1 /*
2  * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef SECURITY_LABEL_H
17 #define SECURITY_LABEL_H
18 
19 #include <cerrno>
20 #include <memory>
21 #include <set>
22 #include <string>
23 #include <sys/types.h>
24 #include <sys/xattr.h>
25 
26 namespace OHOS {
27 namespace FileManagement {
28 namespace ModuleSecurityLabel {
29 const char XATTR_KEY[] = {"user.security"};
30 const std::string DEFAULT_DATA_LEVEL = "s3";
31 const int DEFAULT_DATA_LENGTH = 2;
32 const std::set<std::string> DATA_LEVEL = {"s0", "s1", "s2", "s3", "s4"};
33 class SecurityLabel {
34 public:
SetSecurityLabel(const std::string & path,const std::string & dataLevel)35     static bool SetSecurityLabel(const std::string &path, const std::string &dataLevel)
36     {
37         if (DATA_LEVEL.count(dataLevel) != 1) {
38             errno = EINVAL;
39             return false;
40         }
41 #ifdef IOS_PLATFORM
42         auto xattrValueSize = getxattr(path.c_str(), XATTR_KEY, nullptr, 0, 0, 0);
43 #else
44         auto xattrValueSize = getxattr(path.c_str(), XATTR_KEY, nullptr, 0);
45 #endif
46         if (xattrValueSize == static_cast<ssize_t>(DEFAULT_DATA_LENGTH)) {
47             char xattrValue[DEFAULT_DATA_LENGTH + 1];
48 #ifdef IOS_PLATFORM
49             xattrValueSize = getxattr(path.c_str(), XATTR_KEY, xattrValue, xattrValueSize, 0, 0);
50 #else
51             xattrValueSize = getxattr(path.c_str(), XATTR_KEY, xattrValue, xattrValueSize);
52 #endif
53             xattrValue[DEFAULT_DATA_LENGTH] = '\0';
54             if (std::string(xattrValue) > dataLevel) {
55                 errno = EINVAL;
56                 return false;
57             }
58         }
59 #ifdef IOS_PLATFORM
60         if (setxattr(path.c_str(), XATTR_KEY, dataLevel.c_str(), dataLevel.size(), 0, 0) < 0) {
61 #else
62         if (setxattr(path.c_str(), XATTR_KEY, dataLevel.c_str(), dataLevel.size(), 0) < 0) {
63 #endif
64             return false;
65         }
66         return true;
67     }
68 
69     static std::string GetSecurityLabel(const std::string &path)
70     {
71 #ifdef IOS_PLATFORM
72         auto xattrValueSize = getxattr(path.c_str(), XATTR_KEY, nullptr, 0, 0, 0);
73 #else
74         auto xattrValueSize = getxattr(path.c_str(), XATTR_KEY, nullptr, 0);
75 #endif
76         if (xattrValueSize == -1 || xattrValueSize == 0) {
77             return DEFAULT_DATA_LEVEL;
78         }
79         std::unique_ptr<char[]> xattrValue = std::make_unique<char[]>((long)xattrValueSize + 1);
80         if (xattrValue == nullptr) {
81             return DEFAULT_DATA_LEVEL;
82         }
83 #ifdef IOS_PLATFORM
84         xattrValueSize = getxattr(path.c_str(), XATTR_KEY, xattrValue.get(), xattrValueSize, 0, 0);
85 #else
86         xattrValueSize = getxattr(path.c_str(), XATTR_KEY, xattrValue.get(), xattrValueSize);
87 #endif
88         if (xattrValueSize == -1 || xattrValueSize == 0) {
89             return DEFAULT_DATA_LEVEL;
90         }
91         return std::string(xattrValue.get());
92     }
93 };
94 } // namespace ModuleSecurityLabel
95 } // namespace FileManagement
96 } // namespace OHOS
97 #endif