1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "system_ability_manager_stub.h"
17
18 #include <unistd.h>
19 #include <cinttypes>
20
21 #include "accesstoken_kit.h"
22 #include "datetime_ex.h"
23 #include "errors.h"
24 #include "hitrace_meter.h"
25 #include "ipc_skeleton.h"
26 #include "ipc_types.h"
27 #include "memory_guard.h"
28 #include "sam_log.h"
29 #include "string_ex.h"
30 #include "hisysevent_adapter.h"
31 #include "system_ability_manager.h"
32 #include "system_ability_manager_util.h"
33 #include "system_ability_on_demand_event.h"
34 #include "tools.h"
35 #include "samgr_xcollie.h"
36
37 #ifdef WITH_SELINUX
38 #include "service_checker.h"
39 #define HILOG_SE_DEBUG(type, fmt, ...) HILOG_IMPL((type), LOG_DEBUG, LOG_DOMAIN, "SA_SELINUX", fmt, __VA_ARGS__)
40 #endif
41
42 namespace {
43 #ifdef WITH_SELINUX
44 std::unique_ptr<ServiceChecker> selinuxChecker_ = std::make_unique<ServiceChecker>(false);
45 #endif
46
CheckGetSAPermission(const int32_t said)47 bool CheckGetSAPermission(const int32_t said)
48 {
49 #ifdef WITH_SELINUX
50 int64_t begin = OHOS::GetTickCount();
51 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
52 auto ret = selinuxChecker_->GetServiceCheck(callingSid, std::to_string(said)) == 0;
53 HILOG_SE_DEBUG(LOG_CORE, "GetServiceCheck callingSid:%{public}s,SA:%{public}d,ret:%{public}s,spend:%{public}"
54 PRId64 "ms", callingSid.c_str(), said, ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
55 return ret;
56 #else
57 return true; // if not support selinux, not check selinux permission
58 #endif
59 }
60
CheckAddOrRemovePermission(const int32_t said)61 bool CheckAddOrRemovePermission(const int32_t said)
62 {
63 #ifdef WITH_SELINUX
64 int64_t begin = OHOS::GetTickCount();
65 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
66 auto ret = selinuxChecker_->AddServiceCheck(callingSid, std::to_string(said)) == 0;
67 HILOG_SE_DEBUG(LOG_CORE, "AddServiceCheck callingSid:%{public}s,SA:%{public}d,ret:%{public}s,spend:%{public}"
68 PRId64 "ms", callingSid.c_str(), said, ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
69 return ret;
70 #else
71 return true; // if not support selinux, not check selinux permission
72 #endif
73 }
74
CheckGetRemoteSAPermission(const int32_t said)75 bool CheckGetRemoteSAPermission(const int32_t said)
76 {
77 #ifdef WITH_SELINUX
78 int64_t begin = OHOS::GetTickCount();
79 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
80 auto ret = selinuxChecker_->GetRemoteServiceCheck(callingSid, std::to_string(said)) == 0;
81 HILOG_SE_DEBUG(LOG_CORE, "GetRemoteServiceCheck callingSid:%{public}s,SA:%{public}d,"
82 "ret:%{public}s,spend:%{public}" PRId64 "ms", callingSid.c_str(), said,
83 ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
84 return ret;
85 #else
86 return true; // if not support selinux, not check selinux permission
87 #endif
88 }
89
CheckAddRemoteSAPermission(const int32_t said)90 bool CheckAddRemoteSAPermission(const int32_t said)
91 {
92 #ifdef WITH_SELINUX
93 int64_t begin = OHOS::GetTickCount();
94 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
95 auto ret = selinuxChecker_->AddRemoteServiceCheck(callingSid, std::to_string(said)) == 0;
96 HILOG_SE_DEBUG(LOG_CORE, "AddRemoteServiceCheck callingSid:%{public}s,SA:%{public}d,"
97 "ret:%{public}s,spend:%{public}" PRId64 "ms", callingSid.c_str(), said,
98 ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
99 return ret;
100 #else
101 return true; // if not support selinux, not check selinux permission
102 #endif
103 }
104
CheckListSAPermission()105 bool CheckListSAPermission()
106 {
107 #ifdef WITH_SELINUX
108 int64_t begin = OHOS::GetTickCount();
109 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
110 auto ret = selinuxChecker_->ListServiceCheck(callingSid) == 0;
111 HILOG_SE_DEBUG(LOG_CORE, "ListServiceCheck callingSid:%{public}s,ret:%{public}s,spend:%{public}"
112 PRId64 "ms", callingSid.c_str(), ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
113 return ret;
114 #else
115 return true; // if not support selinux, not check selinux permission
116 #endif
117 }
118 }
119
120 using namespace OHOS::Security;
121 namespace OHOS {
122 namespace {
123 const std::string EXT_TRANSACTION_PERMISSION = "ohos.permission.ACCESS_EXT_SYSTEM_ABILITY";
124 const std::string PERMISSION_SVC = "ohos.permission.CONTROL_SVC_CMD";
125 }
126
127 #ifdef SUPPORT_PENGLAI_MODE
SetPengLai(bool isPengLai)128 void SystemAbilityManagerStub::SetPengLai(bool isPengLai)
129 {
130 isPengLai_ = isPengLai;
131 HILOGI("SAMStub: SetPengLai isPengLai_ = %{public}d", isPengLai_);
132 }
133 #endif
134
SetAbilityFuncMap()135 void SystemAbilityManagerStub::SetAbilityFuncMap()
136 {
137 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_SYSTEM_ABILITY_TRANSACTION)] =
138 SystemAbilityManagerStub::LocalGetSystemAbility;
139 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CHECK_SYSTEM_ABILITY_TRANSACTION)] =
140 SystemAbilityManagerStub::LocalCheckSystemAbility;
141 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::ADD_SYSTEM_ABILITY_TRANSACTION)] =
142 SystemAbilityManagerStub::LocalAddSystemAbility;
143 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::REMOVE_SYSTEM_ABILITY_TRANSACTION)] =
144 SystemAbilityManagerStub::LocalRemoveSystemAbility;
145 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::LIST_SYSTEM_ABILITY_TRANSACTION)] =
146 SystemAbilityManagerStub::LocalListSystemAbility;
147 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::SUBSCRIBE_SYSTEM_ABILITY_TRANSACTION)] =
148 SystemAbilityManagerStub::LocalSubsSystemAbility;
149 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CHECK_REMOTE_SYSTEM_ABILITY_TRANSACTION)] =
150 SystemAbilityManagerStub::LocalCheckRemtSystemAbility;
151 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::ADD_ONDEMAND_SYSTEM_ABILITY_TRANSACTION)] =
152 SystemAbilityManagerStub::LocalAddOndemandSystemAbility;
153 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CHECK_SYSTEM_ABILITY_IMMEDIATELY_TRANSACTION)] =
154 SystemAbilityManagerStub::LocalCheckSystemAbilityImme;
155 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNSUBSCRIBE_SYSTEM_ABILITY_TRANSACTION)] =
156 SystemAbilityManagerStub::LocalUnSubsSystemAbility;
157 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::LOAD_SYSTEM_ABILITY_TRANSACTION)] =
158 SystemAbilityManagerStub::LocalLoadSystemAbility;
159 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::LOAD_REMOTE_SYSTEM_ABILITY_TRANSACTION)] =
160 SystemAbilityManagerStub::LocalLoadRemoteSystemAbility;
161 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNLOAD_SYSTEM_ABILITY_TRANSACTION)] =
162 SystemAbilityManagerStub::LocalUnloadSystemAbility;
163 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CANCEL_UNLOAD_SYSTEM_ABILITY_TRANSACTION)] =
164 SystemAbilityManagerStub::LocalCancelUnloadSystemAbility;
165 }
166
SetProcessFuncMap()167 void SystemAbilityManagerStub::SetProcessFuncMap()
