1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "system_ability_manager_stub.h"
17
18 #include <unistd.h>
19 #include <cinttypes>
20
21 #include "accesstoken_kit.h"
22 #include "datetime_ex.h"
23 #include "errors.h"
24 #include "hitrace_meter.h"
25 #include "ipc_skeleton.h"
26 #include "ipc_types.h"
27 #include "memory_guard.h"
28 #include "sam_log.h"
29 #include "string_ex.h"
30 #include "hisysevent_adapter.h"
31 #include "system_ability_manager.h"
32 #include "system_ability_manager_util.h"
33 #include "system_ability_on_demand_event.h"
34 #include "tools.h"
35 #include "samgr_xcollie.h"
36
37 #ifdef WITH_SELINUX
38 #include "service_checker.h"
39 #define HILOG_SE_DEBUG(type, fmt, ...) HILOG_IMPL((type), LOG_DEBUG, LOG_DOMAIN, "SA_SELINUX", fmt, __VA_ARGS__)
40 #endif
41
42 namespace {
43 #ifdef WITH_SELINUX
44 std::unique_ptr<ServiceChecker> selinuxChecker_ = std::make_unique<ServiceChecker>(false);
45 #endif
46
CheckGetSAPermission(const int32_t said)47 bool CheckGetSAPermission(const int32_t said)
48 {
49 #ifdef WITH_SELINUX
50 int64_t begin = OHOS::GetTickCount();
51 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
52 auto ret = selinuxChecker_->GetServiceCheck(callingSid, std::to_string(said)) == 0;
53 HILOG_SE_DEBUG(LOG_CORE, "GetServiceCheck callingSid:%{public}s,SA:%{public}d,ret:%{public}s,spend:%{public}"
54 PRId64 "ms", callingSid.c_str(), said, ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
55 return ret;
56 #else
57 return true; // if not support selinux, not check selinux permission
58 #endif
59 }
60
CheckAddOrRemovePermission(const int32_t said)61 bool CheckAddOrRemovePermission(const int32_t said)
62 {
63 #ifdef WITH_SELINUX
64 int64_t begin = OHOS::GetTickCount();
65 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
66 auto ret = selinuxChecker_->AddServiceCheck(callingSid, std::to_string(said)) == 0;
67 HILOG_SE_DEBUG(LOG_CORE, "AddServiceCheck callingSid:%{public}s,SA:%{public}d,ret:%{public}s,spend:%{public}"
68 PRId64 "ms", callingSid.c_str(), said, ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
69 return ret;
70 #else
71 return true; // if not support selinux, not check selinux permission
72 #endif
73 }
74
CheckGetRemoteSAPermission(const int32_t said)75 bool CheckGetRemoteSAPermission(const int32_t said)
76 {
77 #ifdef WITH_SELINUX
78 int64_t begin = OHOS::GetTickCount();
79 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
80 auto ret = selinuxChecker_->GetRemoteServiceCheck(callingSid, std::to_string(said)) == 0;
81 HILOG_SE_DEBUG(LOG_CORE, "GetRemoteServiceCheck callingSid:%{public}s,SA:%{public}d,"
82 "ret:%{public}s,spend:%{public}" PRId64 "ms", callingSid.c_str(), said,
83 ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
84 return ret;
85 #else
86 return true; // if not support selinux, not check selinux permission
87 #endif
88 }
89
CheckListSAPermission()90 bool CheckListSAPermission()
91 {
92 #ifdef WITH_SELINUX
93 int64_t begin = OHOS::GetTickCount();
94 auto callingSid = OHOS::IPCSkeleton::GetCallingSid();
95 auto ret = selinuxChecker_->ListServiceCheck(callingSid) == 0;
96 HILOG_SE_DEBUG(LOG_CORE, "ListServiceCheck callingSid:%{public}s,ret:%{public}s,spend:%{public}"
97 PRId64 "ms", callingSid.c_str(), ret == true ? "suc" : "fail", OHOS::GetTickCount() - begin);
98 return ret;
99 #else
100 return true; // if not support selinux, not check selinux permission
101 #endif
102 }
103 }
104
105 using namespace OHOS::Security;
106 namespace OHOS {
107 namespace {
108 constexpr const char *EXT_TRANSACTION_PERMISSION = "ohos.permission.ACCESS_EXT_SYSTEM_ABILITY";
109 }
110
SetAbilityFuncMap()111 void SystemAbilityManagerStub::SetAbilityFuncMap()
112 {
113 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_SYSTEM_ABILITY_TRANSACTION)] =
114 SystemAbilityManagerStub::LocalGetSystemAbility;
115 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CHECK_SYSTEM_ABILITY_TRANSACTION)] =
116 SystemAbilityManagerStub::LocalCheckSystemAbility;
117 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::ADD_SYSTEM_ABILITY_TRANSACTION)] =
118 SystemAbilityManagerStub::LocalAddSystemAbility;
119 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::REMOVE_SYSTEM_ABILITY_TRANSACTION)] =
120 SystemAbilityManagerStub::LocalRemoveSystemAbility;
121 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::LIST_SYSTEM_ABILITY_TRANSACTION)] =
122 SystemAbilityManagerStub::LocalListSystemAbility;
123 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::SUBSCRIBE_SYSTEM_ABILITY_TRANSACTION)] =
124 SystemAbilityManagerStub::LocalSubsSystemAbility;
125 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CHECK_REMOTE_SYSTEM_ABILITY_TRANSACTION)] =
126 SystemAbilityManagerStub::LocalCheckRemtSystemAbility;
127 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::ADD_ONDEMAND_SYSTEM_ABILITY_TRANSACTION)] =
128 SystemAbilityManagerStub::LocalAddOndemandSystemAbility;
129 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CHECK_SYSTEM_ABILITY_IMMEDIATELY_TRANSACTION)] =
130 SystemAbilityManagerStub::LocalCheckSystemAbilityImme;
131 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNSUBSCRIBE_SYSTEM_ABILITY_TRANSACTION)] =
132 SystemAbilityManagerStub::LocalUnSubsSystemAbility;
133 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::LOAD_SYSTEM_ABILITY_TRANSACTION)] =
134 SystemAbilityManagerStub::LocalLoadSystemAbility;
135 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::LOAD_REMOTE_SYSTEM_ABILITY_TRANSACTION)] =
136 SystemAbilityManagerStub::LocalLoadRemoteSystemAbility;
137 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNLOAD_SYSTEM_ABILITY_TRANSACTION)] =
138 SystemAbilityManagerStub::LocalUnloadSystemAbility;
139 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::CANCEL_UNLOAD_SYSTEM_ABILITY_TRANSACTION)] =
140 SystemAbilityManagerStub::LocalCancelUnloadSystemAbility;
141 }
142
SetProcessFuncMap()143 void SystemAbilityManagerStub::SetProcessFuncMap()
