From 3624b9f4a427b45905443403add1ba6841ab92de Mon Sep 17 00:00:00 2001 From: xia-bubai Date: Thu, 31 Jul 2025 21:53:58 +0800 Subject: [PATCH] add nativetoken hisysevent Signed-off-by: xia-bubai Change-Id: If96dbcd305782f369366caa328ffcddaf047c5ec --- frameworks/common/BUILD.gn | 61 +++ .../common/include/accesstoken_common_log.h | 15 +- frameworks/common/include/accesstoken_klog.h | 58 +++ .../common/include/accesstoken_thread_msg.h | 71 ++-- .../common/include}/hisysevent_adapter.h | 32 +- frameworks/common/include/hisysevent_common.h | 93 ++++ .../common/src/accesstoken_common_log.cpp | 47 +- .../common/src/accesstoken_klog.cpp | 8 +- .../common/src}/hisysevent_adapter.cpp | 0 interfaces/innerkits/nativetoken/BUILD.gn | 28 +- .../include/nativetoken_hisysevent.h | 33 ++ .../innerkits/nativetoken/src/nativetoken.c | 400 +++++++++++------- .../nativetoken/src/nativetoken_hisysevent.c | 57 +++ .../nativetoken/src/nativetoken_json_oper.c | 76 ++-- .../innerkits/nativetoken/test/BUILD.gn | 11 +- .../test/mock/src/secure_function.c | 1 + .../unittest/mock/nativetoken_oper_test.cpp | 4 +- interfaces/innerkits/tokensync/test/BUILD.gn | 1 + services/accesstokenmanager/BUILD.gn | 8 +- .../cpp/src/permission/permission_manager.cpp | 4 +- .../service/accesstoken_manager_service.cpp | 4 +- .../accesstokenmanager/test/coverage/BUILD.gn | 2 +- .../test/database_dlopen/BUILD.gn | 2 +- .../accesstokenmanager/test/mock/BUILD.gn | 2 +- .../accesstokenmanager/test/unittest/BUILD.gn | 2 +- services/common/database/test/BUILD.gn | 2 +- services/common/proxy_death/BUILD.gn | 4 +- services/privacymanager/BUILD.gn | 2 +- .../privacymanager/test/coverage/BUILD.gn | 2 +- services/privacymanager/test/mock/BUILD.gn | 5 +- .../privacymanager/test/unittest/BUILD.gn | 2 +- .../getpermissionsstatus_fuzzer/BUILD.gn | 1 + .../accesstoken/access_token_service_fuzz.gni | 2 +- .../accesstoken/access_token_service_fuzz.gni | 2 +- .../getaccesstokenid_fuzzer/BUILD.gn | 1 + 35 files changed, 710 insertions(+), 333 deletions(-) create mode 100755 frameworks/common/include/accesstoken_klog.h rename interfaces/innerkits/nativetoken/include/nativetoken_klog.h => frameworks/common/include/accesstoken_thread_msg.h (54%) mode change 100755 => 100644 rename {services/accesstokenmanager/main/cpp/include/dfx => frameworks/common/include}/hisysevent_adapter.h (72%) create mode 100644 frameworks/common/include/hisysevent_common.h rename interfaces/innerkits/nativetoken/src/nativetoken_klog.c => frameworks/common/src/accesstoken_klog.cpp (88%) rename {services/accesstokenmanager/main/cpp/src/dfx => frameworks/common/src}/hisysevent_adapter.cpp (100%) create mode 100644 interfaces/innerkits/nativetoken/include/nativetoken_hisysevent.h create mode 100644 interfaces/innerkits/nativetoken/src/nativetoken_hisysevent.c diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn index 41fcfa310..3425637f1 100644 --- a/frameworks/common/BUILD.gn +++ b/frameworks/common/BUILD.gn @@ -52,6 +52,36 @@ action("permission_definition_parse") { } } +ohos_static_library("accesstoken_hisysevent") { + subsystem_name = "security" + part_name = "access_token" + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + public_configs = [ ":accesstoken_common_cxx_public_config" ] + + include_dirs = + [ "${access_token_path}/interfaces/innerkits/accesstoken/include" ] + + sources = [ "src/hisysevent_adapter.cpp" ] + + external_deps = [ + "hilog:libhilog", + "hisysevent:libhisysevent", + ] + + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] + + cflags_cc = [ "-DHILOG_ENABLE" ] +} + ohos_static_library("accesstoken_static_log") { subsystem_name = "security" part_name = "access_token" @@ -81,6 +111,37 @@ ohos_static_library("accesstoken_static_log") { cflags_cc = [ "-DHILOG_ENABLE" ] } +ohos_static_library("accesstoken_static_log_for_nativetoken") { + subsystem_name = "security" + part_name = "access_token" + sanitize = { + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + + public_configs = [ ":accesstoken_common_cxx_public_config" ] + + include_dirs = [ + "include", + "${access_token_path}/interfaces/innerkits/nativetoken/include", + ] + cflags_cc = [ "-DUSE_NATIVE_TOKEN_KLOG" ] + + sources = [ + "src/accesstoken_common_log.cpp", + "src/accesstoken_klog.cpp", + ] + + external_deps = [ "c_utils:utils" ] + + configs = [ + "${access_token_path}/config:access_token_compile_flags", + "${access_token_path}/config:coverage_flags", + ] +} + ohos_shared_library("accesstoken_common_cxx") { subsystem_name = "security" innerapi_tags = [ diff --git a/frameworks/common/include/accesstoken_common_log.h b/frameworks/common/include/accesstoken_common_log.h index 3286f0bc3..678e2edfa 100644 --- a/frameworks/common/include/accesstoken_common_log.h +++ b/frameworks/common/include/accesstoken_common_log.h @@ -18,6 +18,7 @@ #include #include "hilog/log.h" +#include "accesstoken_thread_msg.h" #define ATM_DOMAIN 0xD005A01 #define ATM_TAG "ATM" @@ -43,22 +44,12 @@ ((void)HILOG_IMPL(LOG_CORE, LOG_DEBUG, domain, tag, \ "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) -namespace OHOS { -namespace Security { -namespace AccessToken { -uint32_t GetThreadErrorMsgLen(void); -const char *GetThreadErrorMsg(void); -void ClearThreadErrorMsg(void); -void AddEventMessage(unsigned int domain, const char *tag, const char *format, ...); -} -} -} - +// LOGC is used for critical errors that should be logged and reported. #define LOGC(domain, tag, fmt, ...) \ do { \ ((void)HILOG_IMPL(LOG_CORE, LOG_ERROR, domain, tag, \ "[%{public}s:%{public}d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)); \ - OHOS::Security::AccessToken::AddEventMessage(domain, tag, \ + AddEventMessage(domain, tag, \ "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt, __func__, __LINE__, ##__VA_ARGS__); \ } while (0) diff --git a/frameworks/common/include/accesstoken_klog.h b/frameworks/common/include/accesstoken_klog.h new file mode 100755 index 000000000..469e47704 --- /dev/null +++ b/frameworks/common/include/accesstoken_klog.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef ACCESSTOKEN_KLOG_H +#define ACCESSTOKEN_KLOG_H + +#include +#include "accesstoken_thread_msg.h" + +#ifdef __cplusplus +#if __cplusplus +extern "C" { +#endif +#endif + +typedef enum NativeTokenKLogLevel { + NATIVETOKEN_KERROR = 0, + NATIVETOKEN_KWARN, + NATIVETOKEN_KINFO, +} NativeTokenKLogLevel; + +extern int NativeTokenKmsg(int logLevel, const char *fmt, ...); + +#define LOG_PUBLIC "" + +#define LOGE(fmt, ...) \ + ((void)NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s:%d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) +#define LOGW(fmt, ...) \ + ((void)NativeTokenKmsg(NATIVETOKEN_KWARN, "[%s:%d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) +#define LOGI(fmt, ...) \ + ((void)NativeTokenKmsg(NATIVETOKEN_KINFO, "[%s:%d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__)) + +// LOGC is used for critical errors that should be logged and reported. +#define LOGC(fmt, ...) \ +do { \ + (void)NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s:%d]" fmt, __FUNCTION__, __LINE__, ##__VA_ARGS__); \ + AddEventMessage(0, 0, \ + "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt, __func__, __LINE__, ##__VA_ARGS__); \ +} while (0) + +#ifdef __cplusplus +#if __cplusplus +} +#endif /* __cplusplus */ +#endif /* __cplusplus */ + +#endif // ACCESSTOKEN_KLOG_H diff --git a/interfaces/innerkits/nativetoken/include/nativetoken_klog.h b/frameworks/common/include/accesstoken_thread_msg.h old mode 100755 new mode 100644 similarity index 54% rename from interfaces/innerkits/nativetoken/include/nativetoken_klog.h rename to frameworks/common/include/accesstoken_thread_msg.h index eeb4e31a2..306fe8870 --- a/interfaces/innerkits/nativetoken/include/nativetoken_klog.h +++ b/frameworks/common/include/accesstoken_thread_msg.h @@ -1,38 +1,33 @@ -/* - * Copyright (c) 2022 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef NATIVETOKEN_KLOG_H -#define NATIVETOKEN_KLOG_H - -#ifdef __cplusplus -#if __cplusplus -extern "C" { -#endif -#endif - -typedef enum NativeTokenKLogLevel { - NATIVETOKEN_KERROR = 0, - NATIVETOKEN_KWARN, - NATIVETOKEN_KINFO, -} NativeTokenKLogLevel; - -int NativeTokenKmsg(int logLevel, const char *fmt, ...); - -#ifdef __cplusplus -#if __cplusplus -} -#endif /* __cplusplus */ -#endif /* __cplusplus */ - -#endif // NATIVE_KLOG_H +/* + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_THREAD_MSG_H +#define ACCESSTOKEN_THREAD_MSG_H +#include + +#ifdef __cplusplus +extern "C" { +#endif + +uint32_t GetThreadErrorMsgLen(void); +const char *GetThreadErrorMsg(void); +void ClearThreadErrorMsg(void); +void AddEventMessage(uint32_t domain, const char *tag, const char *format, ...); + +#ifdef __cplusplus +} +#endif + +#endif // ACCESSTOKEN_THREAD_MSG_H diff --git a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h b/frameworks/common/include/hisysevent_adapter.h similarity index 72% rename from services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h rename to frameworks/common/include/hisysevent_adapter.h index 1da2439f1..52950f7b8 100644 --- a/services/accesstokenmanager/main/cpp/include/dfx/hisysevent_adapter.h +++ b/frameworks/common/include/hisysevent_adapter.h @@ -18,41 +18,11 @@ #include #include "access_token.h" +#include "hisysevent_common.h" namespace OHOS { namespace Security { namespace AccessToken { -enum SceneCode { - SA_PUBLISH_FAILED, - EVENTRUNNER_CREATE_ERROR, - INIT_HAP_TOKENINFO_ERROR, - INIT_NATIVE_TOKENINFO_ERROR, - INIT_PERM_DEF_JSON_ERROR, - TOKENID_NOT_EQUAL, -}; -enum