Krzysztof Jackiewicz [Tue, 9 Jul 2013 17:06:16 +0000 (19:06 +0200)]
[Release] security-server_0.0.78
* Security server refactoring
* Prevent fixes
Change-Id: Ia136cabf3fb8346eb0d0d2c3cc757af55e90c5e0
Marcin Niesluchowski [Fri, 5 Jul 2013 11:27:22 +0000 (13:27 +0200)]
Fixing prevent defects in security-server
* 63411; Critical; Resource leak; In function
SecurityServer::BinaryQueue::AppendUnmanaged(
void const*,
unsigned int,
void (*)(void const*, unsigned int, void *),
void *)
in src/server2/dpl/core/src/binary_queue.cpp
* 63374; Critical; Explicit null dereferenced; In function
SecurityServer::SharedMemoryService::readOne(SecurityServer::ConnectionID const&,
SecurityServer::SocketBuffer &)
in src/server2/service/data-share.cpp
[Issue#] SSDWSSP-356
[Bug/Feature] Prevent bugs need to be fixed.
[Cause] N/A
[Solution] N/A
[Verification] Running security-server tests.
Change-Id: I816e8b50ff94470256604d37a88a400dbeac59b5
Bartlomiej Grzelewski [Wed, 3 Jul 2013 08:17:35 +0000 (10:17 +0200)]
Socket won't have any smack label when smack is turn off.
[Issue#] SSDWSSP-68
[Bug] Security-server does not work without smack.
[Cause] Smack was mandatory.
[Solution] Add runtime check for smack existance.
[Verfication] Run tests.
Change-Id: I431a2c86a6f110f5c79b3795e07f32e49759cd28
Bartlomiej Grzelewski [Mon, 20 May 2013 09:11:27 +0000 (11:11 +0200)]
Security-server refactoring.
* Rewrite shared-memory-service.
* Each service will run in own thread.
* Import log and exception modules from DPL library.
* Add serialization.
* Hide symbols in client library.
[Issue#] SSDWSSP-68
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run security-server tests.
Change-Id: Ib353c4ddaccc2f4211f2bbce74dd890956fa60de
Krzysztof Jackiewicz [Tue, 9 Jul 2013 08:11:21 +0000 (10:11 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.2' into rsa/master
Change-Id: I80f650ab40e251f9a5ad736d1814a3d1872c15c3
Tomasz Swierczek [Thu, 27 Jun 2013 10:11:12 +0000 (12:11 +0200)]
[Release] security-server_0.0.77
* Fixed defects reported by prevent.
Change-Id: I809b7fe45d1308a2d36b1b7f5fd8dd8a19e53f24
Marcin Niesluchowski [Fri, 21 Jun 2013 12:05:25 +0000 (14:05 +0200)]
Fixing prevent defects in security-server.
* 60575; Major; Unsigned compared against 0; In function security_server_thread
in src/server/security-server-main.c
* 52113; Minor; Unchecked return value; In function security_server_thread
in src/server/security-server-main.c
[Issue#] SSDWSSP-335
[Bug/Feature] Prevent detected new defects.
[Cause] N/A
[Solution] N/A
[Verification] Running tests.
Change-Id: Ie74a957585482b3435783c9bcba4dc1e7ce13ee2
Bartlomiej Grzelewski [Thu, 20 Jun 2013 17:31:04 +0000 (19:31 +0200)]
[Release] security-server_0.0.76
* Reduce number of logs.
* Add missing handler for executable path retrieval message.
* Run stylecheck on repository.
* Fix major defects reported by prevent.
Change-Id: I8044fbc6cd98a4fe9fb3af3a838ad37191b393c4
Marcin Niesluchowski [Thu, 20 Jun 2013 07:57:50 +0000 (09:57 +0200)]
Changing some error logs to warnings and turning off debug logs on security-server.
[Issue#] SSDWSSP-331
[Bug/Feature] Too many error logs. Debug logs should be turned off.
[Cause] N/A
[Solution] N/A
[Verification] Checking logs and running tests.
Change-Id: I060a891700e161064980c97a5b90c32eef47fca6
Krzysztof Jackiewicz [Fri, 24 May 2013 15:24:46 +0000 (17:24 +0200)]
Added missing handler for executable path retrieval message
[Issue#] SSDWSSP-274
[Feature/Bug] N/A
[Problem] SECURITY_SERVER_MSG_TYPE_EXE_PATH_REQUEST is not handled
[Cause] Incorrectly resolved conflict. Part of code lost.
[Solution] Missing handler restored
[Verification] Build & install. Run security-server-tests-client-smack
--regexp=tc06_check_privilege_by_sockfd. Security server logs should contain
valid executable path in lines starting with SS_SMACK. There should be no
"Unknown msg ID" message in dlog
Change-Id: I8e384e645291a0563a1ffd4ce47496742e756742
Marcin Niesluchowski [Thu, 20 Jun 2013 12:35:52 +0000 (14:35 +0200)]
All *.c and *.h files changed by stylecheck-for-git.
