diff --git a/interfaces/inner_kits/native_cpp/include/i_dm_check_api_white_list.h b/interfaces/inner_kits/native_cpp/include/i_dm_check_api_white_list.h new file mode 100644 index 0000000000000000000000000000000000000000..b420c6e548a325047b90e43f7d7de5a332f6ebdc --- /dev/null +++ b/interfaces/inner_kits/native_cpp/include/i_dm_check_api_white_list.h @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OHOS_I_DM_CHECK_API_WHITE_LIST_H +#define OHOS_I_DM_CHECK_API_WHITE_LIST_H + +#include "idevice_manager_service_listener.h" + +namespace OHOS { +namespace DistributedHardware { +class IDMCheckApiWhiteList { +public: + virtual ~IDMCheckApiWhiteList() = default; + virtual bool IsCallerInWhiteList(const std::string &bundleName, const std::string &funcName) = 0; +}; + +using CreateDMCheckApiWhiteListFuncPtr = IDMCheckApiWhiteList *(*)(void); +} // namespace DistributedHardware +} // namespace OHOS +#endif // OHOS_I_DM_CHECK_API_WHITE_LIST_H diff --git a/interfaces/kits/js4.0/src/native_devicemanager_js.cpp b/interfaces/kits/js4.0/src/native_devicemanager_js.cpp index b63adc3ce882ca9616ccacbc200cc069371731f4..c891a3bb1e6cb8125febc3cf849b6a48a2f58eed 100644 --- a/interfaces/kits/js4.0/src/native_devicemanager_js.cpp +++ b/interfaces/kits/js4.0/src/native_devicemanager_js.cpp @@ -1401,10 +1401,6 @@ napi_value DeviceManagerNapi::GetLocalDeviceId(napi_env env, napi_callback_info napi_value DeviceManagerNapi::GetLocalDeviceName(napi_env env, napi_callback_info info) { LOGI("GetLocalDeviceName in"); - if (DeviceManager::GetInstance().CheckNewAPIAccessPermission() != 0) { - CreateBusinessError(env, ERR_DM_NO_PERMISSION); - return nullptr; - } napi_value result = nullptr; napi_value thisVar = nullptr; std::string deviceName; diff --git a/services/service/include/device_manager_service.h b/services/service/include/device_manager_service.h index c65ab5cb72bab8a1154010f8ad9d16ed0ad2a8d6..67066c15456d919716adf64e22f2e79c8d9a5bbf 100644 --- a/services/service/include/device_manager_service.h +++ b/services/service/include/device_manager_service.h @@ -30,6 +30,7 @@ #include "device_manager_service_listener.h" #include "idevice_manager_service_impl.h" #include "hichain_listener.h" +#include "i_dm_check_api_white_list.h" #include "i_dm_service_impl_ext_resident.h" #if !(defined(__LITEOS_M__) || defined(LITE_DEVICE)) #include "dm_account_common_event.h" @@ -374,6 +375,10 @@ private: void CheckRegisterInfoWithWise(); void NotifyRemoteLocalLogout(const std::vector &peerUdids, const std::string &accountIdHash, const std::string &accountName, int32_t userId); +#if !(defined(__LITEOS_M__) || defined(LITE_DEVICE)) && !defined(DEVICE_MANAGER_COMMON_FLAG) + bool IsCallerInWhiteList(); + bool IsDMAdapterCheckApiWhiteListLoaded(); +#endif private: bool isImplsoLoaded_ = false; @@ -405,6 +410,12 @@ private: #endif std::string localNetWorkId_ = ""; std::shared_ptr timer_; +#if !(defined(__LITEOS_M__) || defined(LITE_DEVICE)) && !defined(DEVICE_MANAGER_COMMON_FLAG) + bool isAdapterCheckApiWhiteListSoLoaded_ = false; + void *checkApiWhiteListSoHandle_ = nullptr; + std::mutex isAdapterCheckApiWhiteListLoadedLock_; + std::shared_ptr dmCheckApiWhiteList_; +#endif }; } // namespace DistributedHardware } // namespace OHOS diff --git a/services/service/src/device_manager_service.cpp b/services/service/src/device_manager_service.cpp index 85fadd98cd95a61f2dbff40a4f92189af8f72af2..29a59e16396fa840d611d190e7c96900328a9bf8 100644 --- a/services/service/src/device_manager_service.cpp +++ b/services/service/src/device_manager_service.cpp @@ -62,6 +62,9 @@ constexpr const char* LIB_IMPL_NAME = "libdevicemanagerserviceimpl.so"; #endif constexpr const char* LIB_DM_ADAPTER_NAME = "libdevicemanageradapter.z.so"; constexpr const char* LIB_DM_RESIDENT_NAME = "libdevicemanagerresident.z.so"; +#if !