summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorInkyun Kil <inkyun.kil@samsung.com>2018-02-09 17:27:06 +0900
committerInkyun Kil <inkyun.kil@samsung.com>2018-02-21 09:04:46 +0900
commit5f00b889055e144cd3add90b4db9af007575bcf2 (patch)
treee559f66fadd1a2cd3fc3511603fa00ee474689fd
parentf4a51e5309704fc7f754388f40ccaffdb6936f91 (diff)
downloadalarm-manager-5f00b889055e144cd3add90b4db9af007575bcf2.tar.gz
alarm-manager-5f00b889055e144cd3add90b4db9af007575bcf2.tar.bz2
alarm-manager-5f00b889055e144cd3add90b4db9af007575bcf2.zip
Add configuration files
Service Applications should be able to register exact alarms at some profiles. To support it, make configuration files Change-Id: I4a82008be8fe20370c9b5e16044d1d677df3e6c1 Signed-off-by: Inkyun Kil <inkyun.kil@samsung.com>
-rw-r--r--CMakeLists.txt1
-rw-r--r--conf/CMakeLists.txt3
-rw-r--r--conf/alarm-config-all-service-permitted0
-rw-r--r--conf/alarm-config-platform-service-permitted0
-rw-r--r--conf/alarm-config-service-restricted0
-rwxr-xr-xpackaging/alarm-manager.spec44
-rw-r--r--src/CMakeLists.txt2
-rwxr-xr-xsrc/alarm-lib.c127
8 files changed, 169 insertions, 8 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 8366170..47ec444 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -43,6 +43,7 @@ TARGET_LINK_LIBRARIES(${this_target} alarm)
ADD_SUBDIRECTORY(src)
ADD_SUBDIRECTORY(tool)
ADD_SUBDIRECTORY(alarm-session-agent)
+ADD_SUBDIRECTORY(conf)
CONFIGURE_FILE(alarm-service.conf.in alarm-service.conf @ONLY)
INSTALL(TARGETS ${this_target} DESTINATION ${CMAKE_INSTALL_PREFIX}/bin)
diff --git a/conf/CMakeLists.txt b/conf/CMakeLists.txt
new file mode 100644
index 0000000..41a374e
--- /dev/null
+++ b/conf/CMakeLists.txt
@@ -0,0 +1,3 @@
+INSTALL(FILES alarm-config-all-service-permitted DESTINATION ${ALARM_CONF_DIR})
+INSTALL(FILES alarm-config-platform-service-permitted DESTINATION ${ALARM_CONF_DIR})
+INSTALL(FILES alarm-config-service-restricted DESTINATION ${ALARM_CONF_DIR})
diff --git a/conf/alarm-config-all-service-permitted b/conf/alarm-config-all-service-permitted
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/conf/alarm-config-all-service-permitted
diff --git a/conf/alarm-config-platform-service-permitted b/conf/alarm-config-platform-service-permitted
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/conf/alarm-config-platform-service-permitted
diff --git a/conf/alarm-config-service-restricted b/conf/alarm-config-service-restricted
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/conf/alarm-config-service-restricted
diff --git a/packaging/alarm-manager.spec b/packaging/alarm-manager.spec
index 34c49ef..ec71df0 100755
--- a/packaging/alarm-manager.spec
+++ b/packaging/alarm-manager.spec
@@ -32,6 +32,7 @@ BuildRequires: pkgconfig(eventsystem)
BuildRequires: pkgconfig(notification)
BuildRequires: python-xml
BuildRequires: pkgconfig(capi-system-info)
+BuildRequires: pkgconfig(cert-svc-vcore)
%description
Alarm Server and devel libraries
@@ -41,7 +42,6 @@ Alarm Server and devel libraries
Summary: Alarm server
Group: Development/Libraries
-
%description -n alarm-server
Alarm Server, manages alarms
@@ -51,7 +51,6 @@ Summary: Alarm server libraries
Group: Development/Libraries
Requires: alarm-server = %{version}-%{release}
-
%description -n libalarm
Alarm server libraries for client
@@ -61,10 +60,37 @@ Summary: Alarm server libraries (devel)
Group: Development/Libraries
Requires: libalarm = %{version}-%{release}
-
%description -n libalarm-devel
Alarm server libraries development package (devel)
+
+%package -n alarm-config-all-service-permitted
+Summary: Configuration for permitting all service applications
+Group: Development/Libraries
+Requires: libalarm = %{version}-%{release}
