diff options
Diffstat (limited to 'src/client/client-security-manager.cpp')
-rw-r--r-- | src/client/client-security-manager.cpp | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp index d83ec66b..1090dcc3 100644 --- a/src/client/client-security-manager.cpp +++ b/src/client/client-security-manager.cpp @@ -27,12 +27,15 @@ #include <cstdio> #include <utility> +#include <sys/smack.h> + #include <dpl/log/log.h> #include <dpl/exception.h> #include <message-buffer.h> #include <client-common.h> #include <protocols.h> +#include <smack-common.h> #include <security-manager.h> @@ -229,7 +232,65 @@ int security_manager_get_app_pkgid(char **pkg_id, const char *app_id) return SECURITY_MANAGER_SUCCESS; }); +} + +SECURITY_MANAGER_API +int security_manager_set_process_label_from_binary(const char *path) +{ + char *smack_label; + int ret; + + LogDebug("security_manager_set_process_label_from_binary() called"); + + if (smack_smackfs_path() == NULL) + return SECURITY_MANAGER_SUCCESS; + + if (path == NULL) { + LogError("security_manager_set_process_label_from_binary: path is NULL"); + return SECURITY_MANAGER_ERROR_INPUT_PARAM; + } + + ret = SecurityManager::getSmackLabelFromBinary(&smack_label, path); + if (ret == SECURITY_MANAGER_SUCCESS && smack_label != NULL) { + if (smack_set_label_for_self(smack_label) != 0) { + ret = SECURITY_MANAGER_ERROR_UNKNOWN; + LogError("Failed to set smack label " << smack_label << " for current process"); + } + free(smack_label); + } + + return ret; +} + +SECURITY_MANAGER_API +int security_manager_set_process_label_from_appid(const char *app_id) +{ + char *pkg_id; + int ret; + std::string appLabel; + + LogDebug("security_manager_set_process_label_from_appid() called"); + + if (smack_smackfs_path() == NULL) + return SECURITY_MANAGER_SUCCESS; + + ret = security_manager_get_app_pkgid(&pkg_id, app_id); + if (ret != SECURITY_MANAGER_SUCCESS) { + return ret; + } + + if (SecurityManager::generateAppLabel(std::string(pkg_id), appLabel)) { + if (smack_set_label_for_self(appLabel.c_str()) != 0) { + LogError("Failed to set smack label " << appLabel << " for current process"); + ret = SECURITY_MANAGER_ERROR_UNKNOWN; + } + } + else { + ret = SECURITY_MANAGER_ERROR_UNKNOWN; + } + free(pkg_id); + return ret; } |