144 {
145 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::ADD_SYSTEM_PROCESS_TRANSACTION)] =
146 SystemAbilityManagerStub::LocalAddSystemProcess;
147 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_SYSTEM_PROCESS_INFO_TRANSACTION)] =
148 SystemAbilityManagerStub::LocalGetSystemProcessInfo;
149 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_RUNNING_SYSTEM_PROCESS_TRANSACTION)] =
150 SystemAbilityManagerStub::LocalGetRunningSystemProcess;
151 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::SUBSCRIBE_SYSTEM_PROCESS_TRANSACTION)] =
152 SystemAbilityManagerStub::LocalSubscribeSystemProcess;
153 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNSUBSCRIBE_SYSTEM_PROCESS_TRANSACTION)] =
154 SystemAbilityManagerStub::LocalUnSubscribeSystemProcess;
155 }
156
SystemAbilityManagerStub()157 SystemAbilityManagerStub::SystemAbilityManagerStub()
158 {
159 SetAbilityFuncMap();
160 SetProcessFuncMap();
161 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_ONDEMAND_REASON_EXTRA_DATA_TRANSACTION)] =
162 SystemAbilityManagerStub::LocalGetOnDemandReasonExtraData;
163 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_ONDEAMND_POLICY_TRANSACTION)] =
164 SystemAbilityManagerStub::LocalGetOnDemandPolicy;
165 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UPDATE_ONDEAMND_POLICY_TRANSACTION)] =
166 SystemAbilityManagerStub::LocalUpdateOnDemandPolicy;
167 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_ONDEMAND_SYSTEM_ABILITY_IDS_TRANSACTION)] =
168 SystemAbilityManagerStub::LocalGetOnDemandSystemAbilityIds;
169 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::SEND_STRATEGY_TRANASACTION)] =
170 SystemAbilityManagerStub::LocalSendStrategy;
171 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::UNLOAD_ALL_IDLE_SYSTEM_ABILITY_TRANSACTION)] =
172 SystemAbilityManagerStub::LocalUnloadAllIdleSystemAbility;
173 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_EXTENSION_SA_IDS_TRANSCATION)] =
174 SystemAbilityManagerStub::LocalGetExtensionSaIds;
175 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_EXTERNSION_SA_LIST_TRANSCATION)] =
176 SystemAbilityManagerStub::LocalGetExtensionRunningSaList;
177 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_SA_EXTENSION_INFO_TRANSCATION)] =
178 SystemAbilityManagerStub::LocalGetRunningSaExtensionInfoList;
179 memberFuncMap_[static_cast<uint32_t>(SamgrInterfaceCode::GET_COMMON_EVENT_EXTRA_ID_LIST_TRANSCATION)] =
180 SystemAbilityManagerStub::LocalGetCommonEventExtraDataIdlist;
181 }
182
OnRemoteRequest(uint32_t code,MessageParcel & data,MessageParcel & reply,MessageOption & option)183 int32_t SystemAbilityManagerStub::OnRemoteRequest(uint32_t code,
184 MessageParcel& data, MessageParcel& reply, MessageOption &option)
185 {
186 HILOGD("SAMStub::OnReceived, code = %{public}u, callerPid = %{public}d",
187 code, IPCSkeleton::GetCallingPid());
188 Samgr::MemoryGuard cacheGuard;
189 if (!EnforceInterceToken(data)) {
190 HILOGE("SAMStub::OnReceived, code = %{public}u, check interfaceToken failed", code);
191 return ERR_PERMISSION_DENIED;
192 }
193 auto itFunc = memberFuncMap_.find(code);
194 if (itFunc != memberFuncMap_.end()) {
195 return itFunc->second(this, data, reply);
196 }
197 HILOGW("SAMStub: default case, need check.");
198 return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
199 }
200
EnforceInterceToken(MessageParcel & data)201 bool SystemAbilityManagerStub::EnforceInterceToken(MessageParcel& data)
202 {
203 std::u16string interfaceToken = data.ReadInterfaceToken();
204 return interfaceToken == SAMANAGER_INTERFACE_TOKEN;
205 }
206
ListSystemAbilityInner(MessageParcel & data,MessageParcel & reply)207 int32_t SystemAbilityManagerStub::ListSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
208 {
209 if (!CanRequest()) {
210 HILOGE("ListSystemAbilityInner PERMISSION DENIED!");
211 return ERR_PERMISSION_DENIED;
212 }
213
214 if (!CheckListSAPermission()) {
215 HILOGE("ListSystemAbilityInner selinux permission denied! callSid:%{public}s",
216 OHOS::IPCSkeleton::GetCallingSid().c_str());
217 return ERR_PERMISSION_DENIED;
218 }
219
220 int32_t dumpFlag = 0;
221 bool ret = data.ReadInt32(dumpFlag);
222 if (!ret) {
223 HILOGW("ListSystemAbilityInner read dumpflag failed!");
224 return ERR_FLATTEN_OBJECT;
225 }
226
227 std::vector<std::u16string> saNameVector = ListSystemAbilities(dumpFlag);
228 if (saNameVector.empty()) {
229 HILOGI("List System Abilities list errors");
230 ret = reply.WriteInt32(ERR_INVALID_VALUE);
231 } else {
232 HILOGI("ListSystemAbilityInner list success");
233 ret = reply.WriteInt32(ERR_NONE);
234 if (ret) {
235 ret = reply.WriteString16Vector(saNameVector);
236 }
237 }
238
239 if (!ret) {
240 HILOGW("ListSystemAbilityInner write reply failed.");
241 return ERR_FLATTEN_OBJECT;
242 }
243
244 return ERR_NONE;
245 }
246
SubsSystemAbilityInner(MessageParcel & data,MessageParcel & reply)247 int32_t SystemAbilityManagerStub::SubsSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
248 {
249 int32_t systemAbilityId = -1;
250 bool ret = data.ReadInt32(systemAbilityId);
251 if (!ret) {
252 return ERR_NULL_OBJECT;
253 }
254 if (!CheckInputSysAbilityId(systemAbilityId)) {
255 HILOGW("SubsSystemAbilityInner read SAId failed!");
256 return ERR_NULL_OBJECT;
257 }
258 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
259 if (remoteObject == nullptr) {
260 HILOGW("SubsSystemAbilityInner read listener failed!");
261 return ERR_NULL_OBJECT;
262 }
263 sptr<ISystemAbilityStatusChange> listener = iface_cast<ISystemAbilityStatusChange>(remoteObject);
264 if (listener == nullptr) {
265 HILOGW("SubsSystemAbilityInner iface_cast failed!");
266 return ERR_NULL_OBJECT;
267 }
268 SamgrXCollie samgrXCollie("samgr--SubsSA_" + ToString(systemAbilityId));
269 int32_t result = SubscribeSystemAbility(systemAbilityId, listener);
270 HILOGD("SubsSystemAbilityInner result is %{public}d", result);
271 ret = reply.WriteInt32(result);
