1 /* |
|
2 * Copyright (c) 2003-2005 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Core Runtime Security Manager Server Class |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 #ifndef C_CRTSECMGRSERVER_H |
|
25 #define C_CRTSECMGRSERVER_H |
|
26 |
|
27 #include <rtsecmgrcommondef.h> |
|
28 #include "rtsecmgrserverdef.h" |
|
29 #include "rtsecmgrpolicy.h" |
|
30 #include "rtsecmgrstore.h" |
|
31 #include "rtsecmgrpolicymanager.h" |
|
32 #include "rtsecmgrscriptmanager.h" |
|
33 |
|
34 class CPolicyManager; |
|
35 class CScriptManager; |
|
36 class CSecMgrStore; |
|
37 |
|
38 //needed for creating server thread. |
|
39 const TUint KDefaultHeapSize=0x10000; |
|
40 const TUint KShutDownDelay = 2000000; // Aprox 2 sec |
|
41 |
|
42 /* |
|
43 * Shutdown timer class |
|
44 * |
|
45 * @exe rtsecmgrserver.exe |
|
46 */ |
|
47 class CShutDown : public CTimer |
|
48 { |
|
49 public: |
|
50 inline CShutDown(); |
|
51 inline void ConstructL(); |
|
52 inline void Start(); |
|
53 inline virtual ~CShutDown(); |
|
54 |
|
55 private: |
|
56 inline void RunL(); |
|
57 }; |
|
58 |
|
59 #include "rtsecmgrshutdown.inl" |
|
60 |
|
61 #include "rtsecmgrserverpolicy.inl" |
|
62 |
|
63 /* |
|
64 CRTSecMgrServer class |
|
65 |
|
66 Represents the server. |
|
67 |
|
68 The server starts with the first client connect call. |
|
69 Start includes setting up active scheduler, the server active object, |
|
70 and the object container index which produces object object containers for each session. |
|
71 */ |
|
72 class CRTSecMgrServer : public CPolicyServer //CServer2 //CPolicyServer |
|
73 { |
|
74 public: |
|
75 /* |
|
76 * Creates a new session with the server; |
|
77 * |
|
78 * @param aVersion const TVersion& version information of security manager server |
|
79 * @param aMessage const RMessage2& server's current message |
|
80 * |
|
81 * @return CSession2* pointer to base instance of created server session |
|
82 */ |
|
83 CSession2* NewSessionL(const TVersion& aVersion, const RMessage2& aMessage) const; |
|
84 |
|
85 /* |
|
86 * Two-phased constructor. Creates a new server object. |
|
87 * |
|
88 * @param aActiveObjectPriority TPriority priorty of the server process |
|
89 * |
|
90 * @return CRTSecMgrServer* pointer to new instance of CRTSecMgrServer |
|
91 */ |
|
92 static CRTSecMgrServer* NewL(CActive::TPriority aActiveObjectPriority); |
|
93 |
|
94 /* |
|
95 * Two-phased constructor. Creates a new server object and leaves |
|
96 * the created instance on the cleanupstack. |
|
97 * |
|
98 * @param aActiveObjectPriority TPriority priorty of the server process |
|
99 * |
|
100 * @return CRTSecMgrServer* pointer to new instance of CRTSecMgrServer |
|
101 */ |
|
102 static CRTSecMgrServer* NewLC(CActive::TPriority aActiveObjectPriority); |
|
103 |
|
104 /* |
|
105 * Utility method to panic the server |
|
106 * |
|
107 * @param aPanic TSecMgrServPanic Panic error code |
|
108 * |
|
109 */ |
|
110 inline static void PanicServer(TSecMgrServPanic aPanic); |
|
111 |
|
112 /* |
|
113 * Returns an object container, and guaranteed |
|
114 * to produce object containers with unique ids |
|
115 * within the server |
|
116 * |
|
117 * This method is called by a new session to create |
|
118 * a container |
|
119 * |
|
120 * |
|
121 * @return CObjectCon* a new object container |
|
122 */ |
|
123 CObjectCon* NewContainerL(); |
|
124 |
|
125 /* |
|
126 * Adds a new server side session |
|
127 * |
|
128 */ |
|
129 inline void AddSession(); |
|
130 |
|
131 /* |
|
132 * Removes a server side session by decrementing |
|
133 * the session count. |
|
134 * |
|
135 * If the session count reaches zero, this method |
|
136 * initiates server shut down timer |
|
137 * |
|
138 */ |
|
139 inline void RemoveSession(); |
|
140 |
|
141 /* |
|
142 * Removes a container object from the container |
|
143 * index |
|
144 * |
|
145 * @param aContainer CObjectCon* pointer to containter object |
|
146 * to be removed |
|
147 */ |
|
148 inline void RemoveFromContainerIx(CObjectCon* aContainer); |