[Issue#] SSDWSSP-322
[Bug/Feature] Standardization of repository coding style.
[Cause] N/A
[Solution] N/A
[Verification] N/A
Change-Id: Ife70bac31e8fb6a5b0b678dfddbee840ace8c764
Marcin Niesluchowski [Fri, 14 Jun 2013 08:51:30 +0000 (10:51 +0200)]
Fixing prevent major defects in security-server.
In file src/client/security-server-cient.c:
Major "Integer overflowed argument" in function recv_exec_path_response()
In file src/server/security-server-main.c:
Major "Integer overflowed argument" in function security_server_thread()
Major "Various" in security_server_thread()
In file src/communication/sercurity-server-comm.c:
Major "Integer overflowed argument" in function recv_pid_privilege_request()
[Issue#] SSDWSSP-306
[Bug/Feature] Fix prevent defects
[Cause] Prevent server signalizes defects
[Solution] N/A
[Verification] Running tests and checking prevent output.
Change-Id: Iff331cd34c2f3447df79118cfa449e6c37c72091
Zbigniew Jasinski [Mon, 17 Jun 2013 13:41:10 +0000 (15:41 +0200)]
Log messages refactoring continued
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] Legal issues with prohibited words in logs (ie. password)
[Solution] Use SECURE_LOG* macro
[Verification] Compile and run. No tests should fail
Change-Id: I5ed5815d1e105f31765162460350476cba574c00
Zbigniew Jasinski [Mon, 17 Jun 2013 13:39:23 +0000 (15:39 +0200)]
Log messages refactoring continued
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] Legal issues with prohibited words in logs (ie. password)
[Solution] Use SECURE_LOG* macro
[Verification] Compile and run. No tests should fail
Change-Id: I8997084a6fbac44b21b253fa4a8765ebf6625ae9
Zbigniew Jasinski [Mon, 17 Jun 2013 13:34:53 +0000 (15:34 +0200)]
Log messages refactoring
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] Legal issues with prohibited words in logs (ie. password)
[Solution] Use SECURE_LOG* macro
[Verification] Compile and run. No tests should fail
Change-Id: I060ce75cc308fd1890c5b249840e19f40b833fd6
Zbigniew Jasinski [Tue, 18 Jun 2013 08:40:23 +0000 (10:40 +0200)]
Added SECURE_LOG* macro
[Issue#] SSDWSSP-323
[Bug/Feature] Log messages refactoring
[Cause] SECURE_LOG* macro added for log messages refactoring
[Solution] Added SECURE_LOG* macro
[Verification] Compile with LOG_DEBUG_ENABLED and run. No tests should fail
Change-Id: Id9181d91c3bc571bd122edbc9e641fbcca39af7e
Pawel Polawski [Mon, 20 May 2013 09:06:33 +0000 (11:06 +0200)]
Add SMACK checking for SS API
[Issue#] SSDWSSP-272
[Bug/Feature] Add SMACK checking for each SS API
[Cause] No SMACK authorization in some SS API
[Solution] Added SMACK checking for each SS API
[Verification] Compile and run. No tests should fail
Change-Id: I4043c7eddd2bab1547f48ffbaf3ab7e28101550c
Krzysztof Jackiewicz [Tue, 4 Jun 2013 14:51:43 +0000 (16:51 +0200)]
Merge rsa/tizen_2.1 into rsa/master
Change-Id: I360ecefb2596ddf47955b2dd9234af5374ba700b
Krzysztof Jackiewicz [Tue, 4 Jun 2013 14:14:53 +0000 (16:14 +0200)]
[Release] security-server_0.0.75
* smack_have_access replaced by smack_pid_have_access
* getgrnam_r used for group searching
* executable path retrieval moved to server
Change-Id: I7f78e51eab61a30e5e1621bf230dc4fe3fecbb87
Krzysztof Jackiewicz [Fri, 24 May 2013 15:24:46 +0000 (17:24 +0200)]
Executable path retrieval moved to security-server
[Issue#] SSDWSSP-274
[Feature/Bug] N/A
[Problem] security_server_check_privilege_by_sockfd should not require root privileges
[Cause] The function reads /proc/[pid]/exe
[Solution] Executable retrieval moved to security-server.
[Verification] Build & install. Run security-server-tests-client-smack --regexp=tc06_check_privilege_by_sockfd
Security server logs should contain valid executable path in lines starting with SS_SMACK
Change-Id: Ib06414e80c9ee992108b7c49b33914e9047e5871
Zbigniew Jasinski [Mon, 27 May 2013 13:10:02 +0000 (15:10 +0200)]
Rewriting search_gid to use POSIX getgrnam_r
[Issue#] N/A
[Bug] N/A
[Cause] Instead of opening /etc/group and search for group name and ID we can
use POSIX getgrnam_r
[Solution] Rewriting function to use POSIX getgrnam_r.
[Verification] Build. Run all security-server tests.
