diff --git a/BUILD.gn b/BUILD.gn index f745cbf3f3236c77a853a1aa52222894b2db9b38..24735a2f40ee2a9405400a37a3cf1575d7aac19b 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -25,7 +25,6 @@ config("common_utils_config") { group("subcomponents") { deps = [ - "${code_signature_root_dir}/interfaces/innerkits/code_sign_attr_utils:libcode_sign_attr_utils", "${code_signature_root_dir}/interfaces/innerkits/code_sign_utils:libcode_sign_utils", "${code_signature_root_dir}/interfaces/innerkits/local_code_sign:liblocal_code_sign_sdk", "${code_signature_root_dir}/services/key_enable:key_enable_targets", diff --git a/bundle.json b/bundle.json index 8ca502bd6796b2b3c83f9a6128f60e1918431806..cd87ffb273e0c1c01b610f4c9c8548094a41659f 100644 --- a/bundle.json +++ b/bundle.json @@ -62,13 +62,6 @@ "header_files": [], "header_base": "//base/security/code_signature/interfaces/innerkits/local_code_sign/include" } - }, - { - "name" : "//base/security/code_signature/interfaces/innerkits/code_sign_attr_utils:libcode_sign_attr_utils", - "header": { - "header_files": [], - "header_base": "//base/security/code_signature/interfaces/innerkits/code_sign_attr_utils/include" - } } ], "test": [ "//base/security/code_signature/test:testgroup" ] diff --git a/interfaces/innerkits/code_sign_attr_utils/BUILD.gn b/interfaces/innerkits/code_sign_attr_utils/BUILD.gn deleted file mode 100755 index 5a53cfb6afd9e9ee4de47a9929b94a97f07bc607..0000000000000000000000000000000000000000 --- a/interfaces/innerkits/code_sign_attr_utils/BUILD.gn +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import("//build/ohos.gni") -import("../../../code_signature.gni") - -config("public_attr_utils_configs") { - include_dirs = [ "include" ] -} - -ohos_static_library("libcode_sign_attr_utils") { - sources = [ "src/code_sign_attr_utils.c" ] - - configs = [ - ":public_attr_utils_configs", - "${code_signature_root_dir}:common_public_config", - "${code_signature_root_dir}:common_utils_config", - ] - - public_configs = [ ":public_attr_utils_configs" ] - - external_deps = [ - "c_utils:utils", - "hilog:libhilog", - ] - - part_name = "code_signature" - subsystem_name = "security" -} diff --git a/interfaces/innerkits/code_sign_attr_utils/include/code_sign_attr_utils.h b/interfaces/innerkits/code_sign_attr_utils/include/code_sign_attr_utils.h deleted file mode 100755 index 232636aabd9c0bc395cb6561be60c5761f993234..0000000000000000000000000000000000000000 --- a/interfaces/innerkits/code_sign_attr_utils/include/code_sign_attr_utils.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef CODE_SIGN_ATTR_UTILS_H -#define CODE_SIGN_ATTR_UTILS_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define MAX_OWNERID_LEN 64 -#define XPM_REGION_LEN 0x10000000 - -#define OWNERID_SYSTEM_TAG "SYSTEM_LIB_ID" -#define OWNERID_DEBUG_TAG "DEBUG_LIB_ID" -#define OWNERID_SHARED_TAG "SHARED_LIB_ID" -#define OWNERID_COMPAT_TAG "COMPAT_LIB_ID" - -enum file_ownerid_type { - FILE_OWNERID_UNINT = 0, - FILE_OWNERID_SYSTEM, - FILE_OWNERID_APP, - FILE_OWNERID_DEBUG, - FILE_OWNERID_SHARED, - FILE_OWNERID_COMPAT, - FILE_OWNERID_MAX -}; - -/* process and file ownerid types need to correspond to each other */ -enum process_ownerid_type { - PROCESS_OWNERID_UNINIT = FILE_OWNERID_UNINT, - PROCESS_OWNERID_SYSTEM = FILE_OWNERID_SYSTEM, - PROCESS_OWNERID_APP = FILE_OWNERID_APP, - PROCESS_OWNERID_DEBUG = FILE_OWNERID_DEBUG, - PROCESS_OWNERID_COMPAT = FILE_OWNERID_COMPAT, - PROCESS_OWNERID_EXTEND, - PROCESS_OWNERID_MAX -}; - -struct XpmConfig { - uint64_t regionAddr; - uint64_t regionLength; - - uint32_t idType; - char ownerId[MAX_OWNERID_LEN]; -}; - -int InitXpmRegion(void); - -int SetXpmOwnerId(uint32_t idType, const char *ownerId); - -#ifdef __cplusplus -} -#endif - -#endif // CODE_SIGN_ATTR_UTILS_H diff --git a/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c b/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c deleted file mode 100755 index 100b0eb8e0d3ebeb28159bab2317396cee1b22c2..0000000000000000000000000000000000000000 --- a/interfaces/innerkits/code_sign_attr_utils/src/code_sign_attr_utils.