Mercurial Mercurial > oss > FCL > sftools > depl > docscontent / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Symbian3/PDK/Source/GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3.dita
author Dominic Pinkman <Dominic.Pinkman@Nokia.com>
Tue, 30 Mar 2010 11:56:28 +0100
changeset 5 f345bda72bc4
parent 3 46218c8b8afa
child 14 578be2adaf3e
permissions -rw-r--r--
Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"

<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License 
"Eclipse Public License v1.0" which accompanies this distribution, 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
    Nokia Corporation - initial contribution.
Contributors: 
-->
<!DOCTYPE concept
  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-A4179FF3-4541-44B8-A8F3-52C1318159B3" xml:lang="en"><title>Platform
Security</title><shortdesc>This document discusses how device drivers should implement platform
security.</shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>Device drivers must follow the Symbian platform security guidelines. As
a part of platform security, drivers must be given the necessary platform
security capabilities. A driver can also check the capabilities of a process
opening a channel on the device, in order to restrict access to the device. </p>
<section id="GUID-74BFFE9A-2904-4EFC-952A-581844A9095B"><p><b>Driver-side
definition</b> </p> <p>Because drivers are loaded by the Kernel, both LDDs
and PDDs must have the same level of trust and capability as the Kernel. This
means that platform security capabilities must be set to <codeph>ALL</codeph> in
the LDD and PDD <filepath>.mmp</filepath> files. </p> <codeblock id="GUID-91D17A93-4DFE-58DB-A071-F82399B7D9CE" xml:space="preserve">// LDD: mmp file
...
CAPABILITY     ALL</codeblock> <codeblock id="GUID-68471C34-7E9A-5CE7-BED3-1F3C6AEB08BF" xml:space="preserve">// PDD: mmp file
...
CAPABILITY     ALL</codeblock> <p>The user program must have the necessary
capability set in its <filepath>.mmp</filepath> file to open and access the
driver API. The reference documentation for the API should say what capabilities
are required. Usually, they are the same as the minimum capability that is
required to load the drivers. </p> <codeblock id="GUID-18BF036F-1A2E-59AA-BF8E-05D80B7916B5" xml:space="preserve">// Test application: mmp file
...
CAPABILITY    CommDD ReadDeviceData PowerMgmt</codeblock></section>
<section id="GUID-7177D7FD-088C-432F-BABC-4E5DAA0E07D4"><p><b>User-side verification</b> </p> <p>A
device driver must check the capability of the process that is accessing it.
This is typically done during channel creation and, if required, for specific
requests to the LDD. The Kernel provides the <xref href="GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D.dita#GUID-C6946ECB-775F-3EC2-A56F-78F25B9FBE3D/GUID-E34E27F2-921A-3F78-9DE3-C5B16F37CF8B"><apiname>Kern::CurrentThreadHasCapability()</apiname></xref> API
to check the capability of the calling process. It can check for more than
one capability. </p> <p>The following shows how the example driver checks
during channel creation that the user has the <xref href="GUID-460F2258-02FB-316E-8044-4649E4488486.dita"><apiname>ECapabilityCommD</apiname></xref> capability: </p> <codeblock id="GUID-79B4EB40-14C8-5BDA-9FC9-A82DF87C83A7" xml:space="preserve">TInt DExDriverLogicalChannel::DoCreate(TInt /*aUnit*/, const TDesC8* 
/*anInfo*/, const TVersion&amp; aVer)
    {
    // Capability check - CommDD
    if (!Kern::CurrentThreadHasCapability (ECapabilityCommDD,
    __PLATSEC_DIAGNOSTIC_STRING("Checked by Tutorial Driver")))
        return KErrPermissionDenied;    
    ...
    }</codeblock></section>
<section id="GUID-7B302793-1A00-40D6-8E9A-BA694541D0D4"><p><b>Data caging </b> </p> <p>Symbian
platform security requires that all DLLs and EXEs are placed in the folder <filepath>/sys/bin</filepath>.
Drivers and test application binaries must be placed in the <filepath>/sys/bin</filepath> folder
by their ROM <filepath>.iby</filepath> file. </p> <codeblock id="GUID-42FE3528-37BB-5DD2-B565-4DB527EBC596" xml:space="preserve">// iby file
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_ldd.ldd     \Sys\Bin\exdriver_ldd.ldd
device[VARID]=KERNEL_DIR\DEBUG_DIR\exdriver_pdd.pdd     \Sys\Bin\exdriver_pdd.pdd
file=ABI_DIR\BUILD_DIR\exdriver_test.exe                \Sys\Bin\exdriver_test.exe
</codeblock></section>
</conbody><related-links>
<link href="GUID-EA20E614-C911-4EE9-92B5-C8F9B657D59E.dita"><linktext>Platform
security architecture</linktext></link>
</related-links></concept>
FCL/sftools/depl/docscontent