author William Roberts <williamr@symbian.org>
Thu, 22 Jul 2010 16:49:09 +0100
changeset 38 c4e342fcf0c8
parent 0 08ec8eefde2f
child 51 7d4490026038
permissions -rw-r--r--
Catchup to latest Symbian^4

// Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
// All rights reserved.
// This component and the accompanying materials are made available
// under the terms of "Eclipse Public License v1.0"
// which accompanies this distribution, and is available
// at the URL "http://www.eclipse.org/legal/epl-v10.html".
// Initial Contributors:
// Nokia Corporation - initial contribution.
// Contributors:
// Description:

#include "logservsecurity.h"
#include <e32capability.h>
#include "LogServResourceInterpreter.h"
#include "LogCliServShared.h"
#include "logservpanic.h"

The max number of TCapability(s) that can be used to instantiate a TSecurityPolicy
const TInt KMaxCapsPerOp = 7;

// TCaps class - declaration and implementation

The class represents a static array of TCapability items (it can't grow or shrink).
The class should be used every time when there is a need of a static TCapability array.
It offers an overloaded "[]" operator with run-time bounds checks.
class TCaps
	inline TInt MaxSize() const
		return KMaxCapsPerOp;
	inline TCapability& operator [](TInt aIndex)
		__ASSERT_DEBUG(aIndex >= 0 && aIndex < MaxSize(), User::Invariant());
		return iItems[aIndex];
	inline const TCapability& operator [](TInt aIndex) const
		__ASSERT_DEBUG(aIndex >= 0 && aIndex < MaxSize(), User::Invariant());
		return iItems[aIndex];
	TCapability iItems[KMaxCapsPerOp];

The controlled capabilities are initialized with ECapability_None value.
	for(TInt i=0;i<MaxSize();++i)
		iItems[i] = ECapability_None;
// TEventPolicy structure - declaration and implementation

Each LogEngServer event defined in Logwrap.rss has two associated
TSecurityPolicy(s) - one each for read/write operations. This structure 
contains one read and one write policy per defined LogEngServer event.
struct TEventPolicy 
	TEventPolicy(TUid aEventType, const TCaps& aReadCaps, const TCaps& aWriteCaps);
	TUid 			iEventType;// event type defined in LOGWRAP.RSS
	TSecurityPolicy	iReadPolicy;
	TSecurityPolicy	iWritePolicy;	

@param aEventType Event type. It could be one of the following: KLogCallEventType,
					KLogDataEventType, KLogFaxEventType, KLogShortMessageEventType,
					KLogMailEventType, KLogTaskSchedulerEventType, KLogPacketDataEventType.
					See LOGWRAP.RSS file where these constants are defined.
@param aReadCaps Read capablities for aEventType argument. The client, who wants to use
			 	 that event type ("read" operations), must satisfy aRead set of capabilities.					
@param aWriteCaps Write capablities for aEventType argument. The client, who wants to use
			 	 that event type ("write" operations), must satisfy aWrite set of capabilities.					
TEventPolicy::TEventPolicy(TUid aEventType, const TCaps& aReadCaps, const TCaps& aWriteCaps) :

// TSecurityInfoReader class declaration

//Forward declaration
class CLogServSecurityImpl;
The class manages the reading of the Security policy data from Logwrap.rss and storing 
it in the supplied as an argument CLogServSecurityImpl object.
class TSecurityInfoReader
	TSecurityInfoReader(CLogServResourceInterpreter& aResourceInterface, 
						CLogServSecurityImpl& aLogServSecurity);
	void ReadL();
	TInt GetEventTypeCountL();
	void GetCapabilities(TResourceReader& aReader, TCaps& aCaps);

	CLogServResourceInterpreter& iResourceInterface;
	CLogServSecurityImpl& iLogServSecurity;

// CLogServSecurityImpl class declaration and implementation.

