diff options
| author |   Marius Vlad <marius.vlad@collabora.com> | 2020-07-10 15:56:21 +0300 |
|---|---|---|
| committer | Marius Vlad <marius.vlad@collabora.com> | 2020-07-14 19:34:18 +0300 |
| commit | 5fe16df2348396c87ab24ef5e2a5e6ceaf2eb4c6 (patch) | |
| tree | 937050fa71edc8236625d08008cd7a8a4f833803 | |
| parent | 39ea644837dd29cd47a579a9703b43458187f82b (diff) | |
policy-*: Remove any private binding restrictions for allow-all policyjellyfish_9.99.2jellyfish/9.99.29.99.2
As we don't have any proper mechanisms in place to perform some
level of authentication on the clients binding to the private extensions,
we will resort to allow that to happen, under the default, allow-all policy.
In the same time we add some helpers for checking which applications can
bind to the private extensions but this is for the deny-all policy.
This also includes cluster-receiver and cluster-dashboard application to
that array, as without it the cluster-demo will not all work when using
the deny-all policy.
Bug-AGL: SPEC-3382
Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
Change-Id: I9ea0d8fd63a323bfcee6aa146a1617aa572d131f
| -rw-r--r-- | src/policy-default.c | 44 | ||||
| -rw-r--r-- | src/policy-deny.c | 56 |
2 files changed, 49 insertions, 51 deletions
diff --git a/src/policy-default.c b/src/policy-default.c index a09bb1a..8d70684 100644 --- a/src/policy-default.c +++ b/src/policy-default.c @@ -84,52 +84,14 @@ ivi_policy_default_surface_advertise_state_change(struct ivi_surface *surf, void return true; } -#ifdef HAVE_SMACK -static bool -ivi_policy_default_shell_bind_interface(void *client, void *interface) -{ - struct wl_interface *shell_interface = interface; - struct wl_client *conn_client = client; - - pid_t pid, uid, gid; - int client_fd; - char *label; - bool ret = false; - - wl_client_get_credentials(conn_client, &pid, &uid, &gid); - - client_fd = wl_client_get_fd(conn_client); - if (smack_new_label_from_socket(client_fd, &label) < 0) { - return ret; - } - - if (strcmp(shell_interface->name, "agl_shell") == 0) - if (strcmp(label, "User::App::homescreen") == 0) - ret = true; - - if (strcmp(shell_interface->name, "agl_shell_desktop") == 0) - if (strcmp(label, "User::App::launcher") == 0 || - strcmp(label, "User::App::alexa-viewer") == 0 || - strcmp(label, "User::App::tbtnavi") == 0 || - strcmp(label, "User::App::hvac") == 0) - ret = true; - - if (ret) - weston_log("Client with pid %d, uid %d, gid %d, allowed " - "to bind to %s for label %s\n", pid, uid, gid, - shell_interface->name, label); - - /* client responsible for free'ing */ - free(label); - return ret; -} -#else +/* we allow all applications to bind to private extensions. See the deny-all + * policy instead for how to retrieve the clients fd and its label to check + * against */ static bool ivi_policy_default_shell_bind_interface(void *client, void *interface) { return true; } -#endif static bool ivi_policy_default_allow_to_add(void *user_data) diff --git a/src/policy-deny.c b/src/policy-deny.c index 5b2336a..823f331 100644 --- a/src/policy-deny.c +++ b/src/policy-deny.c @@ -33,10 +33,26 @@ #include <string.h> #include "shared/helpers.h" +#ifdef HAVE_SMACK +static const char *const bind_agl_shell[] = { + "User::App::homescreen", + "User::App::cluster-gauges" /* cluster-dashboard */ +}; + +static const char *const bind_agl_shell_desktop[] = { + "User::App::launcher", + "User::App::alexa-viewer", + "User::App::tbtnavi", + "User::App::hvac", + "User::App::xdg-cluster-receiver", /* cluster-receiver, native XDG app*/ + "User::App::cluster-receiver" /* cluster-receiver, Qt app */ +}; +#endif -static const char *const applications_permitted[] = { "homescreen", "alexa-viewer", - "launcher", "hvac", - "navigation", "mediaplayer" }; +static const char *const applications_permitted[] = { + "homescreen", "alexa-viewer", "launcher", "hvac", + "navigation", "mediaplayer" +}; /* helper start searches the applications_permitted for the * app_id @@ -51,6 +67,31 @@ ivi_policy_verify_permitted_app(const char *app_id) return false; } +#ifdef HAVE_SMACK +/* helper to determine which applications are allowed to bind to the + * private extensions + */ +static bool +ivi_policy_check_bind_agl_shell(const char *app_id) +{ + for (size_t i = 0; i < ARRAY_LENGTH(bind_agl_shell); i++) + if (strcmp(app_id, bind_agl_shell[i]) == 0) + return true; + + return false; +} + +static bool +ivi_policy_check_bind_agl_shell_desktop(const char *app_id) +{ + for (size_t i = 0; i < ARRAY_LENGTH(bind_agl_shell_desktop); i++) + if (strcmp(app_id, bind_agl_shell_desktop[i]) == 0) + return true; + + return false; +} +#endif + static bool ivi_policy_verify_ivi_surface(struct ivi_surface *surf) { @@ -124,15 +165,10 @@ ivi_policy_default_shell_bind_interface(void *client, void *interface) } if (strcmp(shell_interface->name, "agl_shell") == 0) - if (strcmp(label, "User::App::homescreen") == 0) - ret = true; + ret = ivi_policy_check_bind_agl_shell(label); if (strcmp(shell_interface->name, "agl_shell_desktop") == 0) - if (strcmp(label, "User::App::launcher") == 0 || - strcmp(label, "User::App::alexa-viewer") == 0 || - strcmp(label, "User::App::tbtnavi") == 0 || - strcmp(label, "User::App::hvac") == 0) - ret = true; + ret = ivi_policy_check_bind_agl_shell_desktop(label); if (ret) weston_log("Client with pid %d, uid %d, gid %d, allowed " |