diff --git a/README.md b/README.md index d2071c81cf723ea17c7b13c165e5f6bc70f8e726..ff0fd459602941857ba96a88a9a4708c489dae08 100644 --- a/README.md +++ b/README.md @@ -48,6 +48,8 @@ The following figure shows the ATM architecture. | **API**| **Description**| | --- | --- | | AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); | Allocates a token ID to an app.| +| AccessTokenIDEx InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, AccessTokenIDEx& fullTokenId); | 为应用进程分配一个tokenID | +| int32_t InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result); | 为应用进程分配一个tokenID | | AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); | Allocates a local token ID to the app of a remote device.| | int UpdateHapToken(AccessTokenIDEx& tokenIdEx, bool isSystemApp, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); | Updates token information.| | int DeleteToken(AccessTokenID tokenID); | Deletes the app's token ID and information.| diff --git a/README_zh.md b/README_zh.md index a3b840c47c74cd3c67cbd6004bf4c72a17f62d90..d5aad0760115fb2486141cb39007121a78aaf769 100644 --- a/README_zh.md +++ b/README_zh.md @@ -56,6 +56,8 @@ ATM部件的架构图如下所示: | **接口申明** | **接口描述** | | --- | --- | | AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy); | 为应用进程分配一个tokenID | +| AccessTokenIDEx InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, AccessTokenIDEx& fullTokenId); | 为应用进程分配一个tokenID | +| int32_t InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result); | 为应用进程分配一个tokenID | | AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID); | 为远端设备的应用进程分配一个本地tokenID | | int UpdateHapToken(AccessTokenIDEx& tokenIdEx, bool isSystemApp, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParams& policy); | 更新tokenId对应的tokenInfo信息 | | int DeleteToken(AccessTokenID tokenID); | 删除应用tokenID及其对应的tokenInfo信息 | @@ -84,7 +86,7 @@ ATM提供了统一的应用权限访问控制功能,支持应用程序或者SA - 在native进程拉起前,需要调用GetAccessTokenId函数,获取该native进程的TokenID;再调用SetSelfTokenID将进程TokenID设置到内核中。 #### 应用hap -- 在应用安装时,需要调用AllocHapToken创建获取该应用的TokenID。 +- 在应用安装时,需要调用InitHapToken创建获取该应用的TokenID。 - 在应用运行过程中,需要进行鉴权等操作时,可调用VerifyAccessToken、GetReqPermissions等函数查询校验应用权限、APL等信息。 - 在应用卸载时,需要调用DeleteToken函数删除系统中管理的对应Accesstoken信息。 diff --git a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h index 07d0e107b261d2a3c78b13f9a124d622e8ffc1c1..61254808083a3967c4126f6679b4ca7f025c7e40 100644 --- a/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h +++ b/frameworks/accesstoken/include/accesstoken_service_ipc_interface_code.h @@ -28,7 +28,6 @@ enum class AccessTokenInterfaceCode { GRANT_PERMISSION, REVOKE_PERMISSION, CLEAR_USER_GRANT_PERMISSION, - ALLOC_TOKEN_HAP, TOKEN_DELETE, INIT_TOKEN_HAP, SET_PERMISSION_REQUEST_TOGGLE_STATUS, diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h index 22709473ae9dc8e916febd58dd587019534850fd..3b886a37c7778945d8e79a1dd0c13450b50a0fa6 100644 --- a/frameworks/accesstoken/include/i_accesstoken_manager.h +++ b/frameworks/accesstoken/include/i_accesstoken_manager.h @@ -70,7 +70,6 @@ public: virtual int GrantPermissionForSpecifiedTime( AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) = 0; virtual int ClearUserGrantedPermissionState(AccessTokenID tokenID) = 0; - virtual AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) = 0; virtual int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) = 0; virtual int DeleteToken(AccessTokenID tokenID) = 0; diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 0c1636d7d3f75b706def7cf622892b89f2edeadb..47e5048ff854bb7bc5e01c81aa466120e6f150e5 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -97,9 +97,10 @@ permList: %{public}zu, stateList: %{public}zu, checkIgnore: %{public}d", LOGE(ATM_DOMAIN, ATM_TAG, "Input param failed"); return res; } - HapPolicy newPolicy; - TransferHapPolicyParams(policy, newPolicy); - return