|
1 /* |
|
2 * Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Defines security manager client side session and sub-session classes |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 #include <coemain.h> |
|
25 #include <bautils.h> |
|
26 #include <s32file.h> |
|
27 #include <eikenv.h> |
|
28 #include <rtsecmgrscript.h> |
|
29 #include "rtsecmgrmsg.h" |
|
30 #include "rtsecmgrdef.h" |
|
31 #include "rtsecmgrclient.h" |
|
32 #include "rtsecmgrtracer.h" |
|
33 |
|
34 #ifdef _DEBUG |
|
35 _LIT(KServerStartFailed, "Security manager server starting failed"); |
|
36 #endif |
|
37 |
|
38 // --------------------------------------------------------------------------- |
|
39 // Defintiion of default private constructor |
|
40 // --------------------------------------------------------------------------- |
|
41 // |
|
42 RSecMgrSession::RSecMgrSession() |
|
43 { |
|
44 } |
|
45 |
|
46 // --------------------------------------------------------------------------- |
|
47 // Connects to the runtime security manager server |
|
48 // |
|
49 // This function attemtps to kick start security manager server if |
|
50 // it is not running already. The number of attempts is currently 2. |
|
51 // The number of message slot is defaulted to 4. |
|
52 // --------------------------------------------------------------------------- |
|
53 // |
|
54 TInt RSecMgrSession::Connect() |
|
55 { |
|
56 RTSecMgrTraceFunction("RSecMgrSession::Connect()") ; |
|
57 TInt retry(KSecSrvClientTryCount); // Try this twice |
|
58 TInt err(KErrNone); |
|
59 while (retry>KErrNone) |
|
60 { |
|
61 // Try to create a Server session |
|
62 err = CreateSession ( KSecServerProcessName, Version (), |
|
63 KDefaultMessageSlots); |
|
64 |
|
65 if ( err != KErrNotFound && err != KErrServerTerminated) |
|
66 { |
|
67 // KErrNone or unrecoverable error |
|
68 if ( err != KErrNone) |
|
69 { |
|
70 #ifdef _DEBUG |
|
71 RDebug::Print(KServerStartFailed); |
|
72 #endif |
|
73 } |
|
74 retry = 0; |
|
75 } |
|
76 else |
|
77 { |
|
78 // Return code was KErrNotFound or KErrServerTerminated. |
|
79 // Try to start a new security manager server instance |
|
80 err = StartSecManagerServer (); |
|
81 if ( err != KErrNone && err != KErrAlreadyExists) |
|
82 { |
|
83 // Unrecoverable error |
|
84 #ifdef _DEBUG |
|
85 RDebug::Print(KServerStartFailed); |
|
86 #endif |
|
87 retry = 0; |
|
88 } |
|
89 } |
|
90 |
|
91 retry--; |
|
92 } |
|
93 return (err); |
|
94 } |
|
95 |
|
96 // --------------------------------------------------------------------------- |
|
97 // Starts runtime security manager server |
|
98 // |
|
99 // --------------------------------------------------------------------------- |
|
100 // |
|
101 TInt RSecMgrSession::StartSecManagerServer() const |
|
102 { |
|
103 RTSecMgrTraceFunction("RSecMgrSession::StartSecManagerServer()") ; |
|
104 RProcess server; |
|
105 const TUidType serverUid( KNullUid, KSecMgrServerUid2, KNullUid); |
|
106 TInt err = server.Create ( ServerLocation (), |