168 {
169 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::ADD_SYSTEM_PROCESS_TRANSACTION)] =
170 SystemAbilityManagerStub::LocalAddSystemProcess;
171 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_SYSTEM_PROCESS_INFO_TRANSACTION)] =
172 SystemAbilityManagerStub::LocalGetSystemProcessInfo;
173 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_RUNNING_SYSTEM_PROCESS_TRANSACTION)] =
174 SystemAbilityManagerStub::LocalGetRunningSystemProcess;
175 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::SUBSCRIBE_SYSTEM_PROCESS_TRANSACTION)] =
176 SystemAbilityManagerStub::LocalSubscribeSystemProcess;
177 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNSUBSCRIBE_SYSTEM_PROCESS_TRANSACTION)] =
178 SystemAbilityManagerStub::LocalUnSubscribeSystemProcess;
179 }
180
SystemAbilityManagerStub()181 SystemAbilityManagerStub::SystemAbilityManagerStub()
182 {
183 #ifdef SUPPORT_PENGLAI_MODE
184 SetPengLai(SamgrUtil::CheckPengLai());
185 #endif
186 SetAbilityFuncMap();
187 SetProcessFuncMap();
188 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_ONDEMAND_REASON_EXTRA_DATA_TRANSACTION)] =
189 SystemAbilityManagerStub::LocalGetOnDemandReasonExtraData;
190 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_ONDEAMND_POLICY_TRANSACTION)] =
191 SystemAbilityManagerStub::LocalGetOnDemandPolicy;
192 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UPDATE_ONDEAMND_POLICY_TRANSACTION)] =
193 SystemAbilityManagerStub::LocalUpdateOnDemandPolicy;
194 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_ONDEMAND_SYSTEM_ABILITY_IDS_TRANSACTION)] =
195 SystemAbilityManagerStub::LocalGetOnDemandSystemAbilityIds;
196 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::SEND_STRATEGY_TRANASACTION)] =
197 SystemAbilityManagerStub::LocalSendStrategy;
198 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNLOAD_ALL_IDLE_SYSTEM_ABILITY_TRANSACTION)] =
199 SystemAbilityManagerStub::LocalUnloadAllIdleSystemAbility;
200 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_EXTENSION_SA_IDS_TRANSCATION)] =
201 SystemAbilityManagerStub::LocalGetExtensionSaIds;
202 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_EXTERNSION_SA_LIST_TRANSCATION)] =
203 SystemAbilityManagerStub::LocalGetExtensionRunningSaList;
204 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_SA_EXTENSION_INFO_TRANSCATION)] =
205 SystemAbilityManagerStub::LocalGetRunningSaExtensionInfoList;
206 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_COMMON_EVENT_EXTRA_ID_LIST_TRANSCATION)] =
207 SystemAbilityManagerStub::LocalGetCommonEventExtraDataIdlist;
208 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_LOCAL_ABILITY_MANAGER_PROXY_TRANSCATION)] =
209 SystemAbilityManagerStub::LocalGetLocalAbilityManagerProxy;
210 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNLOAD_IDLE_PROCESS_BYLIST)] =
211 SystemAbilityManagerStub::LocalUnloadProcess;
212 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_LRU_IDLE_SYSTEM_ABILITY_PROCESS_TRANSACTION)] =
213 SystemAbilityManagerStub::LocalGetLruIdleSystemAbilityProc;
214 }
215
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)216 int32_t SystemAbilityManagerStub::OnRemoteRequest(uint32_t code,
217 MessageParcel& data, MessageParcel& reply, MessageOption &option)
218 {
219 HILOGD("SAMStub::OnReceived, code = %{public}u, callerPid = %{public}d",
220 code, IPCSkeleton::GetCallingPid());
221 Samgr::MemoryGuard cacheGuard;
222 if (!EnforceInterceToken(data)) {
223 HILOGE("SAMStub::OnReceived, code = %{public}u, check interfaceToken failed", code);
224 return ERR_PERMISSION_DENIED;
225 }
226 auto itFunc = memberFuncMap_.find(code);
227 if (itFunc != memberFuncMap_.end()) {
228 return itFunc->second(this, data, reply);
229 }
230 HILOGW("SAMStub: default case, need check.");
231 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
232 }
233
EnforceInterceToken(MessageParcel & data)234 bool SystemAbilityManagerStub::EnforceInterceToken(MessageParcel& data)
235 {
236 std::u16string interfaceToken = data.ReadInterfaceToken();
237 return interfaceToken == SAMANAGER_INTERFACE_TOKEN;
238 }
239
ListSystemAbilityInner(MessageParcel & data,MessageParcel & reply)240 int32_t SystemAbilityManagerStub::ListSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
241 {
242 if (!CanRequest()) {
243 HILOGE("ListSystemAbilityInner PERMISSION DENIED!");
244 return ERR_PERMISSION_DENIED;
245 }
246
247 if (!CheckListSAPermission()) {
248 HILOGE("ListSystemAbilityInner selinux permission denied! callSid:%{public}s",
249 OHOS::IPCSkeleton::GetCallingSid().c_str());
250 return ERR_PERMISSION_DENIED;
251 }
252
253 int32_t dumpFlag = 0;
254 bool ret = data.ReadInt32(dumpFlag);
255 if (!ret) {
256 HILOGW("ListSystemAbilityInner read dumpflag failed!");
257 return ERR_FLATTEN_OBJECT;
258 }
259
260 std::vector<std::u16string> saNameVector = ListSystemAbilities(dumpFlag);
261 if (saNameVector.empty()) {
262 HILOGI("List System Abilities list errors");
263 ret = reply.WriteInt32(ERR_INVALID_VALUE);
264 } else {
265 HILOGI("ListSystemAbilityInner list success");
266 ret = reply.WriteInt32(ERR_NONE);
267 if (ret) {
268 ret = reply.WriteString16Vector(saNameVector);
269 }
270 }
271
272 if (!ret) {
273 HILOGW("ListSystemAbilityInner write reply failed.");
274 return ERR_FLATTEN_OBJECT;
275 }
276
277 return ERR_NONE;
278 }
279
SubsSystemAbilityInner(MessageParcel & data,MessageParcel & reply)280 int32_t SystemAbilityManagerStub::SubsSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
281 {
282 int32_t systemAbilityId = -1;
283 bool ret = data.ReadInt32(systemAbilityId);
284 if (!ret) {
285 return ERR_NULL_OBJECT;
286 }
287 if (!CheckInputSysAbilityId(systemAbilityId)) {
288 HILOGW("SubsSystemAbilityInner read SAId failed!");
289 return ERR_NULL_OBJECT;
290 }
291 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
292 if (remoteObject == nullptr) {
293 HILOGW("SubsSystemAbilityInner read listener failed!");
294 return ERR_NULL_OBJECT;
295 }
296 sptr<ISystemAbilityStatusChange> listener = iface_cast<ISystemAbilityStatusChange>(remoteObject);
297 if (listener == nullptr) {
298 HILOGW("SubsSystemAbilityInner iface_cast failed!");
299 return ERR_NULL_OBJECT;
300 }
301 SamgrXCollie samgrXCollie("samgr--SubsSA_" + ToString(systemAbilityId));
302 int32_t result = SubscribeSystemAbility(systemAbilityId, listener);
303 HILOGD("SubsSystemAbilityInner result is %{public}d", result);
304 ret = reply.WriteInt32(result);
305 if (!ret) {
306 HILOGW("SubsSystemAbilityInner write reply failed.");
307 return ERR_FLATTEN_OBJECT;
308 }
309
310 return result;
311 }
312
UnSubsSystemAbilityInner(MessageParcel & data,MessageParcel & reply)313 int32_t SystemAbilityManagerStub::UnSubsSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
314 {
315 int32_t systemAbilityId = -1;
316 bool ret = data.ReadInt32(systemAbilityId);
317 if (!ret) {
318 return ERR_NULL_OBJECT;
319 }
320 if (!CheckInputSysAbilityId(systemAbilityId)) {