+
+%description -n alarm-config-all-service-permitted
+A configuration file package for permitting all service applications
+
+
+%package -n alarm-config-platform-service-permitted
+Summary: Configuration for permitting platform service applications
+Group: Development/Libraries
+Requires: libalarm = %{version}-%{release}
+
+%description -n alarm-config-platform-service-permitted
+A configuration file package for permitting all service applications that have been platform certified
+
+
+%package -n alarm-config-service-restricted
+Summary: Configuration for restricting service applications
+Group: Development/Libraries
+Requires: libalarm = %{version}-%{release}
+
+%description -n alarm-config-service-restricted
+A configuration file package for restricting service applications
+
+
%prep
%setup -q
@@ -84,7 +110,8 @@ export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE"
-DFULLVER=%{version} \
-DMAJORVER=${MAJORVER} \
-DTZ_SYS_ETC=%{TZ_SYS_ETC} \
- -D_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG:BOOL=${_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG}
+ -D_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG:BOOL=${_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG} \
+ -DALARM_CONF_DIR=%{_datadir}/alarm-manager
make %{?jobs:-j%jobs}
@@ -154,3 +181,12 @@ fi
%{_includedir}/*.h
%{_libdir}/pkgconfig/*.pc
%{_libdir}/*.so
+
+%files -n alarm-config-all-service-permitted
+%{_datadir}/alarm-manager/alarm-config-all-service-permitted
+
+%files -n alarm-config-platform-service-permitted
+%{_datadir}/alarm-manager/alarm-config-platform-service-permitted
+
+%files -n alarm-config-service-restricted
+%{_datadir}/alarm-manager/alarm-config-service-restricted
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index c28727d..d07eda3 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -2,7 +2,7 @@ SET(this_target alarm)
INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
-SET(LIB_PKGS glib-2.0 gobject-2.0 dlog bundle appsvc gio-2.0 gio-unix-2.0 libtzplatform-config notification)
+SET(LIB_PKGS glib-2.0 gobject-2.0 dlog bundle appsvc gio-2.0 gio-unix-2.0 libtzplatform-config notification cert-svc-vcore)
INCLUDE(FindPkgConfig)
pkg_check_modules(lib_pkgs REQUIRED ${LIB_PKGS})
diff --git a/src/alarm-lib.c b/src/alarm-lib.c
index 7937704..7badcf5 100755
--- a/src/alarm-lib.c
+++ b/src/alarm-lib.c
@@ -35,6 +35,9 @@
#include <gio/gio.h>
#include <pkgmgr-info.h>
#include <notification.h>
+#include <tzplatform_config.h>
+#include <cert-svc/ccert.h>
+#include <cert-svc/cinstance.h>
#ifndef EXPORT_API
#define EXPORT_API __attribute__ ((visibility("default")))
@@ -79,6 +82,14 @@ guint registration_id;
static GDBusNodeInfo *introspection_data;
+typedef enum {
+ ALARM_MANAGER_SVC_UNKNOWN = 0,
+ ALARM_MANAGER_SVC_RESTRICTED,
+ ALARM_MANAGER_SVC_PERMITTED
+} svc_allowed_e;
+
+static svc_allowed_e svc_allowed;
+
static const gchar introspection_xml[] =
"<node name='/org/tizen/alarm/client'>"
" <interface name='org.tizen.alarm.client'>"
@@ -328,17 +339,121 @@ static int __bg_category_func(const char *name, void *user_data)
return 0;
}
-static bool __is_permitted(const char *app_id, int alarm_type)
+static bool __permit_by_config(pkgmgrinfo_appinfo_h handle)
{
- if (app_id == NULL) {
- ALARM_MGR_EXCEPTION_PRINT("app_id is NULL. Only expicit launch is permitted\n");
+ ALARM_MGR_LOG_PRINT("svc_allowed is %d", svc_allowed);
+ switch (svc_allowed) {
+ case ALARM_MANAGER_SVC_RESTRICTED:
return false;
+ case ALARM_MANAGER_SVC_PERMITTED:
+ return true;
+ case ALARM_MANAGER_SVC_UNKNOWN:
+ break;
+ default:
+ break;
}
+ if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
+ "alarm-manager/alarm-config-service-restricted"), F_OK) == 0) {