272 if (!ret) {
273 HILOGW("SubsSystemAbilityInner write reply failed.");
274 return ERR_FLATTEN_OBJECT;
275 }
276
277 return result;
278 }
279
UnSubsSystemAbilityInner(MessageParcel & data,MessageParcel & reply)280 int32_t SystemAbilityManagerStub::UnSubsSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
281 {
282 int32_t systemAbilityId = -1;
283 bool ret = data.ReadInt32(systemAbilityId);
284 if (!ret) {
285 return ERR_NULL_OBJECT;
286 }
287 if (!CheckInputSysAbilityId(systemAbilityId)) {
288 HILOGW("UnSubsSystemAbilityInner read SAId failed!");
289 return ERR_NULL_OBJECT;
290 }
291 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
292 if (remoteObject == nullptr) {
293 HILOGW("UnSubscribeSystemAbility read listener failed!");
294 return ERR_NULL_OBJECT;
295 }
296 sptr<ISystemAbilityStatusChange> listener = iface_cast<ISystemAbilityStatusChange>(remoteObject);
297 if (listener == nullptr) {
298 HILOGW("UnSubscribeSystemAbility iface_cast failed!");
299 return ERR_NULL_OBJECT;
300 }
301 int32_t result = UnSubscribeSystemAbility(systemAbilityId, listener);
302 HILOGD("UnSubscribeSystemAbility result is %{public}d", result);
303 ret = reply.WriteInt32(result);
304 if (!ret) {
305 HILOGW("UnSubscribeSystemAbility write reply failed.");
306 return ERR_FLATTEN_OBJECT;
307 }
308
309 return result;
310 }
311
CheckRemtSystemAbilityInner(MessageParcel & data,MessageParcel & reply)312 int32_t SystemAbilityManagerStub::CheckRemtSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
313 {
314 if (!CanRequest()) {
315 HILOGE("CheckRemoteSystemAbilityInner PERMISSION DENIED!");
316 return ERR_PERMISSION_DENIED;
317 }
318 int32_t systemAbilityId = -1;
319 bool ret = data.ReadInt32(systemAbilityId);
320 if (!ret) {
321 return ERR_NULL_OBJECT;
322 }
323 if (!CheckInputSysAbilityId(systemAbilityId)) {
324 HILOGW("CheckRemtSystemAbilityInner read SAId failed!");
325 return ERR_NULL_OBJECT;
326 }
327
328 if (!CheckGetRemoteSAPermission(systemAbilityId)) {
329 HILOGE("CheckRemtSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
330 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
331 return ERR_PERMISSION_DENIED;
332 }
333
334 std::string deviceId;
335 ret = data.ReadString(deviceId);
336 if (!ret) {
337 HILOGW("CheckRemtSystemAbilityInner read deviceId failed!");
338 return ERR_FLATTEN_OBJECT;
339 }
340 std::string uuid = SamgrUtil::TransformDeviceId(deviceId, UUID, false);
341 sptr<IRemoteObject> remoteObject = GetSystemAbility(systemAbilityId, uuid);
342 if (remoteObject == nullptr) {
343 HILOGD("CheckRemtSystemAbilityInner SA:%{public}d GetSystemAbility failed.", systemAbilityId);
344 return ERR_NULL_OBJECT;
345 }
346 ret = reply.WriteRemoteObject(remoteObject);
347 if (!ret) {
348 HILOGE("CheckRemtSystemAbilityInner SA:%{public}d write reply failed.", systemAbilityId);
349 return ERR_FLATTEN_OBJECT;
350 }
351
352 return ERR_NONE;
353 }
354
AddOndemandSystemAbilityInner(MessageParcel & data,MessageParcel & reply)355 int32_t SystemAbilityManagerStub::AddOndemandSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
356 {
357 if (!CanRequest()) {
358 HILOGE("AddOndemandSystemAbilityInner PERMISSION DENIED!");
359 return ERR_PERMISSION_DENIED;
360 }
361 int32_t systemAbilityId = -1;
362 bool ret = data.ReadInt32(systemAbilityId);
363 if (!ret) {
364 return ERR_NULL_OBJECT;
365 }
366 if (!CheckInputSysAbilityId(systemAbilityId)) {
367 HILOGW("AddOndemandSystemAbilityInner read SAId failed!");
368 return ERR_NULL_OBJECT;
369 }
370
371 if (!CheckAddOrRemovePermission(systemAbilityId)) {
372 HILOGE("AddOndemandSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
373 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
374 return ERR_PERMISSION_DENIED;
375 }
376
377 std::u16string localManagerName = data.ReadString16();
378 if (localManagerName.empty()) {
379 HILOGW("AddOndemandSystemAbilityInner read localName failed!");
380 return ERR_NULL_OBJECT;
381 }
382
383 int32_t result = AddOnDemandSystemAbilityInfo(systemAbilityId, localManagerName);
384 HILOGD("AddOndemandSystemAbilityInner result is %{public}d", result);
385 ret = reply.WriteInt32(result);
386 if (!ret) {
387 HILOGW("AddOndemandSystemAbilityInner write reply failed.");
388 return ERR_FLATTEN_OBJECT;
389 }
390
391 return result;
392 }
393
CheckSystemAbilityImmeInner(MessageParcel & data,MessageParcel & reply)394 int32_t SystemAbilityManagerStub::CheckSystemAbilityImmeInner(MessageParcel& data, MessageParcel& reply)
395 {
396 int64_t begin = OHOS::GetTickCount();
397 int32_t systemAbilityId = -1;
398 bool ret = data.ReadInt32(systemAbilityId);
399 if (!ret) {
400 return ERR_NULL_OBJECT;
401 }
402 if (!CheckInputSysAbilityId(systemAbilityId)) {
403 HILOGW("CheckSystemAbilityImmeInner read SAId failed!");
404 return ERR_NULL_OBJECT;
405 }
406
407 if (!CheckGetSAPermission(systemAbilityId)) {
408 HILOGD("CheckSystemAbilityImmeInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
409 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
410 return ERR_PERMISSION_DENIED;
411 }
412
413 bool isExist = false;
414 ret = data.ReadBool(isExist);
415 if (!ret) {
416 HILOGW("CheckSystemAbilityImmeInner read isExist failed!");
417 return ERR_FLATTEN_OBJECT;
418 }
419 SamgrXCollie samgrXCollie("samgr--CheckSAImme_" + ToString(systemAbilityId));
420 sptr<IRemoteObject> remoteObject = CheckSystemAbility(systemAbilityId, isExist);
421 if (remoteObject == nullptr) {
422 HILOGD("CheckSystemAbilityImmeInner SA:%{public}d CheckSystemAbility failed.", systemAbilityId);
423 return ERR_NULL_OBJECT;
424 }
425 ret = reply.WriteRemoteObject(remoteObject);
426 if (!ret) {
427 HILOGE("CheckSystemAbilityImmeInner SA:%{public}d, callpid:%{public}d, write obj fail, spend %{public}"
428 PRId64 " ms", systemAbilityId, OHOS::IPCSkeleton::GetCallingPid(), OHOS::GetTickCount() - begin);
429 return ERR_FLATTEN_OBJECT;
430 }
431
432 ret = reply.WriteBool(isExist);
433 if (!ret) {
