From: Maciej J. Karpiuk Date: Wed, 25 Feb 2015 10:02:51 +0000 (+0100) Subject: CKM: CC mode uses user label to read & write keys. X-Git-Tag: security-manager_5.5_testing~9^2~104 X-Git-Url: http://review.tizen.org/git/?p=platform%2Fcore%2Ftest%2Fsecurity-tests.git;a=commitdiff_plain;h=69631f6918729d040237afc65c4df6c56d325ad1 CKM: CC mode uses user label to read & write keys. Buxton does not allow root to modify user owned keys. Change-Id: I106422a866fb6048ff359721dc30af68153661c8 --- diff --git a/tests/ckm/cc-mode.cpp b/tests/ckm/cc-mode.cpp index c54f3a6..e164917 100644 --- a/tests/ckm/cc-mode.cpp +++ b/tests/ckm/cc-mode.cpp @@ -54,17 +54,10 @@ const char* const DISABLED = "Disabled"; const char* const READY = "Ready"; const char* const UNSET = "Unset"; // Meaningless value for unset. +const char* const USER_LABEL = "User"; const char* const CKM_LOCK = "/var/run/key-manager.pid"; -// disable CC -/* - * k.tak: To unset vconf key on runtime is deprecated by vconf key policy. - * To make new vconf key on runtime is deprecated by vconf key policy. - * vconf key should be installed in package install time. - */ -int _unset_mdpp_key = vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, UNSET); - // Wrapper for mdpp state that restores the original value upon destruction class MdppState { @@ -81,24 +74,29 @@ private: MdppState::MdppState() { + ScopedLabel sl(USER_LABEL); m_original = vconf_get_str(VCONFKEY_SECURITY_MDPP_STATE); } MdppState::~MdppState() { + ScopedLabel sl(USER_LABEL); if (!m_original) vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, UNSET); else { vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, m_original); - free(m_original); } } void MdppState::set(const char* const value) { + ScopedLabel sl(USER_LABEL); if (value) - RUNNER_ASSERT_MSG(0 == vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, value), - "vconf_set() failed"); + { + int ret = vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, value); + RUNNER_ASSERT_MSG(0 == ret, + "vconf_set() failed, ec: " << ret); + } else vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, UNSET); }