From 2f0d1544964d61f93c4a8b1be7cfd2dfa407a42c Mon Sep 17 00:00:00 2001
From: libing23 <libing23@huawei.com>
Date: Tue, 12 Mar 2024 19:59:44 +0800
Subject: [PATCH 1/2] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E5=AE=89=E5=85=A8?=
 =?UTF-8?q?=E6=8E=A7=E4=BB=B6=E6=9C=8D=E5=8A=A1=E6=A3=80=E6=9F=A5=E5=92=8C?=
 =?UTF-8?q?=E5=8A=A0=E8=BD=BD=E6=8E=A5=E5=8F=A3=EF=BC=8C=E4=BF=9D=E8=AF=81?=
 =?UTF-8?q?ACE=E5=8F=AF=E4=BB=A5=E9=80=9A=E8=BF=87=E5=BC=82=E6=AD=A5?=
 =?UTF-8?q?=E7=BA=BF=E7=A8=8B=E5=8A=A0=E8=BD=BD=E6=9C=8D=E5=8A=A1=20Signed?=
 =?UTF-8?q?-off-by:=20libing23=20<libing23@huawei.com>?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../security_component/include/sec_comp_client.h       |  2 ++
 .../security_component/include/sec_comp_kit.h          |  2 ++
 .../security_component/src/sec_comp_client.cpp         | 10 ++++++++++
 .../inner_api/security_component/src/sec_comp_kit.cpp  | 10 ++++++++++
 .../sa/sa_main/sec_comp_entity.cpp                     |  5 +++++
 .../sa/sa_main/sec_comp_manager.cpp                    |  3 ++-
 6 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/interfaces/inner_api/security_component/include/sec_comp_client.h b/interfaces/inner_api/security_component/include/sec_comp_client.h
index fca78d5..d1d0af7 100644
--- a/interfaces/inner_api/security_component/include/sec_comp_client.h
+++ b/interfaces/inner_api/security_component/include/sec_comp_client.h
@@ -38,6 +38,8 @@ public:
     bool VerifySavePermission(AccessToken::AccessTokenID tokenId);
     sptr<IRemoteObject> GetEnhanceRemoteObject(bool doLoadSa);
     int32_t PreRegisterSecCompProcess();
+    bool IsServiceExist();
+    bool LoadService();
 
     void FinishStartSASuccess(const sptr<IRemoteObject>& remoteObject);
     void FinishStartSAFail();
diff --git a/interfaces/inner_api/security_component/include/sec_comp_kit.h b/interfaces/inner_api/security_component/include/sec_comp_kit.h
index 93c7e53..554510c 100644
--- a/interfaces/inner_api/security_component/include/sec_comp_kit.h
+++ b/interfaces/inner_api/security_component/include/sec_comp_kit.h
@@ -34,6 +34,8 @@ public:
     static bool VerifySavePermission(AccessToken::AccessTokenID tokenId);
     static sptr<IRemoteObject> GetEnhanceRemoteObject(bool isLoad);
     static int32_t PreRegisterSecCompProcess();
+    static bool IsServiceExist();
+    static bool LoadService();
 };
 }  // namespace SecurityComponent
 }  // namespace Security
diff --git a/interfaces/inner_api/security_component/src/sec_comp_client.cpp b/interfaces/inner_api/security_component/src/sec_comp_client.cpp
index 7ce91dc..ca2847c 100644
--- a/interfaces/inner_api/security_component/src/sec_comp_client.cpp
+++ b/interfaces/inner_api/security_component/src/sec_comp_client.cpp
@@ -124,6 +124,16 @@ int32_t SecCompClient::PreRegisterSecCompProcess()
     return proxy->PreRegisterSecCompProcess();
 }
 
+bool SecCompClient::IsServiceExist()
+{
+    return GetProxy(false) != nullptr;
+}
+
+bool SecCompClient::LoadService()
+{
+    return GetProxy(true) != nullptr;
+}
+
 bool SecCompClient::StartLoadSecCompSa()
 {
     {
diff --git a/interfaces/inner_api/security_component/src/sec_comp_kit.cpp b/interfaces/inner_api/security_component/src/sec_comp_kit.cpp
index a8314fb..bd414b6 100644
--- a/interfaces/inner_api/security_component/src/sec_comp_kit.cpp
+++ b/interfaces/inner_api/security_component/src/sec_comp_kit.cpp
@@ -138,6 +138,16 @@ int32_t SecCompKit::PreRegisterSecCompProcess()
 {
     return SecCompClient::GetInstance().PreRegisterSecCompProcess();
 }
+
+bool SecCompKit::IsServiceExist()
+{
+    return SecCompClient::GetInstance().IsServiceExist();
+}
+
+bool SecCompKit::LoadService()
+{
+    return SecCompClient::GetInstance().LoadService();
+}
 }  // namespace SecurityComponent
 }  // namespace Security
 }  // namespace OHOS
diff --git a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp
index 6837692..93eee34 100644
--- a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp
+++ b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp
@@ -96,6 +96,11 @@ int32_t SecCompEntity::CheckClickInfo(const SecCompClickEvent& clickInfo) const
         return res;
     }
 
