rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrclientapi.cpp
changeset 0 99ef825efeca
child 10 a7062f7f0b79
equal deleted inserted replaced
-1:000000000000 0:99ef825efeca
       
     1 /*
       
     2 * Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies).
       
     3 * All rights reserved.
       
     4 * This component and the accompanying materials are made available
       
     5 * under the terms of the License "Eclipse Public License v1.0"
       
     6 * which accompanies this distribution, and is available
       
     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
       
     8 *
       
     9 * Initial Contributors:
       
    10 * Nokia Corporation - initial contribution.
       
    11 *
       
    12 * Contributors:
       
    13 *
       
    14 * Description:       Implementation file for security manager server, session and 
       
    15  * 				  sub-session classes 
       
    16  *
       
    17 */
       
    18 
       
    19 
       
    20 
       
    21 
       
    22 
       
    23 
       
    24 #include <f32file.h>
       
    25 #include <e32debug.h>
       
    26 #include <rtsecmgrcommondef.h>
       
    27 #include "rtsecmgrserver.h"
       
    28 #include "rtsecmgrsession.h"
       
    29 #include "rtsecmgrsubsession.h"
       
    30 #include "rtsecmgrpolicyparser.h"
       
    31 #include "rtsecmgrstore.h"
       
    32 #include "rtsecmgrprotectiondomain.h"
       
    33 #include "rtsecmgrpolicymanager.h"
       
    34 #include "rtsecmgrscriptmanager.h"
       
    35 #include "rtsecmgrmsg.h"
       
    36 
       
    37 _LIT(KUntrusted, "UnTrusted");
       
    38 
       
    39 TInt CRTSecMgrServer::GetCapabilityInfo(TPolicyID aPolicyID,
       
    40 		TExecutableID aExecID, CScript& aScript)
       
    41 	{
       
    42 	if ( KAnonymousScript==aExecID)
       
    43 		{
       
    44 		CPolicy* policy = iPolicyMgr->Policy (aPolicyID);
       
    45 		if ( policy)
       
    46 			{
       
    47 			CProtectionDomain* domain = policy->ProtectionDomain (KUntrusted);
       
    48 
       
    49 			if ( domain)
       
    50 				{
       
    51 				const CPermissionSet& permissionSet = domain->PermSet ();
       
    52 				aScript.SetPermissionSet (permissionSet);
       
    53 				return KErrNone;
       
    54 				}
       
    55 			}
       
    56 		}
       
    57 
       
    58 	return KErrNotFound;
       
    59 	}
       
    60 
       
    61 void CRTSecMgrSession::SetPolicy(const RMessage2& aMessage, TBool aIsUpdate)
       
    62 	{
       
    63 	if(!aMessage.HasCapability(ECapabilityWriteDeviceData , ""))
       
    64 	    {
       
    65 	    TPckgBuf<TInt> pkg(ErrAccessDenied);
       
    66 	    aMessage.Write(EMsgArgZero , pkg);
       
    67 	    return;
       
    68 	    }
       
    69 	RFile secPolicyFile;
       
    70 	TPolicyID pID(ErrInvalidPolicyID);
       
    71 
       
    72 	if ( KErrNone==secPolicyFile.AdoptFromClient (aMessage, EMsgArgOne,
       
    73 			EMsgArgTwo))
       
    74 		{
       
    75 		CPolicyParser* policyParser = CPolicyParser::NewLC ();
       
    76 		TInt ret(KErrNone);
       
    77 
       
    78 		RProtectionDomains policyInfo;
       
    79 		RAliasGroup aliasInfo;
       
    80 		ret=policyParser->GetPolicyInfo (secPolicyFile, policyInfo, aliasInfo);
       
    81 
       
    82 		if (KErrNone==ret)
       
    83 			{
       
    84 			if(aIsUpdate)
       
    85 				{
       
    86 				TPckgBuf<TInt> pIDPckg;
       
    87 				aMessage.Read(0, pIDPckg);
       
    88 				pID = pIDPckg();
       
    89 				}
       
    90 			else
       
    91 				{
       
    92 				if ( KErrNone==iSecMgrServer->ReadCounter (pID))
       
    93 					{
       
    94 					while (iSecMgrServer->IsValidPolicy(pID))
       
    95 						{
       
    96 						--pID ;
       
    97 						}
       
    98 					}
       
    99 				else
       
   100 					{
       
   101 					pID = ErrServerReadConfig;
       
   102 					}
       
   103 				}
       
   104 			TRAPD (err, iSecMgrServer->AddPolicyL (pID, policyInfo, aliasInfo));
       
   105 			
       
   106 			if ( KErrNone!=err)
       