The class implements pure virtual methods in CLogServSecurity class.
All functionality, related to processing the data in LogEngServer resource file,
is delegated to an instance of TSecurityInfoReader class.
class CLogServSecurityImpl : public CLogServSecurity
	friend class TSecurityInfoReader;
	static CLogServSecurityImpl* NewL(CLogServResourceInterpreter& aResourceInterface);
	virtual ~CLogServSecurityImpl();		
	virtual TBool IsAllowed(const RMessage2& aMsg, TUid aEventType, TEventOp aEventOp, const char* aDiagnostic);
	virtual TSecurityPolicy SecurityPolicy(TUid aEventType, TEventOp aEventOp);
	void ConstructL(CLogServResourceInterpreter& aResourceInterface);		
	const TSecurityPolicy& FindPolicy(TUid aEventType, TEventOp aEventOp) const;
	RArray<TEventPolicy> iPolicyCon;
	TSecurityPolicy iPassAllPolicy;

Standard, phase-one factory method for creation of objects of CLogServSecurityImpl type.
@param aResourceInterface A reference to CLogServResourceInterpreter object used for reading
 						  the LogEngServer resource file (logwrap.rss). It is used only durring 
 						  the construction phase of CLogServSecurityImpl instance.
@return A pointer to the created CLogServSecurityImpl instance.
@leave System-wide error codes, including KErrNoMemory and reading file errors.
CLogServSecurityImpl* CLogServSecurityImpl::NewL(CLogServResourceInterpreter& aResourceInterface)
	CLogServSecurityImpl* self = new (ELeave) CLogServSecurityImpl;
	return self;


The method compares the caller's capabilities against the set of capabilities,
required for that kind of operation (read or write) and returns ETrue or EFalse.
@param aMsg The message, containing the caller capabilities which have to be checked.
@param aEventType Event type. For more details see LOGWRAP.RSS file where the  
				  UID constants are defined.
@param aEventOp The type of the operation which is about to be performed by the 
					  caller. It could be EReadOp or EWriteOp.
@return ETrue - the caller is allowed to execute the operation, EFalse - the caller's
				capabilities do not match the required set of capabilities for that
				kind of operation (read or write).	
Note: Only built-in types (included in logwrap.rss) are policed.
	  So, return ETrue if TUid argument isn't a built-in type.
TBool CLogServSecurityImpl::IsAllowed(const RMessage2& aMsg, TUid aEventType, TEventOp aEventOp, const char* aDiagnostic)
	const TSecurityPolicy& policy = FindPolicy(aEventType, aEventOp);
	return policy.CheckPolicy(aMsg, aDiagnostic);

This method is declared and implemented only if "LOGSERV_CAPABILITY_TEST" macro is defined
@param aEventType Event type. For more details see LOGWRAP.RSS file where the  
				  UID constants are defined.
@param aEventOp The type of the event operation: EReadOp or EWriteOp.
@return The related with {aEventType, aEventOp} pair TSecurityPOlicy object.
TSecurityPolicy CLogServSecurityImpl::SecurityPolicy(TUid aEventType, TEventOp aEventOp)
	const TSecurityPolicy& policy = FindPolicy(aEventType, aEventOp);
	return policy;

CLogServSecurityImpl::CLogServSecurityImpl() :

Standard, phase-two construction method for creation of CLogServSecurityImpl objects.
@param aResourceInterface A reference to CLogServResourceInterpreter object used for reading
 						  the LogEngServer resource file (logwrap.rss). It is used only durring 
 						  the construction phase of CLogServSecurityImpl instance.
@leave System-wide error codes, including KErrNoMemory and reading file errors.
void CLogServSecurityImpl::ConstructL(CLogServResourceInterpreter& aResourceInterface)
	TSecurityInfoReader reader(aResourceInterface, *this);

The method performs a search for the related to {aEventType, aOperationType} pair 
TSecurityPolicy object. If there is no registered TSecurityPolicy object for the
supplied pair of arguments (which is possible, if aEventType argument is not a
built-in type, specified in LOGWRAP.RSS file), then the method returns a reference
to pass-all TSecurityPolicy object.
@param aEventType Event type. For more details see LOGWRAP.RSS file where the  
				  UID constants are defined.
@param aAccessType The type of the operation which is about to be performed by the 
					  caller. It could be ERead or EWrite.
@return A const reference to TSecurityPolicy object, which defines a set of capabilities,
		required for that kind of operation (read or write).
const TSecurityPolicy& CLogServSecurityImpl::FindPolicy(TUid aEventType, TEventOp aEventOp) const
	for(TInt i=iPolicyCon.Count()-1;i>=0;--i)
		const TEventPolicy& eventPolicy = iPolicyCon[i];
		if(eventPolicy.iEventType == aEventType)
			return aEventOp == EWriteOp ? eventPolicy.iWritePolicy : eventPolicy.iReadPolicy;
	// aEventType wasn't found - it doesn't represent a policed event type.		
	return iPassAllPolicy;	