UpdatePermStatusErrorCode { - GRANT_TEMP_PERMISSION_FAILED = 0, - DLP_CHECK_FAILED = 1, - UPDATE_PERMISSION_STATUS_FAILED = 2, -}; -enum CommonSceneCode { - AT_COMMOM_START = 0, - AT_COMMON_FINISH = 1, -}; -enum AccessTokenDbSceneCode { - AT_DB_INSERT_RESTORE = 1001, - AT_DB_DELETE_RESTORE = 1002, - AT_DB_UPDATE_RESTORE = 1003, - AT_DB_QUERY_RESTORE = 1004, - AT_DB_COMMIT_RESTORE = 1005, -}; -enum AddHapSceneCode { - INSTALL_START = 0, - TOKEN_ID_CHANGE, - INIT, - MAP, - INSTALL_FINISH, -}; struct AccessTokenDfxInfo { AddHapSceneCode sceneCode; AccessTokenID tokenId; diff --git a/frameworks/common/include/hisysevent_common.h b/frameworks/common/include/hisysevent_common.h new file mode 100644 index 000000000..a452372f1 --- /dev/null +++ b/frameworks/common/include/hisysevent_common.h @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSTOKEN_HISYSEVENT_COMMON_H +#define ACCESSTOKEN_HISYSEVENT_COMMON_H + + +#ifdef __cplusplus +extern "C" { +#endif + +typedef enum SceneCode { + SA_PUBLISH_FAILED, + EVENTRUNNER_CREATE_ERROR, + INIT_HAP_TOKENINFO_ERROR, + INIT_NATIVE_TOKENINFO_ERROR, + INIT_PERM_DEF_JSON_ERROR, + TOKENID_NOT_EQUAL, +} SceneCode; + +typedef enum UpdatePermStatusErrorCode { + GRANT_TEMP_PERMISSION_FAILED = 0, + DLP_CHECK_FAILED = 1, + UPDATE_PERMISSION_STATUS_FAILED = 2, +} UpdatePermStatusErrorCode; + +typedef enum CommonSceneCode { + AT_COMMON_START = 0, + AT_COMMON_FINISH = 1, +} CommonSceneCode; + +typedef enum AddHapSceneCode { + INSTALL_START = 0, + TOKEN_ID_CHANGE, + INIT, + MAP, + INSTALL_FINISH, +} AddHapSceneCode; + +typedef enum AccessTokenDbSceneCode { + AT_DB_INSERT_RESTORE = 1001, + AT_DB_DELETE_RESTORE = 1002, + AT_DB_UPDATE_RESTORE = 1003, + AT_DB_QUERY_RESTORE = 1004, + AT_DB_COMMIT_RESTORE = 1005, +} AccessTokenDbSceneCode; + +typedef enum AccessTokenExceptionSceneCode { + // 0~0xFFF reserved for ipc code of access token manager + + // 0x1000~0x1FFF reserved for native token + NATIVE_TOKEN_INIT = 0x1000, + CHECK_PROCESS_INFO, + ADD_NODE, + UPDATE_NODE +} AccessTokenExceptionSceneCode; + +typedef enum AccessTokenExceptionErrorCode { + // 0~1 reserved for ATRET_SUCCESS and ATRET_FAILED + LOCK_FILE_FAILED = 2, + MALLOC_FAILED, + GET_FILE_BUFF_FAILED, + GET_TOKEN_LIST_FAILED, + CLEAR_CREATE_FILE_FAILED, + PROCESS_NAME_INVALID, + DCAPS_INVALID, + PERMS_INVALID, + ACLS_INVALID, + ACL_GREATER_THAN_PERMS, + APL_INVALID, + CREATE_NATIVETOKEN_ID_FAILED, + STRCPY_FAILED, + CREATE_ARRAY_FAILED, + SAVE_CONTENT_TO_CFG_FAILED, +} AccessTokenExceptionErrorCode; + +#ifdef __cplusplus +} +#endif + +#endif // ACCESSTOKEN_HISYSEVENT_COMMON_H diff --git a/frameworks/common/src/accesstoken_common_log.cpp b/frameworks/common/src/accesstoken_common_log.cpp index 47f6fa8e8..04c02c9b0 100644 --- a/frameworks/common/src/accesstoken_common_log.cpp +++ b/frameworks/common/src/accesstoken_common_log.cpp @@ -12,8 +12,11 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - +#ifdef USE_NATIVE_TOKEN_KLOG +#include "accesstoken_klog.h" +#else #include "accesstoken_common_log.h" +#endif #include #include @@ -23,14 +26,18 @@ #include #include "securec.h" -namespace OHOS { -namespace Security { -namespace AccessToken { - -constexpr uint32_t MAX_ERROR_MESSAGE_LEN = 4096; +static constexpr uint32_t MAX_ERROR_MESSAGE_LEN = 4096; static __thread uint32_t g_msgLen = 0; static __thread char g_errMsg[MAX_ERROR_MESSAGE_LEN + 1]; +#ifdef USE_NATIVE_TOKEN_KLOG +#define ACCESSTOKEN_COMMON_LOGE(domain, tag, fmt, ...) \ + ((void)LOGE(fmt, ##__VA_ARGS__)) +#else +#define ACCESSTOKEN_COMMON_LOGE(domain, tag, fmt, ...) \ + ((void)LOGE(domain, tag, fmt, ##__VA_ARGS__)) +#endif + uint32_t GetThreadErrorMsgLen(void) { return g_msgLen; @@ -51,13 +58,13 @@ void AppendThreadErrMsg(unsigned int domain, const char *tag, const uint8_t *buff, uint32_t buffLen) { if (g_msgLen + buffLen >= MAX_ERROR_MESSAGE_LEN) { - LOGE(domain, tag, "buff will overflow!" - "g_msgLen = %{public}u, buffLen = %{public}u", g_msgLen, buffLen); + ACCESSTOKEN_COMMON_LOGE(domain, tag, "Buff will overflow!" + "g_msgLen = %" LOG_PUBLIC "u, buffLen = %" LOG_PUBLIC "u", g_msgLen, buffLen); return; } if (memcpy_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN - g_msgLen, buff, buffLen) != EOK) { - LOGE(domain, tag, "memcpy_s fail!" - "g_msgLen = %{public}u, buffLen = %{public}u", g_msgLen, buffLen); + ACCESSTOKEN_COMMON_LOGE(domain, tag, "Failed to memcpy_s!" + "g_msgLen = %" LOG_PUBLIC "u, buffLen = %" LOG_PUBLIC "u", g_msgLen, buffLen); return; } g_msgLen += buffLen; @@ -67,10 +74,12 @@ static bool ReplaceSubstring(unsigned int domain, const char *tag, const char *format, char result[MAX_ERROR_MESSAGE_LEN]) { std::string formatString(format); +#ifndef USE_NATIVE_TOKEN_KLOG std::string::size_type pos; while ((pos = formatString.find(LOG_PUBLIC)) != std::string::npos) { formatString.replace(pos, strlen(LOG_PUBLIC), ""); } +#endif if (memcpy_s(result, MAX_ERROR_MESSAGE_LEN, formatString.c_str(), formatString.size()) != EOK) { return false; } @@ -85,7 +94,7 @@ void AddEventMessage(unsigned int domain, const char *tag, if (g_msgLen == 0) { char newFormat[MAX_ERROR_MESSAGE_LEN] = {0}; if (!ReplaceSubstring(domain, tag, format, newFormat)) { - LOGE(domain, tag, "skip to add errMsg"); + ACCESSTOKEN_COMMON_LOGE(domain, tag, "Skip to add errMsg"); return; } va_start(ap, format); @@ -93,17 +102,17 @@ void AddEventMessage(unsigned int domain, const char *tag, int32_t buffLen = vsnprintf_s(buff, MAX_ERROR_MESSAGE_LEN, MAX_ERROR_MESSAGE_LEN - 1, newFormat, ap); va_end(ap); if (buffLen < 0) { - LOGE(domain, tag, "vsnprintf_s fail! ret: %{public}d, newFormat:[%{public}s]", buffLen, - newFormat); + ACCESSTOKEN_COMMON_LOGE(domain, tag, + "Failed to vsnprintf_s! Ret: %" LOG_PUBLIC "d, newFormat:[%" LOG_PUBLIC "s]", buffLen, newFormat); return; } if (g_msgLen + static_cast(buffLen) >= MAX_ERROR_MESSAGE_LEN) { - LOGE(domain, tag, "errMsg is almost full!"); + ACCESSTOKEN_COMMON_LOGE(domain, tag, "ErrMsg is almost full!"); return; } if (memcpy_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN, buff, buffLen) != EOK) { - LOGE(domain, tag, "copy errMsg buff fail!"); + ACCESSTOKEN_COMMON_LOGE(domain, tag, "Failed to copy errMsg buff!"); return; } g_msgLen += static_cast(buffLen); @@ -114,19 +123,15 @@ void AddEventMessage(unsigned int domain, const char *tag, va_end(ap); if (funName == nullptr) { - LOGE(domain, tag, "Get funName fail!"); + ACCESSTOKEN_COMMON_LOGE(domain, tag, "Get funName fail!"); return; } int32_t offset = sprintf_s(g_errMsg + g_msgLen, MAX_ERROR_MESSAGE_LEN - g_msgLen, " <%s[%u]", funName, lineNo); if (offset <= 0) { - LOGE(domain, tag, "append call chain fail! offset: [%{public}d]", offset); + ACCESSTOKEN_COMMON_LOGE(domain, tag, "Failed to append call chain! Offset: [%" LOG_PUBLIC "d]", offset); return; } g_msgLen += static_cast(offset); } } - -} // namespace AccessToken -} // namespace Security -} // namespace OHOS \ No newline at end of file diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_klog.c b/frameworks/common/src/accesstoken_klog.cpp similarity index 88% rename from interfaces/innerkits/nativetoken/src/nativetoken_klog.c rename to frameworks/common/src/accesstoken_klog.cpp index 80f35c6b7..32804a4aa 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken_klog.c +++ b/frameworks/common/src/accesstoken_klog.cpp @@ -13,16 +13,16 @@ * limitations under the License. */ -#include "nativetoken_klog.h" +#include "accesstoken_klog.h" +#include #include -#include #include #include "securec.h" #define MAX_LOG_SIZE 1024 #define MAX_LEVEL_SIZE 3 -static const char *LOG_LEVEL_STR[] = {"ERROR", "WARNING", "INFO"}; +static const char *g_logLevelStr[] = {"ERROR", "WARNING", "INFO"}; #ifndef UNLIKELY #define UNLIKELY(x) __builtin_expect(!!(x), 0) @@ -64,7 +64,7 @@ int NativeTokenKmsg(int logLevel, const char *fmt, ...) char logInfo[MAX_LOG_SIZE]; int res = snprintf_s(logInfo, MAX_LOG_SIZE, MAX_LOG_SIZE - 1, "[pid=%d][%s][%s] %s", - getpid(), "access_token", LOG_LEVEL_STR[logLevel], tmpFmt); + getpid(), "access_token", g_logLevelStr[logLevel], tmpFmt); if (res == -1) { (void)fdsan_close_with_tag(g_fd, g_nativeKmsgFdTag); g_fd = -1; diff --git a/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp b/frameworks/common/src/hisysevent_adapter.cpp similarity index 100% rename from services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp rename to frameworks/common/src/hisysevent_adapter.cpp diff --git a/interfaces/innerkits/nativetoken/BUILD.gn b/interfaces/innerkits/nativetoken/BUILD.gn index 1caeae894..4a1c16b0f 100644 --- a/interfaces/innerkits/nativetoken/BUILD.gn +++ b/interfaces/innerkits/nativetoken/BUILD.gn @@ -12,6 +12,7 @@ # limitations under the License. import("//build/ohos.gni") +import("../../../access_token.gni") config("accesstokenlib") { visibility = [ ":*" ] @@ -19,6 +20,11 @@ config("accesstokenlib") { } if (is_standard_system) { + nativetoken_soruces = [ + "src/nativetoken.c", + "src/nativetoken_hisysevent.c", + "src/nativetoken_json_oper.c", + ] ohos_static_library("libnativetoken") { subsystem_name = "security" part_name = "access_token" @@ -34,18 +40,17 @@ if (is_standard_system) { cflags = [ "-Wall" ] - include_dirs = [ "src" ] + include_dirs = [ "${access_token_path}/frameworks/common/include" ] - sources = [ - "src/nativetoken.c", - "src/nativetoken_json_oper.c", - "src/nativetoken_klog.c", - ] + sources = nativetoken_soruces + + deps = [ "${access_token_path}/frameworks/common:accesstoken_static_log_for_nativetoken" ] external_deps = [ "bounds_checking_function:libsec_shared", "cJSON:cjson_static", "hilog:libhilog", + "hisysevent:libhisysevent", ] if (build_selinux) { @@ -69,18 +74,17 @@ if (is_standard_system) { cflags = [ "-Wall" ] - include_dirs = [ "src" ] + include_dirs = [ "${access_token_path}/frameworks/common/include" ] - sources = [ - "src/nativetoken.c", - "src/nativetoken_json_oper.c", - "src/nativetoken_klog.c", - ] + sources = nativetoken_soruces + + deps = [ "${access_token_path}/frameworks/common:accesstoken_static_log_for_nativetoken" ] external_deps = [ "bounds_checking_function:libsec_shared", "cJSON:cjson_static", "hilog:libhilog", + "hisysevent:libhisysevent", ] if (build_selinux) { diff --git a/interfaces/innerkits/nativetoken/include/nativetoken_hisysevent.h b/interfaces/innerkits/nativetoken/include/nativetoken_hisysevent.h new file mode 100644 index 000000000..10430ff8e --- /dev/null +++ b/interfaces/innerkits/nativetoken/include/nativetoken_hisysevent.h @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef NATIVE_TOKEN_HISYSEVENT_H +#define NATIVE_TOKEN_HISYSEVENT_H + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define ACCESS_TOKEND_DOMAIN "ACCESS_TOKEN" +#define EVENT_NATIVE_TOKEN_EXCEPTION "ACCESSTOKEN_EXCEPTION" + +void ReportNativeTokenExceptionEvent(int32_t sceneCode, int32_t errorCode, const char* errorMsg); + +#ifdef __cplusplus +} +#endif +#endif // NATIVE_TOKEN_HISYSEVENT_H diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index b76984604..cd7ac4304 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -25,16 +25,22 @@ #include #include #include -#include "securec.h" +#include "accesstoken_klog.h" +#include "hisysevent_common.h" +#include "nativetoken_hisysevent.h" #include "nativetoken_json_oper.h" #include "nativetoken_kit.h" -#include "nativetoken_klog.h" - +#include "securec.h" NativeTokenList *g_tokenListHead; int32_t g_isNativeTokenInited = 0; const uint64_t g_nativeFdTag = 0xD005A01; +#define BREAK_IF_TRUE(cond) \ + if (cond) { \ + break; \ + } + int32_t GetFileBuff(const char *cfg, char **retBuff) { struct stat fileStat; @@ -46,47 +52,47 @@ int32_t GetFileBuff(const char *cfg, char **retBuff) *retBuff = NULL; return ATRET_SUCCESS; } - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:invalid filePath.", __func__); - return ATRET_FAILED; + LOGC("Invalid filePath, errno=%d.", errno); + return GET_FILE_BUFF_FAILED; } if (stat(filePath, &fileStat) != 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:stat file failed.", __func__); - return ATRET_FAILED; + LOGC("Failed to stat file, errno=%d.", errno); + return GET_FILE_BUFF_FAILED; } if (fileStat.st_size == 0) { - NativeTokenKmsg(NATIVETOKEN_KINFO, "[%s]: file is empty", __func__); + LOGI("Empty file"); *retBuff = NULL; return ATRET_SUCCESS; } if (fileStat.st_size > MAX_JSON_FILE_LEN) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:stat file size is invalid.", __func__); - return ATRET_FAILED; + LOGC("Invalid size."); + return GET_FILE_BUFF_FAILED; } size_t fileSize = (unsigned)fileStat.st_size; FILE *cfgFd = fopen(filePath, "r"); if (cfgFd == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fopen file failed.", __func__); - return ATRET_FAILED; + LOGC("Failed to fopen file, errno=%d.", errno); + return GET_FILE_BUFF_FAILED; } char *buff = (char *)malloc((size_t)(fileSize + 1)); if (buff == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:memory alloc failed.", __func__); + LOGC("Failed to alloc memory for buffer."); (void)fclose(cfgFd); - return ATRET_FAILED; + return GET_FILE_BUFF_FAILED; } - - if (fread(buff, fileSize, 1, cfgFd) != 1) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fread failed.", __func__); + size_t readSize = fread(buff, fileSize, 1, cfgFd); + if (readSize != 1) { + LOGC("Failed to fread, readSize=%zu, errno=%d.", readSize, errno); free(buff); buff = NULL; (void)fclose(cfgFd); - return ATRET_FAILED; + return GET_FILE_BUFF_FAILED; } buff[fileSize] = '\0'; *retBuff = buff; @@ -107,13 +113,25 @@ static int32_t GetNativeTokenFromJson(cJSON *cjsonItem, NativeTokenList *tokenNo StrArrayAttr attr; ret = GetProcessNameFromJson(cjsonItem, tokenNode); - ret |= GetTokenIdFromJson(cjsonItem, tokenNode); - ret |= GetAplFromJson(cjsonItem, tokenNode); + if (ret != ATRET_SUCCESS) { + LOGC("Failed to GetProcessNameFromJson."); + return ATRET_FAILED; + } + ret = GetTokenIdFromJson(cjsonItem, tokenNode); + if (ret != ATRET_SUCCESS) { + LOGC("Failed to GetTokenIdFromJson."); + return ATRET_FAILED; + } + ret = GetAplFromJson(cjsonItem, tokenNode); + if (ret != ATRET_SUCCESS) { + LOGC("Failed to GetAplFromJson."); + return ATRET_FAILED; + } StrAttrSet(&attr, MAX_DCAP_LEN, MAX_DCAPS_NUM, DCAPS_KEY_NAME); - ret |= GetInfoArrFromJson(cjsonItem, &tokenNode->dcaps, &(tokenNode->dcapsNum), &attr); + ret = GetInfoArrFromJson(cjsonItem, &tokenNode->dcaps, &(tokenNode->dcapsNum), &attr); if (ret != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:GetInfoArrFromJson failed for dcaps.", __func__); + LOGC("Failed to GetInfoArrFromJson for dcaps."); return ATRET_FAILED; } @@ -121,7 +139,7 @@ static int32_t GetNativeTokenFromJson(cJSON *cjsonItem, NativeTokenList *tokenNo ret = GetInfoArrFromJson(cjsonItem, &tokenNode->perms, &(tokenNode->permsNum), &attr); if (ret != ATRET_SUCCESS) { FreeStrArray(&tokenNode->dcaps, tokenNode->dcapsNum - 1); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:GetInfoArrFromJson failed for perms.", __func__); + LOGC("Failed to GetInfoArrFromJsonfor perms."); return ATRET_FAILED; } @@ -130,7 +148,7 @@ static int32_t GetNativeTokenFromJson(cJSON *cjsonItem, NativeTokenList *tokenNo if (ret != ATRET_SUCCESS) { FreeStrArray(&tokenNode->dcaps, tokenNode->dcapsNum - 1); FreeStrArray(&tokenNode->perms, tokenNode->permsNum - 1); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:GetInfoArrFromJson failed for acls.", __func__); + LOGC("Failed to GetInfoArrFromJsonfor acls."); return ATRET_FAILED; } return ATRET_SUCCESS; @@ -183,33 +201,34 @@ static int32_t GetTokenList(const cJSON *object) NativeTokenList *tmp = NULL; if (object == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:object is null.", __func__); - return ATRET_FAILED; + LOGC("Oobject is null."); + return GET_TOKEN_LIST_FAILED; } int32_t arraySize = cJSON_GetArraySize(object); if (arraySize <= 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:array is empty.", __func__); - return ATRET_FAILED; + LOGC("Empty array."); + return GET_TOKEN_LIST_FAILED; } for (int32_t i = 0; i < arraySize; i++) { tmp = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tmp == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:memory alloc failed.", __func__); + LOGC("Failed to alloc memory for node."); FreeTokenList(); - return ATRET_FAILED; + return GET_TOKEN_LIST_FAILED; } cJSON *cjsonItem = cJSON_GetArrayItem(object, i); if (cjsonItem == NULL) { free(tmp); FreeTokenList(); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_GetArrayItem failed.", __func__); - return ATRET_FAILED; + LOGC("Failed to cJSON_GetArrayItem."); + return GET_TOKEN_LIST_FAILED; } if (GetNativeTokenFromJson(cjsonItem, tmp) != ATRET_SUCCESS) { free(tmp); FreeTokenList(); - return ATRET_FAILED; + LOGC("Failed to GetNativeTokenFromJson."); + return GET_TOKEN_LIST_FAILED; } tmp->next = g_tokenListHead->next; @@ -226,6 +245,7 @@ static int32_t ParseTokenInfo(void) ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); if (ret != ATRET_SUCCESS) { + LOGC("Failed to read nativetoken.json to buffer, ret=%d.", ret); return ret; } if (fileBuff == NULL) { @@ -245,8 +265,8 @@ static int32_t ClearOrCreateCfgFile(void) { int32_t fd = open(TOKEN_ID_CFG_FILE_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP); if (fd < 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__); - return ATRET_FAILED; + LOGC("Failed to open file, errno=%d.", errno); + return CLEAR_CREATE_FILE_FAILED; } fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); @@ -259,12 +279,12 @@ static int32_t ClearOrCreateCfgFile(void) struct stat buf; if (stat(TOKEN_ID_CFG_DIR_PATH, &buf) != 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:stat folder path is invalid %d.", __func__, errno); - return ATRET_FAILED; + LOGC("Failed to stat file, errno=%d.", errno); + return CLEAR_CREATE_FILE_FAILED; } if (chown(TOKEN_ID_CFG_FILE_PATH, buf.st_uid, buf.st_gid) != 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:chown failed, errno is %d.", __func__, errno); - return ATRET_FAILED; + LOGC("Failed to chown file, errno=%d.", errno); + return CLEAR_CREATE_FILE_FAILED; } return ATRET_SUCCESS; @@ -274,19 +294,22 @@ int32_t AtlibInit(void) { g_tokenListHead = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (g_tokenListHead == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:g_tokenListHead memory alloc failed.", __func__); - return ATRET_FAILED; + LOGC("Faile to alloc memory for g_tokenListHead."); + return MALLOC_FAILED; } g_tokenListHead->next = NULL; int32_t isClearOrCreate = 0; int32_t ret = ParseTokenInfo(); if (ret != ATRET_SUCCESS) { + ReportNativeTokenExceptionEvent(NATIVE_TOKEN_INIT, ret, GetThreadErrorMsg()); + ClearThreadErrorMsg(); if (g_tokenListHead->next != NULL) { - return ATRET_FAILED; + FreeTokenList(); } ret = ClearOrCreateCfgFile(); if (ret != ATRET_SUCCESS) { + LOGC("Failed to ClearOrCreateCfgFile."); free(g_tokenListHead); g_tokenListHead = NULL; return ret; @@ -295,10 +318,14 @@ int32_t AtlibInit(void) } if (g_tokenListHead->next == NULL) { - if (isClearOrCreate == 0 && ClearOrCreateCfgFile() != ATRET_SUCCESS) { - free(g_tokenListHead); - g_tokenListHead = NULL; - return ATRET_FAILED; + if (isClearOrCreate == 0) { + ret = ClearOrCreateCfgFile(); + if (ret != ATRET_SUCCESS) { + LOGC("Failed to ClearOrCreateCfgFile."); + free(g_tokenListHead); + g_tokenListHead = NULL; + return ret; + } } } g_isNativeTokenInited = 1; @@ -312,6 +339,7 @@ static int32_t GetRandomTokenId(uint32_t *randNum) ssize_t len; int32_t fd = open("/dev/urandom", O_RDONLY); if (fd < 0) { + LOGC("Failed to open urandom, errno=%d.", errno); return ATRET_FAILED; } fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); @@ -319,7 +347,7 @@ static int32_t GetRandomTokenId(uint32_t *randNum) (void)fdsan_close_with_tag(fd, g_nativeFdTag); if (len != sizeof(random)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:read failed.", __func__); + LOGC("Faild to read, len(%" PRIdPTR "", len); return ATRET_FAILED; } *randNum = random; @@ -348,6 +376,7 @@ static NativeAtId CreateNativeTokenId(const char *processName) while (retry > 0) { if (GetRandomTokenId(&rand) != ATRET_SUCCESS) { + LOGC("Failed to GetRandomTokenId."); return INVALID_TOKEN_ID; } if (IsTokenUniqueIdExist(rand & (TOKEN_RANDOM_MASK)) == 0) { @@ -356,7 +385,7 @@ static NativeAtId CreateNativeTokenId(const char *processName) retry--; } if (retry == 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:retry times is 0.", __func__); + LOGC("Failed to get unique tokenId."); return INVALID_TOKEN_ID; } @@ -387,44 +416,47 @@ static int32_t GetAplLevel(const char *aplStr) if (strcmp(aplStr, "normal") == 0) { return NORMAL; } - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:aplStr is invalid.", __func__); + LOGC("Invalid aplStr(%s).", aplStr); return 0; } -static void WriteToFile(const cJSON *root) +static uint32_t WriteToFile(const cJSON *root) { char *jsonStr = NULL; jsonStr = cJSON_PrintUnformatted(root); if (jsonStr == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_PrintUnformatted failed.", __func__); - return; + LOGC("Failed to cJSON_PrintUnformatted."); + return ATRET_FAILED; } + uint32_t ret = ATRET_SUCCESS; do { int32_t fd = open(TOKEN_ID_CFG_FILE_PATH, O_RDWR | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP); if (fd < 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__); + LOGC("Failed to open file, errno(%d).", errno); + ret = ATRET_FAILED; break; } fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); size_t strLen = strlen(jsonStr); ssize_t writtenLen = write(fd, (void *)jsonStr, (size_t)strLen); if (fsync(fd) != 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fsync failed, errno is %d.", __func__, errno); + LOGE("Failed to fsync, errno=%d.", errno); } (void)fdsan_close_with_tag(fd, g_nativeFdTag); if (writtenLen < 0 || (size_t)writtenLen != strLen) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:write failed, writtenLen is %zu.", __func__, writtenLen); + LOGC("Failed to write, writtenLen=%zu.", writtenLen); + ret = ATRET_FAILED; break; } } while (0); cJSON_free(jsonStr); - return; + return ret; } -static void SaveTokenIdToCfg(const NativeTokenList *curr) +static uint32_t SaveTokenIdToCfg(const NativeTokenList *curr) { char *fileBuff = NULL; cJSON *record = NULL; @@ -432,7 +464,8 @@ static void SaveTokenIdToCfg(const NativeTokenList *curr) ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); if (ret != ATRET_SUCCESS) { - return; + LOGC("Failed to GetFileBuff, ret=%d.", ret); + return ret; } if (fileBuff == NULL) { @@ -444,69 +477,103 @@ static void SaveTokenIdToCfg(const NativeTokenList *curr) } if (record == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:get record failed.", __func__); - return; + LOGC("Failed to get record."); + return SAVE_CONTENT_TO_CFG_FAILED; } cJSON *node = CreateNativeTokenJsonObject(curr); if (node == NULL) { + LOGC("Failed to CreateNativeTokenJsonObject."); cJSON_Delete(record); - return; + return SAVE_CONTENT_TO_CFG_FAILED; + } + if (!cJSON_AddItemToArray(record, node)) { + LOGC("Failed to cJSON_AddItemToArray."); + cJSON_Delete(node); + cJSON_Delete(record); + return SAVE_CONTENT_TO_CFG_FAILED; } - cJSON_AddItemToArray(record, node); - WriteToFile(record); + if (WriteToFile(record) != ATRET_SUCCESS) { + LOGC("Failed to WriteToFile."); + cJSON_Delete(record); + return SAVE_CONTENT_TO_CFG_FAILED; + } cJSON_Delete(record); - return; + return ATRET_SUCCESS; } static uint32_t CheckStrArray(const char **strArray, int32_t strNum, int32_t maxNum, uint32_t maxInfoLen) { - if (((strArray == NULL) && (strNum != 0)) || - (strNum > maxNum) || (strNum < 0)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strArray is null or strNum is invalid.", __func__); + if ((strArray == NULL) && (strNum != 0)) { + LOGC("StrArray is null but strNum != 0."); + return ATRET_FAILED; + } + if ((strNum > maxNum) || (strNum < 0)) { + LOGC("Invalid strNum(%d).", strNum); return ATRET_FAILED; } for (int32_t i = 0; i < strNum; i++) { - if ((strArray[i] == NULL) || (strlen(strArray[i]) > maxInfoLen) || (strlen(strArray[i]) == 0)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strArray[%d] length is invalid.", __func__, i); + if (strArray[i] == NULL) { + LOGC("StrArray[%d] is null.", i); + return ATRET_FAILED; + } + size_t len = strlen(strArray[i]); + if ((len > maxInfoLen) || (len == 0)) { + LOGC("Invalid strArray[%d] length(%zu).", i, len); return ATRET_FAILED; } } return ATRET_SUCCESS; } -static uint32_t CheckProcessInfo(NativeTokenInfoParams *tokenInfo, int32_t *aplRet) +static uint32_t CheckProcessName(const char *processName) { - if ((tokenInfo->processName == NULL) || strlen(tokenInfo->processName) > MAX_PROCESS_NAME_LEN || - strlen(tokenInfo->processName) == 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:processName is invalid.", __func__); + if (processName == NULL) { + LOGC("ProcessName is null."); return ATRET_FAILED; } + + size_t len = strlen(processName); + if (len > MAX_PROCESS_NAME_LEN || len == 0) { + LOGC("Invalid processName, length(%zu).", len); + return ATRET_FAILED; + } + return ATRET_SUCCESS; +} + +static uint32_t CheckProcessInfo(NativeTokenInfoParams *tokenInfo, int32_t *aplRet) +{ + if (CheckProcessName(tokenInfo->processName) != ATRET_SUCCESS) { + LOGC("Invalid processName."); + return PROCESS_NAME_INVALID; + } + uint32_t retDcap = CheckStrArray(tokenInfo->dcaps, tokenInfo->dcapsNum, MAX_DCAPS_NUM, MAX_DCAP_LEN); if (retDcap != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:dcaps is invalid.", __func__); - return ATRET_FAILED; + LOGC("Invalid dcaps."); + return DCAPS_INVALID; } uint32_t retPerm = CheckStrArray(tokenInfo->perms, tokenInfo->permsNum, MAX_PERM_NUM, MAX_PERM_LEN); if (retPerm != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:perms is invalid.", __func__); - return ATRET_FAILED; + LOGC("Invalid perms."); + return PERMS_INVALID; } uint32_t retAcl = CheckStrArray(tokenInfo->acls, tokenInfo->aclsNum, MAX_PERM_NUM, MAX_PERM_LEN); if (retAcl != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:acls is invalid.", __func__); - return ATRET_FAILED; + LOGC("Invalid acls."); + return ACLS_INVALID; } if (tokenInfo->aclsNum > tokenInfo->permsNum) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:aclsNum is invalid.", __func__); - return ATRET_FAILED; + LOGC("Invalid aclsNum(%d) or permsNum(%d).", tokenInfo->aclsNum, tokenInfo->permsNum); + return ACL_GREATER_THAN_PERMS; } int32_t apl = GetAplLevel(tokenInfo->aplStr); if (apl == 0) { - return ATRET_FAILED; + LOGC("Invalid aplStr(%s).", tokenInfo->aplStr); + return APL_INVALID; } *aplRet = apl; return ATRET_SUCCESS; @@ -515,6 +582,7 @@ static uint32_t CheckProcessInfo(NativeTokenInfoParams *tokenInfo, int32_t *aplR static uint32_t CreateStrArray(int32_t num, const char **strArr, char ***strArrRes) { if (num > MAX_PERM_NUM) { + LOGC("Oversize array, size=%d.", num); return ATRET_FAILED; } if (num == 0) { @@ -523,7 +591,7 @@ static uint32_t CreateStrArray(int32_t num, const char **strArr, char ***strArrR } *strArrRes = (char **)malloc(num * sizeof(char *)); if (*strArrRes == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]: strArrRes malloc failed.", __func__); + LOGC("Failed to alloc memory for strArray."); return ATRET_FAILED; } for (int32_t i = 0; i < num; i++) { @@ -531,7 +599,7 @@ static uint32_t CreateStrArray(int32_t num, const char **strArr, char ***strArrR (*strArrRes)[i] = (char *)malloc(sizeof(char) * length + 1); if ((*strArrRes)[i] == NULL || (strcpy_s((*strArrRes)[i], length + 1, strArr[i]) != EOK)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:copy strArr[%d] failed.", __func__, i); + LOGC("Failed to copy strArr[%d].", i); FreeStrArray(strArrRes, i); return ATRET_FAILED; } @@ -548,39 +616,43 @@ static uint32_t AddNewTokenToListAndFile(const NativeTokenInfoParams *tokenInfo, id = CreateNativeTokenId(tokenInfo->processName); if (id == INVALID_TOKEN_ID) { - return ATRET_FAILED; + LOGC("Failed to get new native tokenId."); + return CREATE_NATIVETOKEN_ID_FAILED; } tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tokenNode == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:memory alloc failed.", __func__); - return ATRET_FAILED; + LOGC("Failed to alloc memory for tokenNode."); + return MALLOC_FAILED; } tokenNode->tokenId = id; tokenNode->apl = aplIn; if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN + 1, tokenInfo->processName) != EOK) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strcpy_s failed.", __func__); + LOGC("Failed to copy process name."); free(tokenNode); - return ATRET_FAILED; + return