From 78b869308185f52fecabc571b35bc73f607e57a3 Mon Sep 17 00:00:00 2001 From: zhuofan0129 <861080528@qq.com> Date: Fri, 2 Feb 2024 15:02:20 +0800 Subject: [PATCH] feat: Improve device security level request Signed-off-by: zhuofan0129 <861080528@qq.com> --- baselib/msglib/include/messenger.h | 4 +- baselib/msglib/src/common/messenger.c | 4 +- .../common/messenger_device_status_manager.h | 2 +- baselib/msglib/src/common/messenger_impl.h | 2 +- .../lite/messenger_device_status_manager.c | 13 ++--- baselib/msglib/src/lite/messenger_impl.c | 4 +- .../messenger_device_status_manager.cpp | 40 +++++++++----- baselib/msglib/src/standard/messenger_impl.c | 4 +- bundle.json | 2 + interfaces/inner_api/BUILD.gn | 2 + .../inner_api/include/device_security_info.h | 13 +++++ .../src/standard/device_security_info.cpp | 11 ++++ .../standard/device_security_level_param.c | 44 +++++++++++++++ .../standard/device_security_level_param.h | 33 ++++++++++++ param/BUILD.gn | 53 +++++++++++++++++++ param/device_security_level.para | 14 +++++ param/device_security_level2.para | 14 +++++ param/device_security_level3.para | 14 +++++ param/device_security_level4.para | 14 +++++ param/device_security_level5.para | 14 +++++ services/dfx/dslm_hidumper.c | 1 - services/dslm/dslm_core_defines.h | 1 - services/dslm/dslm_core_process.c | 14 ++--- services/dslm/dslm_fsm_process.c | 15 +++++- services/include/dslm_core_process.h | 2 +- services/include/dslm_messenger_wrapper.h | 4 +- services/msg/dslm_messenger_wrapper.c | 6 +-- 27 files changed, 299 insertions(+), 45 deletions(-) create mode 100644 interfaces/inner_api/src/standard/device_security_level_param.c create mode 100644 interfaces/inner_api/src/standard/device_security_level_param.h create mode 100644 param/BUILD.gn create mode 100644 param/device_security_level.para create mode 100644 param/device_security_level2.para create mode 100644 param/device_security_level3.para create mode 100644 param/device_security_level4.para create mode 100644 param/device_security_level5.para diff --git a/baselib/msglib/include/messenger.h b/baselib/msglib/include/messenger.h index 0b63b8f..d7dc9bc 100644 --- a/baselib/msglib/include/messenger.h +++ b/baselib/msglib/include/messenger.h @@ -33,7 +33,7 @@ typedef struct DeviceIdentify { typedef int32_t (*DeviceMessageReceiver)(const DeviceIdentify *devId, const uint8_t *msg, uint32_t msgLen); -typedef int32_t (*DeviceStatusReceiver)(const DeviceIdentify *devId, uint32_t status, uint32_t devType); +typedef int32_t (*DeviceStatusReceiver)(const DeviceIdentify *devId, uint32_t status, int32_t level); typedef int32_t (*MessageSendResultNotifier)(const DeviceIdentify *devId, uint64_t transNo, uint32_t result); @@ -86,7 +86,7 @@ bool IsMessengerReady(const Messenger *messenger); void SendMsgTo(const Messenger *messenger, uint64_t transNo, const DeviceIdentify *devId, const uint8_t *msg, uint32_t msgLen); -bool GetDeviceOnlineStatus(const Messenger *messenger, const DeviceIdentify *devId, uint32_t *devType); +bool GetDeviceOnlineStatus(const Messenger *messenger, const DeviceIdentify *devId, int32_t *level); bool GetSelfDeviceIdentify(const Messenger *messenger, DeviceIdentify *devId, uint32_t *devType); diff --git a/baselib/msglib/src/common/messenger.c b/baselib/msglib/src/common/messenger.c index b342f41..3945f01 100644 --- a/baselib/msglib/src/common/messenger.c +++ b/baselib/msglib/src/common/messenger.c @@ -37,9 +37,9 @@ void SendMsgTo(const Messenger *messenger, uint64_t transNo, const DeviceIdentif SendMsgToImpl(messenger, transNo, devId, msg, msgLen); } -bool GetDeviceOnlineStatus(const