|
107 KNullDesC, |
|
108 serverUid, |
|
109 EOwnerProcess); |
|
110 |
|
111 // Return error code if we the process couldn't be created |
|
112 if ( KErrNone == err) |
|
113 { |
|
114 // Rendezvous is used to detect server start |
|
115 TRequestStatus status; |
|
116 server.Rendezvous ( status); |
|
117 if ( status != KRequestPending) |
|
118 { |
|
119 // Log Abort Error |
|
120 #ifdef _DEBUG |
|
121 RDebug::Print(KServerStartFailed); |
|
122 #endif |
|
123 server.Kill ( 0); // Abort startup |
|
124 } |
|
125 else |
|
126 { |
|
127 server.Resume (); // Logon OK - start the server |
|
128 } |
|
129 User::WaitForRequest (status); // Wait for start or death |
|
130 |
|
131 if ( server.ExitType ()== EExitPanic) |
|
132 { |
|
133 #ifdef _DEBUG |
|
134 RDebug::Print(KServerStartFailed); |
|
135 #endif |
|
136 err = KErrGeneral; |
|
137 } |
|
138 else |
|
139 { |
|
140 err = status.Int (); |
|
141 } |
|
142 |
|
143 // We can close the handle now |
|
144 server.Close (); |
|
145 } |
|
146 return err; |
|
147 } |
|
148 |
|
149 // --------------------------------------------------------------------------- |
|
150 // Returns runtime security manager server location |
|
151 // |
|
152 // --------------------------------------------------------------------------- |
|
153 // |
|
154 TFullName RSecMgrSession::ServerLocation() const |
|
155 { |
|
156 TFullName fullPathAndName; |
|
157 fullPathAndName.Append ( KSecMgrServerExeName); |
|
158 return fullPathAndName; |
|
159 } |
|
160 |
|
161 // --------------------------------------------------------------------------- |
|
162 // Returns the earliest version number of the security manager server |
|
163 // |
|
164 // --------------------------------------------------------------------------- |
|
165 // |
|
166 TVersion RSecMgrSession::Version(void) const |
|
167 { |
|
168 return (TVersion(KRTSecMgrServMajorVersionNumber,KRTSecMgrServMinorVersionNumber,KRTSecMgrServBuildVersionNumber)); |
|
169 } |
|
170 |
|
171 // --------------------------------------------------------------------------- |
|
172 // A request to close the session. |
|
173 // |
|
174 // It makes a call to the server, which deletes the object container and object index |
|
175 // for this session, before calling Close() on the base class. |
|
176 // --------------------------------------------------------------------------- |
|
177 // |
|
178 void RSecMgrSession::Close() |
|
179 { |
|
180 if(iHandle) |
|
181 { |
|
182 SendReceive (ESecServCloseSession); |
|
183 RSessionBase::Close(); |
|
184 } |
|
185 } |
|
186 |
|
187 // |
|
188 // Registers the runtime security policy with security manager. This method |
|
189 // packs the message parameters required for registering the policy. |
|
190 // |
|
191 // The various parameters required for SetPolicy operation are : |
|
192 // |
|
193 // Operation Code : ESetPolicy |
|
194 // IPC Argument[0] : Policy Identifier (as inOut parameter) |
|
