1fc0b0055Sopenharmony_ci/* 2fc0b0055Sopenharmony_ci * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3fc0b0055Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4fc0b0055Sopenharmony_ci * you may not use this file except in compliance with the License. 5fc0b0055Sopenharmony_ci * You may obtain a copy of the License at 6fc0b0055Sopenharmony_ci * 7fc0b0055Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8fc0b0055Sopenharmony_ci * 9fc0b0055Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10fc0b0055Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11fc0b0055Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12fc0b0055Sopenharmony_ci * See the License for the specific language governing permissions and 13fc0b0055Sopenharmony_ci * limitations under the License. 14fc0b0055Sopenharmony_ci */ 15fc0b0055Sopenharmony_ci#include "nativetoken.h" 16fc0b0055Sopenharmony_ci 17fc0b0055Sopenharmony_ci#ifdef WITH_SELINUX 18fc0b0055Sopenharmony_ci#include <policycoreutils.h> 19fc0b0055Sopenharmony_ci#endif // WITH_SELINUX 20fc0b0055Sopenharmony_ci 21fc0b0055Sopenharmony_ci#include <errno.h> 22fc0b0055Sopenharmony_ci#include <fcntl.h> 23fc0b0055Sopenharmony_ci#include <stdio.h> 24fc0b0055Sopenharmony_ci#include <stdlib.h> 25fc0b0055Sopenharmony_ci#include <string.h> 26fc0b0055Sopenharmony_ci#include <sys/stat.h> 27fc0b0055Sopenharmony_ci#include <unistd.h> 28fc0b0055Sopenharmony_ci#include "securec.h" 29fc0b0055Sopenharmony_ci#include "nativetoken_json_oper.h" 30fc0b0055Sopenharmony_ci#include "nativetoken_kit.h" 31fc0b0055Sopenharmony_ci#include "nativetoken_klog.h" 32fc0b0055Sopenharmony_ci 33fc0b0055Sopenharmony_ci 34fc0b0055Sopenharmony_ciNativeTokenList *g_tokenListHead; 35fc0b0055Sopenharmony_ciint32_t g_isNativeTokenInited = 0; 36fc0b0055Sopenharmony_ci 37fc0b0055Sopenharmony_ciint32_t GetFileBuff(const char *cfg, char **retBuff) 38fc0b0055Sopenharmony_ci{ 39fc0b0055Sopenharmony_ci struct stat fileStat; 40fc0b0055Sopenharmony_ci 41fc0b0055Sopenharmony_ci char filePath[PATH_MAX_LEN + 1] = {0}; 42fc0b0055Sopenharmony_ci if (realpath(cfg, filePath) == NULL) { 43fc0b0055Sopenharmony_ci if (errno == ENOENT) { 44fc0b0055Sopenharmony_ci /* file doesn't exist */ 45fc0b0055Sopenharmony_ci *retBuff = NULL; 46fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 47fc0b0055Sopenharmony_ci } 48fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:invalid filePath.", __func__); 49fc0b0055Sopenharmony_ci return ATRET_FAILED; 50fc0b0055Sopenharmony_ci } 51fc0b0055Sopenharmony_ci 52fc0b0055Sopenharmony_ci if (stat(filePath, &fileStat) != 0) { 53fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:stat file failed.", __func__); 54fc0b0055Sopenharmony_ci return ATRET_FAILED; 55fc0b0055Sopenharmony_ci } 56fc0b0055Sopenharmony_ci 57fc0b0055Sopenharmony_ci if (fileStat.st_size == 0) { 58fc0b0055Sopenharmony_ci *retBuff = NULL; 59fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 60fc0b0055Sopenharmony_ci } 61fc0b0055Sopenharmony_ci 62fc0b0055Sopenharmony_ci if (fileStat.st_size > MAX_JSON_FILE_LEN) { 63fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:stat file size is invalid.", __func__); 64fc0b0055Sopenharmony_ci return ATRET_FAILED; 65fc0b0055Sopenharmony_ci } 66fc0b0055Sopenharmony_ci 67fc0b0055Sopenharmony_ci size_t fileSize = (unsigned)fileStat.st_size; 68fc0b0055Sopenharmony_ci 69fc0b0055Sopenharmony_ci FILE *cfgFd = fopen(filePath, "r"); 70fc0b0055Sopenharmony_ci if (cfgFd == NULL) { 71fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fopen file failed.", __func__); 72fc0b0055Sopenharmony_ci return ATRET_FAILED; 73fc0b0055Sopenharmony_ci } 74fc0b0055Sopenharmony_ci 75fc0b0055Sopenharmony_ci char *buff = (char *)malloc((size_t)(fileSize + 1)); 76fc0b0055Sopenharmony_ci if (buff == NULL) { 77fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:memory alloc failed.", __func__); 78fc0b0055Sopenharmony_ci (void)fclose(cfgFd); 79fc0b0055Sopenharmony_ci return ATRET_FAILED; 80fc0b0055Sopenharmony_ci } 81fc0b0055Sopenharmony_ci 82fc0b0055Sopenharmony_ci if (fread(buff, fileSize, 1, cfgFd) != 1) { 83fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fread failed.", __func__); 84fc0b0055Sopenharmony_ci free(buff); 85fc0b0055Sopenharmony_ci buff = NULL; 86fc0b0055Sopenharmony_ci (void)fclose(cfgFd); 87fc0b0055Sopenharmony_ci return ATRET_FAILED; 88fc0b0055Sopenharmony_ci } 89fc0b0055Sopenharmony_ci buff[fileSize] = '\0'; 