diff options
author | taeyoung <ty317.kim@samsung.com> | 2016-10-13 18:47:26 +0900 |
---|---|---|
committer | taeyoung <ty317.kim@samsung.com> | 2016-10-19 18:36:35 +0900 |
commit | d602ce7233ce86daab66a52be980088c835c431b (patch) | |
tree | 45b00adb6d3c92ddc9f1c7cc7c35fa5fc2e333eb | |
parent | 1879996b50665db30770b2654aa5cc6d631642d1 (diff) | |
download | deviced-d602ce7233ce86daab66a52be980088c835c431b.tar.gz deviced-d602ce7233ce86daab66a52be980088c835c431b.tar.bz2 deviced-d602ce7233ce86daab66a52be980088c835c431b.zip |
power: add privilege check routine for reboot operationsubmit/tizen/20161020.031059accepted/tizen/common/20161020.043515
The reboot operation is permitted to privileged apps only.
Change-Id: I58e161cbb7b6b1bb54fc6e7dffd5f62eefa12fec
Signed-off-by: taeyoung <ty317.kim@samsung.com>
-rw-r--r-- | src/core/common.c | 26 | ||||
-rw-r--r-- | src/core/common.h | 1 | ||||
-rw-r--r-- | src/power/power-handler.c | 48 | ||||
-rw-r--r-- | src/tzip/tzip.c | 26 |
4 files changed, 79 insertions, 22 deletions
diff --git a/src/core/common.c b/src/core/common.c index 209fea51..3cb598f2 100644 --- a/src/core/common.c +++ b/src/core/common.c @@ -41,6 +41,8 @@ #define VIP_DIR "/tmp/vip" #define BUFF_MAX 255 +#define APP_ATTR_PATH "/proc/%d/attr/current" + /** * Opens "/proc/$pid/oom_score_adj" file for w/r; * Return: FILE pointer or NULL @@ -382,3 +384,27 @@ void print_time(const char *prefix) _D("%s --> %d:%02d:%02d %d", prefix, tm.tm_hour, tm.tm_min, tm.tm_sec, tv.tv_usec); } + +int get_privilege(pid_t pid, char *name, size_t len) +{ + char path[PATH_MAX]; + char attr[BUFF_MAX]; + size_t attr_len; + FILE *fp; + + snprintf(path, sizeof(path), APP_ATTR_PATH, pid); + + fp = fopen(path, "r"); + if (!fp) + return -errno; + + attr_len = fread(attr, 1, sizeof(attr) - 1, fp); + fclose(fp); + if (attr_len == 0) + return -ENOENT; + + attr[attr_len] = '\0'; + + snprintf(name, len, "%s", attr); + return 0; +} diff --git a/src/core/common.h b/src/core/common.h index 027a2337..71fde42a 100644 --- a/src/core/common.h +++ b/src/core/common.h @@ -146,6 +146,7 @@ int sys_set_str(char *fname, char *val); int terminate_process(const char *partition, bool force); int mount_check(const char* path); void print_time(const char *prefix); +int get_privilege(pid_t pid, char *name, size_t len); #endif /* __CORE_COMMON_H__ */ diff --git a/src/power/power-handler.c b/src/power/power-handler.c index 264d8fc5..a8dda683 100644 --- a/src/power/power-handler.c +++ b/src/power/power-handler.c @@ -90,6 +90,29 @@ static int telephony_exit(void *data) return ret; } +static int app_privileged(pid_t pid) +{ + char attr[64]; + int ret; + size_t len; + + ret = get_privilege(pid, attr, sizeof(attr)); + if (ret < 0) { + _E("Failed to get privilege of PID(%d)", pid); + return 0; + } + + len = strlen(attr); + + if (!strncmp("System::Privileged", attr, len + 1)) + return 1; + + if (strstr(attr, "User::Pkg::") == attr) + return 1; + + return 0; +} + static void poweroff_stop_systemd_service(void) { _D("systemd service stop"); @@ -394,7 +417,7 @@ static void poweroff_idler_cb(void *data) update_pm_setting(SETTING_POWEROFF, val); } -static int power_execute(void *data) +static int power_execute_pid(void *data, pid_t pid) { int ret; long val; @@ -409,9 +432,13 @@ static int power_execute(void *data) val = POWER_OFF_DIRECT; else if (strncmp(PWROFF_POPUP, str, PWROFF_POPUP_LEN) == 0) val = POWER_OFF_POPUP; - else if (strncmp(POWER_REBOOT, str, POWER_REBOOT_LEN) == 0) + else if (strncmp(POWER_REBOOT, str, POWER_REBOOT_LEN) == 0) { + if (!app_privileged(pid)) { + _E("PID(%d) does not have the permission for reboot", pid); + return -EPERM; + } val = POWER_OFF_RESTART; - else { + } else { _E("Invalid parameter : data(%s)", str); return -EINVAL; } @@ -425,6 +452,11 @@ static int power_execute(void *data) return 0; } +static int power_execute(void *data) +{ + return power_execute_pid(data, getpid()); +} + static DBusMessage *dbus_power_handler(E_DBus_Object *obj, DBusMessage *msg) { DBusError err; @@ -458,7 +490,8 @@ static DBusMessage *dbus_power_handler(E_DBus_Object *obj, DBusMessage *msg) goto out; } - ret = power_execute(type_str); + _I("PID(%d) requests %s", pid, type_str); + ret = power_execute_pid(type_str, pid); out: reply = dbus_message_new_method_return(msg); @@ -474,6 +507,7 @@ static DBusMessage *request_reboot(E_DBus_Object *obj, DBusMessage *msg) DBusMessage *reply; char *str; int ret; + pid_t pid; if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_STRING, &str, DBUS_TYPE_INVALID)) { @@ -482,8 +516,10 @@ static DBusMessage *request_reboot(E_DBus_Object *obj, DBusMessage *msg) goto out; } - _I("reboot command : %s", str); - ret = power_execute(POWER_REBOOT); + pid = get_edbus_sender_pid(msg); + + _I("PID(%d) requests reboot with command : %s", pid, str); + ret = power_execute_pid(POWER_REBOOT, pid); out: reply = dbus_message_new_method_return(msg); diff --git a/src/tzip/tzip.c b/src/tzip/tzip.c index aff62f62..c0057661 100644 --- a/src/tzip/tzip.c +++ b/src/tzip/tzip.c @@ -23,6 +23,7 @@ #include "core/edbus-handler.h" #include "core/list.h" #include "core/device-notifier.h" +#include "core/common.h" #include <fuse.h> #include <stdio.h> @@ -43,7 +44,6 @@ #include "tzip.h" #include "tzip-utility.h" -#define APP_ATTR_PATH "/proc/%d/attr/current" static pthread_t thread; static pthread_t mount_thread; @@ -54,31 +54,25 @@ static GAsyncQueue *async_queue; static int check_smack_label(pid_t pid) { - char path[PATH_MAX]; char attr[64]; size_t len; - FILE *fp; - - snprintf(path, sizeof(path), APP_ATTR_PATH, pid); - - fp = fopen(path, "r"); - if (!fp) - return 0; + int ret; - len = fread(attr, 1, sizeof(attr) - 1, fp); - fclose(fp); - if (len == 0) + ret = get_privilege(pid, attr, sizeof(attr)); + if (ret < 0) { + _E("Failed to get privilege of PID(%d)", pid); return 0; + } - attr[len] = '\0'; + len = strlen(attr) + 1; - if (!strncmp("System", attr, len + 1)) + if (!strncmp("System", attr, len)) return 1; - if (!strncmp("User", attr, len + 1)) + if (!strncmp("User", attr, len)) return 1; - if (!strncmp("System::Privileged", attr, len + 1)) + if (!strncmp("System::Privileged", attr, len)) return 1; return 0; |