1 /*
2 * Copyright (c) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "permission_entry.h"
16
17 #include <securec.h>
18
19 #include "cJSON.h"
20 #include "common_list.h"
21 #include "permission_utils.h"
22 #include "regex.h"
23 #include "softbus_adapter_file.h"
24 #include "softbus_adapter_mem.h"
25 #include "softbus_adapter_thread.h"
26 #include "softbus_def.h"
27 #include "softbus_errcode.h"
28 #include "softbus_json_utils.h"
29 #include "softbus_permission.h"
30 #include "softbus_utils.h"
31
32 #define ENFORCING 1
33
34 #define PERMISSION_JSON_LEN 10000
35 #define TEMP_STR_MAX_LEN 128
36
37 /* permission entry key */
38 #define SESSION_NAME_STR "SESSION_NAME"
39 #define REGEXP_STR "REGEXP"
40 #define DEVID_STR "DEVID"
41 #define SEC_LEVEL_STR "SEC_LEVEL"
42 #define APP_INFO_STR "APP_INFO"
43
44 /* app info key */
45 #define APP_INFO_TYPE_STR "TYPE"
46 #define APP_INFO_PKG_NAME_STR "PKG_NAME"
47 #define APP_INFO_ACTION_STR "ACTIONS"
48 #define APP_INFO_UID_STR "UID"
49
50 /* permission entry regexp value */
51 #define TRUE_STR "true"
52 #define FALSE_STR "false"
53
54 /* permission entry sec level value */
55 #define PUBLIC_STR "public"
56 #define PRIVATE_STR "private"
57
58 /* permission entry devid value */
59 #define UDID_STR "UDID"
60 #define UUID_STR "UUID"
61 #define NETWORK_ID_STR "NETWORKID"
62
63 /* app info type value */
64 #define SYSTEM_APP_STR "system_app"
65 #define NATIVE_APP_STR "native_app"
66 #define SELF_APP_STR "self_app"
67 #define NORMAL_APP_STR "normal_app"
68 #define GRANTED_APP_STR "granted_app"
69
70 /* app info actions value */
71 #define OPEN_ACTIONS_STR "open"
72 #define CREATE_ACTIONS_STR "create"
73 #define ACTIONS_SPLIT ","
74
75 #define DBINDER_SERVICE_NAME "DBinderService"
76 #define DBINDER_BUS_NAME_PREFIX "DBinder"
77 #define DBINDER_PACKAGE_NAME "DBinderBus"
78 #define DYNAMIC_PERMISSION_MAX_SIZE 100
79
80 typedef struct {
81 const char *key;
82 int32_t value;
83 } PeMap;
84
85 static SoftBusList *g_permissionEntryList = NULL;
86 static SoftBusList *g_dynamicPermissionList = NULL;
87 static char g_permissonJson[PERMISSION_JSON_LEN];
88
89 static PeMap g_peMap[] = {
90 {SYSTEM_APP_STR, SYSTEM_APP},
91 {NATIVE_APP_STR, NATIVE_APP},
92 {SELF_APP_STR, SELF_APP},
93 {NORMAL_APP_STR, NORMAL_APP},
94 {GRANTED_APP_STR, GRANTED_APP},
95 {UDID_STR, UDID},
96 {UUID_STR, UUID},
97 {NETWORK_ID_STR, NETWORKID},
98 {PRIVATE_STR, LEVEL_PRIVATE},
99 {PUBLIC_STR, LEVEL_PUBLIC},
100 {TRUE_STR, 1},
101 {FALSE_STR, 0},
102 };
103
ReadConfigJson(const char * permissionFile)104 static int32_t ReadConfigJson(const char* permissionFile)
105 {
106 (void)memset_s(g_permissonJson, PERMISSION_JSON_LEN, 0, PERMISSION_JSON_LEN);
107 if (SoftBusReadFullFile(permissionFile, g_permissonJson, PERMISSION_JSON_LEN - 1) != SOFTBUS_OK) {
108 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "ReadConfigJson failed.");
109 return SOFTBUS_FILE_ERR;
110 }
111 return SOFTBUS_OK;
112 }
113
GetPeMapValue(const char * string)114 static int32_t GetPeMapValue(const char *string)
115 {
116 uint32_t mapSize = sizeof(g_peMap) / sizeof(PeMap);
117 uint32_t index;