195 // IPC Argument[1] : SecurityPolicy FileHandle |
|
196 // IPC Argument[2] : SecurityPolicy FileSession object |
|
197 // IPC Argument[3] : none |
|
198 // |
|
199 TInt RSecMgrSession::SetPolicy(const RFile& aSecPolicy) |
|
200 { |
|
201 TPckgBuf<TInt> pckgPId; |
|
202 TIpcArgs args(&pckgPId); |
|
203 |
|
204 TInt ret = aSecPolicy.TransferToServer (args, EMsgArgOne, |
|
205 EMsgArgTwo); |
|
206 |
|
207 if ( KErrNone==ret) |
|
208 { |
|
209 ret = SendReceive (ESetPolicy, args); |
|
210 |
|
211 if ( KErrNone==ret) |
|
212 return pckgPId (); // Extract the policyID returned from the server. |
|
213 } |
|
214 |
|
215 return ret; |
|
216 } |
|
217 |
|
218 TPolicyID RSecMgrSession::SetPolicy(const TDesC8& aPolicyBuffer) |
|
219 { |
|
220 TInt ret(ErrInvalidParameters); |
|
221 if(0==aPolicyBuffer.CompareC(KNullDesC8)) |
|
222 { |
|
223 return ret; |
|
224 } |
|
225 |
|
226 TFileName tempDirPath; |
|
227 TFileName tempPath; |
|
228 |
|
229 { |
|
230 RFs fileSession; |
|
231 if ( KErrNone==fileSession.Connect ()) |
|
232 { |
|
233 fileSession.PrivatePath (tempDirPath); |
|
234 BaflUtils::EnsurePathExistsL (fileSession, tempDirPath); |
|
235 |
|
236 RFile secPolicyFile; |
|
237 secPolicyFile.Temp (fileSession, tempDirPath, tempPath, EFileWrite); |
|
238 secPolicyFile.Write(aPolicyBuffer); |
|
239 secPolicyFile.Close(); |
|
240 } |
|
241 fileSession.Close(); |
|
242 } |
|
243 |
|
244 RFs fileSession; |
|
245 if ( KErrNone==fileSession.Connect ()) |
|
246 { |
|
247 CleanupClosePushL (fileSession); |
|
248 if ( KErrNone==fileSession.ShareProtected ()) |
|
249 { |
|
250 RFile secPolicyFile; |
|
251 |
|
252 if(KErrNone == secPolicyFile.Open(fileSession,tempPath,EFileRead)) |
|
253 { |
|
254 ret = SetPolicy (secPolicyFile); |
|
255 |
|
256 secPolicyFile.Close(); |
|
257 |
|
258 } |
|
259 |
|
260 fileSession.Delete (tempPath); |
|
261 } |
|
262 |
|
263 CleanupStack::PopAndDestroy (&fileSession);//fileSession |
|
264 } |
|
265 |
|
266 fileSession.Close(); |
|
267 |
|
268 return ret; |
|
269 } |
|
270 |
|
271 // |
|
272 // UnRegisters a registered security policy. Runtimes should call this function |
|
273 // to de-register the already registered security policy. |
|
274 // |
|
275 // The various parameters required for UnSetPolicy operation are : |
|
276 // |
|
277 // Operation Code : EUnsetPolicy |
|
278 // IPC Argument[0] : Policy Identifier to un-register |
|
279 // IPC Argument[1] : Successcode (as inOut parameter) |
|
280 // IPC Argument[2] : none |
|
281 // IPC Argument[3] : none |
|
282 // |
|
283 TInt RSecMgrSession::UnSetPolicy(TPolicyID aPolicyID) |
|
284 { |
|
285 if ( aPolicyID<=KErrNone) |
|
286 return ErrInvalidPolicyID; |
|
287 |
|
288 TPckgBuf<TInt> sucess(KErrNone); |
|
289 TIpcArgs args(aPolicyID, &sucess); |
|
290 |
|
291 TInt ret = SendReceive (EUnsetPolicy, args); |
|
292 |
|
293 if ( KErrNone==ret) |
|
294 return sucess (); // Extract the value returned from the server. |
|
295 |
|
296 return ret; |
|
297 } |
|
298 |
