From 79cd6a860f8f15f63ddb61b0514eaee2588925ac Mon Sep 17 00:00:00 2001 From: XiYuhao Date: Mon, 27 Dec 2021 15:13:56 +0800 Subject: [PATCH 1/4] add tokenid to ipc thread context Signed-off-by: XiYuhao --- .../ipc_core/include/ipc_object_stub.h | 4 ++ .../innerkits/ipc_core/include/ipc_skeleton.h | 6 +++ .../innerkits/ipc_core/include/ipc_types.h | 1 + .../src/core/source/ipc_object_stub.cpp | 10 +++++ ipc/native/src/core/source/ipc_skeleton.cpp | 37 +++++++++++++++++++ ipc/native/src/mock/include/binder_invoker.h | 6 +++ .../mock/include/dbinder_databus_invoker.h | 4 ++ ipc/native/src/mock/include/iremote_invoker.h | 4 ++ ipc/native/src/mock/include/sys_binder.h | 7 ++++ ipc/native/src/mock/source/binder_invoker.cpp | 34 ++++++++++++++++- .../mock/source/dbinder_databus_invoker.cpp | 13 ++++++- 11 files changed, 124 insertions(+), 2 deletions(-) diff --git a/interfaces/innerkits/ipc_core/include/ipc_object_stub.h b/interfaces/innerkits/ipc_core/include/ipc_object_stub.h index 71d78e3c..8e922a88 100755 --- a/interfaces/innerkits/ipc_core/include/ipc_object_stub.h +++ b/interfaces/innerkits/ipc_core/include/ipc_object_stub.h @@ -62,6 +62,10 @@ public: int GetCallingUid(); + uint32_t GetCallingTokenID(); + + uint32_t GetFirstTokenID(); + virtual int OnRemoteDump(uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option); virtual int32_t ProcessProto(uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option); diff --git a/interfaces/innerkits/ipc_core/include/ipc_skeleton.h b/interfaces/innerkits/ipc_core/include/ipc_skeleton.h index fa59b085..258b1262 100755 --- a/interfaces/innerkits/ipc_core/include/ipc_skeleton.h +++ b/interfaces/innerkits/ipc_core/include/ipc_skeleton.h @@ -37,6 +37,12 @@ public: static pid_t GetCallingUid(); + static uint32_t GetCallingTokenID(); + + static uint32_t GetFirstTokenID(); + + static int SetFirstTokenID(uint32_t tokenID); + static std::string GetLocalDeviceID(); static std::string GetCallingDeviceID(); diff --git a/interfaces/innerkits/ipc_core/include/ipc_types.h b/interfaces/innerkits/ipc_core/include/ipc_types.h index 66b46ad1..cc93a988 100755 --- a/interfaces/innerkits/ipc_core/include/ipc_types.h +++ b/interfaces/innerkits/ipc_core/include/ipc_types.h @@ -77,6 +77,7 @@ enum { ERR_INVALID_STATE, IPC_SKELETON_ERR = 100, IPC_SKELETON_NULL_OBJECT_ERR, + IPC_SKELETON_SET_FTOKEN_ERR, IPC_PROXY_ERR = 200, IPC_PROXY_DEAD_OBJECT_ERR, IPC_PROXY_NULL_INVOKER_ERR, diff --git a/ipc/native/src/core/source/ipc_object_stub.cpp b/ipc/native/src/core/source/ipc_object_stub.cpp index 24efaaec..bfd539f2 100755 --- a/ipc/native/src/core/source/ipc_object_stub.cpp +++ b/ipc/native/src/core/source/ipc_object_stub.cpp @@ -299,6 +299,16 @@ pid_t IPCObjectStub::GetCallingUid() return IPCSkeleton::GetCallingUid(); } +uint32_t IPCObjectStub::GetCallingTokenID() +{ + return IPCSkeleton::GetCallingTokenID(); +} + +uint32_t IPCObjectStub::GetFirstTokenID() +{ + return IPCSkeleton::GetFirstTokenID(); +} + int IPCObjectStub::GetObjectType() const { return OBJECT_TYPE_NATIVE; diff --git a/ipc/native/src/core/source/ipc_skeleton.cpp b/ipc/native/src/core/source/ipc_skeleton.cpp index 66dd3696..769a8558 100755 --- a/ipc/native/src/core/source/ipc_skeleton.cpp +++ b/ipc/native/src/core/source/ipc_skeleton.cpp @@ -84,6 +84,43 @@ pid_t IPCSkeleton::GetCallingUid() return getuid(); } +uint32_t