1# Copyright (c) 2021-2025 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14import("//build/ohos.gni") 15import("../../access_token.gni") 16 17ohos_prebuilt_etc("access_token.rc") { 18 source = "access_token.cfg" 19 relative_install_dir = "init" 20 subsystem_name = "security" 21 part_name = "access_token" 22} 23 24ohos_prebuilt_etc("permission_definition_config") { 25 source = "permission_definitions.json" 26 part_name = "access_token" 27 subsystem_name = "security" 28 relative_install_dir = "access_token" 29} 30 31if (is_standard_system) { 32 ohos_shared_library("accesstoken_manager_service") { 33 subsystem_name = "security" 34 part_name = "access_token" 35 sanitize = { 36 cfi = true 37 cfi_cross_dso = true 38 debug = false 39 } 40 branch_protector_ret = "pac_ret" 41 if (!use_clang_coverage) { 42 version_script = "accesstoken_manager_service.map" 43 shlib_type = "sa" 44 } 45 46 include_dirs = [ 47 "${access_token_path}/frameworks/accesstoken/include", 48 "${access_token_path}/frameworks/common/include", 49 "${access_token_path}/frameworks/privacy/include", 50 "${access_token_path}/interfaces/innerkits/tokensync/include", 51 "${access_token_path}/interfaces/innerkits/accesstoken/include", 52 "${access_token_path}/interfaces/innerkits/privacy/include", 53 "${access_token_path}/interfaces/innerkits/tokensync/src", 54 "${access_token_path}/services/common/ability_manager/include", 55 "${access_token_path}/services/common/app_manager/include", 56 "${access_token_path}/services/common/json_parse/include", 57 "${access_token_path}/services/common/database/include", 58 "${access_token_path}/services/common/dfx/include", 59 "${access_token_path}/services/common/handler/include", 60 "${access_token_path}/services/common/libraryloader/include", 61 "${access_token_path}/services/common/utils/include", 62 "main/cpp/include/callback", 63 "main/cpp/include/database", 64 "main/cpp/include/dfx", 65 "main/cpp/include/form_manager", 66 "main/cpp/include/permission", 67 "main/cpp/include/seccomp", 68 "main/cpp/include/service", 69 "main/cpp/include/token", 70 ] 71 72 sources = [ 73 "main/cpp/src/callback/accesstoken_callback_proxys.cpp", 74 "main/cpp/src/callback/callback_death_recipients.cpp", 75 "main/cpp/src/callback/callback_manager.cpp", 76 "main/cpp/src/database/access_token_db_operator.cpp", 77 "main/cpp/src/database/data_translator.cpp", 78 "main/cpp/src/database/token_field_const.cpp", 79 "main/cpp/src/form_manager/form_instance.cpp", 80 "main/cpp/src/form_manager/form_manager_access_client.cpp", 81 "main/cpp/src/form_manager/form_manager_access_proxy.cpp", 82 "main/cpp/src/form_manager/form_manager_death_recipient.cpp", 83 "main/cpp/src/form_manager/form_status_change_callback.cpp", 84 "main/cpp/src/permission/accesstoken_id_manager.cpp", 85 "main/cpp/src/permission/accesstoken_info_manager.cpp", 86 "main/cpp/src/permission/hap_token_info_inner.cpp", 87 "main/cpp/src/permission/permission_data_brief.cpp", 88 "main/cpp/src/permission/permission_grant_event.cpp", 89 "main/cpp/src/permission/permission_manager.cpp", 90 "main/cpp/src/permission/short_grant_manager.cpp", 91 "main/cpp/src/permission/temp_permission_observer.cpp", 92 "main/cpp/src/seccomp/sec_comp_monitor.cpp", 93 "main/cpp/src/service/accesstoken_manager_service.cpp", 94 ] 95 96 cflags_cc = [ 97 "-DHILOG_ENABLE", 98 "-fvisibility=hidden", 99 ] 100 configs = [ 101 "${access_token_path}/config:access_token_compile_flags", 102 "${access_token_path}/config:coverage_flags", 103 "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", 104 ] 105 106 if (dlp_permission_enable == true) { 107 cflags_cc += [ "-DSUPPORT_SANDBOX_APP" ] 108 sources += [ "main/cpp/src/permission/dlp_permission_set_manager.cpp" ] 109 } 110 111 if (build_variant == "user") { 112 cflags_cc += [ "-DATM_BUILD_VARIANT_USER_ENABLE" ] 113 } 114 115 deps = [ 116 "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", 117 "${access_token_path}/frameworks/common:accesstoken_common_cxx", 118 "${access_token_path}/frameworks/common:accesstoken_hisysevent", 119 "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", 120 "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", 121 "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", 122 "${access_token_path}/services/accesstokenmanager:access_token.rc", 123 "${access_token_path}/services/accesstokenmanager:permission_definition_config", 124 "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_stub", 