1 /*
2  * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include "sec_comp_enhance_adapter.h"
16 
17 #include <dlfcn.h>
18 #include <sys/types.h>
19 
20 #include "ipc_skeleton.h"
21 #include "parcel.h"
22 #include "sec_comp_err.h"
23 #include "sec_comp_log.h"
24 #include "securec.h"
25 
26 namespace OHOS {
27 namespace Security {
28 namespace SecurityComponent {
29 namespace {
30 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
31     LOG_CORE, SECURITY_DOMAIN_SECURITY_COMPONENT, "SecCompEnhanceAdapter"};
32 
33 static const std::string ENHANCE_INPUT_INTERFACE_LIB = "libsecurity_component_client_enhance.z.so";
34 static const std::string ENHANCE_SRV_INTERFACE_LIB = "libsecurity_component_service_enhance.z.so";
35 static const std::string ENHANCE_CLIENT_INTERFACE_LIB = "libsecurity_component_client_enhance.z.so";
36 }
37 
38 SecCompInputEnhanceInterface* SecCompEnhanceAdapter::inputHandler = nullptr;
39 bool SecCompEnhanceAdapter::isEnhanceInputHandlerInit = false;
40 
41 SecCompSrvEnhanceInterface* SecCompEnhanceAdapter::srvHandler = nullptr;
42 bool SecCompEnhanceAdapter::isEnhanceSrvHandlerInit = false;
43 
44 SecCompClientEnhanceInterface* SecCompEnhanceAdapter::clientHandler = nullptr;
45 bool SecCompEnhanceAdapter::isEnhanceClientHandlerInit = false;
46 
47 std::mutex SecCompEnhanceAdapter::initMtx;
48 
InitEnhanceHandler(EnhanceInterfaceType type)49 void SecCompEnhanceAdapter::InitEnhanceHandler(EnhanceInterfaceType type)
50 {
51     std::unique_lock<std::mutex> lck(initMtx);
52     std::string libPath = "";
53     switch (type) {
54         case SEC_COMP_ENHANCE_INPUT_INTERFACE:
55             libPath = ENHANCE_INPUT_INTERFACE_LIB;
56             isEnhanceInputHandlerInit = true;
57             break;
58         case SEC_COMP_ENHANCE_SRV_INTERFACE:
59             libPath = ENHANCE_SRV_INTERFACE_LIB;
60             isEnhanceSrvHandlerInit = true;
61             break;
62         case SEC_COMP_ENHANCE_CLIENT_INTERFACE:
63             libPath = ENHANCE_CLIENT_INTERFACE_LIB;
64             isEnhanceClientHandlerInit = true;
65             break;
66         default:
67             break;
68     }
69 
70     void* handler = dlopen(libPath.c_str(), RTLD_LAZY);
71     if (handler == nullptr) {
72         SC_LOG_ERROR(LABEL, "init enhance lib %{public}s failed, error %{public}s", libPath.c_str(), dlerror());
73         return;
74     }
75     if (type == SEC_COMP_ENHANCE_CLIENT_INTERFACE) {
76         EnhanceInterface getClientInstance = reinterpret_cast<EnhanceInterface>(dlsym(handler, "GetClientInstance"));
77         if (getClientInstance == nullptr) {
78             SC_LOG_ERROR(LABEL, "GetClientInstance failed.");
79             return;
80         }
81         SecCompClientEnhanceInterface* instance = getClientInstance();
82         if (instance != nullptr) {
83             SC_LOG_DEBUG(LABEL, "Dlopen client enhance successful.");
84             clientHandler = instance;
85         }
86     }
87 }
88 
SetEnhanceCfg(uint8_t * cfg,uint32_t cfgLen)89 int32_t SecCompEnhanceAdapter::SetEnhanceCfg(uint8_t* cfg, uint32_t cfgLen)
90 {
91     if (!isEnhanceInputHandlerInit) {
92         InitEnhanceHandler(SEC_COMP_ENHANCE_INPUT_INTERFACE);
93     }
94     if (inputHandler != nullptr) {
95         return inputHandler->SetEnhanceCfg(cfg, cfgLen);
96     }
97     return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
98 }
99 
GetPointerEventEnhanceData(void * data,uint32_t dataLen,uint8_t * enhanceData,uint32_t & enHancedataLen)100 int32_t SecCompEnhanceAdapter::GetPointerEventEnhanceData(void* data, uint32_t dataLen,
101     uint8_t* enhanceData, uint32_t& enHancedataLen)
102 {
103     if (!isEnhanceInputHandlerInit) {
104         InitEnhanceHandler(SEC_COMP_ENHANCE_INPUT_INTERFACE);
105     }
106     if (inputHandler != nullptr) {
107         return inputHandler->GetPointerEventEnhanceData(data, dataLen, enhanceData, enHancedataLen);
108     }
109     return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
110 }
111 
CheckExtraInfo(const SecCompClickEvent & clickInfo)112 int32_t SecCompEnhanceAdapter::CheckExtraInfo(const SecCompClickEvent& clickInfo)
113 {
114     if (!isEnhanceSrvHandlerInit) {
115         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
116     }
117     if (srvHandler != nullptr) {
118         if (clickInfo.extraInfo.dataSize == 0 || clickInfo.extraInfo.data == nullptr) {
119             SC_LOG_ERROR(LABEL, "HMAC info is invalid");
