Platform Security

Driver-side definition

Because drivers are loaded by the Kernel, both LDDs and PDDs must have the same level of trust and capability as the Kernel. This means that platform security capabilities must be set to ALL in the LDD and PDD .mmp files.

// LDD: mmp file
...
CAPABILITY     ALL

// PDD: mmp file
...
CAPABILITY     ALL

The user program must have the necessary capability set in its .mmp file to open and access the driver API. The reference documentation for the API should say what capabilities are required. Usually, they are the same as the minimum capability that is required to load the drivers.

// Test application: mmp file
...
CAPABILITY    CommDD ReadDeviceData PowerMgmt

User-side verification

A device driver must check the capability of the process that is accessing it. This is typically done during channel creation and, if required, for specific requests to the LDD. The Kernel provides the Kern::CurrentThreadHasCapability() API to check the capability of the calling process. It can check for more than one capability.

The following shows how the example driver checks during channel creation that the user has the ECapabilityCommD capability:

TInt DExDriverLogicalChannel::DoCreate(TInt /*aUnit*/, const TDesC8* 
/*anInfo*/, const TVersion& aVer)
    {
    // Capability check - CommDD
    if (!Kern::CurrentThreadHasCapability (ECapabilityCommDD,
    __PLATSEC_DIAGNOSTIC_STRING("Checked by Tutorial Driver")))
        return KErrPermissionDenied;    
    ...
    }

Data caging

Symbian platform security requires that all DLLs and EXEs are placed in the folder /sys/bin. Drivers and test application binaries must be placed in the /sys/bin folder by their ROM .iby file.

// iby file
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_ldd.ldd     \Sys\Bin\exdriver_ldd.ldd
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_pdd.pdd     \Sys\Bin\exdriver_pdd.pdd
file=ABI_DIR\BUILD_DIR\exdriver_test.exe                \Sys\Bin\exdriver_test.exe