• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #define LOG_TAG "SecurityPolicy"
16 #include "security_policy.h"
17 
18 #include "logger.h"
19 #include "rdb_errno.h"
20 #include "security_label.h"
21 #include "sqlite_utils.h"
22 
23 namespace OHOS {
24 namespace NativeRdb {
25 using namespace OHOS::Rdb;
26 using namespace FileManagement::ModuleSecurityLabel;
GetSecurityLevelValue(SecurityLevel securityLevel)27 std::string SecurityPolicy::GetSecurityLevelValue(SecurityLevel securityLevel)
28 {
29     switch (securityLevel) {
30         case SecurityLevel::S1:
31             return "s1";
32         case SecurityLevel::S2:
33             return "s2";
34         case SecurityLevel::S3:
35             return "s3";
36         case SecurityLevel::S4:
37             return "s4";
38         default:
39             return "";
40     }
41 }
42 
GetFileSecurityLevel(const std::string & filePath)43 std::string SecurityPolicy::GetFileSecurityLevel(const std::string &filePath)
44 {
45     return SecurityLabel::GetSecurityLabel(filePath);
46 }
47 
SetSecurityLabel(const RdbStoreConfig & config)48 int SecurityPolicy::SetSecurityLabel(const RdbStoreConfig &config)
49 {
50     if (config.GetStorageMode() != StorageMode::MODE_MEMORY && config.GetSecurityLevel() != SecurityLevel::LAST) {
51         auto toSetLevel = GetSecurityLevelValue(config.GetSecurityLevel());
52         auto errCode = SecurityLabel::SetSecurityLabel(config.GetPath(), toSetLevel) ? E_OK : E_CONFIG_INVALID_CHANGE;
53         if (errCode != E_OK) {
54             auto currentLevel = GetFileSecurityLevel(config.GetPath());
55             LOG_ERROR("storeName:%{public}s SetSecurityLabel failed. Set security level from %{public}s to %{public}s,"
56                       "result:%{public}d, errno:%{public}d.",
57                 SqliteUtils::Anonymous(config.GetName()).c_str(), currentLevel.c_str(), toSetLevel.c_str(), errCode,
58                 errno);
59         }
60         return errCode;
61     }
62     return E_OK;
63 }
64 } // namespace NativeRdb
65 } // namespace OHOS