Change-Id: Ia3591db1e11c013229ffd0a725697be797e0a2f1
Janusz Kozerski [Tue, 7 May 2013 12:19:09 +0000 (14:19 +0200)]
Use function smack_pid_have_access() from libprivilege-control instead smack_have_access()
[Issue#] SSDWSSP-220
[Feature] Using function smack_pid_have_access() from libprivilege-control instead smack_have_access()
[Problem] N/A
[Cause] N/A
[Solution] N/A
[Verification] Needs http://slp-info.sec.samsung.net/gerrit/#/c/197481/. Build, install, reboot.
Change-Id: I98b651f7e52c74d794fe96818a61644ece5c9ae5
Krzysztof Jackiewicz [Wed, 22 May 2013 09:08:41 +0000 (11:08 +0200)]
[Release] security-server_0.0.74
* Bugfixing. Code refactoring. Logging updated
Change-Id: Ie0aa660514345a11772dddbcf0f118f27b023f04
Bartlomiej Grzelewski [Fri, 17 May 2013 12:06:14 +0000 (14:06 +0200)]
Fix data control api.
Data control must return SUCCESS on images without smack.
[Issue#] SSDWSSP-277
[Bug] security-server_app_give_access returns error on image
without smack.
[Cause] On image without smack user passed "" as a client label.
"" is not acceptable smack label.
[Solution] Function security_server_app_give_access returns SUCCESS
when smack is turn off.
[Verification] Build. Run all tests. No changes in result should be
noticed on smack image.
Change-Id: I0c740ecda07e3ed97f1d409c8e597bc3b1f0b773
Krzysztof Jackiewicz [Mon, 13 May 2013 15:17:47 +0000 (17:17 +0200)]
Cookie executable path logic fixed and refactored.
[Issue#] SSDWSSP-237 / P130508-4841
[Bug] Security-server has closed unexpectedly
[Problem] N/A
[Cause] Executable paths were improperly compared and triggered pid reusage code
branch.
[Solution] Executable paths logic fixed and refactored.
[Verification] Run all security-server tests
Change-Id: I68219631378be17c980b52fa8995d9bc37d69ed7
Conflicts:
src/server/security-server-cookie.c
Krzysztof Jackiewicz [Mon, 13 May 2013 15:17:47 +0000 (17:17 +0200)]
Cookie executable path logic fixed and refactored.
[Issue#] SSDWSSP-237 / P130508-4841
[Bug] Security-server has closed unexpectedly
[Problem] N/A
[Cause] Executable paths were improperly compared and triggered pid reusage code
branch.
[Solution] Executable paths logic fixed and refactored.
[Verification] Run all security-server tests
Change-Id: I68219631378be17c980b52fa8995d9bc37d69ed7
Krzysztof Jackiewicz [Tue, 14 May 2013 15:31:49 +0000 (17:31 +0200)]
Fixed compilation error
[Issue#] SSDWSSP-229
[Feature/Bug] Compilation error
[Problem] N/A
[Cause] Error logs are not yet available
[Solution] Changed to debug logs
[Verification] Successfull compilation
Change-Id: I29a8268cfefc41189e4c1e218387a20a48cf9142
Zofia Abramowska [Mon, 13 May 2013 14:05:38 +0000 (16:05 +0200)]
Reimplementing process_app_get_access_request
[Issue#] SSDWSSP-229
[Feature] No revoking for label given by this function
[Cause] N/A
[Solution] Rewriting function inside security-server code,
not using libprivilege-control
[Verification] Build and run tests (testcases for revoking label
may fail)
Change-Id: Ie1d682f1dc76c108da7c602c958d8db9d33519ad
Krzysztof Jackiewicz [Fri, 10 May 2013 12:53:05 +0000 (14:53 +0200)]
Thread synchronisation fixed. Proper cookie copying.
[Issue#] SSDWSSP-237
[Feature/Bug] N/A
[Problem] security server crashes
[Cause] Because of incorrect synchronisation a race condition was possible
[Solution] Synchronisation fixed. Proper cookie copying applied.
[Verification] Run all security server tests
Change-Id: I464fb0cf05ec707191c32dde8b7b3de2b0fcdeb5
Zofia Abramowska [Mon, 13 May 2013 14:05:38 +0000 (16:05 +0200)]
Reimplementing process_app_get_access_request
[Issue#] SSDWSSP-229
[Feature] No revoking for label given by this function
[Cause] N/A
[Solution] Rewriting function inside security-server code,
not using libprivilege-control
[Verification] Build and run tests (testcases for revoking label
may fail)
Change-Id: Ie1d682f1dc76c108da7c602c958d8db9d33519ad
Bartlomiej Grzelewski [Wed, 8 May 2013 14:29:05 +0000 (16:29 +0200)]
Add SMACK_LOG in client_has_access.
Security-server must inform that client does not have access to
some service provided by him.
Fix problem with random pid client in security-server logs.
[Issue#] SSDWSSP-226
[Bug] Security server shows rundom value as client pid.
[Cause] Function responsible for client pid extraction wass comment out.
[Solution] N/A
[Verification] Run test. Check logs. Pid of client process should be
shown correctly.