STRCPY_FAILED; } tokenNode->dcapsNum = tokenInfo->dcapsNum; tokenNode->permsNum = tokenInfo->permsNum; tokenNode->aclsNum = tokenInfo->aclsNum; if (CreateStrArray(tokenInfo->dcapsNum, tokenInfo->dcaps, &tokenNode->dcaps) != ATRET_SUCCESS) { + LOGC("Failed to CreateStrArray for dcaps."); free(tokenNode); - return ATRET_FAILED; + return CREATE_ARRAY_FAILED; } if (CreateStrArray(tokenInfo->permsNum, tokenInfo->perms, &tokenNode->perms) != ATRET_SUCCESS) { + LOGC("Failed to CreateStrArray for perms."); FreeStrArray(&tokenNode->dcaps, tokenInfo->dcapsNum - 1); free(tokenNode); - return ATRET_FAILED; + return CREATE_ARRAY_FAILED; } if (CreateStrArray(tokenInfo->aclsNum, tokenInfo->acls, &tokenNode->acls) != ATRET_SUCCESS) { + LOGC("Failed to CreateStrArray for acls."); FreeStrArray(&tokenNode->dcaps, tokenInfo->dcapsNum - 1); FreeStrArray(&tokenNode->perms, tokenInfo->permsNum - 1); free(tokenNode); - return ATRET_FAILED; + return CREATE_ARRAY_FAILED; } tokenNode->next = g_tokenListHead->next; @@ -588,8 +660,7 @@ static uint32_t AddNewTokenToListAndFile(const NativeTokenInfoParams *tokenInfo, *tokenId = id; - SaveTokenIdToCfg(tokenNode); - return ATRET_SUCCESS; + return SaveTokenIdToCfg(tokenNode); } static int32_t CompareTokenInfo(const NativeTokenList *tokenNode, @@ -627,7 +698,7 @@ static uint32_t UpdateStrArrayInList(char **strArr[], int32_t *strNum, const char **strArrNew, int32_t strNumNew) { if (strNum == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strNum length is invalid.", __func__); + LOGC("StrNum is null."); return ATRET_FAILED; } @@ -646,19 +717,23 @@ static uint32_t UpdateTokenInfoInList(NativeTokenList *tokenNode, uint32_t ret = UpdateStrArrayInList(&tokenNode->dcaps, &(tokenNode->dcapsNum), tokenInfo->dcaps, tokenInfo->dcapsNum); if (ret != ATRET_SUCCESS) { - return ret; + LOGC("Failed to updateStrArray for dcaps."); + return CREATE_ARRAY_FAILED; } ret = UpdateStrArrayInList(&tokenNode->perms, &(tokenNode->permsNum), tokenInfo->perms, tokenInfo->permsNum); if (ret != ATRET_SUCCESS) { + LOGC("Failed to updateStrArray for perms."); FreeStrArray(&tokenNode->dcaps, tokenNode->dcapsNum - 1); - return ret; + return CREATE_ARRAY_FAILED; } ret = UpdateStrArrayInList(&tokenNode->acls, &(tokenNode->aclsNum), tokenInfo->acls, tokenInfo->aclsNum); if (ret != ATRET_SUCCESS) { + LOGC("Failed to updateStrArray for acls."); FreeStrArray(&tokenNode->dcaps, tokenNode->dcapsNum - 1); FreeStrArray(&tokenNode->perms, tokenNode->permsNum - 1); + return CREATE_ARRAY_FAILED; } return ret; } @@ -668,9 +743,10 @@ static uint32_t UpdateInfoInCfgFile(const NativeTokenList *tokenNode) cJSON *record = NULL; char *fileBuffer = NULL; uint32_t ret; - - if (GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuffer) != ATRET_SUCCESS) { - return ATRET_FAILED; + ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuffer); + if (ret != ATRET_SUCCESS) { + LOGC("Failed to GetFileBuff, ret=%d.", ret); + return ret; } if (fileBuffer == NULL) { @@ -682,18 +758,22 @@ static uint32_t UpdateInfoInCfgFile(const NativeTokenList *tokenNode) } if (record == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:get record failed.", __func__); - return ATRET_FAILED; + LOGC("Failed to get record."); + return SAVE_CONTENT_TO_CFG_FAILED; } ret = UpdateGoalItemFromRecord(tokenNode, record); if (ret != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:UpdateGoalItemFromRecord failed.", __func__); + LOGC("Failed to UpdateGoalItemFromRecord."); cJSON_Delete(record); - return ATRET_FAILED; + return SAVE_CONTENT_TO_CFG_FAILED; } - WriteToFile(record); + if (WriteToFile(record) != ATRET_SUCCESS) { + LOGC("Failed to WriteToFile."); + cJSON_Delete(record); + return SAVE_CONTENT_TO_CFG_FAILED; + } cJSON_Delete(record); return ATRET_SUCCESS; } @@ -703,9 +783,8 @@ static uint32_t LockNativeTokenFile(int32_t *lockFileFd) { int32_t fd = open(TOKEN_ID_CFG_FILE_LOCK_PATH, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP); if (fd < 0) { - NativeTokenKmsg(NATIVETOKEN_KERROR, - "[%s]: Failed to open native token file, errno is %d.", __func__, errno); - return ATRET_FAILED; + LOGC("Failed to open native token file, errno=%d.", errno); + return LOCK_FILE_FAILED; } fdsan_exchange_owner_tag(fd, 0, g_nativeFdTag); #ifdef WITH_SELINUX @@ -720,16 +799,16 @@ static uint32_t LockNativeTokenFile(int32_t *lockFileFd) for (int i = 0; i < MAX_RETRY_LOCK_TIMES; i++) { ret = fcntl(fd, F_SETLK, &lock); if (ret == -1) { - NativeTokenKmsg(NATIVETOKEN_KERROR, - "[%s]: Failed to lock the file, try %d time, errno is %d.", __func__, i, errno); + LOGE("Failed to lock the file, try %d time, errno is %d.", i, errno); usleep(SLEEP_TIME); } else { break; } } if (ret == -1) { + LOGC("Failed to lock the file, errno=%d.", errno); (void)fdsan_close_with_tag(fd, g_nativeFdTag); - return ATRET_FAILED; + return LOCK_FILE_FAILED; } *lockFileFd = fd; return ATRET_SUCCESS; @@ -737,6 +816,10 @@ static uint32_t LockNativeTokenFile(int32_t *lockFileFd) static void UnlockNativeTokenFile(int32_t lockFileFd) { + if (lockFileFd < 0) { + LOGE("Invalid fd."); + return; + } struct flock lock; lock.l_type = F_UNLCK; lock.l_whence = SEEK_SET; @@ -744,28 +827,27 @@ static void UnlockNativeTokenFile(int32_t lockFileFd) lock.l_len = 0; if (fcntl(lockFileFd, F_SETLK, &lock) == -1) { - NativeTokenKmsg(NATIVETOKEN_KERROR, - "[%s]: Failed to unlock file, errno is %d.", __func__, errno); + LOGE("Failed to unlock file, errno=%d.", errno); } (void)fdsan_close_with_tag(lockFileFd, g_nativeFdTag); } -static uint32_t AddOrUpdateTokenInfo(NativeTokenInfoParams *tokenInfo, NativeTokenList *tokenNode, - int32_t apl, NativeAtId *tokenId) +static uint32_t UpdateNewTokenToListAndFile(NativeTokenInfoParams *tokenInfo, NativeTokenList *tokenNode, int32_t apl) { uint32_t ret = ATRET_SUCCESS; - if (tokenNode == NULL) { - ret = AddNewTokenToListAndFile(tokenInfo, apl, tokenId); - } else { - int32_t needTokenUpdate = CompareTokenInfo(tokenNode, tokenInfo->dcaps, tokenInfo->dcapsNum, apl); - int32_t needPermUpdate = ComparePermsInfo(tokenNode, tokenInfo->perms, tokenInfo->permsNum); - if ((needTokenUpdate != 0) || (needPermUpdate != 0)) { - ret = UpdateTokenInfoInList(tokenNode, tokenInfo); - if (ret != ATRET_SUCCESS) { - RemoveNodeFromList(&tokenNode); - return ATRET_FAILED; - } - ret = UpdateInfoInCfgFile(tokenNode); + int32_t needTokenUpdate = CompareTokenInfo(tokenNode, tokenInfo->dcaps, tokenInfo->dcapsNum, apl); + int32_t needPermUpdate = ComparePermsInfo(tokenNode, tokenInfo->perms, tokenInfo->permsNum); + if ((needTokenUpdate != 0) || (needPermUpdate != 0)) { + ret = UpdateTokenInfoInList(tokenNode, tokenInfo); + if (ret != ATRET_SUCCESS) { + LOGC("Failed to UpdateTokenInfoInList, ret=%u.", ret); + RemoveNodeFromList(&tokenNode); + ReportNativeTokenExceptionEvent(UPDATE_NODE, ret, GetThreadErrorMsg()); + return ret; + } + ret = UpdateInfoInCfgFile(tokenNode); + if (ret != ATRET_SUCCESS) { + LOGC("Failed to UpdateInfoInCfgFile, ret=%u.", ret); } } return ret; @@ -778,39 +860,49 @@ uint64_t GetAccessTokenId(NativeTokenInfoParams *tokenInfo) int32_t apl; NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); int32_t fd = -1; - uint32_t ret = LockNativeTokenFile(&fd); - if (ret != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]: Failed to lock file", __func__); - return INVALID_TOKEN_ID; - } - - if ((g_isNativeTokenInited == 0) && (AtlibInit() != ATRET_SUCCESS)) { - UnlockNativeTokenFile(fd); - return INVALID_TOKEN_ID; - } - ret = CheckProcessInfo(tokenInfo, &apl); - if (ret != ATRET_SUCCESS) { - UnlockNativeTokenFile(fd); - return INVALID_TOKEN_ID; - } - - NativeTokenList *tokenNode = g_tokenListHead->next; - while (tokenNode != NULL) { - if (strcmp(tokenNode->processName, tokenInfo->processName) == 0) { - tokenId = tokenNode->tokenId; - break; + int32_t sceneCode = -1; + uint32_t ret = ATRET_SUCCESS; + ClearThreadErrorMsg(); + do { + ret = LockNativeTokenFile(&fd); + sceneCode = NATIVE_TOKEN_INIT; + BREAK_IF_TRUE(ret != ATRET_SUCCESS); + + if (g_isNativeTokenInited == 0) { + ret = (uint32_t)AtlibInit(); + sceneCode = NATIVE_TOKEN_INIT; + BREAK_IF_TRUE(ret != ATRET_SUCCESS); + } + ret = CheckProcessInfo(tokenInfo, &apl); + sceneCode = CHECK_PROCESS_INFO; + BREAK_IF_TRUE(ret != ATRET_SUCCESS); + + NativeTokenList *tokenNode = g_tokenListHead->next; + while (tokenNode != NULL) { + if (strcmp(tokenNode->processName, tokenInfo->processName) == 0) { + tokenId = tokenNode->tokenId; + break; + } + tokenNode = tokenNode->next; } - tokenNode = tokenNode->next; - } - ret = AddOrUpdateTokenInfo(tokenInfo, tokenNode, apl, &tokenId); + if (tokenNode == NULL) { + ret = AddNewTokenToListAndFile(tokenInfo, apl, &tokenId); + sceneCode = ADD_NODE; + BREAK_IF_TRUE(ret != ATRET_SUCCESS); + } else { + ret = UpdateNewTokenToListAndFile(tokenInfo, tokenNode, apl); + sceneCode = UPDATE_NODE; + BREAK_IF_TRUE(ret != ATRET_SUCCESS); + } + } while (0); + UnlockNativeTokenFile(fd); if (ret != ATRET_SUCCESS) { - UnlockNativeTokenFile(fd); + ReportNativeTokenExceptionEvent(sceneCode, (int32_t)ret, GetThreadErrorMsg()); return INVALID_TOKEN_ID; } - atPoint->tokenId = tokenId; atPoint->tokenAttr = 0; - UnlockNativeTokenFile(fd); return result; } + diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_hisysevent.c b/interfaces/innerkits/nativetoken/src/nativetoken_hisysevent.c new file mode 100644 index 000000000..d0cc5bcaf --- /dev/null +++ b/interfaces/innerkits/nativetoken/src/nativetoken_hisysevent.