|
149 |
|
150 /* |
|
151 * Generates a new script identifier |
|
152 * |
|
153 * @param aExecID TExecutableID& output generated script identifier |
|
154 * |
|
155 * @return KErrNone if generation of script identifier successful |
|
156 */ |
|
157 inline TInt ReadCounter(TExecutableID& aExecID); |
|
158 |
|
159 /* |
|
160 * Registers a new policy. The actual task is performed by |
|
161 * server side session. |
|
162 * |
|
163 * @param aPolicyID TPolicyID policy identifier |
|
164 * @param aDomains const RProtectionDomains& domains to be added |
|
165 * |
|
166 * @return KErrNone if generation of script identifier successful |
|
167 */ |
|
168 inline void AddPolicyL(TPolicyID aPolicyID, const RProtectionDomains& aDomains, RAliasGroup& aAliasGroup); |
|
169 |
|
170 /* |
|
171 * Checks whether policy with the passed policy identifier exists. |
|
172 * The actual task is performed by server side session. |
|
173 * |
|
174 * @param aPolicyID TPolicyID policy identifier |
|
175 * |
|
176 * @return EFalse if policy identifier does not exist; Otherwise ETrue |
|
177 */ |
|
178 inline TBool IsValidPolicy(TPolicyID aPolicyID) const; |
|
179 |
|
180 /* |
|
181 * Removes an existing policy with the passed policy identifier. |
|
182 * The actual task is performed by server side session. |
|
183 * |
|
184 * @param aPolicyID TPolicyID policy identifier |
|
185 * |
|
186 * @return KErrNone if removal of policy is successful; Otherwise one |
|
187 * of system wide error codes |
|
188 */ |
|
189 inline TInt RemovePolicy(TPolicyID aPolicyID); |
|
190 |
|
191 /* |
|
192 * Register a runtime script with security manager. |
|
193 * The actual task is performed by server side session. |
|
194 * |
|
195 * @param aPolicyID TPolicyID policy identifier |
|
196 * @param aHashValue const TDesC& hashvalue of script |
|
197 * |
|
198 * @return TExecutableID valid script identifier is registration |
|
199 * is successful; otherwise one of system wide error codes |
|
200 * |
|
201 */ |
|
202 inline TExecutableID |
|
203 RegisterScript(TPolicyID aPolicyID, const TDesC& aHashValue); |
|
204 |
|
205 /* |
|
206 * Register a runtime script with security manager. |
|
207 * The actual task is performed by server side session. |
|
208 * |
|
209 * @param aPolicyID TPolicyID policy identifier |
|
210 * |
|
211 * @return TExecutableID valid script identifier is registration |
|
212 * is successful; otherwise one of system wide error codes |
|
213 * |
|
214 */ |
|
215 inline TExecutableID |
|
216 RegisterScript(TPolicyID aPolicyID); |
|
217 |
|
218 /* |
|
219 * UnRegisters a runtime script from security manager. |
|
220 * The actual task is performed by server side session. |
|
221 * |
|
222 * @param aExecID TExecutableID script identifier |
|
223 * @param aPolicyID TPolicyID policy identifier |
|
224 * |
|
225 * |
|
226 */ |
|
227 inline void UnRegisterScriptL(TExecutableID aExecID, TPolicyID aPolicyID); |
|
228 |
|
229 /* |
|
230 * Gets script data structure. The script identifier |
|
231 * is specified in the input script object |
|
232 * |
|
233 * @param aScript CScript& Input output script object |
|
234 * |
|
235 * @return KErrNone if script object is successsfully internalized |
|
236 * |
|
237 */ |
|
238 inline TInt GetCapabilityInfo(CScript& aScript); |
|
239 |
|
240 /* |
|
241 * Gets script data structure. The script identifier |
|
242 * is specified in the input script object |
|
243 * |
|
244 * @param aPolicyID TPolicyID policy identifier |
|
245 * @param aExecID TExecutableID script identifier |
|
246 * @param aScript CScript& Input output script object |
|
247 * |
|
248 * @return KErrNone if script object is successsfully internalized |
|
249 * |
|
250 */ |
|
251 TInt GetCapabilityInfo(TPolicyID aPolicyID, TExecutableID aExecID, |
|
252 CScript& aScript); |
|
253 |
|
254 /* |
|
255 * Utility method to get the name of the script file |
|
256 * |
|
257 * @param aPolicyID TPolicyID policy identifier |
|
258 * @param aScriptFile TFileName& input output name of script file |
|