321 HILOGW("UnSubsSystemAbilityInner read SAId failed!");
322 return ERR_NULL_OBJECT;
323 }
324 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
325 if (remoteObject == nullptr) {
326 HILOGW("UnSubscribeSystemAbility read listener failed!");
327 return ERR_NULL_OBJECT;
328 }
329 sptr<ISystemAbilityStatusChange> listener = iface_cast<ISystemAbilityStatusChange>(remoteObject);
330 if (listener == nullptr) {
331 HILOGW("UnSubscribeSystemAbility iface_cast failed!");
332 return ERR_NULL_OBJECT;
333 }
334 int32_t result = UnSubscribeSystemAbility(systemAbilityId, listener);
335 HILOGD("UnSubscribeSystemAbility result is %{public}d", result);
336 ret = reply.WriteInt32(result);
337 if (!ret) {
338 HILOGW("UnSubscribeSystemAbility write reply failed.");
339 return ERR_FLATTEN_OBJECT;
340 }
341
342 return result;
343 }
344
CheckRemtSystemAbilityInner(MessageParcel & data,MessageParcel & reply)345 int32_t SystemAbilityManagerStub::CheckRemtSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
346 {
347 if (!CanRequest()) {
348 HILOGE("CheckRemoteSystemAbilityInner PERMISSION DENIED!");
349 return ERR_PERMISSION_DENIED;
350 }
351 int32_t systemAbilityId = -1;
352 bool ret = data.ReadInt32(systemAbilityId);
353 if (!ret) {
354 return ERR_NULL_OBJECT;
355 }
356 if (!CheckInputSysAbilityId(systemAbilityId)) {
357 HILOGW("CheckRemtSystemAbilityInner read SAId failed!");
358 return ERR_NULL_OBJECT;
359 }
360
361 #ifdef SUPPORT_PENGLAI_MODE
362 if (isPengLai_ && !SamgrUtil::CheckPengLaiPermission(systemAbilityId)) {
363 HILOGW("CheckRemt CheckPengLaiPermission denied! SA:%{public}d,callUid:%{public}d",
364 systemAbilityId, OHOS::IPCSkeleton::GetCallingUid());
365 return ERR_PERMISSION_DENIED;
366 }
367 #endif
368
369 if (!CheckGetRemoteSAPermission(systemAbilityId)) {
370 HILOGE("CheckRemtSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
371 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
372 return ERR_PERMISSION_DENIED;
373 }
374
375 std::string deviceId;
376 ret = data.ReadString(deviceId);
377 if (!ret) {
378 HILOGW("CheckRemtSystemAbilityInner read deviceId failed!");
379 return ERR_FLATTEN_OBJECT;
380 }
381 std::string uuid = SamgrUtil::TransformDeviceId(deviceId, UUID, false);
382 sptr<IRemoteObject> remoteObject = GetSystemAbility(systemAbilityId, uuid);
383 if (remoteObject == nullptr) {
384 HILOGD("CheckRemtSystemAbilityInner SA:%{public}d GetSystemAbility failed.", systemAbilityId);
385 return ERR_NULL_OBJECT;
386 }
387 ret = reply.WriteRemoteObject(remoteObject);
388 if (!ret) {
389 HILOGE("CheckRemtSystemAbilityInner SA:%{public}d write reply failed.", systemAbilityId);
390 return ERR_FLATTEN_OBJECT;
391 }
392
393 return ERR_NONE;
394 }
395
AddOndemandSystemAbilityInner(MessageParcel & data,MessageParcel & reply)396 int32_t SystemAbilityManagerStub::AddOndemandSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
397 {
398 if (!CanRequest()) {
399 HILOGE("AddOndemandSystemAbilityInner PERMISSION DENIED!");
400 return ERR_PERMISSION_DENIED;
401 }
402 int32_t systemAbilityId = -1;
403 bool ret = data.ReadInt32(systemAbilityId);
404 if (!ret) {
405 return ERR_NULL_OBJECT;
406 }
407 if (!CheckInputSysAbilityId(systemAbilityId)) {
408 HILOGW("AddOndemandSystemAbilityInner read SAId failed!");
409 return ERR_NULL_OBJECT;
410 }
411
412 if (!CheckAddOrRemovePermission(systemAbilityId)) {
413 HILOGE("AddOndemandSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
414 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
415 return ERR_PERMISSION_DENIED;
416 }
417
418 std::u16string localManagerName = data.ReadString16();
419 if (localManagerName.empty()) {
420 HILOGW("AddOndemandSystemAbilityInner read localName failed!");
421 return ERR_NULL_OBJECT;
422 }
423
424 int32_t result = AddOnDemandSystemAbilityInfo(systemAbilityId, localManagerName);
425 HILOGD("AddOndemandSystemAbilityInner result is %{public}d", result);
426 ret = reply.WriteInt32(result);
427 if (!ret) {
428 HILOGW("AddOndemandSystemAbilityInner write reply failed.");
429 return ERR_FLATTEN_OBJECT;
430 }
431
432 return result;
433 }
434
CheckSystemAbilityImmeInner(MessageParcel & data,MessageParcel & reply)435 int32_t SystemAbilityManagerStub::CheckSystemAbilityImmeInner(MessageParcel& data, MessageParcel& reply)
436 {
437 int64_t begin = OHOS::GetTickCount();
438 int32_t systemAbilityId = -1;
439 bool ret = data.ReadInt32(systemAbilityId);
440 if (!ret) {
441 return ERR_NULL_OBJECT;
442 }
443 if (!CheckInputSysAbilityId(systemAbilityId)) {
444 HILOGW("CheckSystemAbilityImmeInner read SAId failed!");
445 return ERR_NULL_OBJECT;
446 }
447
448 #ifdef SUPPORT_PENGLAI_MODE
449 if (isPengLai_ && !SamgrUtil::CheckPengLaiPermission(systemAbilityId)) {
450 HILOGW("CheckSAImme CheckPengLaiPermission denied! SA:%{public}d,callUid:%{public}d",
451 systemAbilityId, OHOS::IPCSkeleton::GetCallingUid());
452 return ERR_PERMISSION_DENIED;
453 }
454 #endif
455
456 if (!CheckGetSAPermission(systemAbilityId)) {
457 HILOGD("CheckSystemAbilityImmeInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
458 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
459 return ERR_PERMISSION_DENIED;
460 }
461
462 bool isExist = false;
463 ret = data.ReadBool(isExist);
464 if (!ret) {
465 HILOGW("CheckSystemAbilityImmeInner read isExist failed!");
466 return ERR_FLATTEN_OBJECT;
467 }
468 SamgrXCollie samgrXCollie("samgr--CheckSAImme_" + ToString(systemAbilityId));
469 sptr<IRemoteObject> remoteObject = CheckSystemAbility(systemAbilityId, isExist);
470 if (remoteObject == nullptr) {
471 HILOGD("CheckSystemAbilityImmeInner SA:%{public}d CheckSystemAbility failed.", systemAbilityId);
472 return ERR_NULL_OBJECT;
473 }
474 ret = reply.WriteRemoteObject(remoteObject);
475 if (!ret) {
476 HILOGE("CheckSystemAbilityImmeInner SA:%{public}d, callpid:%{public}d, write obj fail, spend %{public}"
477 PRId64 " ms", systemAbilityId, OHOS::IPCSkeleton::GetCallingPid(), OHOS::GetTickCount() - begin);
478 return ERR_FLATTEN_OBJECT;
479 }
480
481 ret = reply.WriteBool(isExist);
482 if (!ret) {
483 HILOGW("CheckSystemAbilityImmeInner write reply failed.");
484 return ERR_FLATTEN_OBJECT;
485 }
486
487 return ERR_NONE;
488 }
489
UnmarshalingSaExtraProp(MessageParcel & data,SAExtraProp & extraProp)490 int32_t SystemAbilityManagerStub::UnmarshalingSaExtraProp(MessageParcel& data, SAExtraProp& extraProp)
491 {
492 bool isDistributed = false;
493 bool ret = data.ReadBool(isDistributed);
494 if (!ret) {
495 HILOGW("UnmarshalingSaExtraProp read isDistributed failed!");
496 return ERR_FLATTEN_OBJECT;
497 }
498
499 int32_t dumpFlags = 0;
500 ret = data.ReadInt32(dumpFlags);
501 if (!ret || dumpFlags < 0) {
502 HILOGW("UnmarshalingSaExtraProp dumpFlags failed!");
503 return ERR_FLATTEN_OBJECT;
504 }
505 std::u16string capability = data.ReadString16();
506 std::u16string permission = data.ReadString16();
507 extraProp.isDistributed = isDistributed;
