4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Bumjin Im <bj.im@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License
22 #ifndef SECURITY_SERVER_COMMON_H
23 #define SECURITY_SERVER_COMMON_H
25 #include <sys/types.h>
27 /* Definitions *********************************************************/
28 /* Return value. Continuing from return value of the client header file */
29 #define SECURITY_SERVER_SUCCESS 0
30 #define SECURITY_SERVER_ERROR_SOCKET -1
31 #define SECURITY_SERVER_ERROR_BAD_REQUEST -2
32 #define SECURITY_SERVER_ERROR_BAD_RESPONSE -3
33 #define SECURITY_SERVER_ERROR_SEND_FAILED -4
34 #define SECURITY_SERVER_ERROR_RECV_FAILED -5
35 #define SECURITY_SERVER_ERROR_NO_SUCH_OBJECT -6
36 #define SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED -7
37 #define SECURITY_SERVER_ERROR_INPUT_PARAM -8
38 #define SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL -9
39 #define SECURITY_SERVER_ERROR_OUT_OF_MEMORY -10
40 #define SECURITY_SERVER_ERROR_ACCESS_DENIED -11
41 #define SECURITY_SERVER_ERROR_SERVER_ERROR -12
42 #define SECURITY_SERVER_ERROR_NO_SUCH_COOKIE -13
43 #define SECURITY_SERVER_ERROR_NO_PASSWORD -14
44 #define SECURITY_SERVER_ERROR_PASSWORD_EXIST -15
45 #define SECURITY_SERVER_ERROR_PASSWORD_MISMATCH -16
46 #define SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER -17
47 #define SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED -18
48 #define SECURITY_SERVER_ERROR_PASSWORD_EXPIRED -19
49 #define SECURITY_SERVER_ERROR_PASSWORD_REUSED -20
50 #define SECURITY_SERVER_ERROR_SOCKET_BIND -21
51 #define SECURITY_SERVER_ERROR_FILE_OPERATION -22
52 #define SECURITY_SERVER_ERROR_TIMEOUT -23
53 #define SECURITY_SERVER_ERROR_POLL -24
54 #define SECURITY_SERVER_ERROR_UNKNOWN -255
56 /* Miscellaneous Definitions */
57 #define SECURITY_SERVER_SOCK_PATH "/tmp/.security_server.sock"
58 #define SECURITY_SERVER_DEFAULT_COOKIE_PATH "/tmp/.security_server.coo"
59 #define SECURITY_SERVER_DAEMON_PATH "/usr/bin/security-server"
60 #define SECURITY_SERVER_COOKIE_LEN 20
61 #define MAX_OBJECT_LABEL_LEN 32
62 #define MAX_MODE_STR_LEN 16
63 #define SECURITY_SERVER_MAX_OBJ_NAME 30
64 #define SECURITY_SERVER_MSG_VERSION 0x01
65 #define SECURITY_SERVER_ACCEPT_TIMEOUT_MILISECOND 10000
66 #define SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND 3000
67 #define SECURITY_SERVER_DEVELOPER_UID 5100
68 #define SECURITY_SERVER_DEBUG_TOOL_PATH "/usr/bin/debug-util"
69 #define SECURITY_SERVER_KILL_APP_PATH "/usr/bin/kill_app"
70 #define SECURITY_SERVER_DATA_DIRECTORY_PATH "/opt/data/security-server"
71 #define SECURITY_SERVER_ATTEMPT_FILE_NAME "attempts"
72 #define SECURITY_SERVER_HISTORY_FILE_NAME "history"
73 #define SECURITY_SERVER_MAX_PASSWORD_LEN 32
74 #define SECURITY_SERVER_HASHED_PWD_LEN 32 /* SHA256 */
75 #define SECURITY_SERVER_PASSWORD_RETRY_TIMEOUT_SECOND 1 /* Deprecated. Will be removed. */
76 #define SECURITY_SERVER_PASSWORD_RETRY_TIMEOUT_MICROSECOND 500000 /* = 500 milliseconds */
77 #define SECURITY_SERVER_MAX_PASSWORD_HISTORY 50
78 #define SECURITY_SERVER_NUM_THREADS 10
81 #ifndef SECURITY_SERVER_API
82 #define SECURITY_SERVER_API __attribute__((visibility("default")))
87 /* Data types *****************************************************************/
88 /* Cookie List data type */
89 typedef struct _cookie_list
91 unsigned char cookie[SECURITY_SERVER_COOKIE_LEN]; /* 20 bytes random Cookie */
92 int path_len; /* Client process cmd line length */
93 int permission_len; /* Client process permissions (aka group IDs) */
94 pid_t pid; /* Client process's PID */
95 char *path; /* Client process's executable path */
96 int *permissions; /* Array of GID that the client process has */
97 char *smack_label; /* SMACK label of the client process */
98 char is_roots_process; /* Is cookie belongs to roots process */
99 struct _cookie_list *prev; /* Next cookie list */
100 struct _cookie_list *next; /* Previous cookie list */
104 /* Function prototypes ******************************************************/
107 void printhex(const unsigned char *data, int size);
110 #ifdef SECURITY_SERVER_DEBUG_TO_CONSOLE /* debug msg will be printed in console */
111 #define SEC_SVR_DBG(FMT, ARG ...) fprintf(stderr, "[%s:%d] "FMT"\n", \
112 __FILE__, __LINE__, ##ARG)
114 #elif SECURITY_SERVER_DEBUG_DLOG /* debug msg will be printed by dlog daemon */
115 #define LOG_TAG "SECURITY_SERVER"
117 #define SEC_SVR_DBG SLOGD
118 #else /* No debug output */
119 #define SEC_SVR_DBG(FMT, ARG ...) {}