Generic solution for onlycap issues

[platform/core/test/security-tests.git] / src / ckm / privileged / access_provider2.cpp

diff --git a/src/ckm/privileged/access_provider2.cpp b/src/ckm/privileged/access_provider2.cpp
index 58a98eb..2d98ace 100644 (file)
--- a/src/ckm/privileged/access_provider2.cpp
+++ b/src/ckm/privileged/access_provider2.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2013 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
 /*
  * @file        access_provider.cpp
  * @author      Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @author      Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
  * @version     1.0
  * @brief       Common functions and macros used in security-tests package.
  */
@@ -26,6 +27,7 @@
 #include <access_provider2.h>
 #include <tests_common.h>
 #include <ckm-common.h>
+#include <scoped_process_label.h>
 
 namespace {
 
@@ -59,6 +61,11 @@ AccessProvider::AccessProvider(const std::string &ownerId, int uid, int gid)
     applyAndSwithToUser(uid, gid);
 }
 
+AccessProvider::~AccessProvider()
+{
+
+}
+
 void AccessProvider::allowAPI(const std::string &api, const std::string &rule) {
     m_smackAccess.add(m_mySubject, api, rule);
 }
@@ -74,21 +81,11 @@ void AccessProvider::applyAndSwithToUser(int uid, int gid)
 {
     RUNNER_ASSERT_MSG(m_inSwitchContext == false, "already switched context");
 
-    // get calling label
-    char* my_label = NULL;
-    RUNNER_ASSERT(smack_new_label_from_self(&my_label) > 0);
-    if(my_label)
-    {
-        m_origLabel = std::string(my_label);
-        free(my_label);
-    }
-    RUNNER_ASSERT(m_origLabel.size() > 0);
-
     RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_mySubject.c_str()),
         "Error in smack_revoke_subject(" << m_mySubject << ")");
     apply();
-    RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(m_mySubject.c_str()),
-        "Error in smack_set_label_for_self.");
+
+    m_processLabel.reset(new ScopedProcessLabel(m_mySubject));
 
     m_origUid = getuid();
     m_origGid = getgid();
@@ -111,8 +108,7 @@ ScopedAccessProvider::~ScopedAccessProvider()
         RUNNER_ASSERT_MSG(0 == seteuid(m_origUid), "Error in setuid.");
         RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_mySubject.c_str()),
             "Error in smack_revoke_subject(" << m_mySubject << ")");
-        RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(m_origLabel.c_str()),
-            "Error in smack_set_label_for_self.");
+        m_processLabel.reset();
         m_inSwitchContext = false;
     }
 }