|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE concept |
|
11 PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd"> |
|
12 <concept id="GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3" xml:lang="en"><title>Platform |
|
13 Security</title><shortdesc>This document discusses how device drivers should implement platform |
|
14 security.</shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody> |
|
15 <p>Device drivers must follow the Symbian platform security guidelines. As |
|
16 a part of platform security, drivers must be given the necessary platform |
|
17 security capabilities. A driver can also check the capabilities of a process |
|
18 opening a channel on the device, in order to restrict access to the device. </p> |
|
19 <section id="GUID-74BFFE9A-2904-4EFC-952A-581844A9095B"><p><b>Driver-side |
|
20 definition</b> </p> <p>Because drivers are loaded by the Kernel, both LDDs |
|
21 and PDDs must have the same level of trust and capability as the Kernel. This |
|
22 means that platform security capabilities must be set to <codeph>ALL</codeph> in |
|
23 the LDD and PDD <filepath>.mmp</filepath> files. </p> <codeblock id="GUID-91D17A93-4DFE-58DB-A071-F82399B7D9CE" xml:space="preserve">// LDD: mmp file |
|
24 ... |
|
25 CAPABILITY ALL</codeblock> <codeblock id="GUID-68471C34-7E9A-5CE7-BED3-1F3C6AEB08BF" xml:space="preserve">// PDD: mmp file |
|
26 ... |
|
27 CAPABILITY ALL</codeblock> <p>The user program must have the necessary |
|
28 capability set in its <filepath>.mmp</filepath> file to open and access the |
|
29 driver API. The reference documentation for the API should say what capabilities |
|
30 are required. Usually, they are the same as the minimum capability that is |
|
31 required to load the drivers. </p> <codeblock id="GUID-18BF036F-1A2E-59AA-BF8E-05D80B7916B5" xml:space="preserve">// Test application: mmp file |
|
32 ... |
|
33 CAPABILITY CommDD ReadDeviceData PowerMgmt</codeblock></section> |
|
34 <section id="GUID-7177D7FD-088C-432F-BABC-4E5DAA0E07D4"><p><b>User-side verification</b> </p> <p>A |
|
35 device driver must check the capability of the process that is accessing it. |
|
36 This is typically done during channel creation and, if required, for specific |
|
37 requests to the LDD. The Kernel provides the <xref href="GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D.dita#GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D/GUID-E34E27F2-921A-3F78-9DE3-C5B16F37CF8B"><apiname>Kern::CurrentThreadHasCapability()</apiname></xref> API |
|
38 to check the capability of the calling process. It can check for more than |
|
39 one capability. </p> <p>The following shows how the example driver checks |
|
40 during channel creation that the user has the <xref href="GUID-460F2258-02FB-316E-8044-4649E4488486.dita"><apiname>ECapabilityCommD</apiname></xref> capability: </p> <codeblock id="GUID-79B4EB40-14C8-5BDA-9FC9-A82DF87C83A7" xml:space="preserve">TInt DExDriverLogicalChannel::DoCreate(TInt /*aUnit*/, const TDesC8* |
|
41 /*anInfo*/, const TVersion& aVer) |
|
42 { |
|
43 // Capability check - CommDD |
|
44 if (!Kern::CurrentThreadHasCapability (ECapabilityCommDD, |
|
45 __PLATSEC_DIAGNOSTIC_STRING("Checked by Tutorial Driver"))) |
|
46 return KErrPermissionDenied; |
|
47 ... |
|
48 }</codeblock></section> |
|
49 <section id="GUID-7B302793-1A00-40D6-8E9A-BA694541D0D4"><p><b>Data caging </b> </p> <p>Symbian |
|
50 platform security requires that all DLLs and EXEs are placed in the folder <filepath>/sys/bin</filepath>. |
|
51 Drivers and test application binaries must be placed in the <filepath>/sys/bin</filepath> folder |
|
52 by their ROM <filepath>.iby</filepath> file. </p> <codeblock id="GUID-42FE3528-37BB-5DD2-B565-4DB527EBC596" xml:space="preserve">// iby file |
|
53 device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_ldd.ldd \Sys\Bin\exdriver_ldd.ldd |
|
54 device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_pdd.pdd \Sys\Bin\exdriver_pdd.pdd |
|
55 file=ABI_DIR\BUILD_DIR\exdriver_test.exe \Sys\Bin\exdriver_test.exe |
|
56 </codeblock></section> |
|
57 </conbody><related-links> |
|
58 <link href="GUID-EA20E614-C911-4EE9-92B5-C8F9B657D59E.dita"><linktext>Platform |
|
59 security architecture</linktext></link> |
|
60 </related-links></concept> |