summaryrefslogtreecommitdiff
path: root/plugins/session_policy_local.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/session_policy_local.c')
-rw-r--r--plugins/session_policy_local.c118
1 files changed, 66 insertions, 52 deletions
diff --git a/plugins/session_policy_local.c b/plugins/session_policy_local.c
index 8a25c3c..4e8b5f2 100644
--- a/plugins/session_policy_local.c
+++ b/plugins/session_policy_local.c
@@ -42,6 +42,8 @@
#include <connman/dbus.h>
#include <connman/inotify.h>
+#include "src/shared/util.h"
+
#define POLICYDIR STORAGEDIR "/session_policy_local"
#define MODE (S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | \
@@ -168,11 +170,13 @@ static void finish_create(struct policy_config *policy,
connman_session_config_func_t cb,
void *user_data)
{
- struct policy_group *group;
+ struct policy_group *group = NULL;
GSList *list;
- group = g_hash_table_lookup(selinux_hash, policy->selinux);
- if (group != NULL) {
+ if (policy->selinux)
+ group = g_hash_table_lookup(selinux_hash, policy->selinux);
+
+ if (group) {
set_policy(policy, group);
policy->config->id_type = CONNMAN_SESSION_ID_TYPE_LSM;
@@ -180,8 +184,10 @@ static void finish_create(struct policy_config *policy,
goto done;
}
- group = g_hash_table_lookup(uid_hash, policy->uid);
- if (group != NULL) {
+ if (policy->uid)
+ group = g_hash_table_lookup(uid_hash, policy->uid);
+
+ if (group) {
set_policy(policy, group);
policy->config->id_type = CONNMAN_SESSION_ID_TYPE_UID;
@@ -189,11 +195,11 @@ static void finish_create(struct policy_config *policy,
goto done;
}
- for (list = policy->gids; list != NULL; list = list->next) {
+ for (list = policy->gids; list; list = list->next) {
char *gid = list->data;
group = g_hash_table_lookup(gid_hash, gid);
- if (group == NULL)
+ if (!group)
continue;
set_policy(policy, group);
@@ -227,8 +233,14 @@ static void selinux_context_reply(const unsigned char *context, void *user_data,
DBG("session %p", policy->session);
+ if (err == -EIO) {
+ /* No SELinux support, drop back to UID/GID only mode */
+ finish_create(policy, cb, cbd->user_data);
+ goto done;
+ }
+
if (err < 0) {
- failed_create(policy, cb, user_data, err);
+ failed_create(policy, cb, cbd->user_data, err);
goto done;
}
@@ -236,7 +248,7 @@ static void selinux_context_reply(const unsigned char *context, void *user_data,
policy->selinux_context = g_strdup((const char *)context);
ident = parse_selinux_type(policy->selinux_context);
- if (ident != NULL)
+ if (ident)
policy->selinux = g_strdup(ident);
finish_create(policy, cb, cbd->user_data);
@@ -265,7 +277,7 @@ static void get_uid_reply(unsigned int uid, void *user_data, int err)
}
pwd = getpwuid((uid_t)uid);
- if (pwd == NULL) {
+ if (!pwd) {
if (errno != 0)
err = -errno;
else
@@ -278,7 +290,7 @@ static void get_uid_reply(unsigned int uid, void *user_data, int err)
nrgroups = 0;
getgrouplist(pwd->pw_name, pwd->pw_gid, NULL, &nrgroups);
groups = g_try_new0(gid_t, nrgroups);
- if (groups == NULL) {
+ if (!groups) {
err = -ENOMEM;
goto err;
}
@@ -289,7 +301,7 @@ static void get_uid_reply(unsigned int uid, void *user_data, int err)
for (i = 0; i < nrgroups; i++) {
grp = getgrgid(groups[i]);
- if (grp == NULL) {
+ if (!grp) {
if (errno != 0)
err = -errno;
else
@@ -321,7 +333,7 @@ static void get_uid_reply(unsigned int uid, void *user_data, int err)
return;
err:
- failed_create(NULL, cb, user_data, err);
+ failed_create(NULL, cb, cbd->user_data, err);
g_free(cbd);
g_free(groups);
