diff --git a/services/etc/BUILD.gn b/services/etc/BUILD.gn index e2a09ab182a967747d560185e2c53edcc0a40c08..cd0e9d58f6e272639321250ba3561e6fd2a0ae5f 100755 --- a/services/etc/BUILD.gn +++ b/services/etc/BUILD.gn @@ -144,6 +144,16 @@ if (defined(ohos_lite)) { module_install_dir = "etc/param/ohos_const" } + ohos_prebuilt_para("ohos.para.size") { + source = "//base/startup/init/services/etc/param/ohos.para.size" + install_images = [ + "system", + "updater", + ] + part_name = "init" + module_install_dir = "etc/param" + } + ohos_prebuilt_etc("boot.group") { source = "//base/startup/init/services/etc/device.boot.group.cfg" part_name = "init" @@ -217,6 +227,7 @@ if (defined(ohos_lite)) { ":misc.cfg", ":ohos.para", ":ohos.para.dac", + ":ohos.para.size", ":ohos_const.para", ":passwd", ":syscap.json", diff --git a/services/etc/group b/services/etc/group index b04a4415c62859ab0db50e6d141111ddf6eb0427..1cd6351b5d91382263a43f247a8e129f51c7873e 100644 --- a/services/etc/group +++ b/services/etc/group @@ -32,6 +32,7 @@ uiserver:x:1048: servicectrl:x:1050:root,shell,system,samgr,hdf_devmgr powerctrl:x:1051:root,shell,system,update,power_host bootctrl:x:1052:root,shell,system +deviceprivate:1053:root,shell,system,samgr,hdf_devmgr, deviceinfo hiview:x:1201: hidumper_service:x:1212: shell:x:2000: diff --git a/services/etc/param/ohos.para.dac b/services/etc/param/ohos.para.dac index aba974ae1228ae5ba1ad4e791fe910e427e7281f..03cc74c0b04635855ca6c97102892ad27d0c5de7 100755 --- a/services/etc/param/ohos.para.dac +++ b/services/etc/param/ohos.para.dac @@ -11,27 +11,35 @@ # See the License for the specific language governing permissions and # limitations under the License. +# default forbid other user to start service +ohos.servicectrl. = system:servicectrl:0775 +ohos.servicectrl.reboot. = system:powerctrl:0775 +ohos.boot. = system:bootctrl:0775 +bootevent. = root:root:0777 +startup.service.ctl. = system:servicectrl:0775:int +startup.device. = system:powerctrl:0775 + +const.debuggable = root:root:0755 +const.build. = root:root:0775 +const.SystemCapability. = root:root:0775 +const.product. = root:root:0775 +persist.init. = root:root:0775 +appspawn. = root:root:0750 +startup.uevent. = root:root:0775 +ohos.dev. = ueventd:ueventd:0775 + +#udid and sn, only read +ohos.boot.sn = root:deviceprivate:0750 + const.actionable_compatible_property.enabled = root:root:0777 const.postinstall.fstab.prefix = root:root:0777 const.secure = root:root:0777 security.perf_harden = root:root:0777 const.allow.mock.location = root:root:0777 -const.debuggable = root:root:0777 persist.sys.usb.config = root:root:0777 -# default forbid other user to start service -ohos.servicectrl. = system:servicectrl:0775 -ohos.startup.powerctrl. = system:powerctrl:0775 -ohos.boot. = system:bootctrl:0775 -ohos.dev. = ueventd:ueventd:0775 - #permission for system persist.window.boot. = root:system:0775 - #permission for log debug.bytrace. = root:system:0775 - persist.distributed_hardware.device_manager. = system:system:0775 -bootevent. = samgr:samgr:0777 -hw_sc. = root:root:0777 -startup.service.ctl. = system:servicectrl:0775:int diff --git a/services/etc/param/ohos.para.size b/services/etc/param/ohos.para.size new file mode 100755 index 0000000000000000000000000000000000000000..b22d5d70aa5760fbf629a6195025606e64c3301a --- /dev/null +++ b/services/etc/param/ohos.para.size @@ -0,0 +1,33 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +default_param=1024 +hilog_param=2048 +const_product_param=2048 +startup_param=20480 +persist_param=4096 +const_param=20480 +persist_sys_param=2048 +hw_sc_param=512 +hw_sc_build_os_param=512 +init_param=512 +init_svc_param=512 +const_postinstall_param=512 +const_postinstall_fstab_param=512 +const_allow_param=512 +const_allow_mock_param=512 +device_public_param=30720 +security_param=512 +sys_param=2048 +bootevent_param=2048 +startup_init_param=20480 diff --git a/services/param/adapter/param_selinux.c b/services/param/adapter/param_selinux.c index cc32bad5365ee9cccc6c8e50f842e0ca35466eee..b43bba738ea3b42d32a147cdb33dbe2cf70232dc 100644 --- a/services/param/adapter/param_selinux.c +++ b/services/param/adapter/param_selinux.c @@ -12,6 +12,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ +#include #include #include @@ -129,6 +130,45 @@ static void SetSelinuxFileCon(const char *name, const char *context) } } +static uint32_t GetWorkSpaceSize(const char *content) +{ + if (strcmp(content, WORKSPACE_NAME_DEF_SELINUX) == 0) { + return PARAM_WORKSPACE_MAX; + } + char name[PARAM_NAME_LEN_MAX] = {0}; + size_t len = strlen(content); + int index = 0; + for (size_t i = strlen("u:object_r:"); i < len; i++) { + if (*(content + i) == ':') { + break; + } + name[index++] = *(content + i); + } + if (index == 0) { +#ifdef STARTUP_INIT_TEST + return PARAM_WORKSPACE_DEF; +#else + return PARAM_WORKSPACE_MIN; +#endif + } + ParamNode *node = GetParamNode(WORKSPACE_NAME_DAC, name); + if (node == NULL) { +#ifdef STARTUP_INIT_TEST + return PARAM_WORKSPACE_DEF; +#else + return PARAM_WORKSPACE_MIN; +#endif + } + int ret = ParamMemcpy(name, sizeof(name) - 1, node->data + node->keyLength + 1, node->valueLength); + if (ret == 0) { + name[node->valueLength] = '\0'; + errno = 0; + uint32_t value = (uint32_t)strtoul(name, NULL, DECIMAL_BASE); + return (errno != 0) ? PARAM_WORKSPACE_MIN : value; + } + return PARAM_WORKSPACE_MIN; +} + static int SelinuxGetAllLabel(int readOnly) { SelinuxSpace *selinuxSpace = &GetParamWorkSpace()->selinuxSpace; @@ -138,12 +178,12 @@ static int SelinuxGetAllLabel(int readOnly) int count = 0; while (node != NULL) { - PARAM_LOGV("GetParamSecurityLabel name %s content %s", node->info.paraName, node->info.paraContext); + PARAM_LOGV("SelinuxGetAllLabel name %s content %s", node->info.paraName, node->info.paraContext); if (node->info.paraContext == NULL || node->info.paraName == NULL) { node = node->next; continue; } - int ret = AddWorkSpace(node->info.paraContext, readOnly, PARAM_WORKSPACE_DEF); + int ret = AddWorkSpace(node->info.paraContext, readOnly, GetWorkSpaceSize(node->info.paraContext)); if (ret != 0) { PARAM_LOGE("Forbid to add selinux workspace %s %s", node->info.paraName, node->info.paraContext); node = node->next; @@ -159,7 +199,7 @@ static int SelinuxGetAllLabel(int readOnly) node = node->next; } - int ret = AddWorkSpace(WORKSPACE_NAME_DEF_SELINUX, readOnly, PARAM_WORKSPACE_MAX); + int ret = AddWorkSpace(WORKSPACE_NAME_DEF_SELINUX, readOnly, GetWorkSpaceSize(WORKSPACE_NAME_DEF_SELINUX)); PARAM_CHECK(ret == 0, return -1, "Failed to add selinux workspace %s", WORKSPACE_NAME_DEF_SELINUX); if (readOnly == 0) { diff --git a/services/param/base/param_comm.c b/services/param/base/param_comm.c