diff options
author | Inkyun Kil <inkyun.kil@samsung.com> | 2018-02-09 17:27:06 +0900 |
---|---|---|
committer | Inkyun Kil <inkyun.kil@samsung.com> | 2018-02-21 09:04:46 +0900 |
commit | 5f00b889055e144cd3add90b4db9af007575bcf2 (patch) | |
tree | e559f66fadd1a2cd3fc3511603fa00ee474689fd | |
parent | f4a51e5309704fc7f754388f40ccaffdb6936f91 (diff) | |
download | alarm-manager-5f00b889055e144cd3add90b4db9af007575bcf2.tar.gz alarm-manager-5f00b889055e144cd3add90b4db9af007575bcf2.tar.bz2 alarm-manager-5f00b889055e144cd3add90b4db9af007575bcf2.zip |
Add configuration files
Service Applications should be able to register exact alarms at some
profiles. To support it, make configuration files
Change-Id: I4a82008be8fe20370c9b5e16044d1d677df3e6c1
Signed-off-by: Inkyun Kil <inkyun.kil@samsung.com>
-rw-r--r-- | CMakeLists.txt | 1 | ||||
-rw-r--r-- | conf/CMakeLists.txt | 3 | ||||
-rw-r--r-- | conf/alarm-config-all-service-permitted | 0 | ||||
-rw-r--r-- | conf/alarm-config-platform-service-permitted | 0 | ||||
-rw-r--r-- | conf/alarm-config-service-restricted | 0 | ||||
-rwxr-xr-x | packaging/alarm-manager.spec | 44 | ||||
-rw-r--r-- | src/CMakeLists.txt | 2 | ||||
-rwxr-xr-x | src/alarm-lib.c | 127 |
8 files changed, 169 insertions, 8 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 8366170..47ec444 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -43,6 +43,7 @@ TARGET_LINK_LIBRARIES(${this_target} alarm) ADD_SUBDIRECTORY(src) ADD_SUBDIRECTORY(tool) ADD_SUBDIRECTORY(alarm-session-agent) +ADD_SUBDIRECTORY(conf) CONFIGURE_FILE(alarm-service.conf.in alarm-service.conf @ONLY) INSTALL(TARGETS ${this_target} DESTINATION ${CMAKE_INSTALL_PREFIX}/bin) diff --git a/conf/CMakeLists.txt b/conf/CMakeLists.txt new file mode 100644 index 0000000..41a374e --- /dev/null +++ b/conf/CMakeLists.txt @@ -0,0 +1,3 @@ +INSTALL(FILES alarm-config-all-service-permitted DESTINATION ${ALARM_CONF_DIR}) +INSTALL(FILES alarm-config-platform-service-permitted DESTINATION ${ALARM_CONF_DIR}) +INSTALL(FILES alarm-config-service-restricted DESTINATION ${ALARM_CONF_DIR}) diff --git a/conf/alarm-config-all-service-permitted b/conf/alarm-config-all-service-permitted new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/conf/alarm-config-all-service-permitted diff --git a/conf/alarm-config-platform-service-permitted b/conf/alarm-config-platform-service-permitted new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/conf/alarm-config-platform-service-permitted diff --git a/conf/alarm-config-service-restricted b/conf/alarm-config-service-restricted new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/conf/alarm-config-service-restricted diff --git a/packaging/alarm-manager.spec b/packaging/alarm-manager.spec index 34c49ef..ec71df0 100755 --- a/packaging/alarm-manager.spec +++ b/packaging/alarm-manager.spec @@ -32,6 +32,7 @@ BuildRequires: pkgconfig(eventsystem) BuildRequires: pkgconfig(notification) BuildRequires: python-xml BuildRequires: pkgconfig(capi-system-info) +BuildRequires: pkgconfig(cert-svc-vcore) %description Alarm Server and devel libraries @@ -41,7 +42,6 @@ Alarm Server and devel libraries Summary: Alarm server Group: Development/Libraries - %description -n alarm-server Alarm Server, manages alarms @@ -51,7 +51,6 @@ Summary: Alarm server libraries Group: Development/Libraries Requires: alarm-server = %{version}-%{release} - %description -n libalarm Alarm server libraries for client @@ -61,10 +60,37 @@ Summary: Alarm server libraries (devel) Group: Development/Libraries Requires: libalarm = %{version}-%{release} - %description -n libalarm-devel Alarm server libraries development package (devel) + +%package -n alarm-config-all-service-permitted +Summary: Configuration