diff --git a/interfaces/innerkits/accesstoken/include/access_token.h b/interfaces/innerkits/accesstoken/include/access_token.h index d4b050ed75dd721ceedb18ca6e5e484cc41aacfc..601120beabfcaec0a52a41fab56cb542454b8864 100644 --- a/interfaces/innerkits/accesstoken/include/access_token.h +++ b/interfaces/innerkits/accesstoken/include/access_token.h @@ -31,8 +31,8 @@ enum AccessTokenKitRet { }; typedef struct { - unsigned int tokenUniqueID : 24; - unsigned int res : 3; + unsigned int tokenUniqueID : 20; + unsigned int res : 7; unsigned int type : 2; unsigned int version : 3; } AccessTokenIDInner; diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index 71c34e2c263d141b367f75750f31d7b4fe3cf74d..573c6517829157839e449a868cfb009a49a03893 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -44,6 +44,8 @@ extern "C" { #define MAX_PARAMTER_LEN 128 #define SYSTEM_PROP_NATIVE_RECEPTOR "rw.nativetoken.receptor.startup" #define PATH_MAX_LEN 4096 +#define MAX_RETRY_TIMES 1000 +#define TOKEN_RANDOM_MASK ((1 << 20) - 1) #define ATRET_FAILED 1 #define ATRET_SUCCESS 0 @@ -59,12 +61,13 @@ extern "C" { #define SYSTEM_BASIC 2 #define NORMAL 1 +#define INVALID_TOKEN_ID 0 typedef unsigned int NativeAtId; typedef unsigned int NativeAtAttr; typedef struct { - unsigned int tokenUniqueId : 24; - unsigned int reserved : 3; + unsigned int tokenUniqueId : 20; + unsigned int reserved : 7; unsigned int type : 2; unsigned int version : 3; } AtInnerInfo; diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index b890f10026fb736332da4b28849280847b371962..4e09e88b15669942b452cb4cb7ac8ca41cd2cbc2 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -258,19 +258,44 @@ int GetRandomTokenId(uint32_t *randNum) return ATRET_SUCCESS; } +static int32_t IsTokenUniqueIdExist(uint32_t tokenUniqueId) +{ + NativeTokenList *tokenNode = g_tokenListHead->next; + while (tokenNode != NULL) { + AtInnerInfo *existToken = (AtInnerInfo *)&(tokenNode->tokenId); + if (tokenUniqueId == existToken->tokenUniqueId) { + return 1; + } + tokenNode = tokenNode->next; + } + return 0; +} + NativeAtId CreateNativeTokenId(void) { uint32_t rand; NativeAtId tokenId; + int32_t ret; AtInnerInfo *innerId = (AtInnerInfo *)(&tokenId); + int32_t retry = MAX_RETRY_TIMES; - int ret = GetRandomTokenId(&rand); - if (ret != ATRET_SUCCESS) { - return 0; + while (retry > 0) { + ret = GetRandomTokenId(&rand); + if (ret != ATRET_SUCCESS) { + return INVALID_TOKEN_ID; + } + if (IsTokenUniqueIdExist(rand & (TOKEN_RANDOM_MASK)) == 0) { + break; + } + retry--; + } + if (retry == 0) { + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:retry times is 0.", __func__); + return INVALID_TOKEN_ID; } innerId->reserved = 0; - innerId->tokenUniqueId = rand & (0xFFFFFF); + innerId->tokenUniqueId = rand & (TOKEN_RANDOM_MASK); innerId->type = TOKEN_NATIVE_TYPE; innerId->version = 1; return tokenId; @@ -501,29 +526,16 @@ uint32_t CheckProcessInfo(const char *processname, const char **dcaps, return ATRET_SUCCESS; } -int32_t NativeTokenIdCheck(NativeAtId tokenId) -{ - NativeTokenList *tokenNode = g_tokenListHead; - while (tokenNode != NULL) { - if (tokenNode->tokenId == tokenId) { - return 1; - } - tokenNode = tokenNode->next; - } - return 0; -} - static uint32_t AddNewTokenToListAndCfgFile(const char *processname, const char **dcapsIn, int32_t dacpNumIn, int32_t aplIn, NativeAtId *tokenId) { NativeTokenList *tokenNode; NativeAtId id; - int32_t repeat; - do { - id = CreateNativeTokenId(); - repeat = NativeTokenIdCheck(id); - } while (repeat == 1); + id = CreateNativeTokenId(); + if (id == INVALID_TOKEN_ID) { + return ATRET_FAILED; + } tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tokenNode == NULL) { diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h index 336228323a1b2a4ebd43a392d090c0bf51a7edab..4d4ac8ba468ff7e9b919fe274f75aa71f6e2d17e 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h @@ -26,8 +26,8 @@ namespace OHOS { namespace Security { namespace AccessToken { -static constexpr unsigned int TOKEN_RANDOM_MASK = (1 << 24) - 1; -static const int MAX_CREATE_TOKEN_ID_RETRY = 2; +static constexpr unsigned int TOKEN_RANDOM_MASK = (1 << 20) - 1; +static const int MAX_CREATE_TOKEN_ID_RETRY = 1000; class AccessTokenIDManager final { public: diff --git a/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp index 3d1421b82ccfb948e52e4701d5f0b410cf3192de..56d491df5380d9c6061b4fda32ef79d2ea9cbfe6 100644 --- a/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/accesstoken_id_manager.cpp @@ -50,10 +50,14 @@ int AccessTokenIDManager::RegisterTokenId(AccessTokenID id, ATokenTypeEnum type) } Utils::UniqueWriteGuard idGuard(this->tokenIdLock_); - if (tokenIdSet_.count(id) != 0) { - return RET_FAILED; - } + for (std::set::iterator it = tokenIdSet_.begin(); it != tokenIdSet_.end(); ++it) { + AccessTokenID tokenId = *it; + AccessTokenIDInner *idInnerExist = (AccessTokenIDInner *)&tokenId; + if (idInnerExist->tokenUniqueID == idInner->tokenUniqueID) { + return RET_FAILED; + } + } tokenIdSet_.insert(id); return RET_SUCCESS; }