Merge "cutils: don't fortify property_get on clang."
diff --git a/CleanSpec.mk b/CleanSpec.mk
index b3661e4..3cad427 100644
--- a/CleanSpec.mk
+++ b/CleanSpec.mk
@@ -56,3 +56,5 @@
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/EXECUTABLES/lmkd_intermediates/import_includes)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/SHARED_LIBRARIES/libsysutils_intermediates/import_includes)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/bin/grep $(PRODUCT_OUT)/system/bin/toolbox)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib/hw/gatekeeper.$(TARGET_DEVICE).so)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/lib64/hw/gatekeeper.$(TARGET_DEVICE).so)
diff --git a/adb/Android.mk b/adb/Android.mk
index 6693619..6188184 100644
--- a/adb/Android.mk
+++ b/adb/Android.mk
@@ -58,6 +58,7 @@
LIBADB_TEST_SRCS := \
adb_io_test.cpp \
+ adb_listeners_test.cpp \
adb_utils_test.cpp \
fdevent_test.cpp \
socket_test.cpp \
@@ -207,24 +208,6 @@
include $(BUILD_HOST_NATIVE_TEST)
-# adb device tracker (used by ddms) test tool
-# =========================================================
-
-ifeq ($(HOST_OS),linux)
-include $(CLEAR_VARS)
-LOCAL_MODULE := adb_device_tracker_test
-LOCAL_CFLAGS := -DADB_HOST=1 $(LIBADB_CFLAGS)
-LOCAL_CFLAGS_windows := $(LIBADB_windows_CFLAGS)
-LOCAL_CFLAGS_linux := $(LIBADB_linux_CFLAGS)
-LOCAL_CFLAGS_darwin := $(LIBADB_darwin_CFLAGS)
-LOCAL_SRC_FILES := test_track_devices.cpp
-LOCAL_SANITIZE := $(adb_host_sanitize)
-LOCAL_SHARED_LIBRARIES := libbase
-LOCAL_STATIC_LIBRARIES := libadb libcrypto_utils_static libcrypto_static libcutils
-LOCAL_LDLIBS += -lrt -ldl -lpthread
-include $(BUILD_HOST_EXECUTABLE)
-endif
-
# adb host tool
# =========================================================
include $(CLEAR_VARS)
diff --git a/adb/adb.cpp b/adb/adb.cpp
index 49d2936..3f14f1a 100644
--- a/adb/adb.cpp
+++ b/adb/adb.cpp
@@ -65,21 +65,34 @@
void fatal(const char *fmt, ...) {
va_list ap;
va_start(ap, fmt);
- fprintf(stderr, "error: ");
- vfprintf(stderr, fmt, ap);
- fprintf(stderr, "\n");
+ char buf[1024];
+ vsnprintf(buf, sizeof(buf), fmt, ap);
+
+#if ADB_HOST
+ fprintf(stderr, "error: %s\n", buf);
+#else
+ LOG(ERROR) << "error: " << buf;
+#endif
+
va_end(ap);
- exit(-1);
+ abort();
}
void fatal_errno(const char* fmt, ...) {
+ int err = errno;
va_list ap;
va_start(ap, fmt);
- fprintf(stderr, "error: %s: ", strerror(errno));
- vfprintf(stderr, fmt, ap);
- fprintf(stderr, "\n");
+ char buf[1024];
+ vsnprintf(buf, sizeof(buf), fmt, ap);
+
+#if ADB_HOST
+ fprintf(stderr, "error: %s: %s\n", buf, strerror(err));
+#else
+ LOG(ERROR) << "error: " << buf << ": " << strerror(err);
+#endif
+
va_end(ap);
- exit(-1);
+ abort();
}
apacket* get_apacket(void)
@@ -955,18 +968,25 @@
std::string error;
InstallStatus r;
+ int resolved_tcp_port = 0;
if (kill_forward) {
r = remove_listener(pieces[0].c_str(), transport);
} else {
- r = install_listener(pieces[0], pieces[1].c_str(), transport,
- no_rebind, &error);
+ r = install_listener(pieces[0], pieces[1].c_str(), transport, no_rebind,
+ &resolved_tcp_port, &error);
}
if (r == INSTALL_STATUS_OK) {
#if ADB_HOST
- /* On the host: 1st OKAY is connect, 2nd OKAY is status */
+ // On the host: 1st OKAY is connect, 2nd OKAY is status.
SendOkay(reply_fd);
#endif
SendOkay(reply_fd);
+
+ // If a TCP port was resolved, send the actual port number back.
+ if (resolved_tcp_port != 0) {
+ SendProtocolString(reply_fd, android::base::StringPrintf("%d", resolved_tcp_port));
+ }
+
return 1;
}
diff --git a/adb/adb.h b/adb/adb.h
index ea20800..9227eb1 100644
--- a/adb/adb.h
+++ b/adb/adb.h
@@ -50,7 +50,7 @@
std::string adb_version();
// Increment this when we want to force users to start a new adb server.
-#define ADB_SERVER_VERSION 36
+#define ADB_SERVER_VERSION 37
class atransport;
struct usb_handle;
@@ -116,29 +116,6 @@
kCsUnauthorized,
};
-/* A listener is an entity which binds to a local port
-** and, upon receiving a connection on that port, creates
-** an asocket to connect the new local connection to a
-** specific remote service.
-**
-** TODO: some listeners read from the new connection to
-** determine what exact service to connect to on the far
-** side.
-*/
-struct alistener
-{
- alistener *next;
- alistener *prev;
-
- fdevent fde;
- int fd;
-
- char *local_name;
- char *connect_to;
- atransport *transport;
- adisconnect disconnect;
-};
-
void print_packet(const char *label, apacket *p);
@@ -211,7 +188,7 @@
void local_init(int port);
-void local_connect(int port);
+bool local_connect(int port);
int local_connect_arbitrary_ports(int console_port, int adb_port, std::string* error);
// USB host/client interface.
diff --git a/adb/adb_auth.cpp b/adb/adb_auth.cpp
index 1ffab09..215bbe6 100644
--- a/adb/adb_auth.cpp
+++ b/adb/adb_auth.cpp
@@ -72,19 +72,23 @@
void send_auth_publickey(atransport *t)
{
D("Calling send_auth_publickey");
- apacket *p = get_apacket();
- int ret;
-
- ret = adb_auth_get_userkey(p->data, MAX_PAYLOAD_V1);
- if (!ret) {
+ std::string key = adb_auth_get_userkey();
+ if (key.empty()) {
D("Failed to get user public key");
- put_apacket(p);
return;
}
+ if (key.size() >= MAX_PAYLOAD_V1) {
+ D("User public key too large (%zu B)", key.size());
+ return;
+ }
+
+ apacket* p = get_apacket();
+ memcpy(p->data, key.c_str(), key.size() + 1);
+
p->msg.command = A_AUTH;
p->msg.arg0 = ADB_AUTH_RSAPUBLICKEY;
- p->msg.data_length = ret;
+ p->msg.data_length = key.size();
send_packet(p, t);
}
diff --git a/adb/adb_auth.h b/adb/adb_auth.h
index 1ab5e1a..6363bb4 100644
--- a/adb/adb_auth.h
+++ b/adb/adb_auth.h
@@ -41,7 +41,7 @@
int adb_auth_sign(void *key, const unsigned char* token, size_t token_size,
unsigned char* sig);
void *adb_auth_nextkey(void *current);
-int adb_auth_get_userkey(unsigned char *data, size_t len);
+std::string adb_auth_get_userkey();
static inline int adb_auth_generate_token(void *token, size_t token_size) {
return 0;
@@ -60,9 +60,7 @@
return 0;
}
static inline void *adb_auth_nextkey(void *current) { return NULL; }
-static inline int adb_auth_get_userkey(unsigned char *data, size_t len) {
- return 0;
-}
+static inline std::string adb_auth_get_userkey() { return ""; }
void adbd_auth_init(void);
void adbd_cloexec_auth_socket();
diff --git a/adb/adb_auth_host.cpp b/adb/adb_auth_host.cpp
index ab641eb..03cebe9 100644
--- a/adb/adb_auth_host.cpp
+++ b/adb/adb_auth_host.cpp
@@ -18,26 +18,17 @@
#include "sysdeps.h"
#include "adb_auth.h"
+#include "adb_utils.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#ifdef _WIN32
-# ifndef WIN32_LEAN_AND_MEAN
-# define WIN32_LEAN_AND_MEAN
-# endif
-# include "windows.h"
-# include "shlobj.h"
-#else
-# include <sys/types.h>
-# include <sys/stat.h>
-# include <unistd.h>
-#endif
-
#include "adb.h"
#include <android-base/errors.h>
+#include <android-base/file.h>
+#include <android-base/stringprintf.h>
#include <android-base/strings.h>
#include <crypto_utils/android_pubkey.h>
#include <cutils/list.h>
@@ -247,46 +238,23 @@
static int get_user_keyfilepath(char *filename, size_t len)
{
- const char *format, *home;
- char android_dir[PATH_MAX];
+ const std::string home = adb_get_homedir_path(true);
+ D("home '%s'", home.c_str());
+
+ const std::string android_dir =
+ android::base::StringPrintf("%s%c%s", home.c_str(),
+ OS_PATH_SEPARATOR, ANDROID_PATH);
+
struct stat buf;
-#ifdef _WIN32
- std::string home_str;
- home = getenv("ANDROID_SDK_HOME");
- if (!home) {
- WCHAR path[MAX_PATH];
- const HRESULT hr = SHGetFolderPathW(NULL, CSIDL_PROFILE, NULL, 0, path);
- if (FAILED(hr)) {
- D("SHGetFolderPathW failed: %s", android::base::SystemErrorCodeToString(hr).c_str());
- return -1;
- }
- if (!android::base::WideToUTF8(path, &home_str)) {
- return -1;
- }
- home = home_str.c_str();
- }
- format = "%s\\%s";
-#else
- home = getenv("HOME");
- if (!home)
- return -1;
- format = "%s/%s";
-#endif
-
- D("home '%s'", home);
-
- if (snprintf(android_dir, sizeof(android_dir), format, home,
- ANDROID_PATH) >= (int)sizeof(android_dir))
- return -1;
-
- if (stat(android_dir, &buf)) {
- if (adb_mkdir(android_dir, 0750) < 0) {
- D("Cannot mkdir '%s'", android_dir);
+ if (stat(android_dir.c_str(), &buf)) {
+ if (adb_mkdir(android_dir.c_str(), 0750) < 0) {
+ D("Cannot mkdir '%s'", android_dir.c_str());
return -1;
}
}
- return snprintf(filename, len, format, android_dir, ADB_KEY_FILE);
+ return snprintf(filename, len, "%s%c%s",
+ android_dir.c_str(), OS_PATH_SEPARATOR, ADB_KEY_FILE);
}
static int get_user_key(struct listnode *list)
@@ -367,39 +335,21 @@
return NULL;
}
-int adb_auth_get_userkey(unsigned char *data, size_t len)
-{
+std::string adb_auth_get_userkey() {
char path[PATH_MAX];
int ret = get_user_keyfilepath(path, sizeof(path) - 4);
if (ret < 0 || ret >= (signed)(sizeof(path) - 4)) {
D("Error getting user key filename");
- return 0;
+ return "";
}
strcat(path, ".pub");
- // TODO(danalbert): ReadFileToString
- // Note that on Windows, load_file() does not do CR/LF translation, but
- // ReadFileToString() uses the C Runtime which uses CR/LF translation by
- // default (by is overridable with _setmode()).
- unsigned size;
- char* file_data = reinterpret_cast<char*>(load_file(path, &size));
- if (file_data == nullptr) {
+ std::string content;
+ if (!android::base::ReadFileToString(path, &content)) {
D("Can't load '%s'", path);
- return 0;
+ return "";
}
-
- if (len < (size_t)(size + 1)) {
- D("%s: Content too large ret=%d", path, size);
- free(file_data);
- return 0;
- }
-
- memcpy(data, file_data, size);
- free(file_data);
- file_data = nullptr;
- data[size] = '\0';
-
- return size + 1;
+ return content;
}
int adb_auth_keygen(const char* filename) {
diff --git a/adb/adb_listeners.cpp b/adb/adb_listeners.cpp
index e8c2338..f54603c 100644
--- a/adb/adb_listeners.cpp
+++ b/adb/adb_listeners.cpp
@@ -20,18 +20,55 @@
#include <stdlib.h>
#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
#include <cutils/sockets.h>
#include "sysdeps.h"
#include "transport.h"
-int gListenAll = 0; /* Not static because it is used in commandline.c. */
+// Not static because it is used in commandline.c.
+int gListenAll = 0;
-static alistener listener_list = {
- .next = &listener_list,
- .prev = &listener_list,
+// A listener is an entity which binds to a local port and, upon receiving a connection on that
+// port, creates an asocket to connect the new local connection to a specific remote service.
+//
+// TODO: some listeners read from the new connection to determine what exact service to connect to
+// on the far side.
+class alistener {
+ public:
+ alistener(const std::string& _local_name, const std::string& _connect_to);
+ ~alistener();
+
+ fdevent fde;
+ int fd = -1;
+
+ std::string local_name;
+ std::string connect_to;
+ atransport* transport = nullptr;
+ adisconnect disconnect;
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(alistener);
};
+alistener::alistener(const std::string& _local_name, const std::string& _connect_to)
+ : local_name(_local_name), connect_to(_connect_to) {
+}
+
+alistener::~alistener() {
+ // Closes the corresponding fd.
+ fdevent_remove(&fde);
+
+ if (transport) {
+ transport->RemoveDisconnect(&disconnect);
+ }
+}
+
+// listener_list retains ownership of all created alistener objects. Removing an alistener from
+// this list will cause it to be deleted.
+typedef std::list<std::unique_ptr<alistener>> ListenerList;
+static ListenerList& listener_list = *new ListenerList();
+
static void ss_listener_event_func(int _fd, unsigned ev, void *_l) {
if (ev & FDE_READ) {
sockaddr_storage ss;
@@ -73,7 +110,7 @@
s = create_local_socket(fd);
if (s) {
s->transport = listener->transport;
- connect_to_remote(s, listener->connect_to);
+ connect_to_remote(s, listener->connect_to.c_str());
return;
}
@@ -81,66 +118,63 @@
}
}
-static void free_listener(alistener* l)
-{
- if (l->next) {
- l->next->prev = l->prev;
- l->prev->next = l->next;
- l->next = l->prev = l;
- }
-
- // closes the corresponding fd
- fdevent_remove(&l->fde);
-
- if (l->local_name)
- free((char*)l->local_name);
-
- if (l->connect_to)
- free((char*)l->connect_to);
-
- if (l->transport) {
- l->transport->RemoveDisconnect(&l->disconnect);
- }
- free(l);
-}
-
+// Called as a transport disconnect function. |arg| is the raw alistener*.
static void listener_disconnect(void* arg, atransport*) {
- alistener* listener = reinterpret_cast<alistener*>(arg);
- listener->transport = nullptr;
- free_listener(listener);
-}
-
-static int local_name_to_fd(const char* name, std::string* error) {
- if (!strncmp("tcp:", name, 4)) {
- int port = atoi(name + 4);
- if (gListenAll > 0) {
- return network_inaddr_any_server(port, SOCK_STREAM, error);
- } else {
- return network_loopback_server(port, SOCK_STREAM, error);
+ for (auto iter = listener_list.begin(); iter != listener_list.end(); ++iter) {
+ if (iter->get() == arg) {
+ (*iter)->transport = nullptr;
+ listener_list.erase(iter);
+ return;
}
}
+}
+
+int local_name_to_fd(alistener* listener, int* resolved_tcp_port, std::string* error) {
+ if (android::base::StartsWith(listener->local_name, "tcp:")) {
+ int requested_port = atoi(&listener->local_name[4]);
+ int sock = -1;
+ if (gListenAll > 0) {
+ sock = network_inaddr_any_server(requested_port, SOCK_STREAM, error);
+ } else {
+ sock = network_loopback_server(requested_port, SOCK_STREAM, error);
+ }
+
+ // If the caller requested port 0, update the listener name with the resolved port.
+ if (sock >= 0 && requested_port == 0) {
+ int local_port = adb_socket_get_local_port(sock);
+ if (local_port > 0) {
+ listener->local_name = android::base::StringPrintf("tcp:%d", local_port);
+ if (resolved_tcp_port != nullptr) {
+ *resolved_tcp_port = local_port;
+ }
+ }
+ }
+
+ return sock;
+ }
#if !defined(_WIN32) // No Unix-domain sockets on Windows.
- // It's nonsensical to support the "reserved" space on the adb host side
- if (!strncmp(name, "local:", 6)) {
- return network_local_server(name + 6,
- ANDROID_SOCKET_NAMESPACE_ABSTRACT, SOCK_STREAM, error);
- } else if (!strncmp(name, "localabstract:", 14)) {
- return network_local_server(name + 14,
- ANDROID_SOCKET_NAMESPACE_ABSTRACT, SOCK_STREAM, error);
- } else if (!strncmp(name, "localfilesystem:", 16)) {
- return network_local_server(name + 16,
- ANDROID_SOCKET_NAMESPACE_FILESYSTEM, SOCK_STREAM, error);
+ // It's nonsensical to support the "reserved" space on the adb host side.
+ if (android::base::StartsWith(listener->local_name, "local:")) {
+ return network_local_server(&listener->local_name[6], ANDROID_SOCKET_NAMESPACE_ABSTRACT,
+ SOCK_STREAM, error);
+ } else if (android::base::StartsWith(listener->local_name, "localabstract:")) {
+ return network_local_server(&listener->local_name[14], ANDROID_SOCKET_NAMESPACE_ABSTRACT,
+ SOCK_STREAM, error);
+ } else if (android::base::StartsWith(listener->local_name, "localfilesystem:")) {
+ return network_local_server(&listener->local_name[16], ANDROID_SOCKET_NAMESPACE_FILESYSTEM,
+ SOCK_STREAM, error);
}
#endif
- *error = android::base::StringPrintf("unknown local portname '%s'", name);
+ *error = android::base::StringPrintf("unknown local portname '%s'",
+ listener->local_name.c_str());
return -1;
}
// Write the list of current listeners (network redirections) into a string.
std::string format_listeners() {
std::string result;
- for (alistener* l = listener_list.next; l != &listener_list; l = l->next) {
+ for (auto& l : listener_list) {
// Ignore special listeners like those for *smartsocket*
if (l->connect_to[0] == '*') {
continue;
@@ -149,65 +183,51 @@
// Entries from "adb reverse" have no serial.
android::base::StringAppendF(&result, "%s %s %s\n",
l->transport->serial ? l->transport->serial : "(reverse)",
- l->local_name, l->connect_to);
+ l->local_name.c_str(), l->connect_to.c_str());
}
return result;
}
-InstallStatus remove_listener(const char *local_name, atransport* transport) {
- alistener *l;
-
- for (l = listener_list.next; l != &listener_list; l = l->next) {
- if (!strcmp(local_name, l->local_name)) {
- free_listener(l);
+InstallStatus remove_listener(const char* local_name, atransport* transport) {
+ for (auto iter = listener_list.begin(); iter != listener_list.end(); ++iter) {
+ if (local_name == (*iter)->local_name) {
+ listener_list.erase(iter);
return INSTALL_STATUS_OK;
}
}
return INSTALL_STATUS_LISTENER_NOT_FOUND;
}
-void remove_all_listeners(void)
-{
- alistener *l, *l_next;
- for (l = listener_list.next; l != &listener_list; l = l_next) {
- l_next = l->next;
+void remove_all_listeners() {
+ auto iter = listener_list.begin();
+ while (iter != listener_list.end()) {
// Never remove smart sockets.