}
@@ -364,7 +376,7 @@ static void policy_local_destroy(struct connman_session *session)
DBG("session %p", session);
policy = g_hash_table_lookup(session_hash, session);
- if (policy == NULL)
+ if (!policy)
return;
g_hash_table_remove(session_hash, session);
@@ -384,7 +396,7 @@ static int load_keyfile(const char *pathname, GKeyFile **keyfile)
*keyfile = g_key_file_new();
- if (g_key_file_load_from_file(*keyfile, pathname, 0, &error) == FALSE)
+ if (!g_key_file_load_from_file(*keyfile, pathname, 0, &error))
goto err;
return 0;
@@ -421,7 +433,7 @@ static int load_policy(GKeyFile *keyfile, const char *groupname,
group->uid = g_key_file_get_string(keyfile, groupname,
"uid", NULL);
- if (group->selinux == NULL && group->gid == NULL && group->uid == NULL)
+ if (!group->selinux && !group->gid && !group->uid)
return -EINVAL;
config->priority = g_key_file_get_boolean(keyfile, groupname,
@@ -429,14 +441,14 @@ static int load_policy(GKeyFile *keyfile, const char *groupname,
str = g_key_file_get_string(keyfile, groupname, "RoamingPolicy",
NULL);
- if (str != NULL) {
+ if (str) {
config->roaming_policy = connman_session_parse_roaming_policy(str);
g_free(str);
}
str = g_key_file_get_string(keyfile, groupname, "ConnectionType",
NULL);
- if (str != NULL) {
+ if (str) {
config->type = connman_session_parse_connection_type(str);
g_free(str);
}
@@ -446,10 +458,10 @@ static int load_policy(GKeyFile *keyfile, const char *groupname,
str = g_key_file_get_string(keyfile, groupname, "AllowedBearers",
NULL);
- if (str != NULL) {
+ if (str) {
tokens = g_strsplit(str, " ", 0);
- for (i = 0; tokens[i] != NULL; i++) {
+ for (i = 0; tokens[i]; i++) {
err = connman_session_parse_bearers(tokens[i],
&config->allowed_bearers);
if (err < 0)
@@ -470,7 +482,7 @@ static void update_session(struct policy_config *policy)
{
DBG("policy %p session %p", policy, policy->session);
- if (policy->session == NULL)
+ if (!policy->session)
return;
if (connman_session_config_update(policy->session) < 0)
@@ -492,7 +504,7 @@ static void cleanup_config(gpointer user_data)
DBG("policy %p group %p", policy, policy->group);
- if (policy->group != NULL)
+ if (policy->group)
policy->group->sessions =
g_slist_remove(policy->group->sessions, policy);
@@ -517,11 +529,11 @@ static void cleanup_group(gpointer user_data)
g_slist_free(group->config->allowed_bearers);
g_free(group->config->id);
g_free(group->config);
- if (group->selinux != NULL)
+ if (group->selinux)
g_hash_table_remove(selinux_hash, group->selinux);
- if (group->uid != NULL)
+ if (group->uid)
g_hash_table_remove(uid_hash, group->uid);
- if (group->gid != NULL)
+ if (group->gid)
g_hash_table_remove(gid_hash, group->gid);
g_free(group->selinux);
g_free(group->uid);
@@ -547,14 +559,16 @@ static void recheck_sessions(void)
GSList *list;
g_hash_table_iter_init(&iter, session_hash);
- while (g_hash_table_iter_next(&iter, &key, &value) == TRUE) {
+ while (g_hash_table_iter_next(&iter, &key, &value)) {
struct policy_config *policy = value;
- if (policy->group != NULL)
+ if (policy->group)
continue;
- group = g_hash_table_lookup(selinux_hash, policy->selinux);
- if (group != NULL) {
+ if (policy->selinux)
+ group = g_hash_table_lookup(selinux_hash,
+ policy->selinux);
+ if (group) {
policy->config->id_type = CONNMAN_SESSION_ID_TYPE_LSM;
g_free(policy->config->id);
policy->config->id = g_strdup(policy->selinux_context);
@@ -563,7 +577,7 @@ static void recheck_sessions(void)
}
