uint32_t mContextID;
/* Security context wich stores info about low-level connection data*/
SecurityContext secContext;
+ bool cynara_check_result;
/* For TA internal APIs support, dummy Context is created and for recognizing
* the context as dummy isInternal member variable is used
// init SecurityContext of current session after initializing socket
this->secContext = SecurityContext(clientSocket.native());
+ // Create a new Context
+ pthread_rwlock_wrlock(&ctxIDLock);
+ TEECtx = new TEEContext(ctxID, this);
+ // Increment the Context ID to be assigned to next Context
+ ctxID++;
+ if (ctxID == 0) ctxID++;
+ pthread_rwlock_unlock(&ctxIDLock);
+
#ifdef _CYNARA_INTEGRATION
/* Check if client has cynara permission */
const string privilege("http://tizen.org/privilege/tee.client");
if (!secContext.clientHasCynaraPermission(privilege)) {
LOGE(SIM_DAEMON, "Client has no permission to use TEE");
- return;
+ TEECtx->cynara_check_result = false;
}
#endif /* _CYNARA_INTEGRATION */
- // Create a new Context
- pthread_rwlock_wrlock(&ctxIDLock);
- TEECtx = new TEEContext(ctxID, this);
- // Increment the Context ID to be assigned to next Context
- ctxID++;
- if (ctxID == 0) ctxID++;
- pthread_rwlock_unlock(&ctxIDLock);
currentState = CMD_READ;
// read exactly 1 byte to identify the command and execute callback when
/* Clear the shared memory list (mShmList) and Session map (mSessionMap) */
mSessionMap.clear();
mShmList.clear();
+
+ cynara_check_result = true;
}
/**
*/
isInternal = false;
+ if (!cynara_check_result) {
+ result = TEEC_ERROR_ACCESS_DENIED;
+ data->returnValue = result;
+ result = mConnSess->write(INITIALIZE_CONTEXT, (char*)data,
+ sizeof(InitContextData));
+ if (result != TEEC_SUCCESS) {
+ LOGE(SIM_DAEMON, "Initialize Context response write to CA FAILED");
+ }
+ return result;
+ }
+
/* Check if the TEEName is proper or not */
if (data->nameLength != 0) {
string TName(data->TEEName);
LOGD(SIM_DAEMON, "Entry");
data.returnOrigin = TEEC_ORIGIN_TEE;
data.returnValue = TEEC_ERROR_GENERIC;
+
pthread_rwlock_wrlock(&sessIDLock);
data.sessionID = sessID;
sessID++;