to rule set: %s", error.message); - dbus_error_free(&error); - return NULL; - } - - if (dbus_connection_add_filter(bus, __sdbd_dbus_signal_filter, NULL, NULL) - == FALSE) - return NULL; - - D("booting signal initialized\n"); - mainloop = g_main_loop_new(NULL, FALSE); - g_main_loop_run(mainloop); - - D("dbus loop exited"); + dbus_error_init(&error); + bus = dbus_bus_get(DBUS_BUS_SYSTEM, &error); + if (!bus) { + D("Failed to connect to the D-BUS daemon: %s", error.message); + dbus_error_free(&error); + return NULL; + } + dbus_connection_setup_with_g_main(bus, NULL); + + snprintf(rule, MAX_LOCAL_BUFSZ, "type='signal',interface='%s'", + DEVICED_CORE_INTERFACE); + /* listening to messages */ + dbus_bus_add_match(bus, rule, &error); + if (dbus_error_is_set(&error)) { + D("Fail to rule set: %s", error.message); + dbus_error_free(&error); + return NULL; + } + + if (dbus_connection_add_filter(bus, __sdbd_dbus_signal_filter, NULL, NULL) + == FALSE) + return NULL; + + D("booting signal initialized\n"); + mainloop = g_main_loop_new(NULL, FALSE); + g_main_loop_run(mainloop); + + D("dbus loop exited"); dbus_connection_unref(bus); - return NULL; + return NULL; } void register_bootdone_cb() { - D("registerd bootdone callback\n"); + D("registerd bootdone callback\n"); - sdb_thread_t t; - if (sdb_thread_create(&t, bootdone_cb, NULL)) { - D("cannot create service thread\n"); - return; - } + sdb_thread_t t; + if (sdb_thread_create(&t, bootdone_cb, NULL)) { + D("cannot create service thread\n"); + return; + } } static int sdbd_set_groups(const char *name, int gid, struct group_info default_groups[], int default_groups_size) { diff --git a/src/sdb.h b/src/sdb.h index 12b3105..1516455 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -146,7 +146,7 @@ struct asocket { /* socket-type-specific extradata */ void *extra; - /* A socket is bound to atransport */ + /* A socket is bound to atransport */ atransport *transport; }; @@ -216,8 +216,8 @@ struct atransport size_t max_payload; #ifdef SUPPORT_ENCRYPT - unsigned encryption; // 해당 연결이 암호화 모드인지 확인하는 flag , 0 = no-encryption / 1 = encryption - int sessionID; // 암호화 세션 ID, 암호화 map에 대한 key + unsigned encryption; // 해당 연결이 암호화 모드인지 확인하는 flag , 0 = no-encryption / 1 = encryption + int sessionID; // 암호화 세션 ID, 암호화 map에 대한 key #endif }; diff --git a/src/services.c b/src/services.c index 6c9d1d6..ea991c2 100644 --- a/src/services.c +++ b/src/services.c @@ -139,7 +139,7 @@ void rootshell_service(int fd, void *cookie) writex(fd, buf, strlen(buf)); } } else { - snprintf(buf, sizeof(buf), "Unknown command option : %s\n", mode); + snprintf(buf, sizeof(buf), "Unknown command option : %s\n", mode); writex(fd, buf, strlen(buf)); } D("set rootshell to %s\n", rootshell_mode == 1 ? "root" : SDK_USER_NAME); diff --git a/src/socket_inaddr_any_server.c b/src/socket_inaddr_any_server.c index 10a84e6..00aa19b 100644 --- a/src/socket_inaddr_any_server.c +++ b/src/socket_inaddr_any_server.c @@ -64,7 +64,7 @@ int socket_inaddr_any_server(int port, int type) if (ret < 0) { close(s); - return -1; + return -1; } } diff --git a/src/socket_local.h b/src/socket_local.h index dc274ac..056d090 100644 --- a/src/socket_local.h +++ b/src/socket_local.h @@ -17,7 +17,7 @@ #ifndef __SOCKET_LOCAL_H #define __SOCKET_LOCAL_H -#define FILESYSTEM_SOCKET_PREFIX "/tmp/" +#define FILESYSTEM_SOCKET_PREFIX "/tmp/" #define ANDROID_RESERVED_SOCKET_PREFIX "/dev/socket/" /* @@ -30,10 +30,10 @@ * socklen_t is set to indicate the final length. This function * will fail if the namespace is invalid (not one of the indicated * constants) or if the name is too long. - * + * * @return 0 on success or -1 on failure - */ -int socket_make_sockaddr_un(const char *name, int namespaceId, + */ +int socket_make_sockaddr_un(const char *name, int namespaceId, struct sockaddr_un *p_addr, socklen_t *alen); #endif diff --git a/src/socket_local_server.c b/src/socket_local_server.c index 8f2ed9f..5cba92d 100644 --- a/src/socket_local_server.c +++ b/src/socket_local_server.c @@ -88,7 +88,7 @@ int socket_local_server_bind(int s, const char *name, int namespaceId) } -/** Open a server-side UNIX domain datagram socket in the Linux non-filesystem +/** Open a server-side UNIX domain datagram socket in the Linux non-filesystem * namespace * * Returns fd on success, -1 on fail @@ -98,7 +98,7 @@ int socket_local_server(const char *name, int namespace, int type) { int err; int s; - + s = socket(AF_LOCAL, type, 0); if (s < 0) return -1; diff --git a/src/socket_loopback_server.c b/src/socket_loopback_server.c index 73e5670..f397a3e 100644 --- a/src/socket_loopback_server.c +++ b/src/socket_loopback_server.c @@ -133,7 +133,7 @@ int socket_loopback_server(int port, int type) if (ret < 0) { sdb_close(s); - return -1; + return -1; } } diff --git a/src/sockets.c b/src/sockets.c index 9711613..12baade 100644 --- a/src/sockets.c +++ b/src/sockets.c @@ -319,11 +319,11 @@ static void local_socket_event_func(int fd, unsigned ev, void *_s) apacket *p = get_apacket(); unsigned char *x = p->data; #ifdef SUPPORT_ENCRYPT - // sdb.c:536에서 sdb server의 패킷은 MAX_PAYLOAD-100으로 정하여서, - // sdb server에서 패킷 데이터의 크기를 MAX_PAYLOAD-100보다 작은 지를 체크함. - // sdbd에서 패킷 데이터를 MAX_PAYLOAD - 200로 잡아서 암호화 하게되면 - // 최대 MAX_PAYLOAD - 100 크기의 패킷을 생성하게 됨. - const size_t max_payload = asock_get_max_payload(s) - 200; + // sdb.c:536에서 sdb server의 패킷은 MAX_PAYLOAD-100으로 정하여서, + // sdb server에서 패킷 데이터의 크기를 MAX_PAYLOAD-100보다 작은 지를 체크함. + // sdbd에서 패킷 데이터를 MAX_PAYLOAD - 200로 잡아서 암호화 하게되면 + // 최대 MAX_PAYLOAD - 100 크기의 패킷을 생성하게 됨. + const size_t max_payload = asock_get_max_payload(s) - 200; #else const size_t max_payload = asock_get_max_payload(s); #endif diff --git a/src/sockets.h b/src/sockets.h index de2269f..e358a19 100644 --- a/src/sockets.h +++ b/src/sockets.h @@ -28,8 +28,8 @@ typedef int socklen_t; #include #endif -#define ANDROID_SOCKET_ENV_PREFIX "ANDROID_SOCKET_" -#define ANDROID_SOCKET_DIR "/dev/socket" +#define ANDROID_SOCKET_ENV_PREFIX "ANDROID_SOCKET_" +#define ANDROID_SOCKET_DIR "/dev/socket" #ifdef __cplusplus extern "C" { @@ -45,32 +45,32 @@ extern "C" { */ static inline int android_get_control_socket(const char *name) { - char key[64] = ANDROID_SOCKET_ENV_PREFIX; - const char *val; - int fd; + char key[64] = ANDROID_SOCKET_ENV_PREFIX; + const