From 585b787c02c3b974d6628e8c497ecbe7e7392205 Mon Sep 17 00:00:00 2001 From: lihehe Date: Thu, 22 May 2025 17:29:33 +0800 Subject: [PATCH] fix distributed problems of privacy_service and token_sync Signed-off-by: lihehe Change-Id: Iefb61e36f62960dfeee0e934223a6b653fb7c849 --- services/privacymanager/sa_profile/3505.json | 2 +- .../src/remote/soft_bus_socket_listener.cpp | 12 ++++ .../src/service/token_sync_manager_stub.cpp | 4 ++ .../test/unittest/token_sync_service_test.cpp | 72 ++++++++++++++++++- 4 files changed, 87 insertions(+), 3 deletions(-) diff --git a/services/privacymanager/sa_profile/3505.json b/services/privacymanager/sa_profile/3505.json index 73e5f1c57..d8f3c203d 100644 --- a/services/privacymanager/sa_profile/3505.json +++ b/services/privacymanager/sa_profile/3505.json @@ -6,7 +6,7 @@ "libpath": "libprivacy_manager_service.z.so", "run-on-create": true, "depend_time_out": 60000, - "distributed": true, + "distributed": false, "depend": [ 3503 ], "dump_level": 1 } diff --git a/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp b/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp index e0d119d05..61a921a9a 100644 --- a/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp +++ b/services/tokensyncmanager/src/remote/soft_bus_socket_listener.cpp @@ -26,6 +26,8 @@ namespace Security { namespace AccessToken { namespace { static const int32_t MAX_ONBYTES_RECEIVED_DATA_LEN = 1024 * 1024 * 10; +static const std::string TOKEN_SYNC_PACKAGE_NAME = "ohos.security.distributed_access_token"; +static const std::string TOKEN_SYNC_SOCKET_NAME = "ohos.security.atm_channel."; } // namespace std::mutex SoftBusSocketListener::socketMutex_; @@ -39,6 +41,16 @@ void SoftBusSocketListener::OnBind(int32_t socket, PeerSocketInfo info) LOGE(ATM_DOMAIN, ATM_TAG, "Socket fd invalid."); return; } + std::string peerSessionName(info.name); + if (peerSessionName.find(TOKEN_SYNC_SOCKET_NAME) != 0) { + LOGE(ATM_DOMAIN, ATM_TAG, "Peer session name(%{public}s) is invalid.", info.name); + return; + } + std::string packageName(info.pkgName); + if (packageName != TOKEN_SYNC_PACKAGE_NAME) { + LOGE(ATM_DOMAIN, ATM_TAG, "Peer pkgname(%{public}s) is invalid.", info.pkgName); + return; + } std::string peerNetworkId(info.networkId); std::lock_guard guard(socketMutex_); diff --git a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp index 9c1ab2fd9..dcf5f4c82 100644 --- a/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp +++ b/services/tokensyncmanager/src/service/token_sync_manager_stub.cpp @@ -34,6 +34,10 @@ int32_t TokenSyncManagerStub::OnRemoteRequest( uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) { LOGI(ATM_DOMAIN, ATM_TAG, "%{public}s called, code: %{public}d", __func__, code); + if (!IPCSkeleton::IsLocalCalling()) { + LOGE(ATM_DOMAIN, ATM_TAG, "Unsupported rpc calling."); + return ERROR_IPC_REQUEST_FAIL; + } std::u16string descriptor = data.ReadInterfaceToken(); if (descriptor != ITokenSyncManager::GetDescriptor()) { LOGE(ATM_DOMAIN, ATM_TAG, "Get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str()); diff --git a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp index 4e2f18465..9df60367e 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp +++ b/services/tokensyncmanager/test/unittest/token_sync_service_test.cpp @@ -63,6 +63,9 @@ static std::string g_udid = "deviceid-1:udid-001"; static int32_t g_selfUid; static AccessTokenID g_selfTokenId = 0; static const int32_t OUT_OF_MAP_SOCKET = 2; +static const std::string TOKEN_SYNC_PACKAGE_NAME = "ohos.security.distributed_access_token"; +static const std::string TOKEN_SYNC_SOCKET_NAME = "ohos.security.atm_channel."; +static const uint32_t SOCKET_NAME_MAX_LEN = 256; class