return found;
}
+TEEC_Result tempSharedMemAllocate(TEEC_SharedMemory** tmpSharedMem, uint32_t type,
+ TEEC_Context* context, TEEC_Parameter param)
+{
+ TEEC_Result result;
+ *tmpSharedMem = (TEEC_SharedMemory *)OsaMalloc(sizeof(TEEC_SharedMemory));
+ (*tmpSharedMem)->size = param.tmpref.size;
+ (*tmpSharedMem)->buffer = param.tmpref.buffer;
+
+ (*tmpSharedMem)->flags = type & (TEEC_MEM_INPUT | TEEC_MEM_OUTPUT);
+
+ result = TEEC_RegisterSharedMemory(context, *tmpSharedMem);
+
+ if (result != TEEC_SUCCESS) {
+ if (*tmpSharedMem) {
+ OsaFree(*tmpSharedMem);
+ *tmpSharedMem = NULL;
+ }
+ return result;
+ }
+
+ if (type & TEEC_MEMREF_TEMP_INPUT) {
+ memcpy(((TEEC_SharedMemoryImp *)(*tmpSharedMem)->imp)->allocPtr,
+ (*tmpSharedMem)->buffer, (*tmpSharedMem)->size);
+ }
+ return result;
+}
+
+void tempSharedMemoryDeallocate(TEEC_SharedMemory** tmpSharedMem)
+{
+ if (*tmpSharedMem) {
+ TEEC_ReleaseSharedMemory(*tmpSharedMem);
+ OsaFree(*tmpSharedMem);
+ *tmpSharedMem = NULL;
+ }
+}
+
/*
* === FUNCTION ======================================================================
* Name: preProcessOperation
op->paramTypes |= type << (8 * i);
if (!tmpSharedMem[i]) {
- tmpSharedMem[i] = (TEEC_SharedMemory *)OsaMalloc(
- sizeof(TEEC_SharedMemory));
- tmpSharedMem[i]->size = operation->params[i].tmpref.size;
- tmpSharedMem[i]->buffer = operation->params[i].tmpref.buffer;
-
- if (type == TEEC_MEMREF_TEMP_INPUT)
- tmpSharedMem[i]->flags = TEEC_MEM_INPUT;
-
- else if (type == TEEC_MEMREF_TEMP_OUTPUT)
- tmpSharedMem[i]->flags = TEEC_MEM_OUTPUT;
-
- else if (type == TEEC_MEMREF_TEMP_INOUT)
- tmpSharedMem[i]->flags = TEEC_MEM_INPUT | TEEC_MEM_OUTPUT;
-
- result = TEEC_RegisterSharedMemory(
- ((TEEC_SessionImp *)session->imp)->context, tmpSharedMem[i]);
-
- if (result != TEEC_SUCCESS) {
- for (i = 0; i < 4; i++) {
- if (tmpSharedMem[i]) {
- OsaFree(tmpSharedMem[i]);
- tmpSharedMem[i] = NULL;
- }
- }
-
- return result;
- }
-
- if (type & TEEC_MEMREF_TEMP_INPUT) {
- memcpy(((TEEC_SharedMemoryImp *)tmpSharedMem[i]->imp)->allocPtr,
- tmpSharedMem[i]->buffer, tmpSharedMem[i]->size);
- }
+ result = tempSharedMemAllocate(&tmpSharedMem[i], type,
+ ((TEEC_SessionImp *)session->imp)->context, operation->params[i]);
+ if (result != TEEC_SUCCESS)
+ goto cleanup;
}
op->params[i].mem.size = tmpSharedMem[i]->size;
break;
case TEEC_MEMREF_WHOLE:
- op->paramTypes |= TEE_PARAM_TYPE_MEMREF_INOUT << (8 * i);
memref = &operation->params[i].memref;
if ((NULL == memref) || (NULL == memref->parent)
|| (((TEEC_SharedMemoryImp *)memref->parent->imp)->context->imp
!= context->imp)) {
- for (i = 0; i < 4; i++) {
- if (tmpSharedMem[i]) {
- TEEC_ReleaseSharedMemory(tmpSharedMem[i]);
- OsaFree(tmpSharedMem[i]);
- tmpSharedMem[i] = NULL;
- }
- }
-
LOGE(TEEC_LIB, "Bad parameters");
