From bcf132fc65cdfa268824b0544869e9c6dea00c21 Mon Sep 17 00:00:00 2001 From: Inho Kim Date: Thu, 26 Oct 2017 15:40:34 +0900 Subject: [PATCH 01/16] Fix Manifest parse error Change-Id: Ieea75c888b06806b7999381d79086aacad896c76 --- simulatordaemon/src/TABinaryManager/TAManifest.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/simulatordaemon/src/TABinaryManager/TAManifest.cpp b/simulatordaemon/src/TABinaryManager/TAManifest.cpp index 1f9c397..86258db 100644 --- a/simulatordaemon/src/TABinaryManager/TAManifest.cpp +++ b/simulatordaemon/src/TABinaryManager/TAManifest.cpp @@ -133,7 +133,10 @@ bool TAManifest::processXML(const string &xmlManifestPath) { if (model != NULL) { taencryption.model.modelName = string(model->first_node("modelName")->first_attribute("value")->value()); - taencryption.model.plainkeydata = string(model->first_node("plainkeydata")->first_attribute("value")->value()); + xml_node<> *plainkeydata = model->first_node("plainkeydata"); + if (plainkeydata != NULL) { + taencryption.model.plainkeydata = string(plainkeydata->first_attribute("value")->value()); + } } } -- 2.7.4 From af818e81ce13b4e80f51c8510d5ef4108ce7986d Mon Sep 17 00:00:00 2001 From: Radoslaw Bartosiak Date: Fri, 9 Feb 2018 14:23:37 +0100 Subject: [PATCH 02/16] fix: Remove memory leak in TEE_Realloc When a not NULL buffer's size was changed to 0 Change-Id: Icee13f84e82bc91c6ed9a321e94631747fcc703e Signed-off-by: Radoslaw Bartosiak --- ssflib/src/ssf_malloc.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/ssflib/src/ssf_malloc.cpp b/ssflib/src/ssf_malloc.cpp index fd6d5b3..de4735d 100644 --- a/ssflib/src/ssf_malloc.cpp +++ b/ssflib/src/ssf_malloc.cpp @@ -90,6 +90,7 @@ void* TEE_Malloc(size_t size, uint32_t hint) { */ void* TEE_Realloc(const void* buffer, uint32_t newSize) { if (NULL == buffer || 0 == newSize) { + TEE_Free((void*)buffer); return NULL; } void* newBuf = TEE_Malloc(newSize, 0); -- 2.7.4 From 7de40f083b3732940c63f0e07cb8368932b79b39 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Fri, 16 Feb 2018 12:09:52 +0100 Subject: [PATCH 03/16] Fix bits/bytes error in TEE_InitRefAttribute According to TEE spec TEE_InitRefAttribute() should treat the length argument as a length in bytes not bits. This commit adjusts all TEE_InitRefAttribute() invocations and TEE_Attribute::content.ref.length referencese to use length in bytes. Change-Id: I84f7cce90987c69453b2dda5071dfd9c1ee3f3b4 --- ssflib/src/ssf_storage.cpp | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/ssflib/src/ssf_storage.cpp b/ssflib/src/ssf_storage.cpp index 1c92a21..f96ee1c 100644 --- a/ssflib/src/ssf_storage.cpp +++ b/ssflib/src/ssf_storage.cpp @@ -112,7 +112,7 @@ TEE_Result copy_attribute(TEE_Attribute* dest, TEE_Attribute* src) { dest->content.value.a = src->content.value.a; dest->content.value.b = src->content.value.b; } else { - int buf_size = (src->content.ref.length + 7) / 8; + int buf_size = src->content.ref.length; void* buffer = OsaMalloc(buf_size); if (!buffer) { return TEE_ERROR_OUT_OF_MEMORY; @@ -221,7 +221,7 @@ size_t calc_attr_size(TransientObject* tr) { size += 2 * sizeof(uint32_t); } else { size += sizeof(size_t); - size += (attrs[i].content.ref.length + 7) / 8; + size += attrs[i].content.ref.length; } } return size; @@ -247,8 +247,8 @@ TEE_Result serialise_attr(TransientObject* tr, char* buf) { memcpy(buf, &(attrs[i].content.ref.length), 4); buf += 4; memcpy(buf, (void*)attrs[i].content.ref.buffer, - (attrs[i].content.ref.length + 7) / 8); - buf += (attrs[i].content.ref.length + 7) / 8; + attrs[i].content.ref.length); + buf += attrs[i].content.ref.length; } } return TEE_SUCCESS; @@ -272,13 +272,13 @@ TEE_Result deserialise_attr(char* buf, TransientObject* tr) { } else { memcpy((void*)&attrs[i].content.ref.length, buf, 4); buf += 4; - void* buffer = OsaMalloc((attrs[i].content.ref.length + 7) / 8); + void* buffer = OsaMalloc(attrs[i].content.ref.length); if (!buffer) { return TEE_ERROR_OUT_OF_MEMORY; } - memcpy(buffer, buf, (attrs[i].content.ref.length + 7) / 8); + memcpy(buffer, buf, attrs[i].content.ref.length); attrs[i].content.ref.buffer = buffer; - buf += (attrs[i].content.ref.length + 7) / 8; + buf += attrs[i].content.ref.length; } } return TEE_SUCCESS; @@ -1334,7 +1334,7 @@ TEE_Result TEE_GetObjectBufferAttribute(TEE_ObjectHandle object, TEE_Panic(0); } //len = ((obj->attr.attr_array[n].content.ref.length & 0x7FFFFFFF) + 7) >> 3 ; - len = (obj->attr.attr_array[n].content.ref.length + 7) >> 3; + len = obj->attr.attr_array[n].content.ref.length; // out buffer is too small if (len > *size) { @@ -1471,15 +1471,15 @@ TEE_Result TEE_PopulateTransientObject(TEE_ObjectHandle object, TEE_Attribute* curr_attr = &tr->attr.attr_array[tr->attr.attr_number]; for (i = 0; i < attrCount; i++) { - if (attrs[i].content.ref.length > tr->info.maxObjectSize) { + if (attrs[i].content.ref.length * 8 > tr->info.maxObjectSize) { TZ_ERROR("operation error line = %d,%s\n", __LINE__, __func__); TEE_Panic(0); } copy_attribute(&curr_attr[i], (TEE_Attribute*)&attrs[i]); tr->attr.attr_number++; tr->info.objectSize = - tr->info.objectSize > attrs[i].content.ref.length ? - tr->info.objectSize : attrs[i].content.ref.length; + tr->info.objectSize > attrs[i].content.ref.length * 8 ? + tr->info.objectSize : attrs[i].content.ref.length * 8; } switch (tr->info.objectType) { @@ -1629,7 +1629,7 @@ TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize, case TEE_TYPE_GENERIC_SECRET: // generate 1 random key gen_random((unsigned char*)key, (keySize + 7) / 8); - TEE_InitRefAttribute(&attrs[0], TEE_ATTR_SECRET_VALUE, key, keySize); + TEE_InitRefAttribute(&attrs[0], TEE_ATTR_SECRET_VALUE, key, (keySize + 7) / 8); TEE_PopulateTransientObject(object, attrs, 1); break; case TEE_TYPE_RSA_KEYPAIR: { @@ -1667,11 +1667,11 @@ TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize, uci_context_free(uh); TEE_InitRefAttribute(&attrs[0], TEE_ATTR_RSA_MODULUS, uci_key.ucik_rsa_n, - keySize); + (keySize + 7) / 8); TEE_InitRefAttribute(&attrs[1], TEE_ATTR_RSA_PUBLIC_EXPONENT, - uci_key.ucik_rsa_e, keySize); + uci_key.ucik_rsa_e, (keySize + 7) / 8); TEE_InitRefAttribute(&attrs[2], TEE_ATTR_RSA_PRIVATE_EXPONENT, - uci_key.ucik_rsa_d, keySize); + uci_key.ucik_rsa_d, (keySize + 7) / 8); TEE_PopulateTransientObject(object, attrs, 3); OsaFree(uci_key.ucik_rsa_n); @@ -1694,15 +1694,15 @@ TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize, for (i = 0; i < paramCount; i++) { if (params[i].attributeID == TEE_ATTR_DSA_PRIME) { up.ucip_dsa_p = (unsigned char*)params[i].content.ref.buffer; - up.ucip_dsa_p_len = (params[i].content.ref.length + 7) / 8; + up.ucip_dsa_p_len = params[i].content.ref.length; check |= 0x01; } else if (params[i].attributeID == TEE_ATTR_DSA_BASE) { up.ucip_dsa_g = (unsigned char*)params[i].content.ref.buffer; - up.ucip_dsa_g_len = (params[i].content.ref.length + 7) / 8; + up.ucip_dsa_g_len = params[i].content.ref.length; check |= 0x02; } else if (params[i].attributeID == TEE_ATTR_DSA_SUBPRIME) { up.ucip_dsa_q = (unsigned char*)params[i].content.ref.buffer; - up.ucip_dsa_q_len = (params[i].content.ref.length + 7) / 8; + up.ucip_dsa_q_len = params[i].content.ref.length; check |= 0x04; } } @@ -1724,9 +1724,9 @@ TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize, params[i].content.ref.buffer, params[i].content.ref.length); } TEE_InitRefAttribute(&attrs[3], TEE_ATTR_DSA_PUBLIC_VALUE, - uci_key.ucik_dsa_pubkey, uci_key.ucik_dsa_pubk_len * 8); + uci_key.ucik_dsa_pubkey, uci_key.ucik_dsa_pubk_len); TEE_InitRefAttribute(&attrs[4], TEE_ATTR_DSA_PRIVATE_VALUE, - uci_key.ucik_dsa_privkey, uci_key.ucik_dsa_privk_len * 8); + uci_key.ucik_dsa_privkey, uci_key.ucik_dsa_privk_len); TEE_PopulateTransientObject(object, attrs, 5); OsaFree(uci_key.ucik_dsa_pubkey); OsaFree(uci_key.ucik_dsa_privkey); @@ -1743,7 +1743,7 @@ TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize, if (params[i].attributeID == TEE_ATTR_DH_PRIME) { check |= 0x01; uciparam.ucip_dh_prime = (unsigned char*)params[i].content.ref.buffer; - uciparam.ucip_dh_len = (params[i].content.ref.length + 7) / 8; + uciparam.ucip_dh_len = params[i].content.ref.length; } else if (params[i].attributeID == TEE_ATTR_DH_BASE) { check |= 0x02; uciparam.ucip_dh_generator = (unsigned char*)params[i].content.ref @@ -1767,9 +1767,9 @@ TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize, params[i].content.ref.buffer, params[i].content.ref.length); } TEE_InitRefAttribute(&attrs[2], TEE_ATTR_DH_PRIVATE_VALUE, privKey, - keySize); + (keySize + 7) / 8); TEE_InitRefAttribute(&attrs[3], TEE_ATTR_DH_PUBLIC_VALUE, pubKey, - keySize); + (keySize + 7) / 8); TEE_PopulateTransientObject(object, attrs, 4); OsaFree(privKey); -- 2.7.4 From 14288c209830363dd2d1bdcb8ac178682e5a0bb9 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Wed, 7 Mar 2018 15:45:50 +0100 Subject: [PATCH 04/16] Fix socket activation Both the service and the socket were bound to each other (BindsTo) making it impossible to stop only one of them. This change removes the BindsTo entries to allow socket to run when the service is down. Change-Id: I9c22acca4c8730729f332e4f3b1f8fb6d7a0cfc7 --- systemd/tef-simulator.service.in | 1 - systemd/tef-simulator.socket | 3 --- 2 files changed, 4 deletions(-) diff --git a/systemd/tef-simulator.service.in b/systemd/tef-simulator.service.in index a9b767c..5de4ddc 100644 --- a/systemd/tef-simulator.service.in +++ b/systemd/tef-simulator.service.in @@ -1,7 +1,6 @@ [Unit] Description=TEF Simulator Daemon DefaultDependencies=no -BindsTo=tef-simulator.socket [Service] User=security_fw diff --git a/systemd/tef-simulator.socket b/systemd/tef-simulator.socket index f4295d2..7995aaa 100644 --- a/systemd/tef-simulator.socket +++ b/systemd/tef-simulator.socket @@ -4,8 +4,5 @@ SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ -[Unit] -BindsTo=tef-simulator.service - [Install] WantedBy=sockets.target -- 2.7.4 From 38e3272218894029c9812e273d52d8abaabbf177 Mon Sep 17 00:00:00 2001 From: Inho Kim Date: Mon, 23 Oct 2017 11:56:23 +0900 Subject: [PATCH 05/16] Remove TEEName check for compatibility with target Change-Id: Ia624b138683ec4c3f8f8116ca6ac765abf015bb0 --- simulatordaemon/src/TEEContext.cpp | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/simulatordaemon/src/TEEContext.cpp b/simulatordaemon/src/TEEContext.cpp index 0cbdaed..400535f 100644 --- a/simulatordaemon/src/TEEContext.cpp +++ b/simulatordaemon/src/TEEContext.cpp @@ -88,21 +88,6 @@ TEEC_Result TEEContext::initContext(InitContextData* data) { return result; } - /* Check if the TEEName is proper or not */ - if (data->nameLength != 0) { - string TName(data->TEEName); - - if (TName.compare(TEENAME) != 0) { - data->returnValue = TEEC_ERROR_ITEM_NOT_FOUND; - /* Write the response back to TEECLIB in case of failure */ - result = mConnSess->write(INITIALIZE_CONTEXT, (char*)data, - sizeof(InitContextData)); - if (result != TEEC_SUCCESS) { - LOGE(SIM_DAEMON, "Initialize Context response write to CA FAILED"); - } - return result; - } - } data->contextID = mContextID; data->returnValue = TEEC_SUCCESS; -- 2.7.4 From 911ad4a8b9da59685659001b2762a4170f261e58 Mon Sep 17 00:00:00 2001 From: Inho Kim Date: Fri, 3 Nov 2017 11:43:37 +0900 Subject: [PATCH 06/16] ADD RPMB define Change-Id: I86227f03fe16e6ec603f8e4731829264cc782879 --- include/include/tee_internal_api.