Use /tmp/mm-session directory for session files

 - cleanup at constructor if already exists

[Version] 0.2.17
[Issue Type] Security

Change-Id: Iee9e5a921044e7769f5f71480fc8d5531c413631
(cherry picked from commit c59e406dee771b76842bfdaa89efd9634f7a7784)

diff --git a/mm_session.c b/mm_session.c
index d605f1c..87c2e6b 100644 (file)
--- a/mm_session.c
+++ b/mm_session.c
@@ -218,7 +218,7 @@ int _mm_session_util_delete_information(int app_pid)
                mypid = (pid_t)app_pid;
 
        ////// DELETE SESSION TYPE /////////
-       snprintf(filename, sizeof(filename)-1, "/tmp/mm_session_%d", mypid);
+       snprintf(filename, sizeof(filename)-1, "/tmp/mm-session/mm_session_%d", mypid);
        if (-1 ==  unlink(filename))
                return MM_ERROR_FILE_NOT_FOUND;
        ////// DELETE SESSION TYPE /////////
@@ -242,7 +242,7 @@ int _mm_session_util_write_type(int app_pid, int sessiontype)
                mypid = (pid_t)app_pid;
 
        ////// WRITE SESSION TYPE /////////
-       snprintf(filename, sizeof(filename)-1, "/tmp/mm_session_%d", mypid);
+       snprintf(filename, sizeof(filename)-1, "/tmp/mm-session/mm_session_%d", mypid);
        fd = open(filename, O_WRONLY | O_CREAT, 0644);
        if (fd < 0) {
                debug_error("open() failed with %d", errno);
@@ -250,10 +250,10 @@ int _mm_session_util_write_type(int app_pid, int sessiontype)
        }
        sessiontype = sessiontype << 16;
        write(fd, &sessiontype, sizeof(int));
-       if (0 > fchmod(fd, 00777))
+       if (0 > fchmod(fd, 00666))
                debug_error("fchmod failed with %d", errno);
        else
-               debug_warning("write sessiontype(%d) to /tmp/mm_session_%d", sessiontype >> 16, mypid);
+               debug_warning("write sessiontype(%d) to /tmp/mm-session/mm_session_%d", sessiontype >> 16, mypid);
 
        close(fd);
        ////// WRITE SESSION TYPE /////////
@@ -280,14 +280,14 @@ int _mm_session_util_read_type(int app_pid, int *sessiontype)
                mypid = (pid_t)app_pid;
 
        ////// READ SESSION TYPE /////////
-       snprintf(filename, sizeof(filename)-1, "/tmp/mm_session_%d", mypid);
+       snprintf(filename, sizeof(filename)-1, "/tmp/mm-session/mm_session_%d", mypid);
        fd = open(filename, O_RDONLY);
        if (fd < 0)
                return MM_ERROR_INVALID_HANDLE;
 
        if (read(fd, sessiontype, sizeof(int)) == sizeof(int)) {
                *sessiontype = *sessiontype >> 16;
-               debug_warning("read sessiontype(%d) from /tmp/mm_session_%d", *sessiontype, mypid);
+               debug_warning("read sessiontype(%d) from /tmp/mm-session/mm_session_%d", *sessiontype, mypid);
        } else {
                debug_error("failed to read from %s, errno %d", filename, errno);
                result = MM_ERROR_INVALID_HANDLE;
@@ -322,7 +322,7 @@ int _mm_session_util_write_information(int app_pid, int session_type, int flags)
                mypid = (pid_t)app_pid;
 
        ////// WRITE SESSION INFO /////////
-       snprintf(filename, sizeof(filename)-1, "/tmp/mm_session_%d", mypid);
+       snprintf(filename, sizeof(filename)-1, "/tmp/mm-session/mm_session_%d", mypid);
        fd = open(filename, O_WRONLY | O_CREAT, 0644);
        if (fd < 0) {
                debug_error("open() failed with %d", errno);
@@ -331,10 +331,10 @@ int _mm_session_util_write_information(int app_pid, int session_type, int flags)
 
        result_info = (flags) | (session_type << 16);
        write(fd, &result_info, sizeof(int));
-       if (0 > fchmod(fd, 00777))
+       if (0 > fchmod(fd, 00666))
                debug_error("fchmod failed with %d", errno);
        else
-               debug_warning("write session information(%x) to /tmp/mm_session_%d", result_info, mypid);
+               debug_warning("write session information(%x) to /tmp/mm-session/mm_session_%d", result_info, mypid);
        close(fd);
        ////// WRITE SESSION INFO /////////
 
