!1166 支持按属性标签的workspace可配置

Merge pull request !1166 from cheng_jinsong/workspace

!1166 支持按属性标签的workspace可配置
Merge pull request !1166 from cheng_jinsong/workspace
fda05910 · openharmony_ci · Gitee · a80b669f · 58edda8b · fda05910
14 changed file
--- a/services/etc/BUILD.gn
+++ b/services/etc/BUILD.gn
@@ -144,6 +144,16 @@ if (defined(ohos_lite)) {
    module_install_dir = "etc/param/ohos_const"
  }

+  ohos_prebuilt_para("ohos.para.size") {
+    source = "//base/startup/init/services/etc/param/ohos.para.size"
+    install_images = [
+      "system",
+      "updater",
+    ]
+    part_name = "init"
+    module_install_dir = "etc/param"
+  }
+
  ohos_prebuilt_etc("boot.group") {
    source = "//base/startup/init/services/etc/device.boot.group.cfg"
    part_name = "init"
@@ -217,6 +227,7 @@ if (defined(ohos_lite)) {
      ":misc.cfg",
      ":ohos.para",
      ":ohos.para.dac",
+      ":ohos.para.size",
      ":ohos_const.para",
      ":passwd",
      ":syscap.json",

--- a/services/etc/group
+++ b/services/etc/group
@@ -32,6 +32,7 @@ uiserver:x:1048:
 servicectrl:x:1050:root,shell,system,samgr,hdf_devmgr
 powerctrl:x:1051:root,shell,system,update,power_host
 bootctrl:x:1052:root,shell,system
+deviceprivate:1053:root,shell,system,samgr,hdf_devmgr, deviceinfo
 hiview:x:1201:
 hidumper_service:x:1212:
 shell:x:2000:

--- a/services/etc/param/ohos.para.dac
+++ b/services/etc/param/ohos.para.dac
@@ -11,27 +11,35 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

+# default forbid other user to start service
+ohos.servicectrl.           = system:servicectrl:0775
+ohos.servicectrl.reboot.    = system:powerctrl:0775
+ohos.boot.                  = system:bootctrl:0775
+bootevent.                  = root:root:0777
+startup.service.ctl.        = system:servicectrl:0775:int
+startup.device.             = system:powerctrl:0775
+
+const.debuggable            = root:root:0755
+const.build.                = root:root:0775
+const.SystemCapability.     = root:root:0775
+const.product.              = root:root:0775
+persist.init.               = root:root:0775
+appspawn.                   = root:root:0750
+startup.uevent.             = root:root:0775
+ohos.dev.                   = ueventd:ueventd:0775
+
+#udid and sn, only read
+ohos.boot.sn                = root:deviceprivate:0750
+
 const.actionable_compatible_property.enabled = root:root:0777
 const.postinstall.fstab.prefix = root:root:0777
 const.secure = root:root:0777
 security.perf_harden  = root:root:0777
 const.allow.mock.location   = root:root:0777
-const.debuggable  = root:root:0777
 persist.sys.usb.config  = root:root:0777

-# default forbid other user to start service
-ohos.servicectrl.   = system:servicectrl:0775
-ohos.startup.powerctrl. = system:powerctrl:0775
-ohos.boot. = system:bootctrl:0775
-ohos.dev. = ueventd:ueventd:0775
-
 #permission for system
 persist.window.boot. = root:system:0775
-
 #permission for log
 debug.bytrace.   = root:system:0775
-
 persist.distributed_hardware.device_manager. = system:system:0775
-bootevent. = samgr:samgr:0777
-hw_sc. = root:root:0777
-startup.service.ctl. = system:servicectrl:0775:int
--- a/services/etc/param/ohos.para.size
+++ b/services/etc/param/ohos.para.size
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+default_param=1024
+hilog_param=2048
+const_product_param=2048
+startup_param=20480
+persist_param=4096
+const_param=20480
+persist_sys_param=2048
+hw_sc_param=512
+hw_sc_build_os_param=512
+init_param=512
+init_svc_param=512
+const_postinstall_param=512
+const_postinstall_fstab_param=512
+const_allow_param=512
+const_allow_mock_param=512
+device_public_param=30720
+security_param=512
+sys_param=2048
+bootevent_param=2048
+startup_init_param=20480
--- a/services/param/adapter/param_selinux.c
+++ b/services/param/adapter/param_selinux.c
@@ -12,6 +12,7 @@
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
+#include <errno.h>
 #include <dlfcn.h>
 #include <sys/socket.h>

