diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/tf_daemon/Android.mk | 2 | ||||
-rw-r--r-- | security/tf_daemon/delegation_client.c | 194 | ||||
-rw-r--r-- | security/tf_daemon/lib_uuid.h | 155 | ||||
-rw-r--r-- | security/tf_daemon/s_version.h | 10 | ||||
-rw-r--r-- | security/tf_daemon/service_delegation_protocol.h | 22 | ||||
-rw-r--r-- | security/tf_daemon/smc_properties.c | 4 | ||||
-rw-r--r-- | security/tf_daemon/smc_properties_parser.c | 61 |
7 files changed, 422 insertions, 26 deletions
diff --git a/security/tf_daemon/Android.mk b/security/tf_daemon/Android.mk index 02ff35e..d996d81 100644 --- a/security/tf_daemon/Android.mk +++ b/security/tf_daemon/Android.mk @@ -17,6 +17,8 @@ LOCAL_SRC_FILES := \ smc_properties_parser.c \ lib_manifest2.c +LOCAL_LDFLAGS += -llog + LOCAL_CFLAGS += -DLINUX LOCAL_CFLAGS += -D__ANDROID32__ LOCAL_CFLAGS += -DSUPPORT_DELEGATION_EXTENSION diff --git a/security/tf_daemon/delegation_client.c b/security/tf_daemon/delegation_client.c index 54ee112..a2bff0b 100644 --- a/security/tf_daemon/delegation_client.c +++ b/security/tf_daemon/delegation_client.c @@ -28,7 +28,7 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#if defined(__ANDROID32__) +#if defined(ANDROID) #include <stddef.h> #endif #include <stdio.h> @@ -43,12 +43,12 @@ #include <sys/types.h> #include <fcntl.h> -#if defined(LINUX) || defined(__ANDROID32__) +#if defined(LINUX) || defined(ANDROID) #include <unistd.h> #include <sys/resource.h> -#if defined(__ANDROID32__) +#if defined(ANDROID) /* fdatasync does not exist on Android */ #define fdatasync fsync #else @@ -58,14 +58,14 @@ * in some distributions */ int fdatasync(int fd); -#endif /* __ANDROID32__ */ +#endif /* ANDROID */ #include <syslog.h> #include <sys/types.h> #include <sys/stat.h> #include <pthread.h> #include <semaphore.h> #define PATH_SEPARATOR '/' -#endif /* LINUX || __ANDROID32__ */ +#endif /* LINUX || ANDROID */ #ifdef WIN32 #include <windows.h> @@ -97,6 +97,10 @@ int fdatasync(int fd); #include "delegation_client_extension.h" #endif +#ifdef TFSW_FDM_ANDROID +#include <android/log.h> +#endif + /*---------------------------------------------------------------------------- * Design notes * ============ @@ -109,7 +113,7 @@ int fdatasync(int fd); /*---------------------------------------------------------------------------- * Defines and structures *----------------------------------------------------------------------------*/ -#define ECHANGE_BUFFER_INSTRUCTIONS_NB 100 +#define ECHANGE_BUFFER_INSTRUCTIONS_NB 1000 #define DEFAULT_WORKSPACE_SIZE (128*1024) @@ -124,6 +128,21 @@ typedef struct uint8_t sWorkspace[1/*g_nWorkspaceSize*/]; } DELEGATION_EXCHANGE_BUFFER; +#ifdef SUPPORT_RPMB_PARTITION +typedef struct +{ + uint8_t pDummy[196]; + uint8_t pMAC[32]; + uint8_t pData[256]; + uint8_t pNonce[16]; + uint32_t nMC; + uint16_t nAddr; + uint16_t nBlockCount; + uint16_t nResult; + uint16_t nReqOrResp; +} DELEGATION_RPMB_MESSAGE; +#endif + #define MD_VAR_NOT_USED(variable) do{(void)(variable);}while(0); #define MD_INLINE __inline @@ -141,7 +160,7 @@ typedef struct in release builds whereas logs are visible to the customer. -----------------------------------------------*/ -#if