Symbian3/PDK/Source/GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3.dita
changeset 1 25a17d01db0c
child 3 46218c8b8afa
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/Symbian3/PDK/Source/GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3.dita	Fri Jan 22 18:26:19 2010 +0000
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
+<!-- This component and the accompanying materials are made available under the terms of the License 
+"Eclipse Public License v1.0" which accompanies this distribution, 
+and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
+<!-- Initial Contributors:
+    Nokia Corporation - initial contribution.
+Contributors: 
+-->
+<!DOCTYPE concept
+  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
+<concept id="GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3" xml:lang="en"><title>Platform
+Security</title><shortdesc>This document discusses how device drivers should implement platform
+security.</shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody>
+<p>Device drivers must follow the Symbian platform security guidelines. As
+a part of platform security, drivers must be given the necessary platform
+security capabilities. A driver can also check the capabilities of a process
+opening a channel on the device, in order to restrict access to the device. </p>
+<section id="GUID-74BFFE9A-2904-4EFC-952A-581844A9095B"><p><b>Driver-side
+definition</b> </p> <p>Because drivers are loaded by the Kernel, both LDDs
+and PDDs must have the same level of trust and capability as the Kernel. This
+means that platform security capabilities must be set to <codeph>ALL</codeph> in
+the LDD and PDD <filepath>.mmp</filepath> files. </p> <codeblock id="GUID-91D17A93-4DFE-58DB-A071-F82399B7D9CE" xml:space="preserve">// LDD: mmp file
+...
+CAPABILITY     ALL</codeblock> <codeblock id="GUID-68471C34-7E9A-5CE7-BED3-1F3C6AEB08BF" xml:space="preserve">// PDD: mmp file
+...
+CAPABILITY     ALL</codeblock> <p>The user program must have the necessary
+capability set in its <filepath>.mmp</filepath> file to open and access the
+driver API. The reference documentation for the API should say what capabilities
+are required. Usually, they are the same as the minimum capability that is
+required to load the drivers. </p> <codeblock id="GUID-18BF036F-1A2E-59AA-BF8E-05D80B7916B5" xml:space="preserve">// Test application: mmp file
+...
+CAPABILITY    CommDD ReadDeviceData PowerMgmt</codeblock></section>
+<section id="GUID-7177D7FD-088C-432F-BABC-4E5DAA0E07D4"><p><b>User-side verification</b> </p> <p>A
+device driver must check the capability of the process that is accessing it.
+This is typically done during channel creation and, if required, for specific
+requests to the LDD. The Kernel provides the <xref href="GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D.dita#GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D/GUID-E34E27F2-921A-3F78-9DE3-C5B16F37CF8B"><apiname>Kern::CurrentThreadHasCapability()</apiname></xref> API
+to check the capability of the calling process. It can check for more than
+one capability. </p> <p>The following shows how the example driver checks
+during channel creation that the user has the <xref href="GUID-460F2258-02FB-316E-8044-4649E4488486.dita"><apiname>ECapabilityCommD</apiname></xref> capability: </p> <codeblock id="GUID-79B4EB40-14C8-5BDA-9FC9-A82DF87C83A7" xml:space="preserve">TInt DExDriverLogicalChannel::DoCreate(TInt /*aUnit*/, const TDesC8* 
+/*anInfo*/, const TVersion&amp; aVer)
+    {
+    // Capability check - CommDD
+    if (!Kern::CurrentThreadHasCapability (ECapabilityCommDD,
+    __PLATSEC_DIAGNOSTIC_STRING("Checked by Tutorial Driver")))
+        return KErrPermissionDenied;    
+    ...
+    }</codeblock></section>
+<section id="GUID-7B302793-1A00-40D6-8E9A-BA694541D0D4"><p><b>Data caging </b> </p> <p>Symbian
+platform security requires that all DLLs and EXEs are placed in the folder <filepath>/sys/bin</filepath>.
+Drivers and test application binaries must be placed in the <filepath>/sys/bin</filepath> folder
+by their ROM <filepath>.iby</filepath> file. </p> <codeblock id="GUID-42FE3528-37BB-5DD2-B565-4DB527EBC596" xml:space="preserve">// iby file
+device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_ldd.ldd     \Sys\Bin\exdriver_ldd.ldd
+device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_pdd.pdd     \Sys\Bin\exdriver_pdd.pdd
+file=ABI_DIR\BUILD_DIR\exdriver_test.exe                \Sys\Bin\exdriver_test.exe
+</codeblock></section>
+</conbody><related-links>
+<link href="GUID-CE5427E3-B62D-446C-B14C-8D1B5DE9A428.dita#GUID-CE5427E3-B62D-446C-B14C-8D1B5DE9A428/GUID-6F0C610C-0FA8-4948-A860-9B255F580CFE">
+<linktext>Platform Security</linktext></link>
+</related-links></concept>
\ No newline at end of file