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/include/tee_internal_api.h b/include/include/tee_internal_api.h index 976c665..f6c1b1c 100644 --- a/include/include/tee_internal_api.h +++ b/include/include/tee_internal_api.h @@ -1042,6 +1042,8 @@ typedef struct __TEE_ObjectEnumHandle* TEE_ObjectEnumHandle; ******************************************************************************/ #define TEE_STORAGE_PRIVATE 0x00000001 +// Custom identifiers must start from 0x80000000 (Table 5-2 in GP Internal API spec) +#define TEE_STORAGE_RPMB 0x80000002 // Data Flag Constants #define TEE_DATA_FLAG_ACCESS_READ 0x00000001 -- 2.7.4 From a981a164c1aedd7ab0f769b718cec7e245a4f26f Mon Sep 17 00:00:00 2001 From: Krzysztof Dynowski Date: Wed, 21 Mar 2018 14:00:18 +0100 Subject: [PATCH 07/16] Use cond to wait for new command and not waste 100% CPU Change-Id: I0e263861c83a6feeef203c14576dc4793aede87b --- TEEStub/TaskStrategy/TaskQueuedStrategy.cpp | 11 +++++++---- TEEStub/TaskStrategy/TaskQueuedStrategy.h | 5 ++++- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/TEEStub/TaskStrategy/TaskQueuedStrategy.cpp b/TEEStub/TaskStrategy/TaskQueuedStrategy.cpp index 11d23bd..9f358de 100644 --- a/TEEStub/TaskStrategy/TaskQueuedStrategy.cpp +++ b/TEEStub/TaskStrategy/TaskQueuedStrategy.cpp @@ -41,6 +41,7 @@ TaskQueuedStrategy::TaskQueuedStrategy(stream_protocol::socket &msocket) : clientSocket(msocket) { runThread = false; + cmdReady = false; } /** @@ -55,7 +56,7 @@ void TaskQueuedStrategy::handleCommand(CommandBasePtr command) { LOGD(TEE_STUB, "A Cancel command has been received!"); executeCancellation(command); } else { - map_mutex.lock(); + boost::unique_lock lck(ready_mutex); //If new session ID, just add to map if (sessionTaskMap.find(command->sessionID) == sessionTaskMap.end()) { SessionState ss(command->sessionID); @@ -68,7 +69,8 @@ void TaskQueuedStrategy::handleCommand(CommandBasePtr command) { sessionTaskMap[command->sessionID].addTask(command); } LOGD(TEE_STUB, "MapSize: %d", sessionTaskMap.size()); - map_mutex.unlock(); + cmdReady = true; + ready_cond.notify_all(); } } @@ -112,7 +114,8 @@ void TaskQueuedStrategy::executeCommands() { */ unsigned char writeData[1024]; while (runThread) { - map_mutex.lock(); + boost::unique_lock lck(ready_mutex); + while (!cmdReady) ready_cond.wait(lck); if (sessionTaskMap.size() > 0) { for (std::map::iterator itr = @@ -158,7 +161,7 @@ void TaskQueuedStrategy::executeCommands() { } //if queue } //for } //if map - map_mutex.unlock(); + cmdReady = false; // all commands done // TODO: check how to reduce cycles from while(1) // boost::this_thread::sleep(boost::posix_time::milliseconds(1)); diff --git a/TEEStub/TaskStrategy/TaskQueuedStrategy.h b/TEEStub/TaskStrategy/TaskQueuedStrategy.h index ba0fb13..415564d 100644 --- a/TEEStub/TaskStrategy/TaskQueuedStrategy.h +++ b/TEEStub/TaskStrategy/TaskQueuedStrategy.h @@ -61,10 +61,13 @@ using boost::asio::local::stream_protocol; class TaskQueuedStrategy: public TaskStrategy { private: + boost::mutex ready_mutex; + boost::condition_variable ready_cond; + bool cmdReady; + std::map sessionTaskMap; std::vector cancelVector; boost::thread executorThread; - boost::mutex map_mutex; // The socket used to communicate with the client. stream_protocol::socket &clientSocket; -- 2.7.4 From b1202cbc744ae31bbf3968bbfb0dfccc45911617 Mon Sep 17 00:00:00 2001 From: Lukasz Kostyra Date: Wed, 7 Mar 2018 15:51:39 +0100 Subject: [PATCH 08/16] Start TEF simulator on install Change-Id: Iab1da43900b7077921c77d2852a0f4354e17b39d Signed-off-by: Lukasz Kostyra --- packaging/tef-simulator.spec | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/packaging/tef-simulator.spec b/packaging/tef-simulator.spec index 8cab70e..ce39efe 100644 --- a/packaging/tef-simulator.spec +++ b/packaging/tef-simulator.spec @@ -105,20 +105,34 @@ cp rapidxml/license.txt LICENSE.MIT cp include/include/LICENSE LICENSE.BSD %pre +if [ $1 -gt 1 ] ; then + systemctl stop tef-simulator.socket + systemctl stop tef-simulator.service +fi %post -systemctl stop tef-simulator -rm -rf %{link_tastore_dir} -mkdir -p `dirname %{link_tastore_dir}` -ln -sf %{tastore_dir} %{link_tastore_dir} -tef-update.sh simulator -systemctl enable tef-simulator +if [ $1 -eq 1 ] ; then + rm -rf %{link_tastore_dir} + mkdir -p `dirname %{link_tastore_dir}` + ln -sf %{tastore_dir} %{link_tastore_dir} + tef-update.sh simulator +fi + +systemctl daemon-reload +systemctl enable tef-simulator.socket +systemctl start tef-simulator.socket %preun +if [ $1 -eq 0 ] ; then + systemctl stop tef-simulator.socket + systemctl stop tef-simulator.service + systemctl disable tef-simulator.socket +fi %postun -if [ $1 = 0 ] ; then +if [ $1 -eq 0 ] ; then tef-update.sh + systemctl daemon-reload fi %files -n %{name} -- 2.7.4 From 30352414e81a7600303edfe9f86e3854ab99b5f5 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Tue, 27 Mar 2018 11:37:24 +0200 Subject: [PATCH 09/16] Recreate the link to tastore during rpm update The link to tastore was only created during rpm installation. However, the path to tastore has changed since the last release and the link should be recreated during rpm update as well. This commit makes the rpm update recreate the link so that it points to the valid tastore directory. Change-Id: I545461b058eb966e2c24a4f1752b241948e5134c --- packaging/tef-simulator.spec | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/packaging/tef-simulator.spec b/packaging/tef-simulator.spec index ce39efe..d9cdf79 100644 --- a/packaging/tef-simulator.spec +++ b/packaging/tef-simulator.spec @@ -111,10 +111,12 @@ if [ $1 -gt 1 ] ; then fi %post +# do it always in case the path was changed +rm -rf %{link_tastore_dir} +mkdir -p `dirname %{link_tastore_dir}` +ln -sf %{tastore_dir} %{link_tastore_dir} + if [ $1 -eq 1 ] ; then - rm -rf %{link_tastore_dir} - mkdir -p `dirname %{link_tastore_dir}` - ln -sf %{tastore_dir} %{link_tastore_dir} tef-update.sh simulator fi -- 2.7.4 From 55e4d76f04eeea6271899cb47d0bb967dd240a97 Mon Sep 17 00:00:00 2001 From: Krzysztof Dynowski Date: Tue, 27 Mar 2018 12:28:19 +0200 Subject: [PATCH 10/16] Check TEE name again Change-Id: I4dfb4511da9ec8dc8bf496e32b22dcbc9ee62c76 --- simulatordaemon/src/TEEContext.cpp | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/simulatordaemon/src/TEEContext.cpp b/simulatordaemon/src/TEEContext.cpp index 400535f..c881ea2 100644 --- a/simulatordaemon/src/TEEContext.cpp +++ b/simulatordaemon/src/TEEContext.cpp @@ -72,14 +72,22 @@ TEEC_Result TEEContext::initContext(InitContextData* data) { LOGD(SIM_DAEMON, "Entry"); + if (data->nameLength != 0) { + data->returnValue = TEEC_ERROR_ITEM_NOT_FOUND; + result = mConnSess->write(INITIALIZE_CONTEXT, (char*)data, sizeof(InitContextData)); + if (result != TEEC_SUCCESS) { + LOGE(SIM_DAEMON, "Initialize Context response write to CA FAILED"); + } + return result; + } + /* Initialize Context is a request from CA, so the member variable * isInternal of TEEContext is set to false. */ isInternal = false; if (!cynara_check_result) { - result = TEEC_ERROR_ACCESS_DENIED; - data->returnValue = result; + data->returnValue = TEEC_ERROR_ACCESS_DENIED; result = mConnSess->write(INITIALIZE_CONTEXT, (char*)data, sizeof(InitContextData)); if (result != TEEC_SUCCESS) { -- 2.7.4 From af2c3f24f8e49750795a7da14d738299316f7248 Mon Sep 17 00:00:00 2001 From: Igor Kotrasinski Date: Wed, 6 Dec 2017 11:07:00 +0100 Subject: [PATCH 11/16] Split handling command off of ConnectionSession Split ConnectionSession into the part that handles socket I/O and the part that handles actual commands. This way the socket I/O part can be reused for control commands. Change-Id: I4454c6b225505acf9b86120c22369c390068194b Signed-off-by: Igor Kotrasinski --- include/include/tee_command.h | 4 +- simulatordaemon/CMakeLists.txt | 3 +- simulatordaemon/inc/ConnectionSession.h | 42 +++---- simulatordaemon/inc/IConnectionHandler.h | 44 +++++++ simulatordaemon/inc/IConnectionSession.h | 44 ------- simulatordaemon/inc/IConnectionWriter.h | 38 ++++++ simulatordaemon/inc/SimulatorDaemonServer.h | 6 +- simulatordaemon/inc/TEEConnectionHandler.h | 54 ++++++++ simulatordaemon/inc/TEEContext.h | 12 +- simulatordaemon/src/ConnectionSession.cpp | 175 +++++++++----------------- simulatordaemon/src/Session.cpp | 3 +- simulatordaemon/src/SimulatorDaemonServer.cpp | 12 +- simulatordaemon/src/TEEConnectionHandler.cpp | 150 ++++++++++++++++++++++ simulatordaemon/src/TEEContext.cpp | 5 +- 14 files changed, 395 insertions(+), 197 deletions(-) create mode 100644 simulatordaemon/inc/IConnectionHandler.h delete mode 100644 simulatordaemon/inc/IConnectionSession.h create mode 100644 simulatordaemon/inc/IConnectionWriter.h create mode 100644 simulatordaemon/inc/TEEConnectionHandler.h create mode 100644 simulatordaemon/src/TEEConnectionHandler.cpp diff --git a/include/include/tee_command.h b/include/include/tee_command.h index f2197cd..38b8a8a 100644 --- a/include/include/tee_command.h +++ b/include/include/tee_command.h @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,6 +23,8 @@ #ifndef __TEE_COMMAND_H__ #define __TEE_COMMAND_H__ +#include + typedef enum { INVALID = -1, INITIALIZE_CONTEXT = 0, diff --git a/simulatordaemon/CMakeLists.txt b/simulatordaemon/CMakeLists.txt index f330065..5efd4a0 100644 --- a/simulatordaemon/CMakeLists.txt +++ b/simulatordaemon/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -43,6 +43,7 @@ SET(DAEMON_SOURCES ${DAEMON_PATH}/src/SimulatorDaemonServer.cpp ${DAEMON_PATH}/src/TAFactory.cpp ${DAEMON_PATH}/src/TAInstance.cpp + ${DAEMON_PATH}/src/TEEConnectionHandler.cpp ${DAEMON_PATH}/src/TEEContext.cpp ${DAEMON_PATH}/src/ClientCommands/CommandCloseSession.cpp ${DAEMON_PATH}/src/ClientCommands/CommandCloseTASession.cpp diff --git a/simulatordaemon/inc/ConnectionSession.h b/simulatordaemon/inc/ConnectionSession.h index 055bfe8..a5e8c12 100644 --- a/simulatordaemon/inc/ConnectionSession.h +++ b/simulatordaemon/inc/ConnectionSession.h @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ */ -#if !defined(_CONNECTIONSESSION_H) +#ifndef _CONNECTIONSESSION_H #define _CONNECTIONSESSION_H /*----------------------------------------------------------------------------- @@ -37,7 +37,8 @@ #include "ioService.h" #include "ClientCommands/MakeCommand.h" #include "TEEContext.h" -#include "IConnectionSession.h" +#include "IConnectionWriter.h" +#include "IConnectionHandler.h" #include "SecurityContext.h" using namespace std; @@ -49,44 +50,41 @@ using boost::asio::local::stream_protocol; /*----------------------------------------------------------------------------- * Class definitions *-----------------------------------------------------------------------------*/ -class ConnectionSession: public boost::enable_shared_from_this, public IConnectionSession +template +class ConnectionSession: + public boost::enable_shared_from_this>, + public IConnectionWriter { +private: + typedef boost::shared_ptr> handler_ptr; public: pthread_mutex_t connLock; - typedef boost::shared_ptr session_ptr; - static session_ptr create(boost::asio::io_service& io_service) - { - return session_ptr(new ConnectionSession(io_service)); - } - ConnectionSession(boost::asio::io_service& io_service): - clientSocket(io_service), clientData() + typedef boost::shared_ptr> session_ptr; + static session_ptr create(boost::asio::io_service& io_service, handler_ptr handler) { - pthread_mutex_init(&connLock, NULL); - currentState = CMD_READ; - TEECtx = NULL; - command = INVALID; + return session_ptr(new ConnectionSession(io_service, handler)); } + ConnectionSession(boost::asio::io_service& io_service, handler_ptr handler); stream_protocol::socket& socket() { return clientSocket; } void start(); - TEEC_Result write(TEE_CMD command, char* data, size_t size); + boost::system::error_code write(header_t header, char* data, size_t size); SecurityContext getSecurityContext(); ~ConnectionSession(); private: - TEEContext *TEECtx; - void handleRead(const boost::system::error_code& error, - size_t bytes_transferred); + handler_ptr m_handler; // The socket used to communicate with the client. stream_protocol::socket clientSocket; - // Security context of Connection. - SecurityContext secContext; // Buffer used to store data received from the client. boost::array clientData; states currentState; vector commandData; - TEE_CMD command; + header_t m_header{}; + void handleRead(const boost::system::error_code& error, + size_t bytes_transferred); + void scheduleRead(int32_t size); }; #else // defined(BOOST_ASIO_HAS_LOCAL_SOCKETS) diff --git a/simulatordaemon/inc/IConnectionHandler.h b/simulatordaemon/inc/IConnectionHandler.h new file mode 100644 index 0000000..9099463 --- /dev/null +++ b/simulatordaemon/inc/IConnectionHandler.h @@ -0,0 +1,44 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner@samsung.com) + * @brief Data handler interface plugged into the socket I/O handler + */ + +#ifndef _ICONNECTIONHANDLER_H +#define _ICONNECTIONHANDLER_H + +#include +#include + +#include "tee_command.h" +#include "IConnectionWriter.h" + +template +class IConnectionHandler +{ +public: + virtual void setWriter(IConnectionWriter &writer) = 0; + virtual void handleConnect(int sock) = 0; + virtual int32_t getDataSize(header_t header) = 0; + virtual void handleRead(header_t header, std::vector &data) = 0; + virtual void handleReadError(boost::system::error_code e) = 0; + virtual void handleConnectionClosed() = 0; +}; + +#endif /* _ICONNECTIONHANDLER_H */ diff --git a/simulatordaemon/inc/IConnectionSession.h b/simulatordaemon/inc/IConnectionSession.h deleted file mode 100644 index 0f2a2f6..0000000 --- a/simulatordaemon/inc/IConnectionSession.h +++ /dev/null @@ -1,44 +0,0 @@ -/** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * @author CHERYL (cb) (cheryl.b@samsung.com) - * @brief Interface for Connection handler for Simulator Daemon server - */ - - -#if !defined(_ICONNECTIONSESSION_H) -#define _ICONNECTIONSESSION_H - -/*----------------------------------------------------------------------------- - * Include files - *-----------------------------------------------------------------------------*/ -#include "tee_command.h" -#include "SecurityContext.h" - -/*----------------------------------------------------------------------------- - * Class definitions - *-----------------------------------------------------------------------------*/ -class IConnectionSession { -public: - virtual TEEC_Result write(TEE_CMD command, char* data, size_t size) = 0; - virtual SecurityContext getSecurityContext() = 0; - virtual ~IConnectionSession() {} -}; - -#endif /* _ICONNECTIONSESSION_H */ - diff --git a/simulatordaemon/inc/IConnectionWriter.h b/simulatordaemon/inc/IConnectionWriter.h new file mode 100644 index 0000000..57143cb --- /dev/null +++ b/simulatordaemon/inc/IConnectionWriter.h @@ -0,0 +1,38 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner@samsung.com) + * @brief Writer interface for generic socket connection handler + */ + +#ifndef _ICONNECTIONWRITER_H +#define _ICONNECTIONWRITER_H + +#include +#include + +#include "tee_command.h" + +template +class IConnectionWriter +{ +public: + virtual boost::system::error_code write(header_t header, char *data, size_t size) = 0; +}; + +#endif /* _ICONNECTIONWRITER_H */ diff --git a/simulatordaemon/inc/SimulatorDaemonServer.h b/simulatordaemon/inc/SimulatorDaemonServer.h index 0991996..d5ebf2e 100644 --- a/simulatordaemon/inc/SimulatorDaemonServer.h +++ b/simulatordaemon/inc/SimulatorDaemonServer.h @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ */ -#if !defined(_SIMULATORDAEMONSERVER_H) +#ifndef _SIMULATORDAEMONSERVER_H #define _SIMULATORDAEMONSERVER_H /*----------------------------------------------------------------------------- @@ -42,7 +42,7 @@ public: private: void startAccept(); - void handleAccept(ConnectionSession::session_ptr session, + void handleAccept(ConnectionSession::session_ptr session, const boost::system::error_code& error); boost::asio::io_service& mem_io_service; stream_protocol::acceptor acceptor; diff --git a/simulatordaemon/inc/TEEConnectionHandler.h b/simulatordaemon/inc/TEEConnectionHandler.h new file mode 100644 index 0000000..0ad9abc --- /dev/null +++ b/simulatordaemon/inc/TEEConnectionHandler.h @@ -0,0 +1,54 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner@samsung.com) + * @brief Handler for data coming over TEEC socket + */ + +#ifndef _TEECONNECTIONHANDLER_H +#define _TEECONNECTIONHANDLER_H + +#include +#include +#include "IConnectionHandler.h" +#include "TEEContext.h" + + +class TEEConnectionHandler: public IConnectionHandler +{ +public: + TEEConnectionHandler(); + void setWriter(IConnectionWriter &writer) override; + void handleConnect(int sock) override; + int32_t getDataSize(int8_t cmd) override; + void handleRead(int8_t header, std::vector &data) override; + void handleReadError(boost::system::error_code e) override; + void handleConnectionClosed() override; + + TEEC_Result write(TEE_CMD cmd, char* data, size_t size); + SecurityContext getSecurityContext(); + ~TEEConnectionHandler(); +private: + TEEContext *TEECtx = NULL; + SecurityContext secContext; + IConnectionWriter *m_writer = NULL; + TEE_CMD dataToCmd(int8_t cmd_data); + int8_t cmdToData(TEE_CMD cmd_data); +}; + +#endif /* _TEECONNECTIONHANDLER_H */ diff --git a/simulatordaemon/inc/TEEContext.h b/simulatordaemon/inc/TEEContext.h index ab68665..8f4b67d 100644 --- a/simulatordaemon/inc/TEEContext.h +++ b/simulatordaemon/inc/TEEContext.h @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ */ -#if !defined(_TEECONTEXT_H) +#ifndef _TEECONTEXT_H #define _TEECONTEXT_H /*----------------------------------------------------------------------------- @@ -35,7 +35,6 @@ #include "log.h" #include "Session.h" #include "tee_command.h" -#include "IConnectionSession.h" #include "SecurityContext.h" using namespace std; @@ -48,6 +47,9 @@ using namespace std; * Class definitions *-----------------------------------------------------------------------------*/ +class TEEConnectionHandler; + + class TEEContext { private: pthread_rwlock_t mShmListLock; @@ -56,7 +58,7 @@ public: pthread_rwlock_t mSessionMapLock; map mSessionMap; // Connection session instance associated with the TEEContext instance - IConnectionSession* mConnSess; + TEEConnectionHandler* mConnSess; // ContextID assigned to the instance uint32_t mContextID; /* Security context wich stores info about low-level connection data*/ @@ -67,7 +69,7 @@ public: * the context as dummy isInternal member variable is used */ bool isInternal; - TEEContext(uint32_t contextID, IConnectionSession* connSession); + TEEContext(uint32_t contextID, TEEConnectionHandler* connSession); TEEC_Result initContext(InitContextData* data); void finContext(FinalizeContextData data); TEEC_Result openSession(OpenSessionData data); diff --git a/simulatordaemon/src/ConnectionSession.cpp b/simulatordaemon/src/ConnectionSession.cpp index 97d7304..941f92b 100644 --- a/simulatordaemon/src/ConnectionSession.cpp +++ b/simulatordaemon/src/ConnectionSession.cpp @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,54 +24,40 @@ /*----------------------------------------------------------------------------- * Include files *-----------------------------------------------------------------------------*/ +#include +#include +#include #include "ConnectionSession.h" /*----------------------------------------------------------------------------- - * Globals - *-----------------------------------------------------------------------------*/ -// Lock for Context ID to be assigned to Context -pthread_rwlock_t ctxIDLock = PTHREAD_RWLOCK_INITIALIZER; -// Context ID to be assigned to Context -uint32_t ctxID = 21; - -/*----------------------------------------------------------------------------- * Member functions *-----------------------------------------------------------------------------*/ +template +ConnectionSession::ConnectionSession(boost::asio::io_service& io_service, + handler_ptr handler): + m_handler(handler), clientSocket(io_service), clientData() + { + pthread_mutex_init(&connLock, NULL); + currentState = CMD_READ; + m_handler->setWriter(*this); + } + + /** * On starting the server and accepting a connection, read some data from the socket. * * @param none */ -void ConnectionSession::start() { - LOGD(SIM_DAEMON, "Entry"); - - // init SecurityContext of current session after initializing socket - this->secContext = SecurityContext(clientSocket.native()); - - // Create a new Context - pthread_rwlock_wrlock(&ctxIDLock); - TEECtx = new TEEContext(ctxID, this); - // Increment the Context ID to be assigned to next