   107 				{
       
   108 				pID = ErrSetPolicyFailed;
       
   109 				}						
       
   110 				
       
   111 			}
       
   112 		else
       
   113 			{
       
   114 			pID = ErrInvalidPolicyFormat;
       
   115 			policyInfo.ResetAndDestroy ();
       
   116 			}
       
   117 		CleanupStack::PopAndDestroy (policyParser);
       
   118 		}
       
   119 	else
       
   120 		{
       
   121 		pID = ErrFileSessionNotShared;
       
   122 		}
       
   123 
       
   124 	secPolicyFile.Close();
       
   125 	
       
   126 	TPckgBuf<TInt> pkg(pID);
       
   127 	aMessage.Write (EMsgArgZero, pkg);
       
   128 	}
       
   129 
       
   130 void CRTSecMgrSession::UpdatePolicy(const RMessage2& aMessage)
       
   131 	{
       
   132 	if(!aMessage.HasCapability(ECapabilityWriteDeviceData , ""))
       
   133         {
       
   134         TPckgBuf<TInt> pkg(ErrAccessDenied);
       
   135         aMessage.Write(EMsgArgZero , pkg);
       
   136         return;
       
   137         }
       
   138 	TPckgBuf<TInt> pIDPckg;
       
   139 	aMessage.Read (0, pIDPckg);
       
   140 
       
   141 	TPolicyID pID(pIDPckg ());
       
   142 
       
   143 		//Check if this ID already exists
       
   144 	if ( !iSecMgrServer->IsValidPolicy(pID))
       
   145 		{
       
   146 		TPckgBuf<TInt> pkg(ErrUpdatePolicyFailed);
       
   147 		aMessage.Write (EMsgArgZero, pkg);
       
   148 		RFile secPolicyFile;
       
   149 		//just to close the secPolicyFile. Else the temmporary file cannot be deleted
       
   150 		secPolicyFile.AdoptFromClient (aMessage, EMsgArgOne,EMsgArgTwo);
       
   151 		secPolicyFile.Close();
       
   152 		return;
       
   153 		}
       
   154 	else
       
   155 		{
       
   156 		if ( IsScriptOpenWithPolicy (pID))
       
   157 			{
       
   158 			TPckgBuf<TInt> pkg(ErrUpdatePolicyFailed);
       
   159 			aMessage.Write (EMsgArgZero, pkg);
       
   160 			return;
       
   161 			}
       
   162 		}
       
   163 
       
   164 	//back up the file before update (file with this policy Id)
       
   165 	TInt backupResult = iSecMgrServer->BackupFile(pID);
       
   166 	
       
   167 	if(KErrNone == backupResult)
       
   168 		{
       
   169 			SetPolicy (aMessage, ETrue);
       
   170 			
       
   171 			aMessage.Read(0, pIDPckg);
       
   172 			TInt resultSetPolicy = pIDPckg();		
       
   173 			
       
   174 			if(resultSetPolicy < KErrNone)
       
   175 				{
       
   176 					//means that the policy updation is NOT successful due to invalid policy file
       
   177 					//Hence retain the previous file by restoring the temp file
       
   178 					TInt restoreResult = iSecMgrServer->RestoreTempPolicy(pID);
       
   179 					
       
   180 					if(KErrNone != restoreResult)
       
   181 					{
       
   182 						// file backup not created due to errors
       
   183 						TPckgBuf<TInt> pkg(ErrRestoreTempFailed);
       
   184 						aMessage.Write (EMsgArgZero, pkg);
       
   185 						return;
       
   186 					}
       
   187 				}
       
   188 
       
   189 			//Backup file is no longer useful. 
       
   190 			//Hence removing this temporary file using the method below
       
   191 			TInt rmTempResult = iSecMgrServer->RemoveTempPolicy(pID);	
       
   192 			if(KErrNone != rmTempResult)
       
   193 			{
       
   194 				//temporary file not removed
       
   195 				
       
   196 			}	
       
   197 	}
       
   198 	else
       
   199 	{
       
   200 		// file backup not created due to errors
       
   201 		TPckgBuf<TInt> pkg(ErrBackupNotCreated);
       
   202 		aMessage.Write (EMsgArgZero, pkg);
       
   203 		return;
       
   204 		
       
   205 	}	
       
   206 	
       
   207 	}
       
   208 
       
   209 void CRTSecMgrSession::UnsetPolicy(const RMessage2& aMessage)
       
   210 	{
       
   211 	if(!aMessage.HasCapability(ECapabilityWriteDeviceData , ""))
       
   212         {
       
   213         TPckgBuf<TInt> pkg(ErrAccessDenied);
       
   214         aMessage.Write(EMsgArgZero , pkg);
       
