Symbian3/PDK/Source/GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3.dita
author Dominic Pinkman <dominic.pinkman@nokia.com>
Wed, 16 Jun 2010 10:24:13 +0100
changeset 10 d4524d6a4472
parent 5 f345bda72bc4
child 14 578be2adaf3e
permissions -rw-r--r--
removal of PIPS 'antiword' example pending a decision on its license

<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License 
"Eclipse Public License v1.0" which accompanies this distribution, 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
    Nokia Corporation - initial contribution.
Contributors: 
-->
<!DOCTYPE concept
  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3" xml:lang="en"><title>Platform
Security</title><shortdesc>This document discusses how device drivers should implement platform
security.</shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>Device drivers must follow the Symbian platform security guidelines. As
a part of platform security, drivers must be given the necessary platform
security capabilities. A driver can also check the capabilities of a process
opening a channel on the device, in order to restrict access to the device. </p>
<section id="GUID-74BFFE9A-2904-4EFC-952A-581844A9095B"><p><b>Driver-side
definition</b> </p> <p>Because drivers are loaded by the Kernel, both LDDs
and PDDs must have the same level of trust and capability as the Kernel. This
means that platform security capabilities must be set to <codeph>ALL</codeph> in
the LDD and PDD <filepath>.mmp</filepath> files. </p> <codeblock id="GUID-91D17A93-4DFE-58DB-A071-F82399B7D9CE" xml:space="preserve">// LDD: mmp file
...
CAPABILITY     ALL</codeblock> <codeblock id="GUID-68471C34-7E9A-5CE7-BED3-1F3C6AEB08BF" xml:space="preserve">// PDD: mmp file
...
CAPABILITY     ALL</codeblock> <p>The user program must have the necessary
capability set in its <filepath>.mmp</filepath> file to open and access the
driver API. The reference documentation for the API should say what capabilities
are required. Usually, they are the same as the minimum capability that is
required to load the drivers. </p> <codeblock id="GUID-18BF036F-1A2E-59AA-BF8E-05D80B7916B5" xml:space="preserve">// Test application: mmp file
...
CAPABILITY    CommDD ReadDeviceData PowerMgmt</codeblock></section>
<section id="GUID-7177D7FD-088C-432F-BABC-4E5DAA0E07D4"><p><b>User-side verification</b> </p> <p>A
device driver must check the capability of the process that is accessing it.
This is typically done during channel creation and, if required, for specific
requests to the LDD. The Kernel provides the <xref href="GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D.dita#GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D/GUID-E34E27F2-921A-3F78-9DE3-C5B16F37CF8B"><apiname>Kern::CurrentThreadHasCapability()</apiname></xref> API
to check the capability of the calling process. It can check for more than
one capability. </p> <p>The following shows how the example driver checks
during channel creation that the user has the <xref href="GUID-460F2258-02FB-316E-8044-4649E4488486.dita"><apiname>ECapabilityCommD</apiname></xref> capability: </p> <codeblock id="GUID-79B4EB40-14C8-5BDA-9FC9-A82DF87C83A7" xml:space="preserve">TInt DExDriverLogicalChannel::DoCreate(TInt /*aUnit*/, const TDesC8* 
/*anInfo*/, const TVersion&amp; aVer)
    {
    // Capability check - CommDD
    if (!Kern::CurrentThreadHasCapability (ECapabilityCommDD,
    __PLATSEC_DIAGNOSTIC_STRING("Checked by Tutorial Driver")))
        return KErrPermissionDenied;    
    ...
    }</codeblock></section>
<section id="GUID-7B302793-1A00-40D6-8E9A-BA694541D0D4"><p><b>Data caging </b> </p> <p>Symbian
platform security requires that all DLLs and EXEs are placed in the folder <filepath>/sys/bin</filepath>.
Drivers and test application binaries must be placed in the <filepath>/sys/bin</filepath> folder
by their ROM <filepath>.iby</filepath> file. </p> <codeblock id="GUID-42FE3528-37BB-5DD2-B565-4DB527EBC596" xml:space="preserve">// iby file
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_ldd.ldd     \Sys\Bin\exdriver_ldd.ldd
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_pdd.pdd     \Sys\Bin\exdriver_pdd.pdd
file=ABI_DIR\BUILD_DIR\exdriver_test.exe                \Sys\Bin\exdriver_test.exe
</codeblock></section>
</conbody><related-links>
<link href="GUID-EA20E614-C911-4EE9-92B5-C8F9B657D59E.dita"><linktext>Platform
security architecture</linktext></link>
</related-links></concept>