@@ -129,6 +130,45 @@ static void SetSelinuxFileCon(const char *name, const char *context)
    }
 }

+static uint32_t GetWorkSpaceSize(const char *content)
+{
+    if (strcmp(content, WORKSPACE_NAME_DEF_SELINUX) == 0) {
+        return PARAM_WORKSPACE_MAX;
+    }
+    char name[PARAM_NAME_LEN_MAX] = {0};
+    size_t len = strlen(content);
+    int index = 0;
+    for (size_t i = strlen("u:object_r:"); i < len; i++) {
+        if (*(content + i) == ':') {
+            break;
+        }
+        name[index++] = *(content + i);
+    }
+    if (index == 0) {
+#ifdef STARTUP_INIT_TEST
+        return PARAM_WORKSPACE_DEF;
+#else
+        return PARAM_WORKSPACE_MIN;
+#endif
+    }
+    ParamNode *node = GetParamNode(WORKSPACE_NAME_DAC, name);
+    if (node == NULL) {
+#ifdef STARTUP_INIT_TEST
+        return PARAM_WORKSPACE_DEF;
+#else
+        return PARAM_WORKSPACE_MIN;
+#endif
+    }
+    int ret = ParamMemcpy(name, sizeof(name) - 1, node->data + node->keyLength + 1, node->valueLength);
+    if (ret == 0) {
+        name[node->valueLength] = '\0';
+        errno = 0;
+        uint32_t value = (uint32_t)strtoul(name, NULL, DECIMAL_BASE);
+        return (errno != 0) ? PARAM_WORKSPACE_MIN : value;
+    }
+    return PARAM_WORKSPACE_MIN;
+}
+
 static int SelinuxGetAllLabel(int readOnly)
 {
    SelinuxSpace *selinuxSpace = &GetParamWorkSpace()->selinuxSpace;
@@ -138,12 +178,12 @@ static int SelinuxGetAllLabel(int readOnly)

    int count = 0;
    while (node != NULL) {
-        PARAM_LOGV("GetParamSecurityLabel name %s content %s", node->info.paraName, node->info.paraContext);
+        PARAM_LOGV("SelinuxGetAllLabel name %s content %s", node->info.paraName, node->info.paraContext);
        if (node->info.paraContext == NULL || node->info.paraName == NULL) {
            node = node->next;
            continue;
        }
-        int ret = AddWorkSpace(node->info.paraContext, readOnly, PARAM_WORKSPACE_DEF);
+        int ret = AddWorkSpace(node->info.paraContext, readOnly, GetWorkSpaceSize(node->info.paraContext));
        if (ret != 0) {
            PARAM_LOGE("Forbid to add selinux workspace %s %s", node->info.paraName, node->info.paraContext);
            node = node->next;
@@ -159,7 +199,7 @@ static int SelinuxGetAllLabel(int readOnly)
        node = node->next;
    }

-    int ret = AddWorkSpace(WORKSPACE_NAME_DEF_SELINUX, readOnly, PARAM_WORKSPACE_MAX);
+    int ret = AddWorkSpace(WORKSPACE_NAME_DEF_SELINUX, readOnly, GetWorkSpaceSize(WORKSPACE_NAME_DEF_SELINUX));
    PARAM_CHECK(ret == 0, return -1,
        "Failed to add selinux workspace %s", WORKSPACE_NAME_DEF_SELINUX);
    if (readOnly == 0) {