90fc0b0055Sopenharmony_ci *retBuff = buff; 91fc0b0055Sopenharmony_ci (void)fclose(cfgFd); 92fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 93fc0b0055Sopenharmony_ci} 94fc0b0055Sopenharmony_ci 95fc0b0055Sopenharmony_cistatic void StrAttrSet(StrArrayAttr *attr, uint32_t maxStrLen, int32_t maxStrNum, const char *strKey) 96fc0b0055Sopenharmony_ci{ 97fc0b0055Sopenharmony_ci attr->maxStrLen = maxStrLen; 98fc0b0055Sopenharmony_ci attr->maxStrNum = maxStrNum; 99fc0b0055Sopenharmony_ci attr->strKey = strKey; 100fc0b0055Sopenharmony_ci} 101fc0b0055Sopenharmony_ci 102fc0b0055Sopenharmony_cistatic int32_t GetNativeTokenFromJson(cJSON *cjsonItem, NativeTokenList *tokenNode) 103fc0b0055Sopenharmony_ci{ 104fc0b0055Sopenharmony_ci uint32_t ret; 105fc0b0055Sopenharmony_ci StrArrayAttr attr; 106fc0b0055Sopenharmony_ci 107fc0b0055Sopenharmony_ci ret = GetProcessNameFromJson(cjsonItem, tokenNode); 108fc0b0055Sopenharmony_ci ret |= GetTokenIdFromJson(cjsonItem, tokenNode); 109fc0b0055Sopenharmony_ci ret |= GetAplFromJson(cjsonItem, tokenNode); 110fc0b0055Sopenharmony_ci 111fc0b0055Sopenharmony_ci StrAttrSet(&attr, MAX_DCAP_LEN, MAX_DCAPS_NUM, DCAPS_KEY_NAME); 112fc0b0055Sopenharmony_ci ret |= GetInfoArrFromJson(cjsonItem, tokenNode->dcaps, &(tokenNode->dcapsNum), &attr); 113fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 114fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:GetInfoArrFromJson failed for dcaps.", __func__); 115fc0b0055Sopenharmony_ci return ATRET_FAILED; 116fc0b0055Sopenharmony_ci } 117fc0b0055Sopenharmony_ci 118fc0b0055Sopenharmony_ci StrAttrSet(&attr, MAX_PERM_LEN, MAX_PERM_NUM, PERMS_KEY_NAME); 119fc0b0055Sopenharmony_ci ret = GetInfoArrFromJson(cjsonItem, tokenNode->perms, &(tokenNode->permsNum), &attr); 120fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 121fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->dcaps, tokenNode->dcapsNum - 1); 122fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:GetInfoArrFromJson failed for perms.", __func__); 123fc0b0055Sopenharmony_ci return ATRET_FAILED; 124fc0b0055Sopenharmony_ci } 125fc0b0055Sopenharmony_ci 126fc0b0055Sopenharmony_ci StrAttrSet(&attr, MAX_PERM_LEN, MAX_PERM_NUM, ACLS_KEY_NAME); 127fc0b0055Sopenharmony_ci ret = GetInfoArrFromJson(cjsonItem, tokenNode->acls, &(tokenNode->aclsNum), &attr); 128fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 129fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->dcaps, tokenNode->dcapsNum - 1); 130fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->perms, tokenNode->permsNum - 1); 131fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:GetInfoArrFromJson failed for acls.", __func__); 132fc0b0055Sopenharmony_ci return ATRET_FAILED; 133fc0b0055Sopenharmony_ci } 134fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 135fc0b0055Sopenharmony_ci} 136fc0b0055Sopenharmony_ci 137fc0b0055Sopenharmony_cistatic int32_t GetTokenList(const cJSON *object) 138fc0b0055Sopenharmony_ci{ 139fc0b0055Sopenharmony_ci NativeTokenList *tmp = NULL; 140fc0b0055Sopenharmony_ci 141fc0b0055Sopenharmony_ci if (object == NULL) { 142fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:object is null.", __func__); 143fc0b0055Sopenharmony_ci return ATRET_FAILED; 144fc0b0055Sopenharmony_ci } 145fc0b0055Sopenharmony_ci int32_t arraySize = cJSON_GetArraySize(object); 146fc0b0055Sopenharmony_ci 147fc0b0055Sopenharmony_ci for (int32_t i = 0; i < arraySize; i++) { 148fc0b0055Sopenharmony_ci tmp = (NativeTokenList *)malloc(sizeof(NativeTokenList)); 149fc0b0055Sopenharmony_ci if (tmp == NULL) { 150fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:memory alloc failed.", __func__); 151fc0b0055Sopenharmony_ci return ATRET_FAILED; 152fc0b0055Sopenharmony_ci } 153fc0b0055Sopenharmony_ci cJSON *cjsonItem = cJSON_GetArrayItem(object, i); 154fc0b0055Sopenharmony_ci if (cjsonItem == NULL) { 155fc0b0055Sopenharmony_ci free(tmp); 156fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_GetArrayItem failed.", __func__); 157fc0b0055Sopenharmony_ci return ATRET_FAILED; 158fc0b0055Sopenharmony_ci } 159fc0b0055Sopenharmony_ci if (GetNativeTokenFromJson(cjsonItem, tmp) != ATRET_SUCCESS) { 160fc0b0055Sopenharmony_ci free(tmp); 161fc0b0055Sopenharmony_ci return ATRET_FAILED; 162fc0b0055Sopenharmony_ci } 163fc0b0055Sopenharmony_ci 164fc0b0055Sopenharmony_ci tmp->next = g_tokenListHead->next; 165fc0b0055Sopenharmony_ci g_tokenListHead->next = tmp; 