modify code

Signed-off-by: zhaolinglan <zhaolinglan1@huawei.com>
2024-11-23 06:40:06 +00:00 · 2024-06-10 09:53:46 +08:00 · 2024-06-10 09:53:46 +08:00 · 75bfe9f771
commit 75bfe9f771
parent 1567b42fcb
7 changed files with 224 additions and 62 deletions
--- a/common/include/message_handler.h
+++ b/common/include/message_handler.h
@ -32,6 +32,7 @@ enum {
    MSG_ID_USER_START = 0,  //  a user started
    MSG_ID_USER_REMOVED,    // a user removed
    MSG_ID_PACKAGE_REMOVED, // a package is removed
+    MSG_ID_BUNDLE_SCAN_FINISHED, // bundle scan finished, ready to create data share helper
    MSG_ID_SELECT_BY_RANGE,
    MSG_ID_SELECT_BY_MOVEMENT,
    MSG_ID_HANDLE_EXTEND_ACTION,
--- a/seccomp_policy/imf_ext_secure_mode.seccomp.policy
+++ b/seccomp_policy/imf_ext_secure_mode.seccomp.policy
@ -90,11 +90,9 @@ pread64;all
 pwrite64;all
 preadv;all
 pwritev;all
-sendfile;all
 pselect6;all
 ppoll;all
 signalfd4;all
-vmsplice;all
 splice;all
 tee;all
 readlinkat;all
@ -178,19 +176,12 @@ getegid;arm64
 gettid;all
 sysinfo;all
 socket;all
-socketpair;all
 bind;all
-listen;all
-accept;all
 connect;all
-getsockname;all
-getpeername;all
 sendto;all
 recvfrom;all
 setsockopt;all
 getsockopt;all
-shutdown;all
-sendmsg;all
 recvmsg;all
 readahead;all
 brk;all
@ -209,8 +200,6 @@ mincore;all
 madvise;all
 rt_tgsigqueueinfo;all
 perf_event_open;all
-accept4;all
-recvmmsg;all
 wait4;all
 prlimit64;all
 syncfs;all
@ -277,7 +266,6 @@ getresuid32;arm
 getresgid32;arm
 chown32;arm
 fcntl64;arm
-sendfile64;arm
 epoll_create;arm
 epoll_wait;arm
 remap_file_pages;arm
@ -300,7 +288,6 @@ timerfd_settime64;arm
 utimensat_time64;arm
 pselect6_time64;arm
 ppoll_time64;arm
-recvmmsg_time64;arm
 semtimedop_time64;arm
 rt_sigtimedwait_time64;arm
 futex_time64;arm
--- a/services/include/im_common_event_manager.h
+++ b/services/include/im_common_event_manager.h
@ -54,6 +54,7 @@ public:
        void RemovePackage(const EventFwk::CommonEventData &data);
        void StartUser(const EventFwk::CommonEventData &data);
        void RemoveUser(const EventFwk::CommonEventData &data);
+        void OnBundleScanFinished(const EventFwk::CommonEventData &data);

    private:
        using EventListenerFunc = void (EventSubscriber::*)(const EventFwk::CommonEventData &data);
--- a/services/include/input_method_system_ability.h
+++ b/services/include/input_method_system_ability.h
@ -123,6 +123,7 @@ private:
    int32_t RestartCurrentIme();
    void HandleWmsReady(int32_t userId);
    int32_t InitAccountMonitor();
+    int32_t RegisterDataShareObserver();
    static std::shared_ptr<AppExecFwk::EventHandler> serviceHandler_;
    int32_t userId_;
    static constexpr const char *SELECT_DIALOG_ACTION = "action.system.inputmethodchoose";
@ -162,8 +163,8 @@ private:
    std::atomic<uint32_t> targetSwitchCount_ = 0;

    std::mutex modeChangeMutex_;
-    std::atomic<bool> isChangeHandling_{ false };
-    std::atomic<bool> hasPendingChanges_{ false };
+    bool isChangeHandling_ = false;
+    bool hasPendingChanges_ = false;
 };
 } // namespace MiscServices
 } // namespace OHOS
--- a/services/src/im_common_event_manager.cpp
+++ b/services/src/im_common_event_manager.cpp
@ -60,6 +60,7 @@ bool ImCommonEventManager::SubscribeEvent(const std::string &event)
    matchingSkills.AddEvent(event);
    matchingSkills.AddEvent(CommonEventSupport::COMMON_EVENT_USER_REMOVED);
    matchingSkills.AddEvent(CommonEventSupport::COMMON_EVENT_PACKAGE_REMOVED);
+    matchingSkills.AddEvent(CommonEventSupport::COMMON_EVENT_BUNDLE_SCAN_FINISHED);

    EventFwk::CommonEventSubscribeInfo subscriberInfo(matchingSkills);

