From a13d8ad3225f316fc7d7edaf2805b6cf2e3b5dd1 Mon Sep 17 00:00:00 2001 From: José Bollo Date: Tue, 26 Nov 2019 15:21:18 +0100 Subject: security-manager: Improve integration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes some issues encountered by the current integration of the security-manager: - its recipes is spread in too much directories (see SPEC-2092) - its initialization should be checked (see SPEC-2091) - the location of the database has to be changed (see SPEC-1717 that provided a workaround) All in one, I decided to create that ticket that summarize the work that can be quickly achieved to answer all this issues that are tightly coupled. Bug-AGL: SPEC-2972 Bug-AGL: SPEC-2092 Bug-AGL: SPEC-2091 Bug-AGL: SPEC-1717 Change-Id: I7af941c25cfa1624d76c2e8f512f6535918912f0 Signed-off-by: José Bollo --- ...ocket-manager-removes-tizen-specific-call.patch | 47 ++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch (limited to 'meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch') diff --git a/meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch b/meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch new file mode 100644 index 000000000..3b8aad98c --- /dev/null +++ b/meta-security/recipes-security/security-manager/security-manager/0006-socket-manager-removes-tizen-specific-call.patch @@ -0,0 +1,47 @@ +From ec098bf03cea23350ca7d1ea2ad88b9c88228943 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jos=C3=A9=20Bollo?= +Date: Fri, 8 Jan 2016 16:53:46 +0100 +Subject: [PATCH 06/14] socket-manager: removes tizen specific call +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The function 'smack_fgetlabel' is specific to Tizen +and is no more maintained upstream. + +Upstream-Status: Accepted [https://review.tizen.org/gerrit/#/c/56507/] + +Change-Id: I3802742b1758efe37b33e6d968ff727d68f2fd1f +Signed-off-by: José Bollo +--- + src/server/main/socket-manager.cpp | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/server/main/socket-manager.cpp b/src/server/main/socket-manager.cpp +index 94c54c6..5e1a79b 100644 +--- a/src/server/main/socket-manager.cpp ++++ b/src/server/main/socket-manager.cpp +@@ -30,6 +30,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -493,9 +494,9 @@ int SocketManager::CreateDomainSocketHelp( + if (smack_check()) { + LogInfo("Set up smack label: " << desc.smackLabel); + +- if (0 != smack_fsetlabel(sockfd, desc.smackLabel.c_str(), SMACK_LABEL_IPIN)) { +- LogError("Error in smack_fsetlabel"); +- ThrowMsg(Exception::InitFailed, "Error in smack_fsetlabel"); ++ if (0 != smack_set_label_for_file(sockfd, XATTR_NAME_SMACKIPIN, desc.smackLabel.c_str())) { ++ LogError("Error in smack_set_label_for_file"); ++ ThrowMsg(Exception::InitFailed, "Error in smack_set_label_for_file"); + } + } else { + LogInfo("No smack on platform. Socket won't be securied with smack label!"); +-- +2.21.0 + -- cgit 1.2.3-korg