--- a/services/param/base/param_comm.c
+++ b/services/param/base/param_comm.c
@@ -254,11 +254,13 @@ INIT_LOCAL_API int CheckParamName(const char *name, int info)
 static int AddParam(WorkSpace *workSpace, uint8_t type, const char *name, const char *value, uint32_t *dataIndex)
 {
    ParamTrieNode *node = AddTrieNode(workSpace, name, strlen(name));
-    PARAM_CHECK(node != NULL, return PARAM_CODE_REACHED_MAX, "Failed to add node");
+    PARAM_CHECK(node != NULL, return PARAM_CODE_REACHED_MAX,
+        "Failed to add node name %s space %s", name, workSpace->fileName);
    ParamNode *entry = (ParamNode *)GetTrieNode(workSpace, node->dataIndex);
    if (entry == NULL) {
        uint32_t offset = AddParamNode(workSpace, type, name, strlen(name), value, strlen(value));
-        PARAM_CHECK(offset > 0, return PARAM_CODE_REACHED_MAX, "Failed to allocate name %s", name);
+        PARAM_CHECK(offset > 0, return PARAM_CODE_REACHED_MAX,
+            "Failed to allocate name %s space %s", name, workSpace->fileName);
        SaveIndex(&node->dataIndex, offset);
        long long globalCommitId = ATOMIC_LOAD_EXPLICIT(&workSpace->area->commitId, memory_order_relaxed);
        ATOMIC_STORE_EXPLICIT(&workSpace->area->commitId, ++globalCommitId, memory_order_release);

--- a/services/param/base/param_trie.c
+++ b/services/param/base/param_trie.c
@@ -19,6 +19,7 @@

 #include "init_param.h"
 #include "param_base.h"
+#include "param_manager.h"
 #include "param_osadp.h"
 #include "param_utils.h"

@@ -34,6 +35,8 @@ static int InitWorkSpace_(WorkSpace *workSpace, uint32_t spaceSize, int readOnly
 {
    static uint32_t startIndex = 0;
    PARAM_CHECK(workSpace != NULL, return PARAM_CODE_INVALID_PARAM, "Invalid workSpace");
+    PARAM_CHECK(sizeof(ParamTrieHeader) < spaceSize,
+        return PARAM_CODE_INVALID_PARAM, "Invalid spaceSize %u", spaceSize);
    PARAM_CHECK(workSpace->allocTrieNode != NULL,
        return PARAM_CODE_INVALID_PARAM, "Invalid allocTrieNode %s", workSpace->fileName);
    PARAM_CHECK(workSpace->compareTrieNode != NULL,
@@ -414,4 +417,16 @@ INIT_LOCAL_API uint32_t GetParamMaxLen(uint8_t type)
        return PARAM_VALUE_LEN_MAX;
    }
    return typeLengths[type];
+}
+
+INIT_LOCAL_API ParamNode *GetParamNode(const char *spaceName, const char *name)
+{
+    uint32_t labelIndex = 0;
+    WorkSpace *space = GetWorkSpace(spaceName);
+    PARAM_CHECK(space != NULL, return NULL, "Failed to get dac space %s", name);
+    ParamTrieNode *entry = FindTrieNode(space, name, strlen(name), &labelIndex);
+    if (entry == NULL || entry->dataIndex == 0) {
+        return NULL;
+    }
+    return (ParamNode *)GetTrieNode(space, entry->dataIndex);
 }
\ No newline at end of file
--- a/services/param/include/param_manager.h
+++ b/services/param/include/param_manager.h
@@ -111,6 +111,7 @@ INIT_LOCAL_API ParamSecurityLabel *GetParamSecurityLabel(void);