- if (l->connect_to[0] == '*')
- continue;
- free_listener(l);
+ if ((*iter)->connect_to[0] == '*') {
+ ++iter;
+ } else {
+ iter = listener_list.erase(iter);
+ }
}
}
-InstallStatus install_listener(const std::string& local_name,
- const char *connect_to,
- atransport* transport,
- int no_rebind,
- std::string* error)
-{
- for (alistener* l = listener_list.next; l != &listener_list; l = l->next) {
+InstallStatus install_listener(const std::string& local_name, const char* connect_to,
+ atransport* transport, int no_rebind, int* resolved_tcp_port,
+ std::string* error) {
+ for (auto& l : listener_list) {
if (local_name == l->local_name) {
- char* cto;
-
- /* can't repurpose a smartsocket */
+ // Can't repurpose a smartsocket.
if(l->connect_to[0] == '*') {
*error = "cannot repurpose smartsocket";
return INSTALL_STATUS_INTERNAL_ERROR;
}
- /* can't repurpose a listener if 'no_rebind' is true */
+ // Can't repurpose a listener if 'no_rebind' is true.
if (no_rebind) {
*error = "cannot rebind";
return INSTALL_STATUS_CANNOT_REBIND;
}
- cto = strdup(connect_to);
- if(cto == 0) {
- *error = "cannot duplicate string";
- return INSTALL_STATUS_INTERNAL_ERROR;
- }
-
- free((void*) l->connect_to);
- l->connect_to = cto;
+ l->connect_to = connect_to;
if (l->transport != transport) {
l->transport->RemoveDisconnect(&l->disconnect);
l->transport = transport;
@@ -217,54 +237,29 @@
}
}
- alistener* listener = reinterpret_cast<alistener*>(
- calloc(1, sizeof(alistener)));
- if (listener == nullptr) {
- goto nomem;
- }
+ std::unique_ptr<alistener> listener(new alistener(local_name, connect_to));
- listener->local_name = strdup(local_name.c_str());
- if (listener->local_name == nullptr) {
- goto nomem;
- }
-
- listener->connect_to = strdup(connect_to);
- if (listener->connect_to == nullptr) {
- goto nomem;
- }
-
- listener->fd = local_name_to_fd(listener->local_name, error);
+ listener->fd = local_name_to_fd(listener.get(), resolved_tcp_port, error);
if (listener->fd < 0) {
- free(listener->local_name);
- free(listener->connect_to);
- free(listener);
return INSTALL_STATUS_CANNOT_BIND;
}
close_on_exec(listener->fd);
- if (!strcmp(listener->connect_to, "*smartsocket*")) {
- fdevent_install(&listener->fde, listener->fd, ss_listener_event_func,
- listener);
+ if (listener->connect_to == "*smartsocket*") {
+ fdevent_install(&listener->fde, listener->fd, ss_listener_event_func, listener.get());
} else {
- fdevent_install(&listener->fde, listener->fd, listener_event_func,
- listener);
+ fdevent_install(&listener->fde, listener->fd, listener_event_func, listener.get());
}
fdevent_set(&listener->fde, FDE_READ);
- listener->next = &listener_list;
- listener->prev = listener_list.prev;
- listener->next->prev = listener;
- listener->prev->next = listener;
listener->transport = transport;
if (transport) {
- listener->disconnect.opaque = listener;
+ listener->disconnect.opaque = listener.get();
listener->disconnect.func = listener_disconnect;
transport->AddDisconnect(&listener->disconnect);
}
- return INSTALL_STATUS_OK;
-nomem:
- fatal("cannot allocate listener");
- return INSTALL_STATUS_INTERNAL_ERROR;
+ listener_list.push_back(std::move(listener));
+ return INSTALL_STATUS_OK;
}
diff --git a/adb/adb_listeners.h b/adb/adb_listeners.h
index fa98eed..8eba00a 100644
--- a/adb/adb_listeners.h
+++ b/adb/adb_listeners.h
@@ -21,6 +21,8 @@
#include <string>
+#include <android-base/macros.h>
+
// error/status codes for install_listener.
enum InstallStatus {
INSTALL_STATUS_OK = 0,
@@ -30,10 +32,8 @@
INSTALL_STATUS_LISTENER_NOT_FOUND = -4,
};
-InstallStatus install_listener(const std::string& local_name,
- const char* connect_to,
- atransport* transport,
- int no_rebind,
+InstallStatus install_listener(const std::string& local_name, const char* connect_to,
+ atransport* transport, int no_rebind, int* resolved_tcp_port,
std::string* error);
std::string format_listeners();
diff --git a/adb/adb_listeners_test.cpp b/adb/adb_listeners_test.cpp
new file mode 100644
index 0000000..b697769
--- /dev/null
+++ b/adb/adb_listeners_test.cpp
@@ -0,0 +1,166 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "adb_listeners.h"
+
+#include <gtest/gtest.h>
+
+#include <android-base/stringprintf.h>
+#include <android-base/strings.h>
+
+#include "fdevent.h"
+#include "sysdeps.h"
+#include "transport.h"
+
+// Returns true if the given listener is present in format_listeners(). Empty parameters will
+// be ignored.
+static bool listener_is_installed(const std::string& serial, const std::string& source,
+ const std::string& dest) {
+ // format_listeners() gives lines of "<serial> <source> <dest>\n".
+ for (const std::string& line : android::base::Split(format_listeners(), "\n")) {
+ std::vector<std::string> info = android::base::Split(line, " ");
+ if (info.size() == 3 &&
+ (serial.empty() || info[0] == serial) &&
+ (source.empty() || info[1] == source) &&
+ (dest.empty() || info[2] == dest)) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+class AdbListenersTest : public ::testing::Test {
+ public:
+ void SetUp() override {
+ // We don't need an fdevent loop, but adding/removing listeners must be done from the
+ // fdevent thread if one exists. Since previously run tests may have created an fdevent
+ // thread, we need to reset to prevent the thread check.
+ fdevent_reset();
+ }
+
+ void TearDown() override {
+ // Clean up any listeners that may have been installed.
+ remove_all_listeners();
+
+ // Make sure we didn't leave any dangling events.
+ ASSERT_EQ(0u, fdevent_installed_count());
+ }
+
+ protected:
+ atransport transport_;
+};
+
+TEST_F(AdbListenersTest, test_install_listener) {
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9000", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_TRUE(listener_is_installed("", "tcp:9000", "tcp:9000"));
+}
+
+TEST_F(AdbListenersTest, test_install_listener_rebind) {
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9000", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9001", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_TRUE(listener_is_installed("", "tcp:9000", "tcp:9001"));
+}
+
+TEST_F(AdbListenersTest, test_install_listener_no_rebind) {
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9000", &transport_, true, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_EQ(INSTALL_STATUS_CANNOT_REBIND,
+ install_listener("tcp:9000", "tcp:9001", &transport_, true, nullptr, &error));
+ ASSERT_FALSE(error.empty());
+
+ ASSERT_TRUE(listener_is_installed("", "tcp:9000", "tcp:9000"));
+}
+
+TEST_F(AdbListenersTest, test_install_listener_tcp_port_0) {
+ int port = 0;
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:0", "tcp:9000", &transport_, true, &port, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_TRUE(listener_is_installed("", android::base::StringPrintf("tcp:%d", port), "tcp:9000"));
+}
+
+TEST_F(AdbListenersTest, test_remove_listener) {
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9000", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_EQ(INSTALL_STATUS_OK, remove_listener("tcp:9000", &transport_));
+ ASSERT_TRUE(format_listeners().empty());
+}
+
+TEST_F(AdbListenersTest, test_remove_nonexistent_listener) {
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9000", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_EQ(INSTALL_STATUS_LISTENER_NOT_FOUND, remove_listener("tcp:1", &transport_));
+ ASSERT_TRUE(listener_is_installed("", "tcp:9000", "tcp:9000"));
+}
+
+TEST_F(AdbListenersTest, test_remove_all_listeners) {
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9000", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9001", "tcp:9001", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ remove_all_listeners();
+ ASSERT_TRUE(format_listeners().empty());
+}
+
+TEST_F(AdbListenersTest, test_transport_disconnect) {
+ std::string error;
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9000", "tcp:9000", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ ASSERT_EQ(INSTALL_STATUS_OK,
+ install_listener("tcp:9001", "tcp:9001", &transport_, false, nullptr, &error));
+ ASSERT_TRUE(error.empty());
+
+ transport_.RunDisconnects();
+ ASSERT_TRUE(format_listeners().empty());
+}
diff --git a/adb/adb_trace.h b/adb/adb_trace.h
index d50f947..5206a99 100644
--- a/adb/adb_trace.h
+++ b/adb/adb_trace.h
@@ -41,7 +41,7 @@
};
#define VLOG_IS_ON(TAG) \
- ((adb_trace_mask & (1 << TAG)) != 0)
+ ((adb_trace_mask & (1 << (TAG))) != 0)
#define VLOG(TAG) \
if (LIKELY(!VLOG_IS_ON(TAG))) \
diff --git a/adb/adb_utils.cpp b/adb/adb_utils.cpp
index 3333fc6..31ec8af 100644
--- a/adb/adb_utils.cpp
+++ b/adb/adb_utils.cpp
@@ -27,6 +27,7 @@
#include <algorithm>
#include <android-base/logging.h>
+#include <android-base/parseint.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
@@ -34,6 +35,14 @@
#include "adb_trace.h"
#include "sysdeps.h"
+#ifdef _WIN32
+# ifndef WIN32_LEAN_AND_MEAN
+# define WIN32_LEAN_AND_MEAN
+# endif
+# include "windows.h"
+# include "shlobj.h"
+#endif
+
ADB_MUTEX_DEFINE(basename_lock);
ADB_MUTEX_DEFINE(dirname_lock);
@@ -230,3 +239,53 @@
return true;
}
#endif
+
+bool forward_targets_are_valid(const std::string& source, const std::string& dest,
+ std::string* error) {
+ if (android::base::StartsWith(source, "tcp:")) {
+ // The source port may be 0 to allow the system to select an open port.
+ int port;
+ if (!android::base::ParseInt(&source[4], &port) || port < 0) {
+ *error = android::base::StringPrintf("Invalid source port: '%s'", &source[4]);
+ return false;
+ }
+ }
+
+ if (android::base::StartsWith(dest, "tcp:")) {
+ // The destination port must be > 0.
+ int port;
+ if (!android::base::ParseInt(&dest[4], &port) || port <= 0) {
+ *error = android::base::StringPrintf("Invalid destination port: '%s'", &dest[4]);
+ return false;
+ }
+ }
+
+ return true;
+}
+
+std::string adb_get_homedir_path(bool check_env_first) {
+#ifdef _WIN32
+ if (check_env_first) {
+ if (const char* const home = getenv("ANDROID_SDK_HOME")) {
+ return home;
+ }
+ }
+
+ WCHAR path[MAX_PATH];
+ const HRESULT hr = SHGetFolderPathW(NULL, CSIDL_PROFILE, NULL, 0, path);
+ if (FAILED(hr)) {
+ D("SHGetFolderPathW failed: %s", android::base::SystemErrorCodeToString(hr).c_str());
+ return {};
+ }
+ std::string home_str;
+ if (!android::base::WideToUTF8(path, &home_str)) {
+ return {};
+ }
+ return home_str;
+#else
+ if (const char* const home = getenv("HOME")) {
+ return home;
+ }
+ return {};
+#endif
+}
diff --git a/adb/adb_utils.h b/adb/adb_utils.h
index 89fcd66..f6b4b26 100644
--- a/adb/adb_utils.h
+++ b/adb/adb_utils.h
@@ -20,6 +20,7 @@
#include <string>
#include <android-base/macros.h>
+#include <android-base/unique_fd.h>
void close_stdin();
@@ -31,6 +32,12 @@
std::string adb_basename(const std::string& path);
std::string adb_dirname(const std::string& path);
+// Return the user's home directory.
+// |check_env_first| - if true, on Windows check the ANDROID_SDK_HOME
+// environment variable before trying the WinAPI call (useful when looking for
+// the .android directory)
+std::string adb_get_homedir_path(bool check_env_first);
+
bool mkdirs(const std::string& path);
std::string escape_arg(const std::string& s);
@@ -43,43 +50,20 @@
extern int adb_close(int fd);
+// Given forward/reverse targets, returns true if they look sane. If an error is found, fills
+// |error| and returns false.
+// Currently this only checks "tcp:" targets. Additional checking could be added for other targets
+// if needed.
+bool forward_targets_are_valid(const std::string& source, const std::string& dest,
+ std::string* error);
+
// Helper to automatically close an FD when it goes out of scope.
-class ScopedFd {
- public:
- ScopedFd() {
+struct AdbCloser {
+ static void Close(int fd) {
+ adb_close(fd);
}
-
- ~ScopedFd() {
- Reset();
- }
-
- void Reset(int fd = -1) {
- if (fd != fd_) {
- if (valid()) {
- adb_close(fd_);
- }
- fd_ = fd;
- }
- }
-
- int Release() {
- int temp = fd_;
- fd_ = -1;
- return temp;
- }
-
- bool valid() const {
- return fd_ >= 0;
- }
-
- int fd() const {
- return fd_;
- }
-
- private:
- int fd_ = -1;
-
- DISALLOW_COPY_AND_ASSIGN(ScopedFd);
};
+using unique_fd = android::base::unique_fd_impl<AdbCloser>;
+
#endif
diff --git a/adb/adb_utils_test.cpp b/adb/adb_utils_test.cpp
index f1ebaa1..aabc5d7 100644
--- a/adb/adb_utils_test.cpp
+++ b/adb/adb_utils_test.cpp
@@ -149,3 +149,24 @@
ASSERT_EQ(0, adb_close(fd));
}
#endif
+
+TEST(adb_utils, test_forward_targets_are_valid) {
+ std::string error;
+
+ // Source port can be >= 0.
+ EXPECT_FALSE(forward_targets_are_valid("tcp:-1", "tcp:9000", &error));
+ EXPECT_TRUE(forward_targets_are_valid("tcp:0", "tcp:9000", &error));
+ EXPECT_TRUE(forward_targets_are_valid("tcp:8000", "tcp:9000", &error));
+
+ // Destination port must be >0.
+ EXPECT_FALSE(forward_targets_are_valid("tcp:8000", "tcp:-1", &error));
+ EXPECT_FALSE(forward_targets_are_valid("tcp:8000", "tcp:0", &error));
+
+ // Port must be a number.
+ EXPECT_FALSE(forward_targets_are_valid("tcp:", "tcp:9000", &error));
+ EXPECT_FALSE(forward_targets_are_valid("tcp:a", "tcp:9000", &error));
+ EXPECT_FALSE(forward_targets_are_valid("tcp:22x", "tcp:9000", &error));
+ EXPECT_FALSE(forward_targets_are_valid("tcp:8000", "tcp:", &error));
+ EXPECT_FALSE(forward_targets_are_valid("tcp:8000", "tcp:a", &error));
+ EXPECT_FALSE(forward_targets_are_valid("tcp:8000", "tcp:22x", &error));
+}
diff --git a/adb/client/main.cpp b/adb/client/main.cpp
index 27b7109..65640ad 100644
--- a/adb/client/main.cpp
+++ b/adb/client/main.cpp
@@ -117,7 +117,7 @@
std::string error;
std::string local_name = android::base::StringPrintf("tcp:%d", server_port);
- if (install_listener(local_name, "*smartsocket*", nullptr, 0, &error)) {
+ if (install_listener(local_name, "*smartsocket*", nullptr, 0, nullptr, &error)) {
fatal("could not install *smartsocket* listener: %s", error.c_str());
}
diff --git a/adb/commandline.cpp b/adb/commandline.cpp
index 45c6142..82fa19a 100644
--- a/adb/commandline.cpp
+++ b/adb/commandline.cpp
@@ -35,6 +35,7 @@
#include <string>
#include <vector>
+#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
@@ -126,7 +127,7 @@
" <serial> \" \" <local> \" \" <remote> \"\\n\"\n"
" adb forward <local> <remote> - forward socket connections\n"
" forward specs are one of: \n"
- " tcp:<port>\n"
+ " tcp:<port> (<local> may be \"tcp:0\" to pick any open port)\n"
" localabstract:<unix domain socket name>\n"
" localreserved:<unix domain socket name>\n"
" localfilesystem:<unix domain socket name>\n"
@@ -140,7 +141,7 @@
" adb reverse --list - list all reverse socket connections from device\n"
" adb reverse <remote> <local> - reverse socket connections\n"
" reverse specs are one of:\n"
- " tcp:<port>\n"
+ " tcp:<port> (<remote> may be \"tcp:0\" to pick any open port)\n"
" localabstract:<unix domain socket name>\n"
" localreserved:<unix domain socket name>\n"
" localfilesystem:<unix domain socket name>\n"
@@ -871,47 +872,47 @@
* we hang up.
*/
static int adb_sideload_host(const char* fn) {
- unsigned sz;
- size_t xfer = 0;
- int status;
- int last_percent = -1;
- int opt = SIDELOAD_HOST_BLOCK_SIZE;
-
printf("loading: '%s'", fn);
fflush(stdout);
- uint8_t* data = reinterpret_cast<uint8_t*>(load_file(fn, &sz));
- if (data == 0) {
+
+ std::string content;
+ if (!android::base::ReadFileToString(fn, &content)) {
printf("\n");
fprintf(stderr, "* cannot read '%s' *\n", fn);
return -1;
}
+ const uint8_t* data = reinterpret_cast<const uint8_t*>(content.data());
+ unsigned sz = content.size();
+
std::string service =
android::base::StringPrintf("sideload-host:%d:%d", sz, SIDELOAD_HOST_BLOCK_SIZE);
std::string error;
- int fd = adb_connect(service, &error);
- if (fd < 0) {
+ unique_fd fd(adb_connect(service, &error));
+ if (fd >= 0) {
// Try falling back to the older sideload method. Maybe this
// is an older device that doesn't support sideload-host.
printf("\n");
- status = adb_download_buffer("sideload", fn, data, sz, true);
- goto done;
+ return adb_download_buffer("sideload", fn, data, sz, true);
}
- opt = adb_setsockopt(fd, SOL_SOCKET, SO_SNDBUF, (const void *) &opt, sizeof(opt));
+ int opt = SIDELOAD_HOST_BLOCK_SIZE;
+ adb_setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &opt, sizeof(opt));
+ size_t xfer = 0;
+ int last_percent = -1;
while (true) {
char buf[9];
if (!ReadFdExactly(fd, buf, 8)) {
fprintf(stderr, "* failed to read command: %s\n", strerror(errno));
- status = -1;
- goto done;
+ return -1;
}
buf[8] = '\0';
if (strcmp("DONEDONE", buf) == 0) {
- status = 0;
- break;
+ printf("\rTotal xfer: %.2fx%*s\n",
+ (double)xfer / (sz ? sz : 1), (int)strlen(fn)+10, "");
+ return 0;
}
int block = strtol(buf, NULL, 10);
@@ -919,21 +920,19 @@
size_t offset = block * SIDELOAD_HOST_BLOCK_SIZE;
if (offset >= sz) {
fprintf(stderr, "* attempt to read block %d past end\n", block);
- status = -1;
- goto done;
+ return -1;
}
- uint8_t* start = data + offset;
+ const uint8_t* start = data + offset;
size_t offset_end = offset + SIDELOAD_HOST_BLOCK_SIZE;
size_t to_write = SIDELOAD_HOST_BLOCK_SIZE;
if (offset_end > sz) {
to_write = sz - offset;
}
- if(!WriteFdExactly(fd, start, to_write)) {
+ if (!WriteFdExactly(fd, start, to_write)) {
adb_status(fd, &error);
fprintf(stderr,"* failed to write data '%s' *\n", error.c_str());
- status = -1;
- goto done;
+ return -1;
}
xfer += to_write;
@@ -950,13 +949,6 @@
last_percent = percent;
}
}
-
- printf("\rTotal xfer: %.2fx%*s\n", (double)xfer / (sz ? sz : 1), (int)strlen(fn)+10, "");
-
- done:
- if (fd >= 0) adb_close(fd);
- free(data);
- return status;
}
/**
@@ -1067,10 +1059,9 @@
static bool adb_root(const char* command) {
std::string error;
- ScopedFd fd;
- fd.Reset(adb_connect(android::base::StringPrintf("%s:", command), &error));
- if (!fd.valid()) {
+ unique_fd fd(adb_connect(android::base::StringPrintf("%s:", command), &error));
+ if (fd < 0) {
fprintf(stderr, "adb: unable to connect for %s: %s\n", command, error.c_str());
return false;
}
@@ -1080,7 +1071,7 @@
char* cur = buf;
ssize_t bytes_left = sizeof(buf);
while (bytes_left > 0) {
- ssize_t bytes_read = adb_read(fd.fd(), cur, bytes_left);
+ ssize_t bytes_read = adb_read(fd, cur, bytes_left);
if (bytes_read == 0) {
break;
} else if (bytes_read < 0) {
@@ -1719,7 +1710,7 @@
}
}
- std::string cmd;
+ std::string cmd, error;
if (strcmp(argv[0], "--list") == 0) {
if (argc != 1) return usage();
return adb_query_command(host_prefix + ":list-forward");
@@ -1733,14 +1724,37 @@
} else if (strcmp(argv[0], "--no-rebind") == 0) {
// forward --no-rebind <local> <remote>
if (argc != 3) return usage();
- cmd = host_prefix + ":forward:norebind:" + argv[1] + ";" + argv[2];
+ if (forward_targets_are_valid(argv[1], argv[2], &error)) {
+ cmd = host_prefix + ":forward:norebind:" + argv[1] + ";" + argv[2];
+ }
} else {
// forward <local> <remote>
if (argc != 2) return usage();
- cmd = host_prefix + ":forward:" + argv[0] + ";" + argv[1];
+ if (forward_targets_are_valid(argv[0], argv[1], &error)) {
+ cmd = host_prefix + ":forward:" + argv[0] + ";" + argv[1];
+ }
}
- return adb_command(cmd) ? 0 : 1;
+ if (!error.empty()) {
+ fprintf(stderr, "error: %s\n", error.c_str());
+ return 1;
+ }
+
+ int fd = adb_connect(cmd, &error);
+ if (fd < 0 || !adb_status(fd, &error)) {
+ adb_close(fd);
+ fprintf(stderr, "error: %s\n", error.c_str());
+ return 1;
+ }
+
+ // Server or device may optionally return a resolved TCP port number.