118 for (index = 0; index < mapSize; index++) {
119 if (strcmp(string, g_peMap[index].key) == 0) {
120 return g_peMap[index].value;
121 }
122 }
123 return UNKNOWN_VALUE;
124 }
125
StrIsEmpty(const char * string)126 static bool StrIsEmpty(const char *string)
127 {
128 if (string == NULL || strlen(string) == 0) {
129 return true;
130 }
131 return false;
132 }
133
StrStartWith(const char * string,const char * target)134 static bool StrStartWith(const char *string, const char *target)
135 {
136 if (string == NULL || target == NULL) {
137 return false;
138 }
139 size_t stringLen = strlen(string);
140 size_t targetLen = strlen(target);
141 if (stringLen == 0 || targetLen == 0 || stringLen < targetLen) {
142 return false;
143 }
144 for (size_t index = 0; index < targetLen; index++) {
145 if (string[index] != target[index]) {
146 return false;
147 }
148 }
149 return true;
150 }
151
ProcessAppInfo(cJSON * object)152 static SoftBusAppInfo *ProcessAppInfo(cJSON *object)
153 {
154 if (object == NULL) {
155 return NULL;
156 }
157
158 SoftBusAppInfo *appInfo = (SoftBusAppInfo *)SoftBusCalloc(sizeof(SoftBusAppInfo));
159 if (appInfo == NULL) {
160 return NULL;
161 }
162 ListInit(&appInfo->node);
163 appInfo->type = UNKNOWN_VALUE;
164 appInfo->uid = UNKNOWN_VALUE;
165 appInfo->pid = UNKNOWN_VALUE;
166 appInfo->actions = 0;
167
168 char mapKey[TEMP_STR_MAX_LEN];
169 char *actionStr = NULL;
170 int32_t ret = GetStringItemByJsonObject(object, APP_INFO_PKG_NAME_STR, appInfo->pkgName, PKG_NAME_SIZE_MAX);
171 if (ret != SOFTBUS_OK) {
172 if (ret == SOFTBUS_INVALID_PARAM) {
173 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "pkgname is too long");
174 goto EXIT;
175 }
176 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_INFO, "appInfo has no pkgname");
177 }
178 if (GetJsonObjectStringItem(object, APP_INFO_TYPE_STR, mapKey, TEMP_STR_MAX_LEN)) {
179 appInfo->type = GetPeMapValue(mapKey);
180 if (appInfo->type == UNKNOWN_VALUE) {
181 goto EXIT;
182 }
183 } else {
184 goto EXIT;
185 }
186 if (GetJsonObjectStringItem(object, APP_INFO_UID_STR, mapKey, TEMP_STR_MAX_LEN)) {
187 appInfo->uid = atoi(mapKey);
188 }
189 if (GetJsonObjectStringItem(object, APP_INFO_ACTION_STR, mapKey, TEMP_STR_MAX_LEN)) {
190 char *nextToken = NULL;
191 actionStr = strtok_s(mapKey, ACTIONS_SPLIT, &nextToken);
192 while (actionStr != NULL) {
193 if (strcmp(actionStr, "open") == 0) {
194 appInfo->actions |= ACTION_OPEN;
195 } else if (strcmp(actionStr, "create") == 0) {
196 appInfo->actions |= ACTION_CREATE;
197 }
198 actionStr = strtok_s(NULL, ACTIONS_SPLIT, &nextToken);
199 }
200 }
201 if (appInfo->actions == 0) {
202 goto EXIT;
203 }
204 return appInfo;
205 EXIT:
206 SoftBusFree(appInfo);
207 return NULL;
208 }
209
ProcessPermissionEntry(cJSON * object)210 static SoftBusPermissionEntry *ProcessPermissionEntry(cJSON *object)
211 {
212 if (object == NULL) {
213 return NULL;
214 }
215
216 SoftBusPermissionEntry *permissionEntry = (SoftBusPermissionEntry *)SoftBusCalloc(sizeof(SoftBusPermissionEntry));
217 if (permissionEntry == NULL) {
218 return NULL;
219 }
220 ListInit(&permissionEntry->node);
221 ListInit(&permissionEntry->appInfo);
