Resources | Resources |



Serial Port Access Restrictions

Serial Port Access Restriction (SPAR) rules are used to limit file system access when the file system is accessed from the diag serial port by tools such as QPST EFS explorer.

When OS services is initialized, OEMFSSpar_AccessCbk() is called to register a list of EFS paths that need to be monitored for Diag serial port access. When PC tools such as QPST EFS Explorer attempt to access the device EFS and the EFS access falls into the registered EFS path list, Diag seeks permission by calling OEMFSSpar_Access(). OEMFSSpar_Access() then grants or denies access by using the SPAR rules implemented in FSSpar.c.

SPAR rules are specified in two layers, the OEM layer and the Brew MP layer:

  • OEM layer: At this level, manufacturers can implement any restrictions they choose. They can also completely remove any restrictions. The default OEMFSSpar.c file (shipped with Brew MP to OEMs) simply checks for access (read or write) to the following hard-coded directories. If it is such an access, then it drops through to the Brew MP layer. If it is not one of these directories, then OEM layer exits (no restrictions are imposed).

    Note: If the manufacturer does not modify OEMFSSpar.c, no restrictions exist other than those imposed by the Brew MP layer.

  • Brew MP layer: Typically, if no OEM restrictions are triggered, the Brew MP layer is invoked. The default restrictions at this layer are as follows:

    • Any caller can list files in the file system
    • No access to fs:/ringers
    • No access to fs:/sys/download
    • No access to fs:/sys/priv
    • Certain restrictions on application directories and files with numeric names.

Note that the default SPAR rules impose NO restrictions whatsoever on access to fs:/sys/mod, which is the default location (if not changed by the manufacturer) of the Brew MP system modules. A tool that accesses the file system directly via DIAG has full read-write access to fs:/sys/mods and all subdirectories.

Default behavior

  • The following directories are monitored by default:
    • fs:/mif
    • fs:/mod
    • fs:/sys
    • fs:/ringers
  • SPAR rules were designed to prevent piracy of subscriber purchased and downloaded applications by preventing people from copying applications. The following default rules are designed for that purpose:
    • Listing is permitted for all directories
    • All other access is forbidden for:
      • fs:/sys/download
      • fs:/ringers
      • fs:/sys/priv
      • fs:/mif/nnn.mif, where nnn is a decimal number
      • fs:/mod/nnn, where nnn is a decimal number