static DBusHandlerResult generic_message(DBusConnection *connection, DBusMessage *message, void *user_data) { struct generic_data *data = user_data; struct interface_data *iface; const GDBusMethodTable *method; const char *interface; interface = dbus_message_get_interface(message); iface = find_interface(data->interfaces, interface); if (iface == NULL) return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; for (method = iface->methods; method && method->name && method->function; method++) { if (dbus_message_is_method_call(message, iface->name, method->name) == FALSE) continue; if (dbus_message_has_signature(message, method->signature) == FALSE) continue; if (check_privilege(connection, message, method, iface->user_data) == TRUE) return DBUS_HANDLER_RESULT_HANDLED; return process_message(connection, message, method, iface->user_data); } return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; }
static int be_get_reg_len(struct net_device *netdev) { struct be_adapter *adapter = netdev_priv(netdev); u32 log_size = 0; if (!check_privilege(adapter, MAX_PRIVILEGES)) return 0; if (be_physfn(adapter)) { if (lancer_chip(adapter)) log_size = lancer_cmd_get_file_len(adapter, LANCER_FW_DUMP_FILE); else be_cmd_get_reg_len(adapter, &log_size); } return log_size; }
int SsServerGetInfo(int sender_pid, const char* data_filepath, char* file_info, ssm_flag flag, const char* cookie, const char* group_id) { size_t read = 0; FILE *fd_in = NULL; char in_filepath[MAX_FILENAME_LEN] = {0, }; //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s] permission denied, [%s]\n", __func__, group_id); return SS_PERMISSION_DENIED; } // 1. create in file name : convert file name in order to access secure storage if(flag == SSM_FLAG_WIDGET) strncpy(in_filepath, data_filepath, MAX_FILENAME_LEN - 1); else ConvertFileName(sender_pid, in_filepath, data_filepath, flag, group_id); // 1. open file if(!(fd_in = fopen( in_filepath, "rb"))) { SLOGE("[%s] File open error:(in_filepath) [%s], [%s]\n", __func__, data_filepath, in_filepath ); return SS_FILE_OPEN_ERROR; // file related error } // 2. read metadata field - first 8 bytes read = fread(file_info, 1, sizeof(ssm_file_info_t), fd_in); if(read != sizeof(ssm_file_info_t)) { fclose(fd_in); return SS_FILE_READ_ERROR; } fclose(fd_in); return 1; }
int SsServerDeleteFile(int sender_pid, const char* data_filepath, ssm_flag flag, const char* cookie, const char* group_id) { const char* in_filepath = data_filepath; char out_filepath[MAX_FILENAME_LEN] = {0, }; //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s] permission denied\n", __func__); return SS_PERMISSION_DENIED; } // 1. create out file name ConvertFileName(sender_pid, out_filepath, in_filepath, flag, group_id); // 2. delete designated file if(unlink(out_filepath) != 0) // unlink fail? { SLOGE("[%s] error occured while deleting file\n", __func__); return SS_FILE_WRITE_ERROR; } return 1; }
int compare(const char *filepath) { char *subpath = pathtrim(filepath); debug_msg("Comparing File: %s", filepath); file_count++; // ignore if no read permission if (check_privilege(filepath)) { verbose_msg("Ignore file: %s due to privilege limitation: %s", subpath, strerror(errno)); return -1; } struct stat buffer; int status; status = lstat(filepath, &buffer); if (status != 0) { verbose_msg("Fetch file status failed: $s: %s, Error code: %d", subpath, strerror(errno), errno); return -1; } // find the linked list with the same file size and the same file type // st_mode & S_IFMT extract the file type code from a mode value. list *ls_search = list_new(buffer.st_size, (unsigned int)buffer.st_mode & S_IFMT); debug_msg("Size: %d, type: %u, status=%d", (int)ls_search->filesize, ls_search->filetype, status); // store the file info into the node list_node *newfile = node_new(filepath, buffer.st_size); // reference man page: http://man7.org/linux/man-pages/man3/tsearch.3.html // key points to the item to be searched for. rootp points to a variable which points to the root of the tree. list **lsp = (list **)tsearch((void *)ls_search, &tree_root, list_compare); // returns a pointer to the newly added item. list_node *finded_same; //0 true 1 false if (lsp == NULL) { debug_msg("Append child failed"); exit(1); } else { // Find the same file list *rls = *lsp; debug_msg("Listinfo Size: %d, type: %d", rls->filesize, rls->filetype); if (rls != ls_search) { // list exists debug_msg("A list already exists! Search the item."); // wheather the same file is in the list finded_same = is_samefile_inlist(rls, newfile); // add the item to the existing list if (finded_same != NULL) { debug_msg("Same file found!"); node_free(newfile); char *tmp_subpath = pathtrim(finded_same->filepath); printf("%s\t%s\n", tmp_subpath, subpath); num_du_files++; free(tmp_subpath); free(subpath); } else { list_additem(rls, newfile); } list_free(ls_search); } else { // list not exist list_additem(rls, newfile); debug_msg("Created a new list!"); } } memLimitCheck(); return 0; }
int SsServerDataRead(int sender_pid, const char* data_filepath, char* pRetBuf, unsigned int count, unsigned int* readLen, ssm_flag flag, const char* cookie, const char* group_id) { unsigned int offset = count * MAX_RECV_DATA_LEN; char key[16] = {0, }; unsigned char iv[16] = {0, }; char in_filepath[MAX_FILENAME_LEN] = {0, }; FILE* fd_in = NULL; char *out_data = pRetBuf; unsigned char p_text[ENCRYPT_SIZE]= {0, }; unsigned char e_text[ENCRYPT_SIZE]= {0, }; size_t read = 0; *readLen = 0; //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s] permission denied\n", __func__); return SS_PERMISSION_DENIED; } // 1. create in file name : convert file name in order to access secure storage if(flag == SSM_FLAG_WIDGET) strncpy(in_filepath, data_filepath, MAX_FILENAME_LEN - 1); else ConvertFileName(sender_pid, in_filepath, data_filepath, flag, group_id); // 2. open file if(!(fd_in = fopen(in_filepath, "rb"))) { SLOGE("[%s] File open error:(in_filepath) %s\n", __func__, in_filepath); return SS_FILE_OPEN_ERROR; // file related error } // 3. skip to offset fseek(fd_in, (long)offset + sizeof(ssm_file_info_t), SEEK_SET); // 4. decrypt data GetKey(key, iv); read = fread(e_text, 1, ENCRYPT_SIZE, fd_in); while((read == ENCRYPT_SIZE)) { AES_Crypto(p_text, e_text, key, iv, 0, ENCRYPT_SIZE) ; memcpy(out_data, p_text, ENCRYPT_SIZE); out_data += ENCRYPT_SIZE; *readLen += ENCRYPT_SIZE; if(*readLen == MAX_RECV_DATA_LEN) goto Last; memset(p_text, 0x00, ENCRYPT_SIZE); memset(e_text, 0x00, ENCRYPT_SIZE); read = fread(e_text, 1, ENCRYPT_SIZE, fd_in); } AES_Crypto(p_text, e_text, key, iv, 0, read) ; memcpy(out_data, p_text, read); out_data += read; *readLen += read; Last: *out_data = '\0'; fclose(fd_in); return 1; }
int SsServerDataStoreFromBuffer(int sender_pid, char* writebuffer, size_t bufLen, const char* filename, ssm_flag flag, const char* cookie, const char* group_id) { char key[16] = {0, }; unsigned char iv[16] = {0, }; char out_filepath[MAX_FILENAME_LEN+1]; char *buffer = NULL; unsigned int writeLen = 0, loop, rest, count; FILE *fd_out = NULL; ssm_file_info_convert_t sfic; unsigned char p_text[ENCRYPT_SIZE]= {0, }; unsigned char e_text[ENCRYPT_SIZE]= {0, }; int res = -1; writeLen = (unsigned int)(bufLen / AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE; buffer = (char*)malloc(writeLen + 1); if(!buffer) { SLOGE("[%s] Memory Allocation Fail in SsServerDataStoreFromBuffer()..\n", __func__); return SS_MEMORY_ERROR; } memset(buffer, 0x00, writeLen); memcpy(buffer, writebuffer, bufLen); //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s] permission denied\n", __func__); free(buffer); return SS_PERMISSION_DENIED; } // create file path from filename ConvertFileName(sender_pid, out_filepath, filename, flag, group_id); // open a file with write mode if(!