X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fsecmgr-wrap.c;h=e2e4f4da6870e561f4c909203d905603b4217b5e;hb=2a319cf90daa6e3b01e8139923f7073e1c9bcf28;hp=f63ad29de6f301258fb18623c1d5417d6de4e26e;hpb=63f8720a3e610c0dc37bda3138d2e8de98ec1a78;p=src%2Fapp-framework-main.git diff --git a/src/secmgr-wrap.c b/src/secmgr-wrap.c index f63ad29..e2e4f4d 100644 --- a/src/secmgr-wrap.c +++ b/src/secmgr-wrap.c @@ -1,46 +1,34 @@ +/* + Copyright (C) 2015-2019 IoT.bzh + + author: José Bollo + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ #include #include +#include -#if 0 -#include +#if SIMULATE_SECURITY_MANAGER +#include "simulation/security-manager.h" #else -#include -#include -enum lib_retcode { - SECURITY_MANAGER_SUCCESS, - SECURITY_MANAGER_ERROR_INPUT_PARAM, - SECURITY_MANAGER_ERROR_MEMORY, - SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE, - SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED, - SECURITY_MANAGER_ERROR_ACCESS_DENIED -}; -enum app_install_path_type { - SECURITY_MANAGER_PATH_PUBLIC_RO, - SECURITY_MANAGER_PATH_RO, - SECURITY_MANAGER_PATH_RW -}; -typedef void app_inst_req; -static int diese = 0; -#define security_manager_app_inst_req_free(r) \ - (printf("security_manager_app_inst_req_free(%p)\n",r),(void)0) - -#define security_manager_app_inst_req_new(pr) \ - (*(pr)=(void*)(intptr_t)(++diese), printf("security_manager_app_inst_req_new(%p)\n",*pr), SECURITY_MANAGER_SUCCESS) - -#define security_manager_app_inst_req_set_pkg_id(r,i) \ - (printf("security_manager_app_inst_req_set_pkg_id(%p,\"%s\")\n",r,i), SECURITY_MANAGER_SUCCESS) - -#define security_manager_app_inst_req_set_app_id(r,i) \ - (printf("security_manager_app_inst_req_set_app_id(%p,\"%s\")\n",r,i), SECURITY_MANAGER_SUCCESS) - -#define security_manager_app_inst_req_add_privilege(r,p) \ - (printf("security_manager_app_inst_req_add_privilege(%p,\"%s\")\n",r,p), SECURITY_MANAGER_SUCCESS) - -#define security_manager_app_inst_req_add_path(r,p,t) \ - (printf("security_manager_app_inst_req_add_path(%p,\"%s\",%d)\n",r,p,t), SECURITY_MANAGER_SUCCESS) +#include #endif +#include "verbose.h" +#include "secmgr-wrap.h" + static app_inst_req *request = NULL; static int retcode(enum lib_retcode rc) @@ -52,45 +40,84 @@ static int retcode(enum lib_retcode rc) case SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE: errno = EBADMSG; break; case SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED: errno = EPERM; break; case SECURITY_MANAGER_ERROR_ACCESS_DENIED: errno = EACCES; break; - default: errno = 0; break; + default: errno = ECANCELED; break; } return -1; } +int secmgr_init(const char *id) +{ + int rc; + assert(request == NULL); + rc = security_manager_app_inst_req_new(&request); + if (rc != SECURITY_MANAGER_SUCCESS) + ERROR("security_manager_app_inst_req_new failed"); + else { + rc = security_manager_app_inst_req_set_pkg_id(request, id); + if (rc != SECURITY_MANAGER_SUCCESS) + ERROR("security_manager_app_inst_req_set_pkg_id failed"); + else { + rc = security_manager_app_inst_req_set_app_id(request, id); + if (rc != SECURITY_MANAGER_SUCCESS) + ERROR("security_manager_app_inst_req_set_app_id failed"); + } + } + if (rc != SECURITY_MANAGER_SUCCESS) + secmgr_cancel(); + return retcode(rc); +} + void secmgr_cancel() { security_manager_app_inst_req_free(request); request = NULL; } -int secmgr_init(const char *pkgid, const char *appid) +int secmgr_install() { - int rc = security_manager_app_inst_req_new(&request); - if (rc == SECURITY_MANAGER_SUCCESS) { - rc = security_manager_app_inst_req_set_pkg_id(request, pkgid); - if (rc == SECURITY_MANAGER_SUCCESS) - rc = security_manager_app_inst_req_set_app_id(request, appid); - } + int rc; + assert(request != NULL); + rc = security_manager_app_install(request); if (rc != SECURITY_MANAGER_SUCCESS) - secmgr_cancel(); + ERROR("security_manager_app_install failed"); + secmgr_cancel(); + return retcode(rc); +} + +int secmgr_uninstall() +{ + int rc; + assert(request != NULL); + rc = security_manager_app_uninstall(request); + if (rc != SECURITY_MANAGER_SUCCESS) + ERROR("security_manager_app_uninstall failed"); + secmgr_cancel(); return retcode(rc); } int secmgr_permit(const char *permission) { - int rc = security_manager_app_inst_req_add_privilege(request, permission); + int rc; + assert(request != NULL); + rc = security_manager_app_inst_req_add_privilege(request, permission); + if (rc != SECURITY_MANAGER_SUCCESS) + ERROR("security_manager_app_inst_add_privilege %s failed", permission); return retcode(rc); } static int addpath(const char *pathname, enum app_install_path_type type) { - int rc = security_manager_app_inst_req_add_path(request, pathname, type); + int rc; + assert(request != NULL); + rc = security_manager_app_inst_req_add_path(request, pathname, type); + if (rc != SECURITY_MANAGER_SUCCESS) + ERROR("security_manager_app_inst_add_path %s failed", pathname); return retcode(rc); } int secmgr_path_public_read_only(const char *pathname) { - return addpath(pathname, SECURITY_MANAGER_PATH_PUBLIC_RO); + return addpath(pathname, SECURITY_MANAGER_PATH_RO); } int secmgr_path_read_only(const char *pathname) @@ -103,3 +130,8 @@ int secmgr_path_read_write(const char *pathname) return addpath(pathname, SECURITY_MANAGER_PATH_RW); } +int secmgr_prepare_exec(const char *appid) +{ + return retcode(security_manager_prepare_app(appid)); +} +