2 * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Contact: Rafal Krypa <r.krypa@samsung.com>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License
20 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
22 * @brief This file contains list of all protocols suported by security-manager.
25 #ifndef _SECURITY_MANAGER_PROTOCOLS_
26 #define _SECURITY_MANAGER_PROTOCOLS_
28 #include <sys/types.h>
32 #include <dpl/serialization.h>
33 #include <security-manager.h>
37 * exported by the foundation API.
38 * result codes begin with the start error code and extend into negative direction.
42 /*! \brief indicating the result of the one specific API is successful */
43 #define SECURITY_MANAGER_API_SUCCESS 0
45 /*! \brief indicating the socket between client and Security Manager has been failed */
46 #define SECURITY_MANAGER_API_ERROR_SOCKET -1
48 /*! \brief indicating the request to Security Manager is malformed */
49 #define SECURITY_MANAGER_API_ERROR_BAD_REQUEST -2
51 /*! \brief indicating the response from Security Manager is malformed */
52 #define SECURITY_MANAGER_API_ERROR_BAD_RESPONSE -3
54 /*! \brief indicating the requested service does not exist */
55 #define SECURITY_MANAGER_API_ERROR_NO_SUCH_SERVICE -4
57 /*! \brief indicating requesting object is not exist */
58 #define SECURITY_MANAGER_API_ERROR_NO_SUCH_OBJECT -6
60 /*! \brief indicating the authentication between client and server has been failed */
61 #define SECURITY_MANAGER_API_ERROR_AUTHENTICATION_FAILED -7
63 /*! \brief indicating the API's input parameter is malformed */
64 #define SECURITY_MANAGER_API_ERROR_INPUT_PARAM -8
66 /*! \brief indicating the output buffer size which is passed as parameter is too small */
67 #define SECURITY_MANAGER_API_ERROR_BUFFER_TOO_SMALL -9
69 /*! \brief indicating system is running out of memory state */
70 #define SECURITY_MANAGER_API_ERROR_OUT_OF_MEMORY -10
72 /*! \brief indicating the access has been denied by Security Manager */
73 #define SECURITY_MANAGER_API_ERROR_ACCESS_DENIED -11
75 /*! \brief indicating Security Manager has been failed for some reason */
76 #define SECURITY_MANAGER_API_ERROR_SERVER_ERROR -12
78 /*! \brief indicating getting smack label from socket failed */
79 #define SECURITY_MANAGER_API_ERROR_GETTING_SOCKET_LABEL_FAILED -21
81 /*! \brief indicating getting smack label from file failed */
82 #define SECURITY_MANAGER_API_ERROR_GETTING_FILE_LABEL_FAILED -22
84 /*! \brief indicating setting smack label for file failed */
85 #define SECURITY_MANAGER_API_ERROR_SETTING_FILE_LABEL_FAILED -23
87 /*! \brief indicating file already exists */
88 #define SECURITY_MANAGER_API_ERROR_FILE_EXIST -24
90 /*! \brief indicating file does not exist */
91 #define SECURITY_MANAGER_API_ERROR_FILE_NOT_EXIST -25
93 /*! \brief indicating file open error */
94 #define SECURITY_MANAGER_API_ERROR_FILE_OPEN_FAILED -26
96 /*! \brief indicating file creation error */
97 #define SECURITY_MANAGER_API_ERROR_FILE_CREATION_FAILED -27
99 /*! \brief indicating file deletion error */
100 #define SECURITY_MANAGER_API_ERROR_FILE_DELETION_FAILED -28
102 /*! \brief indicating the error with unknown reason */
103 #define SECURITY_MANAGER_API_ERROR_UNKNOWN -255
107 struct app_inst_req {
110 std::vector<std::string> privileges;
111 std::vector<std::pair<std::string, int>> appPaths;
120 namespace SecurityManager {
122 extern char const * const SERVICE_SOCKET;
123 extern char const * const MASTER_SERVICE_SOCKET;
124 extern char const * const SLAVE_SERVICE_SOCKET;
126 enum class SecurityModuleCall
136 GET_CONF_POLICY_ADMIN,
137 GET_CONF_POLICY_SELF,
138 POLICY_GET_DESCRIPTIONS,
139 GET_PRIVILEGES_MAPPING,
144 enum class MasterSecurityModuleCall
146 CYNARA_UPDATE_POLICY,
150 GET_CONFIGURED_POLICY,
154 SMACK_UNINSTALL_RULES,
157 } // namespace SecurityManager
159 using namespace SecurityManager;
161 struct policy_entry : ISerializable {
162 std::string user; // uid converted to string
163 std::string appId; // application identifier
164 std::string privilege; // Cynara privilege
165 std::string currentLevel; // current level of privielege, or level asked to be set in privacy manager bucket
166 std::string maxLevel; // holds read maximum policy status or status to be set in admin bucket
168 policy_entry() : user(std::to_string(getuid())),
169 appId(SECURITY_MANAGER_ANY),
170 privilege(SECURITY_MANAGER_ANY),
175 policy_entry(IStream &stream) {
176 Deserialization::Deserialize(stream, user);
177 Deserialization::Deserialize(stream, appId);
178 Deserialization::Deserialize(stream, privilege);
179 Deserialization::Deserialize(stream, currentLevel);
180 Deserialization::Deserialize(stream, maxLevel);
183 virtual void Serialize(IStream &stream) const {
184 Serialization::Serialize(stream, user);
185 Serialization::Serialize(stream, appId);
186 Serialization::Serialize(stream, privilege);
187 Serialization::Serialize(stream, currentLevel);
188 Serialization::Serialize(stream, maxLevel);
192 typedef struct policy_entry policy_entry;
195 struct policy_update_req {
196 std::vector<const policy_entry *> units;
200 #endif // _SECURITY_MANAGER_PROTOCOLS_