(fd_out = fopen(out_filepath, "wb"))) { SLOGE("[%s] File open error:(out_filepath) %s\n", __func__, out_filepath); free(buffer); return SS_FILE_OPEN_ERROR; // file related error } chmod(out_filepath, 0600); // write metadata sfic.fInfoStruct.originSize = (unsigned int)bufLen; sfic.fInfoStruct.storedSize = writeLen; sfic.fInfoStruct.reserved[0] = flag & 0x000000ff; fwrite(sfic.fInfoArray, 1, sizeof(ssm_file_info_t), fd_out); // encrypt buffer loop = writeLen / ENCRYPT_SIZE; rest = writeLen % ENCRYPT_SIZE; GetKey(key, iv); for(count = 0; count < loop; count++) { memcpy(p_text, buffer+count*ENCRYPT_SIZE, ENCRYPT_SIZE); AES_Crypto( p_text, e_text, key, iv, 1, ENCRYPT_SIZE); fwrite(e_text, 1, ENCRYPT_SIZE, fd_out); memset(e_text, 0x00, ENCRYPT_SIZE); memset(p_text, 0x00, ENCRYPT_SIZE); } memcpy(p_text, buffer + loop*ENCRYPT_SIZE, rest); AES_Crypto(p_text, e_text, key, iv, 1, rest); fwrite(e_text, 1, rest, fd_out); if((res = fflush(fd_out)) != 0) { SLOGE("[%s] fail to execute fflush().\n", __func__); return SS_FILE_WRITE_ERROR; } else { SLOGI("[%s] success to execute fflush().\n", __func__); if((res = fsync(fd_out->_fileno)) == -1) { SLOGE("[%s] fail to execute fsync().\n", __func__); return SS_FILE_WRITE_ERROR; } else SLOGI("[%s] success to execute fsync(). loop=[%d], rest=[%d]\n", __func__, loop, rest); } fclose(fd_out); free(buffer); return 1; }
int SsServerDataStoreFromFile(int sender_pid, const char* data_filepath, ssm_flag flag, const char* cookie, const char* group_id) { char key[16] = {0, }; unsigned char iv[16] = {0, }; const char* in_filepath = data_filepath; char out_filepath[MAX_FILENAME_LEN] = {0, }; FILE* fd_in = NULL; FILE* fd_out = NULL; struct stat file_info; ssm_file_info_convert_t sfic; int res = -1; unsigned char p_text[ENCRYPT_SIZE]= {0, }; unsigned char e_text[ENCRYPT_SIZE]= {0, }; size_t read = 0, rest = 0; //0. privilege check and get directory name if(check_privilege(cookie, group_id) != 0) { SLOGE("[%s][%s] permission denied\n", __func__, group_id); return SS_PERMISSION_DENIED; } // 1. create out file name ConvertFileName(sender_pid, out_filepath, in_filepath, flag, group_id); // 2. file open if(!(fd_in = fopen(in_filepath, "rb"))) { SLOGE("[%s]File open error:(in_filepath) %s\n", __func__, in_filepath); return SS_FILE_OPEN_ERROR; // file related error } if(!(fd_out = fopen(out_filepath, "wb"))) { SLOGE("[%s]File open error:(out_filepath) %s\n", __func__, out_filepath); fclose(fd_in); return SS_FILE_OPEN_ERROR; // file related error } chmod(out_filepath, 0600); // 3. write metadata if(!stat(in_filepath, &file_info)) { sfic.fInfoStruct.originSize = (unsigned int)file_info.st_size; sfic.fInfoStruct.storedSize = (unsigned int)(sfic.fInfoStruct.originSize/AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE; sfic.fInfoStruct.reserved[0] = flag & 0x000000ff; } else { SLOGE("[%s] the function stat() fail.\n", __func__); fclose(fd_in); fclose(fd_out); return SS_FILE_READ_ERROR; } fwrite(sfic.fInfoArray, 1, sizeof(ssm_file_info_t), fd_out); // 4. encrypt real data read = fread(p_text, 1, ENCRYPT_SIZE, fd_in); GetKey(key, iv); while(read == ENCRYPT_SIZE) { AES_Crypto(p_text, e_text, key, iv, 1, ENCRYPT_SIZE); fwrite(e_text, 1, ENCRYPT_SIZE, fd_out); memset(e_text, 0x00, ENCRYPT_SIZE); memset(p_text, 0x00, ENCRYPT_SIZE); read = fread( p_text, 1, ENCRYPT_SIZE, fd_in ); } rest = AES_BLOCK_SIZE - (read % AES_BLOCK_SIZE); AES_Crypto(p_text, e_text, key, iv, 1, read+rest); fwrite(e_text, 1, read + rest, fd_out); if((res = fflush(fd_out)) != 0) { SLOGE("[%s] fail to execute fflush().\n", __func__); return SS_FILE_WRITE_ERROR; } else { SLOGI("[%s] success to execute fflush().\n", __func__); if((res = fsync(fd_out->_fileno)) == -1) { SLOGE("[%s] fail to execute fsync().\n", __func__); return SS_FILE_WRITE_ERROR; } else SLOGI("[%s] success to execute fsync(). read=[%d], rest=[%d]\n", __func__, read, rest); } fclose(fd_in); fclose(fd_out); return 1; }