   215         return;
       
   216         }
       
   217 	TPolicyID pID = aMessage.Int0 ();
       
   218 
       
   219 	TInt result = ErrUnSetPolicyFailed;
       
   220 
       
   221 	if ( !IsScriptOpenWithPolicy(pID))
       
   222 		{
       
   223 		result = iSecMgrServer->RemovePolicy (pID);
       
   224 		}
       
   225 	if( KErrNone>result )
       
   226 		result = ErrUnSetPolicyFailed;
       
   227 	
       
   228 	TPckgBuf<TInt> retVal(result);
       
   229 	aMessage.Write (EMsgArgOne, retVal);
       
   230 	}
       
   231 
       
   232 void CRTSecMgrSession::RegisterScript(const RMessage2& aMessage, TBool aIsHashed)
       
   233 	{
       
   234 	if( !aMessage.HasCapability(ECapabilityWriteDeviceData , ""))
       
   235         {
       
   236         TPckgBuf<TInt> pkg(ErrAccessDenied);
       
   237         aMessage.Write(EMsgArgZero , pkg);
       
   238         return;
       
   239         }
       
   240 	if ( aIsHashed)
       
   241 		{
       
   242 		HBufC8* desData = HBufC8::NewLC (KMaxMsgLength);
       
   243 		TPtr8 readPtr(desData->Des ());
       
   244 		aMessage.ReadL (0, readPtr);
       
   245 		CRTSecMgrRegisterScriptMsg
       
   246 				* scriptMsg = CRTSecMgrRegisterScriptMsg::NewLC (*desData);
       
   247 
       
   248 		TExecutableID scriptID = iSecMgrServer->RegisterScript (scriptMsg->PolicyID(),scriptMsg->HashValue());
       
   249 		
       
   250 		TPckgBuf<TInt> exeIDPkg(scriptID);
       
   251 		aMessage.Write (EMsgArgOne, exeIDPkg);
       
   252 
       
   253 		CleanupStack::PopAndDestroy (scriptMsg);
       
   254 		CleanupStack::PopAndDestroy (desData);		
       
   255 		}
       
   256 	else
       
   257 		{
       
   258 		TPolicyID policyID = aMessage.Int0 ();
       
   259 
       
   260 		TExecutableID scriptID = iSecMgrServer->RegisterScript (policyID);
       
   261 
       
   262 		if ( KErrNone>scriptID)
       
   263 			scriptID = ErrRegisterScriptFailed;
       
   264 
       
   265 		TPckgBuf<TInt> exeIDPkg(scriptID);
       
   266 		aMessage.Write (EMsgArgOne, exeIDPkg);
       
   267 		}
       
   268 
       
   269 	}
       
   270 
       
   271 void CRTSecMgrSession::UnregisterScript(const RMessage2& aMessage)
       
   272 	{
       
   273 	if(!aMessage.HasCapability(ECapabilityWriteDeviceData , ""))
       
   274         {
       
   275         TPckgBuf<TInt> pkg(ErrAccessDenied);
       
   276         aMessage.Write(EMsgArgZero , pkg);
       
   277         return;
       
   278         }
       
   279 	TExecutableID scriptID(aMessage.Int0 ());
       
   280 	TPolicyID policyID(aMessage.Int1 ());
       
   281 
       
   282 	TInt result = KErrNone;
       
   283 
       
   284 	if ( !IsScriptSessionOpen(scriptID))
       
   285 		{
       
   286 		TRAP (result, iSecMgrServer->UnRegisterScriptL (scriptID, policyID));
       
   287 		if(KErrNone>result)
       
   288 				result = ErrUnRegisterScriptFailed;	
       
   289 		}
       
   290 	else
       
   291 		{
       
   292 		result = ErrUnRegisterScriptFailed;
       
   293 		}
       
   294 
       
   295 	TPckgBuf<TInt> errCode(result);
       
   296 	aMessage.Write (EMsgArgTwo, errCode);
       
   297 	}
       
   298 
       
   299 void CRTSecMgrSession::GetScriptSessionL(const RMessage2& aMessage)
       
   300 	{
       
   301 	if(!aMessage.HasCapability(ECapabilityWriteDeviceData , ""))
       
   302         {
       
   303         User::Leave(ErrAccessDenied);
       
   304         }
       
   305 	TExecutableID scriptID = (TExecutableID)aMessage.Int0();
       
   306 	TPolicyID policyID = (TPolicyID)aMessage.Int1();
       
   307 
       
   308 	CScript* script = CScript::NewLC (policyID, scriptID);
       
   309 
       
   310 	User::LeaveIfError (iSecMgrServer->GetCapabilityInfo (*script));
       
   311 
       
   312 	if(script->PolicyID() != policyID || !iSecMgrServer->IsValidPolicy(policyID))
       