434 HILOGW("CheckSystemAbilityImmeInner write reply failed.");
435 return ERR_FLATTEN_OBJECT;
436 }
437
438 return ERR_NONE;
439 }
440
UnmarshalingSaExtraProp(MessageParcel & data,SAExtraProp & extraProp)441 int32_t SystemAbilityManagerStub::UnmarshalingSaExtraProp(MessageParcel& data, SAExtraProp& extraProp)
442 {
443 bool isDistributed = false;
444 bool ret = data.ReadBool(isDistributed);
445 if (!ret) {
446 HILOGW("UnmarshalingSaExtraProp read isDistributed failed!");
447 return ERR_FLATTEN_OBJECT;
448 }
449
450 int32_t dumpFlags = 0;
451 ret = data.ReadInt32(dumpFlags);
452 if (!ret || dumpFlags < 0) {
453 HILOGW("UnmarshalingSaExtraProp dumpFlags failed!");
454 return ERR_FLATTEN_OBJECT;
455 }
456 std::u16string capability = data.ReadString16();
457 std::u16string permission = data.ReadString16();
458 extraProp.isDistributed = isDistributed;
459 extraProp.dumpFlags = static_cast<uint32_t>(dumpFlags);
460 extraProp.capability = capability;
461 extraProp.permission = permission;
462 return ERR_OK;
463 }
464
AddSystemAbilityInner(MessageParcel & data,MessageParcel & reply)465 int32_t SystemAbilityManagerStub::AddSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
466 {
467 if (!CanRequest()) {
468 KHILOGE("AddSystemAbilityInner PERMISSION DENIED!");
469 return ERR_PERMISSION_DENIED;
470 }
471 int32_t systemAbilityId = -1;
472 bool ret = data.ReadInt32(systemAbilityId);
473 if (!ret) {
474 return ERR_NULL_OBJECT;
475 }
476 if (!CheckInputSysAbilityId(systemAbilityId)) {
477 KHILOGW("AddSystemAbilityExtraInner read SAId failed!");
478 return ERR_NULL_OBJECT;
479 }
480
481 if (!CheckAddOrRemovePermission(systemAbilityId)) {
482 KHILOGE("AddSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
483 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
484 return ERR_PERMISSION_DENIED;
485 }
486
487 auto object = data.ReadRemoteObject();
488 if (object == nullptr) {
489 KHILOGW("AddSystemAbilityExtraInner readParcelable failed!");
490 return ERR_NULL_OBJECT;
491 }
492 SAExtraProp extraProp;
493 int32_t result = UnmarshalingSaExtraProp(data, extraProp);
494 if (result != ERR_OK) {
495 KHILOGW("AddSystemAbilityExtraInner UnmarshalingSaExtraProp failed!");
496 return result;
497 }
498 result = AddSystemAbility(systemAbilityId, object, extraProp);
499 ret = reply.WriteInt32(result);
500 if (!ret) {
501 KHILOGW("AddSystemAbilityExtraInner write reply failed.");
502 return ERR_FLATTEN_OBJECT;
503 }
504 return result;
505 }
506
GetSystemAbilityInner(MessageParcel & data,MessageParcel & reply)507 int32_t SystemAbilityManagerStub::GetSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
508 {
509 int32_t systemAbilityId = -1;
510 bool ret = data.ReadInt32(systemAbilityId);
511 if (!ret) {
512 return ERR_NULL_OBJECT;
513 }
514 if (!CheckInputSysAbilityId(systemAbilityId)) {
515 HILOGW("GetSystemAbilityInner read SAId failed!");
516 return ERR_NULL_OBJECT;
517 }
518
519 if (!CheckGetSAPermission(systemAbilityId)) {
520 HILOGE("GetSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
521 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
522 return ERR_PERMISSION_DENIED;
523 }
524 sptr<IRemoteObject> remoteObject = GetSystemAbility(systemAbilityId);
525 if (remoteObject == nullptr) {
526 HILOGD("GetSystemAbilityInner SA:%{public}d GetSystemAbility failed.", systemAbilityId);
527 return ERR_NULL_OBJECT;
528 }
529 ret = reply.WriteRemoteObject(remoteObject);
530 if (!ret) {
531 HILOGE("GetSystemAbilityInner SA:%{public}d write reply failed.", systemAbilityId);
532 return ERR_FLATTEN_OBJECT;
533 }
534 return ERR_NONE;
535 }
536
CheckSystemAbilityInner(MessageParcel & data,MessageParcel & reply)537 int32_t SystemAbilityManagerStub::CheckSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
538 {
539 int32_t systemAbilityId = -1;
540 bool ret = data.ReadInt32(systemAbilityId);
541 if (!ret) {
542 return ERR_NULL_OBJECT;
543 }
544 if (!CheckInputSysAbilityId(systemAbilityId)) {
545 HILOGW("CheckSystemAbilityInner read SAId failed!");
546 return ERR_NULL_OBJECT;
547 }
548
549 if (!CheckGetSAPermission(systemAbilityId)) {
550 HILOGD("CheckSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
551 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
552 return ERR_PERMISSION_DENIED;
553 }
554 sptr<IRemoteObject> remoteObject = CheckSystemAbility(systemAbilityId);
555 if (remoteObject == nullptr) {
556 HILOGD("CheckSystemAbilityInner SA:%{public}d CheckSystemAbility failed.", systemAbilityId);
557 return ERR_NULL_OBJECT;
558 }
559 ret = reply.WriteRemoteObject(remoteObject);
560 if (!ret) {
561 HILOGE("CheckSystemAbilityInner SA:%{public}d write reply failed.", systemAbilityId);
562 return ERR_FLATTEN_OBJECT;
563 }
564 return ERR_NONE;
565 }
566
RemoveSystemAbilityInner(MessageParcel & data,MessageParcel & reply)567 int32_t SystemAbilityManagerStub::RemoveSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
568 {
569 if (!CanRequest()) {
570 HILOGE("RemoveSystemAbilityInner PERMISSION DENIED!");
571 return ERR_PERMISSION_DENIED;
572 }
573 int32_t systemAbilityId = -1;
574 bool ret = data.ReadInt32(systemAbilityId);
575 if (!ret) {
576 return ERR_NULL_OBJECT;
577 }
578 if (!CheckInputSysAbilityId(systemAbilityId)) {
579 HILOGW("RemoveSystemAbilityInner read SAId failed!");
580 return ERR_NULL_OBJECT;
581 }
582
583 if (!CheckAddOrRemovePermission(systemAbilityId)) {
584 HILOGE("RemoveSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
585 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
586 return ERR_PERMISSION_DENIED;
587 }
588
589 int32_t result = RemoveSystemAbility(systemAbilityId);
590 ret = reply.WriteInt32(result);
591 if (!ret) {
592 HILOGW("RemoveSystemAbilityInner write reply failed.");
593 return ERR_FLATTEN_OBJECT;
594 }
595 return result;
596 }
597
598
AddSystemProcessInner(MessageParcel & data,MessageParcel & reply)599 int32_t SystemAbilityManagerStub::AddSystemProcessInner(MessageParcel& data, MessageParcel& reply)
600 {