+ std::string resolved_port;
+ if (ReadProtocolString(fd, &resolved_port, &error) && !resolved_port.empty()) {
+ printf("%s\n", resolved_port.c_str());
+ }
+
+ ReadOrderlyShutdown(fd);
+ return 0;
}
/* do_sync_*() commands */
else if (!strcmp(argv[0], "ls")) {
@@ -1879,6 +1893,14 @@
else if (!strcmp(argv[0], "jdwp")) {
return adb_connect_command("jdwp");
}
+ else if (!strcmp(argv[0], "track-jdwp")) {
+ return adb_connect_command("track-jdwp");
+ }
+ else if (!strcmp(argv[0], "track-devices")) {
+ return adb_connect_command("host:track-devices");
+ }
+
+
/* "adb /?" is a common idiom under Windows */
else if (!strcmp(argv[0], "help") || !strcmp(argv[0], "/?")) {
help();
diff --git a/adb/console.cpp b/adb/console.cpp
index 15c6abd..e9b90a5 100644
--- a/adb/console.cpp
+++ b/adb/console.cpp
@@ -26,6 +26,31 @@
#include "adb.h"
#include "adb_client.h"
#include "adb_io.h"
+#include "adb_utils.h"
+
+// Return the console authentication command for the emulator, if needed
+static std::string adb_construct_auth_command() {
+ static const char auth_token_filename[] = ".emulator_console_auth_token";
+
+ std::string auth_token_path = adb_get_homedir_path(false);
+ auth_token_path += OS_PATH_SEPARATOR;
+ auth_token_path += auth_token_filename;
+
+ // read the token
+ std::string token;
+ if (!android::base::ReadFileToString(auth_token_path, &token)
+ || token.empty()) {
+ // we either can't read the file, or it doesn't exist, or it's empty -
+ // either way we won't add any authentication command.
+ return {};
+ }
+
+ // now construct and return the actual command: "auth <token>\n"
+ std::string command = "auth ";
+ command += token;
+ command += '\n';
+ return command;
+}
// Return the console port of the currently connected emulator (if any) or -1 if
// there is no emulator, and -2 if there is more than one.
@@ -88,11 +113,11 @@
return 1;
}
- std::string commands;
+ std::string commands = adb_construct_auth_command();
for (int i = 1; i < argc; i++) {
commands.append(argv[i]);
- commands.append(i == argc - 1 ? "\n" : " ");
+ commands.push_back(i == argc - 1 ? '\n' : ' ');
}
commands.append("quit\n");
diff --git a/adb/daemon/main.cpp b/adb/daemon/main.cpp
index 7f40b96..916bedf 100644
--- a/adb/daemon/main.cpp
+++ b/adb/daemon/main.cpp
@@ -142,10 +142,8 @@
std::string error;
std::string local_name =
android::base::StringPrintf("tcp:%d", server_port);
- if (install_listener(local_name, "*smartsocket*", nullptr, 0,
- &error)) {
- LOG(FATAL) << "Could not install *smartsocket* listener: "
- << error;
+ if (install_listener(local_name, "*smartsocket*", nullptr, 0, nullptr, &error)) {
+ LOG(FATAL) << "Could not install *smartsocket* listener: " << error;
}
}
}
diff --git a/adb/mutex_list.h b/adb/mutex_list.h
index b59c9f2..4a188ee 100644
--- a/adb/mutex_list.h
+++ b/adb/mutex_list.h
@@ -8,7 +8,6 @@
#endif
ADB_MUTEX(basename_lock)
ADB_MUTEX(dirname_lock)
-ADB_MUTEX(socket_list_lock)
ADB_MUTEX(transport_lock)
#if ADB_HOST
ADB_MUTEX(local_transports_lock)
diff --git a/adb/shell_service.cpp b/adb/shell_service.cpp
index 3eeed34..e8dad58 100644
--- a/adb/shell_service.cpp
+++ b/adb/shell_service.cpp
@@ -136,14 +136,14 @@
}
// Creates a socketpair and saves the endpoints to |fd1| and |fd2|.
-bool CreateSocketpair(ScopedFd* fd1, ScopedFd* fd2) {
+bool CreateSocketpair(unique_fd* fd1, unique_fd* fd2) {
int sockets[2];
if (adb_socketpair(sockets) < 0) {
PLOG(ERROR) << "cannot create socket pair";
return false;
}
- fd1->Reset(sockets[0]);
- fd2->Reset(sockets[1]);
+ fd1->reset(sockets[0]);
+ fd2->reset(sockets[1]);
return true;
}
@@ -155,7 +155,7 @@
const std::string& command() const { return command_; }
- int local_socket_fd() const { return local_socket_sfd_.fd(); }
+ int local_socket_fd() const { return local_socket_sfd_; }
pid_t pid() const { return pid_; }
@@ -165,19 +165,19 @@
private:
// Opens the file at |pts_name|.
- int OpenPtyChildFd(const char* pts_name, ScopedFd* error_sfd);
+ int OpenPtyChildFd(const char* pts_name, unique_fd* error_sfd);
static void ThreadHandler(void* userdata);
void PassDataStreams();
void WaitForExit();
- ScopedFd* SelectLoop(fd_set* master_read_set_ptr,
- fd_set* master_write_set_ptr);
+ unique_fd* SelectLoop(fd_set* master_read_set_ptr,
+ fd_set* master_write_set_ptr);
// Input/output stream handlers. Success returns nullptr, failure returns
// a pointer to the failed FD.
- ScopedFd* PassInput();
- ScopedFd* PassOutput(ScopedFd* sfd, ShellProtocol::Id id);
+ unique_fd* PassInput();
+ unique_fd* PassOutput(unique_fd* sfd, ShellProtocol::Id id);
const std::string command_;
const std::string terminal_type_;
@@ -185,10 +185,10 @@
SubprocessType type_;
SubprocessProtocol protocol_;
pid_t pid_ = -1;
- ScopedFd local_socket_sfd_;
+ unique_fd local_socket_sfd_;
// Shell protocol variables.
- ScopedFd stdinout_sfd_, stderr_sfd_, protocol_sfd_;
+ unique_fd stdinout_sfd_, stderr_sfd_, protocol_sfd_;
std::unique_ptr<ShellProtocol> input_, output_;
size_t input_bytes_left_ = 0;
@@ -220,8 +220,8 @@
}
bool Subprocess::ForkAndExec(std::string* error) {
- ScopedFd child_stdinout_sfd, child_stderr_sfd;
- ScopedFd parent_error_sfd, child_error_sfd;
+ unique_fd child_stdinout_sfd, child_stderr_sfd;
+ unique_fd parent_error_sfd, child_error_sfd;
char pts_name[PATH_MAX];
if (command_.empty()) {
@@ -285,7 +285,7 @@
int fd;
pid_ = forkpty(&fd, pts_name, nullptr, nullptr);
if (pid_ > 0) {
- stdinout_sfd_.Reset(fd);
+ stdinout_sfd_.reset(fd);
}
} else {
if (!CreateSocketpair(&stdinout_sfd_, &child_stdinout_sfd)) {
@@ -313,40 +313,39 @@
init_subproc_child();
if (type_ == SubprocessType::kPty) {
- child_stdinout_sfd.Reset(OpenPtyChildFd(pts_name, &child_error_sfd));
+ child_stdinout_sfd.reset(OpenPtyChildFd(pts_name, &child_error_sfd));
}
- dup2(child_stdinout_sfd.fd(), STDIN_FILENO);
- dup2(child_stdinout_sfd.fd(), STDOUT_FILENO);
- dup2(child_stderr_sfd.valid() ? child_stderr_sfd.fd() : child_stdinout_sfd.fd(),
- STDERR_FILENO);
+ dup2(child_stdinout_sfd, STDIN_FILENO);
+ dup2(child_stdinout_sfd, STDOUT_FILENO);
+ dup2(child_stderr_sfd != -1 ? child_stderr_sfd : child_stdinout_sfd, STDERR_FILENO);
// exec doesn't trigger destructors, close the FDs manually.
- stdinout_sfd_.Reset();
- stderr_sfd_.Reset();
- child_stdinout_sfd.Reset();
- child_stderr_sfd.Reset();
- parent_error_sfd.Reset();
- close_on_exec(child_error_sfd.fd());
+ stdinout_sfd_.reset(-1);
+ stderr_sfd_.reset(-1);
+ child_stdinout_sfd.reset(-1);
+ child_stderr_sfd.reset(-1);
+ parent_error_sfd.reset(-1);
+ close_on_exec(child_error_sfd);
if (command_.empty()) {
execle(_PATH_BSHELL, _PATH_BSHELL, "-", nullptr, cenv.data());
} else {
execle(_PATH_BSHELL, _PATH_BSHELL, "-c", command_.c_str(), nullptr, cenv.data());
}
- WriteFdExactly(child_error_sfd.fd(), "exec '" _PATH_BSHELL "' failed: ");
- WriteFdExactly(child_error_sfd.fd(), strerror(errno));
- child_error_sfd.Reset();
+ WriteFdExactly(child_error_sfd, "exec '" _PATH_BSHELL "' failed: ");
+ WriteFdExactly(child_error_sfd, strerror(errno));
+ child_error_sfd.reset(-1);
_Exit(1);
}
// Subprocess parent.
D("subprocess parent: stdin/stdout FD = %d, stderr FD = %d",
- stdinout_sfd_.fd(), stderr_sfd_.fd());
+ stdinout_sfd_.get(), stderr_sfd_.get());
// Wait to make sure the subprocess exec'd without error.
- child_error_sfd.Reset();
- std::string error_message = ReadAll(parent_error_sfd.fd());
+ child_error_sfd.reset(-1);
+ std::string error_message = ReadAll(parent_error_sfd);
if (!error_message.empty()) {
*error = error_message;
return false;
@@ -356,7 +355,7 @@
if (protocol_ == SubprocessProtocol::kNone) {
// No protocol: all streams pass through the stdinout FD and hook
// directly into the local socket for raw data transfer.
- local_socket_sfd_.Reset(stdinout_sfd_.Release());
+ local_socket_sfd_.reset(stdinout_sfd_.release());
} else {
// Shell protocol: create another socketpair to intercept data.
if (!CreateSocketpair(&protocol_sfd_, &local_socket_sfd_)) {
@@ -365,10 +364,10 @@
kill(pid_, SIGKILL);
return false;
}
- D("protocol FD = %d", protocol_sfd_.fd());
+ D("protocol FD = %d", protocol_sfd_.get());
- input_.reset(new ShellProtocol(protocol_sfd_.fd()));
- output_.reset(new ShellProtocol(protocol_sfd_.fd()));
+ input_.reset(new ShellProtocol(protocol_sfd_));
+ output_.reset(new ShellProtocol(protocol_sfd_));
if (!input_ || !output_) {
*error = "failed to allocate shell protocol objects";
kill(pid_, SIGKILL);
@@ -379,7 +378,7 @@
// likely but could happen under unusual circumstances, such as if we
// write a ton of data to stdin but the subprocess never reads it and
// the pipe fills up.
- for (int fd : {stdinout_sfd_.fd(), stderr_sfd_.fd()}) {
+ for (int fd : {stdinout_sfd_.get(), stderr_sfd_.get()}) {
if (fd >= 0) {
if (!set_file_block_mode(fd, false)) {
*error = android::base::StringPrintf(
@@ -402,7 +401,7 @@
return true;
}
-int Subprocess::OpenPtyChildFd(const char* pts_name, ScopedFd* error_sfd) {
+int Subprocess::OpenPtyChildFd(const char* pts_name, unique_fd* error_sfd) {
int child_fd = adb_open(pts_name, O_RDWR | O_CLOEXEC);
if (child_fd == -1) {
// Don't use WriteFdFmt; since we're in the fork() child we don't want
@@ -410,26 +409,26 @@
const char* messages[] = {"child failed to open pseudo-term slave ",
pts_name, ": ", strerror(errno)};
for (const char* message : messages) {
- WriteFdExactly(error_sfd->fd(), message);
+ WriteFdExactly(*error_sfd, message);
}
- exit(-1);
+ abort();
}
if (make_pty_raw_) {
termios tattr;
if (tcgetattr(child_fd, &tattr) == -1) {
int saved_errno = errno;
- WriteFdExactly(error_sfd->fd(), "tcgetattr failed: ");
- WriteFdExactly(error_sfd->fd(), strerror(saved_errno));
- exit(-1);
+ WriteFdExactly(*error_sfd, "tcgetattr failed: ");
+ WriteFdExactly(*error_sfd, strerror(saved_errno));
+ abort();
}
cfmakeraw(&tattr);
if (tcsetattr(child_fd, TCSADRAIN, &tattr) == -1) {
int saved_errno = errno;
- WriteFdExactly(error_sfd->fd(), "tcsetattr failed: ");
- WriteFdExactly(error_sfd->fd(), strerror(saved_errno));
- exit(-1);
+ WriteFdExactly(*error_sfd, "tcsetattr failed: ");
+ WriteFdExactly(*error_sfd, strerror(saved_errno));
+ abort();
}
}
@@ -449,7 +448,7 @@
}
void Subprocess::PassDataStreams() {
- if (!protocol_sfd_.valid()) {
+ if (protocol_sfd_ == -1) {
return;
}
@@ -457,21 +456,20 @@
fd_set master_read_set, master_write_set;
FD_ZERO(&master_read_set);
FD_ZERO(&master_write_set);
- for (ScopedFd* sfd : {&protocol_sfd_, &stdinout_sfd_, &stderr_sfd_}) {
- if (sfd->valid()) {
- FD_SET(sfd->fd(), &master_read_set);
+ for (unique_fd* sfd : {&protocol_sfd_, &stdinout_sfd_, &stderr_sfd_}) {
+ if (*sfd != -1) {
+ FD_SET(*sfd, &master_read_set);
}
}
// Pass data until the protocol FD or both the subprocess pipes die, at
// which point we can't pass any more data.
- while (protocol_sfd_.valid() &&
- (stdinout_sfd_.valid() || stderr_sfd_.valid())) {
- ScopedFd* dead_sfd = SelectLoop(&master_read_set, &master_write_set);
+ while (protocol_sfd_ != -1 && (stdinout_sfd_ != -1 || stderr_sfd_ != -1)) {
+ unique_fd* dead_sfd = SelectLoop(&master_read_set, &master_write_set);
if (dead_sfd) {
- D("closing FD %d", dead_sfd->fd());
- FD_CLR(dead_sfd->fd(), &master_read_set);
- FD_CLR(dead_sfd->fd(), &master_write_set);
+ D("closing FD %d", dead_sfd->get());
+ FD_CLR(*dead_sfd, &master_read_set);
+ FD_CLR(*dead_sfd, &master_write_set);
if (dead_sfd == &protocol_sfd_) {
// Using SIGHUP is a decent general way to indicate that the
// controlling process is going away. If specific signals are
@@ -480,25 +478,24 @@
D("protocol FD died, sending SIGHUP to pid %d", pid_);
kill(pid_, SIGHUP);
}
- dead_sfd->Reset();
+ dead_sfd->reset(-1);
}
}
}
namespace {
-inline bool ValidAndInSet(const ScopedFd& sfd, fd_set* set) {
- return sfd.valid() && FD_ISSET(sfd.fd(), set);
+inline bool ValidAndInSet(const unique_fd& sfd, fd_set* set) {
+ return sfd != -1 && FD_ISSET(sfd, set);
}
} // namespace
-ScopedFd* Subprocess::SelectLoop(fd_set* master_read_set_ptr,
- fd_set* master_write_set_ptr) {
+unique_fd* Subprocess::SelectLoop(fd_set* master_read_set_ptr,
+ fd_set* master_write_set_ptr) {
fd_set read_set, write_set;
- int select_n = std::max(std::max(protocol_sfd_.fd(), stdinout_sfd_.fd()),
- stderr_sfd_.fd()) + 1;
- ScopedFd* dead_sfd = nullptr;
+ int select_n = std::max(std::max(protocol_sfd_, stdinout_sfd_), stderr_sfd_) + 1;
+ unique_fd* dead_sfd = nullptr;
// Keep calling select() and passing data until an FD closes/errors.
while (!dead_sfd) {
@@ -509,8 +506,8 @@
continue;
} else {
PLOG(ERROR) << "select failed, closing subprocess pipes";
- stdinout_sfd_.Reset();
- stderr_sfd_.Reset();
+ stdinout_sfd_.reset(-1);
+ stderr_sfd_.reset(-1);
return nullptr;
}
}
@@ -530,8 +527,8 @@
dead_sfd = PassInput();
// If we didn't finish writing, block on stdin write.
if (input_bytes_left_) {
- FD_CLR(protocol_sfd_.fd(), master_read_set_ptr);
- FD_SET(stdinout_sfd_.fd(), master_write_set_ptr);
+ FD_CLR(protocol_sfd_, master_read_set_ptr);
+ FD_SET(stdinout_sfd_, master_write_set_ptr);
}
}
@@ -540,8 +537,8 @@
dead_sfd = PassInput();
// If we finished writing, go back to blocking on protocol read.
if (!input_bytes_left_) {
- FD_SET(protocol_sfd_.fd(), master_read_set_ptr);
- FD_CLR(stdinout_sfd_.fd(), master_write_set_ptr);
+ FD_SET(protocol_sfd_, master_read_set_ptr);
+ FD_CLR(stdinout_sfd_, master_write_set_ptr);
}
}
} // while (!dead_sfd)
@@ -549,19 +546,18 @@
return dead_sfd;
}
-ScopedFd* Subprocess::PassInput() {
+unique_fd* Subprocess::PassInput() {
// Only read a new packet if we've finished writing the last one.
if (!input_bytes_left_) {
if (!input_->Read()) {
// Read() uses ReadFdExactly() which sets errno to 0 on EOF.
if (errno != 0) {
- PLOG(ERROR) << "error reading protocol FD "
- << protocol_sfd_.fd();
+ PLOG(ERROR) << "error reading protocol FD " << protocol_sfd_;
}
return &protocol_sfd_;
}
- if (stdinout_sfd_.valid()) {
+ if (stdinout_sfd_ != -1) {
switch (input_->id()) {
case ShellProtocol::kIdWindowSizeChange:
int rows, cols, x_pixels, y_pixels;
@@ -572,7 +568,7 @@
ws.ws_col = cols;
ws.ws_xpixel = x_pixels;
ws.ws_ypixel = y_pixels;
- ioctl(stdinout_sfd_.fd(), TIOCSWINSZ, &ws);
+ ioctl(stdinout_sfd_, TIOCSWINSZ, &ws);
}
break;
case ShellProtocol::kIdStdin:
@@ -580,11 +576,11 @@
break;
case ShellProtocol::kIdCloseStdin:
if (type_ == SubprocessType::kRaw) {
- if (adb_shutdown(stdinout_sfd_.fd(), SHUT_WR) == 0) {
+ if (adb_shutdown(stdinout_sfd_, SHUT_WR) == 0) {
return nullptr;
}
PLOG(ERROR) << "failed to shutdown writes to FD "
- << stdinout_sfd_.fd();
+ << stdinout_sfd_;
return &stdinout_sfd_;
} else {
// PTYs can't close just input, so rather than close the
@@ -593,7 +589,7 @@
// non-interactively which is rare and unsupported.
// If necessary, the client can manually close the shell
// with `exit` or by killing the adb client process.
- D("can't close input for PTY FD %d", stdinout_sfd_.fd());
+ D("can't close input for PTY FD %d", stdinout_sfd_.get());
}
break;
}
@@ -602,11 +598,10 @@
if (input_bytes_left_ > 0) {
int index = input_->data_length() - input_bytes_left_;
- int bytes = adb_write(stdinout_sfd_.fd(), input_->data() + index,
- input_bytes_left_);
+ int bytes = adb_write(stdinout_sfd_, input_->data() + index, input_bytes_left_);
if (bytes == 0 || (bytes < 0 && errno != EAGAIN)) {
if (bytes < 0) {
- PLOG(ERROR) << "error reading stdin FD " << stdinout_sfd_.fd();
+ PLOG(ERROR) << "error reading stdin FD " << stdinout_sfd_;
}
// stdin is done, mark this packet as finished and we'll just start
// dumping any further data received from the protocol FD.
@@ -620,20 +615,20 @@
return nullptr;
}
-ScopedFd* Subprocess::PassOutput(ScopedFd* sfd, ShellProtocol::Id id) {
- int bytes = adb_read(sfd->fd(), output_->data(), output_->data_capacity());
+unique_fd* Subprocess::PassOutput(unique_fd* sfd, ShellProtocol::Id id) {
+ int bytes = adb_read(*sfd, output_->data(), output_->data_capacity());
if (bytes == 0 || (bytes < 0 && errno != EAGAIN)) {
// read() returns EIO if a PTY closes; don't report this as an error,
// it just means the subprocess completed.
if (bytes < 0 && !(type_ == SubprocessType::kPty && errno == EIO)) {
- PLOG(ERROR) << "error reading output FD " << sfd->fd();
+ PLOG(ERROR) << "error reading output FD " << *sfd;
}
return sfd;
}
if (bytes > 0 && !output_->Write(id, bytes)) {
if (errno != 0) {
- PLOG(ERROR) << "error reading protocol FD " << protocol_sfd_.fd();
+ PLOG(ERROR) << "error reading protocol FD " << protocol_sfd_;
}
return &protocol_sfd_;
}
@@ -665,25 +660,25 @@
}
// If we have an open protocol FD send an exit packet.
