diff options
author | José Bollo <jose.bollo@iot.bzh> | 2019-11-26 15:21:18 +0100 |
---|---|---|
committer | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2019-12-03 16:44:27 +0000 |
commit | a13d8ad3225f316fc7d7edaf2805b6cf2e3b5dd1 (patch) | |
tree | 81211b592eaa332473f3dee50ae756b91335bb87 /meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch | |
parent | 2fa5dae62868c63781568eeb5435ed3296c2ddc2 (diff) |
security-manager: Improve integration
This fixes some issues encountered by the current
integration of the security-manager:
- its recipes is spread in too much directories (see SPEC-2092)
- its initialization should be checked (see SPEC-2091)
- the location of the database has to be changed
(see SPEC-1717 that provided a workaround)
All in one, I decided to create that ticket that summarize
the work that can be quickly achieved to answer all this
issues that are tightly coupled.
Bug-AGL: SPEC-2972
Bug-AGL: SPEC-2092
Bug-AGL: SPEC-2091
Bug-AGL: SPEC-1717
Change-Id: I7af941c25cfa1624d76c2e8f512f6535918912f0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch')
-rw-r--r-- | meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch b/meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch new file mode 100644 index 000000000..3b8aad98c --- /dev/null +++ b/meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch @@ -0,0 +1,47 @@ +From ec098bf03cea23350ca7d1ea2ad88b9c88228943 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh> +Date: Fri, 8 Jan 2016 16:53:46 +0100 +Subject: [PATCH 06/14] socket-manager: removes tizen specific call +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The function 'smack_fgetlabel' is specific to Tizen +and is no more maintained upstream. + +Upstream-Status: Accepted [https://review.tizen.org/gerrit/#/c/56507/] + +Change-Id: I3802742b1758efe37b33e6d968ff727d68f2fd1f +Signed-off-by: José Bollo <jobol@nonadev.net> +--- + src/server/main/socket-manager.cpp | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/server/main/socket-manager.cpp b/src/server/main/socket-manager.cpp +index 94c54c6..5e1a79b 100644 +--- a/src/server/main/socket-manager.cpp ++++ b/src/server/main/socket-manager.cpp +@@ -30,6 +30,7 @@ + #include <sys/types.h> + #include <sys/socket.h> + #include <sys/smack.h> ++#include <linux/xattr.h> + #include <sys/un.h> + #include <sys/stat.h> + #include <unistd.h> +@@ -493,9 +494,9 @@ int SocketManager::CreateDomainSocketHelp( + if (smack_check()) { + LogInfo("Set up smack label: " << desc.smackLabel); + +- if (0 != smack_fsetlabel(sockfd, desc.smackLabel.c_str(), SMACK_LABEL_IPIN)) { +- LogError("Error in smack_fsetlabel"); +- ThrowMsg(Exception::InitFailed, "Error in smack_fsetlabel"); ++ if (0 != smack_set_label_for_file(sockfd, XATTR_NAME_SMACKIPIN, desc.smackLabel.c_str())) { ++ LogError("Error in smack_set_label_for_file"); ++ ThrowMsg(Exception::InitFailed, "Error in smack_set_label_for_file"); + } + } else { + LogInfo("No smack on platform. Socket won't be securied with smack label!"); +-- +2.21.0 + |