601 if (!CanRequest()) {
602 HILOGE("AddSystemProcessInner PERMISSION DENIED!");
603 return ERR_PERMISSION_DENIED;
604 }
605 std::u16string procName = data.ReadString16();
606 if (procName.empty()) {
607 HILOGW("AddSystemProcessInner read procName failed!");
608 return ERR_NULL_OBJECT;
609 }
610
611 sptr<IRemoteObject> procObject = data.ReadRemoteObject();
612 if (procObject == nullptr) {
613 HILOGW("AddSystemProcessInner readParcelable failed!");
614 return ERR_NULL_OBJECT;
615 }
616
617 int32_t result = AddSystemProcess(procName, procObject);
618 bool ret = reply.WriteInt32(result);
619 if (!ret) {
620 HILOGW("AddSystemProcessInner write reply failed.");
621 return ERR_FLATTEN_OBJECT;
622 }
623 return result;
624 }
625
LoadSystemAbilityInner(MessageParcel & data,MessageParcel & reply)626 int32_t SystemAbilityManagerStub::LoadSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
627 {
628 int32_t systemAbilityId = -1;
629 bool ret = false;
630 sptr<ISystemAbilityLoadCallback> callback = nullptr;
631 {
632 SamgrXCollie samgrXCollie("samgrStub--loadSa_readData");
633 ret = data.ReadInt32(systemAbilityId);
634 if (!ret) {
635 HILOGW("LoadSystemAbilityInner read SAId failed!");
636 return ERR_INVALID_VALUE;
637 }
638 std::string loadSystemAbilityTag = ToString(systemAbilityId) + "_LoadSystemAbility";
639 HITRACE_METER_NAME(HITRACE_TAG_SAMGR, loadSystemAbilityTag);
640 if (!CheckInputSysAbilityId(systemAbilityId)) {
641 HILOGW("LoadSystemAbilityInner check SAId failed!");
642 return ERR_INVALID_VALUE;
643 }
644
645 if (!CheckGetSAPermission(systemAbilityId)) {
646 HILOGE("LoadSystemAbilityInner selinux permission denied!SA:%{public}d,callSid:%{public}s",
647 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
648 return ERR_PERMISSION_DENIED;
649 }
650
651 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
652 if (remoteObject == nullptr) {
653 HILOGW("LoadSystemAbilityInner read callback failed!");
654 return ERR_INVALID_VALUE;
655 }
656 callback = iface_cast<ISystemAbilityLoadCallback>(remoteObject);
657 if (callback == nullptr) {
658 HILOGW("LoadSystemAbilityInner iface_cast failed!");
659 return ERR_INVALID_VALUE;
660 }
661 }
662
663 int32_t result = LoadSystemAbility(systemAbilityId, callback);
664 if (result != ERR_OK) {
665 ReportSamgrSaLoadFail(systemAbilityId, IPCSkeleton::GetCallingPid(), IPCSkeleton::GetCallingUid(),
666 "interface load err:" + ToString(result));
667 HILOGE("loadSaInner fail ret:%{public}d", result);
668 }
669 HILOGD("LoadSystemAbilityInner result is %{public}d", result);
670 {
671 SamgrXCollie samgrXCollie("samgrStub--loadSa_writeResult_" + ToString(systemAbilityId));
672 ret = reply.WriteInt32(result);
673 }
674 if (!ret) {
675 HILOGW("LoadSystemAbilityInner write reply failed.");
676 return ERR_FLATTEN_OBJECT;
677 }
678 return result;
679 }
680
LoadRemoteSystemAbilityInner(MessageParcel & data,MessageParcel & reply)681 int32_t SystemAbilityManagerStub::LoadRemoteSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
682 {
683 int32_t systemAbilityId = -1;
684 bool ret = false;
685 std::string deviceId = "";
686 sptr<IRemoteObject> remoteObject = nullptr;
687 sptr<ISystemAbilityLoadCallback> callback = nullptr;
688 {
689 SamgrXCollie samgrXCollie("samgrStub--loadRmtSa_readData");
690 ret = data.ReadInt32(systemAbilityId);
691 if (!ret) {
692 HILOGW("LoadRemoteSystemAbilityInner read SAId invalid");
693 return ERR_INVALID_VALUE;
694 }
695 if (!CheckInputSysAbilityId(systemAbilityId)) {
696 HILOGW("LoadRemoteSystemAbilityInner check SAId invalid");
697 return ERR_INVALID_VALUE;
698 }
699
700 if (!CheckGetRemoteSAPermission(systemAbilityId)) {
701 HILOGE("LoadRemoteSystemAbilityInner selinux permission denied! SA:%{public}d,callSid:%{public}s",
702 systemAbilityId, OHOS::IPCSkeleton::GetCallingSid().c_str());
703 return ERR_PERMISSION_DENIED;
704 }
705
706 deviceId = data.ReadString();
707 if (deviceId.empty()) {
708 HILOGW("LoadRemoteSystemAbilityInner read deviceId failed");
709 return ERR_INVALID_VALUE;
710 }
711 remoteObject = data.ReadRemoteObject();
712 if (remoteObject == nullptr) {
713 HILOGW("LoadRemoteSystemAbilityInner read callback failed!");
714 return ERR_INVALID_VALUE;
715 }
716 callback = iface_cast<ISystemAbilityLoadCallback>(remoteObject);
717 if (callback == nullptr) {
718 HILOGW("LoadRemoteSystemAbilityInner iface_cast failed!");
719 return ERR_INVALID_VALUE;
720 }
721 }
722
723 int32_t result = LoadSystemAbility(systemAbilityId, deviceId, callback);
724 HILOGD("LoadRemoteSystemAbilityInner result is %{public}d", result);
725 {
726 SamgrXCollie samgrXCollie("samgrStub--loadRmtSa_writeResult_" + ToString(systemAbilityId));
727 ret = reply.WriteInt32(result);
728 }
729 if (!ret) {
730 HILOGW("LoadRemoteSystemAbilityInner write reply failed.");
731 return ERR_FLATTEN_OBJECT;
732 }
733 return result;
734 }
735
UnloadSystemAbilityInner(MessageParcel & data,MessageParcel & reply)736 int32_t SystemAbilityManagerStub::UnloadSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
737 {
738 int32_t systemAbilityId = -1;
739 bool ret = false;
740 {
741 SamgrXCollie samgrXCollie("samgrStub--unloadSa_readData");
742 ret = data.ReadInt32(systemAbilityId);
743 if (!ret) {
744 HILOGW("UnloadSystemAbilityInner read SAId invalid");
745 return ERR_INVALID_VALUE;
746 }
747 if (!CheckInputSysAbilityId(systemAbilityId)) {
748 HILOGW("UnloadSystemAbilityInner check SAId invalid");
749 return ERR_INVALID_VALUE;
750 }
751 }
752
753 int32_t result = UnloadSystemAbility(systemAbilityId);
754 if (result != ERR_OK) {
755 ReportSaUnLoadFail(systemAbilityId, IPCSkeleton::GetCallingPid(), IPCSkeleton::GetCallingUid(),
756 "interface unload err:" + ToString(result));
757 HILOGE("unloadSa fail ret:%{public}d", result);
758 }
759 HILOGD("UnloadSystemAbilityInner result is %{public}d", result);
760 {
761 SamgrXCollie samgrXCollie("samgrStub--unloadSa_writeResult_" + ToString(systemAbilityId));
762 ret = reply.WriteInt32(result);