defined(LINUX) || (defined __ANDROID32__) +#if defined(LINUX) || (defined ANDROID) static bool bDetached = false; @@ -155,9 +174,13 @@ static MD_INLINE void LogError(const char* format, ...) } else { +#ifdef TFSW_FDM_ANDROID + __android_log_vprint(ANDROID_LOG_ERROR , "TF Daemon", format, ap); +#else fprintf(stderr, "ERROR: "); vfprintf(stderr, format, ap); fprintf(stderr, "\n"); +#endif } va_end(ap); } @@ -172,9 +195,13 @@ static MD_INLINE void LogWarning(const char* format, ...) } else { +#ifdef TFSW_FDM_ANDROID + __android_log_vprint(ANDROID_LOG_WARN , "TF Daemon", format, ap); +#else fprintf(stderr, "WARNING: "); vfprintf(stderr, format, ap); fprintf(stderr, "\n"); +#endif } va_end(ap); } @@ -188,8 +215,12 @@ static MD_INLINE void LogInfo(const char* format, ...) } else { +#ifdef TFSW_FDM_ANDROID + __android_log_vprint(ANDROID_LOG_INFO , "TF Daemon", format, ap); +#else vfprintf(stderr, format, ap); fprintf(stderr, "\n"); +#endif } va_end(ap); } @@ -205,9 +236,13 @@ static MD_INLINE void TRACE_ERROR(const char* format, ...) } else { +#ifdef TFSW_FDM_ANDROID + __android_log_vprint(ANDROID_LOG_ERROR , "TF Daemon", format, ap); +#else fprintf(stderr, "TRACE: ERROR: "); vfprintf(stderr, format, ap); fprintf(stderr, "\n"); +#endif } va_end(ap); #else @@ -226,9 +261,13 @@ static MD_INLINE void TRACE_WARNING(const char* format, ...) } else { +#ifdef TFSW_FDM_ANDROID + __android_log_vprint(ANDROID_LOG_WARN , "TF Daemon", format, ap); +#else fprintf(stderr, "TRACE: WARNING: "); vfprintf(stderr, format, ap); fprintf(stderr, "\n"); +#endif } va_end(ap); #else @@ -247,9 +286,13 @@ static MD_INLINE void TRACE_INFO(const char* format, ...) } else { +#ifdef TFSW_FDM_ANDROID + __android_log_vprint(ANDROID_LOG_INFO , "TF Daemon", format, ap); +#else fprintf(stderr, "TRACE: "); vfprintf(stderr, format, ap); fprintf(stderr, "\n"); +#endif } va_end(ap); #else @@ -289,7 +332,7 @@ static MD_INLINE void TRACE_INFO(const char* format, ...) } #else -/* !defined(LINUX) || !defined(__ANDROID32__) */ +/* !defined(LINUX) || !defined(ANDROID) */ static MD_INLINE void LogError(const char* format, ...) { @@ -359,7 +402,7 @@ static MD_INLINE void TRACE_INFO(const char* format, ...) MD_VAR_NOT_USED(format); #endif /* NDEBUG */ } -#endif /* defined(LINUX) || defined(__ANDROID32__) */ +#endif /* defined(LINUX) || defined(ANDROID) */ /*---------------------------------------------------------------------------- * Globals @@ -483,7 +526,7 @@ int static_checkStorageDirAndAccessRights(char * directoryName) if (result == 0) { /* Storage dir exists. Check access rights */ -#if defined(LINUX) || (defined __ANDROID32__) +#if defined(LINUX) || (defined ANDROID) if ((buf.st_mode & (S_IXUSR | S_IWUSR)) != (S_IXUSR | S_IWUSR)) { LogError("storageDir '%s' does not have read-write access", directoryName); @@ -529,7 +572,7 @@ static TEEC_Result partitionDestroy(uint32_t nPartitionID) } /* Try to erase the file */ -#if defined(LINUX) || (defined __ANDROID32__) || defined (__SYMBIAN32__) +#if defined(LINUX) || (defined ANDROID) || defined (__SYMBIAN32__) if (unlink(g_pPartitionNames[nPartitionID]) != 0) #endif #ifdef WIN32 @@ -686,6 +729,46 @@ static TEEC_Result partitionRead(uint32_t