group = g_hash_table_lookup(uid_hash, policy->uid);
- if (group != NULL) {
+ if (group) {
set_policy(policy, group);
policy->config->id_type = CONNMAN_SESSION_ID_TYPE_UID;
@@ -573,10 +587,10 @@ static void recheck_sessions(void)
continue;
}
- for (list = policy->gids; list != NULL; list = list->next) {
+ for (list = policy->gids; list; list = list->next) {
char *gid = list->data;
group = g_hash_table_lookup(gid_hash, gid);
- if (group != NULL) {
+ if (group) {
set_policy(policy, group);
policy->config->id_type = CONNMAN_SESSION_ID_TYPE_GID;
@@ -607,7 +621,7 @@ static int load_file(const char *filename, struct policy_file *file)
groupnames = g_key_file_get_groups(keyfile, NULL);
- for (i = 0; groupnames[i] != NULL; i++) {
+ for (i = 0; groupnames[i]; i++) {
group = g_new0(struct policy_group, 1);
group->config = g_new0(struct connman_session_config, 1);
@@ -617,13 +631,13 @@ static int load_file(const char *filename, struct policy_file *file)
g_free(group);
break;
}
- if (group->selinux != NULL)
+ if (group->selinux)
g_hash_table_replace(selinux_hash, group->selinux, group);
- if (group->uid != NULL)
+ if (group->uid)
g_hash_table_replace(uid_hash, group->uid, group);
- if (group->gid != NULL)
+ if (group->gid)
g_hash_table_replace(gid_hash, group->gid, group);
file->groups = g_slist_prepend(file->groups, group);
@@ -639,18 +653,18 @@ static int load_file(const char *filename, struct policy_file *file)
return err;
}
-static connman_bool_t is_filename_valid(const char *filename)
+static bool is_filename_valid(const char *filename)
{
- if (filename == NULL)
- return FALSE;
+ if (!filename)
+ return false;
if (filename[0] == '.')
- return FALSE;
+ return false;
return g_str_has_suffix(filename, ".policy");
}
-static int read_policies()
+static int read_policies(void)
{
GDir *dir;
const gchar *filename;
@@ -659,11 +673,11 @@ static int read_policies()
DBG("");
dir = g_dir_open(POLICYDIR, 0, NULL);
- if (dir == NULL)
+ if (!dir)
return -EINVAL;
- while ((filename = g_dir_read_name(dir)) != NULL) {
- if (is_filename_valid(filename) == FALSE)
+ while ((filename = g_dir_read_name(dir))) {
+ if (!is_filename_valid(filename))
continue;
file = g_new0(struct policy_file, 1);
@@ -691,7 +705,7 @@ static void notify_handler(struct inotify_event *event,
if (event->mask & IN_CREATE)
return;
- if (is_filename_valid(filename) == FALSE)
+ if (!is_filename_valid(filename))
return;
/*
@@ -725,7 +739,7 @@ static int session_policy_local_init(void)
DBG("");
/* If the dir doesn't exist, create it */
- if (g_file_test(POLICYDIR, G_FILE_TEST_IS_DIR) == FALSE) {
+ if (!g_file_test(POLICYDIR, G_FILE_TEST_IS_DIR)) {
if (mkdir(POLICYDIR, MODE) < 0) {
if (errno != EEXIST)
return -errno;
@@ -733,7 +747,7 @@ static int session_policy_local_init(void)
}
connection = connman_dbus_get_connection();
- if (connection == NULL)
+ if (!connection)
return -EIO;
file_hash = g_hash_table_new_full(g_str_hash, g_str_equal,
@@ -764,19 +778,19 @@ err_notify:
connman_inotify_unregister(POLICYDIR, notify_handler);
err:
- if (file_hash != NULL)
+ if (file_hash)
g_hash_table_destroy(file_hash);
- if (session_hash != NULL)
+ if (session_hash)
g_hash_table_destroy(session_hash);
- if (selinux_hash != NULL)
+ if (selinux_hash)
g_hash_table_destroy(selinux_hash);
- if (uid_hash != NULL)
+ if (uid_hash)
g_hash_table_destroy(uid_hash);
- if (gid_hash != NULL)
+ if (gid_hash)
g_hash_table_destroy(gid_hash);
connman_session_policy_unregister(&session_policy_local);