@@ -361,14 +361,14 @@ int _mm_session_util_read_information(int app_pid, int *session_type, int *flags
                mypid = (pid_t)app_pid;
 
        ////// READ SESSION INFO /////////
-       snprintf(filename, sizeof(filename)-1, "/tmp/mm_session_%d", mypid);
+       snprintf(filename, sizeof(filename)-1, "/tmp/mm-session/mm_session_%d", mypid);
        fd = open(filename, O_RDONLY);
        if (fd < 0)
                return MM_ERROR_INVALID_HANDLE;
        if (read(fd, &result_info, sizeof(int)) == sizeof(int)) {
                *session_type = result_info >> 16;
                *flags = result_info & 0x0000ffff;
-               debug_warning("read session_type(%d), session_option(%x) from /tmp/mm_session_%d", *session_type, *flags, mypid);
+               debug_warning("read session_type(%d), session_option(%x) from /tmp/mm-session/mm_session_%d", *session_type, *flags, mypid);
        } else {
                debug_error("failed to read from %s, errno %d", filename, errno);
                result = MM_ERROR_INVALID_HANDLE;
@@ -461,6 +461,21 @@ static bool _is_dotnet_app(void)
 }
 #endif
 
+static void _mm_session_util_clear_information(void)
+{
+       char filename[MAX_FILE_LENGTH] = {'\0',};
+       int pid = (int)getpid();
+
+       snprintf(filename, sizeof(filename)-1, "/tmp/mm-session/mm_session_%d", pid);
+
+       if (access(filename, F_OK) != 0)
+               return; /* nothing to clear */
+
+       debug_warning("[%s] exists...delete now!!!", filename);
+       if (unlink(filename) == -1)
+               debug_error("[%s] unlink failed, errno=%d", filename, errno);
+}
+
 __attribute__ ((constructor))
 void __mmsession_initialize(void)
 {
@@ -468,6 +483,8 @@ void __mmsession_initialize(void)
 
        debug_fenter();
 
+       _mm_session_util_clear_information();
+
 #ifdef TIZEN_TV
        if (_is_dotnet_app()) {
                debug_warning("no signal handler for dotnet!!");

diff --git a/packaging/libmm-session.spec b/packaging/libmm-session.spec
index e1509e6..f2bd4e9 100644 (file)
--- a/packaging/libmm-session.spec
+++ b/packaging/libmm-session.spec
@@ -1,12 +1,14 @@
 Name:       libmm-session
 Summary:    Multimedia Session Library
-Version:    0.2.16
+Version:    0.2.17
 Release:    0
 Group:      Multimedia/Libraries
 License:    Apache-2.0
 Source0:    libmm-session-%{version}.tar.gz
 Source1001:     libmm-session.manifest
+Source10:   mm-session.conf
 BuildRequires:  pkgconfig(mm-common)
+BuildRequires:    pkgconfig(libsystemd)
 
 %description
 Multimedia Session Library package.
@@ -37,6 +39,9 @@ CFLAGS="$CFLAGS -Wp,-D_FORTIFY_SOURCE=0"
 %install
 %make_install
 
+mkdir -p %{buildroot}%{_tmpfilesdir}
+install -m 0644 %SOURCE10 %{buildroot}%{_tmpfilesdir}/mm-session.conf
+
 %post -p /sbin/ldconfig
 
 %postun -p /sbin/ldconfig
@@ -46,6 +51,7 @@ CFLAGS="$CFLAGS -Wp,-D_FORTIFY_SOURCE=0"
 %license LICENSE
 %defattr(-,root,root,-)
 %{_libdir}/libmmfsession.so.*
+%{_tmpfilesdir}/mm-session.conf
 
 %files devel
 %manifest %{name}.manifest

diff --git a/packaging/mm-session.conf b/packaging/mm-session.conf
new file mode 100644 (file)
index 0000000..a0b3b42
--- /dev/null
+++ b/packaging/mm-session.conf
@@ -0,0 +1,3 @@
+d /tmp/mm-session      1777    root    users
+t /tmp/mm-session      -       -       -       -       security.SMACK64="User::App::Shared"
+t /tmp/mm-session      -       -       -       -       security.SMACK64TRANSMUTE="TRUE"