- if (protocol_sfd_.valid()) {
+ if (protocol_sfd_ != -1) {
output_->data()[0] = exit_code;
if (output_->Write(ShellProtocol::kIdExit, 1)) {
D("wrote the exit code packet: %d", exit_code);
} else {
PLOG(ERROR) << "failed to write the exit code packet";
}
- protocol_sfd_.Reset();
+ protocol_sfd_.reset(-1);
}
// Pass the local socket FD to the shell cleanup fdevent.
if (SHELL_EXIT_NOTIFY_FD >= 0) {
- int fd = local_socket_sfd_.fd();
+ int fd = local_socket_sfd_;
if (WriteFdExactly(SHELL_EXIT_NOTIFY_FD, &fd, sizeof(fd))) {
D("passed fd %d to SHELL_EXIT_NOTIFY_FD (%d) for pid %d",
fd, SHELL_EXIT_NOTIFY_FD, pid_);
// The shell exit fdevent now owns the FD and will close it once
// the last bit of data flushes through.
- local_socket_sfd_.Release();
+ static_cast<void>(local_socket_sfd_.release());
} else {
PLOG(ERROR) << "failed to write fd " << fd
<< " to SHELL_EXIT_NOTIFY_FD (" << SHELL_EXIT_NOTIFY_FD
diff --git a/adb/sockets.cpp b/adb/sockets.cpp
index aecaba2..b2555d0 100644
--- a/adb/sockets.cpp
+++ b/adb/sockets.cpp
@@ -26,6 +26,7 @@
#include <unistd.h>
#include <algorithm>
+#include <mutex>
#include <string>
#include <vector>
@@ -35,17 +36,14 @@
#include "adb.h"
#include "adb_io.h"
+#include "sysdeps/mutex.h"
#include "transport.h"
-ADB_MUTEX_DEFINE( socket_list_lock );
-
-static void local_socket_close_locked(asocket *s);
-
+static std::recursive_mutex& local_socket_list_lock = *new std::recursive_mutex();
static unsigned local_socket_next_id = 1;
static asocket local_socket_list = {
- .next = &local_socket_list,
- .prev = &local_socket_list,
+ .next = &local_socket_list, .prev = &local_socket_list,
};
/* the the list of currently closing local sockets.
@@ -53,62 +51,53 @@
** write to their fd.
*/
static asocket local_socket_closing_list = {
- .next = &local_socket_closing_list,
- .prev = &local_socket_closing_list,
+ .next = &local_socket_closing_list, .prev = &local_socket_closing_list,
};
// Parse the global list of sockets to find one with id |local_id|.
// If |peer_id| is not 0, also check that it is connected to a peer
// with id |peer_id|. Returns an asocket handle on success, NULL on failure.
-asocket *find_local_socket(unsigned local_id, unsigned peer_id)
-{
- asocket *s;
- asocket *result = NULL;
+asocket* find_local_socket(unsigned local_id, unsigned peer_id) {
+ asocket* s;
+ asocket* result = NULL;
- adb_mutex_lock(&socket_list_lock);
+ std::lock_guard<std::recursive_mutex> lock(local_socket_list_lock);
for (s = local_socket_list.next; s != &local_socket_list; s = s->next) {
- if (s->id != local_id)
+ if (s->id != local_id) {
continue;
+ }
if (peer_id == 0 || (s->peer && s->peer->id == peer_id)) {
result = s;
}
break;
}
- adb_mutex_unlock(&socket_list_lock);
return result;
}
-static void
-insert_local_socket(asocket* s, asocket* list)
-{
- s->next = list;
- s->prev = s->next->prev;
+static void insert_local_socket(asocket* s, asocket* list) {
+ s->next = list;
+ s->prev = s->next->prev;
s->prev->next = s;
s->next->prev = s;
}
-
-void install_local_socket(asocket *s)
-{
- adb_mutex_lock(&socket_list_lock);
+void install_local_socket(asocket* s) {
+ std::lock_guard<std::recursive_mutex> lock(local_socket_list_lock);
s->id = local_socket_next_id++;
// Socket ids should never be 0.
- if (local_socket_next_id == 0)
- local_socket_next_id = 1;
+ if (local_socket_next_id == 0) {
+ fatal("local socket id overflow");
+ }
insert_local_socket(s, &local_socket_list);
-
- adb_mutex_unlock(&socket_list_lock);
}
-void remove_socket(asocket *s)
-{
+void remove_socket(asocket* s) {
// socket_list_lock should already be held
- if (s->prev && s->next)
- {
+ if (s->prev && s->next) {
s->prev->next = s->next;
s->next->prev = s->prev;
s->next = 0;
@@ -117,50 +106,47 @@
}
}
-void close_all_sockets(atransport *t)
-{
- asocket *s;
+void close_all_sockets(atransport* t) {
+ asocket* s;
- /* this is a little gross, but since s->close() *will* modify
- ** the list out from under you, your options are limited.
- */
- adb_mutex_lock(&socket_list_lock);
+ /* this is a little gross, but since s->close() *will* modify
+ ** the list out from under you, your options are limited.
+ */
+ std::lock_guard<std::recursive_mutex> lock(local_socket_list_lock);
restart:
- for(s = local_socket_list.next; s != &local_socket_list; s = s->next){
- if(s->transport == t || (s->peer && s->peer->transport == t)) {
- local_socket_close_locked(s);
+ for (s = local_socket_list.next; s != &local_socket_list; s = s->next) {
+ if (s->transport == t || (s->peer && s->peer->transport == t)) {
+ s->close(s);
goto restart;
}
}
- adb_mutex_unlock(&socket_list_lock);
}
-static int local_socket_enqueue(asocket *s, apacket *p)
-{
+static int local_socket_enqueue(asocket* s, apacket* p) {
D("LS(%d): enqueue %d", s->id, p->len);
p->ptr = p->data;
- /* if there is already data queue'd, we will receive
- ** events when it's time to write. just add this to
- ** the tail
- */
- if(s->pkt_first) {
+ /* if there is already data queue'd, we will receive
+ ** events when it's time to write. just add this to
+ ** the tail
+ */
+ if (s->pkt_first) {
goto enqueue;
}
- /* write as much as we can, until we
- ** would block or there is an error/eof
- */
- while(p->len > 0) {
+ /* write as much as we can, until we
+ ** would block or there is an error/eof
+ */
+ while (p->len > 0) {
int r = adb_write(s->fd, p->ptr, p->len);
- if(r > 0) {
+ if (r > 0) {
p->len -= r;
p->ptr += r;
continue;
}
- if((r == 0) || (errno != EAGAIN)) {
- D( "LS(%d): not ready, errno=%d: %s", s->id, errno, strerror(errno) );
+ if ((r == 0) || (errno != EAGAIN)) {
+ D("LS(%d): not ready, errno=%d: %s", s->id, errno, strerror(errno));
put_apacket(p);
s->has_write_error = true;
s->close(s);
@@ -170,55 +156,46 @@
}
}
- if(p->len == 0) {
+ if (p->len == 0) {
put_apacket(p);
return 0; /* ready for more data */
}
enqueue:
p->next = 0;
- if(s->pkt_first) {
+ if (s->pkt_first) {
s->pkt_last->next = p;
} else {
s->pkt_first = p;
}
s->pkt_last = p;
- /* make sure we are notified when we can drain the queue */
+ /* make sure we are notified when we can drain the queue */
fdevent_add(&s->fde, FDE_WRITE);
return 1; /* not ready (backlog) */
}
-static void local_socket_ready(asocket *s)
-{
+static void local_socket_ready(asocket* s) {
/* far side is ready for data, pay attention to
readable events */
fdevent_add(&s->fde, FDE_READ);
}
-static void local_socket_close(asocket *s)
-{
- adb_mutex_lock(&socket_list_lock);
- local_socket_close_locked(s);
- adb_mutex_unlock(&socket_list_lock);
-}
-
// be sure to hold the socket list lock when calling this
-static void local_socket_destroy(asocket *s)
-{
+static void local_socket_destroy(asocket* s) {
apacket *p, *n;
int exit_on_close = s->exit_on_close;
D("LS(%d): destroying fde.fd=%d", s->id, s->fde.fd);
- /* IMPORTANT: the remove closes the fd
- ** that belongs to this socket
- */
+ /* IMPORTANT: the remove closes the fd
+ ** that belongs to this socket
+ */
fdevent_remove(&s->fde);
- /* dispose of any unwritten data */
- for(p = s->pkt_first; p; p = n) {
+ /* dispose of any unwritten data */
+ for (p = s->pkt_first; p; p = n) {
D("LS(%d): discarding %d bytes", s->id, p->len);
n = p->next;
put_apacket(p);
@@ -232,41 +209,35 @@
}
}
-
-static void local_socket_close_locked(asocket *s)
-{
- D("entered local_socket_close_locked. LS(%d) fd=%d", s->id, s->fd);
- if(s->peer) {
- D("LS(%d): closing peer. peer->id=%d peer->fd=%d",
- s->id, s->peer->id, s->peer->fd);
+static void local_socket_close(asocket* s) {
+ D("entered local_socket_close. LS(%d) fd=%d", s->id, s->fd);
+ std::lock_guard<std::recursive_mutex> lock(local_socket_list_lock);
+ if (s->peer) {
+ D("LS(%d): closing peer. peer->id=%d peer->fd=%d", s->id, s->peer->id, s->peer->fd);
/* Note: it's important to call shutdown before disconnecting from
* the peer, this ensures that remote sockets can still get the id
* of the local socket they're connected to, to send a CLOSE()
* protocol event. */
- if (s->peer->shutdown)
- s->peer->shutdown(s->peer);
- s->peer->peer = 0;
- // tweak to avoid deadlock
- if (s->peer->close == local_socket_close) {
- local_socket_close_locked(s->peer);
- } else {
- s->peer->close(s->peer);
+ if (s->peer->shutdown) {
+ s->peer->shutdown(s->peer);
}
- s->peer = 0;
+ s->peer->peer = nullptr;
+ s->peer->close(s->peer);
+ s->peer = nullptr;
}
- /* If we are already closing, or if there are no
- ** pending packets, destroy immediately
- */
+ /* If we are already closing, or if there are no
+ ** pending packets, destroy immediately
+ */
if (s->closing || s->has_write_error || s->pkt_first == NULL) {
- int id = s->id;
+ int id = s->id;
local_socket_destroy(s);
D("LS(%d): closed", id);
return;
}
- /* otherwise, put on the closing list
- */
+ /* otherwise, put on the closing list
+ */
D("LS(%d): closing", s->id);
s->closing = 1;
fdevent_del(&s->fde, FDE_READ);
@@ -276,8 +247,7 @@
CHECK_EQ(FDE_WRITE, s->fde.state & FDE_WRITE);
}
-static void local_socket_event_func(int fd, unsigned ev, void* _s)
-{
+static void local_socket_event_func(int fd, unsigned ev, void* _s) {
asocket* s = reinterpret_cast<asocket*>(_s);
D("LS(%d): event_func(fd=%d(==%d), ev=%04x)", s->id, s->fd, fd, ev);
@@ -334,10 +304,9 @@
s->peer->ready(s->peer);
}
-
if (ev & FDE_READ) {
- apacket *p = get_apacket();
- unsigned char *x = p->data;
+ apacket* p = get_apacket();
+ unsigned char* x = p->data;
const size_t max_payload = s->get_max_payload();
size_t avail = max_payload;
int r = 0;
@@ -345,8 +314,8 @@
while (avail > 0) {
r = adb_read(fd, x, avail);
- D("LS(%d): post adb_read(fd=%d,...) r=%d (errno=%d) avail=%zu",
- s->id, s->fd, r, r < 0 ? errno : 0, avail);
+ D("LS(%d): post adb_read(fd=%d,...) r=%d (errno=%d) avail=%zu", s->id, s->fd, r,
+ r < 0 ? errno : 0, avail);
if (r == -1) {
if (errno == EAGAIN) {
break;
@@ -361,8 +330,8 @@
is_eof = 1;
break;
}
- D("LS(%d): fd=%d post avail loop. r=%d is_eof=%d forced_eof=%d",
- s->id, s->fd, r, is_eof, s->fde.force_eof);
+ D("LS(%d): fd=%d post avail loop. r=%d is_eof=%d forced_eof=%d", s->id, s->fd, r, is_eof,
+ s->fde.force_eof);
if ((avail == max_payload) || (s->peer == 0)) {
put_apacket(p);
} else {
@@ -376,48 +345,48 @@
D("LS(%u): fd=%d post peer->enqueue(). r=%d", saved_id, saved_fd, r);
if (r < 0) {
- /* error return means they closed us as a side-effect
- ** and we must return immediately.
- **
- ** note that if we still have buffered packets, the
- ** socket will be placed on the closing socket list.
- ** this handler function will be called again
- ** to process FDE_WRITE events.
- */
+ /* error return means they closed us as a side-effect
+ ** and we must return immediately.
+ **
+ ** note that if we still have buffered packets, the
+ ** socket will be placed on the closing socket list.
+ ** this handler function will be called again
+ ** to process FDE_WRITE events.
+ */
return;
}
if (r > 0) {
- /* if the remote cannot accept further events,
- ** we disable notification of READs. They'll
- ** be enabled again when we get a call to ready()
- */
+ /* if the remote cannot accept further events,
+ ** we disable notification of READs. They'll
+ ** be enabled again when we get a call to ready()
+ */
fdevent_del(&s->fde, FDE_READ);
}
}
/* Don't allow a forced eof if data is still there */
if ((s->fde.force_eof && !r) || is_eof) {
- D(" closing because is_eof=%d r=%d s->fde.force_eof=%d",
- is_eof, r, s->fde.force_eof);
+ D(" closing because is_eof=%d r=%d s->fde.force_eof=%d", is_eof, r, s->fde.force_eof);
s->close(s);
return;
}
}
- if (ev & FDE_ERROR){
- /* this should be caught be the next read or write
- ** catching it here means we may skip the last few
- ** bytes of readable data.
- */
+ if (ev & FDE_ERROR) {
+ /* this should be caught be the next read or write
+ ** catching it here means we may skip the last few
+ ** bytes of readable data.
+ */
D("LS(%d): FDE_ERROR (fd=%d)", s->id, s->fd);
return;
}
}
-asocket *create_local_socket(int fd)
-{
- asocket *s = reinterpret_cast<asocket*>(calloc(1, sizeof(asocket)));
- if (s == NULL) fatal("cannot allocate socket");
+asocket* create_local_socket(int fd) {
+ asocket* s = reinterpret_cast<asocket*>(calloc(1, sizeof(asocket)));
+ if (s == NULL) {
+ fatal("cannot allocate socket");
+ }
s->fd = fd;
s->enqueue = local_socket_enqueue;
s->ready = local_socket_ready;
@@ -430,32 +399,33 @@
return s;
}
-asocket *create_local_service_socket(const char *name,
- const atransport* transport)
-{
+asocket* create_local_service_socket(const char* name, const atransport* transport) {
#if !ADB_HOST
- if (!strcmp(name,"jdwp")) {
+ if (!strcmp(name, "jdwp")) {
return create_jdwp_service_socket();
}
- if (!strcmp(name,"track-jdwp")) {
+ if (!strcmp(name, "track-jdwp")) {
return create_jdwp_tracker_service_socket();
}
#endif
int fd = service_to_fd(name, transport);
- if(fd < 0) return 0;
+ if (fd < 0) {
+ return 0;
+ }
asocket* s = create_local_socket(fd);
D("LS(%d): bound to '%s' via %d", s->id, name, fd);
#if !ADB_HOST
char debug[PROPERTY_VALUE_MAX];
- if (!strncmp(name, "root:", 5))
+ if (!strncmp(name, "root:", 5)) {
property_get("ro.debuggable", debug, "");
+ }
- if ((!strncmp(name, "root:", 5) && getuid() != 0 && strcmp(debug, "1") == 0)
- || (!strncmp(name, "unroot:", 7) && getuid() == 0)
- || !strncmp(name, "usb:", 4)
- || !strncmp(name, "tcpip:", 6)) {
+ if ((!strncmp(name, "root:", 5) && getuid() != 0 && strcmp(debug, "1") == 0) ||
+ (!strncmp(name, "unroot:", 7) && getuid() == 0) ||
+ !strncmp(name, "usb:", 4) ||
+ !strncmp(name, "tcpip:", 6)) {
D("LS(%d): enabling exit_on_close", s->id);
s->exit_on_close = 1;
}
@@ -465,9 +435,8 @@
}
#if ADB_HOST
-static asocket *create_host_service_socket(const char *name, const char* serial)
-{
- asocket *s;
+static asocket* create_host_service_socket(const char* name, const char* serial) {
+ asocket* s;
s = host_service_to_socket(name, serial);
@@ -480,10 +449,8 @@
}
#endif /* ADB_HOST */
-static int remote_socket_enqueue(asocket *s, apacket *p)
-{
- D("entered remote_socket_enqueue RS(%d) WRITE fd=%d peer.fd=%d",
- s->id, s->fd, s->peer->fd);
+static int remote_socket_enqueue(asocket* s, apacket* p) {
+ D("entered remote_socket_enqueue RS(%d) WRITE fd=%d peer.fd=%d", s->id, s->fd, s->peer->fd);
p->msg.command = A_WRTE;
p->msg.arg0 = s->peer->id;
p->msg.arg1 = s->id;
@@ -492,40 +459,35 @@
return 1;
}
-static void remote_socket_ready(asocket *s)
-{
- D("entered remote_socket_ready RS(%d) OKAY fd=%d peer.fd=%d",
- s->id, s->fd, s->peer->fd);
- apacket *p = get_apacket();
+static void remote_socket_ready(asocket* s) {
+ D("entered remote_socket_ready RS(%d) OKAY fd=%d peer.fd=%d", s->id, s->fd, s->peer->fd);
+ apacket* p = get_apacket();
p->msg.command = A_OKAY;
p->msg.arg0 = s->peer->id;
p->msg.arg1 = s->id;
send_packet(p, s->transport);
}
-static void remote_socket_shutdown(asocket *s)
-{
- D("entered remote_socket_shutdown RS(%d) CLOSE fd=%d peer->fd=%d",
- s->id, s->fd, s->peer?s->peer->fd:-1);
- apacket *p = get_apacket();
+static void remote_socket_shutdown(asocket* s) {
+ D("entered remote_socket_shutdown RS(%d) CLOSE fd=%d peer->fd=%d", s->id, s->fd,
+ s->peer ? s->peer->fd : -1);
+ apacket* p = get_apacket();
p->msg.command = A_CLSE;
- if(s->peer) {
+ if (s->peer) {
p->msg.arg0 = s->peer->id;
}
p->msg.arg1 = s->id;
send_packet(p, s->transport);
}
-static void remote_socket_close(asocket *s)
-{
+static void remote_socket_close(asocket* s) {
if (s->peer) {
s->peer->peer = 0;
- D("RS(%d) peer->close()ing peer->id=%d peer->fd=%d",
- s->id, s->peer->id, s->peer->fd);
+ D("RS(%d) peer->close()ing peer->id=%d peer->fd=%d", s->id, s->peer->id, s->peer->fd);
s->peer->close(s->peer);
}
- D("entered remote_socket_close RS(%d) CLOSE fd=%d peer->fd=%d",
- s->id, s->fd, s->peer?s->peer->fd:-1);
+ D("entered remote_socket_close RS(%d) CLOSE fd=%d peer->fd=%d", s->id, s->fd,
+ s->peer ? s->peer->fd : -1);
D("RS(%d): closed", s->id);
free(s);
}
@@ -534,12 +496,15 @@
// |t|. Where |id| is the socket id of the corresponding service on the other
// side of the transport (it is allocated by the remote side and _cannot_ be 0).
// Returns a new non-NULL asocket handle.