nPartitionID, uint32_t nSectorIndex, u return S_SUCCESS; } +#ifdef SUPPORT_RPMB_PARTITION +static TEEC_Result rpmbRead(DELEGATION_RPMB_INSTRUCTION *pInstruction) +{ + DELEGATION_RPMB_MESSAGE* pMessages; + uint32_t nNbMsg, nIndex; + + nNbMsg = g_nSectorSize >> 8; + pMessages = (DELEGATION_RPMB_MESSAGE*)malloc(nNbMsg * sizeof(DELEGATION_RPMB_MESSAGE)); + if (pMessages == NULL) + { + return S_ERROR_OUT_OF_MEMORY; + } + memset(pMessages,0,nNbMsg * sizeof(DELEGATION_RPMB_MESSAGE)); + + for (nIndex=0;nIndex<nNbMsg;nIndex++) + { + memcpy(pMessages[nIndex].pNonce , pInstruction->pNonce, 16); + pMessages[nIndex].nAddr = pInstruction->nAddr; + pMessages[nIndex].nBlockCount = pInstruction->nBlockCount; + pMessages[nIndex].nReqOrResp = 0x0004; + } + memcpy(pMessages[nNbMsg-1].pMAC,pInstruction->nMAC,32); + + /* TODO: send to the RPMB driver */ + + memcpy(pInstruction->pNonce,pMessages[0].pNonce , 16); + pInstruction->nAddr = pMessages[0].nAddr; + pInstruction->nBlockCount = pMessages[0].nBlockCount; + for (nIndex=0;nIndex<nNbMsg;nIndex++) + { + memcpy(g_pWorkspaceBuffer + pInstruction->nWorkspaceOffset[nIndex],pMessages[nIndex].pData,256); + } + memcpy(pInstruction->nMAC, pMessages[nNbMsg-1].pMAC,32); + pInstruction->nResult=pMessages[nNbMsg-1].nResult; + + free(pMessages); + + return S_SUCCESS; +} +#endif /** * This function executes the WRITE instruction. * @@ -724,7 +807,42 @@ static TEEC_Result partitionWrite(uint32_t nPartitionID, uint32_t nSectorIndex, return S_SUCCESS; } +#ifdef SUPPORT_RPMB_PARTITION +static TEEC_Result rpmbWrite(DELEGATION_RPMB_INSTRUCTION *pInstruction) +{ + DELEGATION_RPMB_MESSAGE* pMessages; + uint32_t nNbMsg, nIndex; + nNbMsg = g_nSectorSize >> 8; + pMessages = (DELEGATION_RPMB_MESSAGE*)malloc(nNbMsg * sizeof(DELEGATION_RPMB_MESSAGE)); + if (pMessages == NULL) + { + return S_ERROR_OUT_OF_MEMORY; + } + memset(pMessages,0,nNbMsg * sizeof(DELEGATION_RPMB_MESSAGE)); + + for (nIndex=0;nIndex<nNbMsg;nIndex++) + { + memcpy(pMessages[nIndex].pData,g_pWorkspaceBuffer + pInstruction->nWorkspaceOffset[nIndex],256); + pMessages[nIndex].nMC = pInstruction->nMC; + pMessages[nIndex].nAddr = pInstruction->nAddr; + pMessages[nIndex].nBlockCount = pInstruction->nBlockCount; + pMessages[nIndex].nReqOrResp = 0x0003; + } + memcpy(pMessages[nNbMsg-1].pMAC,pInstruction->nMAC,32); + + /* TODO: send to the RPMB driver */ + + pInstruction->nAddr = pMessages[0].nAddr; + pInstruction->nMC = pMessages[0].nMC; + memcpy(pInstruction->nMAC, pMessages[nNbMsg-1].pMAC,32); + pInstruction->nResult=pMessages[nNbMsg-1].nResult; + + free(pMessages); + + return S_SUCCESS; +} +#endif /** * This function executes the SET_SIZE instruction. * @@ -774,7 +892,7 @@ static TEEC_Result partitionSetSize(uint32_t nPartitionID, uint32_t nNewSectorCo { int result = 0; /* Truncate the partition file */ -#if defined(LINUX) || (defined __ANDROID32__) +#if defined(LINUX) || (defined ANDROID) result = ftruncate(fileno(pFile),nNewSectorCount * g_nSectorSize); #endif #if defined (__SYMBIAN32__) @@ -819,7 +937,7 @@ static TEEC_Result partitionSync(uint32_t nPartitionID) } /* Then synchronize the file descriptor with the file-system */ -#if defined(LINUX) || (defined __ANDROID32__) +#if