@ -198,6 +199,7 @@ ImCommonEventManager::EventSubscriber::EventSubscriber(const EventFwk::CommonEve
    EventManagerFunc_[CommonEventSupport::COMMON_EVENT_USER_SWITCHED] = &EventSubscriber::StartUser;
    EventManagerFunc_[CommonEventSupport::COMMON_EVENT_USER_REMOVED] = &EventSubscriber::RemoveUser;
    EventManagerFunc_[CommonEventSupport::COMMON_EVENT_PACKAGE_REMOVED] = &EventSubscriber::RemovePackage;
+    EventManagerFunc_[CommonEventSupport::COMMON_EVENT_BUNDLE_SCAN_FINISHED] = &EventSubscriber::OnBundleScanFinished;
 }

 void ImCommonEventManager::EventSubscriber::OnReceiveEvent(const EventFwk::CommonEventData &data)
@ -225,6 +227,23 @@ void ImCommonEventManager::EventSubscriber::StartUser(const CommonEventData &dat
    MessageHandler::Instance()->SendMessage(msg);
 }

+void ImCommonEventManager::EventSubscriber::OnBundleScanFinished(const EventFwk::CommonEventData &data)
+{
+    IMSA_HILOGI("ImCommonEventManager in");
+    auto parcel = new (std::nothrow) MessageParcel();
+    if (parcel == nullptr) {
+        IMSA_HILOGE("failed to create MessageParcel");
+        return;
+    }
+    auto msg = new (std::nothrow) Message(MessageID::MSG_ID_BUNDLE_SCAN_FINISHED, parcel);
+    if (msg == nullptr) {
+        IMSA_HILOGE("failed to create Message");
+        delete parcel;
+        return;
+    }
+    MessageHandler::Instance()->SendMessage(msg);
+}
+
 void ImCommonEventManager::EventSubscriber::RemoveUser(const CommonEventData &data)
 {
    auto userId = data.GetCode();
--- a/services/src/input_method_system_ability.cpp
+++ b/services/src/input_method_system_ability.cpp
@ -842,6 +842,10 @@ void InputMethodSystemAbility::WorkThread()
                userSession_->OnHideSoftKeyBoardSelf();
                break;
            }
+            case MSG_ID_BUNDLE_SCAN_FINISHED: {
+                RegisterDataShareObserver();
+                break;
+            }
            default: {
                IMSA_HILOGD("the message is %{public}d.", msg->msgId_);
                break;
@ -974,30 +978,30 @@ void InputMethodSystemAbility::DealSecurityChange()
 {
    {
        std::lock_guard<std::mutex> lock(modeChangeMutex_);
-        if (isChangeHandling_.load()) {
+        if (isChangeHandling_) {
            IMSA_HILOGI("already has mode change task.");
-            hasPendingChanges_.store(true);
+            hasPendingChanges_ = true;
            return;
        } else {
-            isChangeHandling_.store(true);
-            hasPendingChanges_.store(true);
+            isChangeHandling_ = true;
+            hasPendingChanges_ = true;
        }
    }
    auto changeTask = [this]() {
+        pthread_setname_np(pthread_self(), "SecurityChange");
        auto checkChangeCount = [this]() {
            std::lock_guard<std::mutex> lock(modeChangeMutex_);
-            if (hasPendingChanges_.load()) {
+            if (hasPendingChanges_) {
                return true;
            }
-            isChangeHandling_.store(false);
+            isChangeHandling_ = false;
            return false;
        };
        do {
            OnSecurityModeChange();
        } while (checkChangeCount());
    };
-    // 0 means delay time is 0.
-    serviceHandler_->PostTask(changeTask, "SecurityChangeTask", 0, AppExecFwk::EventQueue::Priority::IMMEDIATE);
+    std::thread(changeTask).detach();
 }

 void InputMethodSystemAbility::DealSwitchRequest()
@ -1118,13 +1122,24 @@ void InputMethodSystemAbility::InitMonitors()
        IMSA_HILOGW("Enter enable mode");
        EnableImeDataParser::GetInstance()->Initialize(userId_);
        enableImeOn_ = true;
-        RegisterEnableImeObserver();
    }
    if (ImeInfoInquirer::GetInstance().IsEnableSecurityMode()) {
        IMSA_HILOGW("Enter security mode");
        enableSecurityMode_ = true;
+    }
+    RegisterDataShareObserver();
+}
+
+int32_t InputMethodSystemAbility::RegisterDataShareObserver()
+{
+    IMSA_HILOGD("in");
+    if (enableImeOn_) {
+        RegisterEnableImeObserver();
+    }
+    if (enableSecurityMode_) {
        RegisterSecurityModeObserver();
    }
+    return ErrorCode::NO_ERROR;
 }

 int32_t InputMethodSystemAbility::InitAccountMonitor()
@ -1221,7 +1236,7 @@ void InputMethodSystemAbility::OnSecurityModeChange()
 {
    {
        std::lock_guard<std::mutex> lock(modeChangeMutex_);
-        hasPendingChanges_.store(false);
+        hasPendingChanges_ = false;
    }
    auto currentIme = ImeCfgManager::GetInstance().GetCurrentImeCfg(userId_);
    auto oldMode = SecurityModeParser::GetInstance()->GetSecurityMode(currentIme->bundleName, userId_);
--- a/test/unittest/cpp_test/src/input_method_ext_seccomp_test.cpp
+++ b/test/unittest/cpp_test/src/input_method_ext_seccomp_test.cpp
@ -13,23 +13,23 @@
 * limitations under the License.
 */