- return TEEC_ERROR_BAD_PARAMETERS;
+ result = TEEC_ERROR_BAD_PARAMETERS;
+ goto cleanup;
}
memref_imp = (TEEC_SharedMemoryImp *)memref->parent->imp;
+ op->paramTypes |= (operation->params[i].memref.parent->flags |
+ (TEE_PARAM_TYPE_MEMREF_INPUT & TEE_PARAM_TYPE_MEMREF_OUTPUT)) << (8 * i);
op->params[i].mem.offset = 0;
op->params[i].mem.size = memref->parent->size;
op->params[i].mem.shmKey = memref_imp->shmKey;
case TEEC_MEMREF_PARTIAL_INPUT:
case TEEC_MEMREF_PARTIAL_OUTPUT:
case TEEC_MEMREF_PARTIAL_INOUT:
- op->paramTypes |= (type + TEE_PARAM_TYPE_MEMREF_INPUT
- - TEEC_MEMREF_PARTIAL_INPUT) << (8 * i);
+ op->paramTypes |= ((operation->params[i].memref.parent->flags & type) |
+ (TEE_PARAM_TYPE_MEMREF_INPUT & TEE_PARAM_TYPE_MEMREF_OUTPUT)) << (8 * i);
memref = &operation->params[i].memref;
if ((NULL == memref) || (NULL == memref->parent)
|| (((TEEC_SharedMemoryImp *)memref->parent->imp)->context->imp
!= context->imp)) {
- for (i = 0; i < 4; i++) {
- if (tmpSharedMem[i]) {
- TEEC_ReleaseSharedMemory(tmpSharedMem[i]);
- OsaFree(tmpSharedMem[i]);
- tmpSharedMem[i] = NULL;
- }
- }
-
LOGE(TEEC_LIB, "Bad parameters");
- return TEEC_ERROR_BAD_PARAMETERS;
+ result = TEEC_ERROR_BAD_PARAMETERS;
+ goto cleanup;
}
memref_imp = (TEEC_SharedMemoryImp *)memref->parent->imp;
break;
default:
- for (i = 0; i < 4; i++) {
- if (tmpSharedMem[i]) {
- TEEC_ReleaseSharedMemory(tmpSharedMem[i]);
- OsaFree(tmpSharedMem[i]);
- tmpSharedMem[i] = NULL;
- }
- }
-
- return TEEC_ERROR_BAD_PARAMETERS;
+ result = TEEC_ERROR_BAD_PARAMETERS;
+ goto cleanup;
}
}
- return TEEC_SUCCESS;
+ return result;
+
+cleanup:
+ for (i = 0; i < 4; i++) {
+ tempSharedMemoryDeallocate(&tmpSharedMem[i]);
+ }
+ return result;
}
/*
*
* @return void
*/
+
+#ifdef _LOGGING
+
__attribute__((visibility("default")))
void PrintLog(IN const char *function_name, IN const int32_t line_no,
IN int32_t module_level, IN int32_t debug_level, IN const char *message,
va_end(variable_list);
return;
}
+
+#else // ifdef _LOGGING
+
+__attribute__((visibility("default")))
+void PrintLog(IN const char *function_name, IN const int32_t line_no,
+ IN int32_t module_level, IN int32_t debug_level, IN const char *message,
+ ...)
+{
+ // stub function
+}
+
+#endif // ifdef _LOGGING
#endif
#endif // __TIZEN__
-#ifdef _LOGGING
-
#define _LOG(module_level, debug_level, ...) PrintLog(__FUNCTION__, __LINE__, module_level, debug_level, ##__VA_ARGS__)
#define LOGE(module_level, ...) PrintLog(__FUNCTION__, __LINE__, module_level, ERROR_LEVEL_LOG, ##__VA_ARGS__)
#define LOGS(module_level, ...) PrintLog(__FUNCTION__, __LINE__, module_level, INFO_LEVEL_LOG, ##__VA_ARGS__)
#define LOGP(module_level, ...) PrintLog(__FUNCTION__, __LINE__, module_level, PACKET_LEVEL_LOG, ##__VA_ARGS__)
-#else //ifdef _LOGGING
-
-#define LOGE(module_level, ...)
