1 /*
2 * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "sec_comp_enhance_adapter.h"
16
17 #include <dlfcn.h>
18 #include <sys/types.h>
19
20 #include "ipc_skeleton.h"
21 #include "parcel.h"
22 #include "sec_comp_err.h"
23 #include "sec_comp_log.h"
24 #include "securec.h"
25
26 namespace OHOS {
27 namespace Security {
28 namespace SecurityComponent {
29 namespace {
30 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
31 LOG_CORE, SECURITY_DOMAIN_SECURITY_COMPONENT, "SecCompEnhanceAdapter"};
32
33 static const std::string ENHANCE_INPUT_INTERFACE_LIB = "libsecurity_component_client_enhance.z.so";
34 static const std::string ENHANCE_SRV_INTERFACE_LIB = "libsecurity_component_service_enhance.z.so";
35 static const std::string ENHANCE_CLIENT_INTERFACE_LIB = "libsecurity_component_client_enhance.z.so";
36 }
37
38 SecCompInputEnhanceInterface* SecCompEnhanceAdapter::inputHandler = nullptr;
39 bool SecCompEnhanceAdapter::isEnhanceInputHandlerInit = false;
40
41 SecCompSrvEnhanceInterface* SecCompEnhanceAdapter::srvHandler = nullptr;
42 bool SecCompEnhanceAdapter::isEnhanceSrvHandlerInit = false;
43
44 SecCompClientEnhanceInterface* SecCompEnhanceAdapter::clientHandler = nullptr;
45 bool SecCompEnhanceAdapter::isEnhanceClientHandlerInit = false;
46
47 std::mutex SecCompEnhanceAdapter::initMtx;
48
InitEnhanceHandler(EnhanceInterfaceType type)49 void SecCompEnhanceAdapter::InitEnhanceHandler(EnhanceInterfaceType type)
50 {
51 std::unique_lock<std::mutex> lck(initMtx);
52 std::string libPath = "";
53 switch (type) {
54 case SEC_COMP_ENHANCE_INPUT_INTERFACE:
55 libPath = ENHANCE_INPUT_INTERFACE_LIB;
56 isEnhanceInputHandlerInit = true;
57 break;
58 case SEC_COMP_ENHANCE_SRV_INTERFACE:
59 libPath = ENHANCE_SRV_INTERFACE_LIB;
60 isEnhanceSrvHandlerInit = true;
61 break;
62 case SEC_COMP_ENHANCE_CLIENT_INTERFACE:
63 libPath = ENHANCE_CLIENT_INTERFACE_LIB;
64 isEnhanceClientHandlerInit = true;
65 break;
66 default:
67 break;
68 }
69
70 void* handler = dlopen(libPath.c_str(), RTLD_LAZY);
71 if (handler == nullptr) {
72 SC_LOG_ERROR(LABEL, "init enhance lib %{public}s failed, error %{public}s", libPath.c_str(), dlerror());
73 return;
74 }
75 if (type == SEC_COMP_ENHANCE_CLIENT_INTERFACE) {
76 EnhanceInterface getClientInstance = reinterpret_cast<EnhanceInterface>(dlsym(handler, "GetClientInstance"));
77 if (getClientInstance == nullptr) {
78 SC_LOG_ERROR(LABEL, "GetClientInstance failed.");
79 return;
80 }
81 SecCompClientEnhanceInterface* instance = getClientInstance();
82 if (instance != nullptr) {
83 SC_LOG_DEBUG(LABEL, "Dlopen client enhance successful.");
84 clientHandler = instance;
85 }
86 }
87 }
88
SetEnhanceCfg(uint8_t * cfg,uint32_t cfgLen)89 int32_t SecCompEnhanceAdapter::SetEnhanceCfg(uint8_t* cfg, uint32_t cfgLen)
90 {
91 if (!isEnhanceInputHandlerInit) {
92 InitEnhanceHandler(SEC_COMP_ENHANCE_INPUT_INTERFACE);
93 }
94 if (inputHandler != nullptr) {
95 return inputHandler->SetEnhanceCfg(cfg, cfgLen);
96 }
97 return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
98 }
99
GetPointerEventEnhanceData(void * data,uint32_t dataLen,uint8_t * enhanceData,uint32_t & enHancedataLen)100 int32_t SecCompEnhanceAdapter::GetPointerEventEnhanceData(void* data, uint32_t dataLen,
101 uint8_t* enhanceData, uint32_t& enHancedataLen)
102 {
103 if (!isEnhanceInputHandlerInit) {
104 InitEnhanceHandler(SEC_COMP_ENHANCE_INPUT_INTERFACE);
105 }
106 if (inputHandler != nullptr) {
107 return inputHandler->GetPointerEventEnhanceData(data, dataLen, enhanceData, enHancedataLen);
108 }
109 return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
110 }
111
CheckExtraInfo(const SecCompClickEvent & clickInfo)112 int32_t SecCompEnhanceAdapter::CheckExtraInfo(const SecCompClickEvent& clickInfo)
113 {
114 if (!isEnhanceSrvHandlerInit) {
115 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
116 }
117 if (srvHandler != nullptr) {
