EESAST
/
THUAI6
Not watched
1
0
Fork 0
Code
Releases 3 Wiki evaluate Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain HPC
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 9bc5774773
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9bc5774773'
${ noResults }
THUAI6/CAPI/cpp/grpc/include/grpcpp/security/binder_security_policy.h

90 lines
3.0 kB
Raw Blame History 

  1. // Copyright 2021 gRPC authors.

  2. //

  3. // Licensed under the Apache License, Version 2.0 (the "License");

  4. // you may not use this file except in compliance with the License.

  5. // You may obtain a copy of the License at

  6. //

  7. //     http://www.apache.org/licenses/LICENSE-2.0

  8. //

  9. // Unless required by applicable law or agreed to in writing, software

  10. // distributed under the License is distributed on an "AS IS" BASIS,

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  12. // See the License for the specific language governing permissions and

  13. // limitations under the License.

  14. 

  15. #ifndef GRPCPP_SECURITY_BINDER_SECURITY_POLICY_H

  16. #define GRPCPP_SECURITY_BINDER_SECURITY_POLICY_H

  17. 

  18. #include <memory>

  19. 

  20. #ifdef GPR_ANDROID

  21. 

  22. #include <jni.h>

  23. 

  24. #endif

  25. 

  26. namespace grpc

  27. {

  28.     namespace experimental

  29.     {

  30.         namespace binder

  31.         {

  32. 

  33.             // EXPERIMENTAL Determinines if a connection is allowed to be

  34.             // established on Android. See https://source.android.com/security/app-sandbox

  35.             // for more info about UID.

  36.             class SecurityPolicy

  37.             {

  38.             public:

  39.                 virtual ~SecurityPolicy() = default;

  40.                 // Returns true if the UID is authorized to connect.

  41.                 // Must return the same value for the same inputs so callers can safely cache

  42.                 // the result.

  43.                 virtual bool IsAuthorized(int uid) = 0;

  44.             };

  45. 

  46.             // EXPERIMENTAL Allows all connection. Anything on the Android device will be

  47.             // able to connect, use with caution!

  48.             class UntrustedSecurityPolicy : public SecurityPolicy

  49.             {

  50.             public:

  51.                 UntrustedSecurityPolicy();

  52.                 ~UntrustedSecurityPolicy() override;

  53.                 bool IsAuthorized(int uid) override;

  54.             };

  55. 

  56.             // EXPERIMENTAL Only allows the connections from processes with the same UID. In

  57.             // most cases this means "from the same APK".

  58.             class InternalOnlySecurityPolicy : public SecurityPolicy

  59.             {

  60.             public:

  61.                 InternalOnlySecurityPolicy();

  62.                 ~InternalOnlySecurityPolicy() override;

  63.                 bool IsAuthorized(int uid) override;

  64.             };

  65. 

  66. #ifdef GPR_ANDROID

  67. 

  68.             // EXPERIMENTAL Only allows the connections from the APK that have the same

  69.             // signature.

  70.             class SameSignatureSecurityPolicy : public SecurityPolicy

  71.             {

  72.             public:

  73.                 // `context` is required for getting PackageManager Java class

  74.                 SameSignatureSecurityPolicy(JavaVM* jvm, jobject context);

  75.                 ~SameSignatureSecurityPolicy() override;

  76.                 bool IsAuthorized(int uid) override;

  77. 

  78.             private:

  79.                 JavaVM* jvm_;

  80.                 jobject context_;

  81.             };

  82. 

  83. #endif

  84. 

  85.         }  // namespace binder

  86.     }      // namespace experimental

  87. }  // namespace grpc

  88. 

  89. #endif  // GRPCPP_SECURITY_BINDER_SECURITY_POLICY_H