Add RO location for initial values

RO location will be processed before RW if a flag file is present. After import the flag will be removed but xml files will be left untouched. Change-Id: Id11c982ee4a055871e4af6841c23a11cbf139239
author: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> 2018-10-05 17:24:01 +0200
committer: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> 2018-10-08 15:15:46 +0200
commit: a792540f2eb10dfef526c4deb91b583e6bbeb176 (patch)
tree: d59ca162bcb9fba2f468928063adc5ba0bd24d3d
parent: 7d81f2d157e4f2f2d1aae5f1e327a1bb073da82b (diff)
download: key-manager-a792540f2eb10dfef526c4deb91b583e6bbeb176.tar.gz
key-manager-a792540f2eb10dfef526c4deb91b583e6bbeb176.tar.bz2
key-manager-a792540f2eb10dfef526c4deb91b583e6bbeb176.zip
4 files changed, 36 insertions, 13 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 64aa0881..f448b51b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2011 - 2018 Samsung Electronics Co., Ltd All Rights Reserved
 #
 #    Licensed under the Apache License, Version 2.0 (the "License");
 #    you may not use this file except in compliance with the License.
@@ -60,7 +60,8 @@ ADD_DEFINITIONS("-DRW_DATA_DIR=\"${RW_DATA_DIR}\"")
 ADD_DEFINITIONS("-DRO_DATA_DIR=\"${RO_DATA_DIR}\"")
 ADD_DEFINITIONS("-DETC_DIR=\"${ETC_DIR}\"")
 ADD_DEFINITIONS("-DBIN_DIR=\"${BIN_DIR}\"")
-ADD_DEFINITIONS("-DINITIAL_VALUES_DIR=\"${INITIAL_VALUES_DIR}\"")
+ADD_DEFINITIONS("-DINITIAL_VALUES_DIR_RO=\"${INITIAL_VALUES_DIR_RO}\"")
+ADD_DEFINITIONS("-DINITIAL_VALUES_DIR_RW=\"${INITIAL_VALUES_DIR_RW}\"")
 ADD_DEFINITIONS("-DCA_CERTS_DIR=\"${CA_CERTS_DIR}\"")
 ADD_DEFINITIONS("-DSYSTEMD_ENV_FILE=\"${SYSTEMD_ENV_FILE}\"")
 
diff --git a/data/CMakeLists.txt b/data/CMakeLists.txt
index d6d9f4ab..c9a2c273 100644
--- a/data/CMakeLists.txt
+++ b/data/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2016 - 2018 Samsung Electronics Co., Ltd All Rights Reserved
 #
 #    Licensed under the Apache License, Version 2.0 (the "License");
 #    you may not use this file except in compliance with the License.
@@ -19,4 +19,5 @@
 ADD_SUBDIRECTORY(gumd)
 ADD_SUBDIRECTORY(scripts)
 
-INSTALL(DIRECTORY DESTINATION ${INITIAL_VALUES_DIR})
+INSTALL(DIRECTORY DESTINATION ${INITIAL_VALUES_DIR_RO})
+INSTALL(DIRECTORY DESTINATION ${INITIAL_VALUES_DIR_RW})
diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec
index 4daa4446..57888483 100644
--- a/packaging/key-manager.spec
+++ b/packaging/key-manager.spec
@@ -60,7 +60,8 @@ Requires: libkey-manager-common = %{version}-%{release}
 %global sbin_dir /sbin
 %global ro_etc_dir %{?TZ_SYS_RO_ETC:%TZ_SYS_RO_ETC}%{!?TZ_SYS_RO_ETC:/etc}
 %global run_dir %{?TZ_SYS_RUN:%TZ_SYS_RUN}%{!?TZ_SYS_RUN:/var/run}
-%global initial_values_dir %{rw_data_dir}/initial_values
+%global initial_values_dir_ro %{ro_data_dir}/initial_values
+%global initial_values_dir_rw %{rw_data_dir}/initial_values
 %global ca_certs_dir %{?TZ_SYS_CA_CERTS:%TZ_SYS_CA_CERTS}%{!?TZ_SYS_CA_CERTS:%ro_etc_dir/ssl/certs}
 
 %description
@@ -167,7 +168,8 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions "
         -DRW_ETC_DIR=%{rw_etc_dir} \
         -DRO_ETC_DIR=%{ro_etc_dir} \
         -DBIN_DIR=%{bin_dir} \
-        -DINITIAL_VALUES_DIR=%{initial_values_dir} \
+        -DINITIAL_VALUES_DIR_RW=%{initial_values_dir_rw} \
+        -DINITIAL_VALUES_DIR_RO=%{initial_values_dir_ro} \
         -DCA_CERTS_DIR=%{ca_certs_dir} \
 %if 0%{?watchdog_enabled}
         -DWATCHDOG_ENABLED=%{watchdog_enabled} \
@@ -281,7 +283,8 @@ fi
 %dir %{ro_data_dir}
 %{ro_data_dir}/*
 %dir %attr(770, %{user_name}, %{group_name}) %{rw_data_dir}
-%dir %attr(770, %{user_name}, %{group_name}) %{initial_values_dir}
+%dir %attr(550, %{user_name}, %{group_name}) %{initial_values_dir_ro}
+%dir %attr(770, %{user_name}, %{group_name}) %{initial_values_dir_rw}
 
