1 /* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef ROSEN_RENDER_SERVICE_BASE_RS_IPC_INTERFACE_CODE_SECURITY_MANAGER_H 17 #define ROSEN_RENDER_SERVICE_BASE_RS_IPC_INTERFACE_CODE_SECURITY_MANAGER_H 18 19 #include "ipc_security/rs_ipc_interface_code_access_verifier_base.h" 20 21 namespace OHOS { 22 namespace Rosen { 23 class RSInterfaceCodeSecurityManager { 24 public: 25 RSInterfaceCodeSecurityManager(RSInterfaceCodeSecurityManager&&) noexcept = default; 26 RSInterfaceCodeSecurityManager& operator=(RSInterfaceCodeSecurityManager&&) noexcept = default; 27 ~RSInterfaceCodeSecurityManager() noexcept = default; 28 29 /* 30 * specify a customized access verifier to create the corresponding security manager; 31 * RSInterfaceCodeAccessVerifierDerived should inherit from RSInterfaceCodeAccessVerifierBase 32 */ 33 template<typename RSInterfaceCodeAccessVerifierDerived, typename... AccessVerifierDerivedConstructorArgs> CreateInstance(AccessVerifierDerivedConstructorArgs &&...constructorArgs)34 static RSInterfaceCodeSecurityManager CreateInstance(AccessVerifierDerivedConstructorArgs&&... constructorArgs) 35 { 36 RSInterfaceCodeSecurityManager securityManager; 37 #ifdef ENABLE_IPC_SECURITY 38 auto accessVerifier = std::make_unique<RSInterfaceCodeAccessVerifierDerived>( 39 std::forward<AccessVerifierDerivedConstructorArgs>(constructorArgs)...); 40 securityManager.InitializeAccessVerifier(std::move(accessVerifier)); 41 #endif 42 return securityManager; 43 } 44 45 /* decide whether the designated ipc interface code is accessible for the visitor */ IsInterfaceCodeAccessible(CodeUnderlyingType code)46 bool IsInterfaceCodeAccessible(CodeUnderlyingType code) const 47 { 48 #ifdef ENABLE_IPC_SECURITY 49 if (accessVerifier_ == nullptr) { 50 RS_LOGE("RSInterfaceCodeSecurityManager::IsInterfaceCodeAccessible access verifier is nullptr."); 51 return false; 52 } 53 if (!accessVerifier_->IsInterfaceCodeAccessible(code)) { 54 RS_LOGE("RSInterfaceCodeSecurityManager::IsInterfaceCodeAccessible verification failed."); 55 return false; 56 } 57 #endif 58 return true; 59 } 60 IsAccessTimesRestricted(CodeUnderlyingType code,uint32_t times)61 bool IsAccessTimesRestricted(CodeUnderlyingType code, uint32_t times) const 62 { 63 #ifdef ENABLE_IPC_SECURITY 64 if (accessVerifier_ == nullptr) { 65 RS_LOGE("RSInterfaceCodeSecurityManager::IsAccessTimesRestricted access verifier is nullptr."); 66 return false; 67 } 68 if (!accessVerifier_->IsAccessTimesVerificationPassed(code, times)) { 69 RS_LOGE("RSInterfaceCodeSecurityManager::IsAccessTimesRestricted verification failed."); 70 return false; 71 } 72 #endif 73 return true; 74 } 75 76 private: 77 RSInterfaceCodeSecurityManager() = default; 78 DISALLOW_COPY(RSInterfaceCodeSecurityManager); 79 80 /* specify a customized access verifier for the designated ipc interface code */ InitializeAccessVerifier(std::unique_ptr<RSInterfaceCodeAccessVerifierBase> accessVerifier)81 void InitializeAccessVerifier(std::unique_ptr<RSInterfaceCodeAccessVerifierBase> accessVerifier) 82 { 83 #ifdef ENABLE_IPC_SECURITY 84 if (accessVerifier == nullptr) { 85 RS_LOGE("RSInterfaceCodeSecurityManager::InitializeAccessVerifier access verifier is nullptr."); 86 return; 87 } 88 accessVerifier_.reset(); 89 accessVerifier_ = std::move(accessVerifier); 90 #endif 91 } 92 93 std::unique_ptr<RSInterfaceCodeAccessVerifierBase> accessVerifier_{nullptr}; 94 }; 95 } // namespace Rosen 96 } // namespace OHOS 97 #endif // ROSEN_RENDER_SERVICE_BASE_RS_IPC_INTERFACE_CODE_SECURITY_MANAGER_H 98