763 }
764 if (!ret) {
765 HILOGW("UnloadSystemAbilityInner write reply failed.");
766 return ERR_FLATTEN_OBJECT;
767 }
768 return result;
769 }
770
UnloadAllIdleSystemAbilityInner(MessageParcel & data,MessageParcel & reply)771 int32_t SystemAbilityManagerStub::UnloadAllIdleSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
772 {
773 int32_t result = UnloadAllIdleSystemAbility();
774 HILOGI("UnloadAllIdleSystemAbilityInner result is %{public}d", result);
775 return result;
776 }
777
GetSystemProcessInfoInner(MessageParcel & data,MessageParcel & reply)778 int32_t SystemAbilityManagerStub::GetSystemProcessInfoInner(MessageParcel& data, MessageParcel& reply)
779 {
780 HILOGI("GetSystemProcessInfoInner called");
781 if (!CanRequest()) {
782 HILOGE("GetSystemProcessInfoInner PERMISSION DENIED!");
783 return ERR_PERMISSION_DENIED;
784 }
785 int32_t systemAbilityId = -1;
786 bool ret = data.ReadInt32(systemAbilityId);
787 if (!ret) {
788 return ERR_NULL_OBJECT;
789 }
790 if (!CheckInputSysAbilityId(systemAbilityId)) {
791 HILOGW("GetSystemProcessInfoInner read SAId failed!");
792 return ERR_NULL_OBJECT;
793 }
794 SystemProcessInfo processInfo;
795 int32_t result = GetSystemProcessInfo(systemAbilityId, processInfo);
796 ret = reply.WriteInt32(result);
797 if (!ret) {
798 HILOGW("GetSystemProcessInfoInner write reply failed.");
799 return ERR_FLATTEN_OBJECT;
800 }
801 if (result != ERR_OK) {
802 return ERR_OK;
803 }
804
805 ret = reply.WriteString(processInfo.processName);
806 if (!ret) {
807 HILOGW("GetSystemProcessInfoInner write procName failed.");
808 return ERR_FLATTEN_OBJECT;
809 }
810 ret = reply.WriteInt32(processInfo.pid);
811 if (!ret) {
812 HILOGW("GetSystemProcessInfoInner write pid failed.");
813 return ERR_FLATTEN_OBJECT;
814 }
815 ret = reply.WriteInt32(processInfo.uid);
816 if (!ret) {
817 HILOGW("GetSystemProcessInfoInner write uid failed.");
818 return ERR_FLATTEN_OBJECT;
819 }
820 return ERR_OK;
821 }
822
GetRunningSystemProcessInner(MessageParcel & data,MessageParcel & reply)823 int32_t SystemAbilityManagerStub::GetRunningSystemProcessInner(MessageParcel& data, MessageParcel& reply)
824 {
825 HILOGI("GetRunningSystemProcessInner called");
826 if (!CanRequest()) {
827 HILOGE("GetRunningSystemProcessInner PERMISSION DENIED!");
828 return ERR_PERMISSION_DENIED;
829 }
830 std::list<SystemProcessInfo> systemProcessInfos;
831 int32_t result = GetRunningSystemProcess(systemProcessInfos);
832 bool ret = reply.WriteInt32(result);
833 if (!ret) {
834 HILOGW("GetRunningSystemProcessInner write reply failed.");
835 return ERR_FLATTEN_OBJECT;
836 }
837 if (result != ERR_OK) {
838 return ERR_OK;
839 }
840
841 size_t size = systemProcessInfos.size();
842 ret = reply.WriteInt32(size);
843 if (!ret) {
844 HILOGW("GetRunningSystemProcessInner write ProcInfos size failed.");
845 return ERR_FLATTEN_OBJECT;
846 }
847 for (auto& systemProcessInfo : systemProcessInfos) {
848 ret = reply.WriteString(systemProcessInfo.processName);
849 if (!ret) {
850 HILOGW("GetRunningSystemProcessInner write procName failed.");
851 return ERR_FLATTEN_OBJECT;
852 }
853 ret = reply.WriteInt32(systemProcessInfo.pid);
854 if (!ret) {
855 HILOGW("GetRunningSystemProcessInner write pid failed.");
856 return ERR_FLATTEN_OBJECT;
857 }
858 ret = reply.WriteInt32(systemProcessInfo.uid);
859 if (!ret) {
860 HILOGW("GetRunningSystemProcessInner write uid failed.");
861 return ERR_FLATTEN_OBJECT;
862 }
863 }
864 return ERR_OK;
865 }
866
SubscribeSystemProcessInner(MessageParcel & data,MessageParcel & reply)867 int32_t SystemAbilityManagerStub::SubscribeSystemProcessInner(MessageParcel& data, MessageParcel& reply)
868 {
869 if (!CanRequest()) {
870 HILOGE("SubscribeSystemProcessInner PERMISSION DENIED!");
871 return ERR_PERMISSION_DENIED;
872 }
873 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
874 if (remoteObject == nullptr) {
875 HILOGW("SubscribeSystemProcessInner read listener failed!");
876 return ERR_NULL_OBJECT;
877 }
878 sptr<ISystemProcessStatusChange> listener = iface_cast<ISystemProcessStatusChange>(remoteObject);
879 if (listener == nullptr) {
880 HILOGW("SubscribeSystemProcessInner iface_cast failed!");
881 return ERR_NULL_OBJECT;
882 }
883 int32_t result = SubscribeSystemProcess(listener);
884 HILOGD("SubscribeSystemProcess result is %{public}d", result);
885 bool ret = reply.WriteInt32(result);
886 if (!ret) {
887 HILOGW("SubscribeSystemProcessInner write reply failed.");
888 return ERR_FLATTEN_OBJECT;
889 }
890 return result;
891 }
892
UnSubscribeSystemProcessInner(MessageParcel & data,MessageParcel & reply)893 int32_t SystemAbilityManagerStub::UnSubscribeSystemProcessInner(MessageParcel& data, MessageParcel& reply)
894 {
895 if (!CanRequest()) {
896 HILOGE("UnSubscribeSystemProcessInner PERMISSION DENIED!");
897 return ERR_PERMISSION_DENIED;
898 }
899 sptr<IRemoteObject> remoteObject = data.ReadRemoteObject();
900 if (remoteObject == nullptr) {
901 HILOGW("UnSubscribeSystemProcessInner read listener failed!");
902 return ERR_NULL_OBJECT;
903 }
904 sptr<ISystemProcessStatusChange> listener = iface_cast<ISystemProcessStatusChange>(remoteObject);
905 if (listener == nullptr) {
906 HILOGW("UnSubscribeSystemProcessInner iface_cast failed!");
907 return ERR_NULL_OBJECT;
908 }
909 int32_t result = UnSubscribeSystemProcess(listener);
910 HILOGD("UnSubscribeSystemProcessInner result is %{public}d", result);
911 bool ret = reply.WriteInt32(result);
912 if (!ret) {
913 HILOGW("UnSubscribeSystemProcessInner write reply failed.");
914 return ERR_FLATTEN_OBJECT;
915 }
916 return result;
917 }
918
CancelUnloadSystemAbilityInner(MessageParcel & data,MessageParcel & reply)919 int32_t SystemAbilityManagerStub::CancelUnloadSystemAbilityInner(MessageParcel& data, MessageParcel& reply)
920 {
921 int32_t systemAbilityId = -1;
922 bool ret = data.ReadInt32(systemAbilityId);
923 if (!ret) {
924 return ERR_INVALID_VALUE;
925 }