IPCSkeleton::GetCallingTokenID() +{ + IRemoteInvoker *invoker = IPCThreadSkeleton::GetActiveInvoker(); + if (invoker != nullptr) { + return invoker->GetCallerTokenID(); + } + uint64_t token; + int ret = syscall(GETTOKEN, &token); + if (ret != 0) { + return 0; + } + return (uint32_t)token; +} + +uint32_t IPCSkeleton::GetFirstTokenID() +{ + IRemoteInvoker *invoker = IPCThreadSkeleton::GetActiveInvoker(); + if (invoker != nullptr) { + return invoker->GetFirstTokenID(); + } + uint64_t ftoken; + int ret = syscall(GETFTOKEN, &ftoken); + if (ret != 0) { + return 0; + } + return (uint32_t)ftoken; +} + +int IPCSkeleton::SetFirstTokenID(uint32_t tokenID) +{ + int ret = syscall(SETFTOKEN, (uint64_t)tokenID); + if (ret != 0) { + return IPC_SKELETON_SET_FTOKEN_ERR; + } + return ERR_NONE; +} + std::string IPCSkeleton::GetLocalDeviceID() { IRemoteInvoker *invoker = IPCThreadSkeleton::GetActiveInvoker(); diff --git a/ipc/native/src/mock/include/binder_invoker.h b/ipc/native/src/mock/include/binder_invoker.h index e2b5c5d9..70f665f5 100755 --- a/ipc/native/src/mock/include/binder_invoker.h +++ b/ipc/native/src/mock/include/binder_invoker.h @@ -80,6 +80,10 @@ public: uid_t GetCallerUid() const override; + uint32_t GetCallerTokenID() const override; + + uint32_t GetFirstTokenID() const override; + uint32_t GetStatus() const override; bool IsLocalCalling() override; @@ -111,6 +115,8 @@ protected: bool stopWorkThread; pid_t callerPid_; pid_t callerUid_; + uint32_t callerTokenID_; + uint32_t firstTokenID_; private: int TransactWithDriver(bool doRead = true); diff --git a/ipc/native/src/mock/include/dbinder_databus_invoker.h b/ipc/native/src/mock/include/dbinder_databus_invoker.h index e08045a3..1d9ecadc 100755 --- a/ipc/native/src/mock/include/dbinder_databus_invoker.h +++ b/ipc/native/src/mock/include/dbinder_databus_invoker.h @@ -46,6 +46,8 @@ public: bool WriteFileDescriptor(Parcel &parcel, int fd, bool takeOwnership) override; pid_t GetCallerPid() const override; uid_t GetCallerUid() const override; + uint32_t GetCallerTokenID() const override; + uint32_t GetFirstTokenID() const override; uint32_t GetStatus() const override; bool IsLocalCalling() override; std::string GetLocalDeviceID() override; @@ -102,6 +104,8 @@ private: pid_t callerPid_; pid_t callerUid_; std::string callerDeviceID_; + uint32_t callerTokenID_; + uint32_t firstTokenID_; uint64_t seqNumber_ = 0; uint32_t clientFd_ = 0; uint32_t status_; diff --git a/ipc/native/src/mock/include/iremote_invoker.h b/ipc/native/src/mock/include/iremote_invoker.h index ba62f420..a3bbf157 100755 --- a/ipc/native/src/mock/include/iremote_invoker.h +++ b/ipc/native/src/mock/include/iremote_invoker.h @@ -68,6 +68,10 @@ public: virtual uid_t GetCallerUid() const = 0; + virtual uint32_t GetCallerTokenID() const = 0; + + virtual uint32_t GetFirstTokenID() const = 0; + virtual uint32_t GetStatus() const = 0; virtual bool IsLocalCalling() = 0; diff --git a/ipc/native/src/mock/include/sys_binder.h b/ipc/native/src/mock/include/sys_binder.h index 7bd14c44..3f99d5f6 100755 --- a/ipc/native/src/mock/include/sys_binder.h +++ b/ipc/native/src/mock/include/sys_binder.h @@ -16,6 +16,7 @@ #ifndef OHOS_IPC_SYS_BINDER_H #define OHOS_IPC_SYS_BINDER_H +#include #include #ifndef _UAPI_LINUX_BINDER_H @@ -24,6 +25,10 @@ #include #include +#define GETTOKEN 442 +#define SETFTOKEN 443 +#define