<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3" xml:lang="en"><title>Platform
Security</title><shortdesc>This document discusses how device drivers should implement platform
security.</shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>Device drivers must follow the Symbian platform security guidelines. As
a part of platform security, drivers must be given the necessary platform
security capabilities. A driver can also check the capabilities of a process
opening a channel on the device, in order to restrict access to the device. </p>
<section id="GUID-74BFFE9A-2904-4EFC-952A-581844A9095B"><p><b>Driver-side
definition</b> </p> <p>Because drivers are loaded by the Kernel, both LDDs
and PDDs must have the same level of trust and capability as the Kernel. This
means that platform security capabilities must be set to <codeph>ALL</codeph> in
the LDD and PDD <filepath>.mmp</filepath> files. </p> <codeblock id="GUID-91D17A93-4DFE-58DB-A071-F82399B7D9CE" xml:space="preserve">// LDD: mmp file
...
CAPABILITY ALL</codeblock> <codeblock id="GUID-68471C34-7E9A-5CE7-BED3-1F3C6AEB08BF" xml:space="preserve">// PDD: mmp file
...
CAPABILITY ALL</codeblock> <p>The user program must have the necessary
capability set in its <filepath>.mmp</filepath> file to open and access the
driver API. The reference documentation for the API should say what capabilities
are required. Usually, they are the same as the minimum capability that is
required to load the drivers. </p> <codeblock id="GUID-18BF036F-1A2E-59AA-BF8E-05D80B7916B5" xml:space="preserve">// Test application: mmp file
...
CAPABILITY CommDD ReadDeviceData PowerMgmt</codeblock></section>
<section id="GUID-7177D7FD-088C-432F-BABC-4E5DAA0E07D4"><p><b>User-side verification</b> </p> <p>A
device driver must check the capability of the process that is accessing it.
This is typically done during channel creation and, if required, for specific
requests to the LDD. The Kernel provides the <xref href="GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D.dita#GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D/GUID-E34E27F2-921A-3F78-9DE3-C5B16F37CF8B"><apiname>Kern::CurrentThreadHasCapability()</apiname></xref> API
to check the capability of the calling process. It can check for more than
one capability. </p> <p>The following shows how the example driver checks
during channel creation that the user has the <xref href="GUID-460F2258-02FB-316E-8044-4649E4488486.dita"><apiname>ECapabilityCommD</apiname></xref> capability: </p> <codeblock id="GUID-79B4EB40-14C8-5BDA-9FC9-A82DF87C83A7" xml:space="preserve">TInt DExDriverLogicalChannel::DoCreate(TInt /*aUnit*/, const TDesC8*
/*anInfo*/, const TVersion& aVer)
{
// Capability check - CommDD
if (!Kern::CurrentThreadHasCapability (ECapabilityCommDD,
__PLATSEC_DIAGNOSTIC_STRING("Checked by Tutorial Driver")))
return KErrPermissionDenied;
...
}</codeblock></section>
<section id="GUID-7B302793-1A00-40D6-8E9A-BA694541D0D4"><p><b>Data caging </b> </p> <p>Symbian
platform security requires that all DLLs and EXEs are placed in the folder <filepath>/sys/bin</filepath>.
Drivers and test application binaries must be placed in the <filepath>/sys/bin</filepath> folder
by their ROM <filepath>.iby</filepath> file. </p> <codeblock id="GUID-42FE3528-37BB-5DD2-B565-4DB527EBC596" xml:space="preserve">// iby file
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_ldd.ldd \Sys\Bin\exdriver_ldd.ldd
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_pdd.pdd \Sys\Bin\exdriver_pdd.pdd
file=ABI_DIR\BUILD_DIR\exdriver_test.exe \Sys\Bin\exdriver_test.exe
</codeblock></section>
</conbody><related-links>
<link href="GUID-EA20E614-C911-4EE9-92B5-C8F9B657D59E.dita"><linktext>Platform
security architecture</linktext></link>
</related-links></concept>