char *val; + int fd; - /* build our environment variable, counting cycles like a wolf ... */ + /* build our environment variable, counting cycles like a wolf ... */ #if HAVE_STRLCPY - strlcpy(key + sizeof(ANDROID_SOCKET_ENV_PREFIX) - 1, - name, - sizeof(key) - sizeof(ANDROID_SOCKET_ENV_PREFIX)); -#else /* for the host, which may lack the almightly strncpy ... */ - strncpy(key + sizeof(ANDROID_SOCKET_ENV_PREFIX) - 1, - name, - sizeof(key) - sizeof(ANDROID_SOCKET_ENV_PREFIX)); - key[sizeof(key)-1] = '\0'; + strlcpy(key + sizeof(ANDROID_SOCKET_ENV_PREFIX) - 1, + name, + sizeof(key) - sizeof(ANDROID_SOCKET_ENV_PREFIX)); +#else /* for the host, which may lack the almightly strncpy ... */ + strncpy(key + sizeof(ANDROID_SOCKET_ENV_PREFIX) - 1, + name, + sizeof(key) - sizeof(ANDROID_SOCKET_ENV_PREFIX)); + key[sizeof(key)-1] = '\0'; #endif - val = getenv(key); - if (!val) - return -1; + val = getenv(key); + if (!val) + return -1; - errno = 0; - fd = strtol(val, NULL, 10); - if (errno) - return -1; + errno = 0; + fd = strtol(val, NULL, 10); + if (errno) + return -1; - return fd; + return fd; } /* diff --git a/src/transport.c b/src/transport.c index 7eb9e95..faf5482 100644 --- a/src/transport.c +++ b/src/transport.c @@ -304,10 +304,10 @@ static void *output_thread(void *_t) t->serial); #ifdef SUPPORT_ENCRYPT - if (t->encryption == ENCR_ON && p->msg.command != A_ENCR) // 현재 연결이 암호화 모드이고, 암호화 관련 메시지가 아닌 경우, 메시지 복호화 - { - security_decrypt(t->sessionID, p); - } + if (t->encryption == ENCR_ON && p->msg.command != A_ENCR) // 현재 연결이 암호화 모드이고, 암호화 관련 메시지가 아닌 경우, 메시지 복호화 + { + security_decrypt(t->sessionID, p); + } #endif @@ -382,14 +382,14 @@ static void *input_thread(void *_t) D("%s: transport got packet, sending to remote, state(%s)\n", t->serial, statename(t)); #ifdef SUPPORT_ENCRYPT - if (t->encryption == ENCR_ON && p->msg.command != A_ENCR) // 현재 연결이 암호화 모드이고, 암호화 관련 메시지가 아닌 경우, 메시지를 암호화 - { - security_encrypt(t->sessionID, p); - } - else if(t->encryption == ENCR_OFF) - { + if (t->encryption == ENCR_ON && p->msg.command != A_ENCR) // 현재 연결이 암호화 모드이고, 암호화 관련 메시지가 아닌 경우, 메시지를 암호화 + { + security_encrypt(t->sessionID, p); + } + else if(t->encryption == ENCR_OFF) + { - } + } #endif @@ -812,7 +812,7 @@ void broadcast_transport(apacket *p) apacket* ap = get_apacket(); copy_packet(ap, p); send_packet(ap, t); - + if (ap->msg.command == A_STAT && ap->msg.arg1 == 0) { // lock state message if (ap->msg.arg0 == 0) { diff --git a/src/transport_local.c b/src/transport_local.c index d1b569e..58a07a4 100644 --- a/src/transport_local.c +++ b/src/transport_local.c @@ -41,7 +41,7 @@ #include "plugin.h" #ifdef HAVE_BIG_ENDIAN -#define H4(x) (((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | (((x) & 0x000000FF) << 24) +#define H4(x) (((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | (((x) & 0x000000FF) << 24) static inline void fix_endians(apacket *p) { p->msg.command = H4(p->msg.command); @@ -450,9 +450,9 @@ static void* notify_sdbd_startup_thread(void* ptr) { } if (get_emulator_guestip(guest_ip, sizeof guest_ip) == -1) { - D("failed to get emulator guest ip\n"); - goto sleep_and_continue; - } + D("failed to get emulator guest ip\n"); + goto sleep_and_continue; + } // tell qemu sdbd is just started with udp if (send_msg_to_localhost_from_guest(host_ip, sensors_port, "2\n", 1) < 0) { diff --git a/src/transport_usb.c b/src/transport_usb.c index 32789ec..471aa87 100644 --- a/src/transport_usb.c +++ b/src/transport_usb.c @@ -26,7 +26,7 @@ #include "sdb.h" #ifdef HAVE_BIG_ENDIAN -#define H4(x) (((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | (((x) & 0x000000FF) << 24) +#define H4(x) (((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | (((x) & 0x000000FF) << 24) static inline void fix_endians(apacket *p) { p->msg.command = H4(p->msg.command); diff --git a/src/usb_funcfs_client.c b/src/usb_funcfs_client.c index 3ca92a3..00b25c3 100644 --- a/src/usb_funcfs_client.c +++ b/src/usb_funcfs_client.c @@ -35,8 +35,8 @@ #include "sdb.h" -#define MAX_PACKET_SIZE_FS 64 -#define MAX_PACKET_SIZE_HS 512 +#define MAX_PACKET_SIZE_FS 64 +#define MAX_PACKET_SIZE_HS 512 #define cpu_to_le16(x) htole16(x) #define cpu_to_le32(x) htole32(x) @@ -250,7 +250,7 @@ static void *usb_open_thread(void *x) sdb_mutex_unlock(&usb->lock); D("[ usb_thread - registering device ]\n"); - register_usb_transport(usb, NULL, 1); /* writable transport */ + register_usb_transport(usb, NULL, 1); /* writable transport */ while (1) { /* wait until the USB device needs reset */ @@ -269,7 +269,7 @@ static void *usb_open_thread(void *x) sdb_mutex_unlock(&usb->lock); D("[ usb_thread - registering device ]\n"); - register_usb_transport(usb, NULL, 1); /* writable transport */ + register_usb_transport(usb, NULL, 1); /* writable transport */ } /* never gets here */ @@ -312,34 +312,34 @@ static int read_control(struct usb_handle *usb) } /* dispatch read event */ - switch (read_event.type) { - case FUNCTIONFS_RESUME: - case FUNCTIONFS_ENABLE: - D("FFSEvent %s\n", names[read_event.type]); - sdb_mutex_lock(&usb->lock); - usb->ffs_enabled = 1; - sdb_cond_signal(&usb->notify); - sdb_mutex_unlock(&usb->lock); - break; - - case FUNCTIONFS_SUSPEND: - case FUNCTIONFS_DISABLE: - D("FFSEvent %s\n", names[read_event.type]); - sdb_mutex_lock(&usb->lock); - usb->ffs_enabled = 0; - sdb_mutex_unlock(&usb->lock); - break; - - case FUNCTIONFS_BIND: - case FUNCTIONFS_UNBIND: - case FUNCTIONFS_SETUP: - D("FFSEvent %s\n", names[read_event.type]); - break; - - default: - D("FFSEvent event (type=%d) is unknown -- ignored\n", read_event.type); - break; - } + switch (read_event.type) { + case FUNCTIONFS_RESUME: + case FUNCTIONFS_ENABLE: + D("FFSEvent %s\n", names[read_event.type]); + sdb_mutex_lock(&usb->lock); + usb->ffs_enabled = 1; + sdb_cond_signal(&usb->notify); + sdb_mutex_unlock(&usb->lock); + break; + + case FUNCTIONFS_SUSPEND: + case FUNCTIONFS_DISABLE: + D("FFSEvent %s\n", names[read_event.type]); + sdb_mutex_lock(&usb->lock); + usb->ffs_enabled = 0; + sdb_mutex_unlock(&usb->lock); + break; + + case FUNCTIONFS_BIND: + case FUNCTIONFS_UNBIND: + case FUNCTIONFS_SETUP: + D("FFSEvent %s\n", names[read_event.type]); + break; + + default: + D("FFSEvent event (type=%d) is unknown -- ignored\n", read_event.type); + break; + } return