GETFTOKEN 444 + #ifndef B_PACK_CHARS #define B_PACK_CHARS(c1, c2, c3, c4) ((((c1) << 24)) | (((c2) << 16)) | (((c3) << 8)) | (c4)) #endif @@ -143,6 +148,8 @@ struct binder_transaction_data { __u32 flags; pid_t sender_pid; uid_t sender_euid; + __u64 sender_tokenid; + __u64 first_tokenid; binder_size_t data_size; binder_size_t offsets_size; union { diff --git a/ipc/native/src/mock/source/binder_invoker.cpp b/ipc/native/src/mock/source/binder_invoker.cpp index 46fc5119..3440dcad 100755 --- a/ipc/native/src/mock/source/binder_invoker.cpp +++ b/ipc/native/src/mock/source/binder_invoker.cpp @@ -42,8 +42,16 @@ enum { }; BinderInvoker::BinderInvoker() - : isMainWorkThread(false), stopWorkThread(false), callerPid_(getpid()), callerUid_(getuid()), status_(0) + : isMainWorkThread(false), stopWorkThread(false), callerPid_(getpid()), callerUid_(getuid()), + firstTokenID_(-1), status_(0) { + uint64_t token; + int ret = syscall(GETTOKEN, &token); + if (ret != 0) { + callerTokenID_ = -1; + } else { + callerTokenID_ = (uint32_t)token; + } input_.SetDataCapacity(IPC_DEFAULT_PARCEL_SIZE); binderConnector_ = BinderConnector::GetInstance(); } @@ -423,9 +431,13 @@ void BinderInvoker::OnTransaction(const uint8_t *buffer) #endif const pid_t oldPid = callerPid_; const auto oldUid = static_cast(callerUid_); + const uint32_t oldToken = callerTokenID_; + const uint32_t oldFirstToken = firstTokenID_; uint32_t oldStatus = status_; callerPid_ = tr->sender_pid; callerUid_ = tr->sender_euid; + callerTokenID_ = tr->sender_tokenid; + firstTokenID_ = tr->first_tokenid; SetStatus(IRemoteInvoker::ACTIVE_INVOKER); int error = ERR_DEAD_OBJECT; sptr targetObject; @@ -453,6 +465,8 @@ void BinderInvoker::OnTransaction(const uint8_t *buffer) } callerPid_ = oldPid; callerUid_ = oldUid; + callerTokenID_ = oldToken; + firstTokenID_ = oldFirstToken; SetStatus(oldStatus); } @@ -804,6 +818,24 @@ uid_t BinderInvoker::GetCallerUid() const return callerUid_; } +uint32_t BinderInvoker::GetCallerTokenID() const +{ + return callerTokenID_; +} + +uint32_t BinderInvoker::GetFirstTokenID() const +{ + if (firstTokenID_ == -1) { + uint64_t ftoken; + int ret = syscall(GETFTOKEN, &ftoken); + if (ret != 0) { + return 0; + } + return (uint32_t)ftoken; + } + return firstTokenID_; +} + uint32_t BinderInvoker::GetStatus() const { return status_; diff --git a/ipc/native/src/mock/source/dbinder_databus_invoker.cpp b/ipc/native/src/mock/source/dbinder_databus_invoker.cpp index 20c0b287..4c6b4028 100755 --- a/ipc/native/src/mock/source/dbinder_databus_invoker.cpp +++ b/ipc/native/src/mock/source/dbinder_databus_invoker.cpp @@ -41,7 +41,8 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LOG_LABEL = { LOG_CORE, LOG_ID_RPC, (void)OHOS::HiviewDFX::HiLog::Info(LOG_LABEL, "%{public}s %{public}d: " fmt, TITLE, __LINE__, ##args) DBinderDatabusInvoker::DBinderDatabusInvoker() - : stopWorkThread_(false), callerPid_(getpid()), callerUid_(getuid()), callerDeviceID_(""), status_(0) + : stopWorkThread_(false), callerPid_(getpid()), callerUid_(getuid()), callerDeviceID_(""), + callerTokenID_(0), firstTokenID_(0), status_(0) { DBINDER_LOGI("Create DBinderDatabusInvoker"); } @@ -642,6 +643,16 @@ void DBinderDatabusInvoker::SetCallerUid(pid_t uid) callerUid_ = uid; } +uint32_t DBinderDatabusInvoker::GetCallerTokenID() const +{ + return callerTokenID_; +} + +uint32_t