508 extraProp.dumpFlags = static_cast<uint32_t>(dumpFlags);
509 extraProp.capability = capability;
510 extraProp.permission = permission;
511 return ERR_OK;
512 }
513
AddSystemAbilityInner(MessageParcel & data,MessageParcel & reply)514 int32_t SystemAbilityManagerStub::AddSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
515 {
516 if (!CanRequest()) {
517 KHILOGE("AddSystemAbilityInner PERMISSION DENIED!");
518 return ERR_PERMISSION_DENIED;
519 }
520 int32_t systemAbilityId = -1;
521 bool ret = data.ReadInt32(systemAbilityId);
522 if (!ret) {
523 return ERR_NULL_OBJECT;
524 }
525 if (!CheckInputSysAbilityId(systemAbilityId)) {
526 KHILOGW("AddSystemAbilityExtraInner read SAId failed!");
527 return ERR_NULL_OBJECT;
528 }
529
530 if (!CheckAddOrRemovePermission(systemAbilityId)) {
531 KHILOGE("AddSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
532 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
533 return ERR_PERMISSION_DENIED;
534 }
535
536 auto object = data.ReadRemoteObject();
537 if (object == nullptr) {
538 KHILOGW("AddSystemAbilityExtraInner readParcelable failed!");
539 return ERR_NULL_OBJECT;
540 }
541 SAExtraProp extraProp;
542 int32_t result = UnmarshalingSaExtraProp(data, extraProp);
543 if (result != ERR_OK) {
544 KHILOGW("AddSystemAbilityExtraInner UnmarshalingSaExtraProp failed!");
545 return result;
546 }
547 if (extraProp.isDistributed && !CheckAddRemoteSAPermission(systemAbilityId)) {
548 KHILOGE("CheckAddRemoteSAPermission selinux permission denied! SA:%{public}d,callSid:%{public}s",
549 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
550 return ERR_PERMISSION_DENIED;
551 }
552 result = AddSystemAbility(systemAbilityId, object, extraProp);
553 ret = reply.WriteInt32(result);
554 if (!ret) {
555 KHILOGW("AddSystemAbilityExtraInner write reply failed.");
556 return ERR_FLATTEN_OBJECT;
557 }
558 return result;
559 }
560
GetSystemAbilityInner(MessageParcel & data,MessageParcel & reply)561 int32_t SystemAbilityManagerStub::GetSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
562 {
563 int32_t systemAbilityId = -1;
564 bool ret = data.ReadInt32(systemAbilityId);
565 if (!ret) {
566 return ERR_NULL_OBJECT;
567 }
568 if (!CheckInputSysAbilityId(systemAbilityId)) {
569 HILOGW("GetSystemAbilityInner read SAId failed!");
570 return ERR_NULL_OBJECT;
571 }
572
573 #ifdef SUPPORT_PENGLAI_MODE
574 if (isPengLai_ && !SamgrUtil::CheckPengLaiPermission(systemAbilityId)) {
575 HILOGW("GetSA CheckPengLaiPermission denied! SA:%{public}d,callUid:%{public}d",
576 systemAbilityId, OHOS::IPCSkeleton::GetCallingUid());
577 return ERR_PERMISSION_DENIED;
578 }
579 #endif
580
581 if (!CheckGetSAPermission(systemAbilityId)) {
582 HILOGE("GetSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
583 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
584 return ERR_PERMISSION_DENIED;
585 }
586 sptr<IRemoteObject> remoteObject = GetSystemAbility(systemAbilityId);
587 if (remoteObject == nullptr) {
588 HILOGD("GetSystemAbilityInner SA:%{public}d GetSystemAbility failed.", systemAbilityId);
589 return ERR_NULL_OBJECT;
590 }
591 ret = reply.WriteRemoteObject(remoteObject);
592 if (!ret) {
593 HILOGE("GetSystemAbilityInner SA:%{public}d write reply failed.", systemAbilityId);
594 return ERR_FLATTEN_OBJECT;
595 }
596 return ERR_NONE;
597 }
598
CheckSystemAbilityInner(MessageParcel & data,MessageParcel & reply)599 int32_t SystemAbilityManagerStub::CheckSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
600 {
601 int32_t systemAbilityId = -1;
602 bool ret = data.ReadInt32(systemAbilityId);
603 if (!ret) {
604 return ERR_NULL_OBJECT;
605 }
606 if (!CheckInputSysAbilityId(systemAbilityId)) {
607 HILOGW("CheckSystemAbilityInner read SAId failed!");
608 return ERR_NULL_OBJECT;
609 }
610
611 #ifdef SUPPORT_PENGLAI_MODE
612 if (isPengLai_ && !SamgrUtil::CheckPengLaiPermission(systemAbilityId)) {
613 HILOGW("CheckSA CheckPengLaiPermission denied! SA:%{public}d,callUid:%{public}d",
614 systemAbilityId, OHOS::IPCSkeleton::GetCallingUid());
615 return ERR_PERMISSION_DENIED;
616 }
617 #endif
618
619 if (!CheckGetSAPermission(systemAbilityId)) {
620 HILOGD("CheckSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
621 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
622 return ERR_PERMISSION_DENIED;
623 }
624 sptr<IRemoteObject> remoteObject = CheckSystemAbility(systemAbilityId);
625 if (remoteObject == nullptr) {
626 HILOGD("CheckSystemAbilityInner SA:%{public}d CheckSystemAbility failed.", systemAbilityId);
627 return ERR_NULL_OBJECT;
628 }
629 ret = reply.WriteRemoteObject(remoteObject);
630 if (!ret) {
631 HILOGE("CheckSystemAbilityInner SA:%{public}d write reply failed.", systemAbilityId);
632 return ERR_FLATTEN_OBJECT;
633 }
634 return ERR_NONE;
635 }
636
RemoveSystemAbilityInner(MessageParcel & data,MessageParcel & reply)637 int32_t SystemAbilityManagerStub::RemoveSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
638 {
639 if (!CanRequest()) {
640 HILOGE("RemoveSystemAbilityInner PERMISSION DENIED!");
641 return ERR_PERMISSION_DENIED;
642 }
643 int32_t systemAbilityId = -1;
644 bool ret = data.ReadInt32(systemAbilityId);
645 if (!ret) {
646 return ERR_NULL_OBJECT;
647 }
648 if (!CheckInputSysAbilityId(systemAbilityId)) {
649 HILOGW("RemoveSystemAbilityInner read SAId failed!");
650 return ERR_NULL_OBJECT;
651 }
652
653 if (!CheckAddOrRemovePermission(systemAbilityId)) {
654 HILOGE("RemoveSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
655 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
656 return ERR_PERMISSION_DENIED;
657 }
658
659 int32_t result = RemoveSystemAbility(systemAbilityId);
660 ret = reply.WriteInt32(result);
661 if (!ret) {
662 HILOGW("RemoveSystemAbilityInner write reply failed.");
663 return ERR_FLATTEN_OBJECT;
664 }
665 return result;
666 }
667
668
AddSystemProcessInner(MessageParcel & data,MessageParcel & reply)669 int32_t SystemAbilityManagerStub::AddSystemProcessInner(MessageParcel& data, MessageParcel& reply)
670 {
671 if (!CanRequest()) {
672 HILOGE("AddSystemProcessInner PERMISSION DENIED!");
673 return ERR_PERMISSION_DENIED;
674 }
675 std::u16string procName = data.ReadString16();
676 if (procName.empty()) {
677 HILOGW("AddSystemProcessInner read procName failed!");
678 return ERR_NULL_OBJECT;
679 }
680
681 sptr<IRemoteObject> procObject = data.ReadRemoteObject();
682 if (procObject == nullptr) {
683 HILOGW("AddSystemProcessInner readParcelable failed!");
684 return ERR_NULL_OBJECT;
685 }
686
687 int32_t result = AddSystemProcess(procName, procObject);
688 bool ret = reply.WriteInt32(result);
689 if (!ret) {
690 HILOGW("AddSystemProcessInner write reply failed.");
691 return ERR_FLATTEN_OBJECT;
692 }
693 return result;
694 }
695
LoadSACheck(int32_t systemAbilityId)696 int32_t SystemAbilityManagerStub::LoadSACheck(int32_t systemAbilityId)
697 {
698 if (!CheckInputSysAbilityId(systemAbilityId)) {
699 HILOGW("LoadSystemAbilityInner check SAId failed!");