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "nativetoken_hisysevent.h" + +#include "accesstoken_klog.h" +#include "hisysevent_c.h" +#include "securec.h" + +#define MSG_MAX_LEN 4096 + +void ReportNativeTokenExceptionEvent(int32_t sceneCode, int32_t errorCode, const char* errorMsg) +{ + if (errorMsg == NULL || strlen(errorMsg) == 0) { + LOGC("Null or empty errorMsg."); + return; + } + char tempErrorMsg[MSG_MAX_LEN + 1] = {0}; + if (strcpy_s(tempErrorMsg, sizeof(tempErrorMsg), errorMsg) != 0) { + LOGC("Failed to copy error message."); + return; + } + HiSysEventParam params[] = { + { + .name = "SCENE_CODE", + .t = HISYSEVENT_INT32, + .v = { .i32 = sceneCode }, + .arraySize = 0, + }, + { + .name = "ERROR_CODE", + .t = HISYSEVENT_INT32, + .v = { .i32 = errorCode }, + .arraySize = 0, + }, + { + .name = "ERROR_MSG", + .t = HISYSEVENT_STRING, + .v = { .s = tempErrorMsg }, + .arraySize = 0, + }, + }; + OH_HiSysEvent_Write(ACCESS_TOKEND_DOMAIN, EVENT_NATIVE_TOKEN_EXCEPTION, + HISYSEVENT_FAULT, params, sizeof(params) / sizeof(params[0])); +} diff --git a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c index 3108c96a8..c5b206b77 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken_json_oper.c @@ -17,7 +17,7 @@ #include #include -#include "nativetoken_klog.h" +#include "accesstoken_klog.h" void FreeStrArray(char ***arr, int32_t num) { @@ -39,14 +39,18 @@ void FreeStrArray(char ***arr, int32_t num) uint32_t GetProcessNameFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) { cJSON *processNameJson = cJSON_GetObjectItem(cjsonItem, PROCESS_KEY_NAME); - if (!cJSON_IsString(processNameJson) || (processNameJson->valuestring == NULL) || - (strlen(processNameJson->valuestring) > MAX_PROCESS_NAME_LEN)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:processNameJson is invalid.", __func__); + if (!cJSON_IsString(processNameJson) || (processNameJson->valuestring == NULL)) { + LOGC("Invalid processNameJson."); + return ATRET_FAILED; + } + + if (strlen(processNameJson->valuestring) > MAX_PROCESS_NAME_LEN) { + LOGC("Invalid processName length."); return ATRET_FAILED; } if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN + 1, processNameJson->valuestring) != EOK) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strcpy_s failed.", __func__); + LOGC("Failed to copy process name."); return ATRET_FAILED; } return ATRET_SUCCESS; @@ -56,13 +60,13 @@ uint32_t GetTokenIdFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) { cJSON *tokenIdJson = cJSON_GetObjectItem(cjsonItem, TOKENID_KEY_NAME); if ((!cJSON_IsNumber(tokenIdJson)) || (cJSON_GetNumberValue(tokenIdJson) <= 0)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:tokenIdJson is invalid.", __func__); + LOGC("Invalid tokenIdJson."); return ATRET_FAILED; } AtInnerInfo *atIdInfo = (AtInnerInfo *)&(tokenIdJson->valueint); if (atIdInfo->type != TOKEN_NATIVE_TYPE && atIdInfo->type != TOKEN_SHELL_TYPE) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:tokenId type is invalid.", __func__); + LOGC("Invalid tokenId type."); return ATRET_FAILED; } @@ -74,12 +78,12 @@ uint32_t GetAplFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) { cJSON *aplJson = cJSON_GetObjectItem(cjsonItem, APL_KEY_NAME); if (!cJSON_IsNumber(aplJson)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:aplJson is invalid.", __func__); + LOGC("Invalid aplJson."); return ATRET_FAILED; } int32_t apl = cJSON_GetNumberValue(aplJson); if (apl <= 0 || apl > SYSTEM_CORE) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:apl = %d in file is invalid.", __func__, apl); + LOGC("Invalid apl=%d.", apl); return ATRET_FAILED; } tokenNode->apl = aplJson->valueint; @@ -91,7 +95,7 @@ uint32_t GetInfoArrFromJson(cJSON *cjsonItem, char **strArr[], int32_t *strNum, cJSON *strArrJson = cJSON_GetObjectItem(cjsonItem, attr->strKey); int32_t size = cJSON_GetArraySize(strArrJson); if (size > MAX_MALLOC_SIZE) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:size = %d is invalid.", __func__, size); + LOGC("Invalid size=%d.", size); return ATRET_FAILED; } if (size == 0) { @@ -101,7 +105,7 @@ uint32_t GetInfoArrFromJson(cJSON *cjsonItem, char **strArr[], int32_t *strNum, *strNum = size; *strArr = (char **)malloc(size * sizeof(char *)); if (*strArr == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strArr malloc failed.", __func__); + LOGC("Failed to alloc memory for strArr."); return ATRET_FAILED; } @@ -109,24 +113,24 @@ uint32_t GetInfoArrFromJson(cJSON *cjsonItem, char **strArr[], int32_t *strNum, cJSON *item = cJSON_GetArrayItem(strArrJson, i); if ((item == NULL) || (!cJSON_IsString(item)) || (item->valuestring == NULL)) { FreeStrArray(strArr, i - 1); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_GetArrayItem failed.", __func__); + LOGC("Failed to cJSON_GetArrayItem."); return ATRET_FAILED; } size_t length = strlen(item->valuestring); if (length > attr->maxStrLen) { FreeStrArray(strArr, i - 1); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:item length %zu is invalid.", __func__, length); + LOGC("Invalid item length=%zu.", length); return ATRET_FAILED; } (*strArr)[i] = (char *)malloc(sizeof(char) * (length + 1)); if ((*strArr)[i] == NULL) { FreeStrArray(strArr, i - 1); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:malloc invalid.", __func__); + LOGC("Failed to alloc memory for strArray."); return ATRET_FAILED; } if (strcpy_s((*strArr)[i], length + 1, item->valuestring) != EOK) { FreeStrArray(strArr, i); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strcpy_s failed.", __func__); + LOGC("Failed to copy value."); return ATRET_FAILED; } (*strArr)[i][length] = '\0'; @@ -138,20 +142,20 @@ static int32_t AddStrArrayInfo(cJSON *object, char* const strArray[], int32_t st { cJSON *strJsonArr = cJSON_CreateArray(); if (strJsonArr == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:CreateArray failed, strKey :%s.", __func__, strKey); + LOGC("CreateArray failed, strKey :%s.", strKey); return ATRET_FAILED; } for (int32_t i = 0; i < strNum; i++) { cJSON *item = cJSON_CreateString(strArray[i]); if (item == NULL || !cJSON_AddItemToArray(strJsonArr, item)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:AddItemToArray failed, strKey : %s.", __func__, strKey); + LOGC("Failed to AddItemToArray, strKey=%s.", strKey); cJSON_Delete(item); cJSON_Delete(strJsonArr); return ATRET_FAILED; } } if (!cJSON_AddItemToObject(object, strKey, strJsonArr)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:AddItemToObject failed, strKey : %s.", __func__, strKey); + LOGC("Failed to AddItemToObject, strKey=%s.", strKey); cJSON_Delete(strJsonArr); return ATRET_FAILED; } @@ -162,35 +166,35 @@ int32_t SetNativeTokenJsonObject(const NativeTokenList *curr, cJSON *object) { cJSON *item = cJSON_CreateString(curr->processName); if (item == NULL || !cJSON_AddItemToObject(object, PROCESS_KEY_NAME, item)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:processName cJSON_AddItemToObject failed.", __func__); + LOGC("Failed to cJSON_AddItemToObject for processName."); cJSON_Delete(item); return ATRET_FAILED; } item = cJSON_CreateNumber(curr->apl); if (item == NULL || !cJSON_AddItemToObject(object, APL_KEY_NAME, item)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:APL cJSON_AddItemToObject failed.", __func__); + LOGC("Failed to cJSON_AddItemToObject for APL."); cJSON_Delete(item); return ATRET_FAILED; } item = cJSON_CreateNumber(DEFAULT_AT_VERSION); if (item == NULL || !cJSON_AddItemToObject(object, VERSION_KEY_NAME, item)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:version cJSON_AddItemToObject failed.", __func__); + LOGC("Failed to cJSON_AddItemToObject for version."); cJSON_Delete(item); return ATRET_FAILED; } item = cJSON_CreateNumber(curr->tokenId); if (item == NULL || !cJSON_AddItemToObject(object, TOKENID_KEY_NAME, item)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:tokenId cJSON_AddItemToObject failed.", __func__); + LOGC("Failed to cJSON_AddItemToObject for tokenId."); cJSON_Delete(item); return ATRET_FAILED; } item = cJSON_CreateNumber(0); if (item == NULL || !cJSON_AddItemToObject(object, TOKEN_ATTR_KEY_NAME, item)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:tokenAttr cJSON_AddItemToObject failed.", __func__); + LOGC("Failed to cJSON_AddItemToObject for tokenAttr."); cJSON_Delete(item); return ATRET_FAILED; } @@ -213,7 +217,7 @@ cJSON *CreateNativeTokenJsonObject(const NativeTokenList *curr) { cJSON *object = cJSON_CreateObject(); if (object == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_CreateObject failed.", __func__); + LOGC("Failed to cJSON_CreateObject."); return NULL; } if (SetNativeTokenJsonObject(curr, object) != ATRET_SUCCESS) { @@ -228,18 +232,18 @@ static uint32_t UpdateStrArrayType(char* const strArr[], int32_t strNum, const c { cJSON *strArrJson = cJSON_CreateArray(); if (strArrJson == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_CreateArray failed.", __func__); + LOGC("Failed to cJSON_CreateArray."); return ATRET_FAILED; } for (int32_t i = 0; i < strNum; i++) { cJSON *item = cJSON_CreateString(strArr[i]); if (item == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_CreateString failed.", __func__); + LOGC("Failed to cJSON_CreateString."); cJSON_Delete(strArrJson); return ATRET_FAILED; } if (!cJSON_AddItemToArray(strArrJson, item)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_AddItemToArray failed.", __func__); + LOGC("Failed to cJSON_AddItemToArray."); cJSON_Delete(item); cJSON_Delete(strArrJson); return ATRET_FAILED; @@ -247,13 +251,13 @@ static uint32_t UpdateStrArrayType(char* const strArr[], int32_t strNum, const c } if (cJSON_GetObjectItem(record, strKey) != NULL) { if (!cJSON_ReplaceItemInObject(record, strKey, strArrJson)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_ReplaceItemInObject failed.", __func__); + LOGC("Failed to cJSON_ReplaceItemInObject."); cJSON_Delete(strArrJson); return ATRET_FAILED; } } else { if (!cJSON_AddItemToObject(record, strKey, strArrJson)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_AddItemToObject failed.", __func__); + LOGC("Failed to cJSON_AddItemToObject."); cJSON_Delete(strArrJson); return ATRET_FAILED; } @@ -270,25 +274,25 @@ static uint32_t UpdateItemcontent(const NativeTokenList *tokenNode, cJSON *recor } if (!cJSON_ReplaceItemInObject(record, APL_KEY_NAME, itemApl)) { cJSON_Delete(itemApl); - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:APL update failed.", __func__); + LOGC("Failed to update APL for processName(%s).", tokenNode->processName); return ATRET_FAILED; } uint32_t ret = UpdateStrArrayType(tokenNode->dcaps, tokenNode->dcapsNum, DCAPS_KEY_NAME, record); if (ret != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:dcaps update failed.", __func__); + LOGC("Failed to update dcaps for processName(%s).", tokenNode->processName); return ATRET_FAILED; } ret = UpdateStrArrayType(tokenNode->perms, tokenNode->permsNum, PERMS_KEY_NAME, record); if (ret != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:perms update failed.", __func__); + LOGC("Failed to update perms for processName(%s).", tokenNode->processName); return ATRET_FAILED; } ret = UpdateStrArrayType(tokenNode->acls, tokenNode->aclsNum, ACLS_KEY_NAME, record); if (ret != ATRET_SUCCESS) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:acls update failed.", __func__); + LOGC("Failed to update acls for processName(%s).", tokenNode->processName); return ATRET_FAILED; } return ATRET_SUCCESS; @@ -300,18 +304,18 @@ uint32_t UpdateGoalItemFromRecord(const NativeTokenList *tokenNode, cJSON *recor for (int32_t i = 0; i < arraySize; i++) { cJSON *cjsonItem = cJSON_GetArrayItem(record, i); if (cjsonItem == NULL) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_GetArrayItem failed.", __func__); + LOGC("Failed to cJSON_GetArrayItem."); return ATRET_FAILED; } cJSON *processNameJson = cJSON_GetObjectItem(cjsonItem, PROCESS_KEY_NAME); if ((processNameJson == NULL) || (!cJSON_IsString(processNameJson)) || (processNameJson->valuestring == NULL)) { - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:processNameJson is null.", __func__); + LOGC("ProcessNameJson is null."); return ATRET_FAILED; } if (strcmp(processNameJson->valuestring, tokenNode->processName) == 0) { return UpdateItemcontent(tokenNode, cjsonItem); } } - NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cannot find process in config file.", __func__); + LOGC("Cannot find process in config file."); return ATRET_FAILED; } diff --git a/interfaces/innerkits/nativetoken/test/BUILD.gn b/interfaces/innerkits/nativetoken/test/BUILD.gn index 4b3ce9e28..478d62507 100644 --- a/interfaces/innerkits/nativetoken/test/BUILD.gn +++ b/interfaces/innerkits/nativetoken/test/BUILD.gn @@ -24,7 +24,10 @@ ohos_unittest("libnativetoken_test") { } branch_protector_ret = "pac_ret" - include_dirs = [ "../include" ] + include_dirs = [ + "../include", + "${access_token_path}/frameworks/common/include", + ] sources = [ "unittest/src/nativetoken_kit_test.cpp", @@ -54,13 +57,14 @@ ohos_unittest("libnativetoken_mock_test") { include_dirs = [ "../include", + "${access_token_path}/frameworks/common/include", "mock/include/", ] sources = [ "../src/nativetoken.c", + "../src/nativetoken_hisysevent.c", "../src/nativetoken_json_oper.c", - "../src/nativetoken_klog.c", "mock/src/cJSON.c", "mock/src/secure_function.c", "unittest/mock/nativetoken_oper_test.cpp", @@ -68,11 +72,14 @@ ohos_unittest("libnativetoken_mock_test") { configs = [ "${access_token_path}/config:coverage_flags" ] + deps = [ "${access_token_path}/frameworks/common:accesstoken_static_log_for_nativetoken" ] + external_deps = [ "bounds_checking_function:libsec_shared", "googletest:gmock", "googletest:gtest", "hilog:libhilog", + "hisysevent:libhisysevent", ] } diff --git a/interfaces/innerkits/nativetoken/test/mock/src/secure_function.c b/interfaces/innerkits/nativetoken/test/mock/src/secure_function.c index 040345377..8f0103258 100644 --- a/interfaces/innerkits/nativetoken/test/mock/src/secure_function.c +++ b/interfaces/innerkits/nativetoken/test/mock/src/secure_function.c @@ -36,6 +36,7 @@ int strcpy_s(char *strDest, size_t destMax, const char *strSrc) printf("dlopen failed\n"); } if (g_strcpyTime == 0) { + g_strcpyTime++; return -1; } diff --git a/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp index 61689e193..f495d2691 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/mock/nativetoken_oper_test.cpp @@ -534,10 +534,10 @@ HWTEST_F(TokenOperTest, GetInfoArrFromJson001, TestSize.Level0) EXPECT_EQ(IsFileEmpty(TOKEN_ID_CFG_FILE_PATH), false); g_printUnformatted = DEFAULT_TIME; - EXPECT_NE(Start("process1"), 0); + EXPECT_EQ(Start("process1"), 0); // CreateNativeTokenJsonObject failed 385 line - EXPECT_NE(Start("processUnique"), 0); + EXPECT_EQ(Start("processUnique"), 0); EXPECT_NE(Start("processUnique1"), 0); CopyNativeTokenJson(TOKEN_ID_CFG_FILE_COPY_PATH, TOKEN_ID_CFG_FILE_PATH); diff --git a/interfaces/innerkits/tokensync/test/BUILD.gn b/interfaces/innerkits/tokensync/test/BUILD.gn index 4f5ab4ac5..faf20e6a5 100644 --- a/interfaces/innerkits/tokensync/test/BUILD.gn +++ b/interfaces/innerkits/tokensync/test/BUILD.gn @@ -26,6 +26,7 @@ ohos_unittest("libtokensync_sdk_test") { include_dirs = [ "${access_token_path}/frameworks/accesstoken/include", + "${access_token_path}/frameworks/common/include", "${access_token_path}/frameworks/tokensync/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/tokensync/include", diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index 83bb68a37..31f990850 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -76,7 +76,6 @@ if (is_standard_system) { "main/cpp/src/database/access_token_db_operator.cpp", "main/cpp/src/database/data_translator.cpp", "main/cpp/src/database/token_field_const.cpp", - "main/cpp/src/dfx/hisysevent_adapter.cpp", "main/cpp/src/form_manager/form_instance.cpp", "main/cpp/src/form_manager/form_manager_access_client.cpp", "main/cpp/src/form_manager/form_manager_access_proxy.cpp", @@ -117,6 +116,7 @@ if (is_standard_system) { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/token_setproc:libperm_setproc", "${access_token_path}/interfaces/innerkits/token_setproc:libtoken_setproc", @@ -245,12 +245,14 @@ if (is_standard_system) { "main/cpp/src/database/access_token_db_util.cpp", "main/cpp/src/database/access_token_open_callback.cpp", "main/cpp/src/database/token_field_const.cpp", - "main/cpp/src/dfx/hisysevent_adapter.cpp", ] cflags_cc = [ "-DHILOG_ENABLE" ] - deps = [ "${access_token_path}/frameworks/common:accesstoken_common_cxx" ] + deps = [ + "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", + ] external_deps = [ "c_utils:utils", diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp index 232ad3a51..0b33aa67a 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp @@ -430,7 +430,7 @@ int32_t PermissionManager::UpdateMultiTokenPermissionState(const std::shared_ptr bool isUpdateSuccess = false; for (const std::string &permissionName : permissionList) { (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION", - HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START, "TOKENID", + HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMON_START, "TOKENID", tokenID, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex, "PERMISSION_NAME", permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted); @@ -670,7 +670,7 @@ int32_t PermissionManager::CheckAndUpdatePermissionInner(AccessTokenID tokenID, AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo); ClearThreadErrorMsg(); (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_PERMISSION", - HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START, + HiviewDFX::HiSysEvent::EventType::BEHAVIOR, "SCENE_CODE", CommonSceneCode::AT_COMMON_START, "TOKENID", tokenID, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex, "PERMISSION_NAME", permissionName, "PERMISSION_FLAG", flag, "GRANTED_FLAG", isGranted); diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index 9e7e7c964..1bd833360 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -806,7 +806,7 @@ int AccessTokenManagerService::DeleteToken(AccessTokenID tokenID) (void)AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, hapInfo); ClearThreadErrorMsg(); (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "DEL_HAP", - HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START, + HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMON_START, "TOKENID", tokenID, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex); // only support hap token deletion @@ -949,7 +949,7 @@ int32_t AccessTokenManagerService::UpdateHapToken(uint64_t& fullTokenId, const U AccessTokenDfxInfo dfxInfo; DumpEventInfo(policyParcel.hapPolicy, dfxInfo); (void)HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::ACCESS_TOKEN, "UPDATE_HAP", - HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMOM_START, + HiviewDFX::HiSysEvent::EventType::STATISTIC, "SCENE_CODE", CommonSceneCode::AT_COMMON_START, "TOKENID", tokenIdEx.tokenIdExStruct.tokenID, "TOKENIDEX", tokenIdEx.tokenIDEx, "USERID", hapInfo.userID, "BUNDLENAME", hapInfo.bundleName, "INSTINDEX", hapInfo.instIndex, "PERM_INFO", dfxInfo.permInfo, "ACL_INFO", dfxInfo.aclInfo, "PREAUTH_INFO", dfxInfo.preauthInfo, diff --git a/services/accesstokenmanager/test/coverage/BUILD.gn b/services/accesstokenmanager/test/coverage/BUILD.gn index e76db6dac..ab13cadf0 100644 --- a/services/accesstokenmanager/test/coverage/BUILD.gn +++ b/services/accesstokenmanager/test/coverage/BUILD.gn @@ -24,7 +24,6 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_instance.