Change-Id: Ifdb0712b1d6f22a71a3e90b2264666f0ec7146da
Pawel Polawski [Thu, 9 May 2013 09:37:56 +0000 (11:37 +0200)]
Change logs in SS to correct error logs.
[Issue#] SSDWSSP-234
[Bug/Feature] Security-server SMACK dlog should be "ERROR", not info
[Cause] N/A
[Solution] Log type changed to error
[Verification] Compile and run. SS should generate both: debug and
error logs on dlog
Change-Id: I8e4c609d30cc71ab4395e85ab5bf9c6a7e97abf9
Kidong Kim [Fri, 10 May 2013 08:59:48 +0000 (17:59 +0900)]
merge back from tizen_2.1_smack
Pawel Polawski [Thu, 25 Apr 2013 13:44:25 +0000 (15:44 +0200)]
Add binary path to SMACK log
[Issue#] SSDWSSP-203
[Bug/Feature] Change logs in security_server_check_privilege_by_sockfd
[Cause] N/A
[Solution] N/A
[Verification] Compile. Run tests.
Change-Id: I6ca2cfc97bc795eefa287c82b0a826f2d6c853a9
Rafal Krypa [Mon, 6 May 2013 10:47:20 +0000 (12:47 +0200)]
Merge remote-tracking branch 'tizendev/tizen_2.1_smack' into tizendev
Rafal Krypa [Fri, 3 May 2013 13:44:18 +0000 (15:44 +0200)]
Merge missing code pieces from private repository.
[Issue#] N/A
[Bug] Patches applied in different version in RSA and private repository
[Cause] Developers not careful enough about applying patches in both places
[Solution] Move missing bits of code
[Verification] Build
Change-Id: If1f65e07b44e1a2ad40f9d67f0ae211511948632
Kidong Kim [Tue, 30 Apr 2013 12:39:33 +0000 (21:39 +0900)]
remove set_pmon
Change-Id: I7ac0c26573e52e8ed70e96a32de5962168548811
Rafal Krypa [Fri, 3 May 2013 13:04:45 +0000 (15:04 +0200)]
Merge remote-tracking branch 'tizendev/master' into tizen_2.1_smack
Jan Cybulski [Thu, 25 Apr 2013 11:31:22 +0000 (13:31 +0200)]
Add #ifdef SMACK_ENABLED to private code.
With this define commented, all security-server API
should work as if there was no SMACK error and SMACK
allowed for everything.
[Issue#] SSDWSSP-206 & SSDWSSP-221
[Bug] N/A
[Cause] SS should work without SMACK enabled.
[Solution] As mentioned above.
[Verification] Build with and without ADD_DEFINITIONS( -DSMACK_ENABLED ).
1. SMACK enabled system.
1.1 -DSMACK_ENABLED on: SS tests should not fail
1.2 -DSMACK_ENABLED off: Following SS tests should fail:
-client-smack:
-tc04_security_server_get_gid_client_is_not_allowed
-tc05_check_privilege_by_cookie
-tc06_check_privilege_by_sockfd
-tc07_check_privilege_by_sockfd
-label:
-tc_security_server_get_smacklabel_cookie
-server:
-tc01a_security_server_app_give_access
-tc02_check_privilege_by_pid
There should be no missing SMACK rules for security server sockets in dmesg
2. SMACK disabled system. Same results for -DSMACK_ENABLED on and off. Beside tests
failing in 1.2 all test cases using smack_accesses_apply and smack_have_access will also fail.
Change-Id: Ia1074d9da4a07e3a60878030b9b8fc3760340c73
Conflicts:
src/client/security-server-client.c
src/server/security-server-cookie.c
src/server/security-server-main.c
Janusz Kozerski [Fri, 26 Apr 2013 10:36:03 +0000 (12:36 +0200)]
Fix error in SMACK object length check in security-server-client
[Issue#] SSDWSSP-212
[Feature/Bug] Error in SMACK object length check in security-server.
[Problem] N/A
[Cause] N/A
[Solution] N/A
[Verification] Build, install, reboot.
Change-Id: I590bd820237941055df18ecb4afbc4e64d651295
Bumjin Im [Sat, 27 Apr 2013 05:50:41 +0000 (14:50 +0900)]
Removing authentication of middleware
Change-Id: I276c83539a09db05500539dfa600bb05a64ceae0
Zofia Abramowska [Fri, 26 Apr 2013 10:17:45 +0000 (12:17 +0200)]
Fixing klocwork bugs
[Issue#] N/A
[Bug] Bugs found by klocwork
[Cause] N/A
[Solution] N/A
[Verficiation] Build and run all tests
Change-Id: I386f3e74820c518fd0437f082246c7fa1177ced4
Bumjin Im [Sat, 27 Apr 2013 05:50:41 +0000 (14:50 +0900)]
[Release] security-server_0.0.73
* Removed authentication of middleware
Change-Id: I430da7b68dc2f2645082e6e82b1e35a9f8e23bbc
Bartlomiej Grzelewski [Mon, 22 Apr 2013 15:02:45 +0000 (17:02 +0200)]
Implemet data control solution for OSP apps.
