author | Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> |
Mon, 15 Mar 2010 12:45:50 +0200 | |
branch | RCL_3 |
changeset 21 | e7d2d738d3c2 |
parent 6 | 0173bcd7697c |
permissions | -rw-r--r-- |
21
e7d2d738d3c2
Revision: 201010
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
6
diff
changeset
|
1 |
// Copyright (c) 2006-2010 Nokia Corporation and/or its subsidiary(-ies). |
0 | 2 |
// All rights reserved. |
3 |
// This component and the accompanying materials are made available |
|
4 |
// under the terms of the License "Eclipse Public License v1.0" |
|
5 |
// which accompanies this distribution, and is available |
|
6 |
// at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 |
// |
|
8 |
// Initial Contributors: |
|
9 |
// Nokia Corporation - initial contribution. |
|
10 |
// |
|
11 |
// Contributors: |
|
12 |
// |
|
13 |
// Description: |
|
14 |
// Definitions for the security server server side session. |
|
15 |
// |
|
16 |
// |
|
17 |
||
18 |
#ifndef C_SECURITY_SVR_SESSION_H |
|
19 |
#define C_SECURITY_SVR_SESSION_H |
|
20 |
||
21 |
/** |
|
22 |
@file |
|
23 |
@internalTechnology |
|
24 |
@released |
|
25 |
*/ |
|
26 |
||
27 |
// forward declaration |
|
28 |
class CSecuritySvrAsync; |
|
29 |
||
30 |
#include "c_security_svr_async.h" |
|
31 |
#include <f32file.h> |
|
6
0173bcd7697c
Revision: 201001
Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
parents:
0
diff
changeset
|
32 |
#include <d32locd.h> |
0 | 33 |
|
34 |
#include <rm_debug_api.h> |
|
35 |
||
36 |
#include "rm_debug_kerneldriver.h" |
|
37 |
||
38 |
// Server name |
|
39 |
_LIT(KDebugDriverName,"RunMode Debug Driver"); |
|
40 |
||
41 |
class CSecuritySvrServer; |
|
42 |
||
43 |
/** |
|
44 |
Debug Security Server session. Manages the session with one debug agent and |
|
45 |
as many target executables as it has attached to. |
|
46 |
*/ |
|
47 |
class CSecuritySvrSession : public CSession2 |
|
48 |
{ |
|
49 |
public: |
|
50 |
CSecuritySvrSession(); |
|
51 |
~CSecuritySvrSession(); |
|
52 |
void ConstructL (); |
|
53 |
void CreateL(); |
|
54 |
||
55 |
TInt OpenHandle(const TRM_DebugDriverInfo& aDriverInfo); |
|
56 |
void ServiceL(const RMessage2& aMessage); |
|
57 |
void ServiceError(const RMessage2 &aMessage, TInt aError); |
|
58 |
||
59 |
void ResumeThreadL(const RMessage2& aMessage); |
|
60 |
void SuspendThreadL(const RMessage2& aMessage); |
|
61 |
//break |
|
62 |
void SetBreakL(const RMessage2& aMessage); |
|
63 |
void ClearBreakL(const RMessage2& aMessage); |
|
64 |
void ModifyBreakL(const RMessage2& aMessage); |
|
65 |
void BreakInfoL(const RMessage2& aMessage); |
|
66 |
||
67 |
void StepRangeL(const RMessage2& aMessage); |
|
68 |
||
69 |
void GetEventL(const RMessage2& aMessage); |
|
70 |
void CancelGetEventL(const RMessage2& aMessage); |
|
71 |
||
72 |
void AttachProcessL(const RMessage2& aMessage); |
|
73 |
void DetachProcessL(const RMessage2& aMessage); |
|
74 |
//debug functionality |
|
75 |
void GetDebugFunctionalityBufSizeL(const RMessage2& aMessage); |
|
76 |
void GetDebugFunctionalityL(const RMessage2& aMessage); |
|
77 |
//memory |
|
78 |
void ReadMemoryL(const RMessage2& aMessage); |
|
79 |
void WriteMemoryL(const RMessage2& aMessage); |
|
80 |
//registers |
|
81 |
void ReadRegistersL(const RMessage2& aMessage); |
|
82 |
void WriteRegistersL(const RMessage2& aMessage); |
|
83 |
//event |
|
84 |
void SetEventActionL(const RMessage2& aMessage); |
|
85 |
||
86 |
void GetListL(const RMessage2& aMessage); |
|
87 |
void StepL(const RMessage2& aMessage); |
|
88 |
void TraceExecutableL(const RMessage2& aMessage); |
|
89 |
||
90 |
//crash log |
|
91 |
void ReadCrashLogL(const RMessage2& aMessage); |
|
92 |
void WriteCrashConfigL(const RMessage2& aMessage); |
|
93 |
void EraseCrashLogL(const RMessage2& aMessage); |
|
94 |
void EraseEntireCrashLogL(const RMessage2& aMessage); |
|
95 |
||
96 |
void SetProcessBreakL(const RMessage2& aMessage); |
|
97 |
void ModifyProcessBreakL(const RMessage2& aMessage); |
|
98 |
void ProcessBreakInfoL(const RMessage2& aMessage); |
|
99 |
||
100 |
void KillProcessL(const RMessage2& aMessage); |
|
101 |
||
102 |
TCapabilitySet GetOEMDebugCapabilities(void) const { return iOEMDebugCapabilities; }; |
|
103 |
||
104 |
#ifdef _DEBUG |
|
105 |
void DoFailAlloc(const RMessage2& aMessage); |
|
106 |
#endif |
|
107 |
||
108 |
private: |
|
109 |
CSecuritySvrServer& Server() const; |
|
110 |
void HeapWatcher(const TUint32 aFunction, const TBool aEntry) const; |
|
111 |
void WriteDataL(const RMessage2& aMessage, const TInt aIndex, const TAny* aPtr, const TUint32 aPtrSize) const; |
|
112 |
void StoreDebugAgentId(const TProcessId aDebugAgentProcessId); |
|
113 |
void CheckAttachedL(const TThreadId aThreadId, const RMessage2& aMessage, const TBool aPassive) const; |
|
114 |
void CheckAttachedL(const TProcessId aProcessId, const RMessage2& aMessage, const TBool aPassive) const; |
|
115 |
TBool PermitDebugL(const TProcessId aDebugAgentProcessId, const TDesC& aTargetProcessName) const; |
|
116 |
TBool IsDebugged(const TDesC& aFileName, const TBool aPassive) const; |
|
117 |
void OpenFileHandleL(const TDesC& aFileName, RFs& aFs, RFile& aFileHandle); |
|
118 |
TBool IsTraceBitSet(const TDesC8& aHeaderData, const TBool aXip); |
|
119 |
TBool IsDebugBitSet(const TDesC8& aHeaderData, const TBool aXip); |
|
120 |
TBool CheckSufficientData(const TDesC8& aHeaderData, const TBool aXip) const; |
|
121 |
||
122 |
void ValidateMemoryInfoL(const TThreadId aThreadId, const Debug::TMemoryInfo &aMemoryInfo, const TBool aReadOperation); |
|
123 |
void ValidateRegisterBuffersL(const RMessage2& aMessage, TUint32& aNumberOfRegisters); |
|
124 |
||
125 |
TInt GetExecutablesListL(TDes8& aBuffer, TUint32& aSize) const; |
|
126 |
void AppendExecutableData(TDes8& aBuffer, TUint32& aSize, const TDesC& aEntryName) const; |
|
127 |
void GetSecureIdL(const TDesC& aFileName, TUid& aSecureId); |
|
128 |
TUid GetSecureIdL(const TDesC8& aHeaderData, TBool aXip); |
|
129 |
||
130 |
void IsDebuggableL(const TDesC& aFileName); |
|
131 |
TThreadId ReadTThreadIdL(const RMessagePtr2& aMessage, const TInt aIndex) const; |
|
132 |
TProcessId ReadTProcessIdL(const RMessagePtr2& aMessage, const TInt aIndex) const; |
|
133 |
TBool IsExecutableXipL(RFile& aExecutable); |
|
134 |
||
135 |
void ConnectCrashPartitionL(void); |
|
136 |
||
137 |
void GetDebugAgentOEMTokenCapsL(); |
|
138 |
TInt CheckFlashAccessPermissionL(const RThread aClientThread); |
|
139 |
||
140 |
// Declare the CSecuritySvrAsync as a friend so it can use the iKernelDriver too |
|
141 |
friend class CSecuritySvrAsync; |
|
142 |
||
143 |
private: |
|
144 |
/** |
|
145 |
Flag to indicate whether we have stored the TProcessId associated with the Debug Agent. |
|
146 |
*/ |
|
147 |
TBool iDebugAgentProcessIdStored; |
|
148 |
||
149 |
/** |
|
150 |
The TProcessId of the Debug Agent associated with this session. A convenience to |
|
151 |
save looking it up repeatedly. |
|
152 |
*/ |
|
153 |
TProcessId iDebugAgentProcessId; |
|
154 |
/** |
|
155 |
Need an array of async completion objects, one for each target executable. |
|
156 |
*/ |
|
157 |
RPointerArray<CSecuritySvrAsync> iAsyncHandlers; |
|
158 |
||
159 |
/** |
|
160 |
Used to track whether the Debug Agent has been notified when closing the session. |
|
161 |
*/ |
|
162 |
TBool iServerNotified; |
|
163 |
||
164 |
/** |
|
165 |
OEM Debug token support. This is only used when the Debug Agent has OEM debug |
|
166 |
authority provided by a specific authorisation token file. This token confers |
|
167 |
the ability to debug certain executables which have not been built as 'Debuggable'. |
|
168 |
||
169 |
The OEM Debug token executable must be marked with 'AllFiles', as this is analogous |
|
170 |
to looking 'inside' executables - with AllFiles, it could read all the data out of an |
|
171 |
executable in \sys\bin\. In addition, since debug control of an executable implies the |
|
172 |
ability to execute arbitrary code within the target process space, this would imply that |
|
173 |
a Debug Agent could use any PlatSec capability which that target process possessed. |
|
174 |
||
175 |
Therefore, we require that the OEM Debug Token must also be marked with a superset of |
|
176 |
the PlatSec capabilities of the executable which is to be debugged. This means the |
|
177 |
Debug Agent is not granted more access/PlatSec capabilities than its authorisation |
|
178 |
token allows, and cannot exploit a target executable to leverage greater access than |
|
179 |
should be permitted. |
|
180 |
||
181 |
iTargetCapabilities tracks which PlatSec capabilities the target executables may |
|
182 |
possess and still be debugged by this debug agent. The capabilities are NOT those |
|
183 |
of the debug agent process, they are the capabilites indicated in the OEM Debug Token |
|
184 |
which describe the capabilities the debug agent is authorised to debug. E.g. a Debug |
|
185 |
Agent might use CommsDD, but wish to debug a DRM capable executable. In that case, the |
|
186 |
Debug Agent exe must be signed with CommsDD, but the OEM Debug Token need only possess |
|
187 |
DRM and AllFiles (permission to look inside another executable). |
|
188 |
*/ |
|
189 |
TCapabilitySet iOEMDebugCapabilities; |
|
190 |
||
191 |
//RLocalDrive to access the crash Flash |
|
192 |
RLocalDrive iLocalDrive; |
|
193 |
||
194 |
//For NOR flash |
|
195 |
TLocalDriveCapsV2 iCaps; |
|
196 |
||
197 |
/** |
|
198 |
* If true means the local drive connected to the crash partition else connect |
|
199 |
* when access required to crash flash partition for read operation |
|
200 |
*/ |
|
201 |
TBool iCrashConnected; |
|
202 |
}; |
|
203 |
||
204 |
||
205 |
#endif // C_SECURITY_SVR_SESSION_H |
|
206 |