700 return ERR_INVALID_VALUE;
701 }
702
703 #ifdef SUPPORT_PENGLAI_MODE
704 if (isPengLai_ && !SamgrUtil::CheckPengLaiPermission(systemAbilityId)) {
705 HILOGW("LoadSA CheckPengLaiPermission denied! SA:%{public}d,callUid:%{public}d",
706 systemAbilityId, OHOS::IPCSkeleton::GetCallingUid());
707 return ERR_PERMISSION_DENIED;
708 }
709 #endif
710
711 if (!CheckGetSAPermission(systemAbilityId)) {
712 HILOGE("LoadSystemAbilityInner selinux permission denied!SA:%{public}d,callSid:%{public}s",
713 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
714 return ERR_PERMISSION_DENIED;
715 }
716 return ERR_OK;
717 }
718
LoadSystemAbilityInner(MessageParcel & data,MessageParcel & reply)719 int32_t SystemAbilityManagerStub::LoadSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
720 {
721 int32_t systemAbilityId = -1;
722 bool ret = false;
723 sptr<ISystemAbilityLoadCallback> callback = nullptr;
724 {
725 SamgrXCollie samgrXCollie("samgrStub--loadSa_readData");
726 ret = data.ReadInt32(systemAbilityId);
727 if (!ret) {
728 HILOGW("LoadSystemAbilityInner read SAId failed!");
729 return ERR_INVALID_VALUE;
730 }
731 int32_t checkRet = LoadSACheck(systemAbilityId);
732 if (checkRet != ERR_OK) {
733 return checkRet;
734 }
735 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
736 if (remoteObject == nullptr) {
737 HILOGW("LoadSystemAbilityInner read callback failed!");
738 return ERR_INVALID_VALUE;
739 }
740 callback = iface_cast<ISystemAbilityLoadCallback>(remoteObject);
741 if (callback == nullptr) {
742 HILOGW("LoadSystemAbilityInner iface_cast failed!");
743 return ERR_INVALID_VALUE;
744 }
745 }
746
747 std::string loadSystemAbilityTag = ToString(systemAbilityId) + "_LoadSystemAbility";
748 HitraceScopedEx samgrHitrace(HITRACE_LEVEL_INFO, HITRACE_TAG_SAMGR, loadSystemAbilityTag.c_str());
749 int32_t result = LoadSystemAbility(systemAbilityId, callback);
750 if (result != ERR_OK) {
751 ReportSamgrSaLoadFail(systemAbilityId, IPCSkeleton::GetCallingPid(), IPCSkeleton::GetCallingUid(),
752 "interface load err:" + ToString(result));
753 HILOGE("loadSaInner fail ret:%{public}d", result);
754 }
755 HILOGD("LoadSystemAbilityInner result is %{public}d", result);
756 {
757 SamgrXCollie samgrXCollie("samgrStub--loadSa_writeResult_" + ToString(systemAbilityId));
758 ret = reply.WriteInt32(result);
759 }
760 if (!ret) {
761 HILOGW("LoadSystemAbilityInner write reply failed.");
762 return ERR_FLATTEN_OBJECT;
763 }
764 return result;
765 }
766
LoadRemoteSACheck(int32_t systemAbilityId)767 int32_t SystemAbilityManagerStub::LoadRemoteSACheck(int32_t systemAbilityId)
768 {
769 if (!CheckInputSysAbilityId(systemAbilityId)) {
770 HILOGW("LoadRemoteSystemAbilityInner check SAId invalid");
771 return ERR_INVALID_VALUE;
772 }
773
774 #ifdef SUPPORT_PENGLAI_MODE
775 if (isPengLai_ && !SamgrUtil::CheckPengLaiPermission(systemAbilityId)) {
776 HILOGW("LoadRemote CheckPengLaiPermission denied! SA:%{public}d,callUid:%{public}d",
777 systemAbilityId, OHOS::IPCSkeleton::GetCallingUid());
778 return ERR_PERMISSION_DENIED;
779 }
780 #endif
781
782 if (!CheckGetRemoteSAPermission(systemAbilityId)) {
783 HILOGE("LoadRemoteSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
784 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
785 return ERR_PERMISSION_DENIED;
786 }
787 return ERR_OK;
788 }
789
LoadRemoteSystemAbilityInner(MessageParcel & data,MessageParcel & reply)790 int32_t SystemAbilityManagerStub::LoadRemoteSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
791 {
792 int32_t systemAbilityId = -1;
793 bool ret = false;
794 std::string deviceId = "";
795 sptr<IRemoteObject> remoteObject = nullptr;
796 sptr<ISystemAbilityLoadCallback> callback = nullptr;
797 {
798 SamgrXCollie samgrXCollie("samgrStub--loadRmtSa_readData");
799 ret = data.ReadInt32(systemAbilityId);
800 if (!ret) {
801 HILOGW("LoadRemoteSystemAbilityInner read SAId invalid");
802 return ERR_INVALID_VALUE;
803 }
804 int32_t checkRet = LoadRemoteSACheck(systemAbilityId);
805 if (checkRet != ERR_OK) {
806 return checkRet;
807 }
808 deviceId = data.ReadString();
809 if (deviceId.empty()) {
810 HILOGW("LoadRemoteSystemAbilityInner read deviceId failed");
811 return ERR_INVALID_VALUE;
812 }
813 remoteObject = data.ReadRemoteObject();
814 if (remoteObject == nullptr) {
815 HILOGW("LoadRemoteSystemAbilityInner read callback failed!");
816 return ERR_INVALID_VALUE;
817 }
818 callback = iface_cast<ISystemAbilityLoadCallback>(remoteObject);
819 if (callback == nullptr) {
820 HILOGW("LoadRemoteSystemAbilityInner iface_cast failed!");
821 return ERR_INVALID_VALUE;
822 }
823 }
824
825 int32_t result = LoadSystemAbility(systemAbilityId, deviceId, callback);
826 HILOGD("LoadRemoteSystemAbilityInner result is %{public}d", result);
827 {
828 SamgrXCollie samgrXCollie("samgrStub--loadRmtSa_writeResult_" + ToString(systemAbilityId));
829 ret = reply.WriteInt32(result);
830 }
831 if (!ret) {
832 HILOGW("LoadRemoteSystemAbilityInner write reply failed.");
833 return ERR_FLATTEN_OBJECT;
834 }
835 return result;
836 }
837
UnloadSystemAbilityInner(MessageParcel & data,MessageParcel & reply)838 int32_t SystemAbilityManagerStub::UnloadSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
839 {
840 int32_t systemAbilityId = -1;
841 bool ret = false;
842 {
843 SamgrXCollie samgrXCollie("samgrStub--unloadSa_readData");
844 ret = data.ReadInt32(systemAbilityId);
845 if (!ret) {
846 HILOGW("UnloadSystemAbilityInner read SAId invalid");
847 return ERR_INVALID_VALUE;
848 }
849 if (!CheckInputSysAbilityId(systemAbilityId)) {
850 HILOGW("UnloadSystemAbilityInner check SAId invalid");
851 return ERR_INVALID_VALUE;
852 }
853 }
854
855 int32_t result = UnloadSystemAbility(systemAbilityId);
856 if (result != ERR_OK) {
857 ReportSaUnLoadFail(systemAbilityId, IPCSkeleton::GetCallingPid(), IPCSkeleton::GetCallingUid(),
858 "interface unload err:" + ToString(result));
859 HILOGE("unloadSa fail ret:%{public}d", result);
860 }
861 HILOGD("UnloadSystemAbilityInner result is %{public}d", result);
862 {
863 SamgrXCollie samgrXCollie("samgrStub--unloadSa_writeResult_" + ToString(systemAbilityId));
864 ret = reply.WriteInt32(result);
865 }
866 if (!ret) {
867 HILOGW("UnloadSystemAbilityInner write reply failed.");
868 return ERR_FLATTEN_OBJECT;
869 }
870 return result;
871 }
872
UnloadAllIdleSystemAbilityInner(MessageParcel & data,MessageParcel & reply)873 int32_t SystemAbilityManagerStub::UnloadAllIdleSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
874 {
875 int32_t result = UnloadAllIdleSystemAbility();
876 HILOGI("UnloadAllIdleSystemAbilityInner result is %{public}d", result);
877 return result;
878 }
879
UnloadProcessInner(MessageParcel & data,MessageParcel & reply)880 int32_t SystemAbilityManagerStub::UnloadProcessInner(MessageParcel& data, MessageParcel& reply)
881 {
882 if (!SamgrUtil::CheckCallerProcess("memmgrservice")) {