+ ALARM_MGR_LOG_PRINT("This profile restrict alarms for service applications\n");
+ svc_allowed = ALARM_MANAGER_SVC_RESTRICTED;
+ return false;
+ }
+
+ if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
+ "alarm-manager/alarm-config-platform-service-permitted"), F_OK) == 0) {
+ ALARM_MGR_LOG_PRINT("This profile permit alarm for service applications which has platform cert\n");
+ char *pkgid;
+ int r;
+ const char *cert_value;
+ pkgmgrinfo_certinfo_h certinfo;
+ CertSvcInstance instance;
+ CertSvcCertificate certificate;
+ CertSvcVisibility visibility = CERTSVC_VISIBILITY_PUBLIC;
+
+ r = pkgmgrinfo_appinfo_get_pkgid(handle, &pkgid);
+ if (r != PMINFO_R_OK) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to get certinfo pkgid");
+ return false;
+ }
+
+ r = pkgmgrinfo_pkginfo_create_certinfo(&certinfo);
+ if (r != PMINFO_R_OK) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to create certinfo");
+ return false;
+ }
+
+ r = pkgmgrinfo_pkginfo_load_certinfo(pkgid, certinfo, getuid());
+ if (r != PMINFO_R_OK) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to load certinfo");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ return false;
+ }
+
+ r = pkgmgrinfo_pkginfo_get_cert_value(certinfo,
+ PMINFO_DISTRIBUTOR_ROOT_CERT, &cert_value);
+ if (r != PMINFO_R_OK || cert_value == NULL) {
+ ALARM_MGR_EXCEPTION_PRINT("Failed to get cert value");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ return false;
+ }
+
+ r = certsvc_instance_new(&instance);
+ if (r != CERTSVC_SUCCESS) {
+ ALARM_MGR_EXCEPTION_PRINT("certsvc_instance_new() is failed.");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ return false;
+ }
+
+ r = certsvc_certificate_new_from_memory(instance,
+ (const unsigned char *)cert_value,
+ strlen(cert_value),
+ CERTSVC_FORM_DER_BASE64,
+ &certificate);
+ if (r != CERTSVC_SUCCESS) {
+ ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_new_from_memory() is failed.");
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ certsvc_instance_free(instance);
+ return false;
+ }
+
+ r = certsvc_certificate_get_visibility(certificate, &visibility);
+ if (r != CERTSVC_SUCCESS)
+ ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_get_visibility() is failed.");
+
+ pkgmgrinfo_pkginfo_destroy_certinfo(certinfo);
+ certsvc_instance_free(instance);
+ certsvc_certificate_free(certificate);
+
+ ALARM_MGR_EXCEPTION_PRINT("visibility is %d", visibility);
+ if (visibility & CERTSVC_VISIBILITY_PLATFORM) {
+ svc_allowed = ALARM_MANAGER_SVC_PERMITTED;
+ return true;
+ }
+ }
+
+ if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE,
+ "alarm-manager/alarm-config-all-service-permitted"), F_OK) == 0) {
+ ALARM_MGR_LOG_PRINT("This profile permit alarms for all service applications\n");
+ svc_allowed = ALARM_MANAGER_SVC_PERMITTED;
+ return true;
+ }
+
+ svc_allowed = ALARM_MANAGER_SVC_RESTRICTED;
+ return false;
+}
+
+static bool __is_permitted(const char *app_id, int alarm_type)
+{
pkgmgrinfo_appinfo_h handle = NULL;
int ret;
bool _return = false;
+ if (app_id == NULL) {
+ ALARM_MGR_EXCEPTION_PRINT("app_id is NULL. Only expicit launch is permitted\n");
+ return false;
+ }
+
ret = pkgmgrinfo_appinfo_get_usr_appinfo(app_id, getuid(), &handle);
if (ret != PMINFO_R_OK) {
ALARM_MGR_EXCEPTION_PRINT("Failed to get appinfo [%s]\n", app_id);
@@ -357,6 +472,12 @@ static bool __is_permitted(const char *app_id, int alarm_type)
} else if (app_type && strcmp("svcapp", app_type) == 0) {
ALARM_MGR_LOG_PRINT("[%s] is service application.", app_id);
+ if (__permit_by_config(handle)) {
+ ALARM_MGR_LOG_PRINT("service applications are allowed");
+ _return = true;
+ goto out;
+ }
+
bg_category_cb_info_t info = {
.appid = app_id,
.has_bg = false