|
1 // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // |
|
15 |
|
16 /** |
|
17 @file |
|
18 @internalTechnology |
|
19 */ |
|
20 #ifndef __btmanserversecuritypolicy_h__ |
|
21 #define __btmanserversecuritypolicy_h__ |
|
22 |
|
23 const TUint KBtmanServerRangeCount = 17; |
|
24 |
|
25 /** |
|
26 N.B. |
|
27 1.) Functions labelled 'Always fail' are not supported by BTManServer currently. |
|
28 2.) Functions labelled 'Always pass' can only be issued once a valid sessionhandle is obtained |
|
29 (EBTManCreateRegistrySubSession), in which case we know that the client has the |
|
30 LocalServices capability so we do not have to check capabilties again. |
|
31 3.) All other Functions are labelled with the capability that is required to execute them. |
|
32 **/ |
|
33 |
|
34 const TInt KBtmanServerRanges[KBtmanServerRangeCount] = |
|
35 { |
|
36 EBTManCreateHostResolverSubSession, // 0 = Alway fail |
|
37 EBTManCreateRegistrySubSession, // 1 = Local Services |
|
38 EBTManRegistrySearch, // 2 = Always pass |
|
39 EBTRegistryRetrieveDevice, // 3 = Always fail |
|
40 EBTRegistryAddDevice, // 4 = Always pass |
|
41 EBTRegistryModifyBluetoothName, // 5 = Write Device Data |
|
42 EBTRegistryModifyFriendlyName, // 6 = Always pass |
|
43 EBTRegistryModifyNamelessDevice, // 7 = Write Device Data |
|
44 EBTRegistryDeleteDevices, // 8 = Always pass |
|
45 EBTRegistryDeleteLinkKey, // 9 = Write Device Data |
|
46 EBTRegistryCloseView, // 10 = Always pass |
|
47 EBTRegistryUpdateLocalDevice, // 11 = Write Device Data |
|
48 EBTRegistryGetCommPortSettings, // 12 = Always pass |
|
49 EBTHostResolverDeviceRequest, // 13 = Always fail |
|
50 EBTManSetHeapFailure, // 14 = Local Services |
|
51 EBTRegistryNotifyViewChange, // 15 = Always pass |
|
52 // If new function enums are added, the following value needs to |
|
53 // increase to be <last function number> + 1. |
|
54 // This defines a final range that extends from the first invalid |
|
55 // function number to KMaxTInt, and protects against attempts to |
|
56 // attack the server with invalid functions. |
|
57 EBTRegistryNotifyViewChange + 1 // 16 = CPolicyServer::ENotSupported for all other fns. |
|
58 }; |
|
59 |
|
60 |
|
61 |
|
62 /** Index numbers into KBtmanServerElements[] */ |
|
63 const TInt policyAlwaysFail = 0; |
|
64 const TInt policyLocalServices = 1; |
|
65 const TInt policyAlwaysPass = 2; |
|
66 const TInt policyWriteDeviceData = 3; |
|
67 |
|
68 /**Mapping IPCs to policy element */ |
|
69 const TUint8 KBtmanServerElementsIndex[KBtmanServerRangeCount] = |
|
70 { |
|
71 policyAlwaysFail, /** EBTManCreateHostResolverSubSession */ |
|
72 policyLocalServices, /** EBTManCreateRegistrySubSession */ |
|
73 /** EBTManCreateCommPortSettingsSubSession */ |
|
74 /** EBTManCreateLocalDeviceSubSession */ |
|
75 policyAlwaysPass, /** EBTManRegistrySearch */ |
|
76 /** EBTManExtractRegistryDataIntoServer */ |
|
77 /** EBTManRetrieveRegistryData */ |