Context - ctxID++; - if (ctxID == 0) ctxID++; - pthread_rwlock_unlock(&ctxIDLock); - -#ifdef _CYNARA_INTEGRATION - /* Check if client has cynara permission */ - const string privilege("http://tizen.org/privilege/tee.client"); - if (!secContext.clientHasCynaraPermission(privilege)) { - LOGE(SIM_DAEMON, "Client has no permission to use TEE"); - TEECtx->cynara_check_result = false; - } -#endif /* _CYNARA_INTEGRATION */ - +template +void ConnectionSession::start() { + m_handler->handleConnect(clientSocket.native()); currentState = CMD_READ; - // read exactly 1 byte to identify the command and execute callback when + // read bytes to identify the command and execute callback when // command is received boost::asio::async_read(clientSocket, boost::asio::buffer(clientData), - boost::asio::transfer_exactly(1), - boost::bind(&ConnectionSession::handleRead, shared_from_this(), + boost::asio::transfer_exactly(sizeof(header_t)), + boost::bind(&ConnectionSession::handleRead, this->shared_from_this(), boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); } @@ -81,7 +67,8 @@ void ConnectionSession::start() { * @param error Boost error code and error message object * @param bytes_transferred Number of bytes read from the socket */ -void ConnectionSession::handleRead(const boost::system::error_code& error, +template +void ConnectionSession::handleRead(const boost::system::error_code& error, size_t bytes_transferred) { LOGD(SIM_DAEMON, "Entry"); @@ -98,130 +85,88 @@ void ConnectionSession::handleRead(const boost::system::error_code& error, switch (currentState) { case CMD_READ: { // Identify command - command = (TEE_CMD)clientData.at(0); - LOGD(SIM_DAEMON, "Command received: %d", (uint32_t)command); + std::memcpy((void*) &m_header, clientData.data(), + sizeof(header_t)); - // Calculate pending numbers of bytes pending to be read only for commands - int32_t data_size = MakeCommand::getDataSize(command); + int32_t data_size = m_handler->getDataSize(m_header); if (data_size > 0) { currentState = DATA_READ; - // read remaining bytes related to received valid command - boost::asio::async_read(clientSocket, boost::asio::buffer(clientData), - boost::asio::transfer_exactly(data_size), - boost::bind(&ConnectionSession::handleRead, shared_from_this(), - boost::asio::placeholders::error, - boost::asio::placeholders::bytes_transferred)); + scheduleRead(data_size); } else if (-1 == data_size) { // else case is invalid command // TODO: Identify the correct behavior; what to do when invalid command is received? - LOGE(SIM_DAEMON, "Invalid command received!"); } else if (0 == data_size) { - // reset state to read new command currentState = CMD_READ; - // read command and register callback to read data - boost::asio::async_read(clientSocket, boost::asio::buffer(clientData), - boost::asio::transfer_exactly(1), - boost::bind(&ConnectionSession::handleRead, shared_from_this(), - boost::asio::placeholders::error, - boost::asio::placeholders::bytes_transferred)); + scheduleRead(sizeof(header_t)); } break; } //case case DATA_READ: { // At this pointer data is completely read - // clear the vector for the first time and copy client data received commandData.clear(); for (uint32_t i = 0; i < clientData.size(); i++) { commandData.push_back(clientData.at(i)); } - string tempData(commandData.begin(), commandData.end()); - - // Call the TEEContext object to handle commands - CommandBasePtr ptr = MakeCommand::getCommand(command, - (void*)tempData.c_str(), TEECtx); - - if (!ptr == false) { - ptr->execute(); - } else { - LOGE(SIM_DAEMON, "Command not found"); - } + m_handler->handleRead(m_header, commandData); - // reset state to read new command currentState = CMD_READ; - // read command and register callback to read data - boost::asio::async_read(clientSocket, boost::asio::buffer(clientData), - boost::asio::transfer_exactly(1), - boost::bind(&ConnectionSession::handleRead, shared_from_this(), - boost::asio::placeholders::error, - boost::asio::placeholders::bytes_transferred)); + scheduleRead(sizeof(header_t)); break; } //case } //switch + } else if (error == boost::asio::error::eof || + error == boost::asio::error::connection_reset) { + m_handler->handleConnectionClosed(); } else { - LOGE(SIM_DAEMON, "Error in reading from CA %s(%d)", error.category().name(), error.value()); - // Call the TEEContext object to cleanup - FinalizeContextData data; - data.contextID = 0; - CommandBasePtr ptr = MakeCommand::getCommand(FINALIZE_CONTEXT, - (void*)&data, TEECtx); - if (!ptr == false) { - ptr->execute(); - } else { - LOGE(SIM_DAEMON, "Command not found"); - } + m_handler->handleReadError(error); + m_handler->handleConnectionClosed(); } } +template +void ConnectionSession::scheduleRead(int32_t size) +{ + boost::asio::async_read(clientSocket, boost::asio::buffer(clientData), + boost::asio::transfer_exactly(size), + boost::bind(&ConnectionSession::handleRead, this->shared_from_this(), + boost::asio::placeholders::error, + boost::asio::placeholders::bytes_transferred)); +} + /** * Synchronous write to the socket. * @param command to be sent to TEECLib * @param data to be sent to TEECLib * @param size of data to be sent to TEECLib */ -TEEC_Result ConnectionSession::write(TEE_CMD cmd, char* data, size_t size) { +template +boost::system::error_code ConnectionSession::write(header_t header, + char* data, size_t size) +{ LOGD(SIM_DAEMON, "Entry"); - TEEC_Result result = TEEC_ERROR_COMMUNICATION; boost::system::error_code error = boost::asio::error::host_not_found; pthread_mutex_lock(&connLock); - // Send command to TEECLib for CA + boost::asio::write(clientSocket, - boost::asio::buffer((char*)&cmd, sizeof(char)), + boost::asio::buffer((char*)&header, sizeof(header)), boost::asio::transfer_all(), error); - if ((!error) && (size != 0)) { - // Send command data to TEECLib for CA boost::asio::write(clientSocket, boost::asio::buffer(data, size), boost::asio::transfer_all(), error); - if (!error) - result = TEEC_SUCCESS; - else - { - LOGE(SIM_DAEMON, "Error in writing Data to CA"); - LOGE(SIM_DAEMON, "Response returned with error code %d", error.value()); - LOGE(SIM_DAEMON, "Response returned with error code %s", - error.category().name()); - } - } else { - LOGE(SIM_DAEMON, "Error in writing Command to CA"); - LOGE(SIM_DAEMON, "Response returned with error code %d", error.value()); - LOGE(SIM_DAEMON, "Response returned with error code %s", - error.category().name()); } - pthread_mutex_unlock(&connLock); - return result; -} -SecurityContext ConnectionSession::getSecurityContext(){ - return secContext; + pthread_mutex_unlock(&connLock); + return error; } -ConnectionSession::~ConnectionSession() { - LOGD(SIM_DAEMON, "Entry"); - // Destory the lock for write (connLock) +template +ConnectionSession::~ConnectionSession() { pthread_mutex_destroy(&connLock); - // delete Context - delete TEECtx; - TEECtx = NULL; } + +/*----------------------------------------------------------------------------- + * Template instantiation for external files + *-----------------------------------------------------------------------------*/ +template class ConnectionSession; diff --git a/simulatordaemon/src/Session.cpp b/simulatordaemon/src/Session.cpp index adfd12e..e57ee3d 100644 --- a/simulatordaemon/src/Session.cpp +++ b/simulatordaemon/src/Session.cpp @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,6 +27,7 @@ #include "Session.h" #include "TAFactory.h" #include "TEEContext.h" +#include "TEEConnectionHandler.h" /*----------------------------------------------------------------------------- * Member functions diff --git a/simulatordaemon/src/SimulatorDaemonServer.cpp b/simulatordaemon/src/SimulatorDaemonServer.cpp index 4720718..cf6d4ad 100644 --- a/simulatordaemon/src/SimulatorDaemonServer.cpp +++ b/simulatordaemon/src/SimulatorDaemonServer.cpp @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,8 +24,12 @@ /*----------------------------------------------------------------------------- * Include files *-----------------------------------------------------------------------------*/ +#include +#include #include "SimulatorDaemonServer.h" #include "SecurityContext.h" +#include "TEEConnectionHandler.h" +#include "ConnectionSession.h" /*----------------------------------------------------------------------------- * Member functions @@ -57,7 +61,9 @@ SimulatorDaemonServer::SimulatorDaemonServer(boost::asio::io_service& io_service void SimulatorDaemonServer::startAccept() { - ConnectionSession::session_ptr newSession = ConnectionSession::create(acceptor.get_io_service()); + boost::shared_ptr teeHandler(new TEEConnectionHandler()); + ConnectionSession::session_ptr newSession = ConnectionSession::create( + acceptor.get_io_service(), teeHandler); acceptor.async_accept(newSession->socket(), boost::bind(&SimulatorDaemonServer::handleAccept, this, newSession, @@ -70,7 +76,7 @@ void SimulatorDaemonServer::startAccept() * @param error error code if any occurred */ void SimulatorDaemonServer::handleAccept( - ConnectionSession::session_ptr session, + ConnectionSession::session_ptr session, const boost::system::error_code& error) { if (!error) { diff --git a/simulatordaemon/src/TEEConnectionHandler.cpp b/simulatordaemon/src/TEEConnectionHandler.cpp new file mode 100644 index 0000000..dfef9cb --- /dev/null +++ b/simulatordaemon/src/TEEConnectionHandler.cpp @@ -0,0 +1,150 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner@samsung.com) + * @brief TEEConnectionHandler class + */ + +#include +#include "TEEConnectionHandler.h" +#include "ClientCommands/MakeCommand.h" +#include "IConnectionWriter.h" + + +// Lock for Context ID to be assigned to Context +pthread_rwlock_t ctxIDLock = PTHREAD_RWLOCK_INITIALIZER; +// Context ID to be assigned to Context +uint32_t ctxID = 21; + +TEEConnectionHandler::TEEConnectionHandler() {}; + +TEE_CMD TEEConnectionHandler::dataToCmd(int8_t cmd_data) +{ + return (TEE_CMD) cmd_data; +} + +int8_t TEEConnectionHandler::cmdToData(TEE_CMD cmd) +{ + return (int8_t) cmd; +} + +void TEEConnectionHandler::setWriter(IConnectionWriter &writer) +{ + this->m_writer = &writer; +} + +void TEEConnectionHandler::handleConnect(int sock) +{ + LOGD(SIM_DAEMON, "Entry"); + + // init SecurityContext of current session after initializing socket + this->secContext = SecurityContext(sock); + + // Create a new Context + pthread_rwlock_wrlock(&ctxIDLock); + TEECtx = new TEEContext(ctxID, this); + // Increment the Context ID to be assigned to next Context + ctxID++; + if (ctxID == 0) ctxID++; + pthread_rwlock_unlock(&ctxIDLock); + +#ifdef _CYNARA_INTEGRATION + /* Check if client has cynara permission */ + const string