926 if (!CheckInputSysAbilityId(systemAbilityId)) {
927 HILOGW("CancelUnloadSystemAbilityInner SAId invalid");
928 return ERR_INVALID_VALUE;
929 }
930 int32_t result = CancelUnloadSystemAbility(systemAbilityId);
931 HILOGD("CancelUnloadSystemAbilityInner result is %{public}d", result);
932 ret = reply.WriteInt32(result);
933 if (!ret) {
934 HILOGW("CancelUnloadSystemAbilityInner write reply failed.");
935 return ERR_FLATTEN_OBJECT;
936 }
937 return result;
938 }
939
GetOnDemandReasonExtraDataInner(MessageParcel & data,MessageParcel & reply)940 int32_t SystemAbilityManagerStub::GetOnDemandReasonExtraDataInner(MessageParcel& data, MessageParcel& reply)
941 {
942 if (!CanRequest()) {
943 HILOGE("GetOnDemandReasonExtraData PERMISSION DENIED!");
944 return ERR_PERMISSION_DENIED;
945 }
946 int64_t extraDataId = -1;
947 if (!data.ReadInt64(extraDataId)) {
948 HILOGW("GetOnDemandReasonExtraData read extraDataId failed.");
949 return ERR_FLATTEN_OBJECT;
950 }
951 MessageParcel extraDataParcel;
952 int32_t result = GetOnDemandReasonExtraData(extraDataId, extraDataParcel);
953 HILOGD("GetOnDemandReasonExtraData result is %{public}d", result);
954 if (!reply.WriteInt32(result)) {
955 HILOGW("GetOnDemandReasonExtraData write reply failed.");
956 return ERR_FLATTEN_OBJECT;
957 }
958 sptr<OnDemandReasonExtraData> extraData;
959 extraData = extraDataParcel.ReadParcelable<OnDemandReasonExtraData>();
960 if (extraData == nullptr) {
961 HILOGW("GetOnDemandReasonExtraData read extraData failed.");
962 return ERR_FLATTEN_OBJECT;
963 }
964 if (!reply.WriteParcelable(extraData)) {
965 HILOGW("GetOnDemandReasonExtraData write extraData failed.");
966 return ERR_FLATTEN_OBJECT;
967 }
968 return ERR_OK;
969 }
970
GetOnDemandPolicyInner(MessageParcel & data,MessageParcel & reply)971 int32_t SystemAbilityManagerStub::GetOnDemandPolicyInner(MessageParcel& data, MessageParcel& reply)
972 {
973 if (!CanRequest()) {
974 HILOGE("GetOnDemandPolicyInner PERMISSION DENIED!");
975 return ERR_PERMISSION_DENIED;
976 }
977 int32_t systemAbilityId = -1;
978 if (!data.ReadInt32(systemAbilityId)) {
979 HILOGW("GetOnDemandPolicyInner read saId failed.");
980 return ERR_FLATTEN_OBJECT;
981 }
982 int32_t type = 0;
983 if (!data.ReadInt32(type)) {
984 HILOGW("GetOnDemandPolicyInner read type failed.");
985 return ERR_FLATTEN_OBJECT;
986 }
987 OnDemandPolicyType typeEnum = static_cast<OnDemandPolicyType>(type);
988 std::vector<SystemAbilityOnDemandEvent> abilityOnDemandEvents;
989 int32_t result = GetOnDemandPolicy(systemAbilityId, typeEnum, abilityOnDemandEvents);
990 if (!reply.WriteInt32(result)) {
991 HILOGW("GetOnDemandPolicyInner write result failed.");
992 return ERR_FLATTEN_OBJECT;
993 }
994 if (!OnDemandEventToParcel::WriteOnDemandEventsToParcel(abilityOnDemandEvents, reply)) {
995 HILOGW("GetOnDemandPolicyInner write on demand event failed.");
996 return ERR_FLATTEN_OBJECT;
997 }
998 return ERR_OK;
999 }
1000
UpdateOnDemandPolicyInner(MessageParcel & data,MessageParcel & reply)1001 int32_t SystemAbilityManagerStub::UpdateOnDemandPolicyInner(MessageParcel& data, MessageParcel& reply)
1002 {
1003 if (!CanRequest()) {
1004 HILOGE("UpdateOnDemandPolicyInner PERMISSION DENIED!");
1005 return ERR_PERMISSION_DENIED;
1006 }
1007 int32_t systemAbilityId = -1;
1008 if (!data.ReadInt32(systemAbilityId)) {
1009 HILOGW("UpdateOnDemandPolicyInner read saId failed.");
1010 return ERR_FLATTEN_OBJECT;
1011 }
1012 int32_t type = 0;
1013 if (!data.ReadInt32(type)) {
1014 HILOGW("GetOnDemandPolicyInner read type failed.");
1015 return ERR_FLATTEN_OBJECT;
1016 }
1017 OnDemandPolicyType typeEnum = static_cast<OnDemandPolicyType>(type);
1018 std::vector<SystemAbilityOnDemandEvent> abilityOnDemandEvents;
1019 if (!OnDemandEventToParcel::ReadOnDemandEventsFromParcel(abilityOnDemandEvents, data)) {
1020 HILOGW("UpdateOnDemandPolicyInner read on demand event failed.");
1021 return ERR_FLATTEN_OBJECT;
1022 }
1023 int32_t result = UpdateOnDemandPolicy(systemAbilityId, typeEnum, abilityOnDemandEvents);
1024 if (!reply.WriteInt32(result)) {
1025 HILOGW("UpdateOnDemandPolicyInner write result failed.");
1026 return ERR_FLATTEN_OBJECT;
1027 }
1028 return ERR_OK;
1029 }
1030
SendStrategyInner(MessageParcel & data,MessageParcel & reply)1031 int32_t SystemAbilityManagerStub::SendStrategyInner(MessageParcel& data, MessageParcel& reply)
1032 {
1033 if (!CanRequest()) {
1034 HILOGE("SendStrategy PERMISSION DENIED!");
1035 return ERR_PERMISSION_DENIED;
1036 }
1037 int32_t type = 0;
1038 if (!data.ReadInt32(type)) {
1039 HILOGW("SendStrategy read type failed.");
1040 return ERR_FLATTEN_OBJECT;
1041 }
1042 std::vector<int32_t> systemAbilityIds;
1043 if (!data.ReadInt32Vector(&systemAbilityIds)) {
1044 HILOGW("SendStrategy read saId failed.");
1045 return ERR_FLATTEN_OBJECT;
1046 }
1047 int32_t level = -1;
1048 if (!data.ReadInt32(level)) {
1049 HILOGW("SendStrategy read level failed.");
1050 return ERR_FLATTEN_OBJECT;
1051 }
1052 std::string action;
1053 if (!data.ReadString(action)) {
1054 HILOGW("SendStrategy read action failed!");
1055 return ERR_FLATTEN_OBJECT;
1056 }
1057 int32_t result = SendStrategy(type, systemAbilityIds, level, action);
1058 if (!reply.WriteInt32(result)) {
1059 HILOGW("SendStrategy write result failed.");
1060 return ERR_FLATTEN_OBJECT;
1061 }
1062 return ERR_OK;
1063 }
1064
GetOnDemandSystemAbilityIdsInner(MessageParcel & data,MessageParcel & reply)1065 int32_t SystemAbilityManagerStub::GetOnDemandSystemAbilityIdsInner(MessageParcel& data, MessageParcel& reply)
1066 {
1067 std::vector<int32_t> systemAbilityIds;
1068 int32_t result = GetOnDemandSystemAbilityIds(systemAbilityIds);
1069 if (result != ERR_OK) {
1070 HILOGW("GetOnDemandSystemAbilityIds failed, ret:%{public}d", result);
1071 return result;
1072 }
1073 if (!reply.WriteInt32(result)) {
1074 HILOGE("GetOnDemandSystemAbilityIdsInner write result failed.");
1075 return ERR_FLATTEN_OBJECT;
1076 }
1077 if (!reply.WriteInt32Vector(systemAbilityIds)) {