118 if (clickInfo.extraInfo.dataSize == 0 || clickInfo.extraInfo.data == nullptr) {
119 SC_LOG_ERROR(LABEL, "HMAC info is invalid");
120 return SC_SERVICE_ERROR_CLICK_EVENT_INVALID;
121 }
122 return srvHandler->CheckExtraInfo(clickInfo);
123 }
124 return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
125 }
126
AddSecurityComponentProcess(int32_t pid)127 void SecCompEnhanceAdapter::AddSecurityComponentProcess(int32_t pid)
128 {
129 if (!isEnhanceSrvHandlerInit) {
130 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
131 }
132 if (srvHandler != nullptr) {
133 srvHandler->AddSecurityComponentProcess(pid);
134 }
135 }
136
EnhanceDataPreprocess(std::string & componentInfo)137 __attribute__((noinline)) bool SecCompEnhanceAdapter::EnhanceDataPreprocess(std::string& componentInfo)
138 {
139 if (!isEnhanceClientHandlerInit) {
140 InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
141 }
142
143 uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
144 if (clientHandler != nullptr) {
145 return clientHandler->EnhanceDataPreprocess(enhanceCallerAddr, componentInfo);
146 }
147 return true;
148 }
149
EnhanceDataPreprocess(int32_t scId,std::string & componentInfo)150 __attribute__((noinline)) bool SecCompEnhanceAdapter::EnhanceDataPreprocess(
151 int32_t scId, std::string& componentInfo)
152 {
153 if (!isEnhanceClientHandlerInit) {
154 InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
155 }
156
157 uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
158 if (clientHandler != nullptr) {
159 return clientHandler->EnhanceDataPreprocess(enhanceCallerAddr, scId, componentInfo);
160 }
161 return true;
162 }
163
WriteMessageParcel(MessageParcel & tmpData,SecCompRawdata & data)164 static bool WriteMessageParcel(MessageParcel& tmpData, SecCompRawdata& data)
165 {
166 size_t bufferLength = tmpData.GetDataSize();
167 if (bufferLength == 0) {
168 SC_LOG_INFO(LABEL, "TmpData is empty.");
169 return true;
170 }
171
172 char* buffer = reinterpret_cast<char *>(tmpData.GetData());
173 if (buffer == nullptr) {
174 SC_LOG_ERROR(LABEL, "Get tmpData data failed.");
175 return false;
176 }
177
178 data.size = bufferLength;
179 int32_t ret = data.RawDataCpy(reinterpret_cast<void *>(buffer));
180 if (ret != SC_OK) {
181 SC_LOG_ERROR(LABEL, "Copy tmpData to rawdata failed.");
182 return false;
183 }
184 return true;
185 }
186
ReadMessageParcel(SecCompRawdata & tmpData,MessageParcel & data)187 static bool ReadMessageParcel(SecCompRawdata& tmpData, MessageParcel& data)
188 {
189 uint32_t size = tmpData.size;
190
191 const void *iter = tmpData.data;
192 if (iter == nullptr) {
193 SC_LOG_ERROR(LABEL, "Read const void failed.");
194 return false;
195 }
196 char* ptr = reinterpret_cast<char *>(const_cast<void *>(iter));
197
198 if (!data.WriteBuffer(reinterpret_cast<void *>(ptr), size)) {
199 SC_LOG_ERROR(LABEL, "Write rawData failed.");
200 return false;
201 }
202 return true;
203 }
204
EnhanceClientSerialize(MessageParcel & input,SecCompRawdata & output)205 __attribute__((noinline)) bool SecCompEnhanceAdapter::EnhanceClientSerialize(
206 MessageParcel& input, SecCompRawdata& output)
207 {
208 if (!isEnhanceClientHandlerInit) {
209 InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
210 }
211
212 uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
213 if (clientHandler != nullptr) {
214 return clientHandler->EnhanceClientSerialize(enhanceCallerAddr, input, output);
215 }
216
217 return WriteMessageParcel(input, output);
218 }
219
EnhanceClientDeserialize(SecCompRawdata & input,MessageParcel & output)220 __attribute__((noinline)) bool SecCompEnhanceAdapter::EnhanceClientDeserialize(
221 SecCompRawdata& input, MessageParcel& output)
222 {
223 if (!isEnhanceClientHandlerInit) {
224 InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
225 }
226
227 uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
228 if (clientHandler != nullptr) {
229 return clientHandler->EnhanceClientDeserialize(enhanceCallerAddr, input, output);