defined(LINUX) || (defined ANDROID) result=fdatasync(fileno(pFile)); #endif #if defined (__SYMBIAN32__) @@ -1008,6 +1126,13 @@ static int runSession(TEEC_Context* pContext, TEEC_Session* pSession, TEEC_Opera { case DELEGATION_INSTRUCTION_PARTITION_CREATE: nError = partitionCreate(nPartitionID); +#ifdef SUPPORT_RPMB_PARTITION + if (nPartitionID == RPMB_PARTITION_ID) + { + /* TODO: get the Write counter */ + pInstruction->sAuthRW.nMC = 0; + } +#endif TRACE_INFO("INSTRUCTION: ID=0x%x pid=%d err=%d", (nInstructionID & 0x0F), nPartitionID, nError); break; case DELEGATION_INSTRUCTION_PARTITION_OPEN: @@ -1019,9 +1144,33 @@ static int runSession(TEEC_Context* pContext, TEEC_Session* pSession, TEEC_Opera { g_pExchangeBuffer->sAdministrativeData.nPartitionOpenSizes[nPartitionID] = nPartitionSize; } +#ifdef SUPPORT_RPMB_PARTITION + if (nPartitionID == RPMB_PARTITION_ID) + { + /* TODO: get the Write counter */ + pInstruction->sAuthRW.nMC = 0; + } +#endif break; } case DELEGATION_INSTRUCTION_PARTITION_READ: +#ifdef SUPPORT_RPMB_PARTITION + if (nPartitionID == RPMB_PARTITION_ID) + { + if (nInstructionsIndex + sizeof(DELEGATION_RPMB_INSTRUCTION)-sizeof(uint32_t) <= nInstructionsBufferSize) + { + nInstructionsIndex+=sizeof(DELEGATION_RPMB_INSTRUCTION)-sizeof(uint32_t); + } + else + { + goto instruction_parse_end; + } + nError = rpmbRead(&pInstruction->sAuthRW); + TRACE_INFO("INSTRUCTION: ID=0x%x pid=%d err=%d", (nInstructionID & 0x0F), nPartitionID, nError); + break; + } + else +#endif { /* Parse parameters */ uint32_t nSectorID; @@ -1041,6 +1190,23 @@ static int runSession(TEEC_Context* pContext, TEEC_Session* pSession, TEEC_Opera break; } case DELEGATION_INSTRUCTION_PARTITION_WRITE: +#ifdef SUPPORT_RPMB_PARTITION + if (nPartitionID == RPMB_PARTITION_ID) + { + if (nInstructionsIndex + sizeof(DELEGATION_RPMB_INSTRUCTION)-sizeof(uint32_t) <= nInstructionsBufferSize) + { + nInstructionsIndex+=sizeof(DELEGATION_RPMB_INSTRUCTION)-sizeof(uint32_t); + } + else + { + goto instruction_parse_end; + } + nError = rpmbWrite(&pInstruction->sAuthRW); + TRACE_INFO("INSTRUCTION: ID=0x%x pid=%d err=%d", (nInstructionID & 0x0F), nPartitionID, nError); + break; + } + else +#endif { /* Parse parameters */ uint32_t nSectorID; @@ -1317,7 +1483,7 @@ int main(int argc, char* argv[]) * Detach the daemon from the console */ -#if defined(LINUX) || (defined __ANDROID32__) +#if defined(LINUX) || (defined ANDROID) { /* * Turns this application into a daemon => fork off parent process, setup logging, ... diff --git a/security/tf_daemon/lib_uuid.h b/security/tf_daemon/lib_uuid.h new file mode 100644 index 0000000..acec4a0 --- /dev/null +++ b/security/tf_daemon/lib_uuid.h @@ -0,0 +1,155 @@ +/** + * Copyright(c) 2011 Trusted Logic. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * * Neither the name Trusted Logic nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef __LIB_UUID_H__ +#define __LIB_UUID_H__ + + +#include "s_type.h" + + +#ifdef __cplusplus +extern "C" { +#endif +#if 0 +} /* balance curly quotes */ +#endif + +/** + * LIB_UUID is deprecated use S_UUID instead. + * @deprecated + */ +typedef S_UUID LIB_UUID; +/** + * LIB_UUID_STRING_SIZE is deprecated use UUID_STRING_SIZE instead. + * @deprecated + */ +#define LIB_UUID_STRING_SIZE 36 + +/** + * Defines the UUID string size in characters + * + * E.g. "f81d4fae-7dec-11d0-a765-00a0c91e6bf6" + **/ +#define UUID_STRING_SIZE 36 + +/** + * Converts the string representation of an UUID to the binary representation as + * a S_UUID type. The binary UUID structure must be provided by the caller. + * + * @param pIdentifierString The UTF-8 representation of the identifier. This + * string does not need to be zero terminated. The decoder reads only + * the {UUID_STRING_SIZE} first bytes. + * + * @param pIdentifier The identifer structure receiving the binary value of + * the identifier. + * + * @return TRUE in case of success, FALSE if the string does not conform to the + * syntax of UUID as defined in RFC 4122 + * (http://www.ietf.org/rfc/rfc4122.txt) + **/ +bool libUUIDFromString( + IN const uint8_t* pIdentifierString, + OUT S_UUID* pIdentifier); + +/** + * Converts the binary representation of an UUID to the string representation. + * + * @param pIdentifier The identifer structure with the binary value of the + * identifier. + * + * @param pIdentifierString The buffer receiving the UTF-8 representation of + * the identifier. This string is not zero terminated. The encoder + * writes only the first {UUID_STRING_SIZE} bytes. + * + **/ +void libUUIDToString( + IN const S_UUID* pIdentifier, + OUT uint8_t* pIdentifierString); + +/** + * Generates an UUID from the specified MD5 hash value, as specified in section + * 4.3, Algorithm for Creating a Name-Based UUID, of RFC 4122. + * + * This function assumes that the hash value is 128-bit long. + * + * @param pHashData A pointer to the first byte of the MD5 hash data. Only the + * first 16 bytes of this hash data will be used to generate the UUID. + * + * @param pIdentifier A pointer to the placeholder receiving the generated + * identifier. + **/ +void libUUIDFromMD5Hash( + IN const uint8_t* pHashData, + OUT S_UUID* pIdentifier); + +/** + * Generates an UUID from the specified SHA-1 hash value, as specified in + * section 4.3, Algorithm for Creating a Name-Based UUID, of RFC 4122. + * + * This function assumes that the hash value is 128-bit long. + * + * @param pHashData A pointer to the first byte of the SHA-1 hash data. Only the + * first 16 bytes of this hash data will be used to generate the UUID. + * + * @param pIdentifier A pointer to the placeholder receiving the generated + * identifier. + **/ +void libUUIDFromSHA1Hash( + IN const uint8_t* pHashData, + OUT S_UUID* pIdentifier); + +/** + * Checks if an identifier is the nil identifier as specified in RFC 4122. + * + * @param pIdentifier The identifier to check. + * + * @return TRUE if the identifier is the nil identifier, FALSE otherwise. + **/ +bool libUUIDIsNil( + IN const S_UUID* pIdentifier); + +/** + * Sets an identifier to the nil value as specified in RFC 4122. + * + * @param pIdentifier The identifier to set to nil. + **/ +void libUUIDSetToNil( + OUT S_UUID* pIdentifier); + +#if 0 +{ /* balance curly quotes */ +#endif +#ifdef __cplusplus +} /* closes extern "C" */ +#endif + + +#endif /* !defined(__LIB_UUID_H__) */ diff --git a/security/tf_daemon/s_version.h