summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-security/security-manager/security-manager/0003-Smack-rules-create-two-new-functions.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-app-framework/recipes-security/security-manager/security-manager/0003-Smack-rules-create-two-new-functions.patch')
-rw-r--r--meta-app-framework/recipes-security/security-manager/security-manager/0003-Smack-rules-create-two-new-functions.patch117
1 files changed, 0 insertions, 117 deletions
diff --git a/meta-app-framework/recipes-security/security-manager/security-manager/0003-Smack-rules-create-two-new-functions.patch b/meta-app-framework/recipes-security/security-manager/security-manager/0003-Smack-rules-create-two-new-functions.patch
deleted file mode 100644
index d79345e01..000000000
--- a/meta-app-framework/recipes-security/security-manager/security-manager/0003-Smack-rules-create-two-new-functions.patch
+++ /dev/null
@@ -1,117 +0,0 @@
-From a80e33bc0a10fa4bed5d0b7bf29f45dd2565d309 Mon Sep 17 00:00:00 2001
-From: Alejandro Joya <alejandro.joya.cruz@intel.com>
-Date: Wed, 4 Nov 2015 19:01:35 -0600
-Subject: [PATCH 03/14] Smack-rules: create two new functions
-
-It let to smack-rules to create multiple set of rules
-related with the privileges.
-
-It runs from the same bases than for a static set of rules on the
-template, but let you add 1 or many templates for different cases.
-
-Change-Id: I14f8d4e914ad5a7ba34c96f3cb5589f0b15292de
-Signed-off-by: Alejandro Joya <alejandro.joya.cruz@intel.com>
----
- src/common/include/smack-rules.h | 15 +++++++++++
- src/common/smack-rules.cpp | 44 ++++++++++++++++++++++++++++++++
- 2 files changed, 59 insertions(+)
-
-diff --git a/src/common/include/smack-rules.h b/src/common/include/smack-rules.h
-index 91446a7..3ad9dd4 100644
---- a/src/common/include/smack-rules.h
-+++ b/src/common/include/smack-rules.h
-@@ -47,6 +47,8 @@ public:
- void addFromTemplate(const std::vector<std::string> &templateRules,
- const std::string &appId, const std::string &pkgId);
- void addFromTemplateFile(const std::string &appId, const std::string &pkgId);
-+ void addFromTemplateFile(const std::string &appId, const std::string &pkgId,
-+ const std::string &path);
-
- void apply() const;
- void clear() const;
-@@ -74,6 +76,19 @@ public:
- */
- static void installApplicationRules(const std::string &appId, const std::string &pkgId,
- const std::vector<std::string> &pkgContents);
-+ /**
-+ * Install privileges-specific smack rules.
-+ *
-+ * Function creates smack rules using predefined template. Rules are applied
-+ * to the kernel and saved on persistent storage so they are loaded on system boot.
-+ *
-+ * @param[in] appId - application id that is beeing installed
-+ * @param[in] pkgId - package id that the application is in
-+ * @param[in] pkgContents - a list of all applications in the package
-+ * @param[in] privileges - a list of all prvileges
-+ */
-+ static void installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
-+ const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges);
- /**
- * Uninstall package-specific smack rules.
- *
-diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp
-index 3629e0f..922a56f 100644
---- a/src/common/smack-rules.cpp
-+++ b/src/common/smack-rules.cpp
-@@ -135,6 +135,29 @@ void SmackRules::saveToFile(const std::string &path) const
- }
- }
-
-+void SmackRules::addFromTemplateFile(const std::string &appId,
-+ const std::string &pkgId, const std::string &path)
-+{
-+ std::vector<std::string> templateRules;
-+ std::string line;
-+ std::ifstream templateRulesFile(path);
-+
-+ if (!templateRulesFile.is_open()) {
-+ LogError("Cannot open rules template file: " << path);
-+ ThrowMsg(SmackException::FileError, "Cannot open rules template file: " << path);
-+ }
-+
-+ while (std::getline(templateRulesFile, line)) {
-+ templateRules.push_back(line);
-+ }
-+
-+ if (templateRulesFile.bad()) {
-+ LogError("Error reading template file: " << APP_RULES_TEMPLATE_FILE_PATH);
-+ ThrowMsg(SmackException::FileError, "Error reading template file: " << APP_RULES_TEMPLATE_FILE_PATH);
-+ }
-+
-+ addFromTemplate(templateRules, appId, pkgId);
-+}
-
- void SmackRules::addFromTemplateFile(const std::string &appId,
- const std::string &pkgId)
-@@ -223,7 +246,28 @@ std::string SmackRules::getApplicationRulesFilePath(const std::string &appId)
- std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" + appId).c_str()));
- return path;
- }
-+void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
-+ const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges)
-+{
-+ SmackRules smackRules;
-+ std::string appPath = getApplicationRulesFilePath(appId);
-+ smackRules.loadFromFile(appPath);
-+ struct stat buffer;
-+ for (auto privilege : privileges) {
-+ if (privilege.empty())
-+ continue;
-+ std::string fprivilege ( privilege + "-template.smack");
-+ std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str()));
-+ if( stat(path.c_str(), &buffer) == 0)
-+ smackRules.addFromTemplateFile(appId, pkgId, path);
-+ }
-+
-+ if (smack_smackfs_path() != NULL)
-+ smackRules.apply();
-
-+ smackRules.saveToFile(appPath);
-+ updatePackageRules(pkgId, pkgContents);
-+}
- void SmackRules::installApplicationRules(const std::string &appId, const std::string &pkgId,
- const std::vector<std::string> &pkgContents)
- {
---
-2.21.0
-