166fc0b0055Sopenharmony_ci } 167fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 168fc0b0055Sopenharmony_ci} 169fc0b0055Sopenharmony_ci 170fc0b0055Sopenharmony_cistatic int32_t ParseTokenInfo(void) 171fc0b0055Sopenharmony_ci{ 172fc0b0055Sopenharmony_ci char *fileBuff = NULL; 173fc0b0055Sopenharmony_ci cJSON *record = NULL; 174fc0b0055Sopenharmony_ci int32_t ret; 175fc0b0055Sopenharmony_ci 176fc0b0055Sopenharmony_ci ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); 177fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 178fc0b0055Sopenharmony_ci return ret; 179fc0b0055Sopenharmony_ci } 180fc0b0055Sopenharmony_ci if (fileBuff == NULL) { 181fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 182fc0b0055Sopenharmony_ci } 183fc0b0055Sopenharmony_ci record = cJSON_Parse(fileBuff); 184fc0b0055Sopenharmony_ci free(fileBuff); 185fc0b0055Sopenharmony_ci fileBuff = NULL; 186fc0b0055Sopenharmony_ci 187fc0b0055Sopenharmony_ci ret = GetTokenList(record); 188fc0b0055Sopenharmony_ci cJSON_Delete(record); 189fc0b0055Sopenharmony_ci 190fc0b0055Sopenharmony_ci return ret; 191fc0b0055Sopenharmony_ci} 192fc0b0055Sopenharmony_ci 193fc0b0055Sopenharmony_cistatic int32_t CreateCfgFile(void) 194fc0b0055Sopenharmony_ci{ 195fc0b0055Sopenharmony_ci int32_t fd = open(TOKEN_ID_CFG_FILE_PATH, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP); 196fc0b0055Sopenharmony_ci if (fd < 0) { 197fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__); 198fc0b0055Sopenharmony_ci return ATRET_FAILED; 199fc0b0055Sopenharmony_ci } 200fc0b0055Sopenharmony_ci 201fc0b0055Sopenharmony_ci#ifdef WITH_SELINUX 202fc0b0055Sopenharmony_ci Restorecon(TOKEN_ID_CFG_FILE_PATH); 203fc0b0055Sopenharmony_ci#endif // WITH_SELINUX 204fc0b0055Sopenharmony_ci 205fc0b0055Sopenharmony_ci close(fd); 206fc0b0055Sopenharmony_ci fd = -1; 207fc0b0055Sopenharmony_ci 208fc0b0055Sopenharmony_ci struct stat buf; 209fc0b0055Sopenharmony_ci if (stat(TOKEN_ID_CFG_DIR_PATH, &buf) != 0) { 210fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:stat folder path is invalid %d.", __func__, errno); 211fc0b0055Sopenharmony_ci return ATRET_FAILED; 212fc0b0055Sopenharmony_ci } 213fc0b0055Sopenharmony_ci if (chown(TOKEN_ID_CFG_FILE_PATH, buf.st_uid, buf.st_gid) != 0) { 214fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:chown failed, errno is %d.", __func__, errno); 215fc0b0055Sopenharmony_ci return ATRET_FAILED; 216fc0b0055Sopenharmony_ci } 217fc0b0055Sopenharmony_ci 218fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 219fc0b0055Sopenharmony_ci} 220fc0b0055Sopenharmony_ci 221fc0b0055Sopenharmony_ciint32_t AtlibInit(void) 222fc0b0055Sopenharmony_ci{ 223fc0b0055Sopenharmony_ci g_tokenListHead = (NativeTokenList *)malloc(sizeof(NativeTokenList)); 224fc0b0055Sopenharmony_ci if (g_tokenListHead == NULL) { 225fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:g_tokenListHead memory alloc failed.", __func__); 226fc0b0055Sopenharmony_ci return ATRET_FAILED; 227fc0b0055Sopenharmony_ci } 228fc0b0055Sopenharmony_ci g_tokenListHead->next = NULL; 229fc0b0055Sopenharmony_ci 230fc0b0055Sopenharmony_ci int32_t ret = ParseTokenInfo(); 231fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 232fc0b0055Sopenharmony_ci free(g_tokenListHead); 233fc0b0055Sopenharmony_ci g_tokenListHead = NULL; 234fc0b0055Sopenharmony_ci return ret; 235fc0b0055Sopenharmony_ci } 236fc0b0055Sopenharmony_ci 237fc0b0055Sopenharmony_ci if (g_tokenListHead->next == NULL) { 238fc0b0055Sopenharmony_ci if (CreateCfgFile() != ATRET_SUCCESS) { 239fc0b0055Sopenharmony_ci free(g_tokenListHead); 240fc0b0055Sopenharmony_ci g_tokenListHead = NULL; 241fc0b0055Sopenharmony_ci return ATRET_FAILED; 242fc0b0055Sopenharmony_ci } 243fc0b0055Sopenharmony_ci } 244fc0b0055Sopenharmony_ci g_isNativeTokenInited = 1; 245fc0b0055Sopenharmony_ci 246fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 247fc0b0055Sopenharmony_ci} 248fc0b0055Sopenharmony_ci 249fc0b0055Sopenharmony_cistatic int32_t GetRandomTokenId(uint32_t *randNum) 250fc0b0055Sopenharmony_ci{ 251fc0b0055Sopenharmony_ci uint32_t random; 252fc0b0055Sopenharmony_ci ssize_t len; 253fc0b0055Sopenharmony_ci int32_t fd = open("/dev/urandom", O_RDONLY); 254fc0b0055Sopenharmony_ci if (fd < 0) { 255fc0b0055Sopenharmony_ci return ATRET_FAILED; 256fc0b0055Sopenharmony_ci } 257fc0b0055Sopenharmony_ci len = read(fd, &random, sizeof(random)); 258fc0b0055Sopenharmony_ci (void)close(fd); 259fc0b0055Sopenharmony_ci 