privilege("http://tizen.org/privilege/tee.client"); + if (!secContext.clientHasCynaraPermission(privilege)) { + LOGE(SIM_DAEMON, "Client has no permission to use TEE"); + TEECtx->cynara_check_result = false; + } +#endif /* _CYNARA_INTEGRATION */ +} + + +int32_t TEEConnectionHandler::getDataSize(int8_t cmdData) +{ + TEE_CMD cmd = dataToCmd(cmdData); + int32_t data_size; + + LOGD(SIM_DAEMON, "Command received: %d", (uint32_t)cmd); + data_size = MakeCommand::getDataSize(cmd); + if (data_size == -1) + LOGE(SIM_DAEMON, "Invalid command received!"); + return data_size; +} + +void TEEConnectionHandler::handleRead(int8_t headerData, std::vector &data) +{ + TEE_CMD header = dataToCmd(headerData); + string tempData(data.begin(), data.end()); + + // Call the TEEContext object to handle commands + CommandBasePtr ptr = MakeCommand::getCommand(header, + (void*)tempData.c_str(), TEECtx); + + if (!ptr == false) { + ptr->execute(); + } else { + LOGE(SIM_DAEMON, "Command not found"); + } +} + +void TEEConnectionHandler::handleReadError(boost::system::error_code e) +{ + LOGE(SIM_DAEMON, "Error in reading from CA"); + LOGE(SIM_DAEMON, "Response returned with error code %d", e.value()); + LOGE(SIM_DAEMON, "Response returned with error code %s", + e.category().name()); +} + +void TEEConnectionHandler::handleConnectionClosed() +{ + // Call the TEEContext object to cleanup + FinalizeContextData data; + data.contextID = 0; + CommandBasePtr ptr = MakeCommand::getCommand(FINALIZE_CONTEXT, + (void*)&data, TEECtx); + if (!ptr == false) { + ptr->execute(); + } else { + LOGE(SIM_DAEMON, "Command not found"); + } +} + +TEEC_Result TEEConnectionHandler::write(TEE_CMD cmd, char* data, size_t size) +{ + boost::system::error_code writeRet; + TEEC_Result result = TEEC_SUCCESS; + + writeRet = m_writer->write(cmdToData(cmd), data, size); + if (writeRet) { + LOGE(SIM_DAEMON, "Error in writing Data to CA: response returned with error code %d, message '%s'", + writeRet.value(), + writeRet.category().name()); + result = TEEC_ERROR_COMMUNICATION; + } + return result; +} + +SecurityContext TEEConnectionHandler::getSecurityContext(){ + return secContext; +} + +TEEConnectionHandler::~TEEConnectionHandler() { + LOGD(SIM_DAEMON, "Entry"); + delete TEECtx; + TEECtx = NULL; +} diff --git a/simulatordaemon/src/TEEContext.cpp b/simulatordaemon/src/TEEContext.cpp index c881ea2..bef3ed0 100644 --- a/simulatordaemon/src/TEEContext.cpp +++ b/simulatordaemon/src/TEEContext.cpp @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,6 +26,7 @@ *-----------------------------------------------------------------------------*/ #include "TEEContext.h" #include "TABinaryManager.h" +#include "TEEConnectionHandler.h" /*----------------------------------------------------------------------------- * Globals @@ -42,7 +43,7 @@ uint32_t sessID = 51; * @param contextID ID for Context reference * @param connSession ConnectionSession instance associated with the context */ -TEEContext::TEEContext(uint32_t contextID, IConnectionSession* connSession): +TEEContext::TEEContext(uint32_t contextID, TEEConnectionHandler* connSession): secContext(connSession->getSecurityContext()) { LOGD(SIM_DAEMON, "ContextID: %d", contextID); -- 2.7.4 From 1c1b895cc648ee26fad7805167fa96a9d514922c Mon Sep 17 00:00:00 2001 From: Igor Kotrasinski Date: Thu, 7 Dec 2017 11:57:01 +0100 Subject: [PATCH 12/16] Add port setting to TABinaryManager Change-Id: I713b7015f86a12b704209c64e7cda135d50f9153 Signed-off-by: Igor Kotrasinski --- .../src/TABinaryManager/TABinaryManager.cpp | 18 +++++++++++++++++- simulatordaemon/src/TABinaryManager/TABinaryManager.h | 7 ++++++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp b/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp index 7fbcb80..4ab2d1c 100644 --- a/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp +++ b/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -417,6 +417,22 @@ string TABinaryManager::getPort(string uuid) { return returnValue; } +int TABinaryManager::setPort(string uuid, string port) { + int ret; + pthread_rwlock_wrlock(&binaryMapLock); + + map::iterator it = binaryMap.find(uuid); + if (it != binaryMap.end()) { + it->second.port = port; + ret = 0; + } else { + ret = 1; + } + + pthread_rwlock_unlock(&binaryMapLock); + return ret; +} + /** * Converts UUID from TEEC_UUID to a string * @return string of TEEC_UUID diff --git a/simulatordaemon/src/TABinaryManager/TABinaryManager.h b/simulatordaemon/src/TABinaryManager/TABinaryManager.h index b2b471d..4526a62 100644 --- a/simulatordaemon/src/TABinaryManager/TABinaryManager.h +++ b/simulatordaemon/src/TABinaryManager/TABinaryManager.h @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -98,6 +98,11 @@ public: string getPort(string uuid); int isKeepAlive(string uuid, bool &KeepAlive); + /* + * TA property setters + */ + int setPort(string uuid, string port); + virtual ~TABinaryManager(); }; -- 2.7.4 From 9db99b58d0a9af39a6f8cffa3d5ad2775f3d7cf0 Mon Sep 17 00:00:00 2001 From: Igor Kotrasinski Date: Thu, 7 Dec 2017 14:04:57 +0100 Subject: [PATCH 13/16] Add control socket message handling classes Change-Id: Ia97a02e550b93f250be1ebc5ba14159dd6b3baa9 Signed-off-by: Igor Kotrasinski --- simulatordaemon/CMakeLists.txt | 3 + simulatordaemon/daemonctl/inc/ControlCommand.h | 52 +++++++++++ simulatordaemon/inc/ControlConnectionHandler.h | 49 +++++++++++ simulatordaemon/src/ControlConnectionHandler.cpp | 105 +++++++++++++++++++++++ 4 files changed, 209 insertions(+) create mode 100644 simulatordaemon/daemonctl/inc/ControlCommand.h create mode 100644 simulatordaemon/inc/ControlConnectionHandler.h create mode 100644 simulatordaemon/src/ControlConnectionHandler.cpp diff --git a/simulatordaemon/CMakeLists.txt b/simulatordaemon/CMakeLists.txt index 5efd4a0..725c12b 100644 --- a/simulatordaemon/CMakeLists.txt +++ b/simulatordaemon/CMakeLists.txt @@ -17,6 +17,8 @@ # @brief CMakeLists for tef-simulator daemon unit # +SET(DAEMONCTL_PATH ${DAEMON_PATH}/daemonctl) + PKG_CHECK_MODULES(DAEMON_DEPS REQUIRED cynara-client cynara-session @@ -84,6 +86,7 @@ INCLUDE_DIRECTORIES( ${DAEMON_PATH}/inc/ResponseCommands # TODO move TABinaryManager headers to inc directory ${DAEMON_PATH}/src/TABinaryManager/ + ${DAEMONCTL_PATH}/inc ${TEF_SIMULATOR_INCLUDE_PATH}/include ${LOG_PATH} ${OSAL_PATH} diff --git a/simulatordaemon/daemonctl/inc/ControlCommand.h b/simulatordaemon/daemonctl/inc/ControlCommand.h new file mode 100644 index 0000000..5b5d32c --- /dev/null +++ b/simulatordaemon/daemonctl/inc/ControlCommand.h @@ -0,0 +1,52 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief Command types for the control socket + */ + +#ifndef _CONTROLCOMMAND_H +#define _CONTROLCOMMAND_H + +#include +#include "tee_client_api.h" + +enum ControlCommand : uint32_t { + CTL_SET_PORT, +}; + +enum ControlCommandReply : uint32_t { + CTL_SET_PORT_REPLY, + CTL_INVALID_CMD_REPLY, +}; + +enum ControlReplyStatus : uint32_t { + CTL_REPLY_SUCCESS, + CTL_REPLY_TA_NOT_FOUND, +}; + +struct SetPortControlCommand { + TEEC_UUID uuid; + uint32_t port; +}; + +struct SetPortControlCommandReply { + enum ControlReplyStatus status; +}; + +#endif /* _CONTROLCOMMAND_H */ diff --git a/simulatordaemon/inc/ControlConnectionHandler.h b/simulatordaemon/inc/ControlConnectionHandler.h new file mode 100644 index 0000000..474104a --- /dev/null +++ b/simulatordaemon/inc/ControlConnectionHandler.h @@ -0,0 +1,49 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner@samsung.com) + * @brief Handler for data coming over TEEC socket + */ + +#ifndef _CONTROLCONNECTIONHANDLER_H +#define _CONTROLCONNECTIONHANDLER_H + +#include +#include +#include "IConnectionHandler.h" +#include "ControlCommand.h" +#include "TABinaryManager.h" + + +class ControlConnectionHandler: public IConnectionHandler +{ +public: + void setWriter(IConnectionWriter &writer) override; + void handleConnect(int sock) override; + int32_t getDataSize(enum ControlCommand cmd) override; + void handleRead(enum ControlCommand header, std::vector &data) override; + void handleReadError(boost::system::error_code e) override; +private: + TABinaryManager *getBinaryManager(); + IConnectionWriter *m_writer; + void handleSetPortCommand(std::vector &data); + void handleInvalidCommand(); + void handleConnectionClosed(); +}; + +#endif /* _CONTROLCONNECTIONHANDLER_H */ diff --git a/simulatordaemon/src/ControlConnectionHandler.cpp b/simulatordaemon/src/ControlConnectionHandler.cpp new file mode 100644 index 0000000..7daa776 --- /dev/null +++ b/simulatordaemon/src/ControlConnectionHandler.cpp @@ -0,0 +1,105 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner@samsung.com) + * @brief ControlConnectionHandler class + */ + +#include +#include +#include "log.h" +#include "ControlConnectionHandler.h" +#include "IConnectionWriter.h" + +void ControlConnectionHandler::setWriter(IConnectionWriter &writer) +{ + this->m_writer = &writer; +} + +void ControlConnectionHandler::handleConnect(int sock) +{ + return; +} + +int32_t ControlConnectionHandler::getDataSize(enum ControlCommand cmd) +{ + LOGD(SIM_DAEMON, "Control command received: %d", (uint32_t)cmd); + switch(cmdData) { + case CTL_SET_PORT: + return sizeof(SetPortControlCommand); + default: + LOGE(SIM_DAEMON, "Invalid command received!"); + return -1; + } +} + +void ControlConnectionHandler::handleRead(enum ControlCommand header, + std::vector &data) +{ + switch(header) { + case CTL_SET_PORT: + handleSetPortCommand(data); + break; + default: + handleInvalidCommand(); + break; + } +} + +void ControlConnectionHandler::handleReadError(boost::system::error_code e) +{ + LOGE(SIM_DAEMON, "Error in reading from the control socket: Response returned with error code %d, message %s", + e.value(), e.category().name()); +} + +void ControlConnectionHandler::handleConnectionClosed() {} + +TABinaryManager *ControlConnectionHandler::getBinaryManager() +{ + return TABinaryManager::getInstance(); +} + +void ControlConnectionHandler::handleSetPortCommand(std::vector &data) +{ + struct SetPortControlCommand cmd; + struct SetPortControlCommandReply reply; + TABinaryManager *binaryManager; + int ret; + + std::memcpy(&cmd, data.data(), sizeof(cmd)); + std::string portString = std::to_string(cmd.port); + binaryManager = getBinaryManager(); + std::string uuidString = binaryManager.getUUIDAsString(data.uuid); + + ret = binaryManager.setPort(uuidString, portString); + if (!ret) { + reply.status = CTL_REPLY_SUCCESS; + LOGI(SIM_DAEMON, "Set debug port of UUID %s to %s", + uuidString.c_str(), portString.c_str()); + } else { + reply.status = CTL_REPLY_TA_NOT_FOUND; + LOGE(SIM_DAEMON, "Failed to set debug port of UUID %s to %s - TA