-#define LOGV(module_level, ...)
-#define LOGD(module_level, ...)
-#define LOGI(module_level, ...)
-#define LOGS(module_level, ...)
-#define LOGP(module_level, ...)
-
-#endif //ifdef _LOGGING
-
#if defined(__cplusplus)
extern "C" {
#endif
Group: Security
License: Apache-2.0
Source0: %{name}-%{version}.tar.gz
+Source1: %{name}.manifest
ExcludeArch: armv6l armv7hl armv7l aarch64
BuildRequires: cmake
BuildRequires: boost-devel
%prep
%setup -q
+cp %{SOURCE1} .
%build
# cannot call cmake rpmbuild macro because of scripts removing libTEEStub.a, which is a part of devkit
fi
%files -n %{name}
+%manifest tef-simulator.manifest
%attr(111,security_fw,security_fw) %{bin_dir}/tef-simulator-daemon
%{lib_dir}/libtef-simulator-ssflib.so
%attr(770,root,security_fw) %{tastore_dir}
%attr(444,security_fw,security_fw) %{_unitdir}/tef-simulator.socket
%attr(755,security_fw,security_fw) %{lib_dir}/tef/simulator/libteec.so
-
%files -n %{name}-devkit
%{bin_dir}/TA_PackageBuilder.sh
%{bin_dir}/TAPackageMaker
uint32_t mContextID;
/* Security context wich stores info about low-level connection data*/
SecurityContext secContext;
+ bool cynara_check_result;
/* For TA internal APIs support, dummy Context is created and for recognizing
* the context as dummy isInternal member variable is used
// init SecurityContext of current session after initializing socket
this->secContext = SecurityContext(clientSocket.native());
+ // Create a new Context
+ pthread_rwlock_wrlock(&ctxIDLock);
+ TEECtx = new TEEContext(ctxID, this);
+ // Increment the Context ID to be assigned to next Context
+ ctxID++;
+ if (ctxID == 0) ctxID++;
+ pthread_rwlock_unlock(&ctxIDLock);
+
#ifdef _CYNARA_INTEGRATION
/* Check if client has cynara permission */
const string privilege("http://tizen.org/privilege/tee.client");
if (!secContext.clientHasCynaraPermission(privilege)) {
LOGE(SIM_DAEMON, "Client has no permission to use TEE");
- return;
+ TEECtx->cynara_check_result = false;
}
#endif /* _CYNARA_INTEGRATION */
- // Create a new Context
- pthread_rwlock_wrlock(&ctxIDLock);
- TEECtx = new TEEContext(ctxID, this);
- // Increment the Context ID to be assigned to next Context
- ctxID++;
- if (ctxID == 0) ctxID++;
- pthread_rwlock_unlock(&ctxIDLock);
currentState = CMD_READ;
// read exactly 1 byte to identify the command and execute callback when
/* Clear the shared memory list (mShmList) and Session map (mSessionMap) */
mSessionMap.clear();
mShmList.clear();
+
+ cynara_check_result = true;
}
/**
*/
isInternal = false;
+ if (!cynara_check_result) {
+ result = TEEC_ERROR_ACCESS_DENIED;
+ data->returnValue = result;
+ result = mConnSess->write(INITIALIZE_CONTEXT, (char*)data,
+ sizeof(InitContextData));
+ if (result != TEEC_SUCCESS) {
+ LOGE(SIM_DAEMON, "Initialize Context response write to CA FAILED");
+ }
+ return result;
+ }
+
/* Check if the TEEName is proper or not */
if (data->nameLength != 0) {
string TName(data->TEEName);
LOGD(SIM_DAEMON, "Entry");
data.returnOrigin = TEEC_ORIGIN_TEE;
data.returnValue = TEEC_ERROR_GENERIC;
+
pthread_rwlock_wrlock(&sessIDLock);
data.sessionID = sessID;
sessID++;
projects / platform / core / security / tef-simulator.git / commitdiff