AccessTokenManagerClient::GetInstance().AllocHapToken(info, newPolicy); + HapInfoCheckResult result; + HapPolicyParams policyTmp = policy; + (void)InitHapToken(info, policyTmp, res, result); + return res; } int32_t AccessTokenKit::InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp index 2f7a6df29baf3251b059d14ce7dd0f8f69653356..bb791109b58e187b2472ee878283b5678b0501fc 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp @@ -388,22 +388,6 @@ int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback( return result; } -AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicy& policy) -{ - AccessTokenIDEx tokenIdEx = { 0 }; - auto proxy = GetProxy(); - if (proxy == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Proxy is null"); - return tokenIdEx; - } - HapInfoParcel hapInfoParcel; - HapPolicyParcel hapPolicyParcel; - hapInfoParcel.hapInfoParameter = info; - hapPolicyParcel.hapPolicy = policy; - - return proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel); -} - int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPolicy& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h index b5a4d09849c09855d7c0f021f1f5f9312dc80531..14b3c732a5de3ef7c4f524c44d87f227e3a47f75 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h @@ -67,7 +67,6 @@ public: int GrantPermissionForSpecifiedTime( AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime); int ClearUserGrantedPermissionState(AccessTokenID tokenID); - AccessTokenIDEx AllocHapToken(const HapInfoParams& info, const HapPolicy& policy); int32_t InitHapToken(const HapInfoParams& info, HapPolicy& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result); int DeleteToken(AccessTokenID tokenID); diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp index 429e1d1f17c974ddb79e31a8189e2df576cb2cf9..2acd1ba602a9e138c76f72c28c8ef933ec8cd666 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp @@ -668,36 +668,6 @@ int32_t AccessTokenManagerProxy::UnRegisterSelfPermStateChangeCallback(const spt return result; } -AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken( - const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) -{ - MessageParcel data; - AccessTokenIDEx res = { 0 }; - if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteInterfaceToken failed."); - return res; - } - - if (!data.WriteParcelable(&hapInfo)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return res; - } - if (!data.WriteParcelable(&policyParcel)) { - LOGE(ATM_DOMAIN, ATM_TAG, "WriteParcelable failed."); - return res; - } - - MessageParcel reply; - if (!SendRequest(AccessTokenInterfaceCode::ALLOC_TOKEN_HAP, data, reply)) { - return res; - } - - unsigned long long result = reply.ReadUint64(); - LOGI(ATM_DOMAIN, ATM_TAG, "Result from server (id=%{public}llu).", result); - res.tokenIDEx = result; - return res; -} - int32_t AccessTokenManagerProxy::InitHapToken(const HapInfoParcel& hapInfoParcel, HapPolicyParcel& policyParcel, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& resultInfo) { diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h index 99ff5740f4f0fa71c9ea0f4091d9f8ba4fee7ef3..cbef620adc4a79cfb9213dac82331466c60d14f0 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h +++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h @@ -68,7 +68,6 @@ public: int GetTokenType(AccessTokenID tokenID) override; AccessTokenIDEx GetHapTokenID(int32_t userID, const std::string& bundleName, int32_t instIndex) override; AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) override; - AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) override; int32_t InitHapToken(const HapInfoParcel& hapInfoParcel, HapPolicyParcel& policyParcel, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& resultInfo) override; int DeleteToken(AccessTokenID tokenID) override; diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index