260fc0b0055Sopenharmony_ci if (len != sizeof(random)) { 261fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:read failed.", __func__); 262fc0b0055Sopenharmony_ci return ATRET_FAILED; 263fc0b0055Sopenharmony_ci } 264fc0b0055Sopenharmony_ci *randNum = random; 265fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 266fc0b0055Sopenharmony_ci} 267fc0b0055Sopenharmony_ci 268fc0b0055Sopenharmony_cistatic int32_t IsTokenUniqueIdExist(uint32_t tokenUniqueId) 269fc0b0055Sopenharmony_ci{ 270fc0b0055Sopenharmony_ci NativeTokenList *tokenNode = g_tokenListHead->next; 271fc0b0055Sopenharmony_ci while (tokenNode != NULL) { 272fc0b0055Sopenharmony_ci AtInnerInfo *existToken = (AtInnerInfo *)&(tokenNode->tokenId); 273fc0b0055Sopenharmony_ci if (tokenUniqueId == existToken->tokenUniqueId) { 274fc0b0055Sopenharmony_ci return 1; 275fc0b0055Sopenharmony_ci } 276fc0b0055Sopenharmony_ci tokenNode = tokenNode->next; 277fc0b0055Sopenharmony_ci } 278fc0b0055Sopenharmony_ci return 0; 279fc0b0055Sopenharmony_ci} 280fc0b0055Sopenharmony_ci 281fc0b0055Sopenharmony_cistatic NativeAtId CreateNativeTokenId(const char *processName) 282fc0b0055Sopenharmony_ci{ 283fc0b0055Sopenharmony_ci uint32_t rand; 284fc0b0055Sopenharmony_ci NativeAtId tokenId; 285fc0b0055Sopenharmony_ci AtInnerInfo *innerId = (AtInnerInfo *)(&tokenId); 286fc0b0055Sopenharmony_ci int32_t retry = MAX_RETRY_TIMES; 287fc0b0055Sopenharmony_ci 288fc0b0055Sopenharmony_ci while (retry > 0) { 289fc0b0055Sopenharmony_ci if (GetRandomTokenId(&rand) != ATRET_SUCCESS) { 290fc0b0055Sopenharmony_ci return INVALID_TOKEN_ID; 291fc0b0055Sopenharmony_ci } 292fc0b0055Sopenharmony_ci if (IsTokenUniqueIdExist(rand & (TOKEN_RANDOM_MASK)) == 0) { 293fc0b0055Sopenharmony_ci break; 294fc0b0055Sopenharmony_ci } 295fc0b0055Sopenharmony_ci retry--; 296fc0b0055Sopenharmony_ci } 297fc0b0055Sopenharmony_ci if (retry == 0) { 298fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:retry times is 0.", __func__); 299fc0b0055Sopenharmony_ci return INVALID_TOKEN_ID; 300fc0b0055Sopenharmony_ci } 301fc0b0055Sopenharmony_ci 302fc0b0055Sopenharmony_ci innerId->reserved = 0; 303fc0b0055Sopenharmony_ci innerId->tokenUniqueId = rand & (TOKEN_RANDOM_MASK); 304fc0b0055Sopenharmony_ci innerId->version = 1; 305fc0b0055Sopenharmony_ci 306fc0b0055Sopenharmony_ci if (strcmp(processName, HDC_PROCESS_NAME) == 0) { 307fc0b0055Sopenharmony_ci innerId->type = TOKEN_SHELL_TYPE; 308fc0b0055Sopenharmony_ci } else { 309fc0b0055Sopenharmony_ci innerId->type = TOKEN_NATIVE_TYPE; 310fc0b0055Sopenharmony_ci } 311fc0b0055Sopenharmony_ci 312fc0b0055Sopenharmony_ci return tokenId; 313fc0b0055Sopenharmony_ci} 314fc0b0055Sopenharmony_ci 315fc0b0055Sopenharmony_cistatic int32_t GetAplLevel(const char *aplStr) 316fc0b0055Sopenharmony_ci{ 317fc0b0055Sopenharmony_ci if (aplStr == NULL) { 318fc0b0055Sopenharmony_ci return 0; 319fc0b0055Sopenharmony_ci } 320fc0b0055Sopenharmony_ci if (strcmp(aplStr, "system_core") == 0) { 321fc0b0055Sopenharmony_ci return SYSTEM_CORE; // system_core means apl level is 3 322fc0b0055Sopenharmony_ci } 323fc0b0055Sopenharmony_ci if (strcmp(aplStr, "system_basic") == 0) { 324fc0b0055Sopenharmony_ci return SYSTEM_BASIC; // system_basic means apl level is 2 325fc0b0055Sopenharmony_ci } 326fc0b0055Sopenharmony_ci if (strcmp(aplStr, "normal") == 0) { 327fc0b0055Sopenharmony_ci return NORMAL; 328fc0b0055Sopenharmony_ci } 329fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:aplStr is invalid.", __func__); 330fc0b0055Sopenharmony_ci return 0; 331fc0b0055Sopenharmony_ci} 332fc0b0055Sopenharmony_ci 333fc0b0055Sopenharmony_cistatic void WriteToFile(const cJSON *root) 334fc0b0055Sopenharmony_ci{ 335fc0b0055Sopenharmony_ci char *jsonStr = NULL; 336fc0b0055Sopenharmony_ci jsonStr = cJSON_PrintUnformatted(root); 337fc0b0055Sopenharmony_ci if (jsonStr == NULL) { 338fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:cJSON_PrintUnformatted failed.", __func__); 339fc0b0055Sopenharmony_ci return; 340fc0b0055Sopenharmony_ci } 341fc0b0055Sopenharmony_ci 342fc0b0055Sopenharmony_ci do { 343fc0b0055Sopenharmony_ci int32_t fd = open(TOKEN_ID_CFG_FILE_PATH, O_RDWR | O_CREAT | O_TRUNC, 344fc0b0055Sopenharmony_ci S_IRUSR | S_IWUSR | S_IRGRP); 345fc0b0055Sopenharmony_ci if (fd < 0) { 346fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:open failed.", __func__); 347fc0b0055Sopenharmony_ci break; 348fc0b0055Sopenharmony_ci } 349fc0b0055Sopenharmony_ci