DBinderDatabusInvoker::GetFirstTokenID() const +{ + return firstTokenID_; +} + void DBinderDatabusInvoker::SetCallerDeviceID(const std::string &deviceId) { callerDeviceID_ = deviceId; -- Gitee From 940c09c978b3d01573e6a9284b83cc8f564b84d6 Mon Sep 17 00:00:00 2001 From: XiYuhao Date: Tue, 28 Dec 2021 20:01:13 +0800 Subject: [PATCH 2/4] change syscall to specific function Signed-off-by: XiYuhao --- ipc/native/src/core/source/ipc_skeleton.cpp | 7 ++++--- ipc/native/src/mock/include/sys_binder.h | 4 ---- ipc/native/src/mock/source/binder_invoker.cpp | 4 ++-- 3 files changed, 6 insertions(+), 9 deletions(-) diff --git a/ipc/native/src/core/source/ipc_skeleton.cpp b/ipc/native/src/core/source/ipc_skeleton.cpp index 769a8558..7b4b43a4 100755 --- a/ipc/native/src/core/source/ipc_skeleton.cpp +++ b/ipc/native/src/core/source/ipc_skeleton.cpp @@ -91,7 +91,7 @@ uint32_t IPCSkeleton::GetCallingTokenID() return invoker->GetCallerTokenID(); } uint64_t token; - int ret = syscall(GETTOKEN, &token); + int ret = sys_gettokenid(&token, 0); if (ret != 0) { return 0; } @@ -105,7 +105,7 @@ uint32_t IPCSkeleton::GetFirstTokenID() return invoker->GetFirstTokenID(); } uint64_t ftoken; - int ret = syscall(GETFTOKEN, &ftoken); + int ret = sys_getftokenid(&ftoken, 0); if (ret != 0) { return 0; } @@ -114,7 +114,8 @@ uint32_t IPCSkeleton::GetFirstTokenID() int IPCSkeleton::SetFirstTokenID(uint32_t tokenID) { - int ret = syscall(SETFTOKEN, (uint64_t)tokenID); + uint64_t tmp = (uint64_t)tokenID; + int ret = sys_setftokenid(&tmp, 0); if (ret != 0) { return IPC_SKELETON_SET_FTOKEN_ERR; } diff --git a/ipc/native/src/mock/include/sys_binder.h b/ipc/native/src/mock/include/sys_binder.h index 3f99d5f6..1996d2ee 100755 --- a/ipc/native/src/mock/include/sys_binder.h +++ b/ipc/native/src/mock/include/sys_binder.h @@ -25,10 +25,6 @@ #include #include -#define GETTOKEN 442 -#define SETFTOKEN 443 -#define GETFTOKEN 444 - #ifndef B_PACK_CHARS #define B_PACK_CHARS(c1, c2, c3, c4) ((((c1) << 24)) | (((c2) << 16)) | (((c3) << 8)) | (c4)) #endif diff --git a/ipc/native/src/mock/source/binder_invoker.cpp b/ipc/native/src/mock/source/binder_invoker.cpp index 3440dcad..a1e5d5e0 100755 --- a/ipc/native/src/mock/source/binder_invoker.cpp +++ b/ipc/native/src/mock/source/binder_invoker.cpp @@ -46,7 +46,7 @@ BinderInvoker::BinderInvoker() firstTokenID_(-1), status_(0) { uint64_t token; - int ret = syscall(GETTOKEN, &token); + int ret = sys_gettokenid(&token, 0); if (ret != 0) { callerTokenID_ = -1; } else { @@ -827,7 +827,7 @@ uint32_t BinderInvoker::GetFirstTokenID() const { if (firstTokenID_ == -1) { uint64_t ftoken; - int ret = syscall(GETFTOKEN, &ftoken); + int ret = sys_getftokenid(&ftoken, 0); if (ret != 0) { return 0; } -- Gitee From 0e38636e2cd2f105910893602f73c404094ee195 Mon Sep 17 00:00:00 2001 From: XiYuhao Date: Thu, 30 Dec 2021 15:15:37 +0800 Subject: [PATCH 3/4] add accesstokenid testsuit Signed-off-by: XiYuhao --- .../native/include/test_service_skeleton.h | 1 + .../native/src/test_service_skeleton.cpp | 35 +++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/ipc/test/auxiliary/native/include/test_service_skeleton.h b/ipc/test/auxiliary/native/include/test_service_skeleton.h index d8d89f40..8c4072d0 100755 --- a/ipc/test/auxiliary/native/include/test_service_skeleton.h +++ b/ipc/test/auxiliary/native/include/test_service_skeleton.h @@ -46,6 +46,7 @@ public: TRANS_ID_ASHMEM = 15, TRANS_ID_ASYNC_DUMP_SERVICE = 16, TRANS_ID_NESTING_SEND = 17, + TRANS_ID_ACCESS_TOKENID = 18, }; public: virtual int TestSyncTransaction(int data, int &reply, int delayTime = 0) = 0; diff --git a/ipc/test/auxiliary/native/src/test_service_skeleton.cpp b/ipc/test/auxiliary/native/src/test_service_skeleton.cpp index d6d5e553..3f1df3ec 100755 --- a/ipc/test/auxiliary/native/src/test_service_skeleton.cpp +++ b/ipc/test/auxiliary/native/src/test_service_skeleton.cpp @@ -280,6 +280,36 @@ int TestServiceProxy::TestCallingUidPid() return -1; } + +int TestServiceProxy::TestAccessTokenID() +{ + MessageOption option; + MessageParcel dataParcel, replyParcel; + + int32_t token = IPCSkeleton::GetCallingTokenID(); + int32_t ftoken = IPCSkeleton::GetFirstTokenID(); + int32_t tokenSelf; + int ret = syscall(643, &tokenSelf, 0); + if (ret != 0 || tokenSelf != token || ftoken != 0) { + return -1; + } + + IPCSkeleton::SetFirstTokenID(0x12345678); + int ret = Remote()->SendRequest(TRANS_ID_ACCESS_TOKENID, dataParcel, replyParcel, option); + if (ret != ERR_NONE) { + ZLOGE(LABEL, "ret = %{public}d", ret); + return ret; + } + + token = replyParcel.ReadInt32(); + ftoken = replyParcel.ReadInt32(); + + if (token != tokenSelf || ftoken != 0x12345678) { + return -1; + } + return 0; +} + int TestServiceProxy::TestFlushAsyncCalls(int count, int length) { int ret; @@ -472,6 +502,11 @@ int TestServiceStub::OnRemoteRequest(uint32_t code, IPCSkeleton::GetCallingUid(), IPCSkeleton::GetCallingPid()); break; } + case TRANS_ID_ACCESS_TOKENID: { + reply.WriteInt32(IPCSkeleton::GetCallingTokenID()); + reply.WriteInt32(IPCSkeleton::GetFirstTokenID()); + break; + } case TRANS_ID_FLUSH_ASYNC_CALLS: { (void)data.ReadString16(); break; -- Gitee From d2d1f9507598238321a323ef44657a54c461fc56 Mon Sep 17 00:00:00 2001 From: XiYuhao Date: Thu, 30 Dec 2021 15:24:08 +0800 Subject: [PATCH 4/4] testsuit modify Signed-off-by: XiYuhao --- .../native/src/test_service_skeleton.cpp | 22 ++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/ipc/test/auxiliary/native/src/test_service_skeleton.cpp b/ipc/test/auxiliary/native/src/test_service_skeleton.cpp index 3f1df3ec..e6badf38 100755 --- a/ipc/test/auxiliary/native/src/test_service_skeleton.cpp +++ b/ipc/test/auxiliary/native/src/test_service_skeleton.cpp @@ -289,13 +289,29 @@ int TestServiceProxy::TestAccessTokenID() int32_t token = IPCSkeleton::GetCallingTokenID(); int32_t ftoken = IPCSkeleton::GetFirstTokenID(); int32_t tokenSelf; - int ret = syscall(643, &tokenSelf, 0); + int ret = sys_gettokenid(&tokenSelf, 0); if (ret != 0 || tokenSelf != token || ftoken != 0) { return -1; } - IPCSkeleton::SetFirstTokenID(0x12345678); - int ret = Remote()->SendRequest(TRANS_ID_ACCESS_TOKENID, dataParcel, replyParcel, option); + ret = IPCSkeleton::SetFirstTokenID(0x12345678); + if (ret != 0) { + return -1; + } + ret = Remote()->SendRequest(TRANS_ID_ACCESS_TOKENID, dataParcel, replyParcel, option); + if (ret != ERR_NONE) { + ZLOGE(LABEL, "ret = %{public}d", ret); + return ret; + } + + token = replyParcel.ReadInt32(); + ftoken = replyParcel.ReadInt32(); + + if (token != tokenSelf || ftoken != 0x12345678) { + return -1; + } + + ret = Remote()->SendRequest(TRANS_ID_ACCESS_TOKENID, dataParcel, replyParcel, option); if (ret != ERR_NONE) { ZLOGE(LABEL, "ret = %{public}d", ret); return ret; -- Gitee