kernel/eka/include/e32capability.h
changeset 0 a41df078684a
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/kernel/eka/include/e32capability.h	Mon Oct 19 15:55:17 2009 +0100
@@ -0,0 +1,305 @@
+// Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
+// All rights reserved.
+// This component and the accompanying materials are made available
+// under the terms of the License "Eclipse Public License v1.0"
+// which accompanies this distribution, and is available
+// at the URL "http://www.eclipse.org/legal/epl-v10.html".
+//
+// Initial Contributors:
+// Nokia Corporation - initial contribution.
+//
+// Contributors:
+//
+// Description:
+// e32\include\e32capability.h
+// Platform security capability definitions
+// Used by both source code and tools
+// This file can be directly included into C++ tools such as ROMBUILD to allow
+// capabilities to be specified by name. To do the same for MAKMAKE (in MMP
+// files) some perl code will be needed to parse this file and extract the
+// capability names and values.
+// 
+//
+
+#ifndef __E32CAPABILITY_H__
+#define __E32CAPABILITY_H__
+
+/**
+An enumeration that defines the set of all supported capabilities.
+
+@publishedAll
+@released
+*/
+enum TCapability
+	{
+	/**
+	Grants write access to executables and shared read-only resources.
+	
+	This is the most critical capability as it grants access to executables and
+	therefore to their capabilities. It also grants write access to
+	the /sys and /resource directories.
+	*/
+	ECapabilityTCB				= 0,
+	
+	
+	/**
+	Grants direct access to all communication device drivers. This includes:
+	the EComm, Ethernet, USB device drivers etc.
+	*/
+	ECapabilityCommDD			= 1,
+	
+	
+	/**
+	Grants the right:
+	
+	- to kill any process in the system
+	- to power off unused peripherals
+	- to switch the machine into standby state
+	- to wake the machine up
+	- to power the machine down completely.
+	
+	Note that this does not control access to anything and everything
+	that might drain battery power.
+	*/
+	ECapabilityPowerMgmt		= 2,
+
+
+    /**
+    Grants direct access to all multimedia device drivers.
+    
+    This includes the sound, camera, video device drivers etc.
+    */
+	ECapabilityMultimediaDD		= 3,
+
+
+    /**
+    Grants read access to network operator, phone manufacturer and device
+    confidential settings or data.
+    
+    For example, the pin lock code, the list of applications that are installed.
+    */
+	ECapabilityReadDeviceData	= 4,
+	
+	
+    /**
+    Grants write access to settings that control the behaviour of the device.
+    
+    For example, device lock settings, system time, time zone, alarms, etc.
+    */	
+	ECapabilityWriteDeviceData	= 5,
+
+
+    /**
+    Grants access to protected content.
+    
+    DRM (Digital Rights Management) agents use this capability to decide whether
+    or not an application should have access to DRM content. 
+    Applications granted DRM are trusted to respect the rights associated
+    with the content.
+    */	
+	ECapabilityDRM				= 6,
+
+
+    /**
+    Grants the right to create a trusted UI session, and therefore to display
+    dialogs in a secure UI environment.
+    
+    Trusted UI dialogs are rare. They must be used only when confidentiality
+    and security are critical; for example, for password dialogs. 
+    
+    Normal access to the user interface and the screen does not require
+    this capability.
+    */	
+	ECapabilityTrustedUI		= 7,
+
+
+    /**
+    Grants the right to a server to register with a protected name.
+    
+    Currently, protected names start with a "!" character. The kernel prevents
+    servers without this capability from using such a name, and therefore
+    prevents protected servers from being impersonated.
+    */	
+	ECapabilityProtServ			= 8,
+
+
+    /**
+    Grants access to disk administration operations that affect more than one
+    file or one directory (or overall filesystem integrity/behaviour, etc).
+    
+    For examples, reformatting a disk partition.
+    */	
+	ECapabilityDiskAdmin		= 9,
+
+
+    /**
+    Grants the right to modify or access network protocol controls.
+    
+    Typically when an action can change the behaviour of all existing and
+    future connections, it should be protected by this capability.
+    
+    For example, forcing all existing connections on a specific protocol
+    to be dropped, or changing the priority of a call.
+    */	
+	ECapabilityNetworkControl	= 10,
+
+
+    /**
+    Grants read access to the entire file system; grants write access to
+    the private directories of other processes.
+    
+    This capability is very strictly controlled and should rarely be granted.
+    */	
+	ECapabilityAllFiles			= 11,
+
+
+    /**
+    Grants the right to generate software key & pen events, and to capture any
+    of them regardless of the status of the application.