 %{ro_etc_dir}/gumd/userdel.d/10_key-manager.post
 %{bin_dir}/ckm_tool
diff --git a/src/manager/initial-values/initial-value-loader.cpp b/src/manager/initial-values/initial-value-loader.cpp
index d2c94082..9f203d87 100644
--- a/src/manager/initial-values/initial-value-loader.cpp
+++ b/src/manager/initial-values/initial-value-loader.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *  Copyright (c) 2015 - 2018 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -23,6 +23,8 @@
 
 #include <unistd.h>
 
+#include <fstream>
+
 #include <ckm-logic.h>
 #include <for-each-file.h>
 #include <InitialValuesFile.h>
@@ -31,6 +33,7 @@
 namespace {
 const char *const INIT_VALUES_XSD          = RO_DATA_DIR "/initial_values.xsd";
 const char *const INIT_VALUES_FILE_SUFFIX  = ".xml";
+const char *const INIT_VALUES_RO_IMPORT_FLAG = INITIAL_VALUES_DIR_RW "/ro_import";
 } // namespace anonymous
 
 namespace CKM {
@@ -40,8 +43,9 @@ void LoadFiles(CKMLogic &logic)
 {
 	try {
 		std::vector<std::string> filesToParse;
+		std::string currentDir;
 
-		forEachFile(INITIAL_VALUES_DIR, [&filesToParse](const std::string & filename) {
+		auto addXmlFiles = [&](const std::string & filename) {
 			std::string lowercaseFilename = filename;
 			std::transform(lowercaseFilename.begin(), lowercaseFilename.end(),
 						   lowercaseFilename.begin(), ::tolower);
@@ -49,8 +53,20 @@ void LoadFiles(CKMLogic &logic)
 			if (lowercaseFilename.find(INIT_VALUES_FILE_SUFFIX) == std::string::npos)
 				return;
 
-			filesToParse.emplace_back(std::string(INITIAL_VALUES_DIR) + "/" + filename);
-		});
+			filesToParse.emplace_back(currentDir + "/" + filename);
+		};
+
+		std::ifstream ro_flag(INIT_VALUES_RO_IMPORT_FLAG);
+		if (ro_flag) {
+			currentDir = INITIAL_VALUES_DIR_RO;
+			forEachFile(INITIAL_VALUES_DIR_RO, addXmlFiles);
+			if (-1 == unlink(INIT_VALUES_RO_IMPORT_FLAG))
+				LogError("Unlink() failed for " << INIT_VALUES_RO_IMPORT_FLAG << ":" <<
+				         CKM::GetErrnoString(errno));
+		}
+
+		currentDir = INITIAL_VALUES_DIR_RW;
+		forEachFile(INITIAL_VALUES_DIR_RW, addXmlFiles);
 
 		// parse
 		for (const auto &file : filesToParse) {
@@ -67,8 +83,10 @@ void LoadFiles(CKMLogic &logic)
 						 rc);
 			}
 
-			if (-1 == unlink(file.c_str()))
-				LogError("Unlink() failed for " << file << ":" << CKM::GetErrnoString(errno));
+			if (file.compare(0, sizeof(INITIAL_VALUES_DIR_RW) - 1, INITIAL_VALUES_DIR_RW) == 0) {
+				if (-1 == unlink(file.c_str()))
+					LogError("Unlink() failed for " << file << ":" << CKM::GetErrnoString(errno));
+			}
 		}
 	} catch (...) {
 		LogError("The implementation of exception handling in xml parser is broken!");
author	Krzysztof Jackiewicz <k.jackiewicz@samsung.com>	2018-10-05 17:24:01 +0200
committer	Krzysztof Jackiewicz <k.jackiewicz@samsung.com>	2018-10-08 15:15:46 +0200
commit	a792540f2eb10dfef526c4deb91b583e6bbeb176 (patch)
tree	d59ca162bcb9fba2f468928063adc5ba0bd24d3d
parent	7d81f2d157e4f2f2d1aae5f1e327a1bb073da82b (diff)
download	key-manager-a792540f2eb10dfef526c4deb91b583e6bbeb176.tar.gz key-manager-a792540f2eb10dfef526c4deb91b583e6bbeb176.tar.bz2 key-manager-a792540f2eb10dfef526c4deb91b583e6bbeb176.zip