size_t strLen = strlen(jsonStr); 350fc0b0055Sopenharmony_ci ssize_t writtenLen = write(fd, (void *)jsonStr, (size_t)strLen); 351fc0b0055Sopenharmony_ci if (fsync(fd) != 0) { 352fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:fsync failed, errno is %d.", __func__, errno); 353fc0b0055Sopenharmony_ci } 354fc0b0055Sopenharmony_ci close(fd); 355fc0b0055Sopenharmony_ci if (writtenLen < 0 || (size_t)writtenLen != strLen) { 356fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:write failed, writtenLen is %zu.", __func__, writtenLen); 357fc0b0055Sopenharmony_ci break; 358fc0b0055Sopenharmony_ci } 359fc0b0055Sopenharmony_ci } while (0); 360fc0b0055Sopenharmony_ci 361fc0b0055Sopenharmony_ci cJSON_free(jsonStr); 362fc0b0055Sopenharmony_ci return; 363fc0b0055Sopenharmony_ci} 364fc0b0055Sopenharmony_ci 365fc0b0055Sopenharmony_cistatic void SaveTokenIdToCfg(const NativeTokenList *curr) 366fc0b0055Sopenharmony_ci{ 367fc0b0055Sopenharmony_ci char *fileBuff = NULL; 368fc0b0055Sopenharmony_ci cJSON *record = NULL; 369fc0b0055Sopenharmony_ci int32_t ret; 370fc0b0055Sopenharmony_ci 371fc0b0055Sopenharmony_ci ret = GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuff); 372fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 373fc0b0055Sopenharmony_ci return; 374fc0b0055Sopenharmony_ci } 375fc0b0055Sopenharmony_ci 376fc0b0055Sopenharmony_ci if (fileBuff == NULL) { 377fc0b0055Sopenharmony_ci record = cJSON_CreateArray(); 378fc0b0055Sopenharmony_ci } else { 379fc0b0055Sopenharmony_ci record = cJSON_Parse(fileBuff); 380fc0b0055Sopenharmony_ci free(fileBuff); 381fc0b0055Sopenharmony_ci fileBuff = NULL; 382fc0b0055Sopenharmony_ci } 383fc0b0055Sopenharmony_ci 384fc0b0055Sopenharmony_ci if (record == NULL) { 385fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:get record failed.", __func__); 386fc0b0055Sopenharmony_ci return; 387fc0b0055Sopenharmony_ci } 388fc0b0055Sopenharmony_ci 389fc0b0055Sopenharmony_ci cJSON *node = CreateNativeTokenJsonObject(curr); 390fc0b0055Sopenharmony_ci if (node == NULL) { 391fc0b0055Sopenharmony_ci cJSON_Delete(record); 392fc0b0055Sopenharmony_ci return; 393fc0b0055Sopenharmony_ci } 394fc0b0055Sopenharmony_ci cJSON_AddItemToArray(record, node); 395fc0b0055Sopenharmony_ci 396fc0b0055Sopenharmony_ci WriteToFile(record); 397fc0b0055Sopenharmony_ci cJSON_Delete(record); 398fc0b0055Sopenharmony_ci return; 399fc0b0055Sopenharmony_ci} 400fc0b0055Sopenharmony_ci 401fc0b0055Sopenharmony_cistatic uint32_t CheckStrArray(const char **strArray, int32_t strNum, int32_t maxNum, uint32_t maxInfoLen) 402fc0b0055Sopenharmony_ci{ 403fc0b0055Sopenharmony_ci if (((strArray == NULL) && (strNum != 0)) || 404fc0b0055Sopenharmony_ci (strNum > maxNum) || (strNum < 0)) { 405fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strArray is null or strNum is invalid.", __func__); 406fc0b0055Sopenharmony_ci return ATRET_FAILED; 407fc0b0055Sopenharmony_ci } 408fc0b0055Sopenharmony_ci for (int32_t i = 0; i < strNum; i++) { 409fc0b0055Sopenharmony_ci if ((strArray[i] == NULL) || (strlen(strArray[i]) > maxInfoLen) || (strlen(strArray[i]) == 0)) { 410fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strArray[%d] length is invalid.", __func__, i); 411fc0b0055Sopenharmony_ci return ATRET_FAILED; 412fc0b0055Sopenharmony_ci } 413fc0b0055Sopenharmony_ci } 414fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 415fc0b0055Sopenharmony_ci} 416fc0b0055Sopenharmony_ci 417fc0b0055Sopenharmony_cistatic uint32_t CheckProcessInfo(NativeTokenInfoParams *tokenInfo, int32_t *aplRet) 418fc0b0055Sopenharmony_ci{ 419fc0b0055Sopenharmony_ci if ((tokenInfo->processName == NULL) || strlen(tokenInfo->processName) > MAX_PROCESS_NAME_LEN || 420fc0b0055Sopenharmony_ci strlen(tokenInfo->processName) == 0) { 421fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:processName is invalid.", __func__); 422fc0b0055Sopenharmony_ci return ATRET_FAILED; 423fc0b0055Sopenharmony_ci } 424fc0b0055Sopenharmony_ci uint32_t retDcap = CheckStrArray(tokenInfo->dcaps, tokenInfo->dcapsNum, MAX_DCAPS_NUM, MAX_DCAP_LEN); 425fc0b0055Sopenharmony_ci if (retDcap != ATRET_SUCCESS) { 426fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:dcaps is invalid.", __func__); 427fc0b0055Sopenharmony_ci return ATRET_FAILED; 428fc0b0055Sopenharmony_ci } 429fc0b0055Sopenharmony_ci uint32_t retPerm = CheckStrArray(tokenInfo->perms, tokenInfo->permsNum, MAX_PERM_NUM, MAX_PERM_LEN); 