TokenSyncServiceTest : public testing::Test { public: @@ -613,10 +616,15 @@ HWTEST_F(TokenSyncServiceTest, GetRemoteHapTokenInfo002, TestSize.Level0) g_ptrDeviceStateCallback->OnDeviceOnline(g_devInfo); // create channel char networkId[DEVICEID_MAX_LEN + 1]; + char pkgName[SOCKET_NAME_MAX_LEN + 1]; + char peerName[SOCKET_NAME_MAX_LEN + 1]; strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001"); - + strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_PACKAGE_NAME.c_str()); + strcpy_s(peerName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_SOCKET_NAME.c_str()); PeerSocketInfo info = { + .name = peerName, .networkId = networkId, + .pkgName = pkgName }; SoftBusSocketListener::OnBind(1, info); SoftBusSocketListener::OnClientBytes(1, recvBuffer, recvLen); @@ -1340,11 +1348,17 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager001, TestSize.Level0) std::string udid = "test_udId"; auto cmd = std::make_shared(); char networkId[DEVICEID_MAX_LEN + 1]; - int recvLen = 0x1000; + char pkgName[SOCKET_NAME_MAX_LEN + 1]; + char peerName[SOCKET_NAME_MAX_LEN + 1]; strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001"); + strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_PACKAGE_NAME.c_str()); + strcpy_s(peerName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_SOCKET_NAME.c_str()); PeerSocketInfo info = { + .name = peerName, .networkId = networkId, + .pkgName = pkgName }; + int recvLen = 0x1000; SoftBusSocketListener::OnBind(0, info); int32_t ret = RemoteCommandManager::GetInstance().AddCommand(udid, cmd); ASSERT_EQ(Constant::SUCCESS, ret); @@ -1393,6 +1407,60 @@ HWTEST_F(TokenSyncServiceTest, RemoteCommandManager003, TestSize.Level0) SoftBusSocketListener::OnShutdown(OUT_OF_MAP_SOCKET, SHUTDOWN_REASON_UNKNOWN); } +/** + * @tc.name: RemoteCommandManager004 + * @tc.desc: RemoteCommandManager004 function test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(TokenSyncServiceTest, RemoteCommandManager004, TestSize.Level0) +{ + RemoteCommandManager::GetInstance().Init(); + std::string udid = "test_udId"; + auto cmd = std::make_shared(); + char networkId[DEVICEID_MAX_LEN + 1]; + char pkgName[SOCKET_NAME_MAX_LEN + 1]; + char peerName[SOCKET_NAME_MAX_LEN + 1]; + strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001"); + strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_PACKAGE_NAME.c_str()); + strcpy_s(peerName, SOCKET_NAME_MAX_LEN, "invalid"); + PeerSocketInfo info = { + .name = peerName, + .networkId = networkId, + .pkgName = pkgName + }; + SoftBusSocketListener::OnBind(1, info); + int32_t ret = RemoteCommandManager::GetInstance().AddCommand(udid, cmd); + ASSERT_EQ(Constant::SUCCESS, ret); +} + +/** + * @tc.name: RemoteCommandManager005 + * @tc.desc: RemoteCommandManager005 function test + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(TokenSyncServiceTest, RemoteCommandManager005, TestSize.Level0) +{ + RemoteCommandManager::GetInstance().Init(); + std::string udid = "test_udId"; + auto cmd = std::make_shared(); + char networkId[DEVICEID_MAX_LEN + 1]; + char pkgName[SOCKET_NAME_MAX_LEN + 1]; + char peerName[SOCKET_NAME_MAX_LEN + 1]; + strcpy_s(networkId, DEVICEID_MAX_LEN, "deviceid-1:udid-001"); + strcpy_s(pkgName, SOCKET_NAME_MAX_LEN, "invalid"); + strcpy_s(peerName, SOCKET_NAME_MAX_LEN, TOKEN_SYNC_SOCKET_NAME.c_str()); + PeerSocketInfo info = { + .name = peerName, + .networkId = networkId, + .pkgName = pkgName + }; + SoftBusSocketListener::OnBind(1, info); + int32_t ret = RemoteCommandManager::GetInstance().AddCommand(udid, cmd); + ASSERT_EQ(Constant::SUCCESS, ret); +} + /** * @tc.name: ProcessDeviceCommandImmediately001 * @tc.desc: ProcessDeviceCommandImmediately function test -- Gitee