|
1 // Copyright (c) 2006-2010 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of the License "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // Definitions for the security server server side session. |
|
15 // |
|
16 // |
|
17 |
|
18 #ifndef C_SECURITY_SVR_SESSION_H |
|
19 #define C_SECURITY_SVR_SESSION_H |
|
20 |
|
21 /** |
|
22 @file |
|
23 @internalTechnology |
|
24 @released |
|
25 */ |
|
26 |
|
27 // forward declaration |
|
28 class CSecuritySvrAsync; |
|
29 |
|
30 #include "c_security_svr_async.h" |
|
31 #include <f32file.h> |
|
32 #include <d32locd.h> |
|
33 |
|
34 #include <rm_debug_api.h> |
|
35 |
|
36 #include "rm_debug_kerneldriver.h" |
|
37 |
|
38 // Server name |
|
39 _LIT(KDebugDriverName,"RunMode Debug Driver"); |
|
40 |
|
41 class CSecuritySvrServer; |
|
42 |
|
43 /** |
|
44 Debug Security Server session. Manages the session with one debug agent and |
|
45 as many target executables as it has attached to. |
|
46 */ |
|
47 class CSecuritySvrSession : public CSession2 |
|
48 { |
|
49 public: |
|
50 CSecuritySvrSession(const TProcessId& aDebugAgentProcessId); |
|
51 ~CSecuritySvrSession(); |
|
52 void ConstructL (); |
|
53 void CreateL(); |
|
54 |
|
55 TInt OpenHandle(const TRM_DebugDriverInfo& aDriverInfo); |
|
56 void ServiceL(const RMessage2& aMessage); |
|
57 void ServiceError(const RMessage2 &aMessage, TInt aError); |
|
58 |
|
59 void ResumeThreadL(const RMessage2& aMessage); |
|
60 void SuspendThreadL(const RMessage2& aMessage); |
|
61 //break |
|
62 void SetBreakL(const RMessage2& aMessage); |
|
63 void ClearBreakL(const RMessage2& aMessage); |
|
64 void ModifyBreakL(const RMessage2& aMessage); |
|
65 void BreakInfoL(const RMessage2& aMessage); |
|
66 |
|
67 void StepRangeL(const RMessage2& aMessage); |
|
68 |
|
69 void GetEventL(const RMessage2& aMessage); |
|
70 void CancelGetEventL(const RMessage2& aMessage); |
|
71 |
|
72 void AttachProcessL(const RMessage2& aMessage); |
|
73 void DetachProcessL(const RMessage2& aMessage); |
|
74 |
|
75 void AttachAllL(const RMessage2& aMessage); |
|
76 void DetachAllL(const RMessage2& aMessage); |
|
77 |
|
78 //debug functionality |
|
79 void GetDebugFunctionalityBufSizeL(const RMessage2& aMessage); |
|
80 void GetDebugFunctionalityL(const RMessage2& aMessage); |
|
81 //memory |
|
82 void ReadMemoryL(const RMessage2& aMessage); |
|
83 void WriteMemoryL(const RMessage2& aMessage); |
|
84 //registers |
|
85 void ReadRegistersL(const RMessage2& aMessage); |
|
86 void WriteRegistersL(const RMessage2& aMessage); |
|
87 //event |
|
88 void SetEventActionL(const RMessage2& aMessage); |
|
89 |
|
90 void GetListL(const RMessage2& aMessage); |
|
91 void StepL(const RMessage2& aMessage); |
|
92 void TraceExecutableL(const RMessage2& aMessage); |
|
93 |
|
94 //crash log |
|
95 void ReadCrashLogL(const RMessage2& aMessage); |
|
96 void WriteCrashConfigL(const RMessage2& aMessage); |
|
97 void EraseCrashLogL(const RMessage2& aMessage); |
|
98 void EraseEntireCrashLogL(const RMessage2& aMessage); |
|
99 |
|
100 void SetProcessBreakL(const RMessage2& aMessage); |
|
101 void ModifyProcessBreakL(const RMessage2& aMessage); |
|
102 void ProcessBreakInfoL(const RMessage2& aMessage); |
|
103 |
|
104 void KillProcessL(const RMessage2& aMessage); |
|
105 |
|
106 TCapabilitySet GetOEMDebugCapabilities(void) const { return iOEMDebugCapabilities; }; |
|
107 |
|
108 #ifdef _DEBUG |
|
109 void DoFailAlloc(const RMessage2& aMessage); |
|
110 #endif |
|
111 |
|
112 private: |
|
113 CSecuritySvrServer& Server() const; |
|
114 void HeapWatcher(const TUint32 aFunction, const TBool aEntry) const; |
|
115 void WriteDataL(const RMessage2& aMessage, const TInt aIndex, const TAny* aPtr, const TUint32 aPtrSize) const; |
|
116 void CheckAttachedL(const TThreadId aThreadId, const RMessage2& aMessage, const TBool aPassive) const; |
|
117 void CheckAttachedL(const TProcessId aProcessId, const RMessage2& aMessage, const TBool aPassive) const; |
|
118 TBool PermitDebugL(const TProcessId aDebugAgentProcessId, const TDesC& aTargetProcessName) const; |
|
119 TBool IsDebugged(const TDesC& aFileName, const TBool aPassive) const; |
|
120 void OpenFileHandleL(const TDesC& aFileName, RFs& aFs, RFile& aFileHandle); |
|