ret; } @@ -431,9 +431,9 @@ static int bulk_read(int bulkout_fd, void *buf, size_t length) if (errno != EINTR) { return ret; } - } else { + } else { count += ret; - } + } } while (count < length); @@ -446,8 +446,8 @@ static int bulk_read(int bulkout_fd, void *buf, size_t length) */ static int ep0_exists() { - struct stat statb; - return stat(ep0_path, &statb) == 0; + struct stat statb; + return stat(ep0_path, &statb) == 0; } @@ -464,9 +464,9 @@ static int autoconfig(struct usb_handle *h) return -ENODEV; } - h->EP0_NAME = ep0_path; - h->EP_OUT_NAME = ep1_path; - h->EP_IN_NAME = ep2_path; + h->EP0_NAME = ep0_path; + h->EP_OUT_NAME = ep1_path; + h->EP_IN_NAME = ep2_path; return 0; } diff --git a/src/utils.c b/src/utils.c index 6f48ba2..3a27e16 100644 --- a/src/utils.c +++ b/src/utils.c @@ -117,41 +117,41 @@ buff_add (char* buff, char* buffEnd, const char* format, ... ) } char *str_trim(char *str) { - size_t len = 0; - char *frontp = str; - char *endp = NULL; - - if (str == NULL) { - return NULL; - } - if (str[0] == '\0') { - return str; - } - - len = strlen(str); - endp = str + len; - - while (isspace(*frontp)) { - ++frontp; - } - if (endp != frontp) { - while (isspace(*(--endp)) && endp != frontp) { - } - } - - if (str + len - 1 != endp) - *(endp + 1) = '\0'; - else if (frontp != str && endp == frontp) - *str = '\0'; - - endp = str; - if (frontp != str) { - while (*frontp) { - *endp++ = *frontp++; - } - *endp = '\0'; - } - return str; + size_t len = 0; + char *frontp = str; + char *endp = NULL; + + if (str == NULL) { + return NULL; + } + if (str[0] == '\0') { + return str; + } + + len = strlen(str); + endp = str + len; + + while (isspace(*frontp)) { + ++frontp; + } + if (endp != frontp) { + while (isspace(*(--endp)) && endp != frontp) { + } + } + + if (str + len - 1 != endp) + *(endp + 1) = '\0'; + else if (frontp != str && endp == frontp) + *str = '\0'; + + endp = str; + if (frontp != str) { + while (*frontp) { + *endp++ = *frontp++; + } + *endp = '\0'; + } + return str; } int spawn(const char* program, char* const arg_list[]) @@ -182,47 +182,47 @@ int spawn(const char* program, char* const arg_list[]) } char** str_split(char* a_str, const char a_delim) { - char** result = 0; - size_t count = 0; - char* tmp = a_str; - char* last_comma = 0; - char delim[2]; - delim[0] = a_delim; - delim[1] = 0; - char *ptr; - - /* Count how many elements will be extracted. */ - while (*tmp) { - if (a_delim == *tmp) { - count++; - last_comma = tmp; - } - tmp++; - } - - /* Add space for trailing token. */ - count += last_comma < (a_str + strlen(a_str) - 1); - - /* Add space for terminating null string so caller - knows where the list of returned strings ends. */ - count++; - - result = malloc(sizeof(char*) * count); - - if (result) { - size_t idx = 0; - char* token = strtok_r(a_str, delim, &ptr); - - while (token) { - //assert(idx < count); - *(result + idx++) = strdup(token); - token = strtok_r(0, delim, &ptr); - } - //assert(idx == count - 1); - *(result + idx) = 0; - } - - return result; + char** result = 0; + size_t count = 0; + char* tmp = a_str; + char* last_comma = 0; + char delim[2]; + delim[0] = a_delim; + delim[1] = 0; + char *ptr; + + /* Count how many elements will be extracted. */ + while (*tmp) { + if (a_delim == *tmp) { + count++; + last_comma = tmp; + } + tmp++; + } + + /* Add space for trailing token. */ + count += last_comma < (a_str + strlen(a_str) - 1); + + /* Add space for terminating null string so caller + knows where the list of returned strings ends. */ + count++; + + result = malloc(sizeof(char*) * count); + + if (result) { + size_t idx = 0; + char* token = strtok_r(a_str, delim, &ptr); + + while (token) { + //assert(idx < count); + *(result + idx++) = strdup(token); + token = strtok_r(0, delim, &ptr); + } + //assert(idx == count - 1); + *(result + idx) = 0; + } + + return result; } int keep_alive(int fd, int onoff, int cnt, int idle, int interval) -- 2.7.4 From 74a263c7743e5f92b5898eace2f85b98b33e566b Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Tue, 27 Jun 2017 22:49:24 +0900 Subject: [PATCH 02/16] package: update version (3.0.30) Change-Id: I29f10364d289fbf07f1811a22d693c71ef30b842 Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 8f5efed..a251f8c 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.29 +Version: 3.0.30 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 6de1b632732c5fec08d29ed715428ff2b110b8e6 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Wed, 28 Jun 2017 16:51:21 +0900 Subject: [PATCH 03/16] source: fix typo Change-Id: I7c68c0689e3e62361491285ce8107879c24b0209 Signed-off-by: Sooyoung Ha --- src/transport.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/transport.c b/src/transport.c index faf5482..d6ecd66 100644 --- a/src/transport.c +++ b/src/transport.c @@ -876,7 +876,7 @@ int readx(int fd, void *ptr, size_t len) D("readx: fd=%d wanted=%zu\n", fd, len); while (l > 0) { - r = sdb_read(fd, p, len); + r = sdb_read(fd, p, l); if (r > 0 && r <= l) { l -= r; p += r; -- 2.7.4 From 1dabf8de4277ef1bb4c5113cac7931b8e7d88642 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Wed, 28 Jun 2017 16:54:11 +0900 Subject: [PATCH 04/16] package: update version (3.0.31) Change-Id: Ie8d745d492170e326cf86d4c1e20afd12f1def36 Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index a251f8c..3bfc0ec 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.30 +Version: 3.0.31 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From f5cd214d92d63433a829ca64f3a6d711c92bc00d Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Fri, 30 Jun 2017 14:11:37 +0900 Subject: [PATCH 05/16] packaging: modify user and group of tv service file The 'sdk' user group causes TV smack denying. This almost revert of commit a16797abdc35b105d38beaf9aaccab12b616933d. Change-Id: Id0a4beb8efc9e986cfd9f7eb56041de0d05b1105 Signed-off-by: Sooyoung Ha --- packaging/sdbd_device_tv.service | 2 -- packaging/sdbd_emulator_tv.service | 2 -- 2 files changed, 4 deletions(-) diff --git a/packaging/sdbd_device_tv.service b/packaging/sdbd_device_tv.service index b683d96..fe3c965 100644 --- a/packaging/sdbd_device_tv.service +++ b/packaging/sdbd_device_tv.service @@ -4,8 +4,6 @@ Requires=tizen-system-env.service After=tmp.mount [Service] -User=sdk -Group=sdk Type=forking #location of SDBD log file #Environment=SDBD_LOG_PATH=/tmp diff --git a/packaging/sdbd_emulator_tv.service b/packaging/sdbd_emulator_tv.service index 0590499..4d81fd2 100644 --- a/packaging/sdbd_emulator_tv.service +++ b/packaging/sdbd_emulator_tv.service @@ -5,8 +5,6 @@ After=tmp.mount dbus.service #DefaultDependencies=false [Service] -User=sdk -Group=sdk Type=forking #location of SDBD log file #Environment=SDBD_LOG_PATH=/tmp -- 2.7.4 From ff571418f7992e29f3d5f8f329ea67d4640eca51 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Fri, 30 Jun 2017 14:15:11 +0900 Subject: [PATCH 06/16] package: update version (3.0.32) Change-Id: I44433704c5f7267dee1aa18573e760bed2cbc56e Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 3bfc0ec..c3cdb7a 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.31 +Version: 3.0.32 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From a3f4720d14b5ff542bea08801d6ae54b2f9a849a Mon Sep 17 00:00:00 2001 From: Slava Barinov Date: Fri, 26 May 2017 12:01:38 +0300 Subject: [PATCH 07/16] package: Add libpthread explicitly for ASan build Change-Id: I39508a5c77a41f5ce3b3dfcfe295cb24bde4a367 Signed-off-by: Slava Barinov --- packaging/sdbd.spec | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index c3cdb7a..5ad9833 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -68,8 +68,7 @@ SDBD plugin API library cp %{SOURCE1003} . %build - -cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \ +cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} %{?asan:-DCMAKE_EXE_LINKER_FLAGS="-pthread"} make %{?jobs:-j%jobs} -- 2.7.4 From 1584bbf77ce59b2d5987b01a8bd327376ba44b8e Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Tue, 25 Jul 2017 15:29:36 +0900 Subject: [PATCH 08/16] service: apply capabilities for security Change-Id: If8ea4bba3476acf2d2043f17f6f8b63538fd9f8f Signed-off-by: Sooyoung Ha --- packaging/sdbd_device.service | 2 ++ packaging/sdbd_device_tv.service | 2 ++ packaging/sdbd_emulator.service | 2 ++ packaging/sdbd_emulator_tv.service | 2 ++ packaging/sdbd_tcp.service | 2 ++ 5 files changed, 10 insertions(+) diff --git a/packaging/sdbd_device.service b/packaging/sdbd_device.service index b47e8f3..779e42e 100644 --- a/packaging/sdbd_device.service +++ b/packaging/sdbd_device.service @@ -12,6 +12,8 @@ EnvironmentFile=-/run/tizen-system-env PIDFile=/tmp/.sdbd.pid Restart=on-failure SmackProcessLabel=System +Capabilities=cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin=i +SecureBits=keep-caps ExecStart=/usr/sbin/sdbd [Install] diff --git a/packaging/sdbd_device_tv.service b/packaging/sdbd_device_tv.service index fe3c965..0ea497d 100644 --- a/packaging/sdbd_device_tv.service +++ b/packaging/sdbd_device_tv.service @@ -11,6 +11,8 @@ EnvironmentFile=-/run/tizen-system-env OOMScoreAdjust=-1000 PIDFile=/tmp/.sdbd.pid Restart=on-failure +Capabilities=cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin=i +SecureBits=keep-caps ExecStart=/usr/sbin/sdbd [Install] diff --git a/packaging/sdbd_emulator.service b/packaging/sdbd_emulator.service index abd1605..74c5d9b 100644 --- a/packaging/sdbd_emulator.service +++ b/packaging/sdbd_emulator.service @@ -13,6 +13,8 @@ PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes #ExecStartPre=/bin/bash -c "/bin/echo '10.0.2.15/32 system::debugging_network' >> /smack/netlabel" SmackProcessLabel=System +Capabilities=cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin=i +SecureBits=keep-caps ExecStart=/bin/sh -c "/usr/sbin/sdbd `/usr/bin/awk '{match($0, /sdb_port=([0-9]+)/,port_match); match($0, /vm_name=([^, ]*)/,vm_match); print \"--emulator=\" vm_match[1] \":\" port_match[1] \" --connect-to=10.0.2.2:26099\" \" --sensors=10.0.2.2:\"port_match[1]+3 }' /proc/cmdline`" [Install] diff --git a/packaging/sdbd_emulator_tv.service b/packaging/sdbd_emulator_tv.service index 4d81fd2..3627ded 100644 --- a/packaging/sdbd_emulator_tv.service +++ b/packaging/sdbd_emulator_tv.service @@ -12,6 +12,8 @@ Environment=DISPLAY=:0 PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes OOMScoreAdjust=-1000 +Capabilities=cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin=i +SecureBits=keep-caps #ExecStartPre=/bin/bash -c "/bin/echo '10.0.2.15/32 system::debugging_network' >> /smack/netlabel" ExecStart=/bin/sh -c "/usr/sbin/sdbd `/usr/bin/awk '{match($0, /sdb_port=([0-9]+)/,port_match); match($0, /vm_name=([^, ]*)/,vm_match); print \"--emulator=\" vm_match[1] \":\" port_match[1] \" --connect-to=10.0.2.2:26099\" \" --sensors=10.0.2.2:\"port_match[1]+3 }' /proc/cmdline`" diff --git a/packaging/sdbd_tcp.service b/packaging/sdbd_tcp.service index ade025c..5269cfe 100644 --- a/packaging/sdbd_tcp.service +++ b/packaging/sdbd_tcp.service @@ -8,4 +8,6 @@ Environment=DISPLAY=:0 PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes SmackProcessLabel=System +Capabilities=cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin=i +SecureBits=keep-caps ExecStart=/usr/sbin/sdbd --listen-port=26101 -- 2.7.4 From 1c6c0ba027a22eb3913613b07e387f517ecb5c17 Mon Sep 17 00:00:00 2001 From: Sooyoung Ha Date: Tue, 25 Jul 2017 15:30:19 +0900 Subject: [PATCH 09/16] package: update version (3.0.33) Change-Id: Ie125643663764582fee9458810531eabf0baf208 Signed-off-by: Sooyoung Ha --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 5ad9833..988fcd6 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.32 +Version: 3.0.33 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 9aa94491aeda2e6e3b236fd18ae4ac30bc26bb14 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 9 Aug 2017 16:50:43 +0900 Subject: [PATCH 10/16] source: add code to check for null pointer Change-Id: Ie73726a837cdc6d28468845c91388644f0c5a853 Signed-off-by: Jinhyung Jo --- src/default_plugin_auth.c | 4 ++++ src/default_plugin_basic.c | 28 ++++++++++++++++++++++++++++ src/default_plugin_event.c | 14 ++++++++++++++ src/plugin.c | 44 ++++++++++++++++++++++++++++++-------------- src/plugin_encrypt.c | 36 ++++++++++++++++++++++++++++++++++++ src/usb_funcfs_client.c | 4 ++++ 6 files changed, 116 insertions(+), 14 deletions(-) diff --git a/src/default_plugin_auth.c b/src/default_plugin_auth.c index 103603b..5021827 100644 --- a/src/default_plugin_auth.c +++ b/src/default_plugin_auth.c @@ -32,6 +32,10 @@ int auth_support ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_INVALID; diff --git a/src/default_plugin_basic.c b/src/default_plugin_basic.c index 6078e7e..0354377 100644 --- a/src/default_plugin_basic.c +++ b/src/default_plugin_basic.c @@ -49,6 +49,10 @@ int get_plugin_capability ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } capability = in->array_of_parameter[0].v_int32; @@ -114,6 +118,10 @@ int verify_shell_cmd ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_VALID; @@ -137,6 +145,10 @@ int convert_shell_cmd ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", in->array_of_parameter[0].v_string.data ); return PLUGIN_CMD_SUCCESS; @@ -159,6 +171,10 @@ int verify_peer_ip ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_VALID; @@ -174,6 +190,10 @@ int verify_sdbd_launch ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = PLUGIN_RET_VALID; @@ -197,6 +217,10 @@ int verify_root_cmd ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; if ( verify_root_commands ( in->array_of_parameter[0].v_string.data ) ) { @@ -217,6 +241,10 @@ int get_shell_env ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } make_string_parameter ( & ( out->array_of_parameter[0] ), "%s", "" ); return PLUGIN_CMD_SUCCESS; diff --git a/src/default_plugin_event.c b/src/default_plugin_event.c index 787c3f4..37aa39a 100644 --- a/src/default_plugin_event.c +++ b/src/default_plugin_event.c @@ -120,6 +120,11 @@ int get_lock_state ( parameters* in, parameters* out ) out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + out->number_of_parameter = 0; + PLUGIN_LOG("failed to allocate memory for the parameter\n"); + return PLUGIN_CMD_FAIL; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = ( plugin_pwlocked() == 1 ) ? PLUGIN_RET_ON : PLUGIN_RET_OFF; @@ -132,8 +137,17 @@ static void pwlock_cb ( keynode_t *key, void* data ) int pwlocked = plugin_pwlocked(); parameters* out = ( parameters* ) malloc ( sizeof ( parameters ) ); + if (out == NULL) { + PLUGIN_LOG("failed to allocate memory for the parameter\n"); + return; + } out->number_of_parameter = 1; out->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (out->array_of_parameter == NULL) { + PLUGIN_LOG("failed to allocate memory for the parameter\n"); + free(out); + return; + } out->array_of_parameter[0].type = type_int32; out->array_of_parameter[0].v_int32 = ( pwlocked == 1 ) ? PLUGIN_RET_ON : PLUGIN_RET_OFF; diff --git a/src/plugin.c b/src/plugin.c index 394c863..fd6ceb8 100644 --- a/src/plugin.c +++ b/src/plugin.c @@ -212,10 +212,6 @@ static void request_async_cmd ( int cmd, parameters* in, int out_fd ) ret = default_plugin_async_proc ( cmd, in, out_fd ); } - release_parameters ( in ); - if ( in != NULL ) { - free( in ); - } sdb_close(out_fd); } @@ -266,6 +262,10 @@ int request_capability_to_plugin ( int cap, char* out_buf, unsigned int out_len in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = cap; @@ -296,6 +296,10 @@ int request_validity_to_plugin ( int cmd, const char* in_buf ) if ( in_buf != NULL ) { in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_string; in.array_of_parameter[0].v_string.length = strlen ( in_buf ); in.array_of_parameter[0].v_string.data = strdup ( in_buf ); @@ -329,6 +333,10 @@ int request_conversion_to_plugin ( int cmd, const char* in_buf, char* out_buf, u if ( in_buf != NULL ) { in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_string; in.array_of_parameter[0].v_string.length = strlen ( in_buf ); in.array_of_parameter[0].v_string.data = strdup ( in_buf ); @@ -360,6 +368,10 @@ int request_lock_state_to_plugin ( int lock_type ) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return result; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = lock_type; @@ -384,23 +396,27 @@ int request_lock_state_to_plugin ( int lock_type ) // return -1 if failed to create async proc thread int request_appcmd_to_plugin ( const char* in_buf ) { - parameters* in; + parameters in; int fd; - in = ( parameters* ) malloc ( sizeof ( parameters ) ); if ( in_buf != NULL ) { - in->number_of_parameter = 1; - in->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); - in->array_of_parameter[0].type = type_string; - in->array_of_parameter[0].v_string.length = strlen ( in_buf ); - in->array_of_parameter[0].v_string.data = strdup ( in_buf ); + in.number_of_parameter = 1; + in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return -1; + } + in.array_of_parameter[0].type = type_string; + in.array_of_parameter[0].v_string.length = strlen ( in_buf ); + in.array_of_parameter[0].v_string.data = strdup ( in_buf ); } else { - in->number_of_parameter = 0; - in->array_of_parameter = NULL; + in.number_of_parameter = 0; + in.array_of_parameter = NULL; } - fd = create_async_proc_thread( PLUGIN_ASYNC_CMD_APPCMD_SERVICE, in ); + fd = create_async_proc_thread( PLUGIN_ASYNC_CMD_APPCMD_SERVICE, &in ); + release_parameters ( &in ); return fd; } diff --git a/src/plugin_encrypt.c b/src/plugin_encrypt.c index b7fc3ab..8bd9b9d 100644 --- a/src/plugin_encrypt.c +++ b/src/plugin_encrypt.c @@ -25,11 +25,19 @@ int security_init(const int nSessionID, const char* pUserID) if (pUserID == NULL) { in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; } else { in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_string; @@ -57,6 +65,10 @@ int security_deinit(const int nSessionID) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; @@ -80,6 +92,10 @@ int security_parse_server_hello(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; @@ -108,6 +124,10 @@ int security_gen_client_hello(const int nSessionID, apacket* pApacket) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; @@ -133,6 +153,10 @@ int security_parse_server_ack(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; @@ -161,6 +185,10 @@ int security_gen_client_ack(const int nSessionID, apacket* pApacket) in.number_of_parameter = 1; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; @@ -186,6 +214,10 @@ int security_encrypt(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; @@ -216,6 +248,10 @@ int security_decrypt(const int nSessionID, apacket* pApacket) in.number_of_parameter = 2; in.array_of_parameter = ( parameter* ) malloc ( sizeof (parameter) * in.number_of_parameter ); + if (in.array_of_parameter == NULL) { + D("failed to allocate