Function security_server_app_give_access may be called only by
priviledge process (process must have "rw" access to
"security-server::api-data-share"). In current implemnetation security
check is made in user space. It should be moved to kernel space by
creating separate socket with "security-server::api-data-share" label.
[Issue#] SSDWSSP-177
[Bug] N/A
[Cause] OPS application need to share memory.
[Solution] Add cross rules between OSP application.
[Verification] Build.
Change-Id: Ie6bad6e924bbcd1b37af58cb7650f65bebd5d57c
Bartlomiej Grzelewski [Mon, 22 Apr 2013 15:50:14 +0000 (17:50 +0200)]
Fix process_pid_privilege_check function.
Prevent function process_pid_privilege_check from closing random socket
when something fails.
[Issue#] N/A
[Bug] N/A
[Cause] Value was not initialized.
[Solution] N/A
[Verification] Build.
Change-Id: Id77c84c9f2ac1237c56f7cd5ff00258d40680459
Pawel Polawski [Tue, 23 Apr 2013 12:45:05 +0000 (14:45 +0200)]
Change logs in security server connected to SMACK
[Issue#] SSDWSSP-203
[Feature] New logs format
[Cause] Deprecated log format
[Solution] Log format changed
[Verification] Compile, no tests should fail
Change-Id: I38d227b99e341cc76f540a7dc56c4532704ce9e3
Conflicts:
src/server/security-server-cookie.c
Pawel Polawski [Thu, 18 Apr 2013 07:20:02 +0000 (09:20 +0200)]
Add debug log for smack_have_acces in security-server
[Issue#] SSDWSSP-185
[Feature] New security-server API
[Problem] N/A
[Cause] N/A
[Solution] New log message added
[Verification] Build package
Change-Id: I69df34df93a3efec58073667c9ac1a0d4cba031c
Pawel Polawski [Thu, 11 Apr 2013 09:58:21 +0000 (11:58 +0200)]
New API checking SMACK access by client pid in security-server
[Issue#] SSDWSSP-185
[Feature] New security-server API
[Problem] N/A
[Cause] N/A
[Solution] New API function added
[Verification] Build package. No tests should fail
Change-Id: I9d1d5115d0ccf6ca417b56b7b2f8b9ad081fed71
Bartlomiej Grzelewski [Tue, 9 Apr 2013 16:03:52 +0000 (18:03 +0200)]
Implemet data control solution for OSP apps.
[Issue#] SSDWSSP-177
[Bug] N/A
[Cause] OPS application need to share memory.
[Solution] Add cross rules between OSP application.
[Verification] Build.
Change-Id: I5085e5f0130ff687aaa142006837110077ba00be
Krzysztof Jackiewicz [Wed, 17 Apr 2013 10:23:58 +0000 (12:23 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Krzysztof Jackiewicz [Wed, 17 Apr 2013 10:17:49 +0000 (12:17 +0200)]
[Release] security-server_0.0.72
* fixed release commit message
Change-Id: I7c56fe03e85c5b906b0aac055ab352d18f3d2b2d
Krzysztof Jackiewicz [Tue, 16 Apr 2013 15:43:46 +0000 (17:43 +0200)]
[Release] security-server-0.0.72
* prevent bugfixes
* unnecessary package dependecies removed
Change-Id: I0820cc1656b6405db68aead4cfed609ad7c86175
Bartlomiej Grzelewski [Fri, 12 Apr 2013 13:57:07 +0000 (15:57 +0200)]
Fix bugs reported by prevent.
[Issue#] N/A
[Bug] Sizeof gets wrong argument.
[Cause] N/A
[Solution] Sizeof gets type of struct now.
[Verification] Build. Run security tests.
Change-Id: I300591ae3fa1040d9f316699551b522bf222acce
Bartlomiej Grzelewski [Fri, 12 Apr 2013 14:21:11 +0000 (16:21 +0200)]
Remove package from build dependency that are not requried druing build.
[Issue#] N/A
[Bug] N/A
[Caluse] N/A
[Solution] N/A
[Verification] Build.
Change-Id: Ib13ed0a3c837b85c410633a047212042447ebe27
Krzysztof Jackiewicz [Fri, 12 Apr 2013 14:05:43 +0000 (16:05 +0200)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Change-Id: I15d1549c23d65fa677c10065dd5880647c4a3060
Krzysztof Jackiewicz [Fri, 12 Apr 2013 13:09:56 +0000 (15:09 +0200)]
[Release] security-server_0.0.71
* Remove usage of mw-list file in security-server
Change-Id: I6c47b7f6cbe5040147be837112a50a079893d1bd
Jan Cybulski [Thu, 11 Apr 2013 06:08:02 +0000 (08:08 +0200)]
Remove usage of mw-list file in security-server
[Issue#]SSDWSSP-186
[Feature/Bug] N/A
[Problem] N/A
[Cause] N/A
[Solution] Removing hardcoded set of trusted daemon binaries.
Removing function search_middleware_exe_path and file with mw-list entries.
