diff options
| -rw-r--r-- | packaging/launchpad.spec | 2 | ||||
| -rwxr-xr-x | src/launchpad.c | 83 | ||||
| -rw-r--r-- | src/launchpad_lib.c | 10 |
3 files changed, 79 insertions, 16 deletions
diff --git a/packaging/launchpad.spec b/packaging/launchpad.spec index 53613dd..c737c49 100644 --- a/packaging/launchpad.spec +++ b/packaging/launchpad.spec @@ -83,7 +83,7 @@ cp %{_builddir}/%{name}-%{version}/LICENSE %{buildroot}/usr/share/license/%{nam %{_unitdir_user}/sockets.target.wants/launchpad-process-pool.socket %{_unitdir_user}/default.target.wants/launchpad-process-pool.service %caps(cap_mac_admin,cap_mac_override,cap_setgid=ei) %{_bindir}/launchpad-process-pool -%caps(cap_mac_admin,cap_mac_override,cap_setgid=ei) %{_bindir}/launchpad-loader +%caps(cap_mac_override,cap_setgid=ei) %{_bindir}/launchpad-loader %attr(0644,root,root) %{_libdir}/liblaunchpad.so.* %files devel diff --git a/src/launchpad.c b/src/launchpad.c index 9474862..86b7bde 100755 --- a/src/launchpad.c +++ b/src/launchpad.c @@ -77,6 +77,8 @@ static int __sys_hwacc; static GList *loader_info_list; static int user_slot_offset; static GList *candidate_slot_list; +static app_labels_monitor *label_monitor; + static candidate_process_context_t *__add_slot(int type, int loader_id, int caller_pid, const char *loader_path, const char *extra, int detection_method, int timeout_val); @@ -281,11 +283,6 @@ error: return -1; } -static int __set_access(const char *appid) -{ - return security_manager_prepare_app(appid); -} - static int __get_loader_id(bundle *kb) { const char *val; @@ -507,8 +504,8 @@ static int __prepare_exec(const char *appid, const char *app_path, /* SET PRIVILEGES*/ if (bundle_get_val(kb, AUL_K_PRIVACY_APPID) == NULL) { _D("appId: %s / app_path : %s ", appid, app_path); - ret = __set_access(appid); - if (ret != 0) { + ret = security_manager_prepare_app(appid); + if (ret != SECURITY_MANAGER_SUCCESS) { _D("fail to set privileges - check " "your package's credential : %d\n", ret); @@ -823,6 +820,42 @@ static gboolean __handle_sigchild(gpointer data) return G_SOURCE_CONTINUE; } +static gboolean __handle_label_monitor(gpointer data) +{ + candidate_process_context_t *cpc; + GList *iter = candidate_slot_list; + + _D("__handle_label_monitor()"); + security_manager_app_labels_monitor_process(label_monitor); + + while (iter) { + cpc = (candidate_process_context_t *)iter->data; + if (cpc->prepared) { + _D("Dispose candidate process %d", cpc->pid); + __kill_process(cpc->pid); + close(cpc->send_fd); + cpc->prepared = false; + cpc->pid = CANDIDATE_NONE; + cpc->send_fd = -1; + if (cpc->source > 0) { + g_source_remove(cpc->source); + cpc->source = 0; + } + + if (cpc->timer > 0) { + g_source_remove(cpc->timer); + cpc->timer = 0; + } + __set_timer(cpc); + __prepare_candidate_process(cpc->type, cpc->loader_id); + } + + iter = g_list_next(iter); + } + + return G_SOURCE_CONTINUE; +} + static int __dispatch_cmd_hint(bundle *kb, int detection_method) { candidate_process_context_t *cpc; @@ -1221,6 +1254,33 @@ static int __init_sigchild_fd(void) return 0; } +static int __init_label_monitor_fd(void) +{ + int fd = -1; + guint pollfd; + + if (security_manager_app_labels_monitor_init(&label_monitor) + != SECURITY_MANAGER_SUCCESS) + return -1; + if (security_manager_app_labels_monitor_process(label_monitor) + != SECURITY_MANAGER_SUCCESS) + return -1; + security_manager_app_labels_monitor_get_fd(label_monitor, &fd); + + if (fd < 0) { + _E("failed to get fd"); + return -1; + } + + pollfd = __poll_fd(fd, G_IO_IN, (GSourceFunc)__handle_label_monitor, 0, 0); + if (pollfd == 0) { + close(fd); + return -1; + } + + return 0; +} + static void __add_slot_from_info(gpointer data, gpointer user_data) { loader_info_t *info = (loader_info_t *)data; @@ -1300,6 +1360,12 @@ static int __before_loop(int argc, char **argv) return -1; } + ret = __init_label_monitor_fd(); + if (ret != 0) { + _E("__init_launchpad_fd() failed"); + return -1; + } + ret = vconf_get_int(VCONFKEY_SETAPPL_APP_HW_ACCELERATION, &__sys_hwacc); if (ret != VCONF_OK) { _E("Failed to get vconf int: %s", @@ -1351,6 +1417,9 @@ int main(int argc, char **argv) #endif g_main_loop_run(mainloop); + if (label_monitor) + security_manager_app_labels_monitor_finish(label_monitor); + return -1; } diff --git a/src/launchpad_lib.c b/src/launchpad_lib.c index f655ed6..378ccc0 100644 --- a/src/launchpad_lib.c +++ b/src/launchpad_lib.c @@ -71,12 +71,6 @@ static void __release_at_exit(void) free(__root_path); } -static int __set_access(const char *appid, const char *pkg_type, - const char *app_path) -{ - return security_manager_prepare_app(appid); -} - static int __prepare_exec(const char *appid, const char *app_path, const char *pkg_type, int type) { @@ -89,8 +83,8 @@ static int __prepare_exec(const char *appid, const char *app_path, /* SET PRIVILEGES*/ SECURE_LOGD("[candidata] appid : %s / pkg_type : %s / app_path : %s", appid, pkg_type, app_path); - ret = __set_access(appid, pkg_type, app_path); - if (ret < 0) { + ret = security_manager_prepare_app(appid); + if (ret != SECURITY_MANAGER_SUCCESS) { _D("fail to set privileges - check your package's credential: " "%d\n", ret); return -1; |