b/security/tf_daemon/s_version.h index d112ea0..dd43c6a 100644 --- a/security/tf_daemon/s_version.h +++ b/security/tf_daemon/s_version.h @@ -58,15 +58,15 @@ /* * This version number must be updated for each new release */ -#define S_VERSION_MAIN "01.04" -#define S_VERSION_RESOURCE 1,4,0,S_VERSION_BUILD +#define S_VERSION_MAIN "01.06" +#define S_VERSION_RESOURCE 1,6,0,S_VERSION_BUILD /* * If this is a patch or engineering version use the following * defines to set the version number. Else set these values to 0. */ -#define S_VERSION_PATCH 11 -#define S_VERSION_ENG 0 +#define S_VERSION_ENG 1 +#define S_VERSION_PATCH 0 #ifdef S_VERSION_BUILD /* TRICK: detect if S_VERSION is defined but empty */ @@ -105,8 +105,8 @@ S_VERSION_OS \ S_VERSION_PLATFORM \ S_VERSION_MAIN \ - _S_VERSION_PATCH \ _S_VERSION_ENG \ + _S_VERSION_PATCH \ "." __STRINGIFY2(S_VERSION_BUILD) " " \ S_VERSION_VARIANT diff --git a/security/tf_daemon/service_delegation_protocol.h b/security/tf_daemon/service_delegation_protocol.h index 22b291d..bf831f8 100644 --- a/security/tf_daemon/service_delegation_protocol.h +++ b/security/tf_daemon/service_delegation_protocol.h @@ -70,6 +70,10 @@ #define DELEGATION_NOTIFY_TYPE_INFO 0x000000E3 #define DELEGATION_NOTIFY_TYPE_DEBUG 0x000000E4 +#ifdef SUPPORT_RPMB_PARTITION +#define RPMB_PARTITION_ID 14 +#endif + typedef struct { uint32_t nInstructionID; @@ -90,6 +94,21 @@ typedef struct uint32_t nWorkspaceOffset; } DELEGATION_RW_INSTRUCTION; +#ifdef SUPPORT_RPMB_PARTITION +typedef struct +{ + uint32_t nInstructionID; + uint8_t nMAC[32]; + uint32_t nWorkspaceOffset[16]; + uint8_t pNonce[16]; + uint32_t nMC; + uint16_t nAddr; + uint16_t nBlockCount; + uint16_t nResult; + uint16_t nRequest; +} DELEGATION_RPMB_INSTRUCTION; +#endif + typedef struct { uint32_t nInstructionID; @@ -102,6 +121,9 @@ typedef union DELEGATION_NOTIFY_INSTRUCTION sNotify; DELEGATION_RW_INSTRUCTION sReadWrite; DELEGATION_SET_SIZE_INSTRUCTION sSetSize; +#ifdef SUPPORT_RPMB_PARTITION + DELEGATION_RPMB_INSTRUCTION sAuthRW; +#endif } DELEGATION_INSTRUCTION; typedef struct diff --git a/security/tf_daemon/smc_properties.c b/security/tf_daemon/smc_properties.c index ce1e7e3..48bfa8c 100644 --- a/security/tf_daemon/smc_properties.c +++ b/security/tf_daemon/smc_properties.c @@ -76,7 +76,7 @@ typedef enum STATE_BINARY } INTEGER_FORMAT; -#if defined (LINUX) || defined(__ANDROID32__) +#if defined (LINUX) || defined(ANDROID) #define SEPARATOR_CHAR '/' #elif defined (WIN32) || defined (__SYMBIAN32__) || defined (_WIN32_WCE) @@ -151,7 +151,7 @@ static bool checkFilePath(char *pPath) printf("Path %s doesn't point on a directory.\n", pDir); return false; } -#if (!defined(__SYMBIAN32__)) && (!defined(_WIN32_WCE)) && (!defined(__ANDROID32__)) +#if (!defined(__SYMBIAN32__)) && (!defined(_WIN32_WCE)) && (!defined(ANDROID)) // TODO : under Symbian, Android and WM, check access right of a directory failed? I don't know why... /* check read access */ if ((buf.st_mode & S_IREAD) != S_IREAD) diff --git a/security/tf_daemon/smc_properties_parser.c b/security/tf_daemon/smc_properties_parser.c index 1f97224..8d0d676 100644 --- a/security/tf_daemon/smc_properties_parser.c +++ b/security/tf_daemon/smc_properties_parser.c @@ -42,6 +42,7 @@ #include "smc_properties_parser.h" #include "lib_manifest2.h" +#include "lib_uuid.h" #include "s_error.h" /* --------------------------------------------------------------------------------- @@ -57,7 +58,7 @@ #define GET_LAST_ERR errno #endif -#if defined (LINUX) || defined (__SYMBIAN32__) || defined (__ANDROID32__) +#if defined (LINUX) || defined (__SYMBIAN32__) || defined (ANDROID) #define STRICMP strcasecmp #elif defined(_WIN32_WCE) #define STRICMP _stricmp @@ -241,7 +242,7 @@ static NODE* SMCPropListFindElement(LIST* pList,char* pName,bool bIsCaseSensitiv static S_RESULT SMCPropYacc(uint8_t* pBuffer, uint32_t nBufferLength, - CONF_FILE* pConfFile) + CONF_FILE* pConfFile, SERVICE_SECTION* pService) { S_RESULT nError=S_SUCCESS; LIST *pPublicPropertyList=NULL; @@ -264,6 +265,15 @@ static S_RESULT SMCPropYacc(uint8_t* pBuffer, uint32_t nBufferLength, sParserContext.nManifestLength = nBufferLength; sParserContext.nType = LIB_MANIFEST2_TYPE_SOURCE_WITH_SECTIONS; + if (pService!=NULL) + { + pPublicPropertyList=&pService->sPublicPropertyList; + pPrivatePropertyList=&pService->sPrivatePropertyList; + /* read inside a service compiled manifest */ + sParserContext.nType = LIB_MANIFEST2_TYPE_COMPILED; + sprintf(serviceManifestName, "%s(manifest)", pService->sNode.pName); + sParserContext.pManifestName = serviceManifestName; + } libManifest2InitContext(&sParserContext); while (true) @@ -382,6 +392,47 @@ static S_RESULT SMCPropYacc(uint8_t* pBuffer, uint32_t nBufferLength, } else { + if (strcmp(pProperty->sNode.pName,CONFIG_SERVICE_ID_PROPERTY_NAME) == 0) + { + if (pService!=NULL) + { + pService->sNode.pName=malloc(nValueLength+1); + if (pService->sNode.pName==NULL) + { + nError=S_ERROR_OUT_OF_MEMORY; + goto error; + } +#if defined (LINUX) || defined (__SYMBIAN32__) || defined(ANDROID) + { + // put each char of the value in uppercase + char* p=pProperty->pValue; + while(*p) + { + *p=toupper(*p); + p++; + } + } +#else + _strupr(pProperty->pValue); +#endif + memcpy(pService->sNode.pName,pProperty->pValue,nValueLength+1); + + if (!libUUIDFromString((const uint8_t*)pProperty->pValue,&pService->sUUID)) + { + nError=S_ERROR_WRONG_SIGNATURE; + goto error; + } + { + S_UUID sNullUUID; + memset(&sNullUUID,0,sizeof(S_UUID)); + if (!memcmp(&pService->sUUID,&sNullUUID,sizeof(S_UUID))) + { + nError=S_ERROR_WRONG_SIGNATURE; + goto error; + } + } + } + } if ((nValueLength > strlen(CONFIG_PROPERTY_NAME)) && (memcmp(pProperty->sNode.pName, CONFIG_PROPERTY_NAME, strlen(CONFIG_PROPERTY_NAME)) == 0)) { @@ -411,10 +462,10 @@ error: TRACE_ERROR("Configuration file: wrong service UUID: %s\n", pValueZ); break; case S_ERROR_OUT_OF_MEMORY: - TRACE_ERROR("Out of memory\n"); + TRACE_ERROR("Out of memory\n"); break; case S_ERROR_ITEM_NOT_FOUND: - TRACE_ERROR("Configuration file: service \"%s\" not found\n", pNameZ); + TRACE_ERROR("Configuration file: service \"%s\" not found\n", pNameZ); break; } } @@ -544,7 +595,7 @@ S_RESULT SMCPropParseConfigFile(char* pConfigFilename,CONF_FILE* pConfFile) assert(0); } - nError=SMCPropYacc(pFile,nFileLength,pConfFile); + nError=SMCPropYacc(pFile,nFileLength,pConfFile,NULL); if(pConfigFilename != NULL) { |