-asocket *create_remote_socket(unsigned id, atransport *t)
-{
- if (id == 0) fatal("invalid remote socket id (0)");
+asocket* create_remote_socket(unsigned id, atransport* t) {
+ if (id == 0) {
+ fatal("invalid remote socket id (0)");
+ }
asocket* s = reinterpret_cast<asocket*>(calloc(1, sizeof(asocket)));
- if (s == NULL) fatal("cannot allocate socket");
+ if (s == NULL) {
+ fatal("cannot allocate socket");
+ }
s->id = id;
s->enqueue = remote_socket_enqueue;
s->ready = remote_socket_ready;
@@ -551,13 +516,12 @@
return s;
}
-void connect_to_remote(asocket *s, const char *destination)
-{
+void connect_to_remote(asocket* s, const char* destination) {
D("Connect_to_remote call RS(%d) fd=%d", s->id, s->fd);
- apacket *p = get_apacket();
+ apacket* p = get_apacket();
size_t len = strlen(destination) + 1;
- if(len > (s->get_max_payload()-1)) {
+ if (len > (s->get_max_payload() - 1)) {
fatal("destination oversized");
}
@@ -565,15 +529,13 @@
p->msg.command = A_OPEN;
p->msg.arg0 = s->id;
p->msg.data_length = len;
- strcpy((char*) p->data, destination);
+ strcpy((char*)p->data, destination);
send_packet(p, s->transport);
}
-
/* this is used by magic sockets to rig local sockets to
send the go-ahead message when they connect */
-static void local_socket_ready_notify(asocket *s)
-{
+static void local_socket_ready_notify(asocket* s) {
s->ready = local_socket_ready;
s->shutdown = NULL;
s->close = local_socket_close;
@@ -584,8 +546,7 @@
/* this is used by magic sockets to rig local sockets to
send the failure message if they are closed before
connected (to avoid closing them without a status message) */
-static void local_socket_close_notify(asocket *s)
-{
+static void local_socket_close_notify(asocket* s) {
s->ready = local_socket_ready;
s->shutdown = NULL;
s->close = local_socket_close;
@@ -593,28 +554,41 @@
s->close(s);
}
-static unsigned unhex(unsigned char *s, int len)
-{
+static unsigned unhex(unsigned char* s, int len) {
unsigned n = 0, c;
- while(len-- > 0) {
- switch((c = *s++)) {
- case '0': case '1': case '2':
- case '3': case '4': case '5':
- case '6': case '7': case '8':
- case '9':
- c -= '0';
- break;
- case 'a': case 'b': case 'c':
- case 'd': case 'e': case 'f':
- c = c - 'a' + 10;
- break;
- case 'A': case 'B': case 'C':
- case 'D': case 'E': case 'F':
- c = c - 'A' + 10;
- break;
- default:
- return 0xffffffff;
+ while (len-- > 0) {
+ switch ((c = *s++)) {
+ case '0':
+ case '1':
+ case '2':
+ case '3':
+ case '4':
+ case '5':
+ case '6':
+ case '7':
+ case '8':
+ case '9':
+ c -= '0';
+ break;
+ case 'a':
+ case 'b':
+ case 'c':
+ case 'd':
+ case 'e':
+ case 'f':
+ c = c - 'a' + 10;
+ break;
+ case 'A':
+ case 'B':
+ case 'C':
+ case 'D':
+ case 'E':
+ case 'F':
+ c = c - 'A' + 10;
+ break;
+ default:
+ return 0xffffffff;
}
n = (n << 4) | c;
@@ -671,31 +645,29 @@
} // namespace internal
-#endif // ADB_HOST
+#endif // ADB_HOST
-static int smart_socket_enqueue(asocket *s, apacket *p)
-{
+static int smart_socket_enqueue(asocket* s, apacket* p) {
unsigned len;
#if ADB_HOST
- char *service = nullptr;
+ char* service = nullptr;
char* serial = nullptr;
TransportType type = kTransportAny;
#endif
D("SS(%d): enqueue %d", s->id, p->len);
- if(s->pkt_first == 0) {
+ if (s->pkt_first == 0) {
s->pkt_first = p;
s->pkt_last = p;
} else {
- if((s->pkt_first->len + p->len) > s->get_max_payload()) {
+ if ((s->pkt_first->len + p->len) > s->get_max_payload()) {
D("SS(%d): overflow", s->id);
put_apacket(p);
goto fail;
}
- memcpy(s->pkt_first->data + s->pkt_first->len,
- p->data, p->len);
+ memcpy(s->pkt_first->data + s->pkt_first->len, p->data, p->len);
s->pkt_first->len += p->len;
put_apacket(p);
@@ -703,7 +675,9 @@
}
/* don't bother if we can't decode the length */
- if(p->len < 4) return 0;
+ if (p->len < 4) {
+ return 0;
+ }
len = unhex(p->data, 4);
if ((len < 1) || (len > MAX_PAYLOAD_V1)) {
@@ -711,27 +685,27 @@
goto fail;
}
- D("SS(%d): len is %d", s->id, len );
+ D("SS(%d): len is %d", s->id, len);
/* can't do anything until we have the full header */
- if((len + 4) > p->len) {
- D("SS(%d): waiting for %d more bytes", s->id, len+4 - p->len);
+ if ((len + 4) > p->len) {
+ D("SS(%d): waiting for %d more bytes", s->id, len + 4 - p->len);
return 0;
}
p->data[len + 4] = 0;
- D("SS(%d): '%s'", s->id, (char*) (p->data + 4));
+ D("SS(%d): '%s'", s->id, (char*)(p->data + 4));
#if ADB_HOST
- service = (char *)p->data + 4;
- if(!strncmp(service, "host-serial:", strlen("host-serial:"))) {
+ service = (char*)p->data + 4;
+ if (!strncmp(service, "host-serial:", strlen("host-serial:"))) {
char* serial_end;
service += strlen("host-serial:");
// serial number should follow "host:" and could be a host:port string.
serial_end = internal::skip_host_serial(service);
if (serial_end) {
- *serial_end = 0; // terminate string
+ *serial_end = 0; // terminate string
serial = service;
service = serial_end + 1;
}
@@ -749,42 +723,42 @@
}
if (service) {
- asocket *s2;
+ asocket* s2;
- /* some requests are handled immediately -- in that
- ** case the handle_host_request() routine has sent
- ** the OKAY or FAIL message and all we have to do
- ** is clean up.
- */
- if(handle_host_request(service, type, serial, s->peer->fd, s) == 0) {
- /* XXX fail message? */
- D( "SS(%d): handled host service '%s'", s->id, service );
+ /* some requests are handled immediately -- in that
+ ** case the handle_host_request() routine has sent
+ ** the OKAY or FAIL message and all we have to do
+ ** is clean up.
+ */
+ if (handle_host_request(service, type, serial, s->peer->fd, s) == 0) {
+ /* XXX fail message? */
+ D("SS(%d): handled host service '%s'", s->id, service);
goto fail;
}
if (!strncmp(service, "transport", strlen("transport"))) {
- D( "SS(%d): okay transport", s->id );
+ D("SS(%d): okay transport", s->id);
p->len = 0;
return 0;
}
- /* try to find a local service with this name.
- ** if no such service exists, we'll fail out
- ** and tear down here.
- */
+ /* try to find a local service with this name.
+ ** if no such service exists, we'll fail out
+ ** and tear down here.
+ */
s2 = create_host_service_socket(service, serial);
- if(s2 == 0) {
- D( "SS(%d): couldn't create host service '%s'", s->id, service );
+ if (s2 == 0) {
+ D("SS(%d): couldn't create host service '%s'", s->id, service);
SendFail(s->peer->fd, "unknown host service");
goto fail;
}
- /* we've connected to a local host service,
- ** so we make our peer back into a regular
- ** local socket and bind it to the new local
- ** service socket, acknowledge the successful
- ** connection, and close this smart socket now
- ** that its work is done.
- */
+ /* we've connected to a local host service,
+ ** so we make our peer back into a regular
+ ** local socket and bind it to the new local
+ ** service socket, acknowledge the successful
+ ** connection, and close this smart socket now
+ ** that its work is done.
+ */
SendOkay(s->peer->fd);
s->peer->ready = local_socket_ready;
@@ -793,10 +767,10 @@
s->peer->peer = s2;
s2->peer = s->peer;
s->peer = 0;
- D( "SS(%d): okay", s->id );
+ D("SS(%d): okay", s->id);
s->close(s);
- /* initial state is "ready" */
+ /* initial state is "ready" */
s2->ready(s2);
return 0;
}
@@ -811,53 +785,50 @@
}
#endif
- if(!(s->transport) || (s->transport->connection_state == kCsOffline)) {
- /* if there's no remote we fail the connection
- ** right here and terminate it
- */
+ if (!(s->transport) || (s->transport->connection_state == kCsOffline)) {
+ /* if there's no remote we fail the connection
+ ** right here and terminate it
+ */
SendFail(s->peer->fd, "device offline (x)");
goto fail;
}
-
- /* instrument our peer to pass the success or fail
- ** message back once it connects or closes, then
- ** detach from it, request the connection, and
- ** tear down
- */
+ /* instrument our peer to pass the success or fail
+ ** message back once it connects or closes, then
+ ** detach from it, request the connection, and
+ ** tear down
+ */
s->peer->ready = local_socket_ready_notify;
s->peer->shutdown = nullptr;
s->peer->close = local_socket_close_notify;
s->peer->peer = 0;
- /* give him our transport and upref it */
+ /* give him our transport and upref it */
s->peer->transport = s->transport;
- connect_to_remote(s->peer, (char*) (p->data + 4));
+ connect_to_remote(s->peer, (char*)(p->data + 4));
s->peer = 0;
s->close(s);
return 1;
fail:
- /* we're going to close our peer as a side-effect, so
- ** return -1 to signal that state to the local socket
- ** who is enqueueing against us
- */
+ /* we're going to close our peer as a side-effect, so
+ ** return -1 to signal that state to the local socket
+ ** who is enqueueing against us
+ */
s->close(s);
return -1;
}
-static void smart_socket_ready(asocket *s)
-{
+static void smart_socket_ready(asocket* s) {
D("SS(%d): ready", s->id);
}
-static void smart_socket_close(asocket *s)
-{
+static void smart_socket_close(asocket* s) {
D("SS(%d): closed", s->id);
- if(s->pkt_first){
+ if (s->pkt_first) {
put_apacket(s->pkt_first);
}
- if(s->peer) {
+ if (s->peer) {
s->peer->peer = 0;
s->peer->close(s->peer);
s->peer = 0;
@@ -865,10 +836,9 @@
free(s);
}
-static asocket *create_smart_socket(void)
-{
+static asocket* create_smart_socket(void) {
D("Creating smart socket");
- asocket *s = reinterpret_cast<asocket*>(calloc(1, sizeof(asocket)));
+ asocket* s = reinterpret_cast<asocket*>(calloc(1, sizeof(asocket)));
if (s == NULL) fatal("cannot allocate socket");
s->enqueue = smart_socket_enqueue;
s->ready = smart_socket_ready;
@@ -879,10 +849,9 @@
return s;
}
-void connect_to_smartsocket(asocket *s)
-{
+void connect_to_smartsocket(asocket* s) {
D("Connecting to smart socket");
- asocket *ss = create_smart_socket();
+ asocket* ss = create_smart_socket();
s->peer = ss;
ss->peer = s;
s->ready(s);
diff --git a/adb/sysdeps.h b/adb/sysdeps.h
index 81d201e..212c1c3 100644
--- a/adb/sysdeps.h
+++ b/adb/sysdeps.h
@@ -29,8 +29,9 @@
#include <string>
#include <vector>
-// Include this before open/unlink are defined as macros below.
+// Include this before open/close/unlink are defined as macros below.
#include <android-base/errors.h>
+#include <android-base/unique_fd.h>
#include <android-base/utf8.h>
/*
@@ -268,9 +269,6 @@
int unix_isatty(int fd);
#define isatty ___xxx_isatty
-/* normally provided by <cutils/misc.h> */
-extern void* load_file(const char* pathname, unsigned* psize);
-
static __inline__ void adb_sleep_ms( int mseconds )
{
Sleep( mseconds );
@@ -287,6 +285,9 @@
#undef accept
#define accept ___xxx_accept
+// Returns the local port number of a bound socket, or -1 on failure.
+int adb_socket_get_local_port(int fd);
+
extern int adb_setsockopt(int fd, int level, int optname, const void* optval, socklen_t optlen);
#undef setsockopt
@@ -454,7 +455,6 @@
#else /* !_WIN32 a.k.a. Unix */
-#include <cutils/misc.h>
#include <cutils/sockets.h>
#include <cutils/threads.h>
#include <fcntl.h>
@@ -691,6 +691,10 @@
#undef accept
#define accept ___xxx_accept
+inline int adb_socket_get_local_port(int fd) {
+ return socket_get_local_port(fd);
+}
+
// Operate on a file descriptor returned from unix_open() or a well-known file
// descriptor such as STDIN_FILENO, STDOUT_FILENO, STDERR_FILENO.
//
diff --git a/adb/sysdeps/condition_variable.h b/adb/sysdeps/condition_variable.h
new file mode 100644
index 0000000..117cd40
--- /dev/null
+++ b/adb/sysdeps/condition_variable.h
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <condition_variable>
+
+#include "sysdeps/mutex.h"
+
+#if defined(_WIN32)
+
+#include <windows.h>
+
+#include <android-base/macros.h>
+
+// The prebuilt version of mingw we use doesn't support condition_variable.
+// Therefore, implement our own using the Windows primitives.
+// Put them directly into the std namespace, so that when they're actually available, the build
+// breaks until they're removed.
+
+namespace std {
+
+class condition_variable {
+ public:
+ condition_variable() {
+ InitializeConditionVariable(&cond_);
+ }
+
+ void wait(std::unique_lock<std::mutex>& lock) {
+ std::mutex *m = lock.mutex();
+ m->lock_count_--;
+ SleepConditionVariableCS(&cond_, m->native_handle(), INFINITE);
+ m->lock_count_++;
+ }
+
+ void notify_one() {
+ WakeConditionVariable(&cond_);
+ }
+
+ private:
+ CONDITION_VARIABLE cond_;
+
+ DISALLOW_COPY_AND_ASSIGN(condition_variable);
+};
+
+}
+
+#endif // defined(_WIN32)
diff --git a/adb/sysdeps/mutex.h b/adb/sysdeps/mutex.h
new file mode 100644
index 0000000..226f7f1
--- /dev/null
+++ b/adb/sysdeps/mutex.h
@@ -0,0 +1,120 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+#if defined(_WIN32)
+
+#include <windows.h>
+
+#include <android-base/macros.h>
+
+#include "adb.h"
+
+// The prebuilt version of mingw we use doesn't support mutex or recursive_mutex.
+// Therefore, implement our own using the Windows primitives.
+// Put them directly into the std namespace, so that when they're actually available, the build
+// breaks until they're removed.
+
+#include <mutex>
+namespace std {
+
+// CRITICAL_SECTION is recursive, so just wrap it in a Mutex-compatible class.
+class recursive_mutex {
+ public:
+ typedef CRITICAL_SECTION* native_handle_type;
+
+ recursive_mutex() {
+ InitializeCriticalSection(&cs_);
+ }
+
+ ~recursive_mutex() {
+ DeleteCriticalSection(&cs_);
+ }
+
+ void lock() {
+ EnterCriticalSection(&cs_);
+ }
+
+ bool try_lock() {
+ return TryEnterCriticalSection(&cs_);
+ }
+
+ void unlock() {
+ LeaveCriticalSection(&cs_);
+ }
+
+ native_handle_type native_handle() {
+ return &cs_;
+ }
+
+ private:
+ CRITICAL_SECTION cs_;
+
+ DISALLOW_COPY_AND_ASSIGN(recursive_mutex);
+};
+
+class mutex {
+ public:
+ typedef CRITICAL_SECTION* native_handle_type;
+
+ mutex() {
+ }
+
+ ~mutex() {
+ }
+
+ void lock() {
+ mutex_.lock();
+ if (++lock_count_ != 1) {
+ fatal("non-recursive mutex locked reentrantly");
+ }
+ }
+
+ void unlock() {
+ if (--lock_count_ != 0) {
+ fatal("non-recursive mutex unlock resulted in unexpected lock count: %d", lock_count_);
+ }
+ mutex_.unlock();
+ }
+
+ bool try_lock() {
+ if (!mutex_.try_lock()) {
+ return false;
+ }
+
+ if (lock_count_ != 0) {
+ mutex_.unlock();
+ return false;
+ }
+
+ ++lock_count_;
+ return true;
+ }
+
+ native_handle_type native_handle() {
+ return mutex_.native_handle();
+ }
+
+ private:
+ recursive_mutex mutex_;
+ size_t lock_count_ = 0;
+
+ friend class condition_variable;
+};
+
+}
+
+#endif // defined(_WIN32)
diff --git a/adb/sysdeps_test.cpp b/adb/sysdeps_test.cpp
index fde344a..740f283 100644
--- a/adb/sysdeps_test.cpp
+++ b/adb/sysdeps_test.cpp
@@ -20,6 +20,8 @@
#include "adb_io.h"
#include "sysdeps.h"
+#include "sysdeps/condition_variable.h"
+#include "sysdeps/mutex.h"
static void increment_atomic_int(void* c) {
sleep(1);
@@ -244,3 +246,77 @@
adb_close(fd);
}
}
+
+TEST(sysdeps_mutex, mutex_smoke) {
+ static std::atomic<bool> finished(false);
+ static std::mutex &m = *new std::mutex();
+ m.lock();
+ ASSERT_FALSE(m.try_lock());
+ adb_thread_create([](void*) {
+ ASSERT_FALSE(m.try_lock());
+ m.lock();
+ finished.store(true);
+ adb_sleep_ms(200);
+ m.unlock();
+ }, nullptr);
+
+ ASSERT_FALSE(finished.load());
+ adb_sleep_ms(100);
+ ASSERT_FALSE(finished.load());
+ m.unlock();
+ adb_sleep_ms(100);
+ m.lock();
+ ASSERT_TRUE(finished.load());
+ m.unlock();
+}
+
+// Our implementation on Windows aborts on double lock.
+#if defined(_WIN32)
+TEST(sysdeps_mutex, mutex_reentrant_lock) {
+ std::mutex &m = *new std::mutex();
+
+ m.lock();
+ ASSERT_FALSE(m.try_lock());
+ EXPECT_DEATH(m.lock(), "non-recursive mutex locked reentrantly");
+}
+#endif
+
+TEST(sysdeps_mutex, recursive_mutex_smoke) {
+ static std::recursive_mutex &m = *new std::recursive_mutex();
+
+ m.lock();
+ ASSERT_TRUE(m.try_lock());
+ m.unlock();
+
+ adb_thread_create([](void*) {
+ ASSERT_FALSE(m.try_lock());
+ m.lock();
+ adb_sleep_ms(500);
+ m.unlock();
+ }, nullptr);
+
+ adb_sleep_ms(100);
+ m.unlock();
+ adb_sleep_ms(100);
+ ASSERT_FALSE(m.try_lock());
+ m.lock();
+ m.unlock();
+}
+
+TEST(sysdeps_condition_variable, smoke) {
+ static std::mutex &m = *new std::mutex;
+ static std::condition_variable &cond = *new std::condition_variable;
+ static volatile bool flag = false;
+
+ std::unique_lock<std::mutex> lock(m);
+ adb_thread_create([](void*) {
+ m.lock();
+ flag = true;
+ cond.notify_one();
+ m.unlock();
+ }, nullptr);
+
+ while (!flag) {
+ cond.wait(lock);
+ }
+}
diff --git a/adb/sysdeps_win32.cpp b/adb/sysdeps_win32.cpp
index bc09fdc..f94d6fc 100644
--- a/adb/sysdeps_win32.cpp
+++ b/adb/sysdeps_win32.cpp
@@ -110,62 +110,6 @@
/**************************************************************************/
/**************************************************************************/
/***** *****/
-/***** replaces libs/cutils/load_file.c *****/
-/***** *****/
-/**************************************************************************/
-/**************************************************************************/
-
-void *load_file(const char *fn, unsigned *_sz)
-{
- HANDLE file;
- char *data;
- DWORD file_size;
-
- std::wstring fn_wide;
- if (!android::base::UTF8ToWide(fn, &fn_wide))
- return NULL;
-
- file = CreateFileW( fn_wide.c_str(),
- GENERIC_READ,
- FILE_SHARE_READ,
- NULL,
- OPEN_EXISTING,
- 0,
- NULL );
-
- if (file == INVALID_HANDLE_VALUE)
- return NULL;
-
- file_size = GetFileSize( file, NULL );
- data = NULL;
-
- if (file_size > 0) {
- data = (char*) malloc( file_size + 1 );
- if (data == NULL) {
- D("load_file: could not allocate %ld bytes", file_size );
- file_size = 0;
- } else {
- DWORD out_bytes;
-
- if ( !ReadFile( file, data, file_size, &out_bytes, NULL ) ||
- out_bytes != file_size )
- {
- D("load_file: could not read %ld bytes from '%s'", file_size, fn);
- free(data);
- data = NULL;
- file_size = 0;
- }
- }
- }
- CloseHandle( file );
-
- *_sz = (unsigned) file_size;
- return data;
-}
-
-/**************************************************************************/
-/**************************************************************************/
-/***** *****/
/***** common file descriptor handling *****/
/***** *****/
/**************************************************************************/
@@ -1128,6 +1072,24 @@
return result;
}
+int adb_socket_get_local_port(int fd) {
+ sockaddr_storage addr_storage;
+ socklen_t addr_len = sizeof(addr_storage);
+
+ if (adb_getsockname(fd, reinterpret_cast<sockaddr*>(&addr_storage), &addr_len) < 0) {
+ D("adb_socket_get_local_port: adb_getsockname failed: %s", strerror(errno));
+ return -1;
+ }
+
+ if (!(addr_storage.ss_family == AF_INET || addr_storage.ss_family == AF_INET6)) {
+ D("adb_socket_get_local_port: unknown address family received: %d", addr_storage.ss_family);
+ errno = ECONNABORTED;
+ return -1;
+ }
+
+ return ntohs(reinterpret_cast<sockaddr_in*>(&addr_storage)->sin_port);
+}
+
int adb_shutdown(int fd)
{
FH f = _fh_from_int(fd, __func__);
@@ -1154,9 +1116,7 @@
int server = -1;
int client = -1;
int accepted = -1;
- sockaddr_storage addr_storage;
- socklen_t addr_len = sizeof(addr_storage);
- sockaddr_in* addr = nullptr;
+ int local_port = -1;
std::string error;
server = network_loopback_server(0, SOCK_STREAM, &error);
@@ -1165,20 +1125,14 @@
goto fail;
}
- if (adb_getsockname(server, reinterpret_cast<sockaddr*>(&addr_storage), &addr_len) < 0) {
- D("adb_socketpair: adb_getsockname failed: %s", strerror(errno));
+ local_port = adb_socket_get_local_port(server);
+ if (local_port < 0) {
+ D("adb_socketpair: failed to get server port number: %s", error.c_str());
goto fail;
}
+ D("adb_socketpair: bound on port %d", local_port);
- if (addr_storage.ss_family != AF_INET) {
- D("adb_socketpair: unknown address family received: %d", addr_storage.ss_family);
- errno = ECONNABORTED;
- goto fail;
- }
-
- addr = reinterpret_cast<sockaddr_in*>(&addr_storage);
- D("adb_socketpair: bound on port %d", ntohs(addr->sin_port));
- client = network_loopback_client(ntohs(addr->sin_port), SOCK_STREAM, &error);
+ client = network_loopback_client(local_port, SOCK_STREAM, &error);
if (client < 0) {
D("adb_socketpair: failed to connect client: %s", error.c_str());
goto fail;
diff --git a/adb/test_device.py b/adb/test_device.py
index 2a3be88..cdc57c6 100644
--- a/adb/test_device.py
+++ b/adb/test_device.py
@@ -191,6 +191,22 @@
msg = self.device.forward_list()
self.assertEqual('', msg.strip())
+ def test_forward_tcp_port_0(self):
+ self.assertEqual('', self.device.forward_list().strip(),
+ 'Forwarding list must be empty to run this test.')