230 }
231
232 return ReadMessageParcel(input, output);
233 }
234
EnhanceSrvSerialize(MessageParcel & input,SecCompRawdata & output)235 bool SecCompEnhanceAdapter::EnhanceSrvSerialize(MessageParcel& input, SecCompRawdata& output)
236 {
237 if (!isEnhanceSrvHandlerInit) {
238 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
239 }
240 if (srvHandler != nullptr) {
241 return srvHandler->EnhanceSrvSerialize(input, output);
242 }
243
244 return WriteMessageParcel(input, output);
245 }
246
EnhanceSrvDeserialize(SecCompRawdata & input,MessageParcel & output)247 bool SecCompEnhanceAdapter::EnhanceSrvDeserialize(SecCompRawdata& input, MessageParcel& output)
248 {
249 if (!isEnhanceSrvHandlerInit) {
250 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
251 }
252 if (srvHandler != nullptr) {
253 return srvHandler->EnhanceSrvDeserialize(input, output);
254 }
255
256 return ReadMessageParcel(input, output);
257 }
258
RegisterScIdEnhance(int32_t scId)259 __attribute__((noinline)) void SecCompEnhanceAdapter::RegisterScIdEnhance(int32_t scId)
260 {
261 if (!isEnhanceClientHandlerInit) {
262 InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
263 }
264
265 uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
266 if (clientHandler != nullptr) {
267 clientHandler->RegisterScIdEnhance(enhanceCallerAddr, scId);
268 }
269 }
270
UnregisterScIdEnhance(int32_t scId)271 __attribute__((noinline)) void SecCompEnhanceAdapter::UnregisterScIdEnhance(int32_t scId)
272 {
273 if (!isEnhanceClientHandlerInit) {
274 InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
275 }
276
277 uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
278 if (clientHandler != nullptr) {
279 clientHandler->UnregisterScIdEnhance(enhanceCallerAddr, scId);
280 }
281 }
282
EnableInputEnhance()283 int32_t SecCompEnhanceAdapter::EnableInputEnhance()
284 {
285 if (!isEnhanceSrvHandlerInit) {
286 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
287 }
288 if (srvHandler != nullptr) {
289 return srvHandler->EnableInputEnhance();
290 }
291 return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
292 }
293
DisableInputEnhance()294 int32_t SecCompEnhanceAdapter::DisableInputEnhance()
295 {
296 if (!isEnhanceSrvHandlerInit) {
297 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
298 }
299 if (srvHandler != nullptr) {
300 return srvHandler->DisableInputEnhance();
301 }
302 return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
303 }
304
StartEnhanceService()305 void SecCompEnhanceAdapter::StartEnhanceService()
306 {
307 if (!isEnhanceSrvHandlerInit) {
308 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
309 }
310 if (srvHandler != nullptr) {
311 srvHandler->StartEnhanceService();
312 }
313 }
314
ExitEnhanceService()315 void SecCompEnhanceAdapter::ExitEnhanceService()
316 {
317 if (!isEnhanceSrvHandlerInit) {
318 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
319 }
320 if (srvHandler != nullptr) {
321 srvHandler->ExitEnhanceService();
322 }
323 }
324
NotifyProcessDied(int32_t pid)325 void SecCompEnhanceAdapter::NotifyProcessDied(int32_t pid)
326 {
327 if (!isEnhanceSrvHandlerInit) {
328 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
329 }
330 if (srvHandler != nullptr) {
331 srvHandler->NotifyProcessDied(pid);
332 }
333 }
334
CheckComponentInfoEnhance(int32_t pid,std::shared_ptr<SecCompBase> & compInfo,const nlohmann::json & jsonComponent)335 int32_t SecCompEnhanceAdapter::CheckComponentInfoEnhance(int32_t pid,
336 std::shared_ptr<SecCompBase>& compInfo, const nlohmann::json& jsonComponent)
337 {
338 if (!isEnhanceSrvHandlerInit) {
339 InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
340 }
341 if (srvHandler != nullptr) {
342 return srvHandler->CheckComponentInfoEnhance(pid, compInfo, jsonComponent);
343 }
344 return SC_OK;
345 }
346 } // namespace SecurityComponent
347 } // namespace Security
348 } // namespace OHOS
349