222 permissionEntry->regexp = false;
223 permissionEntry->devId = UNKNOWN_VALUE;
224 permissionEntry->secLevel = UNKNOWN_VALUE;
225
226 char mapKey[TEMP_STR_MAX_LEN];
227 int appInfoSize;
228 int appInfoIndex;
229 if (!GetJsonObjectStringItem(object, SESSION_NAME_STR, permissionEntry->sessionName, SESSION_NAME_SIZE_MAX)) {
230 SoftBusFree(permissionEntry);
231 return NULL;
232 }
233 if (GetJsonObjectStringItem(object, REGEXP_STR, mapKey, TEMP_STR_MAX_LEN)) {
234 permissionEntry->regexp = GetPeMapValue(mapKey);
235 }
236 if (GetJsonObjectStringItem(object, DEVID_STR, mapKey, TEMP_STR_MAX_LEN)) {
237 permissionEntry->devId = GetPeMapValue(mapKey);
238 }
239 if (GetJsonObjectStringItem(object, SEC_LEVEL_STR, mapKey, TEMP_STR_MAX_LEN)) {
240 permissionEntry->secLevel = GetPeMapValue(mapKey);
241 }
242 cJSON *appInfoArray = cJSON_GetObjectItem(object, APP_INFO_STR);
243 if (appInfoArray != NULL) {
244 appInfoSize = cJSON_GetArraySize(appInfoArray);
245 for (appInfoIndex = 0; appInfoIndex < appInfoSize; appInfoIndex++) {
246 SoftBusAppInfo *appInfo = ProcessAppInfo(cJSON_GetArrayItem(appInfoArray, appInfoIndex));
247 if (appInfo != NULL) {
248 ListNodeInsert(&permissionEntry->appInfo, &appInfo->node);
249 }
250 }
251 }
252 return permissionEntry;
253 }
254
CompareString(const char * src,const char * dest,bool regexp)255 static int32_t CompareString(const char *src, const char *dest, bool regexp)
256 {
257 if (src == NULL || dest == NULL) {
258 return SOFTBUS_PERMISSION_DENIED;
259 }
260 if (regexp) {
261 regex_t regComp;
262 if (regcomp(®Comp, src, REG_EXTENDED | REG_NOSUB) != 0) {
263 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "regcomp failed");
264 return SOFTBUS_PERMISSION_DENIED;
265 }
266 if (regexec(®Comp, dest, 0, NULL, 0) == 0) {
267 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_INFO, "src:%s dest:%s", src, dest);
268 regfree(®Comp);
269 return SOFTBUS_OK;
270 }
271 regfree(®Comp);
272 } else {
273 if (strcmp(src, dest) == 0) {
274 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_INFO, "src:%s dest:%s", src, dest);
275 return SOFTBUS_OK;
276 }
277 }
278 return SOFTBUS_PERMISSION_DENIED;
279 }
280
GetPermType(const SoftBusAppInfo * appInfo,const SoftBusPermissionItem * pItem)281 static int32_t GetPermType(const SoftBusAppInfo *appInfo, const SoftBusPermissionItem *pItem)
282 {
283 if (appInfo == NULL || pItem == NULL) {
284 return SOFTBUS_INVALID_PARAM;
285 }
286 switch (appInfo->type) {
287 case NATIVE_APP:
288 /* same as system app */
289 case SYSTEM_APP:
290 if (pItem->permType == SYSTEM_APP ||
291 pItem->permType == NATIVE_APP) {
292 return pItem->permType;
293 }
294 break;
295 case GRANTED_APP:
296 if (pItem->actions == ACTION_CREATE) {
297 if (pItem->permType == SYSTEM_APP ||
298 pItem->permType == NATIVE_APP ||
299 pItem->permType == NORMAL_APP) {
300 return pItem->permType;
301 }
302 } else if (pItem->actions == ACTION_OPEN) {
303 if (pItem->permType == GRANTED_APP) {
304 return appInfo->type;
305 }
306 }
307 break;
308 case NORMAL_APP:
309 if (pItem->permType == SYSTEM_APP ||
310 pItem->permType == NATIVE_APP ||
311 pItem->permType == NORMAL_APP) {