|
299 // |
|
300 // Updates an already registered security policy. Runtimes should call this function |
|
301 // to update their policy. |
|
302 // |
|
303 // The various parameters required for UpdatePolicy operation are : |
|
304 // |
|
305 // Operation Code : EUpdatePolicy |
|
306 // IPC Argument[0] : Policy Identifier |
|
307 // IPC Argument[1] : SecurityPolicy FileHandle |
|
308 // IPC Argument[2] : SecurityPolicy FileSession object |
|
309 // IPC Argument[3] : none |
|
310 // |
|
311 TPolicyID RSecMgrSession::UpdatePolicy(TPolicyID aPolicyID, |
|
312 const RFile& aSecPolicy) |
|
313 { |
|
314 if ( aPolicyID<=KErrNone) |
|
315 { |
|
316 return ErrInvalidPolicyID; |
|
317 } |
|
318 |
|
319 TPckgBuf<TInt> pckgPID(aPolicyID); |
|
320 TIpcArgs args(&pckgPID); |
|
321 |
|
322 TInt ret = aSecPolicy.TransferToServer (args, EMsgArgOne, |
|
323 EMsgArgTwo); |
|
324 |
|
325 if ( KErrNone==ret) |
|
326 { |
|
327 ret = SendReceive (EUpdatePolicy, args); |
|
328 |
|
329 if ( KErrNone==ret) |
|
330 ret = pckgPID (); |
|
331 } |
|
332 |
|
333 return ret; |
|
334 } |
|
335 |
|
336 TPolicyID RSecMgrSession::UpdatePolicy(TPolicyID aPolicyID, |
|
337 const TDesC8& aPolicyBuffer) |
|
338 { |
|
339 TInt ret(ErrInvalidParameters); |
|
340 if(0==aPolicyBuffer.CompareC(KNullDesC8)) |
|
341 { |
|
342 return ret; |
|
343 } |
|
344 |
|
345 TFileName tempDirPath; |
|
346 TFileName tempPath; |
|
347 |
|
348 { |
|
349 RFs fileSession; |
|
350 if ( KErrNone==fileSession.Connect ()) |
|
351 { |
|
352 fileSession.PrivatePath (tempDirPath); |
|
353 BaflUtils::EnsurePathExistsL (fileSession, tempDirPath); |
|
354 |
|
355 RFile secPolicyFile; |
|
356 secPolicyFile.Temp (fileSession, tempDirPath, tempPath, EFileWrite); |
|
357 secPolicyFile.Write(aPolicyBuffer); |
|
358 secPolicyFile.Close(); |
|
359 } |
|
360 fileSession.Close(); |
|
361 } |
|
362 |
|
363 RFs fileSession; |
|
364 if ( KErrNone==fileSession.Connect ()) |
|
365 { |
|
366 CleanupClosePushL (fileSession); |
|
367 if ( KErrNone==fileSession.ShareProtected ()) |
|
368 { |
|
369 RFile secPolicyFile; |
|
370 |
|
371 if(KErrNone == secPolicyFile.Open(fileSession,tempPath,EFileRead)) |
|
372 { |
|
373 |
|
374 ret = UpdatePolicy (aPolicyID, secPolicyFile); |
|
375 |
|
376 secPolicyFile.Close(); |
|
377 |
|
378 } |
|
379 |
|
380 fileSession.Delete (tempPath); |
|
381 } |
|
382 |
|
383 CleanupStack::PopAndDestroy (&fileSession);//fileSession |
|
384 } |
|
385 |
|
386 fileSession.Close(); |
|
387 |
|
388 return ret; |
|
389 } |
|
390 |
|
391 // |
|
392 // Registers a script/executable. Runtimes should specify the trust information |
|
393 // of the script to be registered. |
|
394 // |
|
395 // Operation Code : ERegisterScript |
|
396 // IPC Argument[0] : Policy Identifier |
|
397 // IPC Argument[1] : Script Identifier (as inOut Parameter) |
|
398 // IPC Argument[2] : none |
|
399 // IPC Argument[3] : none |
|
400 // |
|
401 TExecutableID RSecMgrSession::RegisterScript(TPolicyID aPolicyID, const CTrustInfo& /*aTrustInfo*/) |