(defined(__LITEOS_M__) || defined(LITE_DEVICE)) && !defined(DEVICE_MANAGER_COMMON_FLAG) +constexpr const char* LIB_DM_CHECK_API_WHITE_LIST_NAME = "libdm_check_api_whitelist.z.so"; +#endif namespace OHOS { namespace DistributedHardware { @@ -83,6 +86,9 @@ namespace { constexpr const char* USER_STOP_BY_WIFI_TIMEOUT_TASK = "deviceManagerTimer:userStopByWifi"; constexpr const char* ACCOUNT_COMMON_EVENT_BY_WIFI_TIMEOUT_TASK = "deviceManagerTimer:accountCommonEventByWifi"; const int32_t USER_SWITCH_BY_WIFI_TIMEOUT_S = 2; +#if !(defined(__LITEOS_M__) || defined(LITE_DEVICE)) && !defined(DEVICE_MANAGER_COMMON_FLAG) + const std::string GET_LOCAL_DEVICE_NAME_API_NAME = "GetLocalDeviceName"; +#endif } DeviceManagerService::~DeviceManagerService() @@ -458,10 +464,17 @@ int32_t DeviceManagerService::GetLocalDeviceInfo(DmDeviceInfo &info) { LOGD("Begin."); bool isOnlyShowNetworkId = false; +#if !(defined(__LITEOS_M__) || defined(LITE_DEVICE)) && !defined(DEVICE_MANAGER_COMMON_FLAG) + if (!PermissionManager::GetInstance().CheckNewPermission() && !IsCallerInWhiteList()) { + LOGE("The caller does not have permission to call GetLocalDeviceInfo."); + isOnlyShowNetworkId = true; + } +#else if (!PermissionManager::GetInstance().CheckNewPermission()) { LOGE("The caller does not have permission to call GetLocalDeviceInfo."); isOnlyShowNetworkId = true; } +#endif CHECK_NULL_RETURN(softbusListener_, ERR_DM_POINT_NULL); int32_t ret = softbusListener_->GetLocalDeviceInfo(info); if (ret != DM_OK) { @@ -506,6 +519,60 @@ int32_t DeviceManagerService::GetLocalDeviceInfo(DmDeviceInfo &info) return DM_OK; } +#if !(defined(__LITEOS_M__) || defined(LITE_DEVICE)) && !defined(DEVICE_MANAGER_COMMON_FLAG) +bool DeviceManagerService::IsCallerInWhiteList() +{ + if (!IsDMAdapterCheckApiWhiteListLoaded()) { + LOGE("DMAdapterCheckApiWhiteListLoad failed."); + return false; + } + std::string callerName; + if (AppManager::GetInstance().GetCallerProcessName(callerName) != DM_OK) { + LOGE("GetCallerProcessName failed."); + return false; + } + return dmCheckApiWhiteList_->IsCallerInWhiteList(callerName, GET_LOCAL_DEVICE_NAME_API_NAME); +} + +bool DeviceManagerService::IsDMAdapterCheckApiWhiteListLoaded() +{ + LOGI("Start."); + if (listener_ == nullptr) { + listener_ = std::make_shared(); + } + std::lock_guard lock(isAdapterCheckApiWhiteListLoadedLock_); + if (isAdapterCheckApiWhiteListSoLoaded_ && (dmCheckApiWhiteList_ != nullptr)) { + return true; + } + checkApiWhiteListSoHandle_ = dlopen(LIB_DM_CHECK_API_WHITE_LIST_NAME, RTLD_NOW | RTLD_NODELETE | RTLD_NOLOAD); + if (checkApiWhiteListSoHandle_ == nullptr) { + checkApiWhiteListSoHandle_ = dlopen(LIB_DM_CHECK_API_WHITE_LIST_NAME, RTLD_NOW | RTLD_NODELETE); + } + if (checkApiWhiteListSoHandle_ == nullptr) { + LOGE("load dm check api white list so failed."); + return false; + } + dlerror(); + if (dlerror() != nullptr) { + dlclose(checkApiWhiteListSoHandle_); + checkApiWhiteListSoHandle_ = nullptr; + LOGE("open dm check api white list so failed."); + return false; + } + auto func = (CreateDMCheckApiWhiteListFuncPtr)dlsym(checkApiWhiteListSoHandle_, "CreateDMCheckApiWhiteListObject"); + if (func == nullptr) { + dlclose(checkApiWhiteListSoHandle_); + checkApiWhiteListSoHandle_ = nullptr; + LOGE("Create object function is not exist."); + return false; + } + dmCheckApiWhiteList_ = std::shared_ptr(func()); + isAdapterCheckApiWhiteListSoLoaded_ = true; + LOGI("Success."); + return true; +} +#endif + int32_t DeviceManagerService::GetUdidByNetworkId(const std::string &pkgName, const std::string &netWorkId, std::string &udid) {