120             return SC_SERVICE_ERROR_CLICK_EVENT_INVALID;
121         }
122         return srvHandler->CheckExtraInfo(clickInfo);
123     }
124     return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
125 }
126 
AddSecurityComponentProcess(int32_t pid)127 void SecCompEnhanceAdapter::AddSecurityComponentProcess(int32_t pid)
128 {
129     if (!isEnhanceSrvHandlerInit) {
130         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
131     }
132     if (srvHandler != nullptr) {
133         srvHandler->AddSecurityComponentProcess(pid);
134     }
135 }
136 
EnhanceDataPreprocess(std::string & componentInfo)137 bool SecCompEnhanceAdapter::EnhanceDataPreprocess(std::string& componentInfo)
138 {
139     if (!isEnhanceClientHandlerInit) {
140         InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
141     }
142 
143     uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
144     if (clientHandler != nullptr) {
145         return clientHandler->EnhanceDataPreprocess(enhanceCallerAddr, componentInfo);
146     }
147     return true;
148 }
149 
EnhanceDataPreprocess(int32_t scId,std::string & componentInfo)150 bool SecCompEnhanceAdapter::EnhanceDataPreprocess(int32_t scId, std::string& componentInfo)
151 {
152     if (!isEnhanceClientHandlerInit) {
153         InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
154     }
155 
156     uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
157     if (clientHandler != nullptr) {
158         return clientHandler->EnhanceDataPreprocess(enhanceCallerAddr, scId, componentInfo);
159     }
160     return true;
161 }
162 
WriteMessageParcel(MessageParcel & tmpData,MessageParcel & data)163 static bool WriteMessageParcel(MessageParcel& tmpData, MessageParcel& data)
164 {
165     size_t bufferLength = tmpData.GetDataSize();
166     if (bufferLength == 0) {
167         SC_LOG_INFO(LABEL, "TmpData is empty.");
168         return true;
169     }
170 
171     char* buffer = reinterpret_cast<char *>(tmpData.GetData());
172     if (buffer == nullptr) {
173         SC_LOG_ERROR(LABEL, "Get tmpData data failed.");
174         return false;
175     }
176 
177     if (!data.WriteInt32(bufferLength)) {
178         SC_LOG_ERROR(LABEL, "Write bufferLength failed.");
179         return false;
180     }
181 
182     if (!data.WriteRawData(reinterpret_cast<void *>(buffer), bufferLength)) {
183         SC_LOG_ERROR(LABEL, "Write data failed.");
184         return false;
185     }
186     return true;
187 }
188 
ReadMessageParcel(MessageParcel & tmpData,MessageParcel & data)189 static bool ReadMessageParcel(MessageParcel& tmpData, MessageParcel& data)
190 {
191     int32_t size;
192     if (!tmpData.ReadInt32(size)) {
193         SC_LOG_ERROR(LABEL, "Read size failed.");
194         return false;
195     }
196 
197     const void *iter = tmpData.ReadRawData(size);
198     if (iter == nullptr) {
199         SC_LOG_ERROR(LABEL, "Read const void failed.");
200         return false;
201     }
202     char* ptr = reinterpret_cast<char *>(const_cast<void *>(iter));
203 
204     if (!data.WriteBuffer(reinterpret_cast<void *>(ptr), size)) {
205         SC_LOG_ERROR(LABEL, "Write rawData failed.");
206         return false;
207     }
208     return true;
209 }
210 
EnhanceClientSerialize(MessageParcel & input,MessageParcel & output)211 bool SecCompEnhanceAdapter::EnhanceClientSerialize(MessageParcel& input, MessageParcel& output)
212 {
213     if (!isEnhanceClientHandlerInit) {
214         InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
215     }
216 
217     uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
218     if (clientHandler != nullptr) {
219         return clientHandler->EnhanceClientSerialize(enhanceCallerAddr, input, output);
220     }
221 
222     return WriteMessageParcel(input, output);
223 }
224 
EnhanceClientDeserialize(MessageParcel & input,MessageParcel & output)225 bool SecCompEnhanceAdapter::EnhanceClientDeserialize(MessageParcel& input, MessageParcel& output)
226 {
227     if (!isEnhanceClientHandlerInit) {
228         InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
229     }
230 
231     uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
232     if (clientHandler != nullptr) {
233         return clientHandler->EnhanceClientDeserialize(enhanceCallerAddr, input, output);
234     }
235 
236     return ReadMessageParcel(input, output);
237 }
238 
EnhanceSrvSerialize(MessageParcel & input,MessageParcel & output)239 bool SecCompEnhanceAdapter::EnhanceSrvSerialize(MessageParcel& input, MessageParcel& output)