+
+ try:
+ # If resolving TCP port 0 is supported, `adb forward` will print
+ # the actual port number.
+ port = self.device.forward('tcp:0', 'tcp:8888').strip()
+ if not port:
+ raise unittest.SkipTest('Forwarding tcp:0 is not available.')
+
+ self.assertTrue(re.search(r'tcp:{}.+tcp:8888'.format(port),
+ self.device.forward_list()))
+ finally:
+ self.device.forward_remove_all()
+
def test_reverse(self):
msg = self.device.reverse_list()
self.assertEqual('', msg.strip(),
@@ -210,6 +226,22 @@
msg = self.device.reverse_list()
self.assertEqual('', msg.strip())
+ def test_reverse_tcp_port_0(self):
+ self.assertEqual('', self.device.reverse_list().strip(),
+ 'Reverse list must be empty to run this test.')
+
+ try:
+ # If resolving TCP port 0 is supported, `adb reverse` will print
+ # the actual port number.
+ port = self.device.reverse('tcp:0', 'tcp:8888').strip()
+ if not port:
+ raise unittest.SkipTest('Reversing tcp:0 is not available.')
+
+ self.assertTrue(re.search(r'tcp:{}.+tcp:8888'.format(port),
+ self.device.reverse_list()))
+ finally:
+ self.device.reverse_remove_all()
+
# Note: If you run this test when adb connect'd to a physical device over
# TCP, it will fail in adb reverse due to https://code.google.com/p/android/issues/detail?id=189821
def test_forward_reverse_echo(self):
diff --git a/adb/test_track_devices.cpp b/adb/test_track_devices.cpp
deleted file mode 100644
index b10f8ee..0000000
--- a/adb/test_track_devices.cpp
+++ /dev/null
@@ -1,69 +0,0 @@
-// TODO: replace this with a shell/python script.
-
-/* a simple test program, connects to ADB server, and opens a track-devices session */
-#include <errno.h>
-#include <memory.h>
-#include <netdb.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/socket.h>
-#include <unistd.h>
-
-#include <android-base/file.h>
-
-static void
-panic( const char* msg )
-{
- fprintf(stderr, "PANIC: %s: %s\n", msg, strerror(errno));
- exit(1);
-}
-
-int main(int argc, char* argv[]) {
- const char* request = "host:track-devices";
-
- if (argv[1] && strcmp(argv[1], "--jdwp") == 0) {
- request = "track-jdwp";
- }
-
- int ret;
- struct sockaddr_in server;
- char buffer[1024];
-
- memset( &server, 0, sizeof(server) );
- server.sin_family = AF_INET;
- server.sin_port = htons(5037);
- server.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
-
- int s = socket( PF_INET, SOCK_STREAM, 0 );
- ret = connect( s, (struct sockaddr*) &server, sizeof(server) );
- if (ret < 0) panic( "could not connect to server" );
-
- /* send the request */
- int len = snprintf(buffer, sizeof(buffer), "%04zx%s", strlen(request), request);
- if (!android::base::WriteFully(s, buffer, len))
- panic( "could not send request" );
-
- /* read the OKAY answer */
- if (!android::base::ReadFully(s, buffer, 4))
- panic( "could not read request" );
-
- printf( "server answer: %.*s\n", 4, buffer );
-
- /* now loop */
- while (true) {
- char head[5] = "0000";
-
- if (!android::base::ReadFully(s, head, 4))
- panic("could not read length");
-
- int len;
- if (sscanf(head, "%04x", &len) != 1 )
- panic("could not decode length");
-
- if (!android::base::ReadFully(s, buffer, len))
- panic("could not read data");
-
- printf( "received header %.*s (%d bytes):\n%.*s----\n", 4, head, len, len, buffer );
- }
- close(s);
-}
diff --git a/adb/transport.cpp b/adb/transport.cpp
index 55082a5..65b05b8 100644
--- a/adb/transport.cpp
+++ b/adb/transport.cpp
@@ -952,6 +952,8 @@
for (const auto& transport : pending_list) {
if (transport->serial && strcmp(serial, transport->serial) == 0) {
adb_mutex_unlock(&transport_lock);
+ VLOG(TRANSPORT) << "socket transport " << transport->serial
+ << " is already in pending_list and fails to register";
delete t;
return -1;
}
@@ -960,6 +962,8 @@
for (const auto& transport : transport_list) {
if (transport->serial && strcmp(serial, transport->serial) == 0) {
adb_mutex_unlock(&transport_lock);
+ VLOG(TRANSPORT) << "socket transport " << transport->serial
+ << " is already in transport_list and fails to register";
delete t;
return -1;
}
@@ -992,8 +996,7 @@
void kick_all_tcp_devices() {
adb_mutex_lock(&transport_lock);
for (auto& t : transport_list) {
- // TCP/IP devices have adb_port == 0.
- if (t->type == kTransportLocal && t->adb_port == 0) {
+ if (t->IsTcpDevice()) {
// Kicking breaks the read_transport thread of this transport out of any read, then
// the read_transport thread will notify the main thread to make this transport
// offline. Then the main thread will notify the write_transport thread to exit.
diff --git a/adb/transport.h b/adb/transport.h
index 35d7b50..46d472b 100644
--- a/adb/transport.h
+++ b/adb/transport.h
@@ -87,7 +87,22 @@
char* model = nullptr;
char* device = nullptr;
char* devpath = nullptr;
- int adb_port = -1; // Use for emulators (local transport)
+ void SetLocalPortForEmulator(int port) {
+ CHECK_EQ(local_port_for_emulator_, -1);
+ local_port_for_emulator_ = port;
+ }
+
+ bool GetLocalPortForEmulator(int* port) const {
+ if (type == kTransportLocal && local_port_for_emulator_ != -1) {
+ *port = local_port_for_emulator_;
+ return true;
+ }
+ return false;
+ }
+
+ bool IsTcpDevice() const {
+ return type == kTransportLocal && local_port_for_emulator_ == -1;
+ }
void* key = nullptr;
unsigned char token[TOKEN_SIZE] = {};
@@ -128,6 +143,7 @@
bool MatchesTarget(const std::string& target) const;
private:
+ int local_port_for_emulator_ = -1;
bool kicked_ = false;
void (*kick_func_)(atransport*) = nullptr;
diff --git a/adb/transport_local.cpp b/adb/transport_local.cpp
index 4121f47..31b5ad6 100644
--- a/adb/transport_local.cpp
+++ b/adb/transport_local.cpp
@@ -17,6 +17,8 @@
#define TRACE_TAG TRANSPORT
#include "sysdeps.h"
+#include "sysdeps/condition_variable.h"
+#include "sysdeps/mutex.h"
#include "transport.h"
#include <errno.h>
@@ -25,6 +27,8 @@
#include <string.h>
#include <sys/types.h>
+#include <vector>
+
#include <android-base/stringprintf.h>
#include <cutils/sockets.h>
@@ -85,9 +89,9 @@
return 0;
}
-void local_connect(int port) {
+bool local_connect(int port) {
std::string dummy;
- local_connect_arbitrary_ports(port-1, port, &dummy);
+ return local_connect_arbitrary_ports(port-1, port, &dummy) == 0;
}
int local_connect_arbitrary_ports(int console_port, int adb_port, std::string* error) {
@@ -121,18 +125,71 @@
}
#if ADB_HOST
+
+static void PollAllLocalPortsForEmulator() {
+ int port = DEFAULT_ADB_LOCAL_TRANSPORT_PORT;
+ int count = ADB_LOCAL_TRANSPORT_MAX;
+
+ // Try to connect to any number of running emulator instances.
+ for ( ; count > 0; count--, port += 2 ) {
+ local_connect(port);
+ }
+}
+
+// Retry the disconnected local port for 60 times, and sleep 1 second between two retries.
+constexpr uint32_t LOCAL_PORT_RETRY_COUNT = 60;
+constexpr uint32_t LOCAL_PORT_RETRY_INTERVAL_IN_MS = 1000;
+
+struct RetryPort {
+ int port;
+ uint32_t retry_count;
+};
+
+// Retry emulators just kicked.
+static std::vector<RetryPort>& retry_ports = *new std::vector<RetryPort>;
+std::mutex &retry_ports_lock = *new std::mutex;
+std::condition_variable &retry_ports_cond = *new std::condition_variable;
+
static void client_socket_thread(void* x) {
adb_thread_setname("client_socket_thread");
D("transport: client_socket_thread() starting");
+ PollAllLocalPortsForEmulator();
while (true) {
- int port = DEFAULT_ADB_LOCAL_TRANSPORT_PORT;
- int count = ADB_LOCAL_TRANSPORT_MAX;
-
- // Try to connect to any number of running emulator instances.
- for ( ; count > 0; count--, port += 2 ) {
- local_connect(port);
+ std::vector<RetryPort> ports;
+ // Collect retry ports.
+ {
+ std::unique_lock<std::mutex> lock(retry_ports_lock);
+ while (retry_ports.empty()) {
+ retry_ports_cond.wait(lock);
+ }
+ retry_ports.swap(ports);
}
- sleep(1);
+ // Sleep here instead of the end of loop, because if we immediately try to reconnect
+ // the emulator just kicked, the adbd on the emulator may not have time to remove the
+ // just kicked transport.
+ adb_sleep_ms(LOCAL_PORT_RETRY_INTERVAL_IN_MS);
+
+ // Try connecting retry ports.
+ std::vector<RetryPort> next_ports;
+ for (auto& port : ports) {
+ VLOG(TRANSPORT) << "retry port " << port.port << ", last retry_count "
+ << port.retry_count;
+ if (local_connect(port.port)) {
+ VLOG(TRANSPORT) << "retry port " << port.port << " successfully";
+ continue;
+ }
+ if (--port.retry_count > 0) {
+ next_ports.push_back(port);
+ } else {
+ VLOG(TRANSPORT) << "stop retrying port " << port.port;
+ }
+ }
+
+ // Copy back left retry ports.
+ {
+ std::unique_lock<std::mutex> lock(retry_ports_lock);
+ retry_ports.insert(retry_ports.end(), next_ports.begin(), next_ports.end());
+ }
}
}
@@ -167,7 +224,9 @@
D("server: new connection on fd %d", fd);
close_on_exec(fd);
disable_tcp_nagle(fd);
- register_socket_transport(fd, "host", port, 1);
+ if (register_socket_transport(fd, "host", port, 1) != 0) {
+ adb_close(fd);
+ }
}
}
D("transport: server_socket_thread() exiting");
@@ -261,8 +320,8 @@
/* Host is connected. Register the transport, and start the
* exchange. */
std::string serial = android::base::StringPrintf("host-%d", fd);
- register_socket_transport(fd, serial.c_str(), port, 1);
- if (!WriteFdExactly(fd, _start_req, strlen(_start_req))) {
+ if (register_socket_transport(fd, serial.c_str(), port, 1) != 0 ||
+ !WriteFdExactly(fd, _start_req, strlen(_start_req))) {
adb_close(fd);
}
}
@@ -339,17 +398,32 @@
t->sfd = -1;
adb_close(fd);
}
+#if ADB_HOST
+ int local_port;
+ if (t->GetLocalPortForEmulator(&local_port)) {
+ VLOG(TRANSPORT) << "remote_close, local_port = " << local_port;
+ std::unique_lock<std::mutex> lock(retry_ports_lock);
+ RetryPort port;
+ port.port = local_port;
+ port.retry_count = LOCAL_PORT_RETRY_COUNT;
+ retry_ports.push_back(port);
+ retry_ports_cond.notify_one();
+ }
+#endif
}
#if ADB_HOST
/* Only call this function if you already hold local_transports_lock. */
-atransport* find_emulator_transport_by_adb_port_locked(int adb_port)
+static atransport* find_emulator_transport_by_adb_port_locked(int adb_port)
{
int i;
for (i = 0; i < ADB_LOCAL_TRANSPORT_MAX; i++) {
- if (local_transports[i] && local_transports[i]->adb_port == adb_port) {
- return local_transports[i];
+ int local_port;
+ if (local_transports[i] && local_transports[i]->GetLocalPortForEmulator(&local_port)) {
+ if (local_port == adb_port) {
+ return local_transports[i];
+ }
}
}
return NULL;
@@ -396,13 +470,12 @@
t->sync_token = 1;
t->connection_state = kCsOffline;
t->type = kTransportLocal;
- t->adb_port = 0;
#if ADB_HOST
if (local) {
adb_mutex_lock( &local_transports_lock );
{
- t->adb_port = adb_port;
+ t->SetLocalPortForEmulator(adb_port);
atransport* existing_transport =
find_emulator_transport_by_adb_port_locked(adb_port);
int index = get_available_local_transport_index_locked();
diff --git a/adb/usb_linux_client.cpp b/adb/usb_linux_client.cpp
index 0ba6b4b..c10b48c 100644
--- a/adb/usb_linux_client.cpp
+++ b/adb/usb_linux_client.cpp
@@ -400,35 +400,33 @@
v2_descriptor.os_header = os_desc_header;
v2_descriptor.os_desc = os_desc_compat;
- if (h->control < 0) { // might have already done this before
- D("OPENING %s", USB_FFS_ADB_EP0);
- h->control = adb_open(USB_FFS_ADB_EP0, O_RDWR);
- if (h->control < 0) {
- D("[ %s: cannot open control endpoint: errno=%d]", USB_FFS_ADB_EP0, errno);
+ D("OPENING %s", USB_FFS_ADB_EP0);
+ h->control = adb_open(USB_FFS_ADB_EP0, O_RDWR);
+ if (h->control < 0) {
+ D("[ %s: cannot open control endpoint: errno=%d]", USB_FFS_ADB_EP0, errno);
+ goto err;
+ }
+
+ ret = adb_write(h->control, &v2_descriptor, sizeof(v2_descriptor));
+ if (ret < 0) {
+ v1_descriptor.header.magic = cpu_to_le32(FUNCTIONFS_DESCRIPTORS_MAGIC);
+ v1_descriptor.header.length = cpu_to_le32(sizeof(v1_descriptor));
+ v1_descriptor.header.fs_count = 3;
+ v1_descriptor.header.hs_count = 3;
+ v1_descriptor.fs_descs = fs_descriptors;
+ v1_descriptor.hs_descs = hs_descriptors;
+ D("[ %s: Switching to V1_descriptor format errno=%d ]", USB_FFS_ADB_EP0, errno);
+ ret = adb_write(h->control, &v1_descriptor, sizeof(v1_descriptor));
+ if (ret < 0) {
+ D("[ %s: write descriptors failed: errno=%d ]", USB_FFS_ADB_EP0, errno);
goto err;
}
+ }
- ret = adb_write(h->control, &v2_descriptor, sizeof(v2_descriptor));
- if (ret < 0) {
- v1_descriptor.header.magic = cpu_to_le32(FUNCTIONFS_DESCRIPTORS_MAGIC);
- v1_descriptor.header.length = cpu_to_le32(sizeof(v1_descriptor));
- v1_descriptor.header.fs_count = 3;
- v1_descriptor.header.hs_count = 3;
- v1_descriptor.fs_descs = fs_descriptors;
- v1_descriptor.hs_descs = hs_descriptors;
- D("[ %s: Switching to V1_descriptor format errno=%d ]", USB_FFS_ADB_EP0, errno);
- ret = adb_write(h->control, &v1_descriptor, sizeof(v1_descriptor));
- if (ret < 0) {
- D("[ %s: write descriptors failed: errno=%d ]", USB_FFS_ADB_EP0, errno);
- goto err;
- }
- }
-
- ret = adb_write(h->control, &strings, sizeof(strings));
- if (ret < 0) {
- D("[ %s: writing strings failed: errno=%d]", USB_FFS_ADB_EP0, errno);
- goto err;
- }
+ ret = adb_write(h->control, &strings, sizeof(strings));
+ if (ret < 0) {
+ D("[ %s: writing strings failed: errno=%d]", USB_FFS_ADB_EP0, errno);
+ goto err;
}
h->bulk_out = adb_open(USB_FFS_ADB_OUT, O_RDWR);
@@ -556,6 +554,7 @@
h->kicked = false;
adb_close(h->bulk_out);
adb_close(h->bulk_in);
+ adb_close(h->control);
// Notify usb_adb_open_thread to open a new connection.
adb_mutex_lock(&h->lock);
h->open_new_connection = true;
diff --git a/base/include/android-base/logging.h b/base/include/android-base/logging.h
index b86c232..56e2dde 100644
--- a/base/include/android-base/logging.h
+++ b/base/include/android-base/logging.h
@@ -194,13 +194,13 @@
// Helper for CHECK_STRxx(s1,s2) macros.
#define CHECK_STROP(s1, s2, sense) \
- if (LIKELY((strcmp(s1, s2) == 0) == sense)) \
+ if (LIKELY((strcmp(s1, s2) == 0) == (sense))) \
; \
else \
ABORT_AFTER_LOG_FATAL \
LOG(FATAL) << "Check failed: " \
- << "\"" << s1 << "\"" \
- << (sense ? " == " : " != ") << "\"" << s2 << "\""
+ << "\"" << (s1) << "\"" \
+ << ((sense) ? " == " : " != ") << "\"" << (s2) << "\""
// Check for string (const char*) equality between s1 and s2, LOG(FATAL) if not.
#define CHECK_STREQ(s1, s2) CHECK_STROP(s1, s2, true)
@@ -213,7 +213,7 @@
if (rc != 0) { \
errno = rc; \
ABORT_AFTER_LOG_FATAL \
- PLOG(FATAL) << #call << " failed for " << what; \
+ PLOG(FATAL) << #call << " failed for " << (what); \
} \
} while (false)
diff --git a/base/include/android-base/unique_fd.h b/base/include/android-base/unique_fd.h
index ab41c55..869e60f 100644
--- a/base/include/android-base/unique_fd.h
+++ b/base/include/android-base/unique_fd.h
@@ -39,25 +39,33 @@
namespace android {
namespace base {
-class unique_fd final {
+struct DefaultCloser {
+ static void Close(int fd) {
+ // Even if close(2) fails with EINTR, the fd will have been closed.
+ // Using TEMP_FAILURE_RETRY will either lead to EBADF or closing someone
+ // else's fd.
+ // http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
+ ::close(fd);
+ }
+};
+
+template <typename Closer>
+class unique_fd_impl final {
public:
- unique_fd() : value_(-1) {}
+ unique_fd_impl() : value_(-1) {}
- explicit unique_fd(int value) : value_(value) {}
- ~unique_fd() { clear(); }
+ explicit unique_fd_impl(int value) : value_(value) {}
+ ~unique_fd_impl() { clear(); }
- unique_fd(unique_fd&& other) : value_(other.release()) {}
- unique_fd& operator=(unique_fd&& s) {
+ unique_fd_impl(unique_fd_impl&& other) : value_(other.release()) {}
+ unique_fd_impl& operator=(unique_fd_impl&& s) {
reset(s.release());
return *this;
}
void reset(int new_value) {
if (value_ != -1) {
- // Even if close(2) fails with EINTR, the fd will have been closed.
- // Using TEMP_FAILURE_RETRY will either lead to EBADF or closing someone else's fd.
