1#!/usr/bin/env python
2#coding=utf-8
3
4#
5# Copyright (c) 2024 Huawei Device Co., Ltd.
6# Licensed under the Apache License, Version 2.0 (the "License");
7# you may not use this file except in compliance with the License.
8# You may obtain a copy of the License at
9#
10#     http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS,
14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
17#
18
19import os
20import subprocess
21
22from .base_rule import BaseRule
23
24
25class PlugInModuleRule(BaseRule):
26    RULE_NAME = "NO-Plug-In_Module-Init"
27
28    def __init__(self, mgr, args):
29        super().__init__(mgr, args)
30        self._base_so = []
31        self._private_so = {}
32        self._passwd = True
33
34    def __check__(self):
35        return self.check_plug_in_library()
36
37    def check_plug_in_library(self):
38        cfg_parser = self.get_mgr().get_parser_by_name('config_parser')
39        white_lists = self.get_white_lists()
40        for key, item in white_lists[0].items():
41            if key == "base_library":
42                self._base_so = item
43            if key == "private_library":
44                self._private_so = item
45        keys = list(self._private_so.keys())
46        for name in cfg_parser._plug_in:
47            if os.path.basename(name) not in keys:
48                self.error("%s is not in whitelists" % os.path.basename(name))
49                self._passwd = False
50                continue
51            self._read_elf_dt_needed(name)
52        return self._passwd
53
54    def _read_elf_dt_needed(self, file):
55        paser = self._private_so
56        file_name = os.path.basename(file)
57        proc = subprocess.Popen(["readelf", "-d", file],
58                                stdout=subprocess.PIPE, stderr=subprocess.PIPE)
59        out, _ = proc.communicate()
60        lines = out.splitlines()
61        for line in lines:
62            line = str(line)
63            if " (NEEDED) " in line:
64                needed = line.strip().split("[")[-1].split("]")[0]
65                for key, item in paser.items():
66                    if file_name == key :
67                        if needed in item["deps"] or needed in self._base_so:
68                            pass
69                        else:
70                            self._passwd = False
71                            error_log = "the dependent shared library {} of {} is not in whitelist".format(needed, file_name)
72                            self.error("%s" % error_log)
73                            continue
74                        pass
75