430fc0b0055Sopenharmony_ci if (retPerm != ATRET_SUCCESS) { 431fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:perms is invalid.", __func__); 432fc0b0055Sopenharmony_ci return ATRET_FAILED; 433fc0b0055Sopenharmony_ci } 434fc0b0055Sopenharmony_ci 435fc0b0055Sopenharmony_ci uint32_t retAcl = CheckStrArray(tokenInfo->acls, tokenInfo->aclsNum, MAX_PERM_NUM, MAX_PERM_LEN); 436fc0b0055Sopenharmony_ci if (retAcl != ATRET_SUCCESS) { 437fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:acls is invalid.", __func__); 438fc0b0055Sopenharmony_ci return ATRET_FAILED; 439fc0b0055Sopenharmony_ci } 440fc0b0055Sopenharmony_ci 441fc0b0055Sopenharmony_ci if (tokenInfo->aclsNum > tokenInfo->permsNum) { 442fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:aclsNum is invalid.", __func__); 443fc0b0055Sopenharmony_ci return ATRET_FAILED; 444fc0b0055Sopenharmony_ci } 445fc0b0055Sopenharmony_ci int32_t apl = GetAplLevel(tokenInfo->aplStr); 446fc0b0055Sopenharmony_ci if (apl == 0) { 447fc0b0055Sopenharmony_ci return ATRET_FAILED; 448fc0b0055Sopenharmony_ci } 449fc0b0055Sopenharmony_ci *aplRet = apl; 450fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 451fc0b0055Sopenharmony_ci} 452fc0b0055Sopenharmony_ci 453fc0b0055Sopenharmony_cistatic uint32_t CreateStrArray(int32_t num, const char **strArr, char **strArrRes) 454fc0b0055Sopenharmony_ci{ 455fc0b0055Sopenharmony_ci for (int32_t i = 0; i < num; i++) { 456fc0b0055Sopenharmony_ci strArrRes[i] = (char *)malloc(sizeof(char) * (strlen(strArr[i]) + 1)); 457fc0b0055Sopenharmony_ci if (strArrRes[i] == NULL || 458fc0b0055Sopenharmony_ci (strcpy_s(strArrRes[i], strlen(strArr[i]) + 1, strArr[i]) != EOK)) { 459fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:copy strArr[%d] failed.", __func__, i); 460fc0b0055Sopenharmony_ci FreeStrArray(strArrRes, i); 461fc0b0055Sopenharmony_ci return ATRET_FAILED; 462fc0b0055Sopenharmony_ci } 463fc0b0055Sopenharmony_ci } 464fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 465fc0b0055Sopenharmony_ci} 466fc0b0055Sopenharmony_ci 467fc0b0055Sopenharmony_cistatic uint32_t AddNewTokenToListAndFile(const NativeTokenInfoParams *tokenInfo, 468fc0b0055Sopenharmony_ci int32_t aplIn, NativeAtId *tokenId) 469fc0b0055Sopenharmony_ci{ 470fc0b0055Sopenharmony_ci NativeTokenList *tokenNode; 471fc0b0055Sopenharmony_ci NativeAtId id; 472fc0b0055Sopenharmony_ci 473fc0b0055Sopenharmony_ci id = CreateNativeTokenId(tokenInfo->processName); 474fc0b0055Sopenharmony_ci if (id == INVALID_TOKEN_ID) { 475fc0b0055Sopenharmony_ci return ATRET_FAILED; 476fc0b0055Sopenharmony_ci } 477fc0b0055Sopenharmony_ci 478fc0b0055Sopenharmony_ci tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); 479fc0b0055Sopenharmony_ci if (tokenNode == NULL) { 480fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:memory alloc failed.", __func__); 481fc0b0055Sopenharmony_ci return ATRET_FAILED; 482fc0b0055Sopenharmony_ci } 483fc0b0055Sopenharmony_ci tokenNode->tokenId = id; 484fc0b0055Sopenharmony_ci tokenNode->apl = aplIn; 485fc0b0055Sopenharmony_ci if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN + 1, tokenInfo->processName) != EOK) { 486fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strcpy_s failed.", __func__); 487fc0b0055Sopenharmony_ci free(tokenNode); 488fc0b0055Sopenharmony_ci return ATRET_FAILED; 489fc0b0055Sopenharmony_ci } 490fc0b0055Sopenharmony_ci tokenNode->dcapsNum = tokenInfo->dcapsNum; 491fc0b0055Sopenharmony_ci tokenNode->permsNum = tokenInfo->permsNum; 492fc0b0055Sopenharmony_ci tokenNode->aclsNum = tokenInfo->aclsNum; 493fc0b0055Sopenharmony_ci 494fc0b0055Sopenharmony_ci if (CreateStrArray(tokenInfo->dcapsNum, tokenInfo->dcaps, tokenNode->dcaps) != ATRET_SUCCESS) { 495fc0b0055Sopenharmony_ci free(tokenNode); 496fc0b0055Sopenharmony_ci return ATRET_FAILED; 497fc0b0055Sopenharmony_ci } 498fc0b0055Sopenharmony_ci if (CreateStrArray(tokenInfo->permsNum, tokenInfo->perms, tokenNode->perms) != ATRET_SUCCESS) { 499fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->dcaps, tokenInfo->dcapsNum - 1); 500fc0b0055Sopenharmony_ci free(tokenNode); 501fc0b0055Sopenharmony_ci return ATRET_FAILED; 502fc0b0055Sopenharmony_ci } 503fc0b0055Sopenharmony_ci if (CreateStrArray(tokenInfo->aclsNum, tokenInfo->acls, tokenNode->acls) != ATRET_SUCCESS) { 504fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->dcaps, tokenInfo->dcapsNum - 1); 505fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->perms, tokenInfo->permsNum - 1); 506fc0b0055Sopenharmony_ci free(tokenNode); 507fc0b0055Sopenharmony_ci return ATRET_FAILED; 508fc0b0055Sopenharmony_ci } 509fc0b0055Sopenharmony_ci 510fc0b0055Sopenharmony_ci tokenNode->next = g_tokenListHead->next; 511fc0b0055Sopenharmony_ci g_tokenListHead->next = tokenNode; 512fc0b0055Sopenharmony_ci 513fc0b0055Sopenharmony_ci *tokenId = id; 514fc0b0055Sopenharmony_ci 515fc0b0055Sopenharmony_ci SaveTokenIdToCfg(tokenNode); 516fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 517fc0b0055Sopenharmony_ci} 518fc0b0055Sopenharmony_ci 519fc0b0055Sopenharmony_cistatic int32_t CompareTokenInfo(const NativeTokenList *tokenNode, 520fc0b0055Sopenharmony_ci const char **dcapsIn, int32_t dcapNumIn, int32_t aplIn) 521fc0b0055Sopenharmony_ci{ 522fc0b0055Sopenharmony_ci if (tokenNode->apl != aplIn) { 523fc0b0055Sopenharmony_ci return 1; 524fc0b0055Sopenharmony_ci } 525fc0b0055Sopenharmony_ci if (tokenNode->dcapsNum != dcapNumIn) { 526fc0b0055Sopenharmony_ci return 1; 527fc0b0055Sopenharmony_ci } 528fc0b0055Sopenharmony_ci for (int32_t i = 0; i < dcapNumIn; i++) { 529fc0b0055Sopenharmony_ci if (strcmp(tokenNode->dcaps[i], dcapsIn[i]) != 0) { 530fc0b0055Sopenharmony_ci return 1; 531fc0b0055Sopenharmony_ci } 532fc0b0055Sopenharmony_ci } 533fc0b0055Sopenharmony_ci return 0; 534fc0b0055Sopenharmony_ci} 535fc0b0055Sopenharmony_ci 536fc0b0055Sopenharmony_cistatic int32_t ComparePermsInfo(const NativeTokenList *tokenNode, 537fc0b0055Sopenharmony_ci const char **permsIn, int32_t permsNumIn) 538fc0b0055Sopenharmony_ci{ 539fc0b0055Sopenharmony_ci if (tokenNode->permsNum != permsNumIn) { 540fc0b0055Sopenharmony_ci return 1; 541fc0b0055Sopenharmony_ci } 542fc0b0055Sopenharmony_ci for (int32_t i = 0; i < permsNumIn; i++) { 543fc0b0055Sopenharmony_ci if (strcmp(tokenNode->perms[i], permsIn[i]) != 0) { 544fc0b0055Sopenharmony_ci return 1; 545fc0b0055Sopenharmony_ci } 546fc0b0055Sopenharmony_ci } 547fc0b0055Sopenharmony_ci return 0; 548fc0b0055Sopenharmony_ci} 549fc0b0055Sopenharmony_ci 550fc0b0055Sopenharmony_cistatic uint32_t UpdateStrArrayInList(char *strArr[], int32_t *strNum, 551fc0b0055Sopenharmony_ci const char **strArrNew, int32_t strNumNew) 552fc0b0055Sopenharmony_ci{ 553fc0b0055Sopenharmony_ci if (strNum == NULL) { 554fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:strNum length is invalid.", __func__); 555fc0b0055Sopenharmony_ci return ATRET_FAILED; 556fc0b0055Sopenharmony_ci } 557fc0b0055Sopenharmony_ci for (int32_t i = 0; i < *strNum; i++) { 558fc0b0055Sopenharmony_ci free(strArr[i]); 559fc0b0055Sopenharmony_ci strArr[i] = NULL; 560fc0b0055Sopenharmony_ci } 561fc0b0055Sopenharmony_ci 562fc0b0055Sopenharmony_ci *strNum = strNumNew; 563fc0b0055Sopenharmony_ci for (int32_t i = 0; i < strNumNew; i++) { 564fc0b0055Sopenharmony_ci size_t len = strlen(strArrNew[i]) + 1; 565fc0b0055Sopenharmony_ci strArr[i] = (char *)malloc(sizeof(char) * len); 566fc0b0055Sopenharmony_ci if (strArr[i] == NULL || (strcpy_s(strArr[i], len, strArrNew[i]) != EOK)) { 567fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:copy strArr[%d] failed.", __func__, i); 568fc0b0055Sopenharmony_ci FreeStrArray(strArr, i); 569fc0b0055Sopenharmony_ci return ATRET_FAILED; 570fc0b0055Sopenharmony_ci } 571fc0b0055Sopenharmony_ci } 572fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 573fc0b0055Sopenharmony_ci} 574fc0b0055Sopenharmony_ci 575fc0b0055Sopenharmony_cistatic uint32_t UpdateTokenInfoInList(NativeTokenList *tokenNode, 576fc0b0055Sopenharmony_ci const NativeTokenInfoParams *tokenInfo) 577fc0b0055Sopenharmony_ci{ 578fc0b0055Sopenharmony_ci tokenNode->apl = GetAplLevel(tokenInfo->aplStr); 579fc0b0055Sopenharmony_ci 580fc0b0055Sopenharmony_ci uint32_t ret = UpdateStrArrayInList(tokenNode->dcaps, &(tokenNode->dcapsNum), 581fc0b0055Sopenharmony_ci tokenInfo->dcaps, tokenInfo->dcapsNum); 582fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 583fc0b0055Sopenharmony_ci return ret; 584fc0b0055Sopenharmony_ci } 585fc0b0055Sopenharmony_ci ret = UpdateStrArrayInList(tokenNode->perms, &(tokenNode->permsNum), 586fc0b0055Sopenharmony_ci tokenInfo->perms, tokenInfo->permsNum); 587fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 588fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->dcaps, tokenNode->dcapsNum - 1); 589fc0b0055Sopenharmony_ci } 590fc0b0055Sopenharmony_ci ret = UpdateStrArrayInList(tokenNode->acls, &(tokenNode->aclsNum), 