 INIT_LOCAL_API void LoadParamFromBuild(void);
 INIT_LOCAL_API int LoadParamFromCmdLine(void);
+INIT_LOCAL_API void LoadParamAreaSize(void);
 INIT_LOCAL_API int InitPersistParamWorkSpace(void);
 INIT_LOCAL_API void ClosePersistParamWorkSpace(void);
 INIT_LOCAL_API int WritePersistParam(const char *name, const char *value);

--- a/services/param/include/param_trie.h
+++ b/services/param/include/param_trie.h
@@ -119,7 +119,7 @@ INIT_LOCAL_API uint32_t AddParamNode(WorkSpace *workSpace, uint8_t type,
    const char *key, uint32_t keyLen, const char *value, uint32_t valueLen);

 INIT_LOCAL_API uint32_t GetParamMaxLen(uint8_t type);
-
+INIT_LOCAL_API ParamNode *GetParamNode(const char *spaceName, const char *name);
 #ifdef __cplusplus
 #if __cplusplus
 }

--- a/services/param/include/param_utils.h
+++ b/services/param/include/param_utils.h
@@ -80,6 +80,7 @@ typedef struct cmdLineInfo {
 #else
 #define DATA_PATH          STARTUP_INIT_UT_PATH"/data/service/el1/startup/parameters/"
 #endif
+#define PARAM_AREA_SIZE_CFG STARTUP_INIT_UT_PATH"/etc/param/ohos.para.size"

 #define CLIENT_PIPE_NAME "/dev/unix/socket/paramservice"
 #define PIPE_NAME STARTUP_INIT_UT_PATH "/dev/unix/socket/paramservice"

--- a/services/param/linux/param_service.c
+++ b/services/param/linux/param_service.c
@@ -408,6 +408,8 @@ void InitParamService(void)

 void LoadSpecialParam(void)
 {
+    // read param area size from cfg and save to dac
+    LoadParamAreaSize();
    // read selinux label
    LoadSelinuxLabel();
    // from cmdline

--- a/services/param/liteos/BUILD.gn
+++ b/services/param/liteos/BUILD.gn
@@ -22,6 +22,7 @@ param_include_dirs = [
  "//base/startup/init/services/include",
  "//base/startup/init/services/init/include",
  "//base/startup/init/services/log",
+  "//base/startup/init/services/modules/init_hook",
  "//base/startup/init/services/loopevent/include",
  "//third_party/bounds_checking_function/include",
  "//third_party/cJSON",

--- a/services/param/manager/param_server.c
+++ b/services/param/manager/param_server.c
@@ -13,6 +13,7 @@
 * limitations under the License.
 */
 #include <ctype.h>
+#include <errno.h>

 #include "param_manager.h"
 #include "param_trie.h"
@@ -160,13 +161,13 @@ static int LoadOneParam_(const uint32_t *context, const char *name, const char *
    return WriteParam(name, value, NULL, mode & LOAD_PARAM_ONLY_ADD);
 }

-static int LoadDefaultParam_(const char *fileName, uint32_t mode, const char *exclude[], uint32_t count)
+static int LoadDefaultParam_(const char *fileName, uint32_t mode,
+    const char *exclude[], uint32_t count, int (*loadOneParam)(const uint32_t *, const char *, const char *))
 {
    uint32_t paramNum = 0;
    FILE *fp = fopen(fileName, "r");
-    if (fp == NULL) {
-        return -1;
-    }
+    PARAM_CHECK(fp != NULL, return -1, "Failed to open file '%s' error:%d ", fileName, errno);
+
    const int buffSize = PARAM_NAME_LEN_MAX + PARAM_CONST_VALUE_LEN_MAX + 10;  // 10 max len
    char *buffer = malloc(buffSize);
    if (buffer == NULL) {
@@ -175,7 +176,7 @@ static int LoadDefaultParam_(const char *fileName, uint32_t mode, const char *ex
    }
    while (fgets(buffer, buffSize, fp) != NULL) {
        buffer[buffSize - 1] = '\0';
-        int ret = SplitParamString(buffer, exclude, count, LoadOneParam_, &mode);
+        int ret = SplitParamString(buffer, exclude, count, loadOneParam, &mode);
        PARAM_CHECK(ret == 0, continue, "Failed to set param '%s' error:%d ", buffer, ret);
        paramNum++;
    }
@@ -189,7 +190,7 @@ static int ProcessParamFile(const char *fileName, void *context)
 {
    static const char *exclude[] = {"ctl.", "selinux.restorecon_recursive"};
    uint32_t mode = *(int *)context;
-    return LoadDefaultParam_(fileName, mode, exclude, ARRAY_LENGTH(exclude));
+    return LoadDefaultParam_(fileName, mode, exclude, ARRAY_LENGTH(exclude), LoadOneParam_);
 }

