New Feature: Smack rule additions to ADEF files


#1

I have added a feature allowing custom Smack rules in an application’s .adef file. E.g.:

rules:
{
    app.helloWorld something w
    something app.helloWorld w
}

The commits to cherry-pick, in order, are:

https://github.com/slashingweapon/legato-af/commit/8a80d62ad508224f8a6cd6ff593134963255c768
https://github.com/slashingweapon/legato-af/commit/9cb89eaafeea17f18d3639cfcfcc42ac6022880a

I haven’t done the documentation because I have no way to test the docs. For some reason, my make docs build is broken.


#2

I added documentation too, even though I can’t build the docs.

Finally, I changed the section name from “rules” to “smackRules”. It seemed more in keeping with the ADEF style.

https://github.com/slashingweapon/legato-af/commit/1a5f0f2c3ae2ad1d6a480730b8bc5ae31b5d07be

This closes out any effort I’m making on this, unless Sierra has feedback or changes they want. With these edits, you can add Smack rules to your application just by edit/build/deploy your application with a few additional lines in your ADEF file. For example, to ensure your MQTT server can talk to internet clients:

smackRules:
{
    app.mqtt @ w
    @ app.mqtt w
}

On most systems, the default label for internet traffic is @ “web”. Giving @ and app.mqtt write access to each other will permit data to flow between remote connections and your sandboxed mqtt server.

Your mileage may vary, depending on your existing networking & smack configurations.


#3

Hi @cholmes,

Seems like some interesting contributions.
I’ve asked the framework/SMACK experts to have a look as to see if we can merge that in.

Thanks!


#4

Something I considered was a requirement that one of the labels in each rule (either subject or object) needs to be the same as the application’s label. That way you could only add labels related to the application. If your reviewers have some worries about what kinds of rules could be written, that might be something to add to Supervisor.

Ultimately I decided against it, because there are legitimate reasons to set up rules for yourself and a second party to access a third label. (eg: use “rwt” permissions on a directory with the third label.)