Messenger *messenger, const DeviceIdentify *devId, uint32_t *devType) +bool GetDeviceOnlineStatus(const Messenger *messenger, const DeviceIdentify *devId, int32_t *level) { - return GetDeviceOnlineStatusImpl(messenger, devId, devType); + return GetDeviceOnlineStatusImpl(messenger, devId, level); } bool GetSelfDeviceIdentify(const Messenger *messenger, DeviceIdentify *devId, uint32_t *devType) diff --git a/baselib/msglib/src/common/messenger_device_status_manager.h b/baselib/msglib/src/common/messenger_device_status_manager.h index 1b2508d..33d2e29 100644 --- a/baselib/msglib/src/common/messenger_device_status_manager.h +++ b/baselib/msglib/src/common/messenger_device_status_manager.h @@ -35,7 +35,7 @@ bool InitDeviceStatusManager(WorkQueue *queue, const char *pkgName, DeviceStatus bool DeInitDeviceStatusManager(void); -bool MessengerGetDeviceOnlineStatus(const DeviceIdentify *devId, uint32_t *devType); +bool MessengerGetDeviceOnlineStatus(const DeviceIdentify *devId, int32_t *level); bool MessengerGetSelfDeviceIdentify(DeviceIdentify *devId, uint32_t *devType); diff --git a/baselib/msglib/src/common/messenger_impl.h b/baselib/msglib/src/common/messenger_impl.h index e0f4048..9516e51 100644 --- a/baselib/msglib/src/common/messenger_impl.h +++ b/baselib/msglib/src/common/messenger_impl.h @@ -31,7 +31,7 @@ void SendMsgToImpl(const Messenger *messenger, uint64_t transNo, const DeviceIde bool IsMessengerReadyImpl(const Messenger *messenger); -bool GetDeviceOnlineStatusImpl(const Messenger *messenger, const DeviceIdentify *devId, uint32_t *devType); +bool GetDeviceOnlineStatusImpl(const Messenger *messenger, const DeviceIdentify *devId, int32_t *level); bool GetSelfDeviceIdentifyImpl(const Messenger *messenger, DeviceIdentify *devId, uint32_t *devType); diff --git a/baselib/msglib/src/lite/messenger_device_status_manager.c b/baselib/msglib/src/lite/messenger_device_status_manager.c index 5c83ec0..4054a69 100644 --- a/baselib/msglib/src/lite/messenger_device_status_manager.c +++ b/baselib/msglib/src/lite/messenger_device_status_manager.c @@ -40,7 +40,7 @@ typedef struct DeviceStatusManager { typedef struct QueueStatusData { DeviceIdentify srcIdentity; uint32_t status; - uint32_t devType; + int32_t level; } QueueStatusData; static DeviceStatusManager *GetDeviceManagerInstance(void) @@ -76,7 +76,7 @@ static void ProcessDeviceStatusReceived(const uint8_t *data, uint32_t len) SECURITY_LOG_ERROR("ProcessSessionMessageReceived, messageReceiver is null"); return; } - deviceStatusReceiver(&queueData->srcIdentity, queueData->status, queueData->devType); + deviceStatusReceiver(&queueData->srcIdentity, queueData->status, queueData->level); FREE(queueData); } @@ -108,7 +108,7 @@ static void ProcessDeviceStatusReceiver(const DeviceIdentify *devId, uint32_t st FREE(data); return; } - data->devType = devType; + data->level = -1; data->status = status; ret = QueueWork(queue, ProcessDeviceStatusReceived, (uint8_t *)data, sizeof(QueueStatusData)); @@ -127,6 +127,7 @@ static void MessengerOnNodeStateChange(NodeBasicInfo *info, uint32_t state) } DeviceStatusManager *instance = GetDeviceManagerInstance(); + int32_t level = -1; char udid[UDID_BUF_LEN] = {0}; if (GetNodeKeyInfo(instance->pkgName, info->networkId, NODE_KEY_UDID, (uint8_t *)udid, UDID_BUF_LEN) != 0) { SECURITY_LOG_ERROR("MessengerOnNodeStateChange process get device identity error."); @@ -274,15 +275,15 @@ bool MessengerGetDeviceNodeBasicInfo(const DeviceIdentify *devId, NodeBasicInfo return find; } -bool MessengerGetDeviceOnlineStatus(const DeviceIdentify *devId, uint32_t *devType) +bool