memory for the parameter\n"); + return success; + } in.array_of_parameter[0].type = type_int32; in.array_of_parameter[0].v_int32 = nSessionID; in.array_of_parameter[1].type = type_chunk; diff --git a/src/usb_funcfs_client.c b/src/usb_funcfs_client.c index 00b25c3..7522c11 100644 --- a/src/usb_funcfs_client.c +++ b/src/usb_funcfs_client.c @@ -487,6 +487,10 @@ void ffs_usb_init() D("[ usb_init - using FunctionFS ]\n"); h = calloc(1, sizeof(usb_handle)); + if (h == NULL) { + perror("[ failed to allocate memory for usb FunctionFS bulk device ]\n"); + return; + } if (autoconfig(h) < 0) { perror("[ can't recognize usb FunctionFS bulk device ]\n"); free(h); -- 2.7.4 From a4b3b87e3c533119a7037ea8f33d8690dd4e0816 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 9 Aug 2017 18:31:01 +0900 Subject: [PATCH 11/16] source: remove unused code Change-Id: Ib52f23e49f6b876304d19567f7bf1b9b372b5742 Signed-off-by: Jinhyung Jo --- src/sdb.c | 78 +++-------------------------------------------------------- src/sdb.h | 2 +- src/sockets.h | 41 ------------------------------- 3 files changed, 4 insertions(+), 117 deletions(-) diff --git a/src/sdb.c b/src/sdb.c index 21653e3..353995f 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -1110,14 +1110,6 @@ nomem: return 0; } -#ifdef HAVE_WIN32_PROC -static BOOL WINAPI ctrlc_handler(DWORD type) -{ - exit(STATUS_CONTROL_C_EXIT); - return TRUE; -} -#endif - static void sdb_cleanup(void) { clear_sdbd_commandline_args(&sdbd_commandline_args); @@ -1132,56 +1124,6 @@ static void sdb_cleanup(void) unload_sdbd_plugin(); } -void start_logging(void) -{ -#ifdef HAVE_WIN32_PROC - char temp[ MAX_PATH ]; - FILE* fnul; - FILE* flog; - - GetTempPath( sizeof(temp) - 8, temp ); - strcat( temp, "sdb.log" ); - - /* Win32 specific redirections */ - fnul = fopen( "NUL", "rt" ); - if (fnul != NULL) - stdin[0] = fnul[0]; - - flog = fopen( temp, "at" ); - if (flog == NULL) - flog = fnul; - - setvbuf( flog, NULL, _IONBF, 0 ); - - stdout[0] = flog[0]; - stderr[0] = flog[0]; - fprintf(stderr,"--- sdb starting (pid %d) ---\n", getpid()); -#else - int fd; - - fd = unix_open("/dev/null", O_RDONLY); - if (fd < 0) { - // hopefully not gonna happen - return; - } - dup2(fd, 0); - sdb_close(fd); - - fd = unix_open("/tmp/sdb.log", O_WRONLY | O_CREAT | O_APPEND, 0640); - if(fd < 0) { - fd = unix_open("/dev/null", O_WRONLY); - if (fd < 0) { - // hopefully not gonna happen - return; - } - } - dup2(fd, 1); - dup2(fd, 2); - sdb_close(fd); - fprintf(stderr,"--- sdb starting (pid %d) ---\n", getpid()); -#endif -} - void start_device_log(void) { int fd; @@ -1998,7 +1940,7 @@ static void fork_child_handler(void) sdb_mutex_unlock(&D_lock); } -int sdb_main(int is_daemon, int server_port) +int sdb_main(int server_port) { check_emulator_or_device(); @@ -2021,9 +1963,7 @@ int sdb_main(int is_daemon, int server_port) pthread_atfork(fork_prepare_handler, fork_parent_handler, fork_child_handler); atexit(sdb_cleanup); -#ifdef HAVE_WIN32_PROC - SetConsoleCtrlHandler( ctrlc_handler, TRUE ); -#elif defined(HAVE_FORKEXEC) +#if defined(HAVE_FORKEXEC) // No SIGCHLD. Let the service subproc handle its children. signal(SIGPIPE, SIG_IGN); #endif @@ -2113,18 +2053,6 @@ int sdb_main(int is_daemon, int server_port) D("sdb_main(): post init_jdwp()\n"); #endif - if (is_daemon) - { - // inform our parent that we are up and running. -#ifdef HAVE_WIN32_PROC - DWORD count; - WriteFile( GetStdHandle( STD_OUTPUT_HANDLE ), "OK\n", 3, &count, NULL ); -#elif defined(HAVE_FORKEXEC) - fprintf(stderr, "OK\n"); -#endif - start_logging(); - } - D("Event loop starting\n"); fdevent_loop(); @@ -2270,6 +2198,6 @@ int main(int argc, char **argv) //sdbd will never die on emulator! signal(SIGTERM, handle_sig_term); /* tizen specific */ - return sdb_main(0, DEFAULT_SDB_PORT); + return sdb_main(DEFAULT_SDB_PORT); } diff --git a/src/sdb.h b/src/sdb.h index 1516455..43a3bfe 100644 --- a/src/sdb.h +++ b/src/sdb.h @@ -323,7 +323,7 @@ void send_packet(apacket *p, atransport *t); void get_my_path(char *s, size_t maxLen); int launch_server(int server_port); -int sdb_main(int is_daemon, int server_port); +int sdb_main(int server_port); /* transports are ref-counted diff --git a/src/sockets.h b/src/sockets.h index e358a19..56f4e60 100644 --- a/src/sockets.h +++ b/src/sockets.h @@ -28,52 +28,11 @@ typedef int socklen_t; #include #endif -#define ANDROID_SOCKET_ENV_PREFIX "ANDROID_SOCKET_" -#define ANDROID_SOCKET_DIR "/dev/socket" - #ifdef __cplusplus extern "C" { #endif /* - * android_get_control_socket - simple helper function to get the file - * descriptor of our init-managed Unix domain socket. `name' is the name of the - * socket, as given in init.rc. Returns -1 on error. - * - * This is inline and not in libcutils proper because we want to use this in - * third-party daemons with minimal modification. - */ -static inline int android_get_control_socket(const char *name) -{ - char key[64] = ANDROID_SOCKET_ENV_PREFIX; - const char *val; - int fd; - - /* build our environment variable, counting cycles like a wolf ... */ -#if HAVE_STRLCPY - strlcpy(key + sizeof(ANDROID_SOCKET_ENV_PREFIX) - 1, - name, - sizeof(key) - sizeof(ANDROID_SOCKET_ENV_PREFIX)); -#else /* for the host, which may lack the almightly strncpy ... */ - strncpy(key + sizeof(ANDROID_SOCKET_ENV_PREFIX) - 1, - name, - sizeof(key) - sizeof(ANDROID_SOCKET_ENV_PREFIX)); - key[sizeof(key)-1] = '\0'; -#endif - - val = getenv(key); - if (!val) - return -1; - - errno = 0; - fd = strtol(val, NULL, 10); - if (errno) - return -1; - - return fd; -} - -/* * See also android.os.LocalSocketAddress.Namespace */ // Linux "abstract" (non-filesystem) namespace -- 2.7.4 From 2b01f773b7b1f615dba1fbc3247a336af7872896 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 9 Aug 2017 21:28:47 +0900 Subject: [PATCH 12/16] source: fix security issues Change-Id: I49c6c58ec6646f33183881440e6a1bd6607801dd Signed-off-by: Jinhyung Jo --- src/sdb.c | 11 +++-------- src/socket_network_client.c | 9 +++++++-- src/usb_linux.c | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/src/sdb.c b/src/sdb.c index 353995f..84d3b53 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -1629,13 +1629,8 @@ static void init_sdk_requirements() { // set env variable for temporary // TODO: should use pam