259 * |
|
260 * @return KErrNone if script filename is successsfully fetched |
|
261 * |
|
262 */ |
|
263 inline TInt GetScriptFile(TExecutableID aExecID, TDes& aScriptFile); |
|
264 |
|
265 /* |
|
266 * Utility method to update the permanently allowed or denied |
|
267 * permissions for the script object |
|
268 * |
|
269 * @param aExecID TExecutableID script identifier of script object whose |
|
270 * permanent permissions are modified |
|
271 * @param aPermGrant TPermGrant permanently allowed permissions |
|
272 * @param aPermDenied TPermGrant permanently denied permissions |
|
273 * |
|
274 */ |
|
275 void UpdatePermGrantL(TExecutableID aExecID, TPermGrant aPermGrant, |
|
276 TPermGrant aPermDenied); |
|
277 |
|
278 /* |
|
279 * Utility method to update the permanently allowed or denied |
|
280 * permissions for the script object |
|
281 * |
|
282 * @param aExecID TExecutableID script identifier of script object whose |
|
283 * permanent permissions are modified |
|
284 * @param aPermGrant TPermGrant permanently allowed permissions |
|
285 * @param aPermDenied TPermGrant permanently denied permissions |
|
286 * |
|
287 */ |
|
288 void UpdatePermGrantL(TExecutableID aExecID, RProviderArray aAllowedProviders, |
|
289 RProviderArray aDeniedProviders); |
|
290 /* |
|
291 * Utility method to create a backup for the policy file |
|
292 * |
|
293 * @param aPolicyID TPolicyID policy identifier for the file |
|
294 * getting backed up |
|
295 * @return KErrNone if backupfile is successsfully created |
|
296 * |
|
297 */ |
|
298 inline TInt BackupFile(TPolicyID aPolicyID); |
|
299 |
|
300 /* |
|
301 * Utility method to remove the backup file created |
|
302 * |
|
303 * @param aPolicyID TPolicyID policy identifier for the file |
|
304 * whose backup is getting removed |
|
305 * @return KErrNone if backup file is successsfully removed |
|
306 * |
|
307 */ |
|
308 inline TInt RemoveTempPolicy(TPolicyID aPolicyID); |
|
309 |
|
310 /* |
|
311 * Utility method to restore the backup file created if update fails |
|
312 * |
|
313 * @param aPolicyID TPolicyID policy identifier for the file |
|
314 * which is restored back |
|
315 * @return KErrNone if backup file is successsfully restored |
|
316 * |
|
317 */ |
|
318 inline TInt RestoreTempPolicy(TPolicyID aPolicyID); |
|
319 |
|
320 /* |
|
321 * Utility method to get the policy file information |
|
322 * |
|
323 * @param aPolicyID TPolicyID policy identifier for the file |
|
324 * which is restored back |
|
325 * @return CPolicy* pointer to instance of Cpolicy stored in CPolicyManager |
|
326 * |
|
327 */ |
|
328 inline CPolicy* ReturnPolicyInfo(TPolicyID aPolicyID); |
|
329 |
|
330 /* |
|
331 * Utility method to store the policy file information |
|
332 * |
|
333 * @param aPolicy CPolicy policy information from parser |
|
334 * |
|
335 */ |
|
336 inline void StorePolicyL(const CPolicy& aPolicy); |
|
337 |
|
338 |
|
339 private: |
|
340 /* |
|
341 * Constructor |
|
342 */ |
|
343 inline CRTSecMgrServer(CActive::TPriority aActiveObjectPriority); |
|
344 |
|
345 /* |
|
346 * Second phase constructor |
|
347 * |
|
348 */ |
|
349 void ConstructL(); |
|
350 |
|
351 /* |
|
352 * Server destructor |
|
353 * |
|
354 */ |
|
355 ~CRTSecMgrServer(); |
|
356 |
|
357 private: |
|
358 |
|
359 /* |
|
360 * shutdown timer object |
|
361 * |
|
362 */ |
|
363 CShutDown iShutDown; |
|
364 |
|
365 /* |
|
366 * Session counter |
|
367 * |
|
368 */ |
|
369 TInt iSessionCount; |
|
370 |
|
371 /* |
|
372 * Session container index |
|
373 * |
|
374 */ |
|
375 CObjectConIx* iContainerIndex; |
|
376 |
|
377 /* |
|
378 * Reference to policy manager |
|
379 * |
|
380 */ |
|
381 CPolicyManager* iPolicyMgr; |
|
382 |
|
383 /* |
|
384 * Reference to script manager |
|
385 * |
|
386 */ |
|
387 CScriptManager* iScriptMgr; |
|
388 |
|
389 /* |
|
390 * Reference to security manager store |
|
391 * |
|
392 */ |
|
393 CSecMgrStore* iSecMgrDb; |
|
394 }; |
|
395 |
|
396 #include "rtsecmgrserver.inl" |
|
397 |
|
398 #endif //C_CRTSECMGRSERVER_H |
|