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "code_sign_attr_utils.h" - -#include -#include -#include -#include -#include - -#include "errcode.h" -#include "log.h" - -#define XPM_DEV_PATH "/dev/xpm" - -#define XPM_SET_REGION _IOW('x', 0x01, struct XpmConfig) -#define XPM_SET_OWNERID _IOW('x', 0x02, struct XpmConfig) - -static int XpmIoctl(uint32_t cmd, struct XpmConfig *config) -{ - int fd = open(XPM_DEV_PATH, O_RDWR); - if (fd == -1) { - LOG_INFO("Open device file failed: %{public}s (ignore)", strerror(errno)); - return CS_SUCCESS; - } - - int ret = ioctl(fd, cmd, config); - if (ret == -1) { - LOG_ERROR("Ioctl cmd %{public}x failed: %{public}s (ignore)", cmd, strerror(errno)); - } else { - LOG_DEBUG("Ioctl cmd %{public}x success", cmd); - } - close(fd); - - return CS_SUCCESS; -} - -int InitXpmRegion(void) -{ - struct XpmConfig config = {0}; - - config.regionAddr = 0; - config.regionLength = XPM_REGION_LEN; - return XpmIoctl(XPM_SET_REGION, &config); -} - -int SetXpmOwnerId(uint32_t idType, const char *ownerId) -{ - struct XpmConfig config = {0}; - - if (idType >= PROCESS_OWNERID_MAX) { - LOG_ERROR("Input idType is invalid: %{public}u", idType); - return CS_ERR_PARAM_INVALID; - } - - config.idType = idType; - if ((ownerId != NULL) && (strlen(ownerId) != 0)) { - if (memcpy_s(config.ownerId, sizeof(config.ownerId) - 1, ownerId, strlen(ownerId)) != EOK) { - LOG_ERROR("Memcpy ownerId failed, ownerId: %{public}s", ownerId); - return CS_ERR_MEMORY; - } - } - - LOG_DEBUG("Set type = %{public}u, ownerId = %{public}s", idType, ownerId ? ownerId : "NULL"); - return XpmIoctl(XPM_SET_OWNERID, &config); -} diff --git a/interfaces/innerkits/common/include/errcode.h b/interfaces/innerkits/common/include/errcode.h index ebefc8692f05f7fd54a0be6d8b33471ba3e4fc70..290090b02791aecd2b28d02168c635c1e7545355 100644 --- a/interfaces/innerkits/common/include/errcode.h +++ b/interfaces/innerkits/common/include/errcode.h @@ -16,6 +16,9 @@ #ifndef CODE_SIGN_ERR_CODE_H #define CODE_SIGN_ERR_CODE_H +namespace OHOS { +namespace Security { +namespace CodeSign { enum CommonErrCode { CS_SUCCESS = 0, CS_ERR_MEMORY = -0x1, @@ -96,4 +99,7 @@ enum SignBlockErrCode { CS_ERR_SIGN_EXTENSION_OFFSET_ALIGN = -0x622, CS_ERR_TARGET_FILE_PATH = -0x623, }; +} +} +} #endif diff --git a/test/unittest/BUILD.gn b/test/unittest/BUILD.gn index dd1bb28a8d2979ddaed3bc3102b7369b3348d9ef..0b533d3abdaa2d52d575874dbe046751b768e63e 100644 --- a/test/unittest/BUILD.gn +++ b/test/unittest/BUILD.gn @@ -205,7 +205,6 @@ ohos_unittest("enable_verity_ioctl_unittest") { ] deps = [ ":key_enable_src_set", - "${code_signature_root_dir}/interfaces/innerkits/code_sign_attr_utils:libcode_sign_attr_utils", "${googletest_dir}:gtest", ] external_deps = [ diff --git a/test/unittest/enable_verity_test.cpp b/test/unittest/enable_verity_test.cpp index be5c8507994cfae1c3e70b192ee33767d504a287..1f09d6964958bec2c2d5a25507b40da72822acb5 100644 --- a/test/unittest/enable_verity_test.cpp +++ b/test/unittest/enable_verity_test.cpp @@ -35,7 +35,6 @@ #include "enable_key_utils.h" #include "log.h" #include "xpm_common.h" -#include "code_sign_attr_utils.h" using namespace testing::ext; @@ -74,7 +73,6 @@ public: static void SetUpTestCase() { EXPECT_EQ(EnableTestKey(TEST_SUBJECT.c_str(), TEST_ISSUER.c_str()), 0); - EXPECT_EQ(SetXpmOwnerId(PROCESS_OWNERID_COMPAT, NULL), 0); g_isXpmOn = AllocXpmRegion(); SaveStringToFile(SELINUX_MODE_PATH, PERMISSIVE_MODE); SaveStringToFile(XPM_DEBUG_FS_MODE_PATH, ENFORCE_MODE); diff --git a/test/unittest/utils/src/xpm_common.cpp b/test/unittest/utils/src/xpm_common.cpp index ccf46b795ae9202c362966f3a163a678f15a69e6..7c0aa7044daa95583ffb70d72d8283003e0ad7c8 100644 --- a/test/unittest/utils/src/xpm_common.cpp +++ b/test/unittest/utils/src/xpm_common.cpp @@ -14,7 +14,6 @@ */ #include "xpm_common.h" - #include #include #include @@ -23,28 +22,54 @@ #include #include #include - -#include "code_sign_attr_utils.h" #include "log.h" #include "securec.h" namespace OHOS { namespace Security { namespace CodeSign { +struct XpmRegionInfo { + uint64_t base; + uint64_t length; +}; + struct XpmRegionArea { uint64_t start; uint64_t end; }; +const std::string XPM_DEV_PATH = "/dev/xpm"; const std::string XPM_PROC_PREFIX_PATH = "/proc/"; const std::string XPM_PROC_SUFFIX_PATH = "/xpm_region"; constexpr unsigned long XPM_PROC_LENGTH = 50; +constexpr unsigned long XPM_REGION_LEN = 0x8000000; +constexpr unsigned long SET_XPM_REGION = _IOW('x', 0x01, struct XpmRegionInfo); -static int GetXpmRegion(struct XpmRegionArea &area) +static int SetXpmRegion(void) { - if (InitXpmRegion() != 0) { - LOG_ERROR(LABEL, "init xpm region failed"); + struct XpmRegionInfo info = { 0, XPM_REGION_LEN }; + + int fd = open(XPM_DEV_PATH.c_str(), O_RDWR); + if (fd < 0) { + LOG_ERROR(LABEL, "open xpm dev file failed(%{public}s)", strerror(errno)); + return -1; + } + + int ret = ioctl(fd, SET_XPM_REGION, &info); + if (ret < 0) { + LOG_ERROR(LABEL, "xpm set region failed(%{public}s)", strerror(errno)); + return -1; + } + + close(fd); + return 0; +} + +static int GetXpmRegion(struct XpmRegionArea *area) +{ + if (area == nullptr) { + LOG_ERROR(LABEL, "input area is NULL"); return -1; } @@ -63,7 +88,7 @@ static int GetXpmRegion(struct XpmRegionArea &area) return -1; } - ret = sscanf_s(xpm_region, "%llx-%llx", &area.start, &area.end); + ret = sscanf_s(xpm_region, "%llx-%llx", &area->start, &area->end); if (ret < 0) { LOG_ERROR(LABEL, "sscanf xpm region string failed(%{public}s)", strerror(errno)); return -1; @@ -73,11 +98,33 @@ static int GetXpmRegion(struct XpmRegionArea &area) return 0; } +static int InitXpmRegion(struct XpmRegionArea *area) +{ + if (area == nullptr) { + LOG_ERROR(LABEL, "input area is NULL"); + return -1; + } + + int ret = SetXpmRegion(); + if (ret != 0) { + LOG_ERROR(LABEL, "set xpm region failed"); + return ret; + } + + ret = GetXpmRegion(area); + if (ret != 0) { + LOG_ERROR(LABEL, "get xpm region failed"); + return ret; + } + + return 0; +} + bool AllocXpmRegion() { struct XpmRegionArea area = {0}; - if (GetXpmRegion(area)) { + if (InitXpmRegion(&area)) { return false; } if (!area.start) { diff --git a/utils/include/log.h b/utils/include/log.h index 4bf40cffb49cc5cad37e57992b5739e2ae95806b..5393516f93d5d6ab0cb83279fa58a3c3e7020f2f 100644 --- a/utils/include/log.h +++ b/utils/include/log.h @@ -22,24 +22,6 @@ #include "hilog/log.h" #endif -#ifndef __cplusplus -#ifdef LOG_TAG -#undef LOG_TAG -#endif -#define LOG_TAG "CODE_SIGN" - -#ifdef LOG_DOMAIN -#undef LOG_DOMAIN -#endif -#define LOG_DOMAIN 0xD002F00 - -#define LOG_DEBUG(fmt, ...) HILOG_DEBUG(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) -#define LOG_INFO(fmt, ...) HILOG_INFO(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) -#define LOG_WARN(fmt, ...) HILOG_WARN(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) -#define LOG_ERROR(fmt, ...) HILOG_ERROR(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) -#define LOG_FATAL(fmt, ...) HILOG_FATAL(LOG_CORE, "[%{public}s]:" fmt, __func__, ##__VA_ARGS__) - -#else // __cplusplus namespace OHOS { namespace Security { namespace CodeSign { @@ -59,5 +41,4 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN, } } } -#endif -#endif // CODE_SIGN_LOG_H +#endif \ No newline at end of file