// CLogServSecurity implementation

Standard, phase-one factory method for creation of objects of CLogServSecurity type.
@param aResourceInterface A reference to CLogServResourceInterpreter object used for reading
 						  the LogEngServer resource file (logwrap.rss).
@return A pointer to the created CLogServSecurity instance.
@leave System-wide error codes, including KErrNoMemory and reading file errors.
CLogServSecurity* CLogServSecurity::NewL(CLogServResourceInterpreter& aResourceInterface)
	return CLogServSecurityImpl::NewL(aResourceInterface);

// TSecurityInfoReader class implementation

@param aResourceInterface A reference to CLogServResourceInterpreter object used for reading
 						  the LogEngServer resource file (logwrap.rss).
@param aLogServSecurity A reference to CLogServSecurityImpl instance, which internal content
						will be initialized with the related information from the 
						LogEngServer resource file.
TSecurityInfoReader::TSecurityInfoReader(CLogServResourceInterpreter& aResourceInterface,
										 CLogServSecurityImpl& aLogServSecurity) :
The method reads the LogEngServer events capabilities from the resource file and 
initializes with them iLogServSecurity data member;
@leave System-wide error codes, including KErrNoMemory and reading file errors.
@panic ELogSecurityCapabilitiesUndefined (107) if the total number of event types
		don't match the total number of the event capability sets.
void TSecurityInfoReader::ReadL()
	TInt eventTypeCount = GetEventTypeCountL();
	TResourceReader reader;
	iResourceInterface.CreateResourceReaderLC(reader, R_LOG_SECURITY, CLogServResourceInterpreter::ELogWrap);
	TInt securityNodeCount = reader.ReadInt16();

	// For all built-in event types there _MUST_ be a corresponding set of
	// capabilities defined in logwrap.rss.
	__ASSERT_ALWAYS(eventTypeCount == securityNodeCount, Panic(ELogSecurityCapabilitiesUndefined));
	for(TInt i=0;i<eventTypeCount;++i)
		TUid eventType = {reader.ReadUint32()};
		TCaps readCaps;
		GetCapabilities(reader, readCaps);
		TCaps writeCaps;
		GetCapabilities(reader, writeCaps);
	    TInt err = iLogServSecurity.iPolicyCon.Append(TEventPolicy(eventType, readCaps, writeCaps));
        __ASSERT_ALWAYS(err == KErrNone, Panic(ELogArrayReserved));
	CleanupStack::PopAndDestroy(); // the resource reader

The method returns the number of built-in event types defined for the LogEngServer 
in logwrap.rss - see section entitled 'r_log_initial_events'.
@return An integer number representing the number of the event types found in the 
		resource file.
@leave System-wide error codes, including KErrNoMemory and reading file errors.
TInt TSecurityInfoReader::GetEventTypeCountL()
	TResourceReader reader;
	iResourceInterface.CreateResourceReaderLC(reader, R_LOG_INITIAL_EVENTS, CLogServResourceInterpreter::ELogWrap);
	TInt count = reader.ReadInt16();
	return count;

The method reads the capabilities for the currently processed event.
@param aReader TResourceReader object used for reading the related resource file entries.
@param aCaps An output parameter, reference to the array where the capabilities will be
@panic ELogTooManyCapabilities (108) if the number of the capabilities in the resource
		file exceeds the max allowed number, which is currently set to KMaxCapsPerOp (7).
@panic ELogUnknownCapability (109) if the found capability is of unknown type.
void TSecurityInfoReader::GetCapabilities(TResourceReader& aReader, TCaps& aCaps)
	TInt capsCount = aReader.ReadInt16();
	__ASSERT_ALWAYS((TUint)capsCount <= aCaps.MaxSize(), Panic(ELogTooManyCapabilities));
	for(TInt i=0;i<capsCount;++i)
		TInt n = aReader.ReadInt32();
		__ASSERT_ALWAYS(n >= ECapability_None && n < ECapability_Limit, Panic(ELogUnknownCapability));// its not in e32capability.h !
		aCaps[i] = TCapability(n);