- // http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
- close(value_);
+ Closer::Close(value_);
}
value_ = new_value;
}
@@ -78,10 +86,12 @@
private:
int value_;
- unique_fd(const unique_fd&);
- void operator=(const unique_fd&);
+ unique_fd_impl(const unique_fd_impl&);
+ void operator=(const unique_fd_impl&);
};
+using unique_fd = unique_fd_impl<DefaultCloser>;
+
} // namespace base
} // namespace android
diff --git a/debuggerd/Android.mk b/debuggerd/Android.mk
index 6469db4..9ce94c5 100644
--- a/debuggerd/Android.mk
+++ b/debuggerd/Android.mk
@@ -54,7 +54,7 @@
include $(CLEAR_VARS)
-LOCAL_SRC_FILES := crasher.c
+LOCAL_SRC_FILES := crasher.cpp
LOCAL_SRC_FILES_arm := arm/crashglue.S
LOCAL_SRC_FILES_arm64 := arm64/crashglue.S
LOCAL_SRC_FILES_mips := mips/crashglue.S
@@ -63,9 +63,9 @@
LOCAL_SRC_FILES_x86_64 := x86_64/crashglue.S
LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)
LOCAL_MODULE_TAGS := optional
-LOCAL_CFLAGS += -fstack-protector-all -Werror -Wno-free-nonheap-object -Wno-date-time
+LOCAL_CPPFLAGS := $(common_cppflags) -fstack-protector-all -Wno-free-nonheap-object -Wno-date-time
#LOCAL_FORCE_STATIC_EXECUTABLE := true
-LOCAL_SHARED_LIBRARIES := libcutils liblog libc
+LOCAL_SHARED_LIBRARIES := libcutils liblog
# The arm emulator has VFP but not VFPv3-D32.
ifeq ($(ARCH_ARM_HAVE_VFP_D32),true)
diff --git a/debuggerd/backtrace.cpp b/debuggerd/backtrace.cpp
index 32843d8..8f4a53f 100644
--- a/debuggerd/backtrace.cpp
+++ b/debuggerd/backtrace.cpp
@@ -29,6 +29,7 @@
#include <sys/ptrace.h>
#include <memory>
+#include <string>
#include <backtrace/Backtrace.h>
@@ -96,11 +97,11 @@
}
}
-void dump_backtrace(int fd, int amfd, BacktraceMap* map, pid_t pid, pid_t tid,
- const std::set<pid_t>& siblings) {
+void dump_backtrace(int fd, BacktraceMap* map, pid_t pid, pid_t tid,
+ const std::set<pid_t>& siblings, std::string* amfd_data) {
log_t log;
log.tfd = fd;
- log.amfd = amfd;
+ log.amfd_data = amfd_data;
dump_process_header(&log, pid);
dump_thread(&log, map, pid, tid);
diff --git a/debuggerd/backtrace.h b/debuggerd/backtrace.h
index 98c433b..acd5eaa 100644
--- a/debuggerd/backtrace.h
+++ b/debuggerd/backtrace.h
@@ -20,6 +20,7 @@
#include <sys/types.h>
#include <set>
+#include <string>
#include "utility.h"
@@ -28,8 +29,8 @@
// Dumps a backtrace using a format similar to what Dalvik uses so that the result
// can be intermixed in a bug report.
-void dump_backtrace(int fd, int amfd, BacktraceMap* map, pid_t pid, pid_t tid,
- const std::set<pid_t>& siblings);
+void dump_backtrace(int fd, BacktraceMap* map, pid_t pid, pid_t tid,
+ const std::set<pid_t>& siblings, std::string* amfd_data);
/* Dumps the backtrace in the backtrace data structure to the log. */
void dump_backtrace_to_log(Backtrace* backtrace, log_t* log, const char* prefix);
diff --git a/debuggerd/crasher.c b/debuggerd/crasher.cpp
similarity index 93%
rename from debuggerd/crasher.c
rename to debuggerd/crasher.cpp
index 75f070b..bdeaf0b 100644
--- a/debuggerd/crasher.c
+++ b/debuggerd/crasher.cpp
@@ -22,8 +22,9 @@
extern const char* __progname;
-void crash1(void);
-void crashnostack(void);
+extern "C" void crash1(void);
+extern "C" void crashnostack(void);
+
static int do_action(const char* arg);
static void maybe_abort() {
@@ -159,6 +160,10 @@
__assert("some_file.c", 123, "false");
} else if (!strcmp(arg, "assert2")) {
__assert2("some_file.c", 123, "some_function", "false");
+ } else if (!strcmp(arg, "fortify")) {
+ char buf[10];
+ __read_chk(-1, buf, 32, 10);
+ while (true) pause();
} else if (!strcmp(arg, "LOG_ALWAYS_FATAL")) {
LOG_ALWAYS_FATAL("hello %s", "world");
} else if (!strcmp(arg, "LOG_ALWAYS_FATAL_IF")) {
@@ -172,7 +177,7 @@
} else if (!strcmp(arg, "heap-usage")) {
abuse_heap();
} else if (!strcmp(arg, "SIGSEGV-unmapped")) {
- char* map = mmap(NULL, sizeof(int), PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1, 0);
+ char* map = reinterpret_cast<char*>(mmap(NULL, sizeof(int), PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1, 0));
munmap(map, sizeof(int));
map[0] = '8';
}
@@ -189,6 +194,7 @@
fprintf(stderr, " abort call abort()\n");
fprintf(stderr, " assert call assert() without a function\n");
fprintf(stderr, " assert2 call assert() with a function\n");
+ fprintf(stderr, " fortify fail a _FORTIFY_SOURCE check\n");
fprintf(stderr, " LOG_ALWAYS_FATAL call LOG_ALWAYS_FATAL\n");
fprintf(stderr, " LOG_ALWAYS_FATAL_IF call LOG_ALWAYS_FATAL\n");
fprintf(stderr, " SIGFPE cause a SIGFPE\n");
diff --git a/debuggerd/debuggerd.cpp b/debuggerd/debuggerd.cpp
index 258bd76..d87594c 100644
--- a/debuggerd/debuggerd.cpp
+++ b/debuggerd/debuggerd.cpp
@@ -14,6 +14,7 @@
* limitations under the License.
*/
+#include <arpa/inet.h>
#include <dirent.h>
#include <elf.h>
#include <errno.h>
@@ -32,12 +33,15 @@
#include <sys/un.h>
#include <time.h>
+#include <memory>
#include <set>
+#include <string>
#include <selinux/android.h>
#include <log/logger.h>
+#include <android-base/file.h>
#include <android-base/unique_fd.h>
#include <cutils/debugger.h>
#include <cutils/properties.h>
@@ -287,6 +291,41 @@
return amfd.release();
}
+static void activity_manager_write(int pid, int signal, int amfd, const std::string& amfd_data) {
+ if (amfd == -1) {
+ return;
+ }
+
+ // Activity Manager protocol: binary 32-bit network-byte-order ints for the
+ // pid and signal number, followed by the raw text of the dump, culminating
+ // in a zero byte that marks end-of-data.
+ uint32_t datum = htonl(pid);
+ if (!android::base::WriteFully(amfd, &datum, 4)) {
+ ALOGE("AM pid write failed: %s\n", strerror(errno));
+ return;
+ }
+ datum = htonl(signal);
+ if (!android::base::WriteFully(amfd, &datum, 4)) {
+ ALOGE("AM signal write failed: %s\n", strerror(errno));
+ return;
+ }
+
+ if (!android::base::WriteFully(amfd, amfd_data.c_str(), amfd_data.size())) {
+ ALOGE("AM data write failed: %s\n", strerror(errno));
+ return;
+ }
+
+ // Send EOD to the Activity Manager, then wait for its ack to avoid racing
+ // ahead and killing the target out from under it.
+ uint8_t eodMarker = 0;
+ if (!android::base::WriteFully(amfd, &eodMarker, 1)) {
+ ALOGE("AM eod write failed: %s\n", strerror(errno));
+ return;
+ }
+ // 3 sec timeout reading the ack; we're fine if the read fails.
+ android::base::ReadFully(amfd, &eodMarker, 1);
+}
+
static bool should_attach_gdb(const debugger_request_t& request) {
if (request.action == DEBUGGER_ACTION_CRASH) {
return property_get_bool("debug.debuggerd.wait_for_gdb", false);
@@ -414,7 +453,7 @@
static bool perform_dump(const debugger_request_t& request, int fd, int tombstone_fd,
BacktraceMap* backtrace_map, const std::set<pid_t>& siblings,
- int* crash_signal, int amfd) {
+ int* crash_signal, std::string* amfd_data) {
if (TEMP_FAILURE_RETRY(write(fd, "\0", 1)) != 1) {
ALOGE("debuggerd: failed to respond to client: %s\n", strerror(errno));
return false;
@@ -432,10 +471,10 @@
if (request.action == DEBUGGER_ACTION_DUMP_TOMBSTONE) {
ALOGV("debuggerd: stopped -- dumping to tombstone");
engrave_tombstone(tombstone_fd, backtrace_map, request.pid, request.tid, siblings, signal,
- request.original_si_code, request.abort_msg_address, amfd);
+ request.original_si_code, request.abort_msg_address, amfd_data);
} else if (request.action == DEBUGGER_ACTION_DUMP_BACKTRACE) {
ALOGV("debuggerd: stopped -- dumping to fd");
- dump_backtrace(fd, -1, backtrace_map, request.pid, request.tid, siblings);
+ dump_backtrace(fd, backtrace_map, request.pid, request.tid, siblings, nullptr);
} else {
ALOGV("debuggerd: stopped -- continuing");
if (ptrace(PTRACE_CONT, request.tid, 0, 0) != 0) {
@@ -458,7 +497,7 @@
ALOGV("stopped -- fatal signal\n");
*crash_signal = signal;
engrave_tombstone(tombstone_fd, backtrace_map, request.pid, request.tid, siblings, signal,
- request.original_si_code, request.abort_msg_address, amfd);
+ request.original_si_code, request.abort_msg_address, amfd_data);
break;
default:
@@ -472,13 +511,21 @@
}
static bool drop_privileges() {
+ // AID_LOG: for reading the logs data associated with the crashing process.
+ // AID_READPROC: for reading /proc/<PID>/{comm,cmdline}.
+ gid_t groups[] = { AID_DEBUGGERD, AID_LOG, AID_READPROC };
+ if (setgroups(sizeof(groups)/sizeof(groups[0]), groups) != 0) {
+ ALOGE("debuggerd: failed to setgroups: %s", strerror(errno));
+ return false;
+ }
+
if (setresgid(AID_DEBUGGERD, AID_DEBUGGERD, AID_DEBUGGERD) != 0) {
- ALOGE("debuggerd: failed to setresgid");
+ ALOGE("debuggerd: failed to setresgid: %s", strerror(errno));
return false;
}
if (setresuid(AID_DEBUGGERD, AID_DEBUGGERD, AID_DEBUGGERD) != 0) {
- ALOGE("debuggerd: failed to setresuid");
+ ALOGE("debuggerd: failed to setresuid: %s", strerror(errno));
return false;
}
@@ -545,9 +592,11 @@
std::unique_ptr<BacktraceMap> backtrace_map(BacktraceMap::Create(request.pid));
int amfd = -1;
+ std::unique_ptr<std::string> amfd_data;
if (request.action == DEBUGGER_ACTION_CRASH) {
// Connect to the activity manager before dropping privileges.
amfd = activity_manager_connect();
+ amfd_data.reset(new std::string);
}
bool succeeded = false;
@@ -560,11 +609,11 @@
int crash_signal = SIGKILL;
succeeded = perform_dump(request, fd, tombstone_fd, backtrace_map.get(), siblings,
- &crash_signal, amfd);
+ &crash_signal, amfd_data.get());
if (succeeded) {
if (request.action == DEBUGGER_ACTION_DUMP_TOMBSTONE) {
if (!tombstone_path.empty()) {
- write(fd, tombstone_path.c_str(), tombstone_path.length());
+ android::base::WriteFully(fd, tombstone_path.c_str(), tombstone_path.length());
}
}
}
@@ -577,6 +626,13 @@
}
}
+ if (!attach_gdb) {
+ // Tell the Activity Manager about the crashing process. If we are
+ // waiting for gdb to attach, do not send this or Activity Manager
+ // might kill the process before anyone can attach.
+ activity_manager_write(request.pid, crash_signal, amfd, *amfd_data.get());
+ }
+
if (ptrace(PTRACE_DETACH, request.tid, 0, 0) != 0) {
ALOGE("debuggerd: ptrace detach from %d failed: %s", request.tid, strerror(errno));
}
@@ -593,9 +649,12 @@
}
// Wait for gdb, if requested.
- if (attach_gdb && succeeded) {
+ if (attach_gdb) {
wait_for_user_action(request);
+ // Now tell the activity manager about this process.
+ activity_manager_write(request.pid, crash_signal, amfd, *amfd_data.get());
+
// Tell the signal process to send SIGCONT to the target.
if (!send_signal(request.pid, 0, SIGCONT)) {
ALOGE("debuggerd: failed to resume process %d: %s", request.pid, strerror(errno));
diff --git a/debuggerd/elf_utils.cpp b/debuggerd/elf_utils.cpp
index 9959f2e..3d99cab 100644
--- a/debuggerd/elf_utils.cpp
+++ b/debuggerd/elf_utils.cpp
@@ -29,7 +29,7 @@
#include "elf_utils.h"
-#define NOTE_ALIGN(size) ((size + 3) & ~3)
+#define NOTE_ALIGN(size) (((size) + 3) & ~3)
template <typename HdrType, typename PhdrType, typename NhdrType>
static bool get_build_id(
diff --git a/debuggerd/test/dump_memory_test.cpp b/debuggerd/test/dump_memory_test.cpp
index 2addd5d..49f3690 100644
--- a/debuggerd/test/dump_memory_test.cpp
+++ b/debuggerd/test/dump_memory_test.cpp
@@ -125,7 +125,7 @@
}
log_.tfd = tombstone_fd;
- log_.amfd = -1;
+ log_.amfd_data = nullptr;
log_.crashed_tid = 12;
log_.current_tid = 12;
log_.should_retrieve_logcat = false;
diff --git a/debuggerd/test/host_signal_fixup.h b/debuggerd/test/host_signal_fixup.h
index c7796ef..762bae5 100644
--- a/debuggerd/test/host_signal_fixup.h
+++ b/debuggerd/test/host_signal_fixup.h
@@ -57,7 +57,7 @@
#endif
#if !defined(SI_DETHREAD)
-#define SI_DETHREAD -7
+#define SI_DETHREAD (-7)
#endif
#endif
diff --git a/debuggerd/test/tombstone_test.cpp b/debuggerd/test/tombstone_test.cpp
index 96b3a7a..58d640e 100644
--- a/debuggerd/test/tombstone_test.cpp
+++ b/debuggerd/test/tombstone_test.cpp
@@ -68,7 +68,8 @@
}
log_.tfd = tombstone_fd;
- log_.amfd = -1;
+ amfd_data_.clear();
+ log_.amfd_data = &amfd_data_;
log_.crashed_tid = 12;
log_.current_tid = 12;
log_.should_retrieve_logcat = false;
@@ -90,6 +91,7 @@
std::unique_ptr<BacktraceMock> backtrace_mock_;
log_t log_;
+ std::string amfd_data_;
};
TEST_F(TombstoneTest, single_map) {
@@ -117,6 +119,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -150,6 +154,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -189,6 +195,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -251,6 +259,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -305,6 +315,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -359,6 +371,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -411,6 +425,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -469,6 +485,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -501,6 +519,8 @@
#endif
ASSERT_STREQ(expected_dump, tombstone_contents.c_str());
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("6 DEBUG Cannot get siginfo for 100: Bad address\n\n", getFakeLogPrint().c_str());
@@ -562,6 +582,8 @@
<< "Signal " << si.si_signo << " is not expected to include an address.";
}
+ ASSERT_STREQ("", amfd_data_.c_str());
+
// Verify that the log buf is empty, and no error messages.
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("", getFakeLogPrint().c_str());
@@ -582,6 +604,8 @@
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("6 DEBUG cannot get siginfo: Bad address\n\n", getFakeLogPrint().c_str());
+
+ ASSERT_STREQ("", amfd_data_.c_str());
}
TEST_F(TombstoneTest, dump_log_file_error) {
@@ -596,4 +620,14 @@
ASSERT_STREQ("", getFakeLogBuf().c_str());
ASSERT_STREQ("6 DEBUG Unable to open /fake/filename: Permission denied\n\n",
getFakeLogPrint().c_str());
+
+ ASSERT_STREQ("", amfd_data_.c_str());
+}
+
+TEST_F(TombstoneTest, dump_header_info) {
+ dump_header_info(&log_);
+
+ std::string expected = "Build fingerprint: 'unknown'\nRevision: 'unknown'\n";
+ expected += android::base::StringPrintf("ABI: '%s'\n", ABI_STRING);
+ ASSERT_STREQ(expected.c_str(), amfd_data_.c_str());
}
diff --git a/debuggerd/tombstone.cpp b/debuggerd/tombstone.cpp
index d802c8c..fa983fa 100644
--- a/debuggerd/tombstone.cpp
+++ b/debuggerd/tombstone.cpp
@@ -16,7 +16,6 @@
#define LOG_TAG "DEBUG"
-#include <arpa/inet.h>
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
@@ -202,7 +201,7 @@
static void dump_thread_info(log_t* log, pid_t pid, pid_t tid) {
char path[64];
char threadnamebuf[1024];
- char* threadname = NULL;
+ char* threadname = nullptr;
FILE *fp;
snprintf(path, sizeof(path), "/proc/%d/comm", tid);
@@ -218,13 +217,13 @@
}
// Blacklist logd, logd.reader, logd.writer, logd.auditd, logd.control ...
static const char logd[] = "logd";
- if (!strncmp(threadname, logd, sizeof(logd) - 1)
+ if (threadname != nullptr && !strncmp(threadname, logd, sizeof(logd) - 1)
&& (!threadname[sizeof(logd) - 1] || (threadname[sizeof(logd) - 1] == '.'))) {
log->should_retrieve_logcat = false;
}
char procnamebuf[1024];
- char* procname = NULL;
+ char* procname = nullptr;
snprintf(path, sizeof(path), "/proc/%d/cmdline", pid);
if ((fp = fopen(path, "r"))) {
@@ -613,16 +612,6 @@
property_get("ro.debuggable", value, "0");
bool want_logs = (value[0] == '1');
- if (log->amfd >= 0) {
- // Activity Manager protocol: binary 32-bit network-byte-order ints for the
- // pid and signal number, followed by the raw text of the dump, culminating
- // in a zero byte that marks end-of-data.
- uint32_t datum = htonl(pid);
- TEMP_FAILURE_RETRY( write(log->amfd, &datum, 4) );
- datum = htonl(signal);
- TEMP_FAILURE_RETRY( write(log->amfd, &datum, 4) );
- }
-
_LOG(log, logtype::HEADER,
"*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***\n");
dump_header_info(log);
@@ -640,17 +629,6 @@
if (want_logs) {
dump_logs(log, pid, 0);
}
-
- // send EOD to the Activity Manager, then wait for its ack to avoid racing ahead
- // and killing the target out from under it
- if (log->amfd >= 0) {
- uint8_t eodMarker = 0;
- TEMP_FAILURE_RETRY( write(log->amfd, &eodMarker, 1) );
- // 3 sec timeout reading the ack; we're fine if that happens
- TEMP_FAILURE_RETRY( read(log->amfd, &eodMarker, 1) );
- }
-
- return;
}
// open_tombstone - find an available tombstone slot, if any, of the
@@ -708,7 +686,7 @@
void engrave_tombstone(int tombstone_fd, BacktraceMap* map, pid_t pid, pid_t tid,
const std::set<pid_t>& siblings, int signal, int original_si_code,
- uintptr_t abort_msg_address, int amfd) {
+ uintptr_t abort_msg_address, std::string* amfd_data) {
log_t log;
log.current_tid = tid;
log.crashed_tid = tid;
@@ -719,8 +697,6 @@
}
log.tfd = tombstone_fd;
- // Preserve amfd since it can be modified through the calls below without
- // being closed.
- log.amfd = amfd;
+ log.amfd_data = amfd_data;
dump_crash(&log, map, pid, tid, siblings, signal, original_si_code, abort_msg_address);
}
diff --git a/debuggerd/tombstone.h b/debuggerd/tombstone.h
index 7f3eebe..487d950 100644
--- a/debuggerd/tombstone.h
+++ b/debuggerd/tombstone.h
@@ -34,6 +34,6 @@
/* Creates a tombstone file and writes the crash dump to it. */
void engrave_tombstone(int tombstone_fd, BacktraceMap* map, pid_t pid, pid_t tid,
const std::set<pid_t>& siblings, int signal, int original_si_code,
- uintptr_t abort_msg_address, int amfd);
+ uintptr_t abort_msg_address, std::string* amfd_data);
#endif // _DEBUGGERD_TOMBSTONE_H
diff --git a/debuggerd/utility.cpp b/debuggerd/utility.cpp
index cd252ce..bd06095 100644
--- a/debuggerd/utility.cpp
+++ b/debuggerd/utility.cpp
@@ -25,7 +25,8 @@
#include <sys/ptrace.h>
#include <sys/wait.h>
-#include <android-base/file.h>
+#include <string>
+
#include <android-base/stringprintf.h>
#include <backtrace/Backtrace.h>
#include <log/log.h>
@@ -49,7 +50,6 @@
&& log->crashed_tid != -1
&& log->current_tid != -1
&& (log->crashed_tid == log->current_tid);
- bool write_to_activitymanager = (log->amfd != -1);
char buf[512];
va_list ap;
@@ -68,12 +68,8 @@
if (write_to_logcat) {
__android_log_buf_write(LOG_ID_CRASH, ANDROID_LOG_FATAL, LOG_TAG, buf);
- if (write_to_activitymanager) {
- if (!android::base::WriteFully(log->amfd, buf, len)) {
- // timeout or other failure on write; stop informing the activity manager
- ALOGE("AM write failed: %s", strerror(errno));
- log->amfd = -1;
- }
+ if (log->amfd_data != nullptr) {
+ *log->amfd_data += buf;
}
}
}
diff --git a/debuggerd/utility.h b/debuggerd/utility.h
index ed08ddc..cd01188 100644
--- a/debuggerd/utility.h
+++ b/debuggerd/utility.h
@@ -21,6 +21,8 @@
#include <stdbool.h>
#include <sys/types.h>
+#include <string>
+
#include <backtrace/Backtrace.h>
// Figure out the abi based on defined macros.