125 "${access_token_path}/services/common:accesstoken_service_common", 126 ] 127 128 deps += [ "etc:param_files" ] 129 130 external_deps = [ 131 "c_utils:utils", 132 "hilog:libhilog", 133 "hisysevent:libhisysevent", 134 "init:libbegetutil", 135 "ipc:ipc_single", 136 "relational_store:native_rdb", 137 "safwk:system_ability_fwk", 138 "samgr:samgr_proxy", 139 ] 140 141 if (ohos_indep_compiler_enable) { 142 external_deps += [ "bounds_checking_function:libsec_shared" ] 143 } 144 145 if (eventhandler_enable == true) { 146 cflags_cc += [ "-DEVENTHANDLER_ENABLE" ] 147 external_deps += [ "eventhandler:libeventhandler" ] 148 } 149 150 if (hicollie_enable == true) { 151 external_deps += [ "hicollie:libhicollie" ] 152 cflags_cc += [ "-DHICOLLIE_ENABLE" ] 153 } 154 155 if (token_sync_enable == true) { 156 cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ] 157 158 sources += [ 159 "main/cpp/src/permission/accesstoken_remote_token_manager.cpp", 160 "main/cpp/src/permission/token_modify_notifier.cpp", 161 ] 162 163 include_dirs += 164 [ "${access_token_path}/interfaces/innerkits/tokensync/include" ] 165 166 external_deps += [ "device_manager:devicemanagersdk" ] 167 } 168 169 if (hiviewdfx_hitrace_native_enable == true) { 170 cflags_cc += [ "-DHITRACE_NATIVE_ENABLE" ] 171 172 external_deps += [ "hitrace:hitrace_meter" ] 173 } 174 175 if (access_token_background_task_mgr_continuous_task_enable == true) { 176 cflags_cc += [ "-DBGTASKMGR_CONTINUOUS_TASK_ENABLE" ] 177 include_dirs += [ 178 "${access_token_path}/services/common/background_task_manager/include", 179 ] 180 sources += [ 181 "${access_token_path}/services/common/background_task_manager/src/background_task_manager_access_client.cpp", 182 "${access_token_path}/services/common/background_task_manager/src/background_task_manager_access_proxy.cpp", 183 "${access_token_path}/services/common/background_task_manager/src/background_task_manager_death_recipient.cpp", 184 "${access_token_path}/services/common/background_task_manager/src/continuous_task_callback_info.cpp", 185 "${access_token_path}/services/common/background_task_manager/src/continuous_task_change_callback.cpp", 186 ] 187 } 188 189 if (security_component_enhance_enable == true) { 190 cflags_cc += [ "-DSECURITY_COMPONENT_ENHANCE_ENABLE" ] 191 sources += [ "main/cpp/src/seccomp/sec_comp_enhance_agent.cpp" ] 192 } 193 194 if (light_device_enable) { 195 sources += [ "main/cpp/src/database/rdb_dlopen_manager.cpp" ] 196 cflags_cc += [ "-DDYNAMIC_CLOSE_LIBS" ] 197 deps += [ ":accesstoken_db_loader" ] 198 } else { 199 sources += [ 200 "main/cpp/src/database/access_token_db.cpp", 201 "main/cpp/src/database/access_token_db_util.cpp", 202 "main/cpp/src/database/access_token_open_callback.cpp", 203 ] 204 external_deps += [ "relational_store:native_rdb" ] 205 } 206 } 207} 208 209if (is_standard_system) { 210 config("accesstoken_rdb_config") { 211 visibility = [ ":*" ] 212 include_dirs = [ "include" ] 213 } 214 215 ohos_shared_library("accesstoken_db_loader") { 216 subsystem_name = "security" 217 part_name = "access_token" 218 sanitize = { 219 cfi = true 220 cfi_cross_dso = true 221 debug = false 222 } 223 branch_protector_ret = "pac_ret" 224 225 configs = [ 226 "${access_token_path}/config:access_token_compile_flags", 227 "${access_token_path}/config:coverage_flags", 228 ] 229 public_configs = [ ":accesstoken_rdb_config" ] 230 231 include_dirs = [ 232 "${access_token_path}/frameworks/common/include", 233 "${access_token_path}/interfaces/innerkits/accesstoken/include", 234 "${access_token_path}/services/common/database/include", 235 "main/cpp/include/database", 236 "main/cpp/include/dfx", 237 ] 238 239 sources = [ 240 "${access_token_path}/services/common/database/src/generic_values.cpp", 241 "${access_token_path}/services/common/database/src/variant_value.cpp", 242 "main/cpp/src/database/access_token_db.cpp", 243 "main/cpp/src/database/access_token_db_loader.cpp", 244 "main/cpp/src/database/access_token_db_util.cpp", 245 "main/cpp/src/database/access_token_open_callback.cpp", 246 "main/cpp/src/database/token_field_const.cpp", 247 ] 248 249 cflags_cc = [ "-DHILOG_ENABLE" ] 250 251 deps = [ 252 "${access_token_path}/frameworks/common:accesstoken_common_cxx", 253 "${access_token_path}/frameworks/common:accesstoken_hisysevent", 254 ] 255 256 external_deps = [ 257 "c_utils:utils", 258 "hilog:libhilog", 259 "hisysevent:libhisysevent", 260 "relational_store:native_rdb", 261 ] 262 } 263} 264