883 HILOGE("UnloadProcessInner invalid caller process, only support for memmgrservice");
884 return ERR_PERMISSION_DENIED;
885 }
886 std::vector<std::u16string> processList;
887 if (!data.ReadString16Vector(&processList)) {
888 HILOGE("UnloadProcessInner read processList fail");
889 return ERR_NULL_OBJECT;
890 }
891 int32_t result = UnloadProcess(processList);
892 HILOGI("UnloadProcessInner result is %{public}d", result);
893 return result;
894 }
895
GetLruIdleSystemAbilityProcInner(MessageParcel & data,MessageParcel & reply)896 int32_t SystemAbilityManagerStub::GetLruIdleSystemAbilityProcInner(MessageParcel& data, MessageParcel& reply)
897 {
898 if (!SamgrUtil::CheckCallerProcess("memmgrservice")) {
899 HILOGE("GetLruIdleSystemAbilityProcInner invalid caller process, only support for memmgrservice");
900 return ERR_PERMISSION_DENIED;
901 }
902 HILOGI("GetLruIdleSystemAbilityProcInner called");
903 std::vector<IdleProcessInfo> infos;
904 int32_t result = GetLruIdleSystemAbilityProc(infos);
905 bool ret = reply.WriteInt32(result);
906 if (!ret) {
907 HILOGE("GetLruIdleSystemAbilityProcInner write reply failed!");
908 return ERR_FLATTEN_OBJECT;
909 }
910 if (result != ERR_OK) {
911 HILOGE("GetLruIdleSystemAbilityProc result is %{public}d", result);
912 return result;
913 }
914 size_t size = infos.size();
915 ret = reply.WriteInt32(size);
916 if (!ret) {
917 HILOGE("GetLruIdleSystemAbilityProcInner write size failed!");
918 return ERR_FLATTEN_OBJECT;
919 }
920 for (auto& systemAbilityProcInfo : infos) {
921 ret = reply.WriteInt32(systemAbilityProcInfo.pid);
922 if (!ret) {
923 HILOGE("GetLruIdleSystemAbilityProcInner write pid failed!");
924 return ERR_FLATTEN_OBJECT;
925 }
926 ret = reply.WriteString16(systemAbilityProcInfo.processName);
927 if (!ret) {
928 HILOGE("GetLruIdleSystemAbilityProcInner write processName failed!");
929 return ERR_FLATTEN_OBJECT;
930 }
931 ret = reply.WriteInt64(systemAbilityProcInfo.lastIdleTime);
932 if (!ret) {
933 HILOGE("GetLruIdleSystemAbilityProcInner write lastIdleTime failed!");
934 return ERR_FLATTEN_OBJECT;
935 }
936 }
937 return ERR_OK;
938 }
939
GetSystemProcessInfoInner(MessageParcel & data,MessageParcel & reply)940 int32_t SystemAbilityManagerStub::GetSystemProcessInfoInner(MessageParcel& data, MessageParcel& reply)
941 {
942 HILOGI("GetSystemProcessInfoInner called");
943 if (!CanRequest()) {
944 HILOGE("GetSystemProcessInfoInner PERMISSION DENIED!");
945 return ERR_PERMISSION_DENIED;
946 }
947 int32_t systemAbilityId = -1;
948 bool ret = data.ReadInt32(systemAbilityId);
949 if (!ret) {
950 return ERR_NULL_OBJECT;
951 }
952 if (!CheckInputSysAbilityId(systemAbilityId)) {
953 HILOGW("GetSystemProcessInfoInner read SAId failed!");
954 return ERR_NULL_OBJECT;
955 }
956 SystemProcessInfo processInfo;
957 int32_t result = GetSystemProcessInfo(systemAbilityId, processInfo);
958 ret = reply.WriteInt32(result);
959 if (!ret) {
960 HILOGW("GetSystemProcessInfoInner write reply failed.");
961 return ERR_FLATTEN_OBJECT;
962 }
963 if (result != ERR_OK) {
964 return ERR_OK;
965 }
966
967 ret = reply.WriteString(processInfo.processName);
968 if (!ret) {
969 HILOGW("GetSystemProcessInfoInner write procName failed.");
970 return ERR_FLATTEN_OBJECT;
971 }
972 ret = reply.WriteInt32(processInfo.pid);
973 if (!ret) {
974 HILOGW("GetSystemProcessInfoInner write pid failed.");
975 return ERR_FLATTEN_OBJECT;
976 }
977 ret = reply.WriteInt32(processInfo.uid);
978 if (!ret) {
979 HILOGW("GetSystemProcessInfoInner write uid failed.");
980 return ERR_FLATTEN_OBJECT;
981 }
982 return ERR_OK;
983 }
984
GetRunningSystemProcessInner(MessageParcel & data,MessageParcel & reply)985 int32_t SystemAbilityManagerStub::GetRunningSystemProcessInner(MessageParcel& data, MessageParcel& reply)
986 {
987 HILOGI("GetRunningSystemProcessInner called");
988 if (!CanRequest()) {
989 HILOGE("GetRunningSystemProcessInner PERMISSION DENIED!");
990 return ERR_PERMISSION_DENIED;
991 }
992 std::list<SystemProcessInfo> systemProcessInfos;
993 int32_t result = GetRunningSystemProcess(systemProcessInfos);
994 bool ret = reply.WriteInt32(result);
995 if (!ret) {
996 HILOGW("GetRunningSystemProcessInner write reply failed.");
997 return ERR_FLATTEN_OBJECT;
998 }
999 if (result != ERR_OK) {
1000 return ERR_OK;
1001 }
1002
1003 size_t size = systemProcessInfos.size();
1004 ret = reply.WriteInt32(size);
1005 if (!ret) {
1006 HILOGW("GetRunningSystemProcessInner write ProcInfos size failed.");
1007 return ERR_FLATTEN_OBJECT;
1008 }
1009 for (auto& systemProcessInfo : systemProcessInfos) {
1010 ret = reply.WriteString(systemProcessInfo.processName);
1011 if (!ret) {
1012 HILOGW("GetRunningSystemProcessInner write procName failed.");
1013 return ERR_FLATTEN_OBJECT;
1014 }
1015 ret = reply.WriteInt32(systemProcessInfo.pid);
1016 if (!ret) {
1017 HILOGW("GetRunningSystemProcessInner write pid failed.");
1018 return ERR_FLATTEN_OBJECT;
1019 }
1020 ret = reply.WriteInt32(systemProcessInfo.uid);
1021 if (!ret) {
1022 HILOGW("GetRunningSystemProcessInner write uid failed.");
1023 return ERR_FLATTEN_OBJECT;
1024 }
1025 }
1026 return ERR_OK;
1027 }
1028
SubscribeSystemProcessInner(MessageParcel & data,MessageParcel & reply)1029 int32_t SystemAbilityManagerStub::SubscribeSystemProcessInner(MessageParcel& data, MessageParcel& reply)
1030 {
1031 if (!CanRequest()) {
1032 HILOGE("SubscribeSystemProcessInner PERMISSION DENIED!");
1033 return ERR_PERMISSION_DENIED;
1034 }
1035 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
1036 if (remoteObject == nullptr) {
1037 HILOGW("SubscribeSystemProcessInner read listener failed!");
1038 return ERR_NULL_OBJECT;
1039 }
1040 sptr<ISystemProcessStatusChange> listener = iface_cast<ISystemProcessStatusChange>(remoteObject);
1041 if (listener == nullptr) {
1042 HILOGW("SubscribeSystemProcessInner iface_cast failed!");
1043 return ERR_NULL_OBJECT;
1044 }
1045 int32_t result = SubscribeSystemProcess(listener);
1046 HILOGD("SubscribeSystemProcess result is %{public}d", result);
1047 bool ret = reply.WriteInt32(result);
1048 if (!ret) {
1049 HILOGW("SubscribeSystemProcessInner write reply failed.");
1050 return ERR_FLATTEN_OBJECT;
1051 }
1052 return result;
1053 }
1054
UnSubscribeSystemProcessInner(MessageParcel & data,MessageParcel & reply)1055 int32_t SystemAbilityManagerStub::UnSubscribeSystemProcessInner(MessageParcel& data, MessageParcel& reply)
1056 {
1057 if (!CanRequest()) {
1058 HILOGE("UnSubscribeSystemProcessInner PERMISSION DENIED!");
1059 return ERR_PERMISSION_DENIED;
1060 }
1061 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
1062 if (remoteObject == nullptr) {
1063 HILOGW("UnSubscribeSystemProcessInner read listener failed!");
1064 return ERR_NULL_OBJECT;
1065 }
1066 sptr<ISystemProcessStatusChange> listener = iface_cast<ISystemProcessStatusChange>(remoteObject);
1067 if (listener == nullptr) {
1068 HILOGW("UnSubscribeSystemProcessInner iface_cast failed!");
1069 return ERR_NULL_OBJECT;
1070 }