[Verification] Build, tests
Change-Id: I3f7bd1d37bc0b315642884801c80d3e308f78a2a
Krzysztof Jackiewicz [Tue, 2 Apr 2013 08:55:26 +0000 (10:55 +0200)]
Middleware list check fixed.
[Issue#] N/A
[Feature/Bug] N/A
[Problem] Empty line in mw-lists matches everything.
[Cause] N/A
[Solution] Commandline replaced by executable name. Fixed comparison of
executable name with mw-list entries. Empty line removed from mw-list. 50 chars
limit removed
[Verification] Run all security server tests
Change-Id: I872ad45a4089b484a30fc4caa1759ce9d6a584e4
Junfeng [Thu, 21 Mar 2013 13:31:23 +0000 (21:31 +0800)]
Fix for 64 bit compatibility.
- Fix hardcoding path.
- Use %cmake to set default paths.
Change-Id: I102e9d18662ec001eafc48c9826405bf427f6910
Junfeng [Thu, 21 Mar 2013 13:31:23 +0000 (21:31 +0800)]
Fix for 64 bit compatibility.
- Fix hardcoding path.
- Use %cmake to set default paths.
Change-Id: I102e9d18662ec001eafc48c9826405bf427f6910
Krzysztof Jackiewicz [Fri, 29 Mar 2013 10:17:37 +0000 (11:17 +0100)]
Merge remote-tracking branch 'rsa/tizen_2.1' into rsa_master
Krzysztof Jackiewicz [Thu, 28 Mar 2013 14:36:01 +0000 (15:36 +0100)]
[Release] security-server_0.0.70
* Prevent bugfixes from private repo
Change-Id: I52ea4353e5f4092672135323b30f5ae8e295f1d1
Bartlomiej Grzelewski [Fri, 8 Mar 2013 16:38:57 +0000 (17:38 +0100)]
Read or write may be interrupt.
This commits add suport for interruption of read or write. Please note
that we still need to add support for sitation when read or write
returns less that we expect.
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run all security-server tests.
Change-Id: I799fd41245cce004582458f98f49511a2860ff0e
Bartlomiej Grzelewski [Thu, 7 Mar 2013 17:32:28 +0000 (18:32 +0100)]
Reemove compilation warrnings.
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run all security-server tests.
Change-Id: Icedbece62623b2393eb16c3776a909db8443c073
Bartlomiej Grzelewski [Thu, 7 Mar 2013 16:21:12 +0000 (17:21 +0100)]
Fix defects reported by prevent.
[Issue#] SSDWSSP-115
[Bug] N/A
[Cause] N/A
[Soultion] N/A
[Verification] Run all security-server tests.
Change-Id: I61a437f604e94b6897d1b2b76aca8217893a307e
Krzysztof Jackiewicz [Thu, 21 Mar 2013 15:37:04 +0000 (16:37 +0100)]
[Release] security-server_0.0.69
* Table allocation bug fixed
* Password timeout changed
* Merged master into tizen_2.1
Change-Id: I85d41e0f8c1e10491a1fab07586058c1ef5f7271
Krzysztof Jackiewicz [Thu, 21 Mar 2013 10:07:11 +0000 (11:07 +0100)]
[Release] security-server_0.0.69
* Table allocation bug fixed
* Password timeout changed
Change-Id: I70b81639a80600fa83cf93ae08ebced1fa83fe84
Janusz Kozerski [Wed, 20 Mar 2013 10:27:28 +0000 (11:27 +0100)]
Change password timeout from 1 seconds to 500000 microseconds.
[Issue#] N/A
[Bug] N/A
[Cause] N/A
[Solution] N/A
[Verification] Run all security-server tests.
Jinkun Jang [Fri, 15 Mar 2013 16:17:58 +0000 (01:17 +0900)]
merge with master
Jinkun Jang [Tue, 12 Mar 2013 16:51:34 +0000 (01:51 +0900)]
Tizen 2.1 base
Pawel Polawski [Tue, 5 Mar 2013 10:28:38 +0000 (11:28 +0100)]
Fix bug in table allocation.
[Issue#] N/A
[Bug] Wrong pointer passed to allocating fuinction
[Cause] N/A
[Soultion] Changed to correct pointer
[Verification] No warnings while compilation
Change-Id: I54d00e11862f1986b0518009bdb30a5942f127b7
Bartlomiej Grzelewski [Mon, 4 Mar 2013 16:37:03 +0000 (17:37 +0100)]
[Release] security-server_0.0.67
* Fix bug with searching cookie with no privileges.
Change-Id: I46ab72148143df3f1a76956aa8f4474147ef3338
Pawel Polawski [Tue, 26 Feb 2013 07:51:09 +0000 (08:51 +0100)]
Fix bug with searching cookie with no privileges.
