|
1 /* |
|
2 * Copyright (c) 2003-2005 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Core Runtime Security Manager Server Class |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
|
24 #ifndef C_CRTSECMGRSERVER_H |
|
25 #define C_CRTSECMGRSERVER_H |
|
26 |
|
27 #include <rtsecmgrcommondef.h> |
|
28 #include "rtsecmgrserverdef.h" |
|
29 #include "rtsecmgrpolicy.h" |
|
30 #include "rtsecmgrstore.h" |
|
31 #include "rtsecmgrpolicymanager.h" |
|
32 #include "rtsecmgrscriptmanager.h" |
|
33 |
|
34 class CPolicyManager; |
|
35 class CScriptManager; |
|
36 class CSecMgrStore; |
|
37 |
|
38 //needed for creating server thread. |
|
39 const TUint KDefaultHeapSize=0x10000; |
|
40 const TUint KShutDownDelay = 200000; // Aprox 2 sec |
|
41 |
|
42 /* |
|
43 * Shutdown timer class |
|
44 * |
|
45 * @exe rtsecmgrserver.exe |
|
46 */ |
|
47 class CShutDown : public CTimer |
|
48 { |
|
49 public: |
|
50 inline CShutDown(); |
|
51 inline void ConstructL(); |
|
52 inline void Start(); |
|
53 inline virtual ~CShutDown(); |
|
54 |
|
55 private: |
|
56 inline void RunL(); |
|
57 }; |
|
58 |
|
59 #include "rtsecmgrshutdown.inl" |
|
60 |
|
61 #include "rtsecmgrserverpolicy.inl" |
|
62 |
|
63 /* |
|
64 CRTSecMgrServer class |
|
65 |
|
66 Represents the server. |
|
67 |
|
68 The server starts with the first client connect call. |
|
69 Start includes setting up active scheduler, the server active object, |
|
70 and the object container index which produces object object containers for each session. |
|
71 */ |
|
72 class CRTSecMgrServer : public CPolicyServer //CServer2 //CPolicyServer |
|
73 { |
|
74 public: |
|
75 /* |
|
76 * Creates a new session with the server; |
|
77 * |
|
78 * @param aVersion const TVersion& version information of security manager server |
|
79 * @param aMessage const RMessage2& server's current message |
|
80 * |
|
81 * @return CSession2* pointer to base instance of created server session |
|
82 */ |
|
83 CSession2* NewSessionL(const TVersion& aVersion, const RMessage2& aMessage) const; |
|
84 |
|
85 /* |
|
86 * Two-phased constructor. Creates a new server object. |
|
87 * |
|
88 * @param aActiveObjectPriority TPriority priorty of the server process |
|
89 * |
|
90 * @return CRTSecMgrServer* pointer to new instance of CRTSecMgrServer |
|
91 */ |
|
92 static CRTSecMgrServer* NewL(CActive::TPriority aActiveObjectPriority); |
|
93 |
|
94 /* |
|
95 * Two-phased constructor. Creates a new server object and leaves |
|
96 * the created instance on the cleanupstack. |
|
97 * |
|
98 * @param aActiveObjectPriority TPriority priorty of the server process |
|
99 * |
|
100 * @return CRTSecMgrServer* pointer to new instance of CRTSecMgrServer |
|
101 */ |
|
102 static CRTSecMgrServer* NewLC(CActive::TPriority aActiveObjectPriority); |
|
103 |
|
104 /* |
|
105 * Utility method to panic the server |
|
106 * |
|
107 * @param aPanic TSecMgrServPanic Panic error code |
|
108 * |
|
109 */ |
|
110 inline static void PanicServer(TSecMgrServPanic aPanic); |
|
111 |
|
112 /* |
|
113 * Returns an object container, and guaranteed |
|
114 * to produce object containers with unique ids |
|
115 * within the server |
|
116 * |
|
117 * This method is called by a new session to create |
|
118 * a container |
|
119 * |
|
120 * |
|
121 * @return CObjectCon* a new object container |
|
122 */ |
|
123 CObjectCon* NewContainerL(); |
|
124 |
|
125 /* |
|
126 * Adds a new server side session |
|
127 * |
|
128 */ |
|
129 inline void AddSession(); |
|
130 |
|
131 /* |
|
132 * Removes a server side session by decrementing |
|
133 * the session count. |
|
134 * |
|
135 * If the session count reaches zero, this method |
|
136 * initiates server shut down timer |
|
137 * |
|
138 */ |
|
139 inline void RemoveSession(); |
|
140 |
|
141 /* |
|
142 * Removes a container object from the container |
|