|
402 { |
|
403 if ( aPolicyID<KErrNone) |
|
404 return ErrInvalidPolicyID; |
|
405 |
|
406 TPckgBuf<TInt> scriptID(KAnonymousScript); |
|
407 TIpcArgs args(aPolicyID, &scriptID); |
|
408 |
|
409 TInt result = SendReceive (ERegisterScript, args); |
|
410 |
|
411 if ( KErrNone==result) |
|
412 result=scriptID (); |
|
413 |
|
414 return result; |
|
415 } |
|
416 |
|
417 // |
|
418 // Registers a script/executable. Runtimes should specify the trust information |
|
419 // of the script to be registered. |
|
420 // |
|
421 // Operation Code : ERegisterScript |
|
422 // IPC Argument[0] : Policy Identifier |
|
423 // IPC Argument[1] : Script Identifier (as inOut Parameter) |
|
424 // IPC Argument[2] : Hash value of script |
|
425 // IPC Argument[3] : none |
|
426 // |
|
427 TExecutableID RSecMgrSession::RegisterScript(TPolicyID aPolicyID, |
|
428 const TDesC& aHashMarker, const CTrustInfo& /*aTrustInfo*/) |
|
429 { |
|
430 __UHEAP_MARK; |
|
431 |
|
432 if(!(aHashMarker.Compare(KNullDesC))) |
|
433 return ErrInvalidParameters; |
|
434 CRTSecMgrRegisterScriptMsg* scriptMsg = CRTSecMgrRegisterScriptMsg::NewL ( |
|
435 aPolicyID, aHashMarker); |
|
436 |
|
437 HBufC8* dataDes(NULL); |
|
438 TRAPD(ret, dataDes = scriptMsg->PackMsgL()); |
|
439 if ( dataDes) |
|
440 { |
|
441 TExecutableID scriptID(KAnonymousScript); |
|
442 TPckgBuf<TInt> scriptIDBuf(scriptID); |
|
443 TIpcArgs args(dataDes, &scriptIDBuf); |
|
444 |
|
445 ret = SendReceive (ERegisterScriptWithHash, args); |
|
446 delete dataDes; |
|
447 |
|
448 if(KErrNone==ret) |
|
449 ret = scriptIDBuf(); |
|
450 } |
|
451 |
|
452 delete scriptMsg; |
|
453 |
|
454 __UHEAP_MARKEND; |
|
455 |
|
456 return ret; |
|
457 } |
|
458 |
|
459 // |
|
460 // De-Registers a script/executable. Runtimes should pass the previously registered |
|
461 // script identifier corresponding to the script to be de-registered. |
|
462 // |
|
463 // Operation Code : EUnRegisterScript |
|
464 // IPC Argument[0] : Script Identifier |
|
465 // IPC Argument[1] : Policy Identifier |
|
466 // IPC Argument[2] : Success code (as inOut parameter) |
|
467 // IPC Argument[3] : none |
|
468 // |
|
469 TInt RSecMgrSession::UnRegisterScript(TExecutableID aExeID, TPolicyID aPolicyID) |
|
470 { |
|
471 if (aExeID<=KErrNone) |
|
472 return ErrInvalidScriptID; |
|
473 if (aPolicyID<=KErrNone) |
|
474 return ErrInvalidPolicyID; |
|
475 |
|
476 TPckgBuf<TInt> errCode(KErrNone); |
|
477 TIpcArgs args(aExeID, aPolicyID, &errCode); |
|
478 |
|
479 TInt result = SendReceive (EUnRegisterScript, args); |
|
480 |
|
481 if ( KErrNone==result) |
|
482 return errCode (); |
|
483 |
|
484 return result; |
|
485 } |
|
486 |
|
487 RSecMgrSubSession::RSecMgrSubSession() |
|
488 { |
|
489 |
|
490 } |
|
491 // |
|
492 // Opens client-side sub-session for a registered script. The script session is modelled as a |
|
493 // client side sub-session with a peer server side sub-session. |
|
494 // |
|
