kernel/eka/include/e32capability.h
author John Imhofe
Mon, 19 Oct 2009 15:55:17 +0100
changeset 0 a41df078684a
permissions -rw-r--r--
Convert Kernelhwsrv package from SFL to EPL kernel\eka\compsupp is subject to the ARM EABI LICENSE userlibandfileserver\fatfilenameconversionplugins\unicodeTables is subject to the Unicode license kernel\eka\kernel\zlib is subject to the zlib license

// Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
// All rights reserved.
// This component and the accompanying materials are made available
// under the terms of the License "Eclipse Public License v1.0"
// which accompanies this distribution, and is available
// at the URL "http://www.eclipse.org/legal/epl-v10.html".
//
// Initial Contributors:
// Nokia Corporation - initial contribution.
//
// Contributors:
//
// Description:
// e32\include\e32capability.h
// Platform security capability definitions
// Used by both source code and tools
// This file can be directly included into C++ tools such as ROMBUILD to allow
// capabilities to be specified by name. To do the same for MAKMAKE (in MMP
// files) some perl code will be needed to parse this file and extract the
// capability names and values.
// 
//

#ifndef __E32CAPABILITY_H__
#define __E32CAPABILITY_H__

/**
An enumeration that defines the set of all supported capabilities.

@publishedAll
@released
*/
enum TCapability
	{
	/**
	Grants write access to executables and shared read-only resources.
	
	This is the most critical capability as it grants access to executables and
	therefore to their capabilities. It also grants write access to
	the /sys and /resource directories.
	*/
	ECapabilityTCB				= 0,
	
	
	/**
	Grants direct access to all communication device drivers. This includes:
	the EComm, Ethernet, USB device drivers etc.
	*/
	ECapabilityCommDD			= 1,
	
	
	/**
	Grants the right:
	
	- to kill any process in the system
	- to power off unused peripherals
	- to switch the machine into standby state
	- to wake the machine up
	- to power the machine down completely.
	
	Note that this does not control access to anything and everything
	that might drain battery power.
	*/
	ECapabilityPowerMgmt		= 2,


    /**
    Grants direct access to all multimedia device drivers.
    
    This includes the sound, camera, video device drivers etc.
    */
	ECapabilityMultimediaDD		= 3,


    /**
    Grants read access to network operator, phone manufacturer and device
    confidential settings or data.
    
    For example, the pin lock code, the list of applications that are installed.
    */
	ECapabilityReadDeviceData	= 4,
	
	
    /**
    Grants write access to settings that control the behaviour of the device.
    
    For example, device lock settings, system time, time zone, alarms, etc.
    */	
	ECapabilityWriteDeviceData	= 5,


    /**
    Grants access to protected content.
    
    DRM (Digital Rights Management) agents use this capability to decide whether
    or not an application should have access to DRM content. 
    Applications granted DRM are trusted to respect the rights associated
    with the content.
    */	
	ECapabilityDRM				= 6,


    /**
    Grants the right to create a trusted UI session, and therefore to display
    dialogs in a secure UI environment.
    
    Trusted UI dialogs are rare. They must be used only when confidentiality
    and security are critical; for example, for password dialogs. 
    
    Normal access to the user interface and the screen does not require
    this capability.
    */	
	ECapabilityTrustedUI		= 7,


    /**
    Grants the right to a server to register with a protected name.
    
    Currently, protected names start with a "!" character. The kernel prevents
    servers without this capability from using such a name, and therefore
    prevents protected servers from being impersonated.
    */	
	ECapabilityProtServ			= 8,


    /**
    Grants access to disk administration operations that affect more than one
    file or one directory (or overall filesystem integrity/behaviour, etc).
    
    For examples, reformatting a disk partition.
    */	
	ECapabilityDiskAdmin		= 9,


    /**
    Grants the right to modify or access network protocol controls.
    
    Typically when an action can change the behaviour of all existing and
    future connections, it should be protected by this capability.
    
    For example, forcing all existing connections on a specific protocol
    to be dropped, or changing the priority of a call.
    */	
	ECapabilityNetworkControl	= 10,


    /**
    Grants read access to the entire file system; grants write access to
    the private directories of other processes.
    