312 return pItem->permType;
313 }
314 break;
315 case SELF_APP:
316 if (pItem->permType == SELF_APP) {
317 return SELF_APP;
318 }
319 break;
320 default:
321 return SOFTBUS_PERMISSION_DENIED;
322 }
323 return SOFTBUS_PERMISSION_DENIED;
324 }
325
CheckPermissionAppInfo(const SoftBusPermissionEntry * pe,const SoftBusPermissionItem * pItem)326 static int32_t CheckPermissionAppInfo(const SoftBusPermissionEntry *pe,
327 const SoftBusPermissionItem *pItem)
328 {
329 if (pe == NULL || pItem == NULL) {
330 return SOFTBUS_INVALID_PARAM;
331 }
332 if (pItem->actions == 0) {
333 return SOFTBUS_PERMISSION_DENIED;
334 }
335 int32_t permType;
336 SoftBusAppInfo *appInfo = NULL;
337 LIST_FOR_EACH_ENTRY(appInfo, &pe->appInfo, SoftBusAppInfo, node) {
338 if ((appInfo->actions & pItem->actions) != pItem->actions) {
339 continue;
340 }
341 permType = GetPermType(appInfo, pItem);
342 if (permType < 0) {
343 continue;
344 }
345 if ((appInfo->uid >= 0) && (appInfo->uid != pItem->uid)) {
346 continue;
347 }
348 if ((appInfo->pid >= 0) && (appInfo->pid != pItem->pid)) {
349 continue;
350 }
351 if (!StrIsEmpty(appInfo->pkgName)) {
352 if (!StrIsEmpty(pItem->pkgName) &&
353 (CompareString(appInfo->pkgName, pItem->pkgName, false) != SOFTBUS_OK)) {
354 continue;
355 }
356 if (appInfo->type == SYSTEM_APP || appInfo->type == NORMAL_APP) {
357 return permType;
358 }
359 }
360 return permType;
361 }
362 return SOFTBUS_PERMISSION_DENIED;
363 }
364
CheckDBinder(const char * sessionName)365 static bool CheckDBinder(const char *sessionName)
366 {
367 if (StrIsEmpty(sessionName)) {
368 return false;
369 }
370 if (strcmp(DBINDER_SERVICE_NAME, sessionName) == 0) {
371 return true;
372 }
373 if (StrStartWith(sessionName, DBINDER_BUS_NAME_PREFIX)) {
374 return true;
375 }
376 return false;
377 }
378
HaveGrantedPermission(const char * sessionName)379 static bool HaveGrantedPermission(const char *sessionName)
380 {
381 if (sessionName == NULL || g_dynamicPermissionList == NULL) {
382 return false;
383 }
384 SoftBusPermissionEntry *pe = NULL;
385 // The lock was acquired before being called
386 LIST_FOR_EACH_ENTRY(pe, &g_dynamicPermissionList->list, SoftBusPermissionEntry, node) {
387 if (CompareString(pe->sessionName, sessionName, pe->regexp) == SOFTBUS_OK) {
388 return true;
389 }
390 }
391 return false;
392 }
393
LoadPermissionJson(const char * fileName)394 int32_t LoadPermissionJson(const char *fileName)
395 {
396 int ret = ReadConfigJson(fileName);
397 if (ret != SOFTBUS_OK) {
398 return ret;
399 }
400 if (g_permissionEntryList == NULL) {
401 g_permissionEntryList = CreateSoftBusList();
402 if (g_permissionEntryList == NULL) {
403 return SOFTBUS_MALLOC_ERR;
404 }
405 }
406 cJSON *jsonArray = cJSON_Parse(g_permissonJson);
407 if (jsonArray == NULL) {
408 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "parse %s failed.", fileName);
409 return SOFTBUS_PARSE_JSON_ERR;
410 }
411 int itemNum = cJSON_GetArraySize(jsonArray);
412 if (itemNum <= 0) {
413 cJSON_Delete(jsonArray);
414 return SOFTBUS_PARSE_JSON_ERR;
415 }
416 int index;
417 SoftBusPermissionEntry *pe = NULL;
418 for (index = 0; index < itemNum; index++) {