-#include <gtest/gtest.h>
-
-#include <cstdlib>
-#include <unistd.h>
-#include <sys/wait.h>
-#include <csignal>
-#include <cerrno>
-#include <cstring>
-#include <sys/prctl.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <sys/syscall.h>
 #include <asm/unistd.h>
-#include <syscall.h>
-#include <climits>
+#include <fcntl.h>
+#include <gtest/gtest.h>
 #include <sched.h>
+#include <sys/prctl.h>
+#include <sys/stat.h>
+#include <sys/syscall.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <syscall.h>
+#include <unistd.h>
+
+#include <cerrno>
+#include <climits>
+#include <csignal>
+#include <cstdlib>
+#include <cstring>

 #include "seccomp_policy.h"

@ -156,6 +156,115 @@ public:
        return CheckStatus(status, isAllow);
    }

+    static bool CheckSendfile()
+    {
+        int ret = syscall(__NR_sendfile, 0, 0, nullptr, 0);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckVmsplice()
+    {
+        int ret = syscall(__NR_vmsplice, 0, nullptr, 0, 0);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckSocketpair()
+    {
+        int ret = syscall(__NR_socketpair, 0, 0, 0, nullptr);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckListen()
+    {
+        int ret = syscall(__NR_listen, 0, 0);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckAccept()
+    {
+        int ret = syscall(__NR_accept, 0, nullptr, nullptr);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckAccept4()
+    {
+        int ret = syscall(__NR_accept4, 0, nullptr, nullptr, 0);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckGetsockname()
+    {
+        int ret = syscall(__NR_getsockname, 0, nullptr, nullptr);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckGetpeername()
+    {
+        int ret = syscall(__NR_getpeername, 0, nullptr, nullptr);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckShutdown()
+    {
+        int ret = syscall(__NR_shutdown, 0, 0);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckSendmsg()
+    {
+        int ret = syscall(__NR_sendmsg, 0, nullptr, 0);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    static bool CheckRecvmmsg()
+    {
+        int ret = syscall(__NR_recvmmsg, 0, nullptr, 0, 0, nullptr);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
 #if defined __aarch64__
    static bool CheckSetuid()
    {
@ -166,12 +275,6 @@ public:

        return false;
    }
-    void TestInputMethodExtSycall()
-    {
-        // system blocklist
-        int ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckSetuid, false);
-        EXPECT_EQ(ret, 0);
-    }

 #elif defined __arm__
    static bool CheckSetuid32()
@ -183,13 +286,49 @@ public:
        return false;
    }

-    void TestInputMethodExtSycall()
+    static bool CheckSendfile64()
    {
-        // system blocklist
-        int ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckSetuid32, false);
-        EXPECT_EQ(ret, 0);
+        int ret = syscall(__NR_sendfile64, 0, 0, nullptr, 0);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
+    }
+    static bool CheckRecvmmsgTime64()
+    {
+        int ret = syscall(__NR_recvmmsg_time64, 0, nullptr, 0, 0, nullptr);
+        if (ret == 0) {
+            return true;
+        }
+
+        return false;
    }
 #endif
+
+    void TestInputMethodExtSycall()
+    {
+        int ret = -1;
+        ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckSendfile, false);
+        EXPECT_EQ(ret, 0);
+
+        ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckVmsplice, false);
+        EXPECT_EQ(ret, 0);
+
+#if defined __aarch64__
+        // system blocklist
+        ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckSetuid, false);
+        EXPECT_EQ(ret, 0);
+#elif defined __arm__
+        // system blocklist
+        ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckSetuid32, false);
+        EXPECT_EQ(ret, 0);
+        ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckSendfile64, false);
+        EXPECT_EQ(ret, 0);
+        ret = CheckSyscall(APP, IMF_EXTENTOIN_NAME, CheckRecvmmsgTime64, false);
+        EXPECT_EQ(ret, 0);
+#endif
+    }
 };

 /**
@ -203,6 +342,5 @@ HWTEST_F(SeccompUnitTest, TestInputMethodExtSycall, TestSize.Level1)
    SeccompUnitTest test;
    test.TestInputMethodExtSycall();
 }
-}
-}
-
+} // namespace MiscServices
+} // namespace OHOS