4 * Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd All Rights Reserved
6 * Contact: Bumjin Im <bj.im@samsung.com>
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License
22 #ifndef SECURITY_SERVER_COMMON_H
23 #define SECURITY_SERVER_COMMON_H
25 #include <sys/types.h>
27 /* Definitions *********************************************************/
28 /* Return value. Continuing from return value of the client header file */
29 #define SECURITY_SERVER_SUCCESS 0
30 #define SECURITY_SERVER_ERROR_SOCKET -1
31 #define SECURITY_SERVER_ERROR_BAD_REQUEST -2
32 #define SECURITY_SERVER_ERROR_BAD_RESPONSE -3
33 #define SECURITY_SERVER_ERROR_SEND_FAILED -4
34 #define SECURITY_SERVER_ERROR_RECV_FAILED -5
35 #define SECURITY_SERVER_ERROR_NO_SUCH_OBJECT -6
36 #define SECURITY_SERVER_ERROR_AUTHENTICATION_FAILED -7
37 #define SECURITY_SERVER_ERROR_INPUT_PARAM -8
38 #define SECURITY_SERVER_ERROR_BUFFER_TOO_SMALL -9
39 #define SECURITY_SERVER_ERROR_OUT_OF_MEMORY -10
40 #define SECURITY_SERVER_ERROR_ACCESS_DENIED -11
41 #define SECURITY_SERVER_ERROR_SERVER_ERROR -12
42 #define SECURITY_SERVER_ERROR_NO_SUCH_COOKIE -13
43 #define SECURITY_SERVER_ERROR_NO_PASSWORD -14
44 #define SECURITY_SERVER_ERROR_PASSWORD_EXIST -15
45 #define SECURITY_SERVER_ERROR_PASSWORD_MISMATCH -16
46 #define SECURITY_SERVER_ERROR_PASSWORD_RETRY_TIMER -17
47 #define SECURITY_SERVER_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED -18
48 #define SECURITY_SERVER_ERROR_PASSWORD_EXPIRED -19
49 #define SECURITY_SERVER_ERROR_PASSWORD_REUSED -20
50 #define SECURITY_SERVER_ERROR_SOCKET_BIND -21
51 #define SECURITY_SERVER_ERROR_FILE_OPERATION -22
52 #define SECURITY_SERVER_ERROR_TIMEOUT -23
53 #define SECURITY_SERVER_ERROR_POLL -24
54 #define SECURITY_SERVER_ERROR_UNKNOWN -255
56 /* Miscellaneous Definitions */
57 #define SECURITY_SERVER_SOCK_PATH "/tmp/.security_server.sock"
58 #define SECURITY_SERVER_DEFAULT_COOKIE_PATH "/tmp/.security_server.coo"
59 #define SECURITY_SERVER_DAEMON_PATH "/usr/bin/security-server"
60 #define SECURITY_SERVER_COOKIE_LEN 20
61 #define MAX_OBJECT_LABEL_LEN 32
62 #define MAX_MODE_STR_LEN 16
63 #define SECURITY_SERVER_MIDDLEWARE_LIST_PATH "/usr/share/security-server/mw-list"
64 #define SECURITY_SERVER_MAX_OBJ_NAME 30
65 #define SECURITY_SERVER_MAX_PATH_LEN 50
66 #define SECURITY_SERVER_MSG_VERSION 0x01
67 #define SECURITY_SERVER_ACCEPT_TIMEOUT_MILISECOND 10000
68 #define SECURITY_SERVER_SOCKET_TIMEOUT_MILISECOND 3000
69 #define SECURITY_SERVER_DEVELOPER_UID 5100
70 #define SECURITY_SERVER_DEBUG_TOOL_PATH "/usr/bin/debug-util"
71 #define SECURITY_SERVER_KILL_APP_PATH "/usr/bin/kill_app"
72 #define SECURITY_SERVER_DATA_DIRECTORY_PATH "/opt/data/security-server"
73 #define SECURITY_SERVER_ATTEMPT_FILE_NAME "attempts"
74 #define SECURITY_SERVER_HISTORY_FILE_NAME "history"
75 #define SECURITY_SERVER_MAX_PASSWORD_LEN 32
76 #define SECURITY_SERVER_HASHED_PWD_LEN 32 /* SHA256 */
77 #define SECURITY_SERVER_PASSWORD_RETRY_TIMEOUT_SECOND 1
78 #define SECURITY_SERVER_MAX_PASSWORD_HISTORY 50
79 #define SECURITY_SERVER_NUM_THREADS 10
82 #ifndef SECURITY_SERVER_API
83 #define SECURITY_SERVER_API __attribute__((visibility("default")))
88 /* Data types *****************************************************************/
89 /* Cookie List data type */
90 typedef struct _cookie_list
92 unsigned char cookie[SECURITY_SERVER_COOKIE_LEN]; /* 20 bytes random Cookie */
93 int path_len; /* Client process cmd line length */
94 int permission_len; /* Client process permissions (aka group IDs) */
95 pid_t pid; /* Client process's PID */
96 char *path; /* Client process's cmd line string */
97 int *permissions; /* Array of GID that the client process has */
98 char *smack_label; /* SMACK label of the client process */
99 char is_roots_process; /* Is cookie belongs to roots process */
100 struct _cookie_list *prev; /* Next cookie list */
101 struct _cookie_list *next; /* Previous cookie list */
105 /* Function prototypes ******************************************************/
108 void printhex(const unsigned char *data, int size);
111 #ifdef SECURITY_SERVER_DEBUG_TO_CONSOLE /* debug msg will be printed in console */
112 #define SEC_SVR_DBG(FMT, ARG ...) fprintf(stderr, "[%s:%d] "FMT"\n", \
113 __FILE__, __LINE__, ##ARG)
115 #elif SECURITY_SERVER_DEBUG_DLOG /* debug msg will be printed by dlog daemon */
116 #define LOG_TAG "SECURITY_SERVER"
118 #define SEC_SVR_DBG SLOGD
119 #else /* No debug output */
120 #define SEC_SVR_DBG(FMT, ARG ...) {}