summaryrefslogtreecommitdiff
path: root/src/client/client-security-manager.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/client/client-security-manager.cpp')
-rw-r--r--src/client/client-security-manager.cpp61
1 files changed, 61 insertions, 0 deletions
diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp
index d83ec66b..1090dcc3 100644
--- a/src/client/client-security-manager.cpp
+++ b/src/client/client-security-manager.cpp
@@ -27,12 +27,15 @@
#include <cstdio>
#include <utility>
+#include <sys/smack.h>
+
#include <dpl/log/log.h>
#include <dpl/exception.h>
#include <message-buffer.h>
#include <client-common.h>
#include <protocols.h>
+#include <smack-common.h>
#include <security-manager.h>
@@ -229,7 +232,65 @@ int security_manager_get_app_pkgid(char **pkg_id, const char *app_id)
return SECURITY_MANAGER_SUCCESS;
});
+}
+
+SECURITY_MANAGER_API
+int security_manager_set_process_label_from_binary(const char *path)
+{
+ char *smack_label;
+ int ret;
+
+ LogDebug("security_manager_set_process_label_from_binary() called");
+
+ if (smack_smackfs_path() == NULL)
+ return SECURITY_MANAGER_SUCCESS;
+
+ if (path == NULL) {
+ LogError("security_manager_set_process_label_from_binary: path is NULL");
+ return SECURITY_MANAGER_ERROR_INPUT_PARAM;
+ }
+
+ ret = SecurityManager::getSmackLabelFromBinary(&smack_label, path);
+ if (ret == SECURITY_MANAGER_SUCCESS && smack_label != NULL) {
+ if (smack_set_label_for_self(smack_label) != 0) {
+ ret = SECURITY_MANAGER_ERROR_UNKNOWN;
+ LogError("Failed to set smack label " << smack_label << " for current process");
+ }
+ free(smack_label);
+ }
+
+ return ret;
+}
+
+SECURITY_MANAGER_API
+int security_manager_set_process_label_from_appid(const char *app_id)
+{
+ char *pkg_id;
+ int ret;
+ std::string appLabel;
+
+ LogDebug("security_manager_set_process_label_from_appid() called");
+
+ if (smack_smackfs_path() == NULL)
+ return SECURITY_MANAGER_SUCCESS;
+
+ ret = security_manager_get_app_pkgid(&pkg_id, app_id);
+ if (ret != SECURITY_MANAGER_SUCCESS) {
+ return ret;
+ }
+
+ if (SecurityManager::generateAppLabel(std::string(pkg_id), appLabel)) {
+ if (smack_set_label_for_self(appLabel.c_str()) != 0) {
+ LogError("Failed to set smack label " << appLabel << " for current process");
+ ret = SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+ }
+ else {
+ ret = SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+ free(pkg_id);
+ return ret;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 21:57:49 +0000