• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2025 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License"){return 0;}
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #define MLOG_TAG "MediaPermissionCheck"
16 #include <string>
17 
18 #include "dfx_deprecated_perm_usage.h"
19 #include "media_read_permission_check.h"
20 #include "media_file_utils.h"
21 #include "ipc_skeleton.h"
22 #ifdef MEDIALIBRARY_SECURITY_OPEN
23 #include "sec_comp_kit.h"
24 #endif
25 #include "parameters.h"
26 #include "media_app_uri_permission_column.h"
27 
28 namespace OHOS::Media {
29 static const int32_t GRANT_PERMISSION_CALLING_UID = 5523; // foundation调用方
30 static const int32_t ROOT_UID = 0;
31 static const int32_t HDC_SHELL_UID = 2000;
32 static const int32_t SANDBOX_UID = 3076;
33 static int32_t AcrossLocalAccountsPermCheck(const PermissionHeaderReq &data);
34 
ReadCompositePermCheck()35 ReadCompositePermCheck::ReadCompositePermCheck()
36 {
37     auto readPrivilegePermCheck = std::make_shared<ReadPrivilegePermCheck>();
38     AddCheck(readPrivilegePermCheck);
39 
40     auto dbReadPermCheck = std::make_shared<DbReadPermCheck>();
41     AddCheck(dbReadPermCheck);
42 
43     auto grantReadPermCheck = std::make_shared<GrantReadPermCheck>();
44     AddCheck(grantReadPermCheck);
45 
46     auto mediaToolReadPermCheck = std::make_shared<MediaToolReadPermCheck>();
47     AddCheck(mediaToolReadPermCheck);
48 
49     auto deprecatedReadPermCheck = std::make_shared<DeprecatedReadPermCheck>();
50     AddCheck(deprecatedReadPermCheck);
51 }
52 
AddCheck(std::shared_ptr<PermissionCheck> check)53 void ReadCompositePermCheck::AddCheck(std::shared_ptr<PermissionCheck> check)
54 {
55     std::lock_guard<std::mutex> lock(mutex_);
56     readChecks_.push_back(check);
57 }
58 
CheckPermission(uint32_t businessCode,const PermissionHeaderReq & data)59 int32_t ReadCompositePermCheck::CheckPermission(uint32_t businessCode, const PermissionHeaderReq &data)
60 {
61     MEDIA_INFO_LOG("ReadCompositePermCheck enter, API code=%{public}d", businessCode);
62     int32_t err = AcrossLocalAccountsPermCheck(data);
63     if (err != E_SUCCESS) {
64         return E_PERMISSION_DENIED;
65     }
66     if (isCalledBySelfPtr() == E_OK) {
67         MEDIA_INFO_LOG("ReadCompositePermCheck isCalledBySelfPtr check success");
68         return E_SUCCESS;
69     }
70 
71     for (const auto& check : readChecks_) {
72         if (check->CheckPermission(businessCode, data) == E_SUCCESS) {
73             return E_SUCCESS;
74         }
75     }
76     return E_PERMISSION_DENIED;
77 }
78 
CheckPermission(uint32_t businessCode,const PermissionHeaderReq & data)79 int32_t ReadPrivilegePermCheck::CheckPermission(uint32_t businessCode, const PermissionHeaderReq &data)
80 {
81     MEDIA_INFO_LOG("ReadPrivilegePermCheck enter, API code=%{public}d", businessCode);
82     return PermissionUtils::CheckCallerPermission(PERM_READ_IMAGEVIDEO) ? E_SUCCESS : E_PERMISSION_DENIED;
83 }
84 
CheckPermission(uint32_t businessCode,const PermissionHeaderReq & data)85 int32_t DbReadPermCheck::CheckPermission(uint32_t businessCode, const PermissionHeaderReq &data)
86 {
87     MEDIA_INFO_LOG("DbReadPermCheck enter, API code=%{public}d", businessCode);
88     int32_t permissionType = 0;
89     auto ret = GetPermissionType(businessCode, data, permissionType);
90     if (ret != E_SUCCESS) {
