• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "param_osadp.h"
16 #include "param_security.h"
17 #include "securec.h"
18 
InitLocalSecurityLabel(ParamSecurityLabel * security,int isInit)19 static int InitLocalSecurityLabel(ParamSecurityLabel *security, int isInit)
20 {
21     UNUSED(isInit);
22     PARAM_CHECK(security != NULL, return -1, "Invalid security");
23 #if defined __LITEOS_A__
24     security->cred.pid = getpid();
25     security->cred.uid = getuid();
26     security->cred.gid = 0;
27 #else
28     security->cred.pid = 0;
29     security->cred.uid = 0;
30     security->cred.gid = 0;
31 #endif
32     security->flags[PARAM_SECURITY_DAC] |= LABEL_CHECK_IN_ALL_PROCESS;
33     return 0;
34 }
35 
FreeLocalSecurityLabel(ParamSecurityLabel * srcLabel)36 static int FreeLocalSecurityLabel(ParamSecurityLabel *srcLabel)
37 {
38     (void)srcLabel;
39     return 0;
40 }
41 
DacGetParamSecurityLabel(const char * path)42 static int DacGetParamSecurityLabel(const char *path)
43 {
44     UNUSED(path);
45     return 0;
46 }
47 
CheckFilePermission(const ParamSecurityLabel * localLabel,const char * fileName,int flags)48 static int CheckFilePermission(const ParamSecurityLabel *localLabel, const char *fileName, int flags)
49 {
50     UNUSED(flags);
51     PARAM_CHECK(localLabel != NULL && fileName != NULL, return -1, "Invalid param");
52     return 0;
53 }
54 
DacCheckParamPermission(const ParamSecurityLabel * srcLabel,const char * name,uint32_t mode)55 static int DacCheckParamPermission(const ParamSecurityLabel *srcLabel, const char *name, uint32_t mode)
56 {
57     UNUSED(srcLabel);
58     UNUSED(name);
59     UNUSED(mode);
60 #if defined(__LITEOS_A__)
61     uid_t uid = getuid();
62     return uid <= SYS_UID_INDEX ? DAC_RESULT_PERMISSION : DAC_RESULT_FORBIDED;
63 #endif
64     return DAC_RESULT_PERMISSION;
65 }
66 
RegisterSecurityDacOps(ParamSecurityOps * ops,int isInit)67 INIT_LOCAL_API int RegisterSecurityDacOps(ParamSecurityOps *ops, int isInit)
68 {
69     PARAM_CHECK(ops != NULL, return -1, "Invalid param");
70     PARAM_LOGV("RegisterSecurityDacOps %d", isInit);
71     int ret = strcpy_s(ops->name, sizeof(ops->name), "dac");
72     ops->securityGetLabel = NULL;
73     ops->securityInitLabel = InitLocalSecurityLabel;
74     ops->securityCheckFilePermission = CheckFilePermission;
75     ops->securityCheckParamPermission = DacCheckParamPermission;
76     ops->securityFreeLabel = FreeLocalSecurityLabel;
77     if (isInit) {
78         ops->securityGetLabel = DacGetParamSecurityLabel;
79     }
80     return ret;
81 }
82 
LoadGroupUser(void)83 INIT_LOCAL_API void LoadGroupUser(void)
84 {
85 }
86