+    if (clickInfo.extraInfo.dataSize == 0 || clickInfo.extraInfo.data == nullptr) {
+        SC_LOG_ERROR(LABEL, "HMAC info is invalid");
+        return SC_SERVICE_ERROR_CLICK_EVENT_INVALID;
+    }
+
     res = SecCompEnhanceAdapter::CheckExtraInfo(clickInfo);
     if ((res != SC_OK) && (res != SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE)) {
         SC_LOG_ERROR(LABEL, "HMAC checkout failed");
diff --git a/services/security_component_service/sa/sa_main/sec_comp_manager.cpp b/services/security_component_service/sa/sa_main/sec_comp_manager.cpp
index 9da222f..7a3e002 100644
--- a/services/security_component_service/sa/sa_main/sec_comp_manager.cpp
+++ b/services/security_component_service/sa/sa_main/sec_comp_manager.cpp
@@ -304,7 +304,7 @@ int32_t SecCompManager::AddSecurityComponentProcess(const SecCompCallerInfo& cal
         }
 
         auto iter = componentMap_.find(caller.pid);
-        if (iter != componentMap_.end()) {
+        if (iter == componentMap_.end()) {
             ProcessCompInfos newProcess;
             newProcess.isForeground = true;
             newProcess.tokenId = caller.tokenId;
@@ -515,6 +515,7 @@ bool SecCompManager::Initialize()
     secHandler_ = std::make_shared<SecEventHandler>(secRunner_);
     DelayExitTask::GetInstance().Init(secHandler_);
     firstUseDialog_.Init(secHandler_);
+    SecCompEnhanceAdapter::EnableInputEnhance();
 
     return SecCompPermManager::GetInstance().InitEventHandler(secHandler_);
 }
-- 
Gitee


From 0d5f2d8b2bdc5f68fb370a553b70e06d1b8e42ad Mon Sep 17 00:00:00 2001
From: libing23 <libing23@huawei.com>
Date: Fri, 22 Mar 2024 11:00:24 +0800
Subject: [PATCH 2/2] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E8=93=9D=E5=8C=BA?=
 =?UTF-8?q?=E6=B2=A1=E6=9C=89=E7=82=B9=E5=87=BB=E4=BA=8B=E4=BB=B6=E7=AD=BE?=
 =?UTF-8?q?=E5=90=8D=E5=AF=BC=E8=87=B4=E6=A0=A1=E9=AA=8C=E5=A4=B1=E8=B4=A5?=
 =?UTF-8?q?=20Signed-off-by:=20libing23=20<libing23@huawei.com>?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../enhance_adapter/src/sec_comp_enhance_adapter.cpp      | 4 ++++
 .../sa/sa_main/sec_comp_entity.cpp                        | 8 ++++----
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/frameworks/enhance_adapter/src/sec_comp_enhance_adapter.cpp b/frameworks/enhance_adapter/src/sec_comp_enhance_adapter.cpp
index 5dfa2e9..c8d4290 100644
--- a/frameworks/enhance_adapter/src/sec_comp_enhance_adapter.cpp
+++ b/frameworks/enhance_adapter/src/sec_comp_enhance_adapter.cpp
@@ -100,6 +100,10 @@ int32_t SecCompEnhanceAdapter::CheckExtraInfo(const SecCompClickEvent& clickInfo
         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
     }
     if (srvHandler != nullptr) {
+        if (clickInfo.extraInfo.dataSize == 0 || clickInfo.extraInfo.data == nullptr) {
+            SC_LOG_ERROR(LABEL, "HMAC info is invalid");
+            return SC_SERVICE_ERROR_CLICK_EVENT_INVALID;
+        }
         return srvHandler->CheckExtraInfo(clickInfo);
     }
     return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
diff --git a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp
index 93eee34..4cbfc41 100644
--- a/services/security_component_service/sa/sa_main/sec_comp_entity.cpp
+++ b/services/security_component_service/sa/sa_main/sec_comp_entity.cpp
@@ -96,12 +96,12 @@ int32_t SecCompEntity::CheckClickInfo(const SecCompClickEvent& clickInfo) const
         return res;
     }
 
-    if (clickInfo.extraInfo.dataSize == 0 || clickInfo.extraInfo.data == nullptr) {
-        SC_LOG_ERROR(LABEL, "HMAC info is invalid");
-        return SC_SERVICE_ERROR_CLICK_EVENT_INVALID;
+    res = SecCompEnhanceAdapter::CheckExtraInfo(clickInfo);
+    if (res == SC_SERVICE_ERROR_CLICK_EVENT_INVALID) {
+        SC_LOG_ERROR(LABEL, "Click ExtraInfo is invalid");
+        return res;
     }
 
-    res = SecCompEnhanceAdapter::CheckExtraInfo(clickInfo);
     if ((res != SC_OK) && (res != SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE)) {
         SC_LOG_ERROR(LABEL, "HMAC checkout failed");
         HiSysEventWrite(HiviewDFX::HiSysEvent::Domain::SEC_COMPONENT, "CLICK_INFO_CHECK_FAILED",
-- 
Gitee