• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "param_osadp.h"
16 #include "param_security.h"
17 #include "securec.h"
18 
InitLocalSecurityLabel(ParamSecurityLabel * security,int isInit)19 static int InitLocalSecurityLabel(ParamSecurityLabel *security, int isInit)
20 {
21     UNUSED(isInit);
22     PARAM_CHECK(security != NULL, return -1, "Invalid security");
23 #if defined __LITEOS_A__
24     security->cred.pid = getpid();
25     security->cred.uid = getuid();
26     security->cred.gid = 0;
27 #else
28     security->cred.pid = 0;
29     security->cred.uid = 0;
30     security->cred.gid = 0;
31 #endif
32     security->flags[PARAM_SECURITY_DAC] |= LABEL_CHECK_IN_ALL_PROCESS;
33     return 0;
34 }
35 
FreeLocalSecurityLabel(ParamSecurityLabel * srcLabel)36 static int FreeLocalSecurityLabel(ParamSecurityLabel *srcLabel)
37 {
38     (void)srcLabel;
39     return 0;
40 }
41 
DacGetParamSecurityLabel(const char * path)42 static int DacGetParamSecurityLabel(const char *path)
43 {
44     UNUSED(path);
45     return 0;
46 }
47 
CheckFilePermission(const ParamSecurityLabel * localLabel,const char * fileName,int flags)48 static int CheckFilePermission(const ParamSecurityLabel *localLabel, const char *fileName, int flags)
49 {
50     UNUSED(flags);
51     PARAM_CHECK(localLabel != NULL && fileName != NULL, return -1, "Invalid param");
52     return 0;
53 }
54 
LiteDacCheckParamPermission(const ParamLabelIndex * labelIndex,const ParamSecurityLabel * srcLabel,const char * name,uint32_t mode)55 static int LiteDacCheckParamPermission(const ParamLabelIndex *labelIndex,
56     const ParamSecurityLabel *srcLabel, const char *name, uint32_t mode)
57 {
58     UNUSED(labelIndex);
59     UNUSED(srcLabel);
60     UNUSED(name);
61     UNUSED(mode);
62 #if defined(__LITEOS_A__)
63     uid_t uid = getuid();
64     return uid <= SYS_UID_INDEX ? DAC_RESULT_PERMISSION : DAC_RESULT_FORBIDED;
65 #endif
66     return DAC_RESULT_PERMISSION;
67 }
68 
RegisterSecurityDacOps(ParamSecurityOps * ops,int isInit)69 INIT_LOCAL_API int RegisterSecurityDacOps(ParamSecurityOps *ops, int isInit)
70 {
71     PARAM_CHECK(ops != NULL, return -1, "Invalid param");
72     PARAM_LOGV("RegisterSecurityDacOps %d", isInit);
73     int ret = strcpy_s(ops->name, sizeof(ops->name), "dac");
74     ops->securityGetLabel = NULL;
75     ops->securityInitLabel = InitLocalSecurityLabel;
76     ops->securityCheckFilePermission = CheckFilePermission;
77     ops->securityCheckParamPermission = LiteDacCheckParamPermission;
78     ops->securityFreeLabel = FreeLocalSecurityLabel;
79     if (isInit) {
80         ops->securityGetLabel = DacGetParamSecurityLabel;
81     }
82     return ret;
83 }
84 
LoadGroupUser(void)85 INIT_LOCAL_API void LoadGroupUser(void)
86 {
87 }
88