instead later!! - if (!getenv("TERM")) { - putenv("TERM=linux"); - } - - if (!getenv("HOME")) { - putenv("HOME=/root"); - } + putenv("TERM=linux"); + putenv("HOME=/root"); init_sdk_userinfo(); init_root_userinfo(); @@ -1643,7 +1638,7 @@ static void init_sdk_requirements() { if (g_sdk_home_dir != NULL && stat(g_sdk_home_dir, &st) == 0) { if (st.st_uid != g_sdk_user_id || st.st_gid != g_sdk_group_id) { char cmd[128]; - snprintf(cmd, sizeof(cmd), "chown %s:%s %s -R", SDK_USER_NAME, SDK_USER_NAME, g_sdk_home_dir); + snprintf(cmd, sizeof(cmd), "/usr/bin/chown %s:%s %s -R", SDK_USER_NAME, SDK_USER_NAME, g_sdk_home_dir); if (system(cmd) < 0) { D("failed to change ownership to sdk user to %s\n", g_sdk_home_dir); } diff --git a/src/socket_network_client.c b/src/socket_network_client.c index 326040b..71f38cb 100644 --- a/src/socket_network_client.c +++ b/src/socket_network_client.c @@ -53,9 +53,14 @@ int socket_network_client(const char *host, int port, int type) while ((res = gethostbyname_r(host, &hostbuf, tmphstbuf, hstbuflen, &hp, &herr)) == ERANGE) { // enlarge the buffer hstbuflen *= 2; - tmphstbuf = realloc(tmphstbuf, hstbuflen); - if (tmphstbuf == NULL) { + void *tmpbuf = realloc(tmphstbuf, hstbuflen); + if (tmpbuf == NULL) { + if (tmphstbuf != NULL) { + free(tmphstbuf); + } return -1; + } else { + tmphstbuf = tmpbuf; } } if (res || hp == NULL) { diff --git a/src/usb_linux.c b/src/usb_linux.c index 7bf435b..0d8f2be 100644 --- a/src/usb_linux.c +++ b/src/usb_linux.c @@ -571,7 +571,7 @@ static void register_device(const char *dev_name, D("[ usb located new device %s (%d/%d/%d) ]\n", dev_name, ep_in, ep_out, interface); usb = calloc(1, sizeof(usb_handle)); - strcpy(usb->fname, dev_name); + strncpy(usb->fname, dev_name, sizeof(usb->fname) - 1); usb->ep_in = ep_in; usb->ep_out = ep_out; usb->zero_mask = zero_mask; -- 2.7.4 From d83d68e98be009da7c015fae9622134519a3dde8 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 9 Aug 2017 23:24:35 +0900 Subject: [PATCH 13/16] source: remove use of getenv() Change-Id: I4caf3eb7f788ddd95a83be13a298d1c87c48de10 Signed-off-by: Jinhyung Jo --- packaging/sdbd.service | 2 ++ packaging/sdbd_device.service | 2 ++ packaging/sdbd_device_tv.service | 2 ++ packaging/sdbd_emulator.service | 2 ++ packaging/sdbd_emulator_tv.service | 2 ++ packaging/sdbd_tcp.service | 2 ++ src/sdb.c | 59 ++++++++++++++++++++++++++++++++++---- 7 files changed, 65 insertions(+), 6 deletions(-) diff --git a/packaging/sdbd.service b/packaging/sdbd.service index 76a066e..70b5139 100644 --- a/packaging/sdbd.service +++ b/packaging/sdbd.service @@ -2,6 +2,8 @@ Description=sdbd [Service] +#If necessary, Put Environment variable settings in a file like below +#ExecStartPre=/bin/bash -c "/bin/echo 'SDB_TRACE=all SDBD_LOG_PATH=/tmp' >> /tmp/.sdbdlog.conf" Type=forking PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes diff --git a/packaging/sdbd_device.service b/packaging/sdbd_device.service index 779e42e..8fe2e4a 100644 --- a/packaging/sdbd_device.service +++ b/packaging/sdbd_device.service @@ -8,6 +8,8 @@ User=sdk Group=sdk Type=forking #location of SDBD log file +#If necessary, Put Environment variable settings in a file like below +#ExecStartPre=/bin/bash -c "/bin/echo 'SDB_TRACE=all SDBD_LOG_PATH=/tmp' >> /tmp/.sdbdlog.conf" EnvironmentFile=-/run/tizen-system-env PIDFile=/tmp/.sdbd.pid Restart=on-failure diff --git a/packaging/sdbd_device_tv.service b/packaging/sdbd_device_tv.service index 0ea497d..7ca53a3 100644 --- a/packaging/sdbd_device_tv.service +++ b/packaging/sdbd_device_tv.service @@ -7,6 +7,8 @@ After=tmp.mount Type=forking #location of SDBD log file #Environment=SDBD_LOG_PATH=/tmp +#If necessary, Put Environment variable settings in a file like below +#ExecStartPre=/bin/bash -c "/bin/echo 'SDB_TRACE=all SDBD_LOG_PATH=/tmp' >> /tmp/.sdbdlog.conf" EnvironmentFile=-/run/tizen-system-env OOMScoreAdjust=-1000 PIDFile=/tmp/.sdbd.pid diff --git a/packaging/sdbd_emulator.service b/packaging/sdbd_emulator.service index 74c5d9b..7bf20f5 100644 --- a/packaging/sdbd_emulator.service +++ b/packaging/sdbd_emulator.service @@ -11,6 +11,8 @@ Type=forking Environment=DISPLAY=:0 PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes +#If necessary, Put Environment variable settings in a file like below +#ExecStartPre=/bin/bash -c "/bin/echo 'SDB_TRACE=all SDBD_LOG_PATH=/tmp' >> /tmp/.sdbdlog.conf" #ExecStartPre=/bin/bash -c "/bin/echo '10.0.2.15/32 system::debugging_network' >> /smack/netlabel" SmackProcessLabel=System Capabilities=cap_dac_override,cap_setgid,cap_setuid,cap_sys_admin=i diff --git a/packaging/sdbd_emulator_tv.service b/packaging/sdbd_emulator_tv.service index 3627ded..634974c 100644 --- a/packaging/sdbd_emulator_tv.service +++ b/packaging/sdbd_emulator_tv.service @@ -8,6 +8,8 @@ After=tmp.mount dbus.service Type=forking #location of SDBD log file #Environment=SDBD_LOG_PATH=/tmp +#If necessary, Put Environment variable settings in a file like below +#ExecStartPre=/bin/bash -c "/bin/echo 'SDB_TRACE=all SDBD_LOG_PATH=/tmp' >> /tmp/.sdbdlog.conf" Environment=DISPLAY=:0 PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes diff --git a/packaging/sdbd_tcp.service b/packaging/sdbd_tcp.service index 5269cfe..9995740 100644 --- a/packaging/sdbd_tcp.service +++ b/packaging/sdbd_tcp.service @@ -5,6 +5,8 @@ After=default.target [Service] Type=forking Environment=DISPLAY=:0 +#If necessary, Put Environment variable settings in a file like below +#ExecStartPre=/bin/bash -c "/bin/echo 'SDB_TRACE=all SDBD_LOG_PATH=/tmp' >> /tmp/.sdbdlog.conf" PIDFile=/tmp/.sdbd.pid RemainAfterExit=yes SmackProcessLabel=System diff --git a/src/sdb.c b/src/sdb.c index 84d3b53..7b81403 100644 --- a/src/sdb.c +++ b/src/sdb.c @@ -68,6 +68,8 @@ SDB_MUTEX_DEFINE(zone_check_lock); SDB_MUTEX_DEFINE( D_lock ); #endif +#define SDB_LOGCONF_PATH "/tmp/.sdbdlog.conf" + int HOST = 0; // sdk user @@ -196,6 +198,43 @@ void fatal_errno(const char *fmt, ...) exit(-1); } +static char* get_sdb_log_conf(const char* key) +{ + int fd; + char line[256] = {0,}; + char value[256] = {0,}; + + if (access(SDB_LOGCONF_PATH, F_OK)) { + return NULL; + } + + fd = unix_open(SDB_LOGCONF_PATH, O_RDONLY); + if (fd < 0) { + D("failed to open '%s' file: %d\n", SDB_LOGCONF_PATH, errno); + return