419 cJSON *permissionEntryObeject = cJSON_GetArrayItem(jsonArray, index);
420 pe = ProcessPermissionEntry(permissionEntryObeject);
421 if (pe != NULL) {
422 ListNodeInsert(&g_permissionEntryList->list, &pe->node);
423 g_permissionEntryList->cnt++;
424 }
425 }
426 cJSON_Delete(jsonArray);
427 return SOFTBUS_OK;
428 }
429
ClearAppInfo(const ListNode * appInfo)430 NO_SANITIZE("cfi") void ClearAppInfo(const ListNode *appInfo)
431 {
432 if (appInfo == NULL) {
433 return;
434 }
435 while (!IsListEmpty(appInfo)) {
436 SoftBusAppInfo *item = LIST_ENTRY(appInfo->next, SoftBusAppInfo, node);
437 ListDelete(&item->node);
438 SoftBusFree(item);
439 }
440 }
441
DeinitPermissionJson(void)442 NO_SANITIZE("cfi") void DeinitPermissionJson(void)
443 {
444 if (g_permissionEntryList == NULL) {
445 return;
446 }
447 SoftBusMutexLock(&g_permissionEntryList->lock);
448 while (!IsListEmpty(&g_permissionEntryList->list)) {
449 SoftBusPermissionEntry *item = LIST_ENTRY((&g_permissionEntryList->list)->next, SoftBusPermissionEntry, node);
450 ClearAppInfo(&item->appInfo);
451 ListDelete(&item->node);
452 SoftBusFree(item);
453 }
454 SoftBusMutexUnlock(&g_permissionEntryList->lock);
455 DestroySoftBusList(g_permissionEntryList);
456 }
457
CreatePermissionItem(int32_t permType,int32_t uid,int32_t pid,const char * pkgName,uint32_t actions)458 NO_SANITIZE("cfi") SoftBusPermissionItem *CreatePermissionItem(int32_t permType, int32_t uid, int32_t pid,
459 const char *pkgName, uint32_t actions)
460 {
461 SoftBusPermissionItem *pItem = (SoftBusPermissionItem *)SoftBusCalloc(sizeof(SoftBusPermissionItem));
462 if (pItem == NULL) {
463 return NULL;
464 }
465 pItem->permType = permType;
466 pItem->uid = uid;
467 pItem->pid = pid;
468 pItem->pkgName = (char *)pkgName;
469 pItem->actions = actions;
470 return pItem;
471 }
472
CheckPermissionEntry(const char * sessionName,const SoftBusPermissionItem * pItem)473 NO_SANITIZE("cfi") int32_t CheckPermissionEntry(const char *sessionName, const SoftBusPermissionItem *pItem)
474 {
475 if (sessionName == NULL || pItem == NULL || g_permissionEntryList == NULL) {
476 return SOFTBUS_INVALID_PARAM;
477 }
478 int permType;
479 SoftBusPermissionEntry *pe = NULL;
480 bool isDynamicPermission = CheckDBinder(sessionName);
481 SoftBusList *permissionList = isDynamicPermission ? g_dynamicPermissionList : g_permissionEntryList;
482
483 (void)SoftBusMutexLock(&permissionList->lock);
484 LIST_FOR_EACH_ENTRY(pe, &permissionList->list, SoftBusPermissionEntry, node) {
485 if (CompareString(pe->sessionName, sessionName, pe->regexp) == SOFTBUS_OK) {
486 if (isDynamicPermission) {
487 (void)SoftBusMutexUnlock(&permissionList->lock);
488 return GRANTED_APP;
489 }
490 permType = CheckPermissionAppInfo(pe, pItem);
491 if (permType < 0) {
492 (void)SoftBusMutexUnlock(&permissionList->lock);
493 return ENFORCING ? SOFTBUS_PERMISSION_DENIED : permType;
494 }
495 (void)SoftBusMutexUnlock(&permissionList->lock);
496 return permType;
497 }
498 }
499 if (pItem->permType != NORMAL_APP) {
500 (void)SoftBusMutexUnlock(&permissionList->lock);
501 return ENFORCING ? SOFTBUS_PERMISSION_DENIED : permType;