not found", + uuidString.c_str(), portString.c_str()); + } + m_writer->write(CTL_SET_PORT_REPLY, (char *) reply, sizeof(reply)); +} + +void ControlConnectionHandler::handleInvalidCommand() +{ + m_writer->write(CTL_INVALID_CMD_REPLY, nullptr, 0); +} -- 2.7.4 From c029d171a8d62c47ebab62d2f60ed9d6883b63f3 Mon Sep 17 00:00:00 2001 From: Igor Kotrasinski Date: Thu, 7 Dec 2017 14:13:08 +0100 Subject: [PATCH 14/16] Add handle socket for simulator control The control daemon will be used to change some simulator behaviours with regard to e.g. launching TAs; for now it will be used to toggle TA remote debugging and their remote debugging ports. Change-Id: I5c82c6082d07ffd378914db42d3c9d0383f1b5a3 Signed-off-by: Igor Kotrasinski --- CMakeLists.txt | 3 +- include/include/config.h | 4 +- packaging/tef-simulator.spec | 1 + simulatordaemon/CMakeLists.txt | 3 ++ simulatordaemon/daemonctl/inc/ControlCommand.h | 9 ++-- simulatordaemon/inc/ControlConnectionHandler.h | 2 +- simulatordaemon/inc/SimulatorDaemonServer.h | 26 ++++++--- simulatordaemon/src/ConnectionSession.cpp | 2 + simulatordaemon/src/ControlConnectionHandler.cpp | 18 ++++--- simulatordaemon/src/SimulatorDaemon.cpp | 61 ++++++++++++--------- simulatordaemon/src/SimulatorDaemonServer.cpp | 67 +++++++++++++++--------- systemd/tef-simulator.socket | 6 +++ 12 files changed, 131 insertions(+), 71 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 147e771..8e4c4e1 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -74,6 +74,7 @@ SET(TARGET_TEF_SIMULATOR tef-simulator) SET(TARGET_TEF_SIMULATOR_LOG ${TARGET_TEF_SIMULATOR}-log) SET(TARGET_TEF_SIMULATOR_OSAL ${TARGET_TEF_SIMULATOR}-osal) SET(TARGET_TEF_SIMULATOR_DAEMON ${TARGET_TEF_SIMULATOR}-daemon) +SET(TARGET_TEF_SIMULATOR_DAEMONCTL ${TARGET_TEF_SIMULATOR}-daemonctl) SET(TARGET_TEF_SIMULATOR_SSFLIB ${TARGET_TEF_SIMULATOR}-ssflib) # below targets need different names due to linking with CAs and TAs (libteec for client) diff --git a/include/include/config.h b/include/include/config.h index 32c8bf3..4489365 100644 --- a/include/include/config.h +++ b/include/include/config.h @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -51,7 +51,7 @@ //keep in sync with systemd/tef-simulator.socket #define SIMDAEMON_SOCK_PATH "/var/run/simdaemon" - +#define SIMDAEMON_CTL_PATH "/var/run/simdaemonctl" //TEEStub must have write access in this directory (creating socket per TA) #define TEE_TASOCK_ROOT "/var/run/" diff --git a/packaging/tef-simulator.spec b/packaging/tef-simulator.spec index d9cdf79..38e0cee 100644 --- a/packaging/tef-simulator.spec +++ b/packaging/tef-simulator.spec @@ -143,6 +143,7 @@ fi %license LICENSE.Krb5-MIT %manifest tef-simulator.manifest %attr(111,security_fw,security_fw) %{bin_dir}/tef-simulator-daemon +%attr(111,security_fw,security_fw) %{bin_dir}/tef-simulator-daemonctl %{lib_dir}/libtef-simulator-ssflib.so %attr(770,root,security_fw) %{tastore_dir} %attr(444,security_fw,security_fw) %{_unitdir}/tef-simulator.service diff --git a/simulatordaemon/CMakeLists.txt b/simulatordaemon/CMakeLists.txt index 725c12b..2f5e89f 100644 --- a/simulatordaemon/CMakeLists.txt +++ b/simulatordaemon/CMakeLists.txt @@ -36,8 +36,11 @@ PKG_CHECK_MODULES(DAEMON_LIBTEEC_DEP REQUIRED FIND_PACKAGE(Threads REQUIRED) +SET(DAEMONCTL_PATH ${DAEMON_PATH}/daemonctl) + SET(DAEMON_SOURCES ${DAEMON_PATH}/src/ConnectionSession.cpp + ${DAEMON_PATH}/src/ControlConnectionHandler.cpp ${DAEMON_PATH}/src/ioService.cpp ${DAEMON_PATH}/src/SecurityContext.cpp ${DAEMON_PATH}/src/Session.cpp diff --git a/simulatordaemon/daemonctl/inc/ControlCommand.h b/simulatordaemon/daemonctl/inc/ControlCommand.h index 5b5d32c..0eb416e 100644 --- a/simulatordaemon/daemonctl/inc/ControlCommand.h +++ b/simulatordaemon/daemonctl/inc/ControlCommand.h @@ -28,9 +28,6 @@ enum ControlCommand : uint32_t { CTL_SET_PORT, -}; - -enum ControlCommandReply : uint32_t { CTL_SET_PORT_REPLY, CTL_INVALID_CMD_REPLY, }; @@ -38,14 +35,16 @@ enum ControlCommandReply : uint32_t { enum ControlReplyStatus : uint32_t { CTL_REPLY_SUCCESS, CTL_REPLY_TA_NOT_FOUND, + CTL_REPLY_INTERNAL_ERROR, }; -struct SetPortControlCommand { + +struct __attribute__((packed)) SetPortControlCommand { TEEC_UUID uuid; uint32_t port; }; -struct SetPortControlCommandReply { +struct __attribute__((packed)) SetPortControlCommandReply { enum ControlReplyStatus status; }; diff --git a/simulatordaemon/inc/ControlConnectionHandler.h b/simulatordaemon/inc/ControlConnectionHandler.h index 474104a..df46ef7 100644 --- a/simulatordaemon/inc/ControlConnectionHandler.h +++ b/simulatordaemon/inc/ControlConnectionHandler.h @@ -40,10 +40,10 @@ public: void handleReadError(boost::system::error_code e) override; private: TABinaryManager *getBinaryManager(); - IConnectionWriter *m_writer; void handleSetPortCommand(std::vector &data); void handleInvalidCommand(); void handleConnectionClosed(); + IConnectionWriter *m_writer= nullptr; }; #endif /* _CONTROLCONNECTIONHANDLER_H */ diff --git a/simulatordaemon/inc/SimulatorDaemonServer.h b/simulatordaemon/inc/SimulatorDaemonServer.h index d5ebf2e..b3cee79 100644 --- a/simulatordaemon/inc/SimulatorDaemonServer.h +++ b/simulatordaemon/inc/SimulatorDaemonServer.h @@ -27,25 +27,35 @@ /*----------------------------------------------------------------------------- * Include files *-----------------------------------------------------------------------------*/ +#include +#include #include "ConnectionSession.h" +#include "ControlCommand.h" + +using boost::asio::local::stream_protocol; /*----------------------------------------------------------------------------- * Class definitions *-----------------------------------------------------------------------------*/ class SimulatorDaemonServer { public: - // create a server and a socket - SimulatorDaemonServer(boost::asio::io_service& io_service, const std::string& file); - - // create a server based on an existing socket fd - SimulatorDaemonServer(boost::asio::io_service& io_service, int sockfd); + typedef std::unique_ptr acceptor_ptr; + SimulatorDaemonServer(boost::asio::io_service& io_service, + acceptor_ptr tee_acceptor, + acceptor_ptr ctl_acceptor); + ~SimulatorDaemonServer() = default; private: - void startAccept(); - void handleAccept(ConnectionSession::session_ptr session, + void startTEEAccept(); + void startCtlAccept(); + void handleTEEAccept(ConnectionSession::session_ptr session, const boost::system::error_code& error); + void handleCtlAccept(ConnectionSession::session_ptr session, + const boost::system::error_code& error); + boost::asio::io_service& mem_io_service; - stream_protocol::acceptor acceptor; + acceptor_ptr m_tee_acceptor; + acceptor_ptr m_ctl_acceptor; }; #endif //_SIMULATORDAEMONSERVER_H diff --git a/simulatordaemon/src/ConnectionSession.cpp b/simulatordaemon/src/ConnectionSession.cpp index 941f92b..a94572a 100644 --- a/simulatordaemon/src/ConnectionSession.cpp +++ b/simulatordaemon/src/ConnectionSession.cpp @@ -28,6 +28,7 @@ #include #include #include "ConnectionSession.h" +#include "ControlCommand.h" /*----------------------------------------------------------------------------- * Member functions @@ -170,3 +171,4 @@ ConnectionSession::~ConnectionSession() { * Template instantiation for external files *-----------------------------------------------------------------------------*/ template class ConnectionSession; +template class ConnectionSession; diff --git a/simulatordaemon/src/ControlConnectionHandler.cpp b/simulatordaemon/src/ControlConnectionHandler.cpp index 7daa776..20ec75f 100644 --- a/simulatordaemon/src/ControlConnectionHandler.cpp +++ b/simulatordaemon/src/ControlConnectionHandler.cpp @@ -39,7 +39,7 @@ void ControlConnectionHandler::handleConnect(int sock) int32_t ControlConnectionHandler::getDataSize(enum ControlCommand cmd) { LOGD(SIM_DAEMON, "Control command received: %d", (uint32_t)cmd); - switch(cmdData) { + switch(cmd) { case CTL_SET_PORT: return sizeof(SetPortControlCommand); default: @@ -81,12 +81,18 @@ void ControlConnectionHandler::handleSetPortCommand(std::vector &data) TABinaryManager *binaryManager; int ret; - std::memcpy(&cmd, data.data(), sizeof(cmd)); - std::string portString = std::to_string(cmd.port); binaryManager = getBinaryManager(); - std::string uuidString = binaryManager.getUUIDAsString(data.uuid); + if (binaryManager == nullptr) { + reply.status = CTL_REPLY_INTERNAL_ERROR; + LOGE(SIM_DAEMON, "Setting UUID debug port failed - binary manager not found"); + m_writer->write(CTL_SET_PORT_REPLY, (char *) &reply, sizeof(reply)); + return; + } - ret = binaryManager.setPort(uuidString, portString); + std::memcpy(&cmd, data.data(), sizeof(cmd)); + std::string portString = std::to_string(cmd.port); + std::string uuidString = binaryManager->getUUIDAsString(cmd.uuid); + ret = binaryManager->setPort(uuidString, portString); if (!ret) { reply.status = CTL_REPLY_SUCCESS; LOGI(SIM_DAEMON, "Set debug port of UUID %s to %s", @@ -96,7 +102,7 @@ void ControlConnectionHandler::handleSetPortCommand(std::vector &data) LOGE(SIM_DAEMON, "Failed to set debug port of UUID %s to %s - TA not found", uuidString.c_str(), portString.c_str()); } - m_writer->write(CTL_SET_PORT_REPLY, (char *) reply, sizeof(reply)); + m_writer->write(CTL_SET_PORT_REPLY, (char *) &reply, sizeof(reply)); } void ControlConnectionHandler::handleInvalidCommand() diff --git a/simulatordaemon/src/SimulatorDaemon.cpp b/simulatordaemon/src/SimulatorDaemon.cpp index a8bd820..d662262 100644 --- a/simulatordaemon/src/SimulatorDaemon.cpp +++ b/simulatordaemon/src/SimulatorDaemon.cpp @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +24,7 @@ /*----------------------------------------------------------------------------- * Include files *-----------------------------------------------------------------------------*/ +#include #include "SimulatorDaemonServer.h" #include #include @@ -70,22 +71,39 @@ int getSystemdSocket(const std::string& path) { return 0; } - if (n > 1) { - LOGI(SIM_DAEMON, "Received %d sockets. Only first one will be used.", n); - } - - int fd = SD_LISTEN_FDS_START; - int ret = sd_is_socket_unix(fd, SOCK_STREAM, 1, path.c_str(), 0); - if (ret > 0) { - LOGI(SIM_DAEMON, "Acquired systemd socket %d", fd); - sd_notify(0, "READY=1"); - return fd; + for (int i = 0; i < n; i++) { + int fd = SD_LISTEN_FDS_START + i; + int ret = sd_is_socket_unix(fd, SOCK_STREAM, 1, path.c_str(), 0); + if (ret > 0) { + LOGI(SIM_DAEMON, "Acquired systemd socket %d", fd); + return fd; + } } - LOGE(SIM_DAEMON, "Found systemd socket is not an UNIX socket."); + LOGE(SIM_DAEMON, "No found systemd socket is a matching UNIX socket."); return 0; } +SimulatorDaemonServer::acceptor_ptr