 int LoadParamsFile(const char *fileName, bool onlyAdd)
@@ -247,3 +248,29 @@ INIT_LOCAL_API void LoadParamFromBuild(void)
 #endif
 }

+static int LoadOneParamAreaSize_(const uint32_t *context, const char *name, const char *value)
+{
+    int ret = CheckParamName(name, 0);
+    if (ret != 0) {
+        return 0;
+    }
+    ret = CheckParamValue(NULL, name, value, PARAM_TYPE_INT);
+    PARAM_CHECK(ret == 0, return 0, "Invalid value %s for %s", value, name);
+    PARAM_LOGV("LoadOneParamAreaSize_ [%s] [%s]", name, value);
+
+    WorkSpace *workSpace = GetWorkSpace(WORKSPACE_NAME_DAC);
+    ParamTrieNode *node = AddTrieNode(workSpace, name, strlen(name));
+    PARAM_CHECK(node != NULL, return PARAM_CODE_REACHED_MAX, "Failed to add node");
+    ParamNode *entry = (ParamNode *)GetTrieNode(workSpace, node->dataIndex);
+    if (entry == NULL) {
+        uint32_t offset = AddParamNode(workSpace, PARAM_TYPE_INT, name, strlen(name), value, strlen(value));
+        PARAM_CHECK(offset > 0, return PARAM_CODE_REACHED_MAX, "Failed to allocate name %s", name);
+        SaveIndex(&node->dataIndex, offset);
+    }
+    return 0;
+}
+
+INIT_LOCAL_API void LoadParamAreaSize(void)
+{
+    LoadDefaultParam_(PARAM_AREA_SIZE_CFG, 0, NULL, 0, LoadOneParamAreaSize_);
+}
--- a/test/unittest/param/param_stub.cpp
+++ b/test/unittest/param/param_stub.cpp
@@ -364,6 +364,19 @@ void PrepareCmdLineHasSn()
    CreateTestFile(BOOT_CMD_LINE, cmdLineHasntSn);
 }

+void PrepareAreaSizeFile()
+{
+    // for cmdline
+    const char *ohosParamSize = "default_param=1024"
+            "hilog_param=2048"
+            "const_product_param=2048"
+            "startup_param=20480"
+            "persist_param=2048"
+            "const_param=20480"
+            "persist_sys_param=2048";
+    CreateTestFile(PARAM_AREA_SIZE_CFG, ohosParamSize);
+}
+
 void PrepareInitUnitTestEnv(void)
 {
    static int evnOk = 0;
@@ -386,6 +399,7 @@ void PrepareInitUnitTestEnv(void)
    dacData += "test.permission.watcher. = root:root:0771\n";
    CreateTestFile(STARTUP_INIT_UT_PATH "/system/etc/param/ohos.para.dac", dacData.c_str());
    CreateTestFile(STARTUP_INIT_UT_PATH"/trigger_test.cfg", g_triggerData);
+    PrepareAreaSizeFile();
 #endif
    InitParamService();