src/include/security-server-common.h

   1 /*
   2  *  security-server
   3  *
   4  *  Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
   5  *
   6  *  Contact: Bumjin Im <bj.im@samsung.com>
   7  *
   8  *  Licensed under the Apache License, Version 2.0 (the "License");
   9  *  you may not use this file except in compliance with the License.
  10  *  You may obtain a copy of the License at
  11  *
  12  *      http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  *  Unless required by applicable law or agreed to in writing, software
  15  *  distributed under the License is distributed on an "AS IS" BASIS,
  16  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  17  *  See the License for the specific language governing permissions and
  18  *  limitations under the License
  19  *
  20  */
  21
  22 #ifndef SECURITY_SERVER_COMMON_H
  23 #define SECURITY_SERVER_COMMON_H
  24
  25 #include <sys/types.h>
  26
  27 /* Definitions *********************************************************/
  28 /* Return value. Continuing from return value of the client header file */
  29 #define SECURITY_SERVER_SUCCESS                         0
  30 #define SECURITY_SERVER_ERROR_SOCKET                    -1
  31 #define SECURITY_SERVER_ERROR_BAD_REQUEST               -2
  32 #define SECURITY_SERVER_ERROR_BAD_RESPONSE              -3
  33 #define SECURITY_SERVER_ERROR_SEND_FAILED               -4
  34 #define SECURITY_SERVER_ERROR_RECV_FAILED               -5
  35 #define SECURITY_SERVER_ERROR_NO_SUCH_OBJECT            -6
  36 #define SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED     -7
  37 #define SECURITY_SERVER_ERROR_INPUT_PARAM               -8
  38 #define SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL          -9
  39 #define SECURITY_SERVER_ERROR_OUT_OF_MEMORY             -10
  40 #define SECURITY_SERVER_ERROR_ACCESS_DENIED             -11
  41 #define SECURITY_SERVER_ERROR_SERVER_ERROR              -12
  42 #define SECURITY_SERVER_ERROR_NO_SUCH_COOKIE            -13
  43 #define SECURITY_SERVER_ERROR_NO_PASSWORD               -14
  44 #define SECURITY_SERVER_ERROR_PASSWORD_EXIST            -15
  45 #define SECURITY_SERVER_ERROR_PASSWORD_MISMATCH         -16
  46 #define SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER      -17
  47 #define SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED    -18
  48 #define SECURITY_SERVER_ERROR_PASSWORD_EXPIRED  -19
  49 #define SECURITY_SERVER_ERROR_PASSWORD_REUSED   -20
  50 #define SECURITY_SERVER_ERROR_SOCKET_BIND               -21
  51 #define SECURITY_SERVER_ERROR_FILE_OPERATION            -22
  52 #define SECURITY_SERVER_ERROR_TIMEOUT                   -23
  53 #define SECURITY_SERVER_ERROR_POLL                      -24
  54 #define SECURITY_SERVER_ERROR_UNKNOWN                   -255
  55
  56 /* Miscellaneous Definitions */
  57 #define SECURITY_SERVER_SOCK_PATH                       "/tmp/.security_server.sock"
  58 #define SECURITY_SERVER_DEFAULT_COOKIE_PATH             "/tmp/.security_server.coo"
  59 #define SECURITY_SERVER_DAEMON_PATH                     "/usr/bin/security-server"
  60 #define SECURITY_SERVER_COOKIE_LEN                      20
  61 #define MAX_OBJECT_LABEL_LEN                            32
  62 #define MAX_MODE_STR_LEN                                16
  63 #define SECURITY_SERVER_MAX_OBJ_NAME                    30
  64 #define SECURITY_SERVER_MSG_VERSION                     0x01
  65 #define SECURITY_SERVER_ACCEPT_TIMEOUT_MILISECOND       10000
  66 #define SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND       3000
  67 #define SECURITY_SERVER_DEVELOPER_UID                   5100
  68 #define SECURITY_SERVER_DEBUG_TOOL_PATH                 "/usr/bin/debug-util"
  69 #define SECURITY_SERVER_KILL_APP_PATH                   "/usr/bin/kill_app"
  70 #define SECURITY_SERVER_DATA_DIRECTORY_PATH             "/opt/data/security-server"
  71 #define SECURITY_SERVER_ATTEMPT_FILE_NAME       "attempts"
  72 #define SECURITY_SERVER_HISTORY_FILE_NAME       "history"
  73 #define SECURITY_SERVER_MAX_PASSWORD_LEN                32
  74 #define SECURITY_SERVER_HASHED_PWD_LEN                  32  /* SHA256 */
  75 #define SECURITY_SERVER_PASSWORD_RETRY_TIMEOUT_SECOND           1        /* Deprecated. Will be removed. */
  76 #define SECURITY_SERVER_PASSWORD_RETRY_TIMEOUT_MICROSECOND  500000   /* = 500 milliseconds */
  77 #define SECURITY_SERVER_MAX_PASSWORD_HISTORY    50
  78 #define SECURITY_SERVER_NUM_THREADS                     10
  79
  80 /* API prefix */
  81 #ifndef SECURITY_SERVER_API
  82 #define SECURITY_SERVER_API     __attribute__((visibility("default")))
  83 #endif
  84
  85
  86
  87 /* Data types *****************************************************************/
  88 /* Cookie List data type */
  89 typedef struct _cookie_list
  90 {
  91         unsigned char   cookie[SECURITY_SERVER_COOKIE_LEN];     /* 20 bytes random Cookie */
  92         int             path_len;                               /* Client process cmd line length */
  93         int             permission_len;                         /* Client process permissions (aka group IDs) */
  94         pid_t           pid;                                    /* Client process's PID */
  95         char            *path;                                  /* Client process's executable path */
  96         int             *permissions;                           /* Array of GID that the client process has */
  97     char            *smack_label;                           /* SMACK label of the client process */
  98     char    is_roots_process;           /* Is cookie belongs to roots process */
  99         struct _cookie_list     *prev;                          /* Next cookie list */
 100         struct _cookie_list     *next;                          /* Previous cookie list */
 101 } cookie_list;
 102
 103
 104 /* Function prototypes ******************************************************/
 105 /* IPC */
 106
 107 void printhex(const unsigned char *data, int size);
 108
 109 /* Debug */
 110 #ifdef SECURITY_SERVER_DEBUG_TO_CONSOLE /* debug msg will be printed in console */
 111 #define SEC_SVR_DBG(FMT, ARG ...) fprintf(stderr, "[%s:%d] "FMT"\n", \
 112                 __FILE__, __LINE__, ##ARG)
 113
 114 #elif SECURITY_SERVER_DEBUG_DLOG        /* debug msg will be printed by dlog daemon */
 115 #define LOG_TAG "SECURITY_SERVER"
 116 #include <dlog.h>
 117 #define SEC_SVR_DBG     SLOGD
 118 #else /* No debug output */
 119 #define SEC_SVR_DBG(FMT, ARG ...) {}
 120 #endif
 121
 122 #endif