[Issue#] SSDWSSP-102
[Bug] Bug with get_smack_label in security-server
[Cause] Error in searching cookie with no privileges set
[Soulution] Special trading cookies with no privileges set
[Verification] Code compiles with success
Change-Id: I25debbc88315f316ed08b1cda2895bd3d9d90116
Mariusz Domanski [Wed, 27 Feb 2013 10:46:25 +0000 (11:46 +0100)]
[Release] security-server_0.0.65
* Proper %post and %postun scripts in spec file
* Removing unused code and separating deprecated files
* Fix for several issues detected by Prevent
Change-Id: I494fba79e6c11e9c298a4972a99a4847e9caffe6
Rafal Krypa [Mon, 25 Feb 2013 14:45:51 +0000 (23:45 +0900)]
Merge "Proper %post and %postun scripts in spec file"
Zofia Abramowska [Mon, 18 Feb 2013 12:44:57 +0000 (13:44 +0100)]
Removing unused code and separating deprecated files
[Issue#] SSDWSSP-98
[Feature] N/A
[Cause] Removal of unwanted files from security-server
[Solution] N/A
[Verification] Successful build
Change-Id: I27fbd9ca4d597c71b65400c4ed71458b406f557b
Mariusz Domanski [Tue, 19 Feb 2013 15:43:15 +0000 (16:43 +0100)]
Fix for several issues detected by Prevent
[Issue#] SSDWSSP-106
[Problem] Issues detected by Prevent
[Cause] N/A
[Solution] N/A
[Verification] Build and run tests
Change-Id: Ie0d469e73685fd518da2a374cf0c0e5dea5829eb
Mariusz Domanski [Wed, 20 Feb 2013 14:43:36 +0000 (15:43 +0100)]
Proper %post and %postun scripts in spec file
[Issue#] N/A
[Bug] errors when upgrading rpm package via rpm -U command
[Cause] bugged %post and %postun scripts in spec file
[Solution] fixed %post and %postun scripts to handle upgrades properly
[Verification] Build and install rpm files, then increment version
number in spec file and build and install with rpm -U.
No security-server related errors should appear after
second installation, S10security-server symlinks in
/etc/rc.d/rc3.d/ and /etc/rc.d/rc5.d/ should exist.
After package uninstallation symlinks should be gone.
Change-Id: I5f0ec6e640f14c12335de0338d3e75d883d1a79e
Janusz Majnert [Mon, 18 Feb 2013 12:39:30 +0000 (13:39 +0100)]
Fix for several issues detected by Prevent
[Issue#] SSDWSSP-107
[Problem] Issues detected by Prevent
[Cause] N/A
[Solution] Please see comments below
[Verification] Build and run
Changes:
* Added a sanity check for new_pwd_len in (prevent #42100)
* Added a check for result of setuid in security server test case
(prevent #42102)
* Fixed a bug in one of the test cases (comparing smack labels)
(prevent #43435)
* Fixed a bug where one error condition was not handled properly, which in turn
led to double free.
Change-Id: I54562981cf5e1201f8f62852da5cb6b3473df138
Tomasz Swierczek [Tue, 5 Feb 2013 08:40:00 +0000 (09:40 +0100)]
[Release] security-server_0.0.64
* Fixed bug with searching cookie for root process in security-server
Change-Id: Ic499ef20918e791351d1a3acdf30697532481618
Pawel Polawski [Mon, 4 Feb 2013 16:50:45 +0000 (17:50 +0100)]
Fixing bug with searching cookie and privileges in security-server.
[Issue#] SSDWSSP-71
[Cause] Fix bug with access to security-server API
by some root processes.
[Problem] Access to security server API returns error
for alarm service.
[Solution] Removed special treating root processes when searching
cookies for caller.
[Verification] Security-serwer should return no error while
calling security_server_check_privilege()
with correct parameters. Setting clock alarm should
return no errors in DLOGUTIL.
Change-Id: I86a950afedd326c021ab00d7ba6a868034d647f9
Mariusz Domanski [Fri, 1 Feb 2013 16:22:50 +0000 (17:22 +0100)]
[Release] security-server_0.0.63
* Add new functions to security-server API
Change-Id: I05ca7e3356db323123a026b02875a7a30d6e3f32
Pawel Polawski [Fri, 25 Jan 2013 10:52:21 +0000 (11:52 +0100)]
Add new functions to security-server API.
[Issue#] SSDWSSP-45
[Cause] Implement new APIs for getting SMACK label
of peer in security-server
[Problem] Two new function needed in API. Both returns
SMACK labels but ttaking another parameters.
First uses cookie, second socked descriptor.
[Solution] New functions added
[Verification] Tests should not fail
Change-Id: I4ca044230f1cba1174b61abae6b7641e1bbfcdbc
Tomasz Swierczek [Fri, 18 Jan 2013 08:09:05 +0000 (09:09 +0100)]
Cherry-pick release: security-server_0.0.62
* Separated security-server and wrt-security-daemon
* This repository holds security-server now
Conflicts:
CMakeLists.txt
packaging/security-server.spec
socket_connection/connection/SocketStream.cpp
tests/CMakeLists.txt
tests/security_server_tests/CMakeLists.txt
Change-Id: I1185bb69f8517da9f5fa5299335e8cc856ba402f
Zofia Abramowska [Wed, 16 Jan 2013 13:44:23 +0000 (14:44 +0100)]
Fixing communication problem with security-server
[Issue#] LINUXSWAP-454
[Bug] Security-server crashes
[Cause] No handling of SIGPIPE signal when writing to closed socket
[Solution] blocking SIGPIPE signal in all threads created by socket
service and handling error returned by write
[Verification] Build, run tests and check JIRA bug(N_SE-20154)
Change-Id: Id6d15922bb9b94cb9ee565e9e90ed0e46a27e25c
Mariusz Domanski [Tue, 15 Jan 2013 13:58:55 +0000 (14:58 +0100)]
Prevent related bugfixes.