|
78 /** EBTManCloseSubSession */ |
|
79 /** EBTManCancelRequest */ |
|
80 policyAlwaysFail, /** EBTRegistryRetrieveDevice */ |
|
81 policyAlwaysPass, /** EBTRegistryAddDevice */ |
|
82 /** EBTRegistryGetNamelessDevice */ |
|
83 policyWriteDeviceData, /** EBTRegistryModifyBluetoothName */ |
|
84 policyAlwaysPass, /** EBTRegistryModifyFriendlyName */ |
|
85 policyWriteDeviceData, /** EBTRegistryModifyNamelessDevice */ |
|
86 policyAlwaysPass, /** EBTRegistryDeleteDevices */ |
|
87 policyWriteDeviceData, /** EBTRegistryDeleteLinkKey */ |
|
88 /** EBTRegistryUnpairView */ |
|
89 policyAlwaysPass, /** EBTRegistryCloseView */ |
|
90 /** EBTRegistryGetLocalDevice */ |
|
91 policyWriteDeviceData, /** EBTRegistryUpdateLocalDevice */ |
|
92 policyAlwaysPass, /** EBTRegistryGetCommPortSettings */ |
|
93 /** EBTRegistryUpdateCommPortSettings */ |
|
94 /** EBTRegistryDeleteCommPortSettings */ |
|
95 policyAlwaysFail, /** EBTHostResolverDeviceRequest */ |
|
96 /** EBTHostResolverGetNextDeviceRequest */ |
|
97 /** EBTHostResolverDeviceModifyDevice */ |
|
98 /** EBTHostResolverNotifyRequest */ |
|
99 policyLocalServices, /** EBTManSetHeapFailure */ |
|
100 /** EBTManSubSessionCount */ |
|
101 policyAlwaysPass, /** EBTRegistryNotifyViewChange */ |
|
102 CPolicyServer::ENotSupported /** EBTManCreateSecManSubSession */ |
|
103 /** EBTManCreateSecuritySettingsSubSession */ |
|
104 /** EBTManCreateBasebandSecuritySubSession */ |
|
105 /** EBTSecManAccessRequest */ |
|
106 /** EBTSecuritySettingsRegister */ |
|
107 /** EBTSecuritySettingsUnregister */ |
|
108 /** EBTBasebandSecurityLinkKeyRequest */ |
|
109 /** EBTBasebandSecurityNewLinkKey */ |
|
110 /** EBTBasebandSecurityPinRequest */ |
|
111 /** EBTBasebandSecurityNewLinkState */ |
|
112 /** EBTBasebandSecurityHCIRequestHandler */ |
|
113 /** EBTBasebandSecurityNameRequestResponse */ |
|
114 /** ...and onwards to KMaxTInt */ |
|
115 }; |
|
116 |
|
117 /** Individual policy elements */ |
|
118 const CPolicyServer::TPolicyElement KBtmanServerElements[] = |
|
119 { |
|
120 /** the EFailClient means that the if the check fails the CheckFailed method with return KErrPermissionDenied */ |
|
121 { _INIT_SECURITY_POLICY_FAIL }, /** policyAlwaysFail */ |
|
122 { _INIT_SECURITY_POLICY_C1(ECapabilityLocalServices), CPolicyServer::EFailClient }, /** policyLocalService */ |
|
123 { _INIT_SECURITY_POLICY_PASS }, /** policyAlwaysPass */ |
|
124 { _INIT_SECURITY_POLICY_C1(ECapabilityWriteDeviceData), CPolicyServer::EFailClient } /** policyWriteDevData */ |
|
125 }; |
|
126 |
|
127 /** Main policy */ |
|
128 const CPolicyServer::TPolicy KBtmanServerPolicy = |
|
129 { |
|
130 CPolicyServer::EAlwaysPass, /** Specifies all connect attempts should pass */ |
|
131 KBtmanServerRangeCount, |
|
132 KBtmanServerRanges, |
|
133 KBtmanServerElementsIndex, |
|
134 KBtmanServerElements, |
|
135 }; |
|
136 |
|
137 #endif //__btmanserversecuritypolicy_h__ |