for permitting all service applications +Group: Development/Libraries +Requires: libalarm = %{version}-%{release} + +%description -n alarm-config-all-service-permitted +A configuration file package for permitting all service applications + + +%package -n alarm-config-platform-service-permitted +Summary: Configuration for permitting platform service applications +Group: Development/Libraries +Requires: libalarm = %{version}-%{release} + +%description -n alarm-config-platform-service-permitted +A configuration file package for permitting all service applications that have been platform certified + + +%package -n alarm-config-service-restricted +Summary: Configuration for restricting service applications +Group: Development/Libraries +Requires: libalarm = %{version}-%{release} + +%description -n alarm-config-service-restricted +A configuration file package for restricting service applications + + %prep %setup -q @@ -84,7 +110,8 @@ export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE" -DFULLVER=%{version} \ -DMAJORVER=${MAJORVER} \ -DTZ_SYS_ETC=%{TZ_SYS_ETC} \ - -D_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG:BOOL=${_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG} + -D_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG:BOOL=${_APPFW_FEATURE_ALARM_MANAGER_MODULE_LOG} \ + -DALARM_CONF_DIR=%{_datadir}/alarm-manager make %{?jobs:-j%jobs} @@ -154,3 +181,12 @@ fi %{_includedir}/*.h %{_libdir}/pkgconfig/*.pc %{_libdir}/*.so + +%files -n alarm-config-all-service-permitted +%{_datadir}/alarm-manager/alarm-config-all-service-permitted + +%files -n alarm-config-platform-service-permitted +%{_datadir}/alarm-manager/alarm-config-platform-service-permitted + +%files -n alarm-config-service-restricted +%{_datadir}/alarm-manager/alarm-config-service-restricted diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c28727d..d07eda3 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -2,7 +2,7 @@ SET(this_target alarm) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) -SET(LIB_PKGS glib-2.0 gobject-2.0 dlog bundle appsvc gio-2.0 gio-unix-2.0 libtzplatform-config notification) +SET(LIB_PKGS glib-2.0 gobject-2.0 dlog bundle appsvc gio-2.0 gio-unix-2.0 libtzplatform-config notification cert-svc-vcore) INCLUDE(FindPkgConfig) pkg_check_modules(lib_pkgs REQUIRED ${LIB_PKGS}) diff --git a/src/alarm-lib.c b/src/alarm-lib.c index 7937704..7badcf5 100755 --- a/src/alarm-lib.c +++ b/src/alarm-lib.c @@ -35,6 +35,9 @@ #include <gio/gio.h> #include <pkgmgr-info.h> #include <notification.h> +#include <tzplatform_config.h> +#include <cert-svc/ccert.h> +#include <cert-svc/cinstance.h> #ifndef EXPORT_API #define EXPORT_API __attribute__ ((visibility("default"))) @@ -79,6 +82,14 @@ guint registration_id; static GDBusNodeInfo *introspection_data; +typedef enum { + ALARM_MANAGER_SVC_UNKNOWN = 0, + ALARM_MANAGER_SVC_RESTRICTED, + ALARM_MANAGER_SVC_PERMITTED +} svc_allowed_e; + +static svc_allowed_e svc_allowed; + static const gchar introspection_xml[] = "<node name='/org/tizen/alarm/client'>" " <interface name='org.tizen.alarm.client'>" @@ -328,17 +339,121 @@ static int __bg_category_func(const char *name, void *user_data) return 0; } -static bool __is_permitted(const char *app_id, int alarm_type) +static bool __permit_by_config(pkgmgrinfo_appinfo_h handle) { - if (app_id == NULL) { - ALARM_MGR_EXCEPTION_PRINT("app_id is NULL. Only expicit launch is permitted\n"); + ALARM_MGR_LOG_PRINT("svc_allowed is %d", svc_allowed); + switch (svc_allowed) { + case ALARM_MANAGER_SVC_RESTRICTED: return false; + case ALARM_MANAGER_SVC_PERMITTED: + return true; + case ALARM_MANAGER_SVC_UNKNOWN: + break; + default: + break; } + if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE, + "alarm-manager/alarm-config-service-restricted"), F_OK) == 0) { + ALARM_MGR_LOG_PRINT("This profile restrict alarms for service applications\n"); + svc_allowed = ALARM_MANAGER_SVC_RESTRICTED; + return false; + } + + if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE, + "alarm-manager/alarm-config-platform-service-permitted"), F_OK) == 0) { + ALARM_MGR_LOG_PRINT("This profile permit alarm for service applications which has platform cert\n"); + char *pkgid; + int r; + const char *cert_value; + pkgmgrinfo_certinfo_h certinfo; + CertSvcInstance instance; + CertSvcCertificate certificate; + CertSvcVisibility visibility = CERTSVC_VISIBILITY_PUBLIC; + + r = pkgmgrinfo_appinfo_get_pkgid(handle, &pkgid); + if (r != PMINFO_R_OK) { + ALARM_MGR_EXCEPTION_PRINT("Failed to get certinfo pkgid"); + return false; + } + + r = pkgmgrinfo_pkginfo_create_certinfo(&certinfo); + if (r != PMINFO_R_OK) { + ALARM_MGR_EXCEPTION_PRINT("Failed to create certinfo"); + return false; + } + + r = pkgmgrinfo_pkginfo_load_certinfo(pkgid, certinfo, getuid()); + if (r != PMINFO_R_OK) { + ALARM_MGR_EXCEPTION_PRINT("Failed to load certinfo"); + pkgmgrinfo_pkginfo_destroy_certinfo(certinfo); + return false; + } + + r = pkgmgrinfo_pkginfo_get_cert_value(certinfo, + PMINFO_DISTRIBUTOR_ROOT_CERT, &cert_value); + if (r != PMINFO_R_OK || cert_value == NULL) { + ALARM_MGR_EXCEPTION_PRINT("Failed to get cert value"); + pkgmgrinfo_pkginfo_destroy_certinfo(certinfo); + return false; + } + + r = certsvc_instance_new(&instance); + if (r != CERTSVC_SUCCESS) { + ALARM_MGR_EXCEPTION_PRINT("certsvc_instance_new() is failed."); + pkgmgrinfo_pkginfo_destroy_certinfo(certinfo); + return false; + } + + r = certsvc_certificate_new_from_memory(instance, + (const unsigned char *)cert_value, + strlen(cert_value), + CERTSVC_FORM_DER_BASE64, + &certificate); + if (r != CERTSVC_SUCCESS) { + ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_new_from_memory() is failed."); + pkgmgrinfo_pkginfo_destroy_certinfo(certinfo); + certsvc_instance_free(instance); + return false; + } + + r = certsvc_certificate_get_visibility(certificate, &visibility); + if (r != CERTSVC_SUCCESS) + ALARM_MGR_EXCEPTION_PRINT("certsvc_certificate_get_visibility() is failed."); + + pkgmgrinfo_pkginfo_destroy_certinfo(certinfo); + certsvc_instance_free(instance); + certsvc_certificate_free(certificate); + + ALARM_MGR_EXCEPTION_PRINT("visibility is %d", visibility); + if (visibility & CERTSVC_VISIBILITY_PLATFORM) { + svc_allowed = ALARM_MANAGER_SVC_PERMITTED; + return true; + } + } + + if (access(tzplatform_mkpath(TZ_SYS_RO_SHARE, + "alarm-manager/alarm-config-all-service-permitted"), F_OK) == 0) { + ALARM_MGR_LOG_PRINT("This profile permit alarms for all service applications\n"); + svc_allowed = ALARM_MANAGER_SVC_PERMITTED; + return true; + } + + svc_allowed = ALARM_MANAGER_SVC_RESTRICTED; + return false; +} + +static bool __is_permitted(const char *app_id, int alarm_type) +{ pkgmgrinfo_appinfo_h handle = NULL; int ret; bool _return = false; + if (app_id == NULL) { + ALARM_MGR_EXCEPTION_PRINT("app_id is NULL. Only expicit launch is permitted\n"); + return false; + } + ret = pkgmgrinfo_appinfo_get_usr_appinfo(app_id, getuid(), &handle); if (ret != PMINFO_R_OK) { ALARM_MGR_EXCEPTION_PRINT("Failed to get appinfo [%s]\n", app_id); @@ -357,6 +472,12 @@ static bool __is_permitted(const char *app_id, int alarm_type) } else if (app_type && strcmp("svcapp", app_type) == 0) { ALARM_MGR_LOG_PRINT("[%s] is service application.", app_id); + if (__permit_by_config(handle)) { + ALARM_MGR_LOG_PRINT("service applications are allowed"); + _return = true; + goto out; + } + bg_category_cb_info_t info = { .appid = app_id, .has_bg = false |