[Issue] N/A
[Bug] Bugs found by Coverity.
[Cause] N/A
[Solution] Checking varibale values, catching exception.
[Verification] Build security-server, run all tests.
Change-Id: Ide143746a4a4ccc4cc575f14cfb3529d3b32d088
Hyunwoo Kim [Tue, 15 Jan 2013 12:44:39 +0000 (21:44 +0900)]
Add NOTICE file
Change-Id: Icb39ceba4aaefb880d949f213cdf25bb47a34e5c
Jan Olszak [Mon, 14 Jan 2013 09:55:31 +0000 (10:55 +0100)]
[Prevent] Multiple minor bugfixes.
[Issue] Bugs found by Coverity.
[Bug] N/A
[Cause] N/A
[Solution] Fixed bugs.
[Verification] Build security-server.
Change-Id: I33df2ee3d0c8a6a1abbe6ff89063603c604bb2aa
baik [Thu, 13 Dec 2012 00:51:07 +0000 (09:51 +0900)]
Re-enabling systemd configuration.
Change-Id: I7eb6c073b1614482331dff6d885c63848c47c7f9
Chengwei Yang [Fri, 11 Jan 2013 04:13:30 +0000 (13:13 +0900)]
Merge "Invoke initiate_try to init variable"
Mariusz Domanski [Tue, 8 Jan 2013 17:01:54 +0000 (18:01 +0100)]
Release of changes from Samsung private repository.
* Fixed Prevent defects
Change-Id: I3468cf2754656c7f0b4a3cc619fcfdd1c758d2e6
Chengwei Yang [Tue, 8 Jan 2013 07:49:29 +0000 (15:49 +0800)]
Invoke initiate_try to init variable
Change-Id: I382d1ad805dec133051f098ceb62a42559e0ab38
Signed-off-by: Chengwei Yang <chengwei.yang@intel.com>
Pawel Polawski [Mon, 7 Jan 2013 14:00:27 +0000 (15:00 +0100)]
Release of changes from Samsung private repository.
* Fixed possible thread synchronization issue
Change-Id: I434ff4bf5c539dfe845d52369dc51d7bddc29081
Tomasz Swierczek [Thu, 3 Jan 2013 13:58:33 +0000 (14:58 +0100)]
Release of changes from Samsung private repository.
* Enabled sockets in security server
* Removed old popup implementation
Change-Id: Iceb91878e48bd0cad819aa07e3de147a7befd1c8
Tomasz Swierczek [Tue, 18 Dec 2012 09:08:10 +0000 (10:08 +0100)]
Release of changes from Samsung private repository.
* Adjusted TizenPolicy.xml - added missing "deny" clause for Untrusted widgets
Change-Id: Ic0bc673b1ed856bbd008dcc3e64202d6456fe529
Tomasz Swierczek [Thu, 13 Dec 2012 09:50:43 +0000 (10:50 +0100)]
Release of changes from Samsung private repository.
* Adjusted TizenPolicy.xml according to Device API HQ team request
Change-Id: I399896954b5462119e365220b9f39a23956f6ae2
baik [Thu, 13 Dec 2012 00:51:07 +0000 (09:51 +0900)]
[systemd] systemd boot script for security-server
in addtion, add to verify middleware user.
Tomasz Swierczek [Tue, 11 Dec 2012 17:50:09 +0000 (18:50 +0100)]
Release of changes from Samsung private repository.
* Fixed problem with leaving zombie after SIGTERM
* Turned on logs in "old security server".
* Added new TizenPolicy as per HQ WRT team request
Change-Id: I170af48d89407ff9dc770563bb3ab4aa47cabc6d
Tomasz Swierczek [Fri, 7 Dec 2012 15:06:00 +0000 (16:06 +0100)]
Release changes from Samsung private repository.
* Prepared headers for abstract communication client
* Added implementation of security socket server
* Added ace_is_private_api function in ace_settings
* Fixed klocwork bugs
* Added Partner API section in Tizen Policy
* Added build type required for code coverage analysis
* Removed deprecated headers from dev package
Change-Id: I57bf5912e45c6b6f5c514f45e52b60490404d244
Kidong Kim [Wed, 5 Dec 2012 10:01:42 +0000 (19:01 +0900)]
release 0.0.48
Change-Id: I8cb402cb786e55e5b6894c0b8fc4e5a0112900ac
projects / framework / security / security-server.git / log