#include <stdint.h>
#include <sys/stat.h>
#include <sys/mman.h>
+#include <config.h>
/*-----------------------------------------------------------------------------
* MACROS
#define PAGE_MASK (~(PAGE_SIZE - 1))
#define SHM_MAX_ID INT32_MAX
-#define SHM_NAME_TEMPLATE "/teec_shm%d"
#define SHM_FILE_MODE 0660
/*-----------------------------------------------------------------------------
* Globals
int res;
do {
- res = snprintf(shm_name, sizeof(shm_name), SHM_NAME_TEMPLATE, memKey);
-
+ res = snprintf(shm_name, sizeof(shm_name), SHM_NAME_PREFIX "%d", memKey);
if (res == sizeof(shm_name)) {
LOGE(TEEC_LIB, "the shm object name is too long");
return TEEC_ERROR_GENERIC;
}
fd_shm = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, SHM_FILE_MODE);
-
if (fd_shm >= 0) {
res = fchmod(fd_shm, SHM_FILE_MODE);
}
if (errno != EEXIST) {
- LOGE(TEEC_LIB, "Cannot create shared memory object, error: %s",
- strerror(errno));
+ LOGE(TEEC_LIB, "Cannot create shared memory object '%s', error: %s",
+ shm_name, strerror(errno));
return TEEC_ERROR_GENERIC;
}
return;
}
- ret = snprintf(shm_name, sizeof(shm_name), SHM_NAME_TEMPLATE, sharedMem_imp->shmKey);
-
+ ret = snprintf(shm_name, sizeof(shm_name), SHM_NAME_PREFIX "%d", sharedMem_imp->shmKey);
if (ret == sizeof(shm_name)) {
- LOGE(TEE_STUB, "the shm object name is too long");
+ LOGE(TEEC_LIB, "the shm object name is too long");
return;
}
if (shm_unlink(shm_name) == -1) {
- LOGE(TEE_STUB, "shm_unlink failed for %s, error: %s", shm_name,
+ LOGE(TEEC_LIB, "shm_unlink failed for %s, error: %s", shm_name,
strerror(errno));
return;
}
{
LOGD(TEEC_LIB, "Entry");
int32_t serverSocket, socklen;
- size_t sock_path_len = 0;
struct sockaddr *sockptr;
struct sockaddr_un daemonsock;
+ daemonsock.sun_family = AF_UNIX;
+ daemonsock.sun_path[sizeof(daemonsock.sun_path)-1] = 0;
+ strncpy(daemonsock.sun_path, SIMDAEMON_SOCK_PATH, sizeof(daemonsock.sun_path));
+
+ // Check simulator socket name length is valid
+ if (daemonsock.sun_path[sizeof(daemonsock.sun_path)-1] != 0) {
+ LOGE(TEEC_LIB, "Socket name too long: ", daemonsock.sun_path);
+ return -1;
+ }
+
// Get socket decriptor
if ((serverSocket = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
LOGE(TEEC_LIB, "No socket for simdaemon");
return -1;
}
- daemonsock.sun_family = AF_UNIX;
-
- sock_path_len = strlen(SIMDAEMON_SOCK_PATH);
- strncpy(daemonsock.sun_path, SIMDAEMON_SOCK_PATH, sock_path_len + 1);
-
socklen = sizeof(daemonsock);
sockptr = (struct sockaddr *)&daemonsock;
* @return true if property file successfully read else false\r
*/\r
bool TEEProperty::start() {\r
- bool ret = readPropertyFile(string(TEE_PROP_PATH));\r
+ bool ret = readPropertyFile(TEE_PROP_PATH);\r
currentItr = propertiesMap.begin();\r
return ret;\r
}\r
#include <sys/mman.h>
#include <time.h>
#include <unistd.h>
+#include <config.h>
#include "log.h"
using namespace std;
#define PAGE_MASK (~(PAGE_SIZE - 1))
#define SHM_MAX_ID INT32_MAX
-#define SHM_NAME_PREFIX "/teec_shm"
map<uint32_t, registerItem> SharedMemoryMap::shmMap;
//this is ln -s to /usr/lib/tastore or /usr/lib64/tastore (see spec file)
#define TEE_TASTORE_ROOT "/opt/tastore/"
+#define TEE_SS_ROOT "/opt/tastore/"
#define SIMDAEMON_SOCK_PATH "/tmp/simdaemon"
//TEEStub must have write access in this directory (creating socket per TA)
#define TEE_TASOCK_ROOT "/tmp/"
#define TEE_TALOG_ROOT "/tmp/"
-#define SHM_PATH "/tmp/shm"
+// from manpages: For portable use, a shared memory object
+// should be identified by a name of the form /somename