502 }
503 if (pItem->actions == ACTION_CREATE) {
504 if (IsValidPkgName(pItem->uid, pItem->pkgName) != SOFTBUS_OK) {
505 (void)SoftBusMutexUnlock(&permissionList->lock);
506 return ENFORCING ? SOFTBUS_PERMISSION_DENIED : permType;
507 }
508 if (!StrStartWith(sessionName, pItem->pkgName)) {
509 (void)SoftBusMutexUnlock(&permissionList->lock);
510 return ENFORCING ? SOFTBUS_PERMISSION_DENIED : permType;
511 }
512 }
513 (void)SoftBusMutexUnlock(&permissionList->lock);
514 return SOFTBUS_PERMISSION_DENIED;
515 }
516
PermIsSecLevelPublic(const char * sessionName)517 NO_SANITIZE("cfi") bool PermIsSecLevelPublic(const char *sessionName)
518 {
519 if (sessionName == NULL) {
520 return false;
521 }
522 if (CheckDBinder(sessionName)) {
523 return true;
524 }
525 SoftBusPermissionEntry *pe = NULL;
526 bool ret = false;
527
528 if (SoftBusMutexLock(&g_permissionEntryList->lock) != 0) {
529 return false;
530 }
531 LIST_FOR_EACH_ENTRY(pe, &g_permissionEntryList->list, SoftBusPermissionEntry, node) {
532 if (CompareString(pe->sessionName, sessionName, pe->regexp) == SOFTBUS_OK) {
533 if (pe->secLevel == LEVEL_PUBLIC) {
534 ret = true;
535 }
536 break;
537 }
538 }
539 (void)SoftBusMutexUnlock(&g_permissionEntryList->lock);
540 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_INFO, "PermIsSecLevelPublic: %s is %d", sessionName, ret);
541 return ret;
542 }
543
InitDynamicPermission(void)544 NO_SANITIZE("cfi") int32_t InitDynamicPermission(void)
545 {
546 if (g_dynamicPermissionList == NULL) {
547 g_dynamicPermissionList = CreateSoftBusList();
548 if (g_dynamicPermissionList == NULL) {
549 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_INFO, "dynamic permission init failed");
550 return SOFTBUS_MALLOC_ERR;
551 }
552 }
553 return SOFTBUS_OK;
554 }
555
NewDynamicPermissionEntry(SoftBusPermissionEntry * permissionEntry,const char * sessionName,int32_t callingUid,int32_t callingPid)556 static int32_t NewDynamicPermissionEntry(SoftBusPermissionEntry *permissionEntry, const char *sessionName,
557 int32_t callingUid, int32_t callingPid)
558 {
559 if (permissionEntry == NULL) {
560 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "permission entry is null");
561 return SOFTBUS_INVALID_PARAM;
562 }
563 if (sessionName == NULL) {
564 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "sessionName is null");
565 return SOFTBUS_INVALID_PARAM;
566 }
567 ListInit(&permissionEntry->node);
568 ListInit(&permissionEntry->appInfo);
569
570 size_t length = strlen(sessionName);
571 if (length >= SESSION_NAME_SIZE_MAX) {
572 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "the length [%zd] is too long for [%s]", length, sessionName);
573 return SOFTBUS_INVALID_PARAM;
574 }
575 if (strcpy_s(permissionEntry->sessionName, SESSION_NAME_SIZE_MAX, sessionName) != EOK) {
576 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "strcpy failed");
577 return SOFTBUS_ERR;
578 }
579 permissionEntry->regexp = false;
580 permissionEntry->devId = UNKNOWN_VALUE;
581 permissionEntry->secLevel = LEVEL_PUBLIC;
582
583 SoftBusAppInfo *appInfo = (SoftBusAppInfo *)SoftBusCalloc(sizeof(SoftBusAppInfo));