1071 int32_t result = UnSubscribeSystemProcess(listener);
1072 HILOGD("UnSubscribeSystemProcessInner result is %{public}d", result);
1073 bool ret = reply.WriteInt32(result);
1074 if (!ret) {
1075 HILOGW("UnSubscribeSystemProcessInner write reply failed.");
1076 return ERR_FLATTEN_OBJECT;
1077 }
1078 return result;
1079 }
1080
CancelUnloadSystemAbilityInner(MessageParcel & data,MessageParcel & reply)1081 int32_t SystemAbilityManagerStub::CancelUnloadSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
1082 {
1083 int32_t systemAbilityId = -1;
1084 bool ret = data.ReadInt32(systemAbilityId);
1085 if (!ret) {
1086 return ERR_INVALID_VALUE;
1087 }
1088 if (!CheckInputSysAbilityId(systemAbilityId)) {
1089 HILOGW("CancelUnloadSystemAbilityInner SAId invalid");
1090 return ERR_INVALID_VALUE;
1091 }
1092 int32_t result = CancelUnloadSystemAbility(systemAbilityId);
1093 HILOGD("CancelUnloadSystemAbilityInner result is %{public}d", result);
1094 ret = reply.WriteInt32(result);
1095 if (!ret) {
1096 HILOGW("CancelUnloadSystemAbilityInner write reply failed.");
1097 return ERR_FLATTEN_OBJECT;
1098 }
1099 return result;
1100 }
1101
GetOnDemandReasonExtraDataInner(MessageParcel & data,MessageParcel & reply)1102 int32_t SystemAbilityManagerStub::GetOnDemandReasonExtraDataInner(MessageParcel& data, MessageParcel& reply)
1103 {
1104 if (!CanRequest()) {
1105 HILOGE("GetOnDemandReasonExtraData PERMISSION DENIED!");
1106 return ERR_PERMISSION_DENIED;
1107 }
1108 int64_t extraDataId = -1;
1109 if (!data.ReadInt64(extraDataId)) {
1110 HILOGW("GetOnDemandReasonExtraData read extraDataId failed.");
1111 return ERR_FLATTEN_OBJECT;
1112 }
1113 MessageParcel extraDataParcel;
1114 int32_t result = GetOnDemandReasonExtraData(extraDataId, extraDataParcel);
1115 HILOGD("GetOnDemandReasonExtraData result is %{public}d", result);
1116 if (!reply.WriteInt32(result)) {
1117 HILOGW("GetOnDemandReasonExtraData write reply failed.");
1118 return ERR_FLATTEN_OBJECT;
1119 }
1120 sptr<OnDemandReasonExtraData> extraData;
1121 extraData = extraDataParcel.ReadParcelable<OnDemandReasonExtraData>();
1122 if (extraData == nullptr) {
1123 HILOGW("GetOnDemandReasonExtraData read extraData failed.");
1124 return ERR_FLATTEN_OBJECT;
1125 }
1126 if (!reply.WriteParcelable(extraData)) {
1127 HILOGW("GetOnDemandReasonExtraData write extraData failed.");
1128 return ERR_FLATTEN_OBJECT;
1129 }
1130 return ERR_OK;
1131 }
1132
GetOnDemandPolicyInner(MessageParcel & data,MessageParcel & reply)1133 int32_t SystemAbilityManagerStub::GetOnDemandPolicyInner(MessageParcel& data, MessageParcel& reply)
1134 {
1135 if (!CanRequest()) {
1136 HILOGE("GetOnDemandPolicyInner PERMISSION DENIED!");
1137 return ERR_PERMISSION_DENIED;
1138 }
1139 int32_t systemAbilityId = -1;
1140 if (!data.ReadInt32(systemAbilityId)) {
1141 HILOGW("GetOnDemandPolicyInner read saId failed.");
1142 return ERR_FLATTEN_OBJECT;
1143 }
1144 int32_t type = 0;
1145 if (!data.ReadInt32(type)) {
1146 HILOGW("GetOnDemandPolicyInner read type failed.");
1147 return ERR_FLATTEN_OBJECT;
1148 }
1149 OnDemandPolicyType typeEnum = static_cast<OnDemandPolicyType>(type);
1150 std::vector<SystemAbilityOnDemandEvent> abilityOnDemandEvents;
1151 int32_t result = GetOnDemandPolicy(systemAbilityId, typeEnum, abilityOnDemandEvents);
1152 if (!reply.WriteInt32(result)) {
1153 HILOGW("GetOnDemandPolicyInner write result failed.");
1154 return ERR_FLATTEN_OBJECT;
1155 }
1156 if (!OnDemandEventToParcel::WriteOnDemandEventsToParcel(abilityOnDemandEvents, reply)) {
1157 HILOGW("GetOnDemandPolicyInner write on demand event failed.");
1158 return ERR_FLATTEN_OBJECT;
1159 }
1160 return ERR_OK;
1161 }
1162
UpdateOnDemandPolicyInner(MessageParcel & data,MessageParcel & reply)1163 int32_t SystemAbilityManagerStub::UpdateOnDemandPolicyInner(MessageParcel& data, MessageParcel& reply)
1164 {
1165 if (!CanRequest()) {
1166 HILOGE("UpdateOnDemandPolicyInner PERMISSION DENIED!");
1167 return ERR_PERMISSION_DENIED;
1168 }
1169 int32_t systemAbilityId = -1;
1170 if (!data.ReadInt32(systemAbilityId)) {
1171 HILOGW("UpdateOnDemandPolicyInner read saId failed.");
1172 return ERR_FLATTEN_OBJECT;
1173 }
1174 int32_t type = 0;
1175 if (!data.ReadInt32(type)) {
1176 HILOGW("GetOnDemandPolicyInner read type failed.");
1177 return ERR_FLATTEN_OBJECT;
1178 }
1179 OnDemandPolicyType typeEnum = static_cast<OnDemandPolicyType>(type);
1180 std::vector<SystemAbilityOnDemandEvent> abilityOnDemandEvents;
1181 if (!OnDemandEventToParcel::ReadOnDemandEventsFromParcel(abilityOnDemandEvents, data)) {
1182 HILOGW("UpdateOnDemandPolicyInner read on demand event failed.");
1183 return ERR_FLATTEN_OBJECT;
1184 }
1185 int32_t result = UpdateOnDemandPolicy(systemAbilityId, typeEnum, abilityOnDemandEvents);
1186 if (!reply.WriteInt32(result)) {
1187 HILOGW("UpdateOnDemandPolicyInner write result failed.");
1188 return ERR_FLATTEN_OBJECT;
1189 }
1190 return ERR_OK;
1191 }
1192
SendStrategyInner(MessageParcel & data,MessageParcel & reply)1193 int32_t SystemAbilityManagerStub::SendStrategyInner(MessageParcel& data, MessageParcel& reply)
1194 {
1195 if (!CanRequest()) {
1196 HILOGE("SendStrategy PERMISSION DENIED!");
1197 return ERR_PERMISSION_DENIED;
1198 }
1199 int32_t type = 0;
1200 if (!data.ReadInt32(type)) {
1201 HILOGW("SendStrategy read type failed.");
1202 return ERR_FLATTEN_OBJECT;
1203 }
1204 std::vector<int32_t> systemAbilityIds;
1205 if (!data.ReadInt32Vector(&systemAbilityIds)) {
1206 HILOGW("SendStrategy read saId failed.");
1207 return ERR_FLATTEN_OBJECT;
1208 }
1209 int32_t level = -1;
1210 if (!data.ReadInt32(level)) {
1211 HILOGW("SendStrategy read level failed.");
1212 return ERR_FLATTEN_OBJECT;
1213 }
1214 std::string action;
1215 if (!data.ReadString(action)) {
1216 HILOGW("SendStrategy read action failed!");
1217 return ERR_FLATTEN_OBJECT;
1218 }
1219 int32_t result = SendStrategy(type, systemAbilityIds, level, action);
1220 if (!reply.WriteInt32(result)) {
1221 HILOGW("SendStrategy write result failed.");
1222 return ERR_FLATTEN_OBJECT;
1223 }
1224 return ERR_OK;
1225 }
1226
GetOnDemandSystemAbilityIdsInner(MessageParcel & data,MessageParcel & reply)1227 int32_t SystemAbilityManagerStub::GetOnDemandSystemAbilityIdsInner(MessageParcel& data, MessageParcel& reply)
1228 {
1229 std::vector<int32_t> systemAbilityIds;
1230 int32_t result = GetOnDemandSystemAbilityIds(systemAbilityIds);
1231 if (result != ERR_OK) {
1232 HILOGW("GetOnDemandSystemAbilityIds failed, ret:%{public}d", result);
1233 return result;
1234 }
1235 if (!reply.WriteInt32(result)) {
1236 HILOGE("GetOnDemandSystemAbilityIdsInner write result failed.");
1237 return ERR_FLATTEN_OBJECT;
1238 }
1239 if (!reply.WriteInt32Vector(systemAbilityIds)) {
1240 HILOGE("GetOnDemandSystemAbilityIdsInner write result failed.");
1241 return ERR_FLATTEN_OBJECT;
1242 }
1243 return ERR_OK;
1244 }
1245
CanRequest()1246 bool SystemAbilityManagerStub::CanRequest()
1247 {