121 TBool IsTraceBitSet(const TDesC8& aHeaderData, const TBool aXip); |
|
122 TBool IsDebugBitSet(const TDesC8& aHeaderData, const TBool aXip); |
|
123 TBool CheckSufficientData(const TDesC8& aHeaderData, const TBool aXip) const; |
|
124 |
|
125 void ValidateMemoryInfoL(const TThreadId aThreadId, const Debug::TMemoryInfo &aMemoryInfo, const TBool aReadOperation); |
|
126 void ValidateRegisterBuffersL(const RMessage2& aMessage, TUint32& aNumberOfRegisters); |
|
127 |
|
128 TInt GetExecutablesListL(TDes8& aBuffer, TUint32& aSize) const; |
|
129 void AppendExecutableData(TDes8& aBuffer, TUint32& aSize, const TDesC& aEntryName) const; |
|
130 void GetSecureIdL(const TDesC& aFileName, TUid& aSecureId); |
|
131 TUid GetSecureIdL(const TDesC8& aHeaderData, TBool aXip); |
|
132 |
|
133 void IsDebuggableL(const TDesC& aFileName); |
|
134 TThreadId ReadTThreadIdL(const RMessagePtr2& aMessage, const TInt aIndex) const; |
|
135 TProcessId ReadTProcessIdL(const RMessagePtr2& aMessage, const TInt aIndex) const; |
|
136 TBool IsExecutableXipL(RFile& aExecutable); |
|
137 |
|
138 void ConnectCrashPartitionL(void); |
|
139 |
|
140 void GetDebugAgentOEMTokenCapsL(); |
|
141 TInt CheckFlashAccessPermissionL(const RThread& aClientThread); |
|
142 |
|
143 // Declare the CSecuritySvrAsync as a friend so it can use the iKernelDriver too |
|
144 friend class CSecuritySvrAsync; |
|
145 |
|
146 private: |
|
147 /** |
|
148 The TProcessId of the Debug Agent associated with this session. A convenience to |
|
149 save looking it up repeatedly. |
|
150 */ |
|
151 TProcessId iDebugAgentProcessId; |
|
152 /** |
|
153 Need an array of async completion objects, one for each target executable. |
|
154 */ |
|
155 RPointerArray<CSecuritySvrAsync> iAsyncHandlers; |
|
156 |
|
157 /** |
|
158 Used to track whether the Debug Agent has been notified when closing the session. |
|
159 */ |
|
160 TBool iServerNotified; |
|
161 |
|
162 /** |
|
163 OEM Debug token support. This is only used when the Debug Agent has OEM debug |
|
164 authority provided by a specific authorisation token file. This token confers |
|
165 the ability to debug certain executables which have not been built as 'Debuggable'. |
|
166 |
|
167 The OEM Debug token executable must be marked with 'AllFiles', as this is analogous |
|
168 to looking 'inside' executables - with AllFiles, it could read all the data out of an |
|
169 executable in \sys\bin\. In addition, since debug control of an executable implies the |
|
170 ability to execute arbitrary code within the target process space, this would imply that |
|
171 a Debug Agent could use any PlatSec capability which that target process possessed. |
|
172 |
|
173 Therefore, we require that the OEM Debug Token must also be marked with a superset of |
|
174 the PlatSec capabilities of the executable which is to be debugged. This means the |
|
175 Debug Agent is not granted more access/PlatSec capabilities than its authorisation |
|
176 token allows, and cannot exploit a target executable to leverage greater access than |
|
177 should be permitted. |
|
178 |
|
179 iTargetCapabilities tracks which PlatSec capabilities the target executables may |
|
180 possess and still be debugged by this debug agent. The capabilities are NOT those |
|
181 of the debug agent process, they are the capabilites indicated in the OEM Debug Token |
|
182 which describe the capabilities the debug agent is authorised to debug. E.g. a Debug |
|
183 Agent might use CommsDD, but wish to debug a DRM capable executable. In that case, the |
|
184 Debug Agent exe must be signed with CommsDD, but the OEM Debug Token need only possess |
|
185 DRM and AllFiles (permission to look inside another executable). |
|
186 */ |
|
187 TCapabilitySet iOEMDebugCapabilities; |
|
188 |
|
189 //RLocalDrive to access the crash Flash |
|
190 RLocalDrive iLocalDrive; |
|
191 |
|
192 //For NOR flash |
|
193 TLocalDriveCapsV2 iCaps; |
|
194 |
|
195 /** |
|
196 * If true means the local drive connected to the crash partition else connect |
|
197 * when access required to crash flash partition for read operation |
|
198 */ |
|
199 TBool iCrashConnected; |
|
200 }; |
|
201 |
|
202 |
|
203 #endif // C_SECURITY_SVR_SESSION_H |
|
204 |