src/jobs/widget_install/task_smack.cpp

   1 /*
   2  * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *    Licensed under the Apache License, Version 2.0 (the "License");
   5  *    you may not use this file except in compliance with the License.
   6  *    You may obtain a copy of the License at
   7  *
   8  *        http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *    Unless required by applicable law or agreed to in writing, software
  11  *    distributed under the License is distributed on an "AS IS" BASIS,
  12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *    See the License for the specific language governing permissions and
  14  *    limitations under the License.
  15  */
  16 /*
  17  * @file    task_smack.cpp
  18  * @author  Piotr Kozbial (p.kozbial@samsung.com)
  19  * @version 1.0
  20  * @brief   Implementation file for installer task smack
  21  */
  22
  23 #include <widget_install/task_smack.h>
  24 #include <widget_install/widget_install_context.h>
  25 #include <widget_install/widget_install_errors.h>
  26 #include <widget_install/job_widget_install.h>
  27 #include <dpl/foreach.h>
  28 #include <dpl/wrt-dao-ro/common_dao_types.h>
  29 #include <dpl/utils/bash_utils.h>
  30 #ifdef WRT_SMACK_ENABLED
  31 #include <privilege-control.h>
  32 #endif
  33
  34 #include <sstream>
  35
  36 namespace {
  37 const int MAX_BUF_SIZE = 128;
  38 const char* SMACK_RULE_STR = "/usr/bin/smackload-app.sh";
  39 }
  40
  41 namespace Jobs {
  42 namespace WidgetInstall {
  43 TaskSmack::TaskSmack(InstallerContext& context) :
  44     DPL::TaskDecl<TaskSmack>(this),
  45     m_context(context)
  46 {
  47     AddStep(&TaskSmack::SmackFolderLabelingStep);
  48     AddStep(&TaskSmack::SmackPrivilegeStep);
  49     AddStep(&TaskSmack::SmackTemporaryStep);
  50 }
  51
  52 void TaskSmack::SmackFolderLabelingStep()
  53 {
  54     LogInfo(
  55         "----------------> SMACK: \
  56             Jobs::WidgetInstall::TaskSmack::SmackFolderLabelingStep()");
  57
  58 #ifdef WRT_SMACK_ENABLED
  59     /* /opt/usr/apps/[pkgid] directory's label is "_" */
  60     std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
  61     if (PC_OPERATION_SUCCESS != app_label_dir("_",
  62                                               m_context.locations->
  63                                                   getPackageInstallationDir().
  64                                                   c_str()))
  65     {
  66         LogError("Set smack failure. Failed to add label for app root directory");
  67         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
  68                                          "Add Label failure");
  69     }
  70
  71     /* res directory */
  72     std::string resDir = m_context.locations->getPackageInstallationDir() +
  73         "/res";
  74     if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
  75                                               resDir.c_str()))
  76     {
  77         LogError("Set smack failure. Failed to add label for resource directory");
  78         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
  79                                          "Add Label failure");
  80     }
  81
  82     /* bin directory */
  83     if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
  84                                               m_context.locations->getBinaryDir()
  85                                                   .c_str()))
  86     {
  87         LogError("Set smack failure. Failed to add label for binary directory");
  88         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
  89                                          "Add Label failure");
  90     }
  91
  92     /* data directory */
  93     if (PC_OPERATION_SUCCESS != app_label_dir(tzPkgid.c_str(),
  94                                               m_context.locations->
  95                                                   getPrivateStorageDir().c_str()))
  96     {
  97         LogError("Set smack failure. Failed to add label for private storage directory");
  98         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
  99                                          "Add Label failure");
 100     }
 101
 102 #endif
 103 }
 104
 105 void TaskSmack::SmackPrivilegeStep()
 106 {
 107     LogInfo(
 108         "----------------> SMACK: \
 109             Jobs::WidgetInstall::TaskSmack::SmackPrivilegeStep()");
 110 #ifdef WRT_SMACK_ENABLED
 111     WrtDB::TizenPkgId tzPkgid = m_context.widgetConfig.tzPkgid;
 112 #if 0
 113     char** perm_list = new char*[m_context.staticPermittedDevCaps.size()];
 114
 115     int index = 0;
 116     FOREACH(it, m_context.staticPermittedDevCaps) {
 117         if (it->second) {
 118             LogInfo("Permission : " << it->first);
 119             perm_list[index++] =
 120                 const_cast<char*>(DPL::ToUTF8String(it->first).c_str());
 121         }
 122     }
 123     perm_list[index] = NULL;
 124
 125     int result = app_add_permissions(
 126             DPL::ToUTF8String(tzPkgid).c_str(),
 127             const_cast<const char**>(perm_list));
 128
 129 #else
 130     const char* perm_list[0];
 131     perm_list[0] = NULL;
 132 #endif
 133     if (m_context.job->getInstallerStruct().m_installMode
 134             != InstallMode::INSTALL_MODE_PRELOAD)
 135     {
 136         int result = app_add_permissions(
 137                 DPL::ToUTF8String(tzPkgid).c_str(), perm_list);
 138         if (PC_OPERATION_SUCCESS != result) {
 139             LogError("Failed to add permission to privilege");
 140             ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
 141                     "SMACK check failure");
 142         }
 143     }
 144
 145     m_context.job->UpdateProgress(
 146         InstallerContext::INSTALL_SMACK_ENABLE,
 147         "Widget SMACK Enabled");
 148 #endif
 149 }
 150
 151 void TaskSmack::SmackTemporaryStep()
 152 {
 153 #ifdef WRT_SMACK_ENABLED
 154     //This step is temporary for smack
 155
 156     LogInfo("----------------> SMACK: \
 157             Jobs::WidgetInstall::TaskSmack::SmackTemporaryStep()");
 158     std::ostringstream commStr;
 159     std::string tzPkgid = DPL::ToUTF8String(m_context.widgetConfig.tzPkgid);
 160     commStr << SMACK_RULE_STR << " " << BashUtils::escape_arg(tzPkgid);
 161     LogDebug("set smack rule command : " << commStr.str());
 162
 163     char readBuf[MAX_BUF_SIZE];
 164     memset(readBuf, 0x00, MAX_BUF_SIZE);
 165
 166     FILE *fd;
 167     fd = popen(commStr.str().c_str(), "r");
 168     if (NULL == fd) {
 169         LogError("Set smack rule failure. Failed to call script.");
 170         ThrowMsg(Exceptions::NotAllowed, "Instalation failure. "
 171                 "SMACK check failure");
 172     }
 173     pclose(fd);
 174 #endif
 175 }
 176
 177 } //namespace WidgetInstall
 178 } //namespace Jobs