1248 auto tid = IPCSkeleton::GetCallingTokenID();
1249 AccessToken::ATokenTypeEnum tokenType = AccessToken::AccessTokenKit::GetTokenTypeFlag(tid);
1250 if (tokenType != AccessToken::ATokenTypeEnum::TOKEN_NATIVE) {
1251 KHILOGE("CanRequest callingTkid:%{public}u, tokenType:%{public}d", tid, tokenType);
1252 return false;
1253 }
1254 return true;
1255 }
1256
CheckPermission(const std::string & permission)1257 bool SystemAbilityManagerStub::CheckPermission(const std::string& permission)
1258 {
1259 uint32_t accessToken = IPCSkeleton::GetCallingTokenID();
1260 int32_t ret = Security::AccessToken::AccessTokenKit::VerifyAccessToken(accessToken, permission);
1261 return (ret == Security::AccessToken::PermissionState::PERMISSION_GRANTED);
1262 }
1263
GetExtensionSaIdsInner(MessageParcel & data,MessageParcel & reply)1264 int32_t SystemAbilityManagerStub::GetExtensionSaIdsInner(MessageParcel& data, MessageParcel& reply)
1265 {
1266 if (!CanRequest()) {
1267 HILOGE("%{public}s PERMISSION DENIED!", __func__);
1268 return ERR_PERMISSION_DENIED;
1269 }
1270 std::string extension;
1271 if (!data.ReadString(extension)) {
1272 HILOGW("%{public}s read extension failed!", __func__);
1273 return ERR_FLATTEN_OBJECT;
1274 }
1275
1276 std::vector<int32_t> saIds;
1277 int32_t result = GetExtensionSaIds(extension, saIds);
1278 if (result != ERR_OK) {
1279 HILOGW("GetExtensionSaIds failed, ret:%{public}d", result);
1280 return result;
1281 }
1282 if (!reply.WriteInt32(result)) {
1283 HILOGW("%{public}s write reply failed.", __func__);
1284 return ERR_FLATTEN_OBJECT;
1285 }
1286 if (!reply.WriteInt32Vector(saIds)) {
1287 HILOGW("%{public}s write saids reply failed.", __func__);
1288 return ERR_FLATTEN_OBJECT;
1289 }
1290
1291 return ERR_NONE;
1292 }
1293
GetExtensionRunningSaListInner(MessageParcel & data,MessageParcel & reply)1294 int32_t SystemAbilityManagerStub::GetExtensionRunningSaListInner(MessageParcel& data, MessageParcel& reply)
1295 {
1296 if (!CanRequest()) {
1297 HILOGE("%{public}s PERMISSION DENIED!", __func__);
1298 return ERR_PERMISSION_DENIED;
1299 }
1300 std::string extension;
1301 if (!data.ReadString(extension)) {
1302 HILOGW("%{public}s read extension failed!", __func__);
1303 return ERR_FLATTEN_OBJECT;
1304 }
1305
1306 std::vector<sptr<IRemoteObject>> saList;
1307 int32_t result = GetExtensionRunningSaList(extension, saList);
1308 if (result != ERR_OK) {
1309 HILOGW("GetExtensionRunningSaList failed, ret:%{public}d", result);
1310 return result;
1311 }
1312 if (!reply.WriteInt32(result)) {
1313 HILOGW("%{public}s write reply failed.", __func__);
1314 return ERR_FLATTEN_OBJECT;
1315 }
1316 if (!reply.WriteInt32(saList.size())) {
1317 HILOGW("%{public}s write saHandle size failed.", __func__);
1318 return ERR_FLATTEN_OBJECT;
1319 }
1320 for (auto& remoteObject : saList) {
1321 if (!reply.WriteRemoteObject(remoteObject)) {
1322 HILOGW("%{public}s write remote obj failed.", __func__);
1323 return ERR_FLATTEN_OBJECT;
1324 }
1325 }
1326
1327 return ERR_NONE;
1328 }
1329
GetRunningSaExtensionInfoListInner(MessageParcel & data,MessageParcel & reply)1330 int32_t SystemAbilityManagerStub::GetRunningSaExtensionInfoListInner(MessageParcel& data, MessageParcel& reply)
1331 {
1332 if (!CheckPermission(EXT_TRANSACTION_PERMISSION)) {
1333 HILOGE("get SaExtInfoList CheckPermission fail!");
1334 return ERR_PERMISSION_DENIED;
1335 }
1336 std::string extension;
1337 if (!data.ReadString(extension)) {
1338 HILOGE("get SaExtInfoList read extension failed!");
1339 return ERR_FLATTEN_OBJECT;
1340 }
1341
1342 std::vector<SaExtensionInfo> infoList;
1343 int32_t result = GetRunningSaExtensionInfoList(extension, infoList);
1344 if (!reply.WriteInt32(result)) {
1345 HILOGE("get SaExtInfoList write ret failed.");
1346 return ERR_FLATTEN_OBJECT;
1347 }
1348 if (result != ERR_OK) {
1349 HILOGE("get SaExtInfoList failed,ret:%{public}d", result);
1350 return result;
1351 }
1352 if (!reply.WriteInt32(infoList.size())) {
1353 HILOGE("get SaExtInfoList write size failed.");
1354 return ERR_FLATTEN_OBJECT;
1355 }
1356 for (auto& tmp : infoList) {
1357 if (!reply.WriteInt32(tmp.saId)) {
1358 HILOGE("get SaExtInfoList write said failed.");
1359 return ERR_FLATTEN_OBJECT;
1360 }
1361 if (!reply.WriteRemoteObject(tmp.processObj)) {
1362 HILOGE("get SaExtInfoList write obj failed.");
1363 return ERR_FLATTEN_OBJECT;
1364 }
1365 }
1366 return ERR_NONE;
1367 }
1368
GetCommonEventExtraDataIdlistInner(MessageParcel & data,MessageParcel & reply)1369 int32_t SystemAbilityManagerStub::GetCommonEventExtraDataIdlistInner(MessageParcel& data, MessageParcel& reply)
1370 {
1371 if (!CanRequest()) {
1372 HILOGE("getExtraIdList PERMISSION DENIED!");
1373 return ERR_PERMISSION_DENIED;
1374 }
1375 int32_t saId = -1;
1376 if (!data.ReadInt32(saId)) {
1377 HILOGE("getExtraIdList read said fail!");
1378 return ERR_NULL_OBJECT;
1379 }
1380 if (!CheckInputSysAbilityId(saId)) {
1381 HILOGW("getExtraIdList check SAId failed!");
1382 return ERR_NULL_OBJECT;
1383 }
1384 std::string eventName;
1385 if (!data.ReadString(eventName)) {
1386 HILOGW("getExtraIdList read eventName failed!");
1387 return ERR_FLATTEN_OBJECT;
1388 }
1389
1390 std::vector<int64_t> extraDataIdList;
1391 int32_t result = GetCommonEventExtraDataIdlist(saId, extraDataIdList, eventName);
1392 if (!reply.WriteInt32(result)) {
1393 HILOGW("getExtraIdList write result failed.");
1394 return ERR_FLATTEN_OBJECT;
1395 }
1396 if (result != ERR_OK) {
1397 HILOGE("getExtraIdList failed,ret:%{public}d", result);
1398 return result;
1399 }
1400 if (!reply.WriteInt64Vector(extraDataIdList)) {
1401 HILOGW("getExtraIdList write idlist failed.");
1402 return ERR_FLATTEN_OBJECT;
1403 }
1404 return ERR_NONE;
1405 }
1406
GetLocalAbilityManagerProxyInner(MessageParcel & data,MessageParcel & reply)1407 int32_t SystemAbilityManagerStub::GetLocalAbilityManagerProxyInner(MessageParcel& data, MessageParcel& reply)
1408 {
1409 if (!CheckPermission(PERMISSION_SVC)) {
1410 HILOGE("GetLocalSystemAbilityProxyInner permission denied! CallSid:%{public}s",
1411 OHOS::IPCSkeleton::GetCallingSid().c_str());
1412 return ERR_PERMISSION_DENIED;
1413 }
1414
1415 int32_t systemAbilityId = -1;
1416 bool ret = data.ReadInt32(systemAbilityId);
1417 if (!ret || !CheckInputSysAbilityId(systemAbilityId)) {
1418 HILOGE("GetLocalSystemAbilityProxyInner get SAId failed.");
1419 return ERR_NULL_OBJECT;
1420 }
1421
1422 sptr<IRemoteObject> remoteObject = GetLocalAbilityManagerProxy(systemAbilityId);
1423 if (remoteObject == nullptr) {
1424 HILOGE("GetLocalSystemAbilityProxyInner SA:%{public}d GetLocalSystemAbilityProxy failed.", systemAbilityId);
1425 return ERR_NULL_OBJECT;
1426 }
1427 ret = reply.WriteRemoteObject(remoteObject);
1428 if (!ret) {
1429 HILOGE("GetLocalSystemAbilityProxyInner SA:%{public}d write reply failed.", systemAbilityId);
1430 return ERR_FLATTEN_OBJECT;
1431 }
1432 return ERR_NONE;
1433 }
1434 } // namespace OHOS
1435