1078 HILOGE("GetOnDemandSystemAbilityIdsInner write result failed.");
1079 return ERR_FLATTEN_OBJECT;
1080 }
1081 return ERR_OK;
1082 }
1083
CanRequest()1084 bool SystemAbilityManagerStub::CanRequest()
1085 {
1086 auto tid = IPCSkeleton::GetCallingTokenID();
1087 AccessToken::ATokenTypeEnum tokenType = AccessToken::AccessTokenKit::GetTokenTypeFlag(tid);
1088 HILOGD("CanRequest callingTkid:%{private}u, tokenType:%{public}d",
1089 tid, tokenType);
1090 return (tokenType == AccessToken::ATokenTypeEnum::TOKEN_NATIVE);
1091 }
1092
CheckPermission(const std::string & permission)1093 bool SystemAbilityManagerStub::CheckPermission(const std::string& permission)
1094 {
1095 uint32_t accessToken = IPCSkeleton::GetCallingTokenID();
1096 int32_t ret = Security::AccessToken::AccessTokenKit::VerifyAccessToken(accessToken, permission);
1097 return (ret == Security::AccessToken::PermissionState::PERMISSION_GRANTED);
1098 }
1099
GetExtensionSaIdsInner(MessageParcel & data,MessageParcel & reply)1100 int32_t SystemAbilityManagerStub::GetExtensionSaIdsInner(MessageParcel& data, MessageParcel& reply)
1101 {
1102 if (!CanRequest()) {
1103 HILOGE("%{public}s PERMISSION DENIED!", __func__);
1104 return ERR_PERMISSION_DENIED;
1105 }
1106 std::string extension;
1107 if (!data.ReadString(extension)) {
1108 HILOGW("%{public}s read extension failed!", __func__);
1109 return ERR_FLATTEN_OBJECT;
1110 }
1111
1112 std::vector<int32_t> saIds;
1113 int32_t result = GetExtensionSaIds(extension, saIds);
1114 if (result != ERR_OK) {
1115 HILOGW("GetExtensionSaIds failed, ret:%{public}d", result);
1116 return result;
1117 }
1118 if (!reply.WriteInt32(result)) {
1119 HILOGW("%{public}s write reply failed.", __func__);
1120 return ERR_FLATTEN_OBJECT;
1121 }
1122 if (!reply.WriteInt32Vector(saIds)) {
1123 HILOGW("%{public}s write saids reply failed.", __func__);
1124 return ERR_FLATTEN_OBJECT;
1125 }
1126
1127 return ERR_NONE;
1128 }
1129
GetExtensionRunningSaListInner(MessageParcel & data,MessageParcel & reply)1130 int32_t SystemAbilityManagerStub::GetExtensionRunningSaListInner(MessageParcel& data, MessageParcel& reply)
1131 {
1132 if (!CanRequest()) {
1133 HILOGE("%{public}s PERMISSION DENIED!", __func__);
1134 return ERR_PERMISSION_DENIED;
1135 }
1136 std::string extension;
1137 if (!data.ReadString(extension)) {
1138 HILOGW("%{public}s read extension failed!", __func__);
1139 return ERR_FLATTEN_OBJECT;
1140 }
1141
1142 std::vector<sptr<IRemoteObject>> saList;
1143 int32_t result = GetExtensionRunningSaList(extension, saList);
1144 if (result != ERR_OK) {
1145 HILOGW("GetExtensionRunningSaList failed, ret:%{public}d", result);
1146 return result;
1147 }
1148 if (!reply.WriteInt32(result)) {
1149 HILOGW("%{public}s write reply failed.", __func__);
1150 return ERR_FLATTEN_OBJECT;
1151 }
1152 if (!reply.WriteInt32(saList.size())) {
1153 HILOGW("%{public}s write saHandle size failed.", __func__);
1154 return ERR_FLATTEN_OBJECT;
1155 }
1156 for (auto& remoteObject : saList) {
1157 if (!reply.WriteRemoteObject(remoteObject)) {
1158 HILOGW("%{public}s write remote obj failed.", __func__);
1159 return ERR_FLATTEN_OBJECT;
1160 }
1161 }
1162
1163 return ERR_NONE;
1164 }
1165
GetRunningSaExtensionInfoListInner(MessageParcel & data,MessageParcel & reply)1166 int32_t SystemAbilityManagerStub::GetRunningSaExtensionInfoListInner(MessageParcel& data, MessageParcel& reply)
1167 {
1168 if (!CheckPermission(EXT_TRANSACTION_PERMISSION)) {
1169 HILOGE("get SaExtInfoList CheckPermission fail!");
1170 return ERR_PERMISSION_DENIED;
1171 }
1172 std::string extension;
1173 if (!data.ReadString(extension)) {
1174 HILOGE("get SaExtInfoList read extension failed!");
1175 return ERR_FLATTEN_OBJECT;
1176 }
1177
1178 std::vector<SaExtensionInfo> infoList;
1179 int32_t result = GetRunningSaExtensionInfoList(extension, infoList);
1180 if (!reply.WriteInt32(result)) {
1181 HILOGE("get SaExtInfoList write ret failed.");
1182 return ERR_FLATTEN_OBJECT;
1183 }
1184 if (result != ERR_OK) {
1185 HILOGE("get SaExtInfoList failed,ret:%{public}d", result);
1186 return result;
1187 }
1188 if (!reply.WriteInt32(infoList.size())) {
1189 HILOGE("get SaExtInfoList write size failed.");
1190 return ERR_FLATTEN_OBJECT;
1191 }
1192 for (auto& tmp : infoList) {
1193 if (!reply.WriteInt32(tmp.saId)) {
1194 HILOGE("get SaExtInfoList write said failed.");
1195 return ERR_FLATTEN_OBJECT;
1196 }
1197 if (!reply.WriteRemoteObject(tmp.processObj)) {
1198 HILOGE("get SaExtInfoList write obj failed.");
1199 return ERR_FLATTEN_OBJECT;
1200 }
1201 }
1202 return ERR_NONE;
1203 }
1204
GetCommonEventExtraDataIdlistInner(MessageParcel & data,MessageParcel & reply)1205 int32_t SystemAbilityManagerStub::GetCommonEventExtraDataIdlistInner(MessageParcel& data, MessageParcel& reply)
1206 {
1207 if (!CanRequest()) {
1208 HILOGE("getExtraIdList PERMISSION DENIED!");
1209 return ERR_PERMISSION_DENIED;
1210 }
1211 int32_t saId = -1;
1212 if (!data.ReadInt32(saId)) {
1213 HILOGE("getExtraIdList read said fail!");
1214 return ERR_NULL_OBJECT;
1215 }
1216 if (!CheckInputSysAbilityId(saId)) {
1217 HILOGW("getExtraIdList check SAId failed!");
1218 return ERR_NULL_OBJECT;
1219 }
1220 std::string eventName;
1221 if (!data.ReadString(eventName)) {
1222 HILOGW("getExtraIdList read eventName failed!");
1223 return ERR_FLATTEN_OBJECT;
1224 }
1225
1226 std::vector<int64_t> extraDataIdList;
1227 int32_t result = GetCommonEventExtraDataIdlist(saId, extraDataIdList, eventName);
1228 if (!reply.WriteInt32(result)) {
1229 HILOGW("getExtraIdList write result failed.");
1230 return ERR_FLATTEN_OBJECT;
1231 }
1232 if (result != ERR_OK) {
1233 HILOGE("getExtraIdList failed,ret:%{public}d", result);
1234 return result;
1235 }
1236 if (!reply.WriteInt64Vector(extraDataIdList)) {
1237 HILOGW("getExtraIdList write idlist failed.");
1238 return ERR_FLATTEN_OBJECT;
1239 }
1240 return ERR_NONE;
1241 }
1242 } // namespace OHOS
1243