495 TInt RSecMgrSubSession::Open(const RSessionBase& aSession, |
|
496 CScript& aScriptInfo, TPolicyID aPolicyID, const TDesC& aHashValue) |
|
497 { |
|
498 TIpcArgs args(aScriptInfo.ScriptID (), aPolicyID); |
|
499 |
|
500 TInt errCode(KErrNone); |
|
501 errCode = iFs.Connect(); |
|
502 if(errCode == KErrNone) |
|
503 { |
|
504 if ( KAnonymousScript==aScriptInfo.ScriptID ()) |
|
505 errCode = CreateSubSession (aSession, EGetTrustedUnRegScriptSession, |
|
506 args); |
|
507 else |
|
508 errCode = CreateSubSession (aSession, EGetScriptSession, args); |
|
509 |
|
510 if ( errCode==KErrNone) |
|
511 { |
|
512 // Retrieve the RFs and RFile handles from the server |
|
513 TPckgBuf<TInt> fh; // sub-session (RFile) handle |
|
514 TIpcArgs args(&fh); |
|
515 |
|
516 RFile file; |
|
517 CleanupClosePushL(file); |
|
518 |
|
519 if ( KErrNone==errCode) |
|
520 { |
|
521 iFs.ShareProtected (); |
|
522 |
|
523 TFileName tempDirPath; |
|
524 TFileName tempPath; |
|
525 |
|
526 iFs.PrivatePath (tempDirPath); |
|
527 BaflUtils::EnsurePathExistsL (iFs, tempDirPath); |
|
528 |
|
529 errCode = file.Temp (iFs, tempDirPath, tempPath, EFileWrite); |
|
530 |
|
531 if ( KErrNone==errCode) |
|
532 { |
|
533 file.TransferToServer (args, EMsgArgOne, EMsgArgTwo); |
|
534 errCode = SendReceive (EGetScriptFile, args); |
|
535 |
|
536 if ( KErrNone==errCode) |
|
537 { |
|
538 RFileReadStream rfs(file); |
|
539 CleanupClosePushL(rfs); |
|
540 aScriptInfo.InternalizeL (rfs); |
|
541 TBufC<KMaxPath> hashValue(aScriptInfo.Hash()); |
|
542 if(0 != hashValue.Compare(KNullDesC)) |
|
543 { |
|
544 if(!aScriptInfo.HashMatch(aHashValue)) |
|
545 { |
|
546 //hash check failed |
|
547 errCode = KErrNotFound; |
|
548 } |
|
549 } |
|
550 |
|
551 CleanupStack::PopAndDestroy(&rfs); |
|
552 } |
|
553 } |
|
554 iFs.Delete (tempPath); |
|
555 } |
|
556 |
|
557 CleanupStack::PopAndDestroy(&file); |
|
558 } |
|
559 } |
|
560 return errCode; |
|
561 } |
|
562 |
|
563 // |
|
564 // Opens client-side sub-session for an un-registered trusted script. The script session is modelled as a |
|
565 // client side sub-session with a peer server side sub-session. |
|
566 // |
|
567 TInt RSecMgrSubSession::Open(const RSessionBase& aSession, |
|
568 CScript& aScriptInfo, TPolicyID aPolicyID, const CTrustInfo& /*aTrustInfo*/) |
|
569 { |
|
570 return Open (aSession, aScriptInfo, aPolicyID); |
|
571 } |
|
572 |
|
573 // |
|
574 // Updates the blanket permission data of the script |
|
575 // |
|
576 TInt RSecMgrSubSession::UpdatePermGrant(TExecutableID aScriptID, |
|
577 TPermGrant aPermGrant, TPermGrant aPermDenied) const |
|
578 { |
|
579 TIpcArgs args(aScriptID, (TInt)aPermGrant, (TInt)aPermDenied); |
|
580 return SendReceive (EUpdatePermanentGrant, args); |
|
581 } |
|
582 |
|
583 // |
|
584 // Close the subsession. |
|
585 // |
|
586 void RSecMgrSubSession::Close() |
|
587 { |
|
588 iFs.Close(); |
|
589 RSubSessionBase::CloseSubSession (ECloseScriptSession); |
|
590 } |
|
591 |