NULL; + } + + if (read_line(fd, line, sizeof(line)) > 0) { + char* start = strstr(line, key); + if (start != NULL) { + // move one more character to remove '=', + // including the length of the key string + start = start + strlen(key) + 1; + char* end = strstr(start, " "); + if (end != NULL) { + strncpy(value, start, end - start); + } else { + strncpy(value, start, sizeof(value)); + } + } else { + sdb_close(fd); + return NULL; + } + } + sdb_close(fd); + return strdup(value); +} + static int is_enable_sdbd_log() { return (!strncmp(g_capabilities.log_enable, PLUGIN_RET_ENABLED, strlen(PLUGIN_RET_ENABLED))); @@ -210,7 +249,8 @@ int sdb_trace_mask; */ void sdb_trace_init(void) { - const char* p = getenv("SDB_TRACE"); + char* ptr = get_sdb_log_conf("SDB_TRACE"); + const char* p; const char* q; static const struct { @@ -235,11 +275,13 @@ void sdb_trace_init(void) { NULL, 0 } }; - if (p == NULL) { + if (ptr == NULL) { if (is_enable_sdbd_log()) p = "all"; else return; + } else { + p = ptr; } /* use a comma/column/semi-colum/space separated list */ @@ -261,6 +303,7 @@ void sdb_trace_init(void) int flag = tags[tagn].flag; if (flag == 0) { sdb_trace_mask = ~0; + free(ptr); return; } sdb_trace_mask |= (1 << flag); @@ -271,6 +314,7 @@ void sdb_trace_init(void) if (*p) p++; } + free(ptr); } /* @@ -1133,18 +1177,21 @@ void start_device_log(void) struct tm now; time_t t; // char value[PROPERTY_VALUE_MAX]; - const char* p_trace = getenv("SDB_TRACE"); - const char* p_path = getenv("SDBD_LOG_PATH"); + char* p_trace = get_sdb_log_conf("SDB_TRACE"); + char* p_path = get_sdb_log_conf("SDBD_LOG_PATH"); // read the trace mask from persistent property persist.sdb.trace_mask // give up if the property is not set or cannot be parsed if ((p_trace == NULL ) && !is_enable_sdbd_log()) { return; + } else { + free(p_trace); } - if (p_path) + if (p_path) { snprintf(path_folder, sizeof(path_folder), "%s", p_path); - else if (g_capabilities.log_path[0] != '\0') + free(p_path); + } else if (g_capabilities.log_path[0] != '\0') snprintf(path_folder, sizeof(path_folder), "%s", g_capabilities.log_path); else return; -- 2.7.4 From 7cd279f040042565907e394fdd89372d1d18a3fd Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Thu, 10 Aug 2017 15:47:53 +0900 Subject: [PATCH 14/16] package: update version (3.0.34) Change-Id: I7e419c1b710447c9a588f7639fc3963b78f5f3d3 Signed-off-by: Jinhyung Jo --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 988fcd6..85d2300 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.33 +Version: 3.0.34 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4 From 658a001a3707f5c5ccbb98d6f861e52cfe33efa1 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 23 Aug 2017 11:23:58 +0900 Subject: [PATCH 15/16] appcmd: change argument from local to heap Change-Id: I708ae784d24cbd5394d2787bf15b53b27ee33c16 Signed-off-by: Jinhyung Jo --- src/plugin.c | 48 +++++++++++++++++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 15 deletions(-) diff --git a/src/plugin.c b/src/plugin.c index fd6ceb8..2e257fe 100644 --- a/src/plugin.c +++ b/src/plugin.c @@ -212,6 +212,8 @@ static void request_async_cmd ( int cmd, parameters* in, int out_fd ) ret = default_plugin_async_proc ( cmd, in, out_fd ); } + release_parameters(in); + free(in); sdb_close(out_fd); } @@ -229,21 +231,31 @@ static int create_async_proc_thread( int cmd, parameters* in ) sdb_thread_t t; int s[2]; - if( sdb_socketpair(s) ) { + if (sdb_socketpair(s)) { + release_parameters(in); + free(in); D("cannot create async proc socket pair\n"); return -1; } - async_param = ( async_parameter* ) malloc(sizeof(async_parameter)); - if( async_param == NULL ) fatal("cannot allocate async_parameter"); + async_param = (async_parameter*)malloc(sizeof(async_parameter)); + if (async_param == NULL) { + release_parameters(in); + free(in); + fatal("cannot allocate async_parameter"); + return -1; + } + async_param->cmd = cmd; async_param->in = in; async_param->out_fd = s[1]; - if(sdb_thread_create( &t, async_proc_bootstrap_func, async_param)){ + if (sdb_thread_create(&t, async_proc_bootstrap_func, async_param)) { free(async_param); sdb_close(s[0]); sdb_close(s[1]); + release_parameters(in); + free(in); D("cannot create async proc thread\n"); return -1; } @@ -396,27 +408,33 @@ int request_lock_state_to_plugin ( int lock_type ) // return -1 if failed to create async proc thread int request_appcmd_to_plugin ( const char* in_buf ) { - parameters in; + parameters* in; int fd; + in = (parameters*)malloc(sizeof(parameters)); + if (in == NULL) { + D("failed to allocate memory for the parameters\n"); + return -1; + } + if ( in_buf != NULL ) { - in.number_of_parameter = 1; - in.array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); - if (in.array_of_parameter == NULL) { + in->number_of_parameter = 1; + in->array_of_parameter = ( parameter* ) malloc ( sizeof ( parameter ) ); + if (in->array_of_parameter == NULL) { + free(in); D("failed to allocate memory for the parameter\n"); return -1; } - in.array_of_parameter[0].type = type_string; - in.array_of_parameter[0].v_string.length = strlen ( in_buf ); - in.array_of_parameter[0].v_string.data = strdup ( in_buf ); + in->array_of_parameter[0].type = type_string; + in->array_of_parameter[0].v_string.length = strlen ( in_buf ); + in->array_of_parameter[0].v_string.data = strdup ( in_buf ); } else { - in.number_of_parameter = 0; - in.array_of_parameter = NULL; + in->number_of_parameter = 0; + in->array_of_parameter = NULL; } - fd = create_async_proc_thread( PLUGIN_ASYNC_CMD_APPCMD_SERVICE, &in ); + fd = create_async_proc_thread( PLUGIN_ASYNC_CMD_APPCMD_SERVICE, in ); - release_parameters ( &in ); return fd; } -- 2.7.4 From 1560a95a7067bd956b578a05b84f1f774e5180f0 Mon Sep 17 00:00:00 2001 From: Jinhyung Jo Date: Wed, 23 Aug 2017 13:54:15 +0900 Subject: [PATCH 16/16] package: update version (3.0.35) Change-Id: I1e8537183d81eb117354adb4f7a4b97d05b0f32f Signed-off-by: Jinhyung Jo --- packaging/sdbd.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/sdbd.spec b/packaging/sdbd.spec index 85d2300..c8f7e71 100644 --- a/packaging/sdbd.spec +++ b/packaging/sdbd.spec @@ -2,7 +2,7 @@ Name: sdbd Summary: SDB daemon -Version: 3.0.34 +Version: 3.0.35 Release: 0 License: Apache-2.0 Summary: SDB daemon -- 2.7.4