From 9d9032b14f1510264a75019c7b7637dd58303132 Mon Sep 17 00:00:00 2001 From: luyifan <842825214@qq.com> Date: Mon, 23 Sep 2024 09:35:07 +0800 Subject: [PATCH] Sync xpm related code to release Signed-off-by: luyifan<842825214@qq.com> --- .../innerkits/code_sign_attr_utils/BUILD.gn | 5 ++- .../include/code_sign_attr_utils.h | 2 + .../include/ownerid_utils.h | 28 ++++++++++++++ .../src/code_sign_attr_utils.c | 2 + .../src/ownerid_utils.cpp | 37 +++++++++++++++++++ .../cfg/enable_xpm/level4/key_enable.cfg | 5 ++- .../cfg/enable_xpm/level5/key_enable.cfg | 5 ++- 7 files changed, 79 insertions(+), 5 deletions(-) create mode 100644 interfaces/innerkits/code_sign_attr_utils/include/ownerid_utils.h create mode 100644 interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp diff --git a/interfaces/innerkits/code_sign_attr_utils/BUILD.gn b/interfaces/innerkits/code_sign_attr_utils/BUILD.gn index 5a53cfb..342b008 100755 --- a/interfaces/innerkits/code_sign_attr_utils/BUILD.gn +++ b/interfaces/innerkits/code_sign_attr_utils/BUILD.gn @@ -19,7 +19,10 @@ config("public_attr_utils_configs") { } ohos_static_library("libcode_sign_attr_utils") { - sources = [ "src/code_sign_attr_utils.c" ] + sources = [ + "src/code_sign_attr_utils.c", + "src/ownerid_utils.cpp", + ] configs = [ ":public_attr_utils_configs", diff --git a/interfaces/innerkits/code_sign_attr_utils/include/code_sign_attr_utils.h b/interfaces/innerkits/code_sign_attr_utils/include/code_sign_attr_utils.h index da94494..5e54a34 100755 --- a/interfaces/innerkits/code_sign_attr_utils/include/code_sign_attr_utils.h +++ b/interfaces/innerkits/code_sign_attr_utils/include/code_sign_attr_utils.h @@ -46,6 +46,7 @@ enum FileOwneridType { FILE_OWNERID_DEBUG_PLATFORM, // 7 FILE_OWNERID_PLATFORM, // 8 FILE_OWNERID_NWEB, // 9 + FILE_OWNERID_APP_TEMP_ALLOW, // 10 FILE_OWNERID_MAX }; @@ -61,6 +62,7 @@ enum ProcessOwneridType { PROCESS_OWNERID_DEBUG_PLATFORM, // 7 PROCESS_OWNERID_PLATFORM, // 8 PROCESS_OWNERID_NWEB, // 9 + PROCESS_OWNERID_APP_TEMP_ALLOW, // 10 PROCESS_OWNERID_MAX }; diff --git a/interfaces/innerkits/code_sign_attr_utils/include/ownerid_utils.h b/interfaces/innerkits/code_sign_attr_utils/include/ownerid_utils.h new file mode 100644 index 0000000..e992eff --- /dev/null +++ b/interfaces/innerkits/code_sign_attr_utils/include/ownerid_utils.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OWNERID_UTILS_H +#define OWNERID_UTILS_H +#include +#ifdef __cplusplus +extern "C" { +#endif + +uint32_t ConvertIdType(int idType, const char *ownerId); + +#ifdef __cplusplus +} +#endif +#endif \ No newline at end of file diff --git a/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c b/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c index c518d95..04a39fb 100755 --- a/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c +++ b/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c @@ -14,6 +14,7 @@ */ #include "code_sign_attr_utils.h" +#include "ownerid_utils.h" #include #include @@ -86,6 +87,7 @@ int InitXpm(int enableJitFort, uint32_t idType, const char *ownerId) // set owner id int ret = CS_SUCCESS; if (idType != PROCESS_OWNERID_UNINIT) { + idType = ConvertIdType(idType, ownerId); ret = DoSetXpmOwnerId(fd, idType, ownerId); } diff --git a/interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp b/interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp new file mode 100644 index 0000000..c70ef1b --- /dev/null +++ b/interfaces/innerkits/code_sign_attr_utils/src/ownerid_utils.cpp @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ownerid_utils.h" +#include "code_sign_attr_utils.h" +#include "log.h" + +#include +#include + +// the list will be removed before 930 +static const std::unordered_set g_tempAllowList; + +uint32_t ConvertIdType(int idType, const char *ownerId) +{ + if (idType != PROCESS_OWNERID_APP || ownerId == nullptr) { + return idType; + } + std::string ownerIdStr(ownerId); + if (g_tempAllowList.count(ownerIdStr) != 0) { + LOG_INFO("Xpm: app in temporary allow list"); + return PROCESS_OWNERID_APP_TEMP_ALLOW; + } + return idType; +} \ No newline at end of file diff --git a/services/key_enable/cfg/enable_xpm/level4/key_enable.cfg b/services/key_enable/cfg/enable_xpm/level4/key_enable.cfg index 2a8c20d..bfb0c5e 100644 --- a/services/key_enable/cfg/enable_xpm/level4/key_enable.cfg +++ b/services/key_enable/cfg/enable_xpm/level4/key_enable.cfg @@ -15,7 +15,8 @@ }, { "name" : "pre-init", "cmds" : [ - "write /proc/sys/kernel/xpm/xpm_mode 4" + "write /proc/sys/kernel/xpm/xpm_mode 4", + "write /proc/sys/kernel/jitfort/jitfort_mode 1" ] } ], @@ -30,4 +31,4 @@ "once": 1 } ] -} \ No newline at end of file +} diff --git a/services/key_enable/cfg/enable_xpm/level5/key_enable.cfg b/services/key_enable/cfg/enable_xpm/level5/key_enable.cfg index d4615d7..4920502 100644 --- a/services/key_enable/cfg/enable_xpm/level5/key_enable.cfg +++ b/services/key_enable/cfg/enable_xpm/level5/key_enable.cfg @@ -15,7 +15,8 @@ }, { "name" : "pre-init", "cmds" : [ - "write /proc/sys/kernel/xpm/xpm_mode 5" + "write /proc/sys/kernel/xpm/xpm_mode 5", + "write /proc/sys/kernel/jitfort/jitfort_mode 1" ] } ], @@ -30,4 +31,4 @@ "once": 1 } ] -} \ No newline at end of file +} -- Gitee