   313 	{
       
   314 		User::Leave(ErrInvalidPolicyID);
       
   315 	}
       
   316 	
       
   317 	CleanupStack::Pop (script);
       
   318 
       
   319 	CRTSecMgrSubSession* counter = CRTSecMgrSubSession::NewL (this, script, iSecMgrServer);
       
   320 	CleanupStack::PushL (counter);
       
   321 
       
   322 	// add the CCountSubSession object to 
       
   323 	// this subsession's object container
       
   324 	// to gererate a unique id
       
   325 	iContainer->AddL (counter);
       
   326 
       
   327 	// Add the object to object index; this returns
       
   328 	// a unique handle so that we can find the object
       
   329 	// again laterit later.
       
   330 	TInt handle=iSubSessionObjectIndex->AddL (counter);
       
   331 
       
   332 	// Write the handle value back to the client.
       
   333 	// NB It's not obvious but the handle value must be passed
       
   334 	// back as the 4th parameter (i.e. parameter number 3 on
       
   335 	// a scale of 0 to 3). 
       
   336 	// The arguments that are passed across are actually
       
   337 	// set up by RSubSessionBase::DoCreateSubSession().
       
   338 	// If you pass your own arguments into a call
       
   339 	// to RSubSessionBase::CreateSubSession(), which calls DoCreateSubSession, 
       
   340 	// then only the first three are picked up - the 4th is reserved for the
       
   341 	// the subsession handle.
       
   342 	TPckgBuf<TInt> handlePckg(handle);
       
   343 	aMessage.Write (EMsgArgThree, handlePckg);
       
   344 
       
   345 	CleanupStack::Pop (counter);
       
   346 	}
       
   347 
       
   348 void CRTSecMgrSession::GetTrustedUnRegScriptSessionL(const RMessage2& aMessage)
       
   349 	{
       
   350 	if(!aMessage.HasCapability(ECapabilityWriteDeviceData , ""))
       
   351         {
       
   352         User::Leave(ErrAccessDenied);
       
   353         }
       
   354 	//0th parameter - ScriptID
       
   355 	//1st parameter - PolicyID	
       
   356 	TExecutableID scriptID = (TExecutableID)aMessage.Int0(); //typically this is KAnonymousScript
       
   357 	TPolicyID policyID = (TExecutableID)aMessage.Int1();
       
   358 
       
   359 	CScript* script = CScript::NewLC (policyID, scriptID);
       
   360 
       
   361 	User::LeaveIfError (iSecMgrServer->GetCapabilityInfo(policyID, scriptID, *script));
       
   362 
       
   363 	CleanupStack::Pop (script);
       
   364 
       
   365 	CRTSecMgrSubSession* counter = CRTSecMgrSubSession::NewL (this, script, iSecMgrServer);
       
   366 	CleanupStack::PushL (counter);
       
   367 
       
   368 	iContainer->AddL (counter);
       
   369 	TInt handle=iSubSessionObjectIndex->AddL (counter);
       
   370 	TPckgBuf<TInt> handlePckg(handle);
       
   371 	aMessage.Write (EMsgArgThree, handlePckg);
       
   372 
       
   373 	CleanupStack::Pop (counter);
       
   374 	}
       
   375 
       
   376 void CRTSecMgrSubSession::GetScriptFile(const RMessage2& aMessage)
       
   377 	{
       
   378 	RFile scriptFile;
       
   379 
       
   380 	if ( KErrNone==scriptFile.AdoptFromClient (aMessage, EMsgArgOne,
       
   381 			EMsgArgTwo))
       
   382 		{
       
   383 		RFileWriteStream rfws(scriptFile);
       
   384 		iScript->ExternalizeL (rfws);
       
   385 		rfws.Close ();
       
   386 		scriptFile.Close ();
       
   387 		}
       
   388 	}
       
   389 
       
   390 void CRTSecMgrSubSession::UpdatePermGrantL(const RMessage2& aMessage)
       
   391 	{
       
   392 	if ( !iSession->IsScriptSessionOpen(aMessage.Int0(),this))
       
   393 		{
       
   394 		iSecMgrServer->UpdatePermGrantL (aMessage.Int0 (), aMessage.Int1 (),
       
   395 				aMessage.Int2 ());
       
   396 		}
       
   397 	else
       
   398 		{
       
   399 		TPckgBuf<TInt> pkg((TInt)ErrUpdatePermGrantFailed);
       
   400 		aMessage.Write (EMsgArgZero, pkg);
       
   401 		}
       
   402 	}