befb3df1bcf8fc6344b1f543c97d2ae639eac167..2a7a77aa4c1dd62ac80bcb613aa7a9409ed42d90 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -45,7 +45,6 @@ public: void OnAddSystemAbility(int32_t systemAbilityId, const std::string& deviceId) override; void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string& deviceId) override; - AccessTokenIDEx AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) override; PermUsedTypeEnum GetPermissionUsedType( AccessTokenID tokenID, const std::string& permissionName) override; int32_t InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h index 03647a2e53455f54d9065aad8f0582b0de3e25a5..899629bf21f8d5a736c132c9588ab89dd4e6d82b 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h @@ -49,7 +49,6 @@ private: void RevokePermissionInner(MessageParcel& data, MessageParcel& reply); void GrantPermissionForSpecifiedTimeInner(MessageParcel& data, MessageParcel& reply); void ClearUserGrantedPermissionStateInner(MessageParcel& data, MessageParcel& reply); - void AllocHapTokenInner(MessageParcel& data, MessageParcel& reply); void InitHapTokenInner(MessageParcel& data, MessageParcel& reply); void DeleteTokenInfoInner(MessageParcel& data, MessageParcel& reply); void UpdateHapTokenInner(MessageParcel& data, MessageParcel& reply); diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 55bea95e5cd63c808085e12bfcee02e8e7f3a503..9f3df4b6c5b78b78a45feeae5f06ab03e54cb599 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -338,20 +338,6 @@ int32_t AccessTokenManagerService::UnRegisterSelfPermStateChangeCallback(const s return PermissionManager::GetInstance().RemovePermStateChangeCallback(callback); } -AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) -{ - LOGI(ATM_DOMAIN, ATM_TAG, "BundleName: %{public}s", info.hapInfoParameter.bundleName.c_str()); - AccessTokenIDEx tokenIdEx; - tokenIdEx.tokenIDEx = 0LL; - - int ret = AccessTokenInfoManager::GetInstance().CreateHapTokenInfo( - info.hapInfoParameter, policy.hapPolicy, tokenIdEx); - if (ret != RET_SUCCESS) { - LOGE(ATM_DOMAIN, ATM_TAG, "Hap token info create failed"); - } - return tokenIdEx; -} - int32_t AccessTokenManagerService::InitHapToken(const HapInfoParcel& info, HapPolicyParcel& policy, AccessTokenIDEx& fullTokenId, HapInfoCheckResult& result) { diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index e2a9f96067e973784199390c179b70d852a71181..a0e8b4dddcb0e43f925d7e978c3a04b5f2f7147d 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -467,30 +467,6 @@ void AccessTokenManagerStub::ClearUserGrantedPermissionStateInner(MessageParcel& IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, reply.WriteInt32(result), "WriteInt32 failed."); } -void AccessTokenManagerStub::AllocHapTokenInner(MessageParcel& data, MessageParcel& reply) -{ - AccessTokenIDEx res = {0}; - AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID(); - if (!IsPrivilegedCalling() && - (VerifyAccessToken(tokenID, MANAGE_HAP_TOKENID_PERMISSION) == PERMISSION_DENIED)) { - LOGE(ATM_DOMAIN, ATM_TAG, "Permission denied(tokenID=%{public}d)", tokenID); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_PERMISSION_DENIED), "WriteInt32 failed."); - return; - } - - sptr hapInfoParcel = data.ReadParcelable(); - sptr hapPolicyParcel = data.ReadParcelable(); - if (hapInfoParcel == nullptr || hapPolicyParcel == nullptr) { - LOGE(ATM_DOMAIN, ATM_TAG, "Read hapPolicyParcel or hapInfoParcel fail"); - IF_FALSE_PRINT_LOG(ATM_DOMAIN, ATM_TAG, - reply.WriteInt32(AccessTokenError::ERR_READ_PARCEL_FAILED), "WriteInt32 failed."); - return; - } - res = this->AllocHapToken(*hapInfoParcel, *hapPolicyParcel); - reply.WriteUint64(res.tokenIDEx); -} - void AccessTokenManagerStub::InitHapTokenInner(MessageParcel& data, MessageParcel& reply) { AccessTokenID tokenID = IPCSkeleton::GetCallingTokenID(); @@ -1223,8 +1199,6 @@ void AccessTokenManagerStub::SetTokenSyncFuncInMap() void