+    
+    Note that after obtaining the focus, normal applications do not need this
+    capability to be dispatched key and pen events.
+    */	
+	ECapabilitySwEvent			= 12,
+
+
+    /**
+    A user capability that grants access to remote services without any
+    restriction on its physical location.
+    
+    Typically, such a location is unknown to the phone user, and such services
+    may incur cost for the phone user.
+    
+    Voice calls, SMS, and internet services are good examples of
+    such network services. They are supported by GSM, CDMA and all IP transport
+    protocols including Bluetooth profiles over IP.
+    */	
+	ECapabilityNetworkServices	= 13,
+
+
+    /**
+    A user capability that grants access to remote services in the close
+    vicinity of the phone.
+    
+    The location of the remote service is well-known to the phone user, and in
+    most cases, such services will not incur cost for the phone user.
+    */	
+	ECapabilityLocalServices	= 14,
+
+
+    /**
+    A user capability that grants read access to data that is confidential to
+    the phone user. 
+    
+    This capability supports the management of the user's privacy.
+    
+    Typically, contacts, messages and appointments are always seen user
+    confidential data.
+    */	
+	ECapabilityReadUserData		= 15,
+
+
+    /**
+    A user capability that grants write access to user data. 
+    
+    This capability supports the management of the integrity of user data.
+    
+    Note that this capability is not symmetric with the ECapabilityReadUserData
+    capability. For example, you may want to prevent rogue applications from
+    deleting music tracks but you may not want to restrict read access to them.
+    */	
+    ECapabilityWriteUserData	= 16,
+    
+    
+    /**
+    A user capability that grants access to the location of the device.
+    
+    This capability supports the management of the user's privacy with regard
+    to the phone location.
+    */
+	ECapabilityLocation			= 17,
+
+
+	/**
+	Grants access to logical device drivers that provide input information about
+	the surroundings of the device. 
+
+	Good examples of drivers that require this capability would be GPS and biometrics
+	device drivers. For complex multimedia logical device drivers that provide both
+	input and output functions, such as Sound device driver, the  MultimediaDD
+	capability should be used if it is too difficult to separate the input from the
+	output calls at its API level.
+	*/
+	ECapabilitySurroundingsDD	= 18,
+
+
+	/**
+	Grants access to live confidential information about the user and his/her
+	immediate environment. This capability protect the user's privacy.
+
+	Examples are audio, picture and video recording, biometrics (such as blood
+	pressure) recording.
+
+	Please note that the location of the device is excluded from this capability.
+	The protection of this is achieved by using the dedicated capability Location
+	*/
+	ECapabilityUserEnvironment	= 19,
+
+
+	ECapability_Limit,					/**< @internalTechnology */
+
+	ECapability_HardLimit		= 255,	/**< @internalTechnology */
+
+	ECapability_None			= -1,	/**< Special value used to specify 'do not care' or 'no capability'.*/
+
+	ECapability_Denied			= -2	/**< Special value used to indicate a capability that is never granted. */	
+	};
+
+
+/** Define this macro to reference the names of the capabilities. This is here so
+	that ROMBUILD can accept capability names.
+*/
+#ifdef __REFERENCE_CAPABILITY_NAMES__
+
+extern const char* const CapabilityNames[ECapability_Limit];
+
+#endif	// __REFERENCE_CAPABILITY_NAMES__
+
+/** Define this macro to include the names of the capabilities. This is here so
+	that ROMBUILD can accept capability names.
+*/
+#ifdef __INCLUDE_CAPABILITY_NAMES__
+
+/** List of names of all supported capabilities
+	Must be in the same order as the enumerators in TCapability
+
+@publishedAll
+@released
+*/
+extern const char* const CapabilityNames[ECapability_Limit] =
+	{
+	"TCB",
+	"CommDD",
+	"PowerMgmt",
+	"MultimediaDD",
+	"ReadDeviceData",
+	"WriteDeviceData",
+	"DRM",
+	"TrustedUI",
+	"ProtServ",
+	"DiskAdmin",
+	"NetworkControl",
+	"AllFiles",
+	"SwEvent",
+	"NetworkServices",
+	"LocalServices",
+	"ReadUserData",
+	"WriteUserData",
+	"Location",
+	"SurroundingsDD",
+	"UserEnvironment"
+	};
+
+#endif	// __INCLUDE_CAPABILITY_NAMES__
+
+#endif	// __E32CAPABILITY_H__