143 * index |
|
144 * |
|
145 * @param aContainer CObjectCon* pointer to containter object |
|
146 * to be removed |
|
147 */ |
|
148 inline void RemoveFromContainerIx(CObjectCon* aContainer); |
|
149 |
|
150 /* |
|
151 * Generates a new script identifier |
|
152 * |
|
153 * @param aExecID TExecutableID& output generated script identifier |
|
154 * |
|
155 * @return KErrNone if generation of script identifier successful |
|
156 */ |
|
157 inline TInt ReadCounter(TExecutableID& aExecID); |
|
158 |
|
159 /* |
|
160 * Registers a new policy. The actual task is performed by |
|
161 * server side session. |
|
162 * |
|
163 * @param aPolicyID TPolicyID policy identifier |
|
164 * @param aDomains const RProtectionDomains& domains to be added |
|
165 * |
|
166 * @return KErrNone if generation of script identifier successful |
|
167 */ |
|
168 inline void AddPolicyL(TPolicyID aPolicyID, const RProtectionDomains& aDomains, RAliasGroup& aAliasGroup); |
|
169 |
|
170 /* |
|
171 * Checks whether policy with the passed policy identifier exists. |
|
172 * The actual task is performed by server side session. |
|
173 * |
|
174 * @param aPolicyID TPolicyID policy identifier |
|
175 * |
|
176 * @return EFalse if policy identifier does not exist; Otherwise ETrue |
|
177 */ |
|
178 inline TBool IsValidPolicy(TPolicyID aPolicyID) const; |
|
179 |
|
180 /* |
|
181 * Removes an existing policy with the passed policy identifier. |
|
182 * The actual task is performed by server side session. |
|
183 * |
|
184 * @param aPolicyID TPolicyID policy identifier |
|
185 * |
|
186 * @return KErrNone if removal of policy is successful; Otherwise one |
|
187 * of system wide error codes |
|
188 */ |
|
189 inline TInt RemovePolicy(TPolicyID aPolicyID); |
|
190 |
|
191 /* |
|
192 * Register a runtime script with security manager. |
|
193 * The actual task is performed by server side session. |
|
194 * |
|
195 * @param aPolicyID TPolicyID policy identifier |
|
196 * @param aHashValue const TDesC& hashvalue of script |
|
197 * |
|
198 * @return TExecutableID valid script identifier is registration |
|
199 * is successful; otherwise one of system wide error codes |
|
200 * |
|
201 */ |
|
202 inline TExecutableID |
|
203 RegisterScript(TPolicyID aPolicyID, const TDesC& aHashValue); |
|
204 |
|
205 /* |
|
206 * Register a runtime script with security manager. |
|
207 * The actual task is performed by server side session. |
|
208 * |
|
209 * @param aPolicyID TPolicyID policy identifier |
|
210 * |
|
211 * @return TExecutableID valid script identifier is registration |
|
212 * is successful; otherwise one of system wide error codes |
|
213 * |
|
214 */ |
|
215 inline TExecutableID |
|
216 RegisterScript(TPolicyID aPolicyID); |
|
217 |
|
218 /* |
|
219 * UnRegisters a runtime script from security manager. |
|
220 * The actual task is performed by server side session. |
|
221 * |
|
222 * @param aExecID TExecutableID script identifier |
|
223 * @param aPolicyID TPolicyID policy identifier |
|
224 * |
|
225 * |
|
226 */ |
|
227 inline void UnRegisterScriptL(TExecutableID aExecID, TPolicyID aPolicyID); |
|
228 |
|
229 /* |
|
230 * Gets script data structure. The script identifier |
|
231 * is specified in the input script object |
|
232 * |
|
233 * @param aScript CScript& Input output script object |
|
234 * |
|
235 * @return KErrNone if script object is successsfully internalized |
|
236 * |
|
237 */ |
|
238 inline TInt GetCapabilityInfo(CScript& aScript); |
|
239 |
|
240 /* |
|
241 * Gets script data structure. The script identifier |
|
242 * is specified in the input script object |
|
243 * |
|
244 * @param aPolicyID TPolicyID policy identifier |
|
245 * @param aExecID TExecutableID script identifier |
|
246 * @param aScript CScript& Input output script object |
|
247 * |
|
248 * @return KErrNone if script object is successsfully internalized |