MessengerGetDeviceOnlineStatus(const DeviceIdentify *devId, int32_t *level) { if (devId == NULL) { return false; } NodeBasicInfo info = {{0}, {0}, 0}; bool result = MessengerGetDeviceNodeBasicInfo(devId, &info); - if (result == true && devType != NULL) { - *devType = info.deviceTypeId; + if (result == true && level != NULL) { + *level = -1; } return result; } diff --git a/baselib/msglib/src/lite/messenger_impl.c b/baselib/msglib/src/lite/messenger_impl.c index 0108174..c521b4d 100644 --- a/baselib/msglib/src/lite/messenger_impl.c +++ b/baselib/msglib/src/lite/messenger_impl.c @@ -103,14 +103,14 @@ void SendMsgToImpl(const Messenger *messenger, uint64_t transNo, const DeviceIde MessengerSendMsgTo(transNo, devId, msg, msgLen); } -bool GetDeviceOnlineStatusImpl(const Messenger *messenger, const DeviceIdentify *devId, uint32_t *devType) +bool GetDeviceOnlineStatusImpl(const Messenger *messenger, const DeviceIdentify *devId, int32_t *level) { if (messenger == NULL || messenger->magicHead != MESSENGER_MAGIC_HEAD) { SECURITY_LOG_ERROR("invalid params"); return false; } - return MessengerGetDeviceOnlineStatus(devId, devType); + return MessengerGetDeviceOnlineStatus(devId, level); } bool GetSelfDeviceIdentifyImpl(const Messenger *messenger, DeviceIdentify *devId, uint32_t *devType) diff --git a/baselib/msglib/src/standard/messenger_device_status_manager.cpp b/baselib/msglib/src/standard/messenger_device_status_manager.cpp index fd48cbe..1f71410 100644 --- a/baselib/msglib/src/standard/messenger_device_status_manager.cpp +++ b/baselib/msglib/src/standard/messenger_device_status_manager.cpp @@ -28,6 +28,8 @@ #include "utils_log.h" #include "utils_mem.h" +#define PKG_NAME_LEN 128 + namespace OHOS { namespace Security { namespace DeviceSecurityLevel { @@ -83,7 +85,7 @@ public: struct QueueStatusData { DeviceIdentify srcIdentity {0, {0}}; uint32_t status {0}; - uint32_t devType {0}; + uint32_t level {0}; }; DslmDeviceState() = default; @@ -114,14 +116,20 @@ public: static void MessengerOnNodeStateChange(const DmDeviceInfo &info, State state) { DeviceIdentify identity = {DEVICE_ID_MAX_LEN, {0}}; + int32_t level = -1; + const char pkgName[PKG_NAME_LEN + 1] = "ohos.dslm"; if (!MessengerGetDeviceIdentifyByNetworkId(info.networkId, &identity)) { SECURITY_LOG_ERROR("MessengerOnNodeStateChange copy device error"); return; } - ProcessDeviceStatusReceiver(&identity, state, info.deviceTypeId); + if (state == EVENT_NODE_STATE_ONLINE) { + int32_t ret = DeviceManager::GetInstance().GetDeviceSecurityLevel(pkgName, info.networkId, level); + SECURITY_LOG_INFO("GetDeviceSecurityLevelByNetworkId ret = %{public}d, level = %{public}d", ret, level); + } + ProcessDeviceStatusReceiver(&identity, state, level); } - static void ProcessDeviceStatusReceiver(const DeviceIdentify *devId, uint32_t status, uint32_t devType) + static void ProcessDeviceStatusReceiver(const DeviceIdentify *devId, uint32_t status, int32_t level) { if (devId == nullptr || devId->length == 0) { SECURITY_LOG_ERROR("ProcessDeviceStatusReceiver, invalid input"); @@ -140,12 +148,12 @@ public: return; } data->srcIdentity = *devId; - data->devType = devType; + data->level = level; data->status = status; uint32_t maskId = MaskDeviceIdentity((const char *)&devId->identity[0], DEVICE_ID_MAX_LEN); - SECURITY_LOG_INFO("OnlineStateChange device %{public}x*** change to %{public}s, devType is %{public}d", maskId, - (status == EVENT_NODE_STATE_ONLINE) ? " online " : " offline ", devType); + SECURITY_LOG_INFO("OnlineStateChange device %{public}x*** change to %{public}s, level is %{public}d", maskId, + (status == EVENT_NODE_STATE_ONLINE) ? " online " : " offline ", level); auto process = [](const uint8_t *data, uint32_t len) { if (data == nullptr || len == 0) { @@ -161,7 +169,7 @@ public: SECURITY_LOG_ERROR("ProcessDeviceStatusReceiver, invalid queue"); return; } - processor(&queueData->srcIdentity, queueData->status, queueData->devType); + processor(&queueData->srcIdentity, queueData->status, queueData->level); delete queueData; }; auto input = static_cast(static_cast(data)); @@ -273,9 +281,9 @@ bool InitDeviceStatusManager(WorkQueue *queue, const char *pkgName, DeviceStatus return false; } - auto process = [](const DeviceIdentify *devId, uint32_t devType, void *para) -> int32_t { + auto process = [](const DeviceIdentify *devId, uint32_t level, void *para) -> int32_t { static_cast(para); - DslmDeviceState::ProcessDeviceStatusReceiver(devId, DslmDeviceState::State::EVENT_NODE_STATE_ONLINE, devType); + DslmDeviceState::ProcessDeviceStatusReceiver(devId, DslmDeviceState::State::EVENT_NODE_STATE_ONLINE, (int32_t)level); return 0; }; @@ -294,16 +302,18 @@ bool DeInitDeviceStatusManager(void) return true; } -bool MessengerGetDeviceOnlineStatus(const DeviceIdentify *devId, uint32_t *devType) +bool MessengerGetDeviceOnlineStatus(const DeviceIdentify *devId, int32_t *level) { if (devId == nullptr) { return false; } DmDeviceInfo info; + const char pkgName[PKG_NAME_LEN + 1] = "ohos.dslm"; bool result = MessengerGetDeviceNodeBasicInfo(*devId, info); - if (result == true && devType != nullptr) { - *devType = info.deviceTypeId; + if (result == true && level != nullptr) { + int32_t ret = DeviceManager::GetInstance().GetDeviceSecurityLevel(pkgName, info.networkId, *level); + SECURITY_LOG_INFO("GetDeviceSecurityLevelByNetworkId ret = %{public}d, level = %{public}d", ret, *level); } return result; } @@ -353,8 +363,12 @@ void MessengerForEachDeviceProcess(const DeviceProcessor processor, void *para) for (auto const &device : deviceList) { DeviceIdentify curr = {DEVICE_ID_MAX_LEN, {0}}; bool convert = MessengerConvertNodeToIdentity(device.networkId, curr); + int32_t level = -1; + const char pkgName[PKG_NAME_LEN + 1] = "ohos.dslm"; + int32_t ret = DeviceManager::GetInstance().GetDeviceSecurityLevel(pkgName, device.networkId, level); + SECURITY_LOG_INFO("GetDeviceSecurityLevelByNetworkId ret = %{public}d, level = %{public}d", ret, level); if (convert == true) { - processor(&curr, device.deviceTypeId, para); + processor(&curr, (uint32_t)level, para); } } } diff --git a/baselib/msglib/src/standard/messenger_impl.c b/baselib/msglib/src/standard/messenger_impl.c index 17831e3..e7cfd95 100644 --- a/baselib/msglib/src/standard/messenger_impl.c +++ b/baselib/msglib/src/standard/messenger_impl.c @@ -100,14 +100,14 @@ void SendMsgToImpl(const Messenger *messenger, uint64_t transNo, const DeviceIde MessengerSendMsgTo(transNo, devId, msg, msgLen); } -bool GetDeviceOnlineStatusImpl(const Messenger *messenger, const DeviceIdentify *devId, uint32_t *devType) +bool GetDeviceOnlineStatusImpl(const Messenger *messenger, const DeviceIdentify *devId, int32_t *level) { if (messenger == NULL || messenger->magicHead != MESSENGER_MAGIC_HEAD) { SECURITY_LOG_ERROR("invalid params"); return false; } - return MessengerGetDeviceOnlineStatus(devId, devType); + return MessengerGetDeviceOnlineStatus(devId, level); } bool GetSelfDeviceIdentifyImpl(const Messenger *messenger, DeviceIdentify *devId, uint32_t *devType) diff --git a/bundle.json b/bundle.json index 2237dab..cba9724 100644 --- a/bundle.json +++ b/bundle.json @@ -36,6 +36,7 @@ "hisysevent", "hitrace", "huks", + "init", "ipc", "safwk", "samgr" @@ -54,6 +55,7 @@ "service_group": [ "//base/security/device_security_level/oem_property/ohos:dslm_service", "//base/security/device_security_level/oem_property/ohos:dslm_ohos_cred_file", + "//base/security/device_security_level/param:param_files", "//base/security/device_security_level/profile:dslm_service.rc" ] }, diff --git a/interfaces/inner_api/BUILD.gn b/interfaces/inner_api/BUILD.gn index db7e859..f022b89 100644 --- a/interfaces/inner_api/BUILD.gn +++ b/interfaces/inner_api/BUILD.gn @@ -114,6 +114,7 @@ if (defined(ohos_lite)) { "src/standard/device_security_level_callback_helper.cpp", "src/standard/device_security_level_callback_stub.cpp", "src/standard/device_security_level_loader.cpp", + "src/standard/device_security_level_param.c", "src/standard/device_security_level_proxy.cpp", ] @@ -129,6 +130,7 @@ if (defined(ohos_lite)) { external_deps = [ "c_utils:utils", "hilog:libhilog", + "init:libbegetutil", "ipc:ipc_core", "samgr:samgr_proxy", ] diff --git a/interfaces/inner_api/include/device_security_info.h b/interfaces/inner_api/include/device_security_info.h index ba34284..23e25f4 100644 --- a/interfaces/inner_api/include/device_security_info.h +++ b/interfaces/inner_api/include/device_security_info.h @@ -67,6 +67,19 @@ void FreeDeviceSecurityInfo(DeviceSecurityInfo *info); */ int32_t GetDeviceSecurityLevelValue(const DeviceSecurityInfo *info, int32_t *level); +/** + * Gets the device security level from param. + * @param [out] level Device security level. + * @return + */ +int32_t GetSelfDeviceSecurityLevelValue(int32_t *level); + +/** + * Judge the device security level changeable. + * @return + */ +int32_t IsDeviceSecurityLevelChangeable(const char *udid, int32_t level); + #ifdef __cplusplus } #endif diff --git a/interfaces/inner_api/src/standard/device_security_info.cpp b/interfaces/inner_api/src/standard/device_security_info.cpp index 3118cb2..8acf079 100644 --- a/interfaces/inner_api/src/standard/device_security_info.cpp +++ b/interfaces/inner_api/src/standard/device_security_info.cpp @@ -23,6 +23,7 @@ #include "device_security_level_callback_stub.h" #include "device_security_level_defines.h" #include "device_security_level_loader.h" +#include "device_security_level_param.h" #include "device_security_level_proxy.h" using namespace OHOS::HiviewDFX; @@ -137,6 +138,16 @@ int32_t GetDeviceSecurityLevelValue(const DeviceSecurityInfo *info, int32_t *lev return GetDeviceSecurityLevelValueImpl(info, level); } +int32_t GetSelfDeviceSecurityLevelValue(int32_t *level) +{ + return GetSelfDeviceSecurityLevelValueImpl(level); +} + +int32_t IsDeviceSecurityLevelChangeable(const char *udid, int32_t level) +{ + return IsDeviceSecurityLevelChangeableImpl(udid, level); +} + #ifdef __cplusplus } #endif diff --git a/interfaces/inner_api/src/standard/device_security_level_param.c b/interfaces/inner_api/src/standard/device_security_level_param.c new file mode 100644 index 0000000..d3d0515 --- /dev/null +++ b/interfaces/inner_api/src/standard/device_security_level_param.c @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "device_security_level_param.h" + +#ifdef __cplusplus +extern "C" { +#endif + +int32_t GetSelfDeviceSecurityLevelValueImpl(int32_t *level) +{ + const char key[128] = "const.security.device_security_level"; + const char def[128] = "0"; + char valueGet[128] = {0}; + uint32_t len = 128; + int ret = GetParameter(key, def, valueGet, len); + int32_t levelGet = (int32_t)(valueGet[0] - '0'); + *level = levelGet; + if (levelGet != 0) { + return 0; + } + return ret; +} + +int32_t IsDeviceSecurityLevelChangeableImpl(const char *udid, int32_t level) +{ + return 0; +} + +#ifdef __cplusplus +} +#endif \ No newline at end of file diff --git a/interfaces/inner_api/src/standard/device_security_level_param.h b/interfaces/inner_api/src/standard/device_security_level_param.h new file mode 100644 index 0000000..3597413 --- /dev/null +++ b/interfaces/inner_api/src/standard/device_security_level_param.h @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DEVICE_SECURITY_LEVEL_PARAM +#define DEVICE_SECURITY_LEVEL_PARAM + +#ifdef __cplusplus +extern "C" { +#endif + +#include "parameter.h" + +int32_t GetSelfDeviceSecurityLevelValueImpl(int32_t *level); + +int32_t IsDeviceSecurityLevelChangeableImpl(const char *udid, int32_t level); + +#ifdef __cplusplus +} +#endif + +#endif // DEVICE_SECURITY_LEVEL_PARAM \ No newline at end of file diff --git a/param/BUILD.gn b/param/BUILD.gn new file mode 100644 index 0000000..15f969a --- /dev/null +++ b/param/BUILD.gn @@ -0,0 +1,53 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +## Install device_security_level.para to /system/etc/param/device_security_level.para + +declare_args() { + device_security_level_param_cred_level = 1 +} + +group("param_files") { + if (device_security_level_param_cred_level == 5) { + deps = [ ":device_security_level5.para" ] + } else if (device_security_level_param_cred_level == 4) { + deps = [ ":device_security_level4.para" ] + } else if (device_security_level_param_cred_level == 3) { + deps = [ ":device_security_level3.para" ] + } else if (device_security_level_param_cred_level == 2) { + deps = [ ":device_security_level2.para" ] + } else { + deps = [ ":device_security_level.para" ] + } +} + +ohos_prebuilt_etc("device_security_level.para") { + if (device_security_level_param_cred_level == 5) { + source = "device_security_level5.para" + } else if (device_security_level_param_cred_level == 4) { + source = "device_security_level4.para" + } else if (device_security_level_param_cred_level == 3) { + source = "device_security_level3.para" + } else if (device_security_level_param_cred_level == 2) { + source = "device_security_level2.para" + } else { + source = "device_security_level.para" + } + + relative_install_dir = "param" + part_name = "device_security_level" + subsystem_name = "security" +} + diff --git a/param/device_security_level.para b/param/device_security_level.para new file mode 100644 index 0000000..c04f0d7 --- /dev/null +++ b/param/device_security_level.para @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +const.security.device_security_level = 1 \ No newline at end of file diff --git a/param/device_security_level2.para b/param/device_security_level2.para new file mode 100644 index 0000000..8cd831d --- /dev/null +++ b/param/device_security_level2.para @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +const.security.device_security_level = 2 \ No newline at end of file diff --git a/param/device_security_level3.para b/param/device_security_level3.para new file mode 100644 index 0000000..c9210d1 --- /dev/null +++ b/param/device_security_level3.para @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +const.security.device_security_level = 3 \ No newline at end of file diff --git a/param/device_security_level4.para b/param/device_security_level4.para new file mode 100644 index 0000000..ba215fa --- /dev/null +++ b/param/device_security_level4.para @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +const.security.device_security_level = 4 \ No newline at end of file diff --git a/param/device_security_level5.para b/param/device_security_level5.para new file mode 100644 index 0000000..8e04889 --- /dev/null +++ b/param/device_security_level5.para @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +const.security.device_security_level = 5 \ No newline at end of file diff --git a/services/dfx/dslm_hidumper.c b/services/dfx/dslm_hidumper.c index af80bc3..9661100 100644 --- a/services/dfx/dslm_hidumper.c +++ b/services/dfx/dslm_hidumper.c @@ -168,7 +168,6 @@ static void PrintBanner(int fd) static void DumpDeviceDetails(const DslmDeviceInfo *info, int32_t fd) { dprintf(fd, "DEVICE_ID : %x" END_LINE, info->machine.machineId); - dprintf(fd, "DEVICE_TYPE : %u" END_LINE, info->deviceType); dprintf(fd, END_LINE); dprintf(fd, "DEVICE_ONLINE_STATUS : %s" END_LINE, (info->onlineStatus != 0) ? "online" : "offline"); diff --git a/services/dslm/dslm_core_defines.h b/services/dslm/dslm_core_defines.h index 3117d5d..48b20ab 100644 --- a/services/dslm/dslm_core_defines.h +++ b/services/dslm/dslm_core_defines.h @@ -41,7 +41,6 @@ typedef struct DslmDeviceInfo { DeviceIdentify identity; uint32_t version; uint32_t onlineStatus; - uint32_t deviceType; uint64_t nonce; uint64_t nonceTimeStamp; uint64_t lastOnlineTime; diff --git a/services/dslm/dslm_core_process.c b/services/dslm/dslm_core_process.c index d44128c..4c71de5 100644 --- a/services/dslm/dslm_core_process.c +++ b/services/dslm/dslm_core_process.c @@ -179,7 +179,7 @@ int32_t OnRequestDeviceSecLevelInfo(const DeviceIdentify *deviceId, const Reques return SUCCESS; } -int32_t OnPeerStatusReceiver(const DeviceIdentify *deviceId, uint32_t status, uint32_t devType) +int32_t OnPeerStatusReceiver(const DeviceIdentify *deviceId, uint32_t status, int32_t level) { DslmDeviceInfo *info = CreatOrGetDslmDeviceInfo(deviceId); if (info == NULL) { @@ -192,12 +192,13 @@ int32_t OnPeerStatusReceiver(const DeviceIdentify *deviceId, uint32_t status, ui uint32_t event = (status == ONLINE_STATUS_ONLINE) ? EVENT_DEVICE_ONLINE : EVENT_DEVICE_OFFLINE; - ScheduleDslmStateMachine(info, event, &devType); + ScheduleDslmStateMachine(info, event, &level); return SUCCESS; } bool InitSelfDeviceSecureLevel(void) { + int32_t level = 0; uint32_t devType = 0; const DeviceIdentify *device = GetSelfDevice(&devType); if (device->length == 0) { @@ -213,7 +214,6 @@ bool InitSelfDeviceSecureLevel(void) return false; } - info->deviceType = devType; info->onlineStatus = ONLINE_STATUS_ONLINE; if (info->lastOnlineTime == 0) { info->lastOnlineTime = GetMillisecondSinceBoot(); @@ -233,7 +233,8 @@ bool InitSelfDeviceSecureLevel(void) return true; } - ret = OnPeerStatusReceiver(device, ONLINE_STATUS_ONLINE, devType); + ret = OnPeerStatusReceiver(device, ONLINE_STATUS_ONLINE, level); + if (ret != SUCCESS) { SECURITY_LOG_ERROR("make self online failed"); } @@ -270,6 +271,7 @@ bool DeinitDslmProcess(void) static const DeviceIdentify *RefreshDeviceOnlineStatus(const DeviceIdentify *deviceId) { uint32_t devType = 0; + int32_t level = 0; if (deviceId == NULL) { return NULL; } @@ -279,8 +281,8 @@ static const DeviceIdentify *RefreshDeviceOnlineStatus(const DeviceIdentify *dev return GetSelfDevice(&devType); } - if (GetPeerDeviceOnlineStatus(deviceId, &devType)) { - (void)OnPeerStatusReceiver(deviceId, ONLINE_STATUS_ONLINE, devType); + if (GetPeerDeviceOnlineStatus(deviceId, &level)) { + (void)OnPeerStatusReceiver(deviceId, ONLINE_STATUS_ONLINE, level); } if (IsSameDevice(deviceId, GetSelfDevice((&devType)))) { diff --git a/services/dslm/dslm_fsm_process.c b/services/dslm/dslm_fsm_process.c index 9431195..63078ee 100644 --- a/services/dslm/dslm_fsm_process.c +++ b/services/dslm/dslm_fsm_process.c @@ -173,6 +173,9 @@ static void ProcessSendDeviceInfoCallback(DslmDeviceInfo *info, DslmInfoChecker static bool CheckNeedToResend(const DslmDeviceInfo *info) { + if (info->credInfo.credLevel > 0 && info->credInfo.credLevel <= 5) { + return false; + } if (info->credInfo.credLevel == 0) { return true; } @@ -188,13 +191,21 @@ static bool CheckNeedToResend(const DslmDeviceInfo *info) static bool ProcessDeviceOnline(const StateMachine *machine, uint32_t event, const void *para) { DslmDeviceInfo *info = STATE_MACHINE_ENTRY(machine, DslmDeviceInfo, machine); - if (para != NULL) { - info->deviceType = *(uint32_t *)para; +#ifdef L2_STANDARD + if (para != NULL && *(int32_t *)para != 0) { + info->credInfo.credLevel = *(int32_t *)para; } +#endif info->onlineStatus = ONLINE_STATUS_ONLINE; info->queryTimes = 0; info->lastOnlineTime = GetMillisecondSinceBoot(); if (!CheckNeedToResend(info)) { +#ifdef L2_STANDARD + if (info->credInfo.credLevel > 0 && info->credInfo.credLevel <= 5) { + info->result = SUCCESS; + SECURITY_LOG_INFO("get level by networkId success"); + } +#endif SECURITY_LOG_DEBUG("last request time is last than 24 hours"); ScheduleDslmStateMachine(info, EVENT_TO_SYNC, NULL); return true; diff --git a/services/include/dslm_core_process.h b/services/include/dslm_core_process.h index d69655f..a08ca92 100644 --- a/services/include/dslm_core_process.h +++ b/services/include/dslm_core_process.h @@ -36,7 +36,7 @@ int32_t OnRequestDeviceSecLevelInfo(const DeviceIdentify *deviceId, const Reques int32_t OnMsgSendResultNotifier(const DeviceIdentify *deviceId, uint64_t transNo, uint32_t result); -int32_t OnPeerStatusReceiver(const DeviceIdentify *deviceId, uint32_t status, uint32_t devType); +int32_t OnPeerStatusReceiver(const DeviceIdentify *deviceId, uint32_t status, int32_t level); bool InitDslmProcess(void); diff --git a/services/include/dslm_messenger_wrapper.h b/services/include/dslm_messenger_wrapper.h index 9f55355..b6b04c6 100644 --- a/services/include/dslm_messenger_wrapper.h +++ b/services/include/dslm_messenger_wrapper.h @@ -30,7 +30,7 @@ extern "C" { typedef int32_t (*MessageReceiver)(const DeviceIdentify *devId, const uint8_t *msg, uint32_t len); -typedef int32_t (*StatusReceiver)(const DeviceIdentify *devId, uint32_t status, uint32_t devType); +typedef int32_t (*StatusReceiver)(const DeviceIdentify *devId, uint32_t status, int32_t level); typedef int32_t (*SendResultNotifier)(const DeviceIdentify *devId, uint64_t transNo, uint32_t result); @@ -45,7 +45,7 @@ uint32_t DeinitMessenger(void); bool GetMessengerStatus(void); -bool GetPeerDeviceOnlineStatus(const DeviceIdentify *devId, uint32_t *devType); +bool GetPeerDeviceOnlineStatus(const DeviceIdentify *devId, int32_t *level); const DeviceIdentify *GetSelfDevice(uint32_t *devType); diff --git a/services/msg/dslm_messenger_wrapper.c b/services/msg/dslm_messenger_wrapper.c index 722f780..253f021 100644 --- a/services/msg/dslm_messenger_wrapper.c +++ b/services/msg/dslm_messenger_wrapper.c @@ -89,18 +89,18 @@ void SendMsgToDevice(uint64_t transNo, const DeviceIdentify *devId, const uint8_ return; } -bool GetPeerDeviceOnlineStatus(const DeviceIdentify *devId, uint32_t *devType) +bool GetPeerDeviceOnlineStatus(const DeviceIdentify *devId, int32_t *level) { LockMutex(&g_mutex); if (g_messenger == NULL) { UnlockMutex(&g_mutex); return false; } - if (devId == NULL || devType == NULL) { + if (devId == NULL || level == NULL) { UnlockMutex(&g_mutex); return false; } - bool ret = GetDeviceOnlineStatus(g_messenger, devId, devType); + bool ret = GetDeviceOnlineStatus(g_messenger, devId, level); UnlockMutex(&g_mutex); return ret; } -- Gitee