+#define SHM_NAME_PREFIX "/teec_shm"
#define TEE_PROP_PATH "/usr/bin/GPD_TEE_PROP"
-#define TEE_SS_ROOT "/tmp/tastore2/"
-
#endif /* INCLUDE_CONFIG_H_ */
/*-----------------------------------------------------------------------------
* Local functions
*-----------------------------------------------------------------------------*/
-/**
- * Create shm file for shared memory implementation (IPC)
- */
-void initializeShm() {
- LOGD(SIM_DAEMON, "Entry");
- ::unlink(SHM_PATH);
- int fd = creat(SHM_PATH, S_IRWXU);
- if (-1 == fd) {
- LOGE(SIM_DAEMON, "shm file creation failed");
- exit(0);
- }
- close(fd);
-}
/**
* Starts the Simulator Daemon as server which listens for connection from
try {
int sockFD = getSystemdSocket(SIMDAEMON_SOCK_PATH);
- //initializeShm();
if (sockFD > 0) {
LOGI(SIM_DAEMON, "Using existing systemd socket %d", sockFD);
SimulatorDaemonServer s(ioService::getInstance(), sockFD);
LOGD(SIM_DAEMON, "Entry");
pthread_rwlock_wrlock(&binaryMapLock);
- StructBinaryInfo value;
- bool res = false;
StructBinaryInfo info;
+ bool res = false;
if (boost::filesystem::exists(TEE_TASTORE_ROOT + uuid)) {
pthread_mutex_lock(&taLock);
myfile.close();
}
+ boost::filesystem::path decName = info.imagePath + "_dec";
// hash of Keydata is not required.
string dec_command = "openssl enc " + cipher + " -d -nopad -nosalt -K " + secret
- + " -in " + info.imagePath + " -out " + info.imagePath
- + "_dec -iv 0000000000000000";
+ + " -in " + info.imagePath + " -out " + decName.string() +
+ + " -iv 0000000000000000";
result = system(dec_command.c_str());
if (result != 0) {
LOGE(SIM_DAEMON, "Image decryption failed");
}
- string removeEncImage = "rm -f " + info.imagePath;
- result = system(removeEncImage.c_str());
- if (result != 0) {
- LOGE(SIM_DAEMON, "Post decryption operations failed");
+ boost::system::error_code ec;
+ boost::filesystem::remove(boost::filesystem::path(info.imagePath), ec);
+ if (ec) {
+ LOGE(SIM_DAEMON, "Post decryption failed: unlink %s : %s", info.imagePath.c_str(),
+ ec.message());
}
- string renameDecImage = "mv " + info.imagePath + "_dec " + info.imagePath;
- result = system(renameDecImage.c_str());
- if (result != 0) {
- LOGE(SIM_DAEMON, "Post decryption operations failed");
+ boost::filesystem::rename(decName, boost::filesystem::path(info.imagePath), ec);
+ if (ec) {
+ LOGE(SIM_DAEMON, "Post decryption failed: rename %s -> %s : %s",
+ decName.string().c_str(), info.imagePath.c_str(),
+ ec.message());
}
- string removeKeyHash = "rm -f " + keyhashFilename;
- result = system(removeKeyHash.c_str());
- if (result != 0) {
- LOGE(SIM_DAEMON, "Post decryption operations failed");
+ boost::filesystem::remove(boost::filesystem::path(keyhashFilename), ec);
+ if (ec) {
+ LOGE(SIM_DAEMON, "Post decryption failed: unlink %s : %s", keyhashFilename.c_str(),
+ ec.message());
}
}
LOGD(SIM_DAEMON, "Decrypting");
// 3. Decrypt image using secret value in manifest
if (info.manifest.properties.extension.launchMode == "debug")
- decryptImage(info);
+ decryptImage(info);
- string s = "chmod +x " + info.imagePath;
- int result = system(s.c_str());
+ struct stat st;
+ int result = stat(info.imagePath.c_str(), &st);
+ if (result == 0) {
+ result = chmod(info.imagePath.c_str(), st.st_mode|S_IXUSR|S_IXGRP|S_IXOTH);
+ }
if (result != 0) {
- LOGE(SIM_DAEMON, "Unpacking executable TA failed");
+ LOGE(SIM_DAEMON, "Unpacking executable TA failed: %s", strerror(errno));
}
ret = true;
projects / platform / core / security / tef-simulator.git / commitdiff