|
249 * |
|
250 */ |
|
251 TInt GetCapabilityInfo(TPolicyID aPolicyID, TExecutableID aExecID, |
|
252 CScript& aScript); |
|
253 |
|
254 /* |
|
255 * Utility method to get the name of the script file |
|
256 * |
|
257 * @param aPolicyID TPolicyID policy identifier |
|
258 * @param aScriptFile TFileName& input output name of script file |
|
259 * |
|
260 * @return KErrNone if script filename is successsfully fetched |
|
261 * |
|
262 */ |
|
263 inline TInt GetScriptFile(TExecutableID aExecID, TDes& aScriptFile); |
|
264 |
|
265 /* |
|
266 * Utility method to update the permanently allowed or denied |
|
267 * permissions for the script object |
|
268 * |
|
269 * @param aExecID TExecutableID script identifier of script object whose |
|
270 * permanent permissions are modified |
|
271 * @param aPermGrant TPermGrant permanently allowed permissions |
|
272 * @param aPermDenied TPermGrant permanently denied permissions |
|
273 * |
|
274 */ |
|
275 void UpdatePermGrantL(TExecutableID aExecID, TPermGrant aPermGrant, |
|
276 TPermGrant aPermDenied); |
|
277 |
|
278 /* |
|
279 * Utility method to create a backup for the policy file |
|
280 * |
|
281 * @param aPolicyID TPolicyID policy identifier for the file |
|
282 * getting backed up |
|
283 * @return KErrNone if backupfile is successsfully created |
|
284 * |
|
285 */ |
|
286 inline TInt BackupFile(TPolicyID aPolicyID); |
|
287 |
|
288 /* |
|
289 * Utility method to remove the backup file created |
|
290 * |
|
291 * @param aPolicyID TPolicyID policy identifier for the file |
|
292 * whose backup is getting removed |
|
293 * @return KErrNone if backup file is successsfully removed |
|
294 * |
|
295 */ |
|
296 inline TInt RemoveTempPolicy(TPolicyID aPolicyID); |
|
297 |
|
298 /* |
|
299 * Utility method to restore the backup file created if update fails |
|
300 * |
|
301 * @param aPolicyID TPolicyID policy identifier for the file |
|
302 * which is restored back |
|
303 * @return KErrNone if backup file is successsfully restored |
|
304 * |
|
305 */ |
|
306 inline TInt RestoreTempPolicy(TPolicyID aPolicyID); |
|
307 |
|
308 /* |
|
309 * Utility method to get the policy file information |
|
310 * |
|
311 * @param aPolicyID TPolicyID policy identifier for the file |
|
312 * which is restored back |
|
313 * @return CPolicy* pointer to instance of Cpolicy stored in CPolicyManager |
|
314 * |
|
315 */ |
|
316 inline CPolicy* ReturnPolicyInfo(TPolicyID aPolicyID); |
|
317 |
|
318 /* |
|
319 * Utility method to store the policy file information |
|
320 * |
|
321 * @param aPolicy CPolicy policy information from parser |
|
322 * |
|
323 */ |
|
324 inline void StorePolicyL(const CPolicy& aPolicy); |
|
325 |
|
326 |
|
327 private: |
|
328 /* |
|
329 * Constructor |
|
330 */ |
|
331 inline CRTSecMgrServer(CActive::TPriority aActiveObjectPriority); |
|
332 |
|
333 /* |
|
334 * Second phase constructor |
|
335 * |
|
336 */ |
|
337 void ConstructL(); |
|
338 |
|
339 /* |
|
340 * Server destructor |
|
341 * |
|
342 */ |
|
343 ~CRTSecMgrServer(); |
|
344 |
|
345 private: |
|
346 |
|
347 /* |
|
348 * shutdown timer object |
|
349 * |
|
350 */ |
|
351 CShutDown iShutDown; |
|
352 |
|
353 /* |
|
354 * Session counter |
|
355 * |
|
356 */ |
|
357 TInt iSessionCount; |
|
358 |
|
359 /* |
|
360 * Session container index |
|
361 * |
|
362 */ |
|
363 CObjectConIx* iContainerIndex; |
|
364 |
|
365 /* |
|
366 * Reference to policy manager |
|
367 * |
|
368 */ |
|
369 CPolicyManager* iPolicyMgr; |
|
370 |
|
371 /* |
|
372 * Reference to script manager |
|
373 * |
|
374 */ |
|
375 CScriptManager* iScriptMgr; |
|
376 |
|
377 /* |
|
378 * Reference to security manager store |
|
379 * |
|
380 */ |
|
381 CSecMgrStore* iSecMgrDb; |
|
382 }; |
|
383 |
|
384 #include "rtsecmgrserver.inl" |
|
385 |
|
386 #endif //C_CRTSECMGRSERVER_H |