1 // Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of the License "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // Definitions for the security server server side session. |
|
15 // |
|
16 // |
|
17 |
|
18 #ifndef C_SECURITY_SVR_SESSION_H |
|
19 #define C_SECURITY_SVR_SESSION_H |
|
20 |
|
21 /** |
|
22 @file |
|
23 @internalTechnology |
|
24 @released |
|
25 */ |
|
26 |
|
27 // forward declaration |
|
28 class CSecuritySvrAsync; |
|
29 |
|
30 #include "c_security_svr_async.h" |
|
31 #include <f32file.h> |
|
32 #include <d32locd.h> |
|
33 |
|
34 #include <rm_debug_api.h> |
|
35 |
|
36 #include "rm_debug_kerneldriver.h" |
|
37 |
|
38 // Server name |
|
39 _LIT(KDebugDriverName,"RunMode Debug Driver"); |
|
40 |
|
41 class CSecuritySvrServer; |
|
42 |
|
43 /** |
|
44 Debug Security Server session. Manages the session with one debug agent and |
|
45 as many target executables as it has attached to. |
|
46 */ |
|
47 class CSecuritySvrSession : public CSession2 |
|
48 { |
|
49 public: |
|
50 CSecuritySvrSession(); |
|
51 ~CSecuritySvrSession(); |
|
52 void ConstructL (); |
|
53 void CreateL(); |
|
54 |
|
55 TInt OpenHandle(const TRM_DebugDriverInfo& aDriverInfo); |
|
56 void ServiceL(const RMessage2& aMessage); |
|
57 void ServiceError(const RMessage2 &aMessage, TInt aError); |
|
58 |
|
59 void ResumeThreadL(const RMessage2& aMessage); |
|
60 void SuspendThreadL(const RMessage2& aMessage); |
|
61 //break |
|
62 void SetBreakL(const RMessage2& aMessage); |
|
63 void ClearBreakL(const RMessage2& aMessage); |
|
64 void ModifyBreakL(const RMessage2& aMessage); |
|
65 void BreakInfoL(const RMessage2& aMessage); |
|
66 |
|
67 void StepRangeL(const RMessage2& aMessage); |
|
68 |
|
69 void GetEventL(const RMessage2& aMessage); |
|
70 void CancelGetEventL(const RMessage2& aMessage); |
|
71 |
|
72 void AttachProcessL(const RMessage2& aMessage); |
|
73 void DetachProcessL(const RMessage2& aMessage); |
|
74 //debug functionality |
|
75 void GetDebugFunctionalityBufSizeL(const RMessage2& aMessage); |
|
76 void GetDebugFunctionalityL(const RMessage2& aMessage); |
|
77 //memory |
|
78 void ReadMemoryL(const RMessage2& aMessage); |
|
79 void WriteMemoryL(const RMessage2& aMessage); |
|
80 //registers |
|
81 void ReadRegistersL(const RMessage2& aMessage); |
|
82 void WriteRegistersL(const RMessage2& aMessage); |
|
83 //event |
|
84 void SetEventActionL(const RMessage2& aMessage); |
|
85 |
|
86 void GetListL(const RMessage2& aMessage); |
|
87 void StepL(const RMessage2& aMessage); |
|
88 void TraceExecutableL(const RMessage2& aMessage); |
|
89 |
|
90 //crash log |
|
91 void ReadCrashLogL(const RMessage2& aMessage); |
|
92 void WriteCrashConfigL(const RMessage2& aMessage); |
|
93 void EraseCrashLogL(const RMessage2& aMessage); |
|
94 void EraseEntireCrashLogL(const RMessage2& aMessage); |
|
95 |
|
96 void SetProcessBreakL(const RMessage2& aMessage); |
|
97 void ModifyProcessBreakL(const RMessage2& aMessage); |
|
98 void ProcessBreakInfoL(const RMessage2& aMessage); |
|
99 |
|
100 void KillProcessL(const RMessage2& aMessage); |
|
101 |
|
102 TCapabilitySet GetOEMDebugCapabilities(void) const { return iOEMDebugCapabilities; }; |
|
103 |
|
104 #ifdef _DEBUG |
|
105 void DoFailAlloc(const RMessage2& aMessage); |
|
106 #endif |
|
107 |
|
108 private: |
|
109 CSecuritySvrServer& Server() const; |
|
110 void HeapWatcher(const TUint32 aFunction, const TBool aEntry) const; |
|
111 void WriteDataL(const RMessage2& aMessage, const TInt aIndex, const TAny* aPtr, const TUint32 aPtrSize) const; |
|
112 void StoreDebugAgentId(const TProcessId aDebugAgentProcessId); |
|
113 void CheckAttachedL(const TThreadId aThreadId, const RMessage2& aMessage, const TBool aPassive) const; |
|
114 void CheckAttachedL(const TProcessId aProcessId, const RMessage2& aMessage, const TBool aPassive) const; |
|
115 TBool PermitDebugL(const TProcessId aDebugAgentProcessId, const TDesC& aTargetProcessName) const; |
|
116 TBool IsDebugged(const TDesC& aFileName, const TBool aPassive) const; |
|
117 void OpenFileHandleL(const TDesC& aFileName, RFs& aFs, RFile& aFileHandle); |
|
118 TBool IsTraceBitSet(const TDesC8& aHeaderData, const TBool aXip); |
|
119 TBool IsDebugBitSet(const TDesC8& aHeaderData, const TBool aXip); |
|