AccessTokenManagerStub::SetLocalTokenOpFuncInMap() { - requestFuncMap_[static_cast(AccessTokenInterfaceCode::ALLOC_TOKEN_HAP)] = - &AccessTokenManagerStub::AllocHapTokenInner; requestFuncMap_[static_cast(AccessTokenInterfaceCode::INIT_TOKEN_HAP)] = &AccessTokenManagerStub::InitHapTokenInner; requestFuncMap_[static_cast(AccessTokenInterfaceCode::TOKEN_DELETE)] = diff --git a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp index 0e71375cdb9afdd4ed83a3b8250a7cc5c59618a8..8483064df4f6188ca3fc04e8a03990b7205192b3 100644 --- a/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp +++ b/services/accesstokenmanager/test/unittest/accesstoken_info_manager_test.cpp @@ -1941,31 +1941,6 @@ HWTEST_F(AccessTokenInfoManagerTest, GetPermDialogCap001, TestSize.Level1) ASSERT_EQ(RET_SUCCESS, AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenId)); } -/** - * @tc.name: AllocHapToken001 - * @tc.desc: alloc hap create haptokeninfo failed. - * @tc.type: FUNC - * @tc.require: - */ -HWTEST_F(AccessTokenInfoManagerTest, AllocHapToken001, TestSize.Level1) -{ - HapInfoParcel hapinfoParcel; - hapinfoParcel.hapInfoParameter = { - .userID = -1, - .bundleName = "accesstoken_test", - .instIndex = 0, - .appIDDesc = "testtesttesttest", - .apiVersion = DEFAULT_API_VERSION, - .isSystemApp = false, - }; - HapPolicyParcel hapPolicyParcel; - hapPolicyParcel.hapPolicy.apl = ATokenAplEnum::APL_NORMAL; - hapPolicyParcel.hapPolicy.domain = "test.domain"; - - AccessTokenIDEx tokenIDEx = atManagerService_->AllocHapToken(hapinfoParcel, hapPolicyParcel); - ASSERT_EQ(INVALID_TOKENID, tokenIDEx.tokenIDEx); -} - /** * @tc.name: OnStart001 * @tc.desc: service is running. diff --git a/test/fuzztest/services/accesstoken/BUILD.gn b/test/fuzztest/services/accesstoken/BUILD.gn index f819fafcb7d86b79ae9dbb687572f016f0bb3470..55a2a47a7e60847a5cf49775dc258cb29a7e5cb4 100644 --- a/test/fuzztest/services/accesstoken/BUILD.gn +++ b/test/fuzztest/services/accesstoken/BUILD.gn @@ -16,7 +16,6 @@ group("fuzztest") { deps = [ # deps file - "allochaptokenstub_fuzzer:AllocHapTokenStubFuzzTest", "alloclocaltokenidstub_fuzzer:AllocLocalTokenIDStubFuzzTest", "clearusergrantedpermissionstatestub_fuzzer:ClearUserGrantedPermissionStateStubFuzzTest", "deleteremotedevicetokensstub_fuzzer:DeleteRemoteDeviceTokensStubFuzzTest", diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn deleted file mode 100644 index 72c33dd1538932bc77bf79c8deb6faa49be13624..0000000000000000000000000000000000000000 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/BUILD.gn +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/config/features.gni") -import("//build/test.gni") -import("../../../../../access_token.gni") -import("../access_token_service_fuzz.gni") - -ohos_fuzztest("AllocHapTokenStubFuzzTest") { - module_out_path = module_output_path_service_access_token - fuzz_config_file = "." - - sources = [ "allochaptokenstub_fuzzer.cpp" ] - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - include_dirs = access_token_include_dirs - - deps = access_token_deps - - configs = [ "${access_token_path}/config:coverage_flags" ] - - external_deps = access_token_external_deps - - include_dirs += access_token_impl_include_dirs - - cflags_cc = access_token_cflags_cc - - sources += access_token_sources - - sources += access_token_impl_sources - - if (eventhandler_enable == true) { - sources += [ "${access_token_path}/services/common/handler/src/access_event_handler.cpp" ] - } -} diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp deleted file mode 100644 index 15da22d9aecf7f7a433a461a56de1e9006523ed7..0000000000000000000000000000000000000000 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.cpp +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright (c) 2023-2024 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "allochaptokenstub_fuzzer.h" -#include -#include -#include -#include -#include -#include -#include "accesstoken_fuzzdata.h" -#undef private -#include "accesstoken_manager_service.h" -#include "hap_info_parcel.h" -#include "i_accesstoken_manager.h" - -using namespace std; -using namespace OHOS::Security::AccessToken; -const int CONSTANTS_NUMBER_TWO = 2; -static const int32_t ROOT_UID = 0; - -namespace OHOS { - void ConstructorParam(AccessTokenFuzzData& fuzzData, HapInfoParcel& hapInfoParcel, HapPolicyParcel& hapPolicyParcel) - { - std::string permissionName = fuzzData.GenerateStochasticString(); - std::string bundleName = fuzzData.GenerateStochasticString(); - PermissionDef testPermDef = { - .permissionName = permissionName, - .bundleName = bundleName, - .grantMode = 1, - .availableLevel = APL_NORMAL, - .label = fuzzData.GenerateStochasticString(), - .labelId = 1, - .description = fuzzData.GenerateStochasticString(), - .descriptionId = 1}; - PermissionStatus testState = { - .permissionName = permissionName, - .grantStatus = PermissionState::PERMISSION_GRANTED, - .grantFlag = 1, - }; - HapInfoParams testInfoParms = { - .userID = 1, - .bundleName = bundleName, - .instIndex = 0, - .appIDDesc = fuzzData.GenerateStochasticString()}; - PreAuthorizationInfo info1 = { - .permissionName = permissionName, - .userCancelable = true - }; - HapPolicy testPolicy = { - .apl = APL_NORMAL, - .domain = fuzzData.GenerateStochasticString(), - .permList = {testPermDef}, - .permStateList = {testState}, - .aclRequestedList = {permissionName}, - .preAuthorizationInfo = {info1} - }; - - hapInfoParcel.hapInfoParameter = testInfoParms; - hapPolicyParcel.hapPolicy = testPolicy; - } - - bool AllocHapTokenStubFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - AccessTokenFuzzData fuzzData(data, size); - HapInfoParcel hapInfoParcel; - HapPolicyParcel hapPolicyParcel; - ConstructorParam(fuzzData, hapInfoParcel, hapPolicyParcel); - - MessageParcel datas; - datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); - if (!datas.WriteParcelable(&hapInfoParcel)) { - return false; - } - if (!datas.WriteParcelable(&hapPolicyParcel)) { - return false; - } - - uint32_t code = static_cast( - AccessTokenInterfaceCode::ALLOC_TOKEN_HAP); - - MessageParcel reply; - MessageOption option; - bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0); - if (enable) { - setuid(CONSTANTS_NUMBER_TWO); - } - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); - setuid(ROOT_UID); - - return true; - } -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) -{ - /* Run your code on data */ - OHOS::AllocHapTokenStubFuzzTest(data, size); - return 0; -} diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.h b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.h deleted file mode 100644 index 5c401179d40a032e3bd9c541b9af34ec9d482fdb..0000000000000000000000000000000000000000 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/allochaptokenstub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TEST_FUZZTEST_ALLOCHAPTOKENSTUB_FUZZER_H -#define TEST_FUZZTEST_ALLOCHAPTOKENSTUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "allochaptokenstub_fuzzer" - -#endif // TEST_FUZZTEST_ALLOCHAPTOKENSTUB_FUZZER_H diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/corpus/init deleted file mode 100644 index e4ceac1bcd4e3b3427eb63cea0c28304064333cc..0000000000000000000000000000000000000000 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/corpus/init +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FUZZ \ No newline at end of file diff --git a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/project.xml deleted file mode 100644 index 4fdbc407f205680885fa42663163b5c987f123a6..0000000000000000000000000000000000000000 --- a/test/fuzztest/services/accesstoken/allochaptokenstub_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - -