diff --git a/hisysevent.yaml b/hisysevent.yaml index 8a49236447a48838e0456ca594890e5032ed2d30..276653122afd67f460fc31df96e6bea8580f196b 100644 --- a/hisysevent.yaml +++ b/hisysevent.yaml @@ -17,6 +17,7 @@ CALLBACK_FAILED: __BASE: {type: SECURITY, level: CRITICAL, desc: Failed to execute the callback} CALLER_PID: {type: INT32, desc: caller pid} CALLER_UID: {type: INT32, desc: caller uid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} CALL_SCENE: {type: STRING, desc: call scene} REASON: {type: STRING, desc: callback execution failure cause} SC_ID: {type: INT32, desc: security component id} @@ -26,12 +27,14 @@ CALLER_CHECK_FAILED: __BASE: {type: SECURITY, level: CRITICAL, desc: Illegal invocation} CALLER_PID: {type: INT32, desc: caller pid} CALLER_UID: {type: INT32, desc: caller uid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} CALL_SCENE: {type: STRING, desc: call scene} CHALLENGE_CHECK_FAILED: __BASE: {type: SECURITY, level: CRITICAL, desc: Challenge value verification failed} CALLER_PID: {type: INT32, desc: caller pid} CALLER_UID: {type: INT32, desc: caller uid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} CALL_SCENE: {type: STRING, desc: call scene} SC_ID: {type: INT32, desc: security component id} SC_TYPE: {type: STRING, desc: security component type} @@ -40,6 +43,7 @@ CLICK_INFO_CHECK_FAILED: __BASE: {type: SECURITY, level: CRITICAL, desc: Failed to verify the click event} CALLER_PID: {type: INT32, desc: caller pid} CALLER_UID: {type: INT32, desc: caller uid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} SC_ID: {type: INT32, desc: security component id} SC_TYPE: {type: STRING, desc: security component type} @@ -47,6 +51,7 @@ COMPONENT_INFO_CHECK_FAILED: __BASE: {type: SECURITY, level: CRITICAL, desc: Failed to verify the component information} CALLER_PID: {type: INT32, desc: caller pid} CALLER_UID: {type: INT32, desc: caller uid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} CALL_SCENE: {type: STRING, desc: call scene} SC_ID: {type: INT32, desc: security component id} SC_TYPE: {type: STRING, desc: security component type} @@ -55,6 +60,7 @@ INIT_FAILED: __BASE: {type: FAULT, level: CRITICAL, desc: Failed to initialize the security component environment} CALLER_PID: {type: INT32, desc: caller pid} CALLER_UID: {type: INT32, desc: caller uid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} REASON: {type: STRING, desc: callback execution failure cause} REGISTER_SUCCESS: @@ -79,6 +85,7 @@ TEMP_GRANT_FAILED: __BASE: {type: FAULT, level: CRITICAL, desc: Security component authorization failed} CALLER_PID: {type: INT32, desc: caller pid} CALLER_UID: {type: INT32, desc: caller uid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} SC_ID: {type: INT32, desc: security component id} SC_TYPE: {type: STRING, desc: security component type} @@ -98,6 +105,7 @@ UNREGISTER_SUCCESS: SESSION_INFO_CHECK_FAILED: __BASE: {type: BEHAVIOR, level: MINOR, desc: Failed to verify session information} CALLER_PID: {type: INT32, desc: caller pid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} CLIENT_SESSION_ID: {type: INT32, desc: session id stored in client} CLIENT_SEQ_NUM: {type: INT32, desc: sequence number stored in client} SERVICE_SESSION_ID: {type: INT32, desc: session id stored in server} @@ -106,6 +114,7 @@ SESSION_INFO_CHECK_FAILED: CALLBACK_INFO_CHECK_FAILED: __BASE: {type: BEHAVIOR, level: MINOR, desc: Failed to verify session information} CALLER_PID: {type: INT32, desc: caller pid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} CLIENT_SESSION_ID: {type: INT32, desc: session id stored in client} CLIENT_SEQ_NUM: {type: INT32, desc: sequence number stored in client} SERVICE_SESSION_ID: {type: INT32, desc: session id stored in server} @@ -115,5 +124,6 @@ PREPROCESS_MESSAGE_FAILED: __BASE: {type: BEHAVIOR, level: MINOR, desc: Failed to verify session information} PREPROCESS_TYPE: {type: INT32, desc: preprocess type} CALLER_PID: {type: INT32, desc: caller pid} + CALLER_BUNDLE_NAME: {type: STRING, desc: caller bundle name} CLIENT_SESSION_ID: {type: INT32, desc: session id stored in client} CLIENT_SEQ_NUM: {type: INT32, desc: sequence number stored in client} diff --git a/interfaces/inner_api/security_component/BUILD.gn b/interfaces/inner_api/security_component/BUILD.gn index 902358ee7e81059749df90de133e97d57f9d092a..1cfb848a545ec92b9b1be0a6466e01fca8fbcfd9 100644 --- a/interfaces/inner_api/security_component/BUILD.gn +++ b/interfaces/inner_api/security_component/BUILD.gn @@ -62,6 +62,7 @@ ohos_shared_library("libsecurity_component_sdk") { external_deps = [ "access_token:libaccesstoken_sdk", + "bundle_framework:appexecfwk_core", "c_utils:utils", "hilog:libhilog", "hisysevent:libhisysevent", diff --git a/interfaces/inner_api/security_component/src/sec_comp_kit.cpp b/interfaces/inner_api/security_component/src/sec_comp_kit.cpp index c7a9e9431267a66700d7b7e20ed2a6a5a00925a4..6df28a158b61794794c47b5f8feb5698d3e67825 100644 --- a/interfaces/inner_api/security_component/src/sec_comp_kit.cpp +++ b/interfaces/inner_api/security_component/src/sec_comp_kit.cpp @@ -14,6 +14,7 @@ */ #include "sec_comp_kit.h" +#include "bundle_mgr_client.h" #include "hisysevent.h" #include "ipc_skeleton.h" #include "sec_comp_caller_authorization.h" @@ -35,8 +36,12 @@ int32_t SecCompKit::RegisterSecurityComponent(SecCompType type, if (!SecCompCallerAuthorization::GetInstance().IsKitCaller( reinterpret_cast(__builtin_return_address(0)))) { SC_LOG_ERROR(LABEL, "register security component fail, caller invalid"); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CALLER_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingRealPid(), "CALL_SCENE", "REGITSTER"); return SC_SERVICE_ERROR_CALLER_INVALID; } @@ -60,8 +65,12 @@ int32_t SecCompKit::UpdateSecurityComponent(int32_t scId, std::string& component if (!SecCompCallerAuthorization::GetInstance().IsKitCaller( reinterpret_cast(__builtin_return_address(0)))) { SC_LOG_ERROR(LABEL, "update security component fail, caller invalid"); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CALLER_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingRealPid(), "CALL_SCENE", "UPDATE"); return SC_SERVICE_ERROR_CALLER_INVALID; } @@ -99,8 +108,12 @@ int32_t SecCompKit::ReportSecurityComponentClickEvent(int32_t scId, if (!SecCompCallerAuthorization::GetInstance().IsKitCaller( reinterpret_cast(__builtin_return_address(0)))) { SC_LOG_ERROR(LABEL, "report click event fail, caller invalid"); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CALLER_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingRealPid(), "CALL_SCENE", "CLICK"); return SC_SERVICE_ERROR_CALLER_INVALID; } diff --git a/interfaces/inner_api/security_component/test/BUILD.gn b/interfaces/inner_api/security_component/test/BUILD.gn index cf8b6c89e2780d1d688fbff18273b9814987e104..2b59ae11c69b904f2d2ad7796d47cb12c2979209 100644 --- a/interfaces/inner_api/security_component/test/BUILD.gn +++ b/interfaces/inner_api/security_component/test/BUILD.gn @@ -58,6 +58,7 @@ ohos_unittest("sec_comp_sdk_test") { external_deps = [ "access_token:libaccesstoken_sdk", + "bundle_framework:appexecfwk_core", "c_utils:utils", "hilog:libhilog", "hisysevent:libhisysevent", @@ -96,6 +97,7 @@ ohos_unittest("sec_comp_register_callback_test") { external_deps = [ "access_token:libaccesstoken_sdk", "access_token:libtoken_setproc", + "bundle_framework:appexecfwk_core", "c_utils:utils", "hilog:libhilog", "hisysevent:libhisysevent", diff --git a/services/security_component_service/sa/sa_main/first_use_dialog.cpp b/services/security_component_service/sa/sa_main/first_use_dialog.cpp index fef00695131fb1083c015005143ab3c0a909f5ee..8fd4cd1dd6baa8fe8f8553b44bdbfdd3a6652d28 100644 --- a/services/security_component_service/sa/sa_main/first_use_dialog.cpp +++ b/services/security_component_service/sa/sa_main/first_use_dialog.cpp @@ -21,6 +21,7 @@ #include #include "ability_manager_client.h" #include "accesstoken_kit.h" +#include "bundle_mgr_client.h" #include "hisysevent.h" #include "sec_comp_dialog_callback_proxy.h" #include "sec_comp_err.h" @@ -270,8 +271,11 @@ int32_t FirstUseDialog::GrantDialogWaitEntity(int32_t scId) } int32_t res = sc->GrantTempPermission(); if (res != SC_OK) { + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(sc->uid_, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "TEMP_GRANT_FAILED", - HiviewDFX::HiSysEvent::EventType::FAULT, "CALLER_UID", sc->uid_, + HiviewDFX::HiSysEvent::EventType::FAULT, "CALLER_UID", sc->uid_, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", sc->pid_, "SC_ID", scId, "SC_TYPE", sc->GetType()); } else { HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "TEMP_GRANT_SUCCESS", diff --git a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp index b366ac3062f299c0de3f912b09f57ce4cf80e982..1894daa16464eb1d3013c780895effe980eaf4b7 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp @@ -15,6 +15,7 @@ #include "sec_comp_entity.h" #include +#include "bundle_mgr_client.h" #include "datashare_helper.h" #include "hisysevent.h" #include "ipc_skeleton.h" @@ -122,8 +123,12 @@ int32_t SecCompEntity::CheckClickInfo(const SecCompClickEvent& clickInfo) const if ((res != SC_OK) && (res != SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE)) { SC_LOG_ERROR(LABEL, "HMAC checkout failed"); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CLICK_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId_, "SC_TYPE", componentInfo_->type_); return SC_ENHANCE_ERROR_CLICK_EXTRA_CHECK_FAIL; } diff --git a/services/security_component_service/sa/sa_main/sec_comp_manager.cpp b/services/security_component_service/sa/sa_main/sec_comp_manager.cpp index 42552696f0962ff980a8d80e82ea06113a3c9374..cd388f381e27db84d3516ac0fa783f97a1f94d41 100644 --- a/services/security_component_service/sa/sa_main/sec_comp_manager.cpp +++ b/services/security_component_service/sa/sa_main/sec_comp_manager.cpp @@ -14,6 +14,7 @@ */ #include "sec_comp_manager.h" +#include "bundle_mgr_client.h" #include "delay_exit_task.h" #include "hisysevent.h" #include "i_sec_comp_service.h" @@ -21,6 +22,7 @@ #include "iservice_registry.h" #include "sec_comp_enhance_adapter.h" #include "sec_comp_err.h" +#include "sec_comp_info.h" #include "sec_comp_info_helper.h" #include "sec_comp_log.h" @@ -296,14 +298,18 @@ void SecCompManager::ExitWhenAppMgrDied() void SecCompManager::SendCheckInfoEnhanceSysEvent(int32_t scId, SecCompType type, const std::string& scene, int32_t res) { + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); if (res == SC_ENHANCE_ERROR_CHALLENGE_CHECK_FAIL) { HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CHALLENGE_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "SC_TYPE", type, "CALL_SCENE", scene); } else { HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CALLBACK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_TYPE", type, "CALL_SCENE", scene, "REASON", TransformCallBackResult(static_cast(res))); } @@ -345,8 +351,12 @@ int32_t SecCompManager::RegisterSecurityComponent(SecCompType type, std::shared_ptr component(componentPtr); if (component == nullptr) { SC_LOG_ERROR(LABEL, "Parse component info invalid"); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "COMPONENT_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "CALL_SCENE", "REGITSTER", "SC_TYPE", type); return SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; } @@ -392,8 +402,12 @@ int32_t SecCompManager::UpdateSecurityComponent(int32_t scId, const nlohmann::js std::shared_ptr reportComponentInfo(report); if (reportComponentInfo == nullptr) { SC_LOG_ERROR(LABEL, "Update component info invalid"); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "COMPONENT_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "CALL_SCENE", "UPDATE", "SC_TYPE", sc->GetType()); return SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; @@ -430,16 +444,24 @@ int32_t SecCompManager::CheckClickSecurityComponentInfo(std::shared_ptr reportComponentInfo(report); if ((reportComponentInfo == nullptr) || (!reportComponentInfo->GetValid())) { SC_LOG_ERROR(LABEL, "report component info invalid"); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "COMPONENT_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "CALL_SCENE", "CLICK", "SC_TYPE", sc->GetType()); return SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; } if ((!SecCompInfoHelper::CheckRectValid(reportComponentInfo->rect_, reportComponentInfo->windowRect_))) { SC_LOG_ERROR(LABEL, "compare component info failed."); + int32_t uid = IPCSkeleton::GetCallingUid(); + OHOS::AppExecFwk::BundleMgrClient bmsClient; + std::string bundleName = ""; + bmsClient.GetNameForUid(uid, bundleName); HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "COMPONENT_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), + HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", uid, "CALLER_BUNDLE_NAME", bundleName, "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "CALL_SCENE", "CLICK", "SC_TYPE", sc->GetType()); return SC_SERVICE_ERROR_COMPONENT_INFO_INVALID; @@ -457,6 +479,18 @@ int32_t SecCompManager::CheckClickSecurityComponentInfo(std::shared_ptr>& remote) @@ -486,9 +520,8 @@ int32_t SecCompManager::ReportSecurityComponentClickEvent(int32_t scId, res = sc->CheckClickInfo(clickInfo); if (res != SC_OK) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CLICK_INFO_CHECK_FAILED", - HiviewDFX::HiSysEvent::EventType::SECURITY, "CALLER_UID", IPCSkeleton::GetCallingUid(), - "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "SC_TYPE", sc->GetType()); + ReportEvent("CLICK_INFO_CHECK_FAILED", HiviewDFX::HiSysEvent::EventType::SECURITY, + scId, sc->GetType()); if (res == SC_ENHANCE_ERROR_CLICK_EXTRA_CHECK_FAIL) { malicious_.AddAppToMaliciousAppList(caller.pid); } @@ -504,9 +537,8 @@ int32_t SecCompManager::ReportSecurityComponentClickEvent(int32_t scId, res = sc->GrantTempPermission(); if (res != SC_OK) { - HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "TEMP_GRANT_FAILED", - HiviewDFX::HiSysEvent::EventType::FAULT, "CALLER_UID", IPCSkeleton::GetCallingUid(), - "CALLER_PID", IPCSkeleton::GetCallingPid(), "SC_ID", scId, "SC_TYPE", sc->GetType()); + ReportEvent("TEMP_GRANT_FAILED", HiviewDFX::HiSysEvent::EventType::FAULT, + scId, sc->GetType()); return res; } HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "TEMP_GRANT_SUCCESS",