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_client.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_proxy.cpp", @@ -100,6 +99,7 @@ ohos_unittest("libaccesstoken_manager_service_coverage_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", diff --git a/services/accesstokenmanager/test/database_dlopen/BUILD.gn b/services/accesstokenmanager/test/database_dlopen/BUILD.gn index a5e18899c..17c82f1a0 100644 --- a/services/accesstokenmanager/test/database_dlopen/BUILD.gn +++ b/services/accesstokenmanager/test/database_dlopen/BUILD.gn @@ -22,7 +22,6 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/rdb_dlopen_manager.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_instance.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_client.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_proxy.cpp", @@ -98,6 +97,7 @@ ohos_unittest("libaccesstoken_manager_service_dlopen_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", diff --git a/services/accesstokenmanager/test/mock/BUILD.gn b/services/accesstokenmanager/test/mock/BUILD.gn index 10be62f8c..71d431049 100644 --- a/services/accesstokenmanager/test/mock/BUILD.gn +++ b/services/accesstokenmanager/test/mock/BUILD.gn @@ -24,7 +24,6 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_instance.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_client.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_proxy.cpp", @@ -97,6 +96,7 @@ ohos_unittest("libpermission_manager_mock_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", diff --git a/services/accesstokenmanager/test/unittest/BUILD.gn b/services/accesstokenmanager/test/unittest/BUILD.gn index ada8e0868..acfdd097e 100644 --- a/services/accesstokenmanager/test/unittest/BUILD.gn +++ b/services/accesstokenmanager/test/unittest/BUILD.gn @@ -24,7 +24,6 @@ accesstoken_manager_service_source = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_instance.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_client.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_proxy.cpp", @@ -113,6 +112,7 @@ ohos_unittest("libaccesstoken_manager_service_standard_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/nativetoken:libnativetoken_shared", diff --git a/services/common/database/test/BUILD.gn b/services/common/database/test/BUILD.gn index dbba5667e..04003e261 100644 --- a/services/common/database/test/BUILD.gn +++ b/services/common/database/test/BUILD.gn @@ -44,7 +44,6 @@ ohos_unittest("libdatabase_test") { "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp", "unittest/database_test.cpp", ] @@ -56,6 +55,7 @@ ohos_unittest("libdatabase_test") { deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/services/common:accesstoken_service_common", ] diff --git a/services/common/proxy_death/BUILD.gn b/services/common/proxy_death/BUILD.gn index f1950e278..966482835 100644 --- a/services/common/proxy_death/BUILD.gn +++ b/services/common/proxy_death/BUILD.gn @@ -29,10 +29,10 @@ ohos_source_set("proxy_death_stub") { } branch_protector_ret = "pac_ret" - include_dirs = [ + include_dirs = [ "include", "${access_token_path}/interfaces/innerkits/proxy_death/include", - ] + ] sources = [ "src/proxy_death_callback_stub.cpp" ] diff --git a/services/privacymanager/BUILD.gn b/services/privacymanager/BUILD.gn index 42185c93b..9678e0236 100644 --- a/services/privacymanager/BUILD.gn +++ b/services/privacymanager/BUILD.gn @@ -168,8 +168,8 @@ if (is_standard_system && ability_base_enable == true) { "src/active/perm_active_status_callback_death_recipient.cpp", "src/active/perm_active_status_change_callback_proxy.cpp", "src/active/state_change_callback_proxy.cpp", - "src/common/constant.cpp", "src/common/access_token_helper.cpp", + "src/common/constant.cpp", "src/database/data_translator.cpp", "src/database/permission_used_record_db.cpp", "src/database/privacy_field_const.cpp", diff --git a/services/privacymanager/test/coverage/BUILD.gn b/services/privacymanager/test/coverage/BUILD.gn index acc364158..d5822382a 100644 --- a/services/privacymanager/test/coverage/BUILD.gn +++ b/services/privacymanager/test/coverage/BUILD.gn @@ -57,8 +57,8 @@ if (is_standard_system && ability_base_enable == true) { "../../src/active/perm_active_status_callback_death_recipient.cpp", "../../src/active/perm_active_status_change_callback_proxy.cpp", "../../src/active/state_change_callback_proxy.cpp", - "../../src/common/constant.cpp", "../../src/common/access_token_helper.cpp", + "../../src/common/constant.cpp", "../../src/database/data_translator.cpp", "../../src/database/permission_used_record_db.cpp", "../../src/database/privacy_field_const.cpp", diff --git a/services/privacymanager/test/mock/BUILD.gn b/services/privacymanager/test/mock/BUILD.gn index d4a7a6416..21eb3f279 100644 --- a/services/privacymanager/test/mock/BUILD.gn +++ b/services/privacymanager/test/mock/BUILD.gn @@ -133,7 +133,8 @@ if (is_standard_system && ability_base_enable == true) { if (access_token_app_security_privacy_service_enable) { cflags_cc += [ "-DAPP_SECURITY_PRIVACY_SERVICE" ] } else { - include_dirs += [ "${access_token_path}/services/common/ability_manager/include" ] + include_dirs += + [ "${access_token_path}/services/common/ability_manager/include" ] } } -} \ No newline at end of file +} diff --git a/services/privacymanager/test/unittest/BUILD.gn b/services/privacymanager/test/unittest/BUILD.gn index 9a552a107..cf33c3df3 100644 --- a/services/privacymanager/test/unittest/BUILD.gn +++ b/services/privacymanager/test/unittest/BUILD.gn @@ -59,8 +59,8 @@ if (is_standard_system && ability_base_enable == true) { "../../src/active/perm_active_status_callback_death_recipient.cpp", "../../src/active/perm_active_status_change_callback_proxy.cpp", "../../src/active/state_change_callback_proxy.cpp", - "../../src/common/constant.cpp", "../../src/common/access_token_helper.cpp", + "../../src/common/constant.cpp", "../../src/database/data_translator.cpp", "../../src/database/permission_used_record_db.cpp", "../../src/database/privacy_field_const.cpp", diff --git a/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/BUILD.gn b/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/BUILD.gn index 820f8e6de..f3cb95978 100644 --- a/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/BUILD.gn @@ -19,6 +19,7 @@ ohos_fuzztest("GetPermissionsStatusFuzzTest") { module_out_path = module_output_path_interface_access_token fuzz_config_file = "." include_dirs = [ + "${access_token_path}/frameworks/common/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/interfaces/innerkits/nativetoken/include", ] diff --git a/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni index 289831ad3..96c9bf1dc 100644 --- a/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/normalize_service/accesstoken/access_token_service_fuzz.gni @@ -51,6 +51,7 @@ access_token_include_dirs = [ access_token_deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", @@ -91,7 +92,6 @@ access_token_sources = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_instance.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_client.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_proxy.cpp", diff --git a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni index 47805a4fc..b651cf512 100644 --- a/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni +++ b/test/fuzztest/services/accesstoken/access_token_service_fuzz.gni @@ -52,6 +52,7 @@ access_token_include_dirs = [ access_token_deps = [ "${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx", "${access_token_path}/frameworks/common:accesstoken_common_cxx", + "${access_token_path}/frameworks/common:accesstoken_hisysevent", "${access_token_path}/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "${access_token_path}/interfaces/innerkits/accesstoken:libtokenid_sdk", "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk", @@ -92,7 +93,6 @@ access_token_sources = [ "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/access_token_open_callback.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/data_translator.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/database/token_field_const.cpp", - "${access_token_path}/services/accesstokenmanager/main/cpp/src/dfx/hisysevent_adapter.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_instance.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_client.cpp", "${access_token_path}/services/accesstokenmanager/main/cpp/src/form_manager/form_manager_access_proxy.cpp", diff --git a/test/fuzztest/services/accesstoken/getaccesstokenid_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/getaccesstokenid_fuzzer/BUILD.gn index 2dd78b94b..d0764a335 100644 --- a/test/fuzztest/services/accesstoken/getaccesstokenid_fuzzer/BUILD.gn +++ b/test/fuzztest/services/accesstoken/getaccesstokenid_fuzzer/BUILD.gn @@ -30,6 +30,7 @@ ohos_fuzztest("GetAccessTokenIdFuzzTest") { include_dirs = [ "${access_token_path}/interfaces/innerkits/nativetoken/include", + "${access_token_path}/frameworks/common/include", "${access_token_path}/test/fuzztest/common", ] -- Gitee