120 TBool CheckSufficientData(const TDesC8& aHeaderData, const TBool aXip) const; |
|
121 |
|
122 void ValidateMemoryInfoL(const TThreadId aThreadId, const Debug::TMemoryInfo &aMemoryInfo, const TBool aReadOperation); |
|
123 void ValidateRegisterBuffersL(const RMessage2& aMessage, TUint32& aNumberOfRegisters); |
|
124 |
|
125 TInt GetExecutablesListL(TDes8& aBuffer, TUint32& aSize) const; |
|
126 void AppendExecutableData(TDes8& aBuffer, TUint32& aSize, const TDesC& aEntryName) const; |
|
127 void GetSecureIdL(const TDesC& aFileName, TUid& aSecureId); |
|
128 TUid GetSecureIdL(const TDesC8& aHeaderData, TBool aXip); |
|
129 |
|
130 void IsDebuggableL(const TDesC& aFileName); |
|
131 TThreadId ReadTThreadIdL(const RMessagePtr2& aMessage, const TInt aIndex) const; |
|
132 TProcessId ReadTProcessIdL(const RMessagePtr2& aMessage, const TInt aIndex) const; |
|
133 TBool IsExecutableXipL(RFile& aExecutable); |
|
134 |
|
135 void ConnectCrashPartitionL(void); |
|
136 |
|
137 void GetDebugAgentOEMTokenCapsL(); |
|
138 TInt CheckFlashAccessPermissionL(const RThread aClientThread); |
|
139 |
|
140 // Declare the CSecuritySvrAsync as a friend so it can use the iKernelDriver too |
|
141 friend class CSecuritySvrAsync; |
|
142 |
|
143 private: |
|
144 /** |
|
145 Flag to indicate whether we have stored the TProcessId associated with the Debug Agent. |
|
146 */ |
|
147 TBool iDebugAgentProcessIdStored; |
|
148 |
|
149 /** |
|
150 The TProcessId of the Debug Agent associated with this session. A convenience to |
|
151 save looking it up repeatedly. |
|
152 */ |
|
153 TProcessId iDebugAgentProcessId; |
|
154 /** |
|
155 Need an array of async completion objects, one for each target executable. |
|
156 */ |
|
157 RPointerArray<CSecuritySvrAsync> iAsyncHandlers; |
|
158 |
|
159 /** |
|
160 Used to track whether the Debug Agent has been notified when closing the session. |
|
161 */ |
|
162 TBool iServerNotified; |
|
163 |
|
164 /** |
|
165 OEM Debug token support. This is only used when the Debug Agent has OEM debug |
|
166 authority provided by a specific authorisation token file. This token confers |
|
167 the ability to debug certain executables which have not been built as 'Debuggable'. |
|
168 |
|
169 The OEM Debug token executable must be marked with 'AllFiles', as this is analogous |
|
170 to looking 'inside' executables - with AllFiles, it could read all the data out of an |
|
171 executable in \sys\bin\. In addition, since debug control of an executable implies the |
|
172 ability to execute arbitrary code within the target process space, this would imply that |
|
173 a Debug Agent could use any PlatSec capability which that target process possessed. |
|
174 |
|
175 Therefore, we require that the OEM Debug Token must also be marked with a superset of |
|
176 the PlatSec capabilities of the executable which is to be debugged. This means the |
|
177 Debug Agent is not granted more access/PlatSec capabilities than its authorisation |
|
178 token allows, and cannot exploit a target executable to leverage greater access than |
|
179 should be permitted. |
|
180 |
|
181 iTargetCapabilities tracks which PlatSec capabilities the target executables may |
|
182 possess and still be debugged by this debug agent. The capabilities are NOT those |
|
183 of the debug agent process, they are the capabilites indicated in the OEM Debug Token |
|
184 which describe the capabilities the debug agent is authorised to debug. E.g. a Debug |
|
185 Agent might use CommsDD, but wish to debug a DRM capable executable. In that case, the |
|
186 Debug Agent exe must be signed with CommsDD, but the OEM Debug Token need only possess |
|
187 DRM and AllFiles (permission to look inside another executable). |
|
188 */ |
|
189 TCapabilitySet iOEMDebugCapabilities; |
|
190 |
|
191 //RLocalDrive to access the crash Flash |
|
192 RLocalDrive iLocalDrive; |
|
193 |
|
194 //For NOR flash |
|
195 TLocalDriveCapsV2 iCaps; |
|
196 |
|
197 /** |
|
198 * If true means the local drive connected to the crash partition else connect |
|
199 * when access required to crash flash partition for read operation |
|
200 */ |
|
201 TBool iCrashConnected; |
|
202 }; |
|
203 |
|
204 |
|
205 #endif // C_SECURITY_SVR_SESSION_H |
|
206 |
|