584 if (appInfo == NULL) {
585 return SOFTBUS_MALLOC_ERR;
586 }
587 ListInit(&appInfo->node);
588 if (strcpy_s(appInfo->pkgName, PKG_NAME_SIZE_MAX, DBINDER_PACKAGE_NAME) != EOK) {
589 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "strcpy failed");
590 SoftBusFree(appInfo);
591 return SOFTBUS_ERR;
592 }
593 appInfo->type = GRANTED_APP;
594 appInfo->actions = ACTION_CREATE | ACTION_OPEN;
595 appInfo->uid = callingUid;
596 appInfo->pid = callingPid;
597 ListNodeInsert(&permissionEntry->appInfo, &appInfo->node);
598 return SOFTBUS_OK;
599 }
600
AddDynamicPermission(int32_t callingUid,int32_t callingPid,const char * sessionName)601 NO_SANITIZE("cfi") int32_t AddDynamicPermission(int32_t callingUid, int32_t callingPid, const char *sessionName)
602 {
603 SoftBusMutexLock(&g_dynamicPermissionList->lock);
604 if (g_dynamicPermissionList->cnt >= DYNAMIC_PERMISSION_MAX_SIZE) {
605 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "dynamic permission reach the upper limit");
606 SoftBusMutexUnlock(&g_dynamicPermissionList->lock);
607 return SOFTBUS_NO_ENOUGH_DATA;
608 }
609
610 if (HaveGrantedPermission(sessionName)) {
611 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "dynamic permission already granted");
612 SoftBusMutexUnlock(&g_dynamicPermissionList->lock);
613 return SOFTBUS_OK;
614 }
615
616 SoftBusPermissionEntry *permissionEntry = (SoftBusPermissionEntry *)SoftBusCalloc(sizeof(SoftBusPermissionEntry));
617 if (permissionEntry == NULL) {
618 SoftBusLog(SOFTBUS_LOG_LNN, SOFTBUS_LOG_ERROR, "AddDynamicPermission malloc failed!");
619 SoftBusMutexUnlock(&g_dynamicPermissionList->lock);
620 return SOFTBUS_MALLOC_ERR;
621 }
622
623 int32_t ret = NewDynamicPermissionEntry(permissionEntry, sessionName, callingUid, callingPid);
624 if (ret != SOFTBUS_OK) {
625 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_ERROR, "NewDynamicPermissionEntry failed %d", ret);
626 SoftBusFree(permissionEntry);
627 SoftBusMutexUnlock(&g_dynamicPermissionList->lock);
628 return ret;
629 }
630
631 ListNodeInsert(&g_dynamicPermissionList->list, &permissionEntry->node);
632 g_dynamicPermissionList->cnt++;
633 SoftBusMutexUnlock(&g_dynamicPermissionList->lock);
634
635 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_INFO, "%s dynamic permission granted", sessionName);
636 return SOFTBUS_OK;
637 }
638
DeleteDynamicPermission(const char * sessionName)639 NO_SANITIZE("cfi") int32_t DeleteDynamicPermission(const char *sessionName)
640 {
641 SoftBusMutexLock(&g_dynamicPermissionList->lock);
642 SoftBusPermissionEntry *pe = NULL;
643 LIST_FOR_EACH_ENTRY(pe, &g_dynamicPermissionList->list, SoftBusPermissionEntry, node) {
644 if (CompareString(pe->sessionName, sessionName, pe->regexp) == SOFTBUS_OK) {
645 ClearAppInfo(&pe->appInfo);
646 ListDelete(&pe->node);
647 SoftBusFree(pe);
648 g_dynamicPermissionList->cnt--;
649 SoftBusMutexUnlock(&g_dynamicPermissionList->lock);
650 SoftBusLog(SOFTBUS_LOG_COMM, SOFTBUS_LOG_INFO, "%s dynamic permission deleted", sessionName);
651 return SOFTBUS_OK;
652 }
653 }
654 SoftBusMutexUnlock(&g_dynamicPermissionList->lock);
655 return SOFTBUS_NOT_FIND;
656 }