91         return ret;
92     }
93     return (AppUriPermissionColumn::PERMISSION_TYPES_ALL.count(permissionType)) ? E_SUCCESS : E_PERMISSION_DENIED;
94 }
95 
CheckPermission(uint32_t businessCode,const PermissionHeaderReq & data)96 int32_t GrantReadPermCheck::CheckPermission(uint32_t businessCode, const PermissionHeaderReq &data)
97 {
98     MEDIA_INFO_LOG("GrantReadPermCheck enter, API code=%{public}d", businessCode);
99     if (PermissionCheck::grantOperationPermissionSet.find(businessCode) ==
100         PermissionCheck::grantOperationPermissionSet.end()) {
101         MEDIA_INFO_LOG("Not grant operation");
102         return E_PERMISSION_DENIED;
103     }
104     if (getCallingUidPtr() == GRANT_PERMISSION_CALLING_UID ||
105         getCallingUidPtr() == ROOT_UID || getCallingUidPtr() == SANDBOX_UID) {
106         MEDIA_INFO_LOG("GrantReadPermCheck callingUid check success");
107         return E_SUCCESS;
108     }
109     MEDIA_INFO_LOG("GrantReadPermCheck callingUid check fail");
110     return E_PERMISSION_DENIED;
111 }
112 
CheckPermission(uint32_t businessCode,const PermissionHeaderReq & data)113 int32_t MediaToolReadPermCheck::CheckPermission(uint32_t businessCode, const PermissionHeaderReq &data)
114 {
115     MEDIA_INFO_LOG("MediaToolReadPermCheck enter, API code=%{public}d", businessCode);
116     if (PermissionCheck::mediaToolOperationPermissionSet.find(businessCode) ==
117         PermissionCheck::mediaToolOperationPermissionSet.end()) {
118         MEDIA_INFO_LOG("Not media tool operation");
119         return E_PERMISSION_DENIED;
120     }
121     if (getCallingUidPtr() != ROOT_UID && getCallingUidPtr() != HDC_SHELL_UID) {
122         MEDIA_ERR_LOG("Mediatool permission check failed: target is not root");
123         return E_PERMISSION_DENIED;
124     }
125     if (!OHOS::system::GetBoolParameter("const.security.developermode.state", true)) {
126         MEDIA_ERR_LOG("Mediatool permission check failed: target is not in developer mode");
127         return E_PERMISSION_DENIED;
128     }
129     return E_SUCCESS;
130 }
131 
CheckPermission(uint32_t businessCode,const PermissionHeaderReq & data)132 int32_t DeprecatedReadPermCheck::CheckPermission(uint32_t businessCode, const PermissionHeaderReq &data)
133 {
134     MEDIA_INFO_LOG("DeprecatedReadPermCheck enter, API code=%{public}d", businessCode);
135     if (PermissionCheck::deprecatedReadPermissionSet.find(businessCode) ==
136         PermissionCheck::deprecatedReadPermissionSet.end()) {
137         MEDIA_INFO_LOG("Unable to use deprecated read permission");
138         return E_PERMISSION_DENIED;
139     }
140     bool ret = PermissionUtils::CheckCallerPermission(PERMISSION_NAME_READ_MEDIA);
141     CHECK_AND_EXECUTE(!ret, DfxDeprecatedPermUsage::Record(businessCode, 0));
142     return ret ? E_SUCCESS : E_PERMISSION_DENIED;
143 }
144 
AcrossLocalAccountsPermCheck(const PermissionHeaderReq & data)145 static int32_t AcrossLocalAccountsPermCheck(const PermissionHeaderReq &data)
146 {
147     int32_t userId = data.getUserId();
148     if (userId == -1) {
149         return E_SUCCESS;
150     }
151     std::vector<std::string> perms;
152     perms.push_back(PERM_INTERACT_ACROSS_LOCAL_ACCOUNTS);
153     return PermissionUtils::CheckCallerPermission(perms) ? E_SUCCESS : E_PERMISSION_DENIED;
154 }
155 
156 } // namespace OHOS::Media
157