240 {
241     if (!isEnhanceSrvHandlerInit) {
242         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
243     }
244     if (srvHandler != nullptr) {
245         return srvHandler->EnhanceSrvSerialize(input, output);
246     }
247 
248     return WriteMessageParcel(input, output);
249 }
250 
EnhanceSrvDeserialize(MessageParcel & input,MessageParcel & output,MessageParcel & reply)251 bool SecCompEnhanceAdapter::EnhanceSrvDeserialize(MessageParcel& input, MessageParcel& output,
252     MessageParcel& reply)
253 {
254     if (!isEnhanceSrvHandlerInit) {
255         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
256     }
257     if (srvHandler != nullptr) {
258         return srvHandler->EnhanceSrvDeserialize(input, output, reply);
259     }
260 
261     return ReadMessageParcel(input, output);
262 }
263 
RegisterScIdEnhance(int32_t scId)264 void SecCompEnhanceAdapter::RegisterScIdEnhance(int32_t scId)
265 {
266     if (!isEnhanceClientHandlerInit) {
267         InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
268     }
269 
270     uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
271     if (clientHandler != nullptr) {
272         clientHandler->RegisterScIdEnhance(enhanceCallerAddr, scId);
273     }
274 }
275 
UnregisterScIdEnhance(int32_t scId)276 void SecCompEnhanceAdapter::UnregisterScIdEnhance(int32_t scId)
277 {
278     if (!isEnhanceClientHandlerInit) {
279         InitEnhanceHandler(SEC_COMP_ENHANCE_CLIENT_INTERFACE);
280     }
281 
282     uintptr_t enhanceCallerAddr = reinterpret_cast<uintptr_t>(__builtin_return_address(0));
283     if (clientHandler != nullptr) {
284         clientHandler->UnregisterScIdEnhance(enhanceCallerAddr, scId);
285     }
286 }
287 
EnableInputEnhance()288 int32_t SecCompEnhanceAdapter::EnableInputEnhance()
289 {
290     if (!isEnhanceSrvHandlerInit) {
291         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
292     }
293     if (srvHandler != nullptr) {
294         return srvHandler->EnableInputEnhance();
295     }
296     return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
297 }
298 
DisableInputEnhance()299 int32_t SecCompEnhanceAdapter::DisableInputEnhance()
300 {
301     if (!isEnhanceSrvHandlerInit) {
302         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
303     }
304     if (srvHandler != nullptr) {
305         return srvHandler->DisableInputEnhance();
306     }
307     return SC_ENHANCE_ERROR_NOT_EXIST_ENHANCE;
308 }
309 
StartEnhanceService()310 void SecCompEnhanceAdapter::StartEnhanceService()
311 {
312     if (!isEnhanceSrvHandlerInit) {
313         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
314     }
315     if (srvHandler != nullptr) {
316         srvHandler->StartEnhanceService();
317     }
318 }
319 
ExitEnhanceService()320 void SecCompEnhanceAdapter::ExitEnhanceService()
321 {
322     if (!isEnhanceSrvHandlerInit) {
323         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
324     }
325     if (srvHandler != nullptr) {
326         srvHandler->ExitEnhanceService();
327     }
328 }
329 
NotifyProcessDied(int32_t pid)330 void SecCompEnhanceAdapter::NotifyProcessDied(int32_t pid)
331 {
332     if (!isEnhanceSrvHandlerInit) {
333         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
334     }
335     if (srvHandler != nullptr) {
336         srvHandler->NotifyProcessDied(pid);
337     }
338 }
339 
CheckComponentInfoEnhance(int32_t pid,std::shared_ptr<SecCompBase> & compInfo,const nlohmann::json & jsonComponent)340 int32_t SecCompEnhanceAdapter::CheckComponentInfoEnhance(int32_t pid,
341     std::shared_ptr<SecCompBase>& compInfo, const nlohmann::json& jsonComponent)
342 {
343     if (!isEnhanceSrvHandlerInit) {
344         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
345     }
346     if (srvHandler != nullptr) {
347         return srvHandler->CheckComponentInfoEnhance(pid, compInfo, jsonComponent);
348     }
349     return SC_OK;
350 }
351 
GetEnhanceRemoteObject()352 sptr<IRemoteObject> SecCompEnhanceAdapter::GetEnhanceRemoteObject()
353 {
354     if (!isEnhanceSrvHandlerInit) {
355         InitEnhanceHandler(SEC_COMP_ENHANCE_SRV_INTERFACE);
356     }
357     if (srvHandler != nullptr) {
358         auto service = srvHandler->GetEnhanceRemoteObject();
359         return service;
360     }
361     return nullptr;
362 }
363 }  // namespace SecurityComponent
364 }  // namespace Security
365 }  // namespace OHOS
366