index 28327b51afd673a6fed9d81a658a570d05552469..071e10725b5234812c030c1a5d2196aa6d6e18d1 100644 --- a/services/param/base/param_comm.c +++ b/services/param/base/param_comm.c @@ -254,11 +254,13 @@ INIT_LOCAL_API int CheckParamName(const char *name, int info) static int AddParam(WorkSpace *workSpace, uint8_t type, const char *name, const char *value, uint32_t *dataIndex) { ParamTrieNode *node = AddTrieNode(workSpace, name, strlen(name)); - PARAM_CHECK(node != NULL, return PARAM_CODE_REACHED_MAX, "Failed to add node"); + PARAM_CHECK(node != NULL, return PARAM_CODE_REACHED_MAX, + "Failed to add node name %s space %s", name, workSpace->fileName); ParamNode *entry = (ParamNode *)GetTrieNode(workSpace, node->dataIndex); if (entry == NULL) { uint32_t offset = AddParamNode(workSpace, type, name, strlen(name), value, strlen(value)); - PARAM_CHECK(offset > 0, return PARAM_CODE_REACHED_MAX, "Failed to allocate name %s", name); + PARAM_CHECK(offset > 0, return PARAM_CODE_REACHED_MAX, + "Failed to allocate name %s space %s", name, workSpace->fileName); SaveIndex(&node->dataIndex, offset); long long globalCommitId = ATOMIC_LOAD_EXPLICIT(&workSpace->area->commitId, memory_order_relaxed); ATOMIC_STORE_EXPLICIT(&workSpace->area->commitId, ++globalCommitId, memory_order_release); diff --git a/services/param/base/param_trie.c b/services/param/base/param_trie.c index d103bcb0f86662694a6942d46ac7395e1d6e067d..33cbe7d6b0983c80dd7df890853da779fdab721a 100644 --- a/services/param/base/param_trie.c +++ b/services/param/base/param_trie.c @@ -19,6 +19,7 @@ #include "init_param.h" #include "param_base.h" +#include "param_manager.h" #include "param_osadp.h" #include "param_utils.h" @@ -34,6 +35,8 @@ static int InitWorkSpace_(WorkSpace *workSpace, uint32_t spaceSize, int readOnly { static uint32_t startIndex = 0; PARAM_CHECK(workSpace != NULL, return PARAM_CODE_INVALID_PARAM, "Invalid workSpace"); + PARAM_CHECK(sizeof(ParamTrieHeader) < spaceSize, + return PARAM_CODE_INVALID_PARAM, "Invalid spaceSize %u", spaceSize); PARAM_CHECK(workSpace->allocTrieNode != NULL, return PARAM_CODE_INVALID_PARAM, "Invalid allocTrieNode %s", workSpace->fileName); PARAM_CHECK(workSpace->compareTrieNode != NULL, @@ -414,4 +417,16 @@ INIT_LOCAL_API uint32_t GetParamMaxLen(uint8_t type) return PARAM_VALUE_LEN_MAX; } return typeLengths[type]; +} + +INIT_LOCAL_API ParamNode *GetParamNode(const char *spaceName, const char *name) +{ + uint32_t labelIndex = 0; + WorkSpace *space = GetWorkSpace(spaceName); + PARAM_CHECK(space != NULL, return NULL, "Failed to get dac space %s", name); + ParamTrieNode *entry = FindTrieNode(space, name, strlen(name), &labelIndex); + if (entry == NULL || entry->dataIndex == 0) { + return NULL; + } + return (ParamNode *)GetTrieNode(space, entry->dataIndex); } \ No newline at end of file diff --git a/services/param/include/param_manager.h b/services/param/include/param_manager.h index ccb64f91eda8d4a396c2f545f699f6046a074422..2d48a8ccdef98509d95b1a69bf77c35f7eb4598c 100644 --- a/services/param/include/param_manager.h +++ b/services/param/include/param_manager.h @@ -111,6 +111,7 @@ INIT_LOCAL_API ParamSecurityLabel *GetParamSecurityLabel(void); INIT_LOCAL_API void LoadParamFromBuild(void); INIT_LOCAL_API int LoadParamFromCmdLine(void); +INIT_LOCAL_API void LoadParamAreaSize(void); INIT_LOCAL_API int InitPersistParamWorkSpace(void); INIT_LOCAL_API void ClosePersistParamWorkSpace(void); INIT_LOCAL_API int WritePersistParam(const char *name, const char *value); diff --git a/services/param/include/param_trie.h b/services/param/include/param_trie.h index 53dd681448ea3a2cf6715d8614316748ee15463d..5378ddd01d21bab7135918d7c088d7c80d12e441 100644 --- a/services/param/include/param_trie.h +++ b/services/param/include/param_trie.h @@ -119,7 +119,7 @@ INIT_LOCAL_API uint32_t AddParamNode(WorkSpace *workSpace, uint8_t type, const char *key, uint32_t keyLen, const char *value, uint32_t valueLen); INIT_LOCAL_API uint32_t GetParamMaxLen(uint8_t type); - +INIT_LOCAL_API ParamNode *GetParamNode(const char *spaceName, const char *name); #ifdef __cplusplus #if __cplusplus } diff --git a/services/param/include/param_utils.h b/services/param/include/param_utils.h index 58ca7365ca09f33fd06fa324297c97ec7a659048..80deb026b62fd3a6712d1568458fdfddd1855e6a 100644 --- a/services/param/include/param_utils.h +++ b/services/param/include/param_utils.h @@ -80,6 +80,7 @@ typedef struct cmdLineInfo { #else #define DATA_PATH STARTUP_INIT_UT_PATH"/data/service/el1/startup/parameters/" #endif +#define PARAM_AREA_SIZE_CFG STARTUP_INIT_UT_PATH"/etc/param/ohos.para.size" #define CLIENT_PIPE_NAME "/dev/unix/socket/paramservice" #define PIPE_NAME STARTUP_INIT_UT_PATH "/dev/unix/socket/paramservice" diff --git a/services/param/linux/param_service.c b/services/param/linux/param_service.c index b7981b4ecf33623995ad24ccb2434256c15e74d0..e25d678c4a1cab87ea563c46bee93bd3353f429a 100755 --- a/services/param/linux/param_service.c +++ b/services/param/linux/param_service.c @@ -408,6 +408,8 @@ void InitParamService(void) void LoadSpecialParam(void) { + // read param area size from cfg and save to dac + LoadParamAreaSize(); // read selinux label LoadSelinuxLabel(); // from cmdline diff --git a/services/param/liteos/BUILD.gn b/services/param/liteos/BUILD.gn index 313ed31121b56f887bd43fd33a15ee1045e4a996..2eefd1e5b76dfdd9433ec8a570ca419a9c97b953 100644 --- a/services/param/liteos/BUILD.gn +++ b/services/param/liteos/BUILD.gn @@ -22,6 +22,7 @@ param_include_dirs = [ "//base/startup/init/services/include", "//base/startup/init/services/init/include", "//base/startup/init/services/log", + "//base/startup/init/services/modules/init_hook", "//base/startup/init/services/loopevent/include", "//third_party/bounds_checking_function/include", "//third_party/cJSON", diff --git a/services/param/manager/param_server.c b/services/param/manager/param_server.c index 357d6dd1ccd3fc36ea7d8976b072067ba097d1d8..7bec698dfcbc0f5882ae027abbc16e46d25945a8 100755 --- a/services/param/manager/param_server.c +++ b/services/param/manager/param_server.c @@ -13,6 +13,7 @@ * limitations under the License. */ #include +#include #include "param_manager.h" #include "param_trie.h" @@ -160,13 +161,13 @@ static int LoadOneParam_(const uint32_t *context, const char *name, const char * return WriteParam(name, value, NULL, mode & LOAD_PARAM_ONLY_ADD); } -static int LoadDefaultParam_(const char *fileName, uint32_t mode, const char *exclude[], uint32_t count) +static int LoadDefaultParam_(const char *fileName, uint32_t mode, + const char *exclude[], uint32_t count, int (*loadOneParam)(const uint32_t *, const char *, const char *)) { uint32_t paramNum = 0; FILE *fp = fopen(fileName, "r"); - if (fp == NULL) { - return -1; - } + PARAM_CHECK(fp != NULL, return -1, "Failed to open file '%s' error:%d ", fileName, errno); + const int buffSize = PARAM_NAME_LEN_MAX + PARAM_CONST_VALUE_LEN_MAX + 10; // 10 max len char *buffer = malloc(buffSize); if (buffer == NULL) { @@ -175,7 +176,7 @@ static int LoadDefaultParam_(const char *fileName, uint32_t mode, const char *ex } while (fgets(buffer, buffSize, fp) != NULL) { buffer[buffSize - 1] = '\0'; - int ret = SplitParamString(buffer, exclude, count, LoadOneParam_, &mode); + int ret = SplitParamString(buffer, exclude, count, loadOneParam, &mode); PARAM_CHECK(ret == 0, continue, "Failed to set param '%s' error:%d ", buffer, ret); paramNum++; } @@ -189,7 +190,7 @@ static int ProcessParamFile(const char *fileName, void *context) { static const char *exclude[] = {"ctl.", "selinux.restorecon_recursive"}; uint32_t mode = *(int *)context; - return LoadDefaultParam_(fileName, mode, exclude, ARRAY_LENGTH(exclude)); + return LoadDefaultParam_(fileName, mode, exclude, ARRAY_LENGTH(exclude), LoadOneParam_); } int LoadParamsFile(const char *fileName, bool onlyAdd) @@ -247,3 +248,29 @@ INIT_LOCAL_API void LoadParamFromBuild(void) #endif } +static int LoadOneParamAreaSize_(const uint32_t *context, const char *name, const char *value) +{ + int ret = CheckParamName(name, 0); + if (ret != 0) { + return 0; + } + ret = CheckParamValue(NULL, name, value, PARAM_TYPE_INT); + PARAM_CHECK(ret == 0, return 0, "Invalid value %s for %s", value, name); + PARAM_LOGV("LoadOneParamAreaSize_ [%s] [%s]", name, value); + + WorkSpace *workSpace = GetWorkSpace(WORKSPACE_NAME_DAC); + ParamTrieNode *node = AddTrieNode(workSpace, name, strlen(name)); + PARAM_CHECK(node != NULL, return PARAM_CODE_REACHED_MAX, "Failed to add node"); + ParamNode *entry = (ParamNode *)GetTrieNode(workSpace, node->dataIndex); + if (entry == NULL) { + uint32_t offset = AddParamNode(workSpace, PARAM_TYPE_INT, name, strlen(name), value, strlen(value)); + PARAM_CHECK(offset > 0, return PARAM_CODE_REACHED_MAX, "Failed to allocate name %s", name); + SaveIndex(&node->dataIndex, offset); + } + return 0; +} + +INIT_LOCAL_API void LoadParamAreaSize(void) +{ + LoadDefaultParam_(PARAM_AREA_SIZE_CFG, 0, NULL, 0, LoadOneParamAreaSize_); +} diff --git a/test/unittest/param/param_stub.cpp b/test/unittest/param/param_stub.cpp index a15ec4d7862e488a7a4066730c7e7249c8e67560..9a1890fb4400f20dde98e1321ef0b0a4ee7471b5 100644 --- a/test/unittest/param/param_stub.cpp +++ b/test/unittest/param/param_stub.cpp @@ -364,6 +364,19 @@ void PrepareCmdLineHasSn() CreateTestFile(BOOT_CMD_LINE, cmdLineHasntSn); } +void PrepareAreaSizeFile() +{ + // for cmdline + const char *ohosParamSize = "default_param=1024" + "hilog_param=2048" + "const_product_param=2048" + "startup_param=20480" + "persist_param=2048" + "const_param=20480" + "persist_sys_param=2048"; + CreateTestFile(PARAM_AREA_SIZE_CFG, ohosParamSize); +} + void PrepareInitUnitTestEnv(void) { static int evnOk = 0; @@ -386,6 +399,7 @@ void PrepareInitUnitTestEnv(void) dacData += "test.permission.watcher. = root:root:0771\n"; CreateTestFile(STARTUP_INIT_UT_PATH "/system/etc/param/ohos.para.dac", dacData.c_str()); CreateTestFile(STARTUP_INIT_UT_PATH"/trigger_test.cfg", g_triggerData); + PrepareAreaSizeFile(); #endif InitParamService();