    This capability is very strictly controlled and should rarely be granted.
    */	
	ECapabilityAllFiles			= 11,


    /**
    Grants the right to generate software key & pen events, and to capture any
    of them regardless of the status of the application.
    
    Note that after obtaining the focus, normal applications do not need this
    capability to be dispatched key and pen events.
    */	
	ECapabilitySwEvent			= 12,


    /**
    A user capability that grants access to remote services without any
    restriction on its physical location.
    
    Typically, such a location is unknown to the phone user, and such services
    may incur cost for the phone user.
    
    Voice calls, SMS, and internet services are good examples of
    such network services. They are supported by GSM, CDMA and all IP transport
    protocols including Bluetooth profiles over IP.
    */	
	ECapabilityNetworkServices	= 13,


    /**
    A user capability that grants access to remote services in the close
    vicinity of the phone.
    
    The location of the remote service is well-known to the phone user, and in
    most cases, such services will not incur cost for the phone user.
    */	
	ECapabilityLocalServices	= 14,


    /**
    A user capability that grants read access to data that is confidential to
    the phone user. 
    
    This capability supports the management of the user's privacy.
    
    Typically, contacts, messages and appointments are always seen user
    confidential data.
    */	
	ECapabilityReadUserData		= 15,


    /**
    A user capability that grants write access to user data. 
    
    This capability supports the management of the integrity of user data.
    
    Note that this capability is not symmetric with the ECapabilityReadUserData
    capability. For example, you may want to prevent rogue applications from
    deleting music tracks but you may not want to restrict read access to them.
    */	
    ECapabilityWriteUserData	= 16,
    
    
    /**
    A user capability that grants access to the location of the device.
    
    This capability supports the management of the user's privacy with regard
    to the phone location.
    */
	ECapabilityLocation			= 17,


	/**
	Grants access to logical device drivers that provide input information about
	the surroundings of the device. 

	Good examples of drivers that require this capability would be GPS and biometrics
	device drivers. For complex multimedia logical device drivers that provide both
	input and output functions, such as Sound device driver, the  MultimediaDD
	capability should be used if it is too difficult to separate the input from the
	output calls at its API level.
	*/
	ECapabilitySurroundingsDD	= 18,


	/**
	Grants access to live confidential information about the user and his/her
	immediate environment. This capability protect the user's privacy.

	Examples are audio, picture and video recording, biometrics (such as blood
	pressure) recording.

	Please note that the location of the device is excluded from this capability.
	The protection of this is achieved by using the dedicated capability Location
	*/
	ECapabilityUserEnvironment	= 19,


	ECapability_Limit,					/**< @internalTechnology */

	ECapability_HardLimit		= 255,	/**< @internalTechnology */

	ECapability_None			= -1,	/**< Special value used to specify 'do not care' or 'no capability'.*/

	ECapability_Denied			= -2	/**< Special value used to indicate a capability that is never granted. */	
	};


/** Define this macro to reference the names of the capabilities. This is here so
	that ROMBUILD can accept capability names.
*/
#ifdef __REFERENCE_CAPABILITY_NAMES__

extern const char* const CapabilityNames[ECapability_Limit];

#endif	// __REFERENCE_CAPABILITY_NAMES__

/** Define this macro to include the names of the capabilities. This is here so
	that ROMBUILD can accept capability names.
*/
#ifdef __INCLUDE_CAPABILITY_NAMES__

/** List of names of all supported capabilities
	Must be in the same order as the enumerators in TCapability

@publishedAll
@released
*/
extern const char* const CapabilityNames[ECapability_Limit] =
	{
	"TCB",
	"CommDD",
	"PowerMgmt",
	"MultimediaDD",
	"ReadDeviceData",
	"WriteDeviceData",
	"DRM",
	"TrustedUI",
	"ProtServ",
	"DiskAdmin",
	"NetworkControl",
	"AllFiles",
	"SwEvent",
	"NetworkServices",
	"LocalServices",
	"ReadUserData",
	"WriteUserData",
	"Location",
	"SurroundingsDD",
	"UserEnvironment"
	};

#endif	// __INCLUDE_CAPABILITY_NAMES__

#endif	// __E32CAPABILITY_H__