getSocketAcceptor( + boost::asio::io_service &io, const std::string &path) { + SimulatorDaemonServer::acceptor_ptr acceptor; + int sockfd = getSystemdSocket(path); + if (sockfd > 0) { + LOGI(SIM_DAEMON, "Using existing systemd socket %d", sockfd); + acceptor = SimulatorDaemonServer::acceptor_ptr( + new stream_protocol::acceptor(io)); + acceptor->assign(stream_protocol(), sockfd); + } else { + LOGI(SIM_DAEMON, "No systemd socket available for %s - creating own one", + path.c_str()); + + acceptor = SimulatorDaemonServer::acceptor_ptr( + new stream_protocol::acceptor( + io, stream_protocol::endpoint(path))); + } + return acceptor; +} + /** * main function for Simulator Daemon * @return @@ -94,18 +112,13 @@ int main() { LOGD(SIM_DAEMON, "Entry"); uint32_t result = 0; try { - int sockFD = getSystemdSocket(SIMDAEMON_SOCK_PATH); - - if (sockFD > 0) { - LOGI(SIM_DAEMON, "Using existing systemd socket %d", sockFD); - SimulatorDaemonServer s(ioService::getInstance(), sockFD); - startServer(ioService::getInstance()); - } else { - LOGI(SIM_DAEMON, "No systemd socket available - creating own one"); - SimulatorDaemonServer s(ioService::getInstance(), SIMDAEMON_SOCK_PATH); - startServer(ioService::getInstance()); - } - + SimulatorDaemonServer::acceptor_ptr tee_acceptor, ctl_acceptor; + boost::asio::io_service &io = ioService::getInstance(); + tee_acceptor = getSocketAcceptor(io, SIMDAEMON_SOCK_PATH); + ctl_acceptor = getSocketAcceptor(io, SIMDAEMON_CTL_PATH); + sd_notify(0, "READY=1"); + SimulatorDaemonServer s(io, std::move(tee_acceptor), std::move(ctl_acceptor)); + startServer(io); syslog(LOG_INFO | LOG_USER, "Daemon stopped"); } catch (std::exception& e) { syslog(LOG_ERR | LOG_USER, "Exception: %s", e.what()); diff --git a/simulatordaemon/src/SimulatorDaemonServer.cpp b/simulatordaemon/src/SimulatorDaemonServer.cpp index cf6d4ad..0cb6c13 100644 --- a/simulatordaemon/src/SimulatorDaemonServer.cpp +++ b/simulatordaemon/src/SimulatorDaemonServer.cpp @@ -25,62 +25,81 @@ * Include files *-----------------------------------------------------------------------------*/ #include +#include #include #include "SimulatorDaemonServer.h" #include "SecurityContext.h" #include "TEEConnectionHandler.h" #include "ConnectionSession.h" +#include "ControlCommand.h" +#include "ControlConnectionHandler.h" /*----------------------------------------------------------------------------- * Member functions *-----------------------------------------------------------------------------*/ -/** - * Accepts a new connection from local machine on a UDS - * @param io_service provides OS abstraction for async communication - * @param file path to Unix Domain Socket represented by a local file - */ -SimulatorDaemonServer::SimulatorDaemonServer(boost::asio::io_service& io_service, const std::string& file) - : mem_io_service(io_service) - , acceptor(io_service, stream_protocol::endpoint(file)) -{ - startAccept(); -} /** - * Creates a server based on already opened socket FD + * Creates a server based on provided acceptors * @param io_service provides OS abstraction for async communication * @param sock opened socket file descriptor (ex. provided by systemd) */ -SimulatorDaemonServer::SimulatorDaemonServer(boost::asio::io_service& io_service, int sockfd) +SimulatorDaemonServer::SimulatorDaemonServer(boost::asio::io_service& io_service, + acceptor_ptr tee_acceptor, + acceptor_ptr ctl_acceptor) : mem_io_service(io_service) - , acceptor(io_service) + , m_tee_acceptor(std::move(tee_acceptor)) + , m_ctl_acceptor(std::move(ctl_acceptor)) { - acceptor.assign(stream_protocol(), sockfd); - startAccept(); + startTEEAccept(); + startCtlAccept(); } -void SimulatorDaemonServer::startAccept() +void SimulatorDaemonServer::startTEEAccept() { - boost::shared_ptr teeHandler(new TEEConnectionHandler()); - ConnectionSession::session_ptr newSession = ConnectionSession::create( - acceptor.get_io_service(), teeHandler); + boost::shared_ptr teeHandler( + new TEEConnectionHandler()); + ConnectionSession::session_ptr newSession = + ConnectionSession::create( + m_tee_acceptor->get_io_service(), teeHandler); - acceptor.async_accept(newSession->socket(), - boost::bind(&SimulatorDaemonServer::handleAccept, this, newSession, + m_tee_acceptor->async_accept(newSession->socket(), + boost::bind(&SimulatorDaemonServer::handleTEEAccept, this, newSession, boost::asio::placeholders::error)); } +void SimulatorDaemonServer::startCtlAccept() +{ + boost::shared_ptr ctlHandler( + new ControlConnectionHandler()); + ConnectionSession::session_ptr newSession = + ConnectionSession::create( + m_ctl_acceptor->get_io_service(), ctlHandler); + + m_ctl_acceptor->async_accept(newSession->socket(), + boost::bind(&SimulatorDaemonServer::handleCtlAccept, this, newSession, + boost::asio::placeholders::error)); +} /** * Call back for boost acceptor.async_accept() to handle a new connection * @param new_session a pointer to a session * @param error error code if any occurred */ -void SimulatorDaemonServer::handleAccept( +void SimulatorDaemonServer::handleTEEAccept( ConnectionSession::session_ptr session, const boost::system::error_code& error) { if (!error) { session->start(); } - startAccept(); + startTEEAccept(); +} + +void SimulatorDaemonServer::handleCtlAccept( + ConnectionSession::session_ptr session, + const boost::system::error_code& error) +{ + if (!error) { + session->start(); + } + startCtlAccept(); } diff --git a/systemd/tef-simulator.socket b/systemd/tef-simulator.socket index 7995aaa..bf0d590 100644 --- a/systemd/tef-simulator.socket +++ b/systemd/tef-simulator.socket @@ -4,5 +4,11 @@ SocketMode=0777 SmackLabelIPIn=* SmackLabelIPOut=@ +[Socket] +ListenStream=/var/run/simdaemonctl +SocketMode=0770 +SmackLabelIPIn=* +SmackLabelIPOut=@ + [Install] WantedBy=sockets.target -- 2.7.4 From 7c1a8fcb3eb82f88644924d5621ead54f03fb3a0 Mon Sep 17 00:00:00 2001 From: Igor Kotrasinski Date: Wed, 13 Dec 2017 11:40:57 +0100 Subject: [PATCH 15/16] Add a UUID-specific config manager class Change-Id: Iaceb3eb09ddba6e8e4d933b7074350db4fde36ac Signed-off-by: Igor Kotrasinski --- simulatordaemon/CMakeLists.txt | 3 ++ simulatordaemon/inc/UUIDConfig.h | 41 +++++++++++++++++++ simulatordaemon/inc/UUIDConfigManager.h | 46 +++++++++++++++++++++ simulatordaemon/inc/UUIDUtils.h | 33 +++++++++++++++ simulatordaemon/src/UUIDComparator.cpp | 44 ++++++++++++++++++++ simulatordaemon/src/UUIDConfig.cpp | 45 +++++++++++++++++++++ simulatordaemon/src/UUIDConfigManager.cpp | 67 +++++++++++++++++++++++++++++++ 7 files changed, 279 insertions(+) create mode 100644 simulatordaemon/inc/UUIDConfig.h create mode 100644 simulatordaemon/inc/UUIDConfigManager.h create mode 100644 simulatordaemon/inc/UUIDUtils.h create mode 100644 simulatordaemon/src/UUIDComparator.cpp create mode 100644 simulatordaemon/src/UUIDConfig.cpp create mode 100644 simulatordaemon/src/UUIDConfigManager.cpp diff --git a/simulatordaemon/CMakeLists.txt b/simulatordaemon/CMakeLists.txt index 2f5e89f..a844f10 100644 --- a/simulatordaemon/CMakeLists.txt +++ b/simulatordaemon/CMakeLists.txt @@ -50,6 +50,9 @@ SET(DAEMON_SOURCES ${DAEMON_PATH}/src/TAInstance.cpp ${DAEMON_PATH}/src/TEEConnectionHandler.cpp ${DAEMON_PATH}/src/TEEContext.cpp + ${DAEMON_PATH}/src/UUIDConfig.cpp + ${DAEMON_PATH}/src/UUIDConfigManager.cpp + ${DAEMON_PATH}/src/UUIDComparator.cpp ${DAEMON_PATH}/src/ClientCommands/CommandCloseSession.cpp ${DAEMON_PATH}/src/ClientCommands/CommandCloseTASession.cpp ${DAEMON_PATH}/src/ClientCommands/CommandFinContext.cpp diff --git a/simulatordaemon/inc/UUIDConfig.h b/simulatordaemon/inc/UUIDConfig.h new file mode 100644 index 0000000..50a8dd2 --- /dev/null +++ b/simulatordaemon/inc/UUIDConfig.h @@ -0,0 +1,41 @@ + +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief Class for storing UUID-specific user configuration. + */ + +#ifndef UUIDCONFIG_H_ +#define UUIDCONFIG_H_ + +#include +#include +#include + +class UUIDConfig { +public: + boost::optional getDebugPort(); + void setDebugPort(uint32_t port); + void clearDebugPort(); +private: + boost::optional m_debugPort = boost::none; + std::mutex m_lock{}; +}; + +#endif /* UUIDCONFIG_H_ */ diff --git a/simulatordaemon/inc/UUIDConfigManager.h b/simulatordaemon/inc/UUIDConfigManager.h new file mode 100644 index 0000000..d87f7a5 --- /dev/null +++ b/simulatordaemon/inc/UUIDConfigManager.h @@ -0,0 +1,46 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief Class for storing UUID-specific user configuration. + */ + +#ifndef UUIDCONFIGMANAGER_H_ +#define UUIDCONFIGMANAGER_H_ + +#include +#include +#include + +#include "tee_client_api.h" +#include "UUIDUtils.h" +#include "UUIDConfig.h" + +class UUIDConfigManager { +private: + static std::shared_ptr instance; + std::map, UUIDComparator> m_TAMap{}; + std::mutex m_mapLock{}; +public: + static std::shared_ptr getInstance(); + std::shared_ptr at(const TEEC_UUID &uuid); + std::shared_ptr operator[](const TEEC_UUID &uuid); + void erase(const TEEC_UUID &uuid); +}; + +#endif /* UUIDCONFIGMANAGER_H_ */ diff --git a/simulatordaemon/inc/UUIDUtils.h b/simulatordaemon/inc/UUIDUtils.h new file mode 100644 index 0000000..ca6a5cd --- /dev/null +++ b/simulatordaemon/inc/UUIDUtils.h @@ -0,0 +1,33 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief UUID handling utilities. + */ + +#ifndef UUIDUTILS_H_ +#define UUIDUTILS_H_ + +class UUIDComparator { +public: + bool operator() (const TEEC_UUID &u1, const TEEC_UUID &u2); +private: + bool compareSeq (const TEEC_UUID &u1, const TEEC_UUID &u2); +}; + +#endif /* UUIDUTILS_H_ */ diff --git a/simulatordaemon/src/UUIDComparator.cpp b/simulatordaemon/src/UUIDComparator.cpp new file mode 100644 index 0000000..ef04f00 --- /dev/null +++ b/simulatordaemon/src/UUIDComparator.cpp @@ -0,0 +1,44 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief Class for storing UUID-specific user configuration. + */ + +#include "tee_client_api.h" +#include "UUIDUtils.h" + +bool UUIDComparator::operator() (const TEEC_UUID &u1, const TEEC_UUID &u2) { + if (u1.timeLow != u2.timeLow) + return u1.timeLow < u2.timeLow; + if (u1.timeMid != u2.timeMid) + return u1.timeMid < u2.timeMid; + if (u1.timeHiAndVersion != u2.timeHiAndVersion) + return u1.timeHiAndVersion < u2.timeHiAndVersion; + return compareSeq(u1, u2); +} + +bool UUIDComparator::compareSeq(const TEEC_UUID &u1, const TEEC_UUID &u2) { + for (int i = 0; i < 8; i++) { + if (u1.clockSeqAndNode[i] != + u2.clockSeqAndNode[i]) + return (u1.clockSeqAndNode[i] < + u2.clockSeqAndNode[i]); + } + return false; +} diff --git a/simulatordaemon/src/UUIDConfig.cpp b/simulatordaemon/src/UUIDConfig.cpp new file mode 100644 index 0000000..b0e8ea0 --- /dev/null +++ b/simulatordaemon/src/UUIDConfig.cpp @@ -0,0 +1,45 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief Class for storing UUID-specific user configuration. + */ + +#include +#include +#include +#include +#include "UUIDConfig.h" + +void UUIDConfig::setDebugPort(uint32_t port) +{ + std::lock_guard guard(m_lock); + m_debugPort = port; +} + +boost::optional UUIDConfig::getDebugPort() +{ + std::lock_guard guard(m_lock); + return m_debugPort; +} + +void UUIDConfig::clearDebugPort() +{ + std::lock_guard guard(m_lock); + m_debugPort = boost::none; +} diff --git a/simulatordaemon/src/UUIDConfigManager.cpp b/simulatordaemon/src/UUIDConfigManager.cpp new file mode 100644 index 0000000..01acf4d --- /dev/null +++ b/simulatordaemon/src/UUIDConfigManager.cpp @@ -0,0 +1,67 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief Class for storing UUID-specific user configuration. + */ + +#include +#include +#include + +#include "tee_client_api.h" +#include "UUIDUtils.h" +#include "UUIDConfig.h" +#include "UUIDConfigManager.h" + + +std::shared_ptr UUIDConfigManager::instance{}; + +std::shared_ptr UUIDConfigManager::getInstance() +{ + if (!instance) { + instance = std::shared_ptr( + new UUIDConfigManager); + } + return instance; +} + +std::shared_ptr UUIDConfigManager::at(const TEEC_UUID &uuid) +{ + std::lock_guard guard(m_mapLock); + return m_TAMap.at(uuid); +}; + +std::shared_ptr UUIDConfigManager::operator[](const TEEC_UUID &uuid) +{ + std::lock_guard guard(m_mapLock); + try { + return m_TAMap.at(uuid); + } catch (std::out_of_range) { + std::shared_ptr newUUIDConf = + std::shared_ptr(new UUIDConfig()); + m_TAMap[uuid] = newUUIDConf; + return newUUIDConf; + } +} + +void UUIDConfigManager::erase(const TEEC_UUID &uuid) +{ + std::lock_guard guard(m_mapLock); + m_TAMap.erase(uuid); +} -- 2.7.4 From f0fc61e11a2ddc9309f12b3de7fb0e5f92e7db23 Mon Sep 17 00:00:00 2001 From: Igor Kotrasinski Date: Thu, 14 Dec 2017 12:22:40 +0100 Subject: [PATCH 16/16] Move UUID conversion to string outside binary manager Change-Id: I2e87b716d07e87341bdd753a2e3e3267258fe9ec Signed-off-by: Igor Kotrasinski --- simulatordaemon/CMakeLists.txt | 1 + simulatordaemon/inc/UUIDUtils.h | 5 +++ simulatordaemon/src/ControlConnectionHandler.cpp | 3 +- simulatordaemon/src/Session.cpp | 6 +-- .../src/TABinaryManager/TABinaryManager.cpp | 18 +-------- .../src/TABinaryManager/TABinaryManager.h | 7 ---- simulatordaemon/src/TAFactory.cpp | 6 ++- simulatordaemon/src/TEEContext.cpp | 5 ++- simulatordaemon/src/UUIDUtils.cpp | 45 ++++++++++++++++++++++ 9 files changed, 63 insertions(+), 33 deletions(-) create mode 100644 simulatordaemon/src/UUIDUtils.cpp diff --git a/simulatordaemon/CMakeLists.txt b/simulatordaemon/CMakeLists.txt index a844f10..f223a11 100644 --- a/simulatordaemon/CMakeLists.txt +++ b/simulatordaemon/CMakeLists.txt @@ -53,6 +53,7 @@ SET(DAEMON_SOURCES ${DAEMON_PATH}/src/UUIDConfig.cpp ${DAEMON_PATH}/src/UUIDConfigManager.cpp ${DAEMON_PATH}/src/UUIDComparator.cpp + ${DAEMON_PATH}/src/UUIDUtils.cpp ${DAEMON_PATH}/src/ClientCommands/CommandCloseSession.cpp ${DAEMON_PATH}/src/ClientCommands/CommandCloseTASession.cpp ${DAEMON_PATH}/src/ClientCommands/CommandFinContext.cpp diff --git a/simulatordaemon/inc/UUIDUtils.h b/simulatordaemon/inc/UUIDUtils.h index ca6a5cd..9a6083e 100644 --- a/simulatordaemon/inc/UUIDUtils.h +++ b/simulatordaemon/inc/UUIDUtils.h @@ -23,6 +23,11 @@ #ifndef UUIDUTILS_H_ #define UUIDUTILS_H_ +#include +#include "tee_client_api.h" + +std::string UUIDToString(TEEC_UUID uuid); + class UUIDComparator { public: bool operator() (const TEEC_UUID &u1, const TEEC_UUID &u2); diff --git a/simulatordaemon/src/ControlConnectionHandler.cpp b/simulatordaemon/src/ControlConnectionHandler.cpp index 20ec75f..73a9a96 100644 --- a/simulatordaemon/src/ControlConnectionHandler.cpp +++ b/simulatordaemon/src/ControlConnectionHandler.cpp @@ -25,6 +25,7 @@ #include "log.h" #include "ControlConnectionHandler.h" #include "IConnectionWriter.h" +#include "UUIDUtils.h" void ControlConnectionHandler::setWriter(IConnectionWriter &writer) { @@ -91,7 +92,7 @@ void ControlConnectionHandler::handleSetPortCommand(std::vector &data) std::memcpy(&cmd, data.data(), sizeof(cmd)); std::string portString = std::to_string(cmd.port); - std::string uuidString = binaryManager->getUUIDAsString(cmd.uuid); + std::string uuidString = UUIDToString(cmd.uuid); ret = binaryManager->setPort(uuidString, portString); if (!ret) { reply.status = CTL_REPLY_SUCCESS; diff --git a/simulatordaemon/src/Session.cpp b/simulatordaemon/src/Session.cpp index e57ee3d..0301d6d 100644 --- a/simulatordaemon/src/Session.cpp +++ b/simulatordaemon/src/Session.cpp @@ -28,6 +28,7 @@ #include "TAFactory.h" #include "TEEContext.h" #include "TEEConnectionHandler.h" +#include "UUIDConfigManager.h" /*----------------------------------------------------------------------------- * Member functions @@ -105,15 +106,12 @@ TEEC_Result Session::createSession(OpenSessionData data) { // Update member variable mSessionID with the assigned session ID mSessionID = data.sessionID; - //Check if the TA is to be launched in Debug mode, Kill alive TA process - TAInstancePtr TAInst; - TABinaryManager *TABin = TABinaryManager::getInstance(); if(TABin == NULL) { LOGE(SIM_DAEMON, "Creating TABinaryManager Instance FAILED - "); return TEEC_ERROR_GENERIC; } - string TAUUID = TABin->getUUIDAsString(data.uuid); + string TAUUID = UUIDToString(data.uuid); string argvPort = TABin->getPort(TAUUID); string TAName(TAUUID); diff --git a/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp b/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp index 4ab2d1c..1dfb74a 100644 --- a/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp +++ b/simulatordaemon/src/TABinaryManager/TABinaryManager.cpp @@ -36,6 +36,7 @@ #include #include #include +#include "UUIDUtils.h" namespace fs = boost::filesystem; /*----------------------------------------------------------------------------- @@ -433,23 +434,6 @@ int TABinaryManager::setPort(string uuid, string port) { return ret; } -/** - * Converts UUID from TEEC_UUID to a string - * @return string of TEEC_UUID - */ -string TABinaryManager::getUUIDAsString(TEEC_UUID uuid) { - // E.g. returns a string in the format 79B7778897894a7aA2BEB60155EEF5F3 - std::stringstream strStream; - strStream << IntToHex(uuid.timeLow); - strStream << IntToHex(uuid.timeMid); - strStream << IntToHex(uuid.timeHiAndVersion); - for (int i = 0; i < 8; i++) { - strStream << IntToHex((short)uuid.clockSeqAndNode[i], 2); - } - return strStream.str(); -} - - TABinaryManager::~TABinaryManager() { pthread_rwlock_destroy(&binaryMapLock); pthread_mutex_destroy(&taLock); diff --git a/simulatordaemon/src/TABinaryManager/TABinaryManager.h b/simulatordaemon/src/TABinaryManager/TABinaryManager.h index 4526a62..b2f7215 100644 --- a/simulatordaemon/src/TABinaryManager/TABinaryManager.h +++ b/simulatordaemon/src/TABinaryManager/TABinaryManager.h @@ -65,12 +65,6 @@ private: map binaryMap; TABinaryManager(); bool unpackBinary(const string &uuid, const string& tapath, StructBinaryInfo& info); - template - std::string IntToHex(T i, int width = sizeof(T) * 2) { - std::stringstream stream; - stream << std::setfill('0') << std::setw(width) << std::hex << i; - return stream.str(); - } void decryptImage(StructBinaryInfo& info); string base64_decode(std::string const& encoded_string); bool is_base64(unsigned char c); @@ -94,7 +88,6 @@ public: int isMultipleSession(string uuid, bool &MultipleSession); string getImagePath(string uuid); const TAManifest* getManifest(string uuid); - string getUUIDAsString(TEEC_UUID uuid); string getPort(string uuid); int isKeepAlive(string uuid, bool &KeepAlive); diff --git a/simulatordaemon/src/TAFactory.cpp b/simulatordaemon/src/TAFactory.cpp index 272b912..f01bf74 100644 --- a/simulatordaemon/src/TAFactory.cpp +++ b/simulatordaemon/src/TAFactory.cpp @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,8 +26,10 @@ *-----------------------------------------------------------------------------*/ #include "TAFactory.h" #include "SecurityContext.h" +#include "UUIDUtils.h" #include "ResponseCommands/ResMakeCommand.h" + /*----------------------------------------------------------------------------- * Globals *-----------------------------------------------------------------------------*/ @@ -85,7 +87,7 @@ TAInstancePtr TAFactory::getTAInstance(TEEC_UUID uuid, ISession* session) { // Get TA Binary Manager instance TABinaryManager *TABin = TABinaryManager::getInstance(); // Get TEEC_UUID format uuid converted to string form - string TAUUID = TABin->getUUIDAsString(uuid); + string TAUUID = UUIDToString(uuid); // Change to upper char. TA list has upper char. locale loc; diff --git a/simulatordaemon/src/TEEContext.cpp b/simulatordaemon/src/TEEContext.cpp index bef3ed0..13aa4c1 100644 --- a/simulatordaemon/src/TEEContext.cpp +++ b/simulatordaemon/src/TEEContext.cpp @@ -27,6 +27,7 @@ #include "TEEContext.h" #include "TABinaryManager.h" #include "TEEConnectionHandler.h" +#include "UUIDUtils.h" /*----------------------------------------------------------------------------- * Globals @@ -575,8 +576,8 @@ TEEC_Result TEEContext::checkTADomain(IntTAOpenSessionData data) { memcpy(&src, &data.source, sizeof(TEEC_UUID)); memcpy(&dst, &data.destination, sizeof(TEEC_UUID)); - source_uuid = TABin->getUUIDAsString(src); - dest_uuid = TABin->getUUIDAsString(dst); + source_uuid = UUIDToString(src); + dest_uuid = UUIDToString(dst); std::transform(source_uuid.begin(), source_uuid.end(), source_uuid.begin(), ::toupper); std::transform(dest_uuid.begin(), dest_uuid.end(), dest_uuid.begin(), ::toupper); diff --git a/simulatordaemon/src/UUIDUtils.cpp b/simulatordaemon/src/UUIDUtils.cpp new file mode 100644 index 0000000..fd6ef7a --- /dev/null +++ b/simulatordaemon/src/UUIDUtils.cpp @@ -0,0 +1,45 @@ +/** + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @author Igor Kotrasinski (i.kotrasinsk@partner.samsung.com) + * @brief Useful functions for dealing with UUIDs + */ + +#include +#include +#include + +#include "tee_client_api.h" + +template +static std::string IntToHex(T i, int width = sizeof(T) * 2) { + std::stringstream stream; + stream << std::setfill('0') << std::setw(width) << std::hex << std::uppercase << i; + return stream.str(); +} + +std::string UUIDToString(TEEC_UUID uuid) { + std::stringstream strStream; + strStream << IntToHex(uuid.timeLow); + strStream << IntToHex(uuid.timeMid); + strStream << IntToHex(uuid.timeHiAndVersion); + for (int i = 0; i < 8; i++) { + strStream << IntToHex((short)uuid.clockSeqAndNode[i], 2); + } + return strStream.str(); +} -- 2.7.4