591fc0b0055Sopenharmony_ci tokenInfo->acls, tokenInfo->aclsNum); 592fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 593fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->dcaps, tokenNode->dcapsNum - 1); 594fc0b0055Sopenharmony_ci FreeStrArray(tokenNode->perms, tokenNode->permsNum - 1); 595fc0b0055Sopenharmony_ci } 596fc0b0055Sopenharmony_ci return ret; 597fc0b0055Sopenharmony_ci} 598fc0b0055Sopenharmony_ci 599fc0b0055Sopenharmony_cistatic uint32_t UpdateInfoInCfgFile(const NativeTokenList *tokenNode) 600fc0b0055Sopenharmony_ci{ 601fc0b0055Sopenharmony_ci cJSON *record = NULL; 602fc0b0055Sopenharmony_ci char *fileBuffer = NULL; 603fc0b0055Sopenharmony_ci uint32_t ret; 604fc0b0055Sopenharmony_ci 605fc0b0055Sopenharmony_ci if (GetFileBuff(TOKEN_ID_CFG_FILE_PATH, &fileBuffer) != ATRET_SUCCESS) { 606fc0b0055Sopenharmony_ci return ATRET_FAILED; 607fc0b0055Sopenharmony_ci } 608fc0b0055Sopenharmony_ci 609fc0b0055Sopenharmony_ci if (fileBuffer == NULL) { 610fc0b0055Sopenharmony_ci record = cJSON_CreateArray(); 611fc0b0055Sopenharmony_ci } else { 612fc0b0055Sopenharmony_ci record = cJSON_Parse(fileBuffer); 613fc0b0055Sopenharmony_ci free(fileBuffer); 614fc0b0055Sopenharmony_ci fileBuffer = NULL; 615fc0b0055Sopenharmony_ci } 616fc0b0055Sopenharmony_ci 617fc0b0055Sopenharmony_ci if (record == NULL) { 618fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:get record failed.", __func__); 619fc0b0055Sopenharmony_ci return ATRET_FAILED; 620fc0b0055Sopenharmony_ci } 621fc0b0055Sopenharmony_ci 622fc0b0055Sopenharmony_ci ret = UpdateGoalItemFromRecord(tokenNode, record); 623fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 624fc0b0055Sopenharmony_ci NativeTokenKmsg(NATIVETOKEN_KERROR, "[%s]:UpdateGoalItemFromRecord failed.", __func__); 625fc0b0055Sopenharmony_ci cJSON_Delete(record); 626fc0b0055Sopenharmony_ci return ATRET_FAILED; 627fc0b0055Sopenharmony_ci } 628fc0b0055Sopenharmony_ci 629fc0b0055Sopenharmony_ci WriteToFile(record); 630fc0b0055Sopenharmony_ci cJSON_Delete(record); 631fc0b0055Sopenharmony_ci return ATRET_SUCCESS; 632fc0b0055Sopenharmony_ci} 633fc0b0055Sopenharmony_ci 634fc0b0055Sopenharmony_ciuint64_t GetAccessTokenId(NativeTokenInfoParams *tokenInfo) 635fc0b0055Sopenharmony_ci{ 636fc0b0055Sopenharmony_ci NativeAtId tokenId = 0; 637fc0b0055Sopenharmony_ci uint64_t result = 0; 638fc0b0055Sopenharmony_ci int32_t apl; 639fc0b0055Sopenharmony_ci NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); 640fc0b0055Sopenharmony_ci 641fc0b0055Sopenharmony_ci if ((g_isNativeTokenInited == 0) && (AtlibInit() != ATRET_SUCCESS)) { 642fc0b0055Sopenharmony_ci return INVALID_TOKEN_ID; 643fc0b0055Sopenharmony_ci } 644fc0b0055Sopenharmony_ci uint32_t ret = CheckProcessInfo(tokenInfo, &apl); 645fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 646fc0b0055Sopenharmony_ci return INVALID_TOKEN_ID; 647fc0b0055Sopenharmony_ci } 648fc0b0055Sopenharmony_ci 649fc0b0055Sopenharmony_ci NativeTokenList *tokenNode = g_tokenListHead->next; 650fc0b0055Sopenharmony_ci while (tokenNode != NULL) { 651fc0b0055Sopenharmony_ci if (strcmp(tokenNode->processName, tokenInfo->processName) == 0) { 652fc0b0055Sopenharmony_ci tokenId = tokenNode->tokenId; 653fc0b0055Sopenharmony_ci break; 654fc0b0055Sopenharmony_ci } 655fc0b0055Sopenharmony_ci tokenNode = tokenNode->next; 656fc0b0055Sopenharmony_ci } 657fc0b0055Sopenharmony_ci 658fc0b0055Sopenharmony_ci if (tokenNode == NULL) { 659fc0b0055Sopenharmony_ci ret = AddNewTokenToListAndFile(tokenInfo, apl, &tokenId); 660fc0b0055Sopenharmony_ci } else { 661fc0b0055Sopenharmony_ci int32_t needTokenUpdate = CompareTokenInfo(tokenNode, tokenInfo->dcaps, tokenInfo->dcapsNum, apl); 662fc0b0055Sopenharmony_ci int32_t needPermUpdate = ComparePermsInfo(tokenNode, tokenInfo->perms, tokenInfo->permsNum); 663fc0b0055Sopenharmony_ci if ((needTokenUpdate != 0) || (needPermUpdate != 0)) { 664fc0b0055Sopenharmony_ci ret = UpdateTokenInfoInList(tokenNode, tokenInfo); 665fc0b0055Sopenharmony_ci ret |= UpdateInfoInCfgFile(tokenNode); 666fc0b0055Sopenharmony_ci } 667fc0b0055Sopenharmony_ci } 668fc0b0055Sopenharmony_ci if (ret != ATRET_SUCCESS) { 669fc0b0055Sopenharmony_ci return INVALID_TOKEN_ID; 670fc0b0055Sopenharmony_ci } 671fc0b0055Sopenharmony_ci 672fc0b0055Sopenharmony_ci atPoint->tokenId = tokenId; 673fc0b0055Sopenharmony_ci atPoint->tokenAttr = 0; 674fc0b0055Sopenharmony_ci return result; 675fc0b0055Sopenharmony_ci} 676