@@ -42,10 +44,10 @@
struct log_t{
- /* tombstone file descriptor */
+ // Tombstone file descriptor.
int tfd;
- /* Activity Manager socket file descriptor */
- int amfd;
+ // Data to be sent to the Activity Manager.
+ std::string* amfd_data;
// The tid of the thread that crashed.
pid_t crashed_tid;
// The tid of the thread we are currently working with.
@@ -54,7 +56,8 @@
bool should_retrieve_logcat;
log_t()
- : tfd(-1), amfd(-1), crashed_tid(-1), current_tid(-1), should_retrieve_logcat(true) {}
+ : tfd(-1), amfd_data(nullptr), crashed_tid(-1), current_tid(-1),
+ should_retrieve_logcat(true) {}
};
// List of types of logs to simplify the logging decision in _LOG
diff --git a/fastboot/fastboot.cpp b/fastboot/fastboot.cpp
index 94efcc3..1839d25 100644
--- a/fastboot/fastboot.cpp
+++ b/fastboot/fastboot.cpp
@@ -717,10 +717,10 @@
return partition_type == "ext4";
}
-static int load_buf_fd(Transport* transport, int fd, struct fastboot_buffer* buf) {
+static bool load_buf_fd(Transport* transport, int fd, struct fastboot_buffer* buf) {
int64_t sz = get_file_size(fd);
if (sz == -1) {
- return -1;
+ return false;
}
lseek64(fd, 0, SEEK_SET);
@@ -728,7 +728,7 @@
if (limit) {
sparse_file** s = load_sparse_files(fd, limit);
if (s == nullptr) {
- return -1;
+ return false;
}
buf->type = FB_BUFFER_SPARSE;
buf->data = s;
@@ -740,18 +740,14 @@
buf->sz = sz;
}
- return 0;
+ return true;
}
-static int load_buf(Transport* transport, const char *fname, struct fastboot_buffer *buf)
-{
- int fd;
-
- fd = open(fname, O_RDONLY | O_BINARY);
- if (fd < 0) {
- return -1;
+static bool load_buf(Transport* transport, const char* fname, struct fastboot_buffer* buf) {
+ int fd = open(fname, O_RDONLY | O_BINARY);
+ if (fd == -1) {
+ return false;
}
-
return load_buf_fd(transport, fd, buf);
}
@@ -895,8 +891,8 @@
static void do_flash(Transport* transport, const char* pname, const char* fname) {
struct fastboot_buffer buf;
- if (load_buf(transport, fname, &buf)) {
- die("cannot load '%s'", fname);
+ if (!load_buf(transport, fname, &buf)) {
+ die("cannot load '%s': %s", fname, strerror(errno));
}
flash_buf(pname, &buf);
}
@@ -940,8 +936,9 @@
exit(1); // unzip_to_file already explained why.
}
fastboot_buffer buf;
- int rc = load_buf_fd(transport, fd, &buf);
- if (rc) die("cannot load %s from flash", images[i].img_name);
+ if (!load_buf_fd(transport, fd, &buf)) {
+ die("cannot load %s from flash: %s", images[i].img_name, strerror(errno));
+ }
auto update = [&](const std::string &partition) {
do_update_signature(zip, images[i].sig_name);
@@ -994,10 +991,9 @@
for (size_t i = 0; i < ARRAY_SIZE(images); i++) {
fname = find_item(images[i].part_name, product);
fastboot_buffer buf;
- if (load_buf(transport, fname.c_str(), &buf)) {
- if (images[i].is_optional)
- continue;
- die("could not load %s\n", images[i].img_name);
+ if (!load_buf(transport, fname.c_str(), &buf)) {
+ if (images[i].is_optional) continue;
+ die("could not load '%s': %s", images[i].img_name, strerror(errno));
}
auto flashall = [&](const std::string &partition) {
@@ -1164,7 +1160,7 @@
return;
}
- if (load_buf_fd(transport, fd, &buf)) {
+ if (!load_buf_fd(transport, fd, &buf)) {
fprintf(stderr, "Cannot read image: %s\n", strerror(errno));
close(fd);
return;
diff --git a/fs_mgr/Android.mk b/fs_mgr/Android.mk
index d0d5630..7da3ca4 100644
--- a/fs_mgr/Android.mk
+++ b/fs_mgr/Android.mk
@@ -10,7 +10,8 @@
libcrypto_utils_static \
libcrypto_static \
libext4_utils_static \
- libsquashfs_utils
+ libsquashfs_utils \
+ libselinux
include $(CLEAR_VARS)
LOCAL_CLANG := true
diff --git a/fs_mgr/fs_mgr_format.c b/fs_mgr/fs_mgr_format.c
index c63ff67..6c5b1eb 100644
--- a/fs_mgr/fs_mgr_format.c
+++ b/fs_mgr/fs_mgr_format.c
@@ -23,6 +23,11 @@
#include <errno.h>
#include <cutils/partition_utils.h>
#include <sys/mount.h>
+
+#include <selinux/selinux.h>
+#include <selinux/label.h>
+#include <selinux/android.h>
+
#include "ext4_utils.h"
#include "ext4.h"
#include "make_ext4fs.h"
@@ -47,17 +52,29 @@
return -1;
}
+ struct selabel_handle *sehandle = selinux_android_file_context_handle();
+ if (!sehandle) {
+ /* libselinux logs specific error */
+ ERROR("Cannot initialize android file_contexts");
+ close(fd);
+ return -1;
+ }
+
/* Format the partition using the calculated length */
reset_ext4fs_info();
info.len = (off64_t)dev_sz;
/* Use make_ext4fs_internal to avoid wiping an already-wiped partition. */
- rc = make_ext4fs_internal(fd, NULL, NULL, fs_mnt_point, 0, 0, 0, 0, 0, 0, 0, 0, 0, NULL);
+ rc = make_ext4fs_internal(fd, NULL, NULL, fs_mnt_point, 0, 0, 0, 0, 0, 0, sehandle, 0, 0, NULL);
if (rc) {
ERROR("make_ext4fs returned %d.\n", rc);
}
close(fd);
+ if (sehandle) {
+ selabel_close(sehandle);
+ }
+
return rc;
}
diff --git a/fs_mgr/fs_mgr_priv_verity.h b/fs_mgr/fs_mgr_priv_verity.h
index cd673f3..d9e17bb 100644
--- a/fs_mgr/fs_mgr_priv_verity.h
+++ b/fs_mgr/fs_mgr_priv_verity.h
@@ -16,8 +16,8 @@
#include <sys/cdefs.h>
-#define FS_MGR_SETUP_VERITY_DISABLED -2
-#define FS_MGR_SETUP_VERITY_FAIL -1
+#define FS_MGR_SETUP_VERITY_DISABLED (-2)
+#define FS_MGR_SETUP_VERITY_FAIL (-1)
#define FS_MGR_SETUP_VERITY_SUCCESS 0
__BEGIN_DECLS
diff --git a/fs_mgr/fs_mgr_verity.cpp b/fs_mgr/fs_mgr_verity.cpp
index 129a5bb..72554a8 100644
--- a/fs_mgr/fs_mgr_verity.cpp
+++ b/fs_mgr/fs_mgr_verity.cpp
@@ -30,6 +30,7 @@
#include <unistd.h>
#include <android-base/file.h>
+#include <android-base/strings.h>
#include <crypto_utils/android_pubkey.h>
#include <cutils/properties.h>
#include <logwrap/logwrap.h>
@@ -211,7 +212,7 @@
}
struct verity_table_params {
- const char *table;
+ char *table;
int mode;
struct fec_ecc_metadata ecc;
const char *ecc_dev;
@@ -843,15 +844,42 @@
return rc;
}
+static void update_verity_table_blk_device(char *blk_device, char **table)
+{
+ std::string result, word;
+ auto tokens = android::base::Split(*table, " ");
+
+ for (const auto token : tokens) {
+ if (android::base::StartsWith(token, "/dev/block/") &&
+ android::base::StartsWith(blk_device, token.c_str())) {
+ word = blk_device;
+ } else {
+ word = token;
+ }
+
+ if (result.empty()) {
+ result = word;
+ } else {
+ result += " " + word;
+ }
+ }
+
+ if (result.empty()) {
+ return;
+ }
+
+ free(*table);
+ *table = strdup(result.c_str());
+}
+
int fs_mgr_setup_verity(struct fstab_rec *fstab)
{
int retval = FS_MGR_SETUP_VERITY_FAIL;
int fd = -1;
- char *invalid_table = NULL;
char *verity_blk_name = NULL;
struct fec_handle *f = NULL;
struct fec_verity_metadata verity;
- struct verity_table_params params;
+ struct verity_table_params params = { .table = NULL };
alignas(dm_ioctl) char buffer[DM_BUF_SIZE];
struct dm_ioctl *io = (struct dm_ioctl *) buffer;
@@ -912,8 +940,17 @@
params.mode = VERITY_MODE_EIO;
}
+ if (!verity.table) {
+ goto out;
+ }
+
+ params.table = strdup(verity.table);
+ if (!params.table) {
+ goto out;
+ }
+
// verify the signature on the table
- if (verify_table(verity.signature, sizeof(verity.signature), verity.table,
+ if (verify_table(verity.signature, sizeof(verity.signature), params.table,
verity.table_length) < 0) {
if (params.mode == VERITY_MODE_LOGGING) {
// the user has been warned, allow mounting without dm-verity
@@ -922,20 +959,18 @@
}
// invalidate root hash and salt to trigger device-specific recovery
- invalid_table = strdup(verity.table);
-
- if (!invalid_table ||
- invalidate_table(invalid_table, verity.table_length) < 0) {
+ if (invalidate_table(params.table, verity.table_length) < 0) {
goto out;
}
-
- params.table = invalid_table;
- } else {
- params.table = verity.table;
}
INFO("Enabling dm-verity for %s (mode %d)\n", mount_point, params.mode);
+ if (fstab->fs_mgr_flags & MF_SLOTSELECT) {
+ // Update the verity params using the actual block device path
+ update_verity_table_blk_device(fstab->blk_device, ¶ms.table);
+ }
+
// load the verity mapping table
if (load_verity_table(io, mount_point, verity.data_size, fd, ¶ms,
format_verity_table) == 0) {
@@ -1001,7 +1036,7 @@
}
fec_close(f);
- free(invalid_table);
+ free(params.table);
free(verity_blk_name);
return retval;
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index c5e1f32..b498618 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -80,11 +80,11 @@
#define FS_MGR_MNTALL_DEV_NEEDS_ENCRYPTION 2
#define FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED 1
#define FS_MGR_MNTALL_DEV_NOT_ENCRYPTED 0
-#define FS_MGR_MNTALL_FAIL -1
+#define FS_MGR_MNTALL_FAIL (-1)
int fs_mgr_mount_all(struct fstab *fstab);
-#define FS_MGR_DOMNT_FAILED -1
-#define FS_MGR_DOMNT_BUSY -2
+#define FS_MGR_DOMNT_FAILED (-1)
+#define FS_MGR_DOMNT_BUSY (-2)
int fs_mgr_do_mount(struct fstab *fstab, char *n_name, char *n_blk_device,
char *tmp_mount_point);
int fs_mgr_do_tmpfs_mount(char *n_name);
diff --git a/include/cutils/aref.h b/include/cutils/aref.h
deleted file mode 100644
index 3bd36ea..0000000
--- a/include/cutils/aref.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright (C) 2013 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef _CUTILS_AREF_H_
-#define _CUTILS_AREF_H_
-
-#include <stddef.h>
-#include <sys/cdefs.h>
-
-#include <cutils/atomic.h>
-
-__BEGIN_DECLS
-
-#define AREF_TO_ITEM(aref, container, member) \
- (container *) (((char*) (aref)) - offsetof(container, member))
-
-struct aref
-{
- volatile int32_t count;
-};
-
-static inline void aref_init(struct aref *r)
-{
- r->count = 1;
-}
-
-static inline int32_t aref_count(struct aref *r)
-{
- return r->count;
-}
-
-static inline void aref_get(struct aref *r)
-{
- android_atomic_inc(&r->count);
-}
-
-static inline void aref_put(struct aref *r, void (*release)(struct aref *))
-{
- if (android_atomic_dec(&r->count) == 1)
- release(r);
-}
-
-__END_DECLS
-
-#endif // _CUTILS_AREF_H_
diff --git a/include/cutils/ashmem.h b/include/cutils/ashmem.h
index 25b233e..acedf73 100644
--- a/include/cutils/ashmem.h
+++ b/include/cutils/ashmem.h
@@ -12,6 +12,10 @@
#include <stddef.h>
+#if defined(__BIONIC__)
+#include <linux/ashmem.h>
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -26,20 +30,4 @@
}
#endif
-#ifndef __ASHMEMIOC /* in case someone included <linux/ashmem.h> too */
-
-#define ASHMEM_NAME_LEN 256
-
-#define ASHMEM_NAME_DEF "dev/ashmem"
-
-/* Return values from ASHMEM_PIN: Was the mapping purged while unpinned? */
-#define ASHMEM_NOT_PURGED 0
-#define ASHMEM_WAS_PURGED 1
-
-/* Return values from ASHMEM_UNPIN: Is the mapping now pinned or unpinned? */
-#define ASHMEM_IS_UNPINNED 0
-#define ASHMEM_IS_PINNED 1
-
-#endif /* ! __ASHMEMIOC */
-
#endif /* _CUTILS_ASHMEM_H */
diff --git a/libcutils/atomic.c b/include/private/canned_fs_config.h
similarity index 61%
copy from libcutils/atomic.c
copy to include/private/canned_fs_config.h
index d34aa00..d9f51ca 100644
--- a/libcutils/atomic.c
+++ b/include/private/canned_fs_config.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007 The Android Open Source Project
+ * Copyright (C) 2014 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -14,13 +14,13 @@
* limitations under the License.
*/
-/*
- * Generate non-inlined versions of android_atomic functions.
- * Nobody should be using these, but some binary blobs currently (late 2014)
- * are.
- * If you read this in 2015 or later, please try to delete this file.
- */
+#ifndef _CANNED_FS_CONFIG_H
+#define _CANNED_FS_CONFIG_H
-#define ANDROID_ATOMIC_INLINE
+#include <inttypes.h>
-#include <cutils/atomic.h>
+int load_canned_fs_config(const char* fn);
+void canned_fs_config(const char* path, int dir, const char* target_out_path,
+ unsigned* uid, unsigned* gid, unsigned* mode, uint64_t* capabilities);
+
+#endif
diff --git a/include/utils/RefBase.h b/include/utils/RefBase.h
index eac6a78..14d9cb1 100644
--- a/include/utils/RefBase.h
+++ b/include/utils/RefBase.h
@@ -17,7 +17,7 @@
#ifndef ANDROID_REF_BASE_H
#define ANDROID_REF_BASE_H
-#include <cutils/atomic.h>
+#include <atomic>
#include <stdint.h>
#include <sys/types.h>
@@ -176,16 +176,17 @@
public:
inline LightRefBase() : mCount(0) { }
inline void incStrong(__attribute__((unused)) const void* id) const {
- android_atomic_inc(&mCount);
+ mCount.fetch_add(1, std::memory_order_relaxed);
}
inline void decStrong(__attribute__((unused)) const void* id) const {
- if (android_atomic_dec(&mCount) == 1) {
+ if (mCount.fetch_sub(1, std::memory_order_release) == 1) {
+ std::atomic_thread_fence(std::memory_order_acquire);
delete static_cast<const T*>(this);
}
}
//! DEBUGGING ONLY: Get current strong ref count.
inline int32_t getStrongCount() const {
- return mCount;
+ return mCount.load(std::memory_order_relaxed);
}
typedef LightRefBase<T> basetype;
@@ -200,7 +201,7 @@
const void* old_id, const void* new_id) { }
private:
- mutable volatile int32_t mCount;
+ mutable std::atomic<int32_t> mCount;
};
// This is a wrapper around LightRefBase that simply enforces a virtual
diff --git a/include/utils/ashmem.h b/include/utils/ashmem.h
deleted file mode 100644
index 0854775..0000000
--- a/include/utils/ashmem.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* utils/ashmem.h
- **
- ** Copyright 2008 The Android Open Source Project
- **
- ** This file is dual licensed. It may be redistributed and/or modified
- ** under the terms of the Apache 2.0 License OR version 2 of the GNU
- ** General Public License.
- */
-
-#ifndef _UTILS_ASHMEM_H
-#define _UTILS_ASHMEM_H
-
-#include <linux/limits.h>
-#include <linux/ioctl.h>
-
-#define ASHMEM_NAME_LEN 256
-
-#define ASHMEM_NAME_DEF "dev/ashmem"
-
-/* Return values from ASHMEM_PIN: Was the mapping purged while unpinned? */
-#define ASHMEM_NOT_REAPED 0
-#define ASHMEM_WAS_REAPED 1
-
-/* Return values from ASHMEM_UNPIN: Is the mapping now pinned or unpinned? */
-#define ASHMEM_NOW_UNPINNED 0
-#define ASHMEM_NOW_PINNED 1
-
-#define __ASHMEMIOC 0x77
-
-#define ASHMEM_SET_NAME _IOW(__ASHMEMIOC, 1, char[ASHMEM_NAME_LEN])
-#define ASHMEM_GET_NAME _IOR(__ASHMEMIOC, 2, char[ASHMEM_NAME_LEN])
-#define ASHMEM_SET_SIZE _IOW(__ASHMEMIOC, 3, size_t)
-#define ASHMEM_GET_SIZE _IO(__ASHMEMIOC, 4)
-#define ASHMEM_SET_PROT_MASK _IOW(__ASHMEMIOC, 5, unsigned long)
-#define ASHMEM_GET_PROT_MASK _IO(__ASHMEMIOC, 6)
-#define ASHMEM_PIN _IO(__ASHMEMIOC, 7)
-#define ASHMEM_UNPIN _IO(__ASHMEMIOC, 8)
-#define ASHMEM_ISPINNED _IO(__ASHMEMIOC, 9)
-#define ASHMEM_PURGE_ALL_CACHES _IO(__ASHMEMIOC, 10)
-
-#endif /* _UTILS_ASHMEM_H */
diff --git a/init/devices.cpp b/init/devices.cpp
index d452dd3..1410e3b 100644
--- a/init/devices.cpp
+++ b/init/devices.cpp
@@ -43,6 +43,7 @@
#include <sys/wait.h>
#include <android-base/file.h>
+#include <android-base/stringprintf.h>
#include <cutils/list.h>
#include <cutils/uevent.h>
@@ -130,49 +131,6 @@
return 0;
}
-void fixup_sys_perms(const char *upath)
-{
- char buf[512];
- struct listnode *node;
- struct perms_ *dp;
-
- /* upaths omit the "/sys" that paths in this list
- * contain, so we add 4 when comparing...
- */
- list_for_each(node, &sys_perms) {
- dp = &(node_to_item(node, struct perm_node, plist))->dp;
- if (dp->prefix) {
- if (strncmp(upath, dp->name + 4, strlen(dp->name + 4)))
- continue;
- } else if (dp->wildcard) {
- if (fnmatch(dp->name + 4, upath, FNM_PATHNAME) != 0)
- continue;
- } else {
- if (strcmp(upath, dp->name + 4))
- continue;
- }
-
- if ((strlen(upath) + strlen(dp->attr) + 6) > sizeof(buf))
- break;
-
- snprintf(buf, sizeof(buf), "/sys%s/%s", upath, dp->attr);
- INFO("fixup %s %d %d 0%o\n", buf, dp->uid, dp->gid, dp->perm);
- chown(buf, dp->uid, dp->gid);
- chmod(buf, dp->perm);
- }
-
- // Now fixup SELinux file labels
- int len = snprintf(buf, sizeof(buf), "/sys%s", upath);
- if ((len < 0) || ((size_t) len >= sizeof(buf))) {
- // Overflow
- return;
- }
- if (access(buf, F_OK) == 0) {
- INFO("restorecon_recursive: %s\n", buf);
- restorecon_recursive(buf);
- }
-}
-
static bool perm_path_matches(const char *path, struct perms_ *dp)
{
if (dp->prefix) {
@@ -189,6 +147,44 @@
return false;
}
+static bool match_subsystem(perms_* dp, const char* pattern,
+ const char* path, const char* subsystem) {
+ if (!pattern || !subsystem || strstr(dp->name, subsystem) == NULL) {
+ return false;
+ }
+
+ std::string subsys_path = android::base::StringPrintf(pattern, subsystem, basename(path));
+ return perm_path_matches(subsys_path.c_str(), dp);
+}
+
+static void fixup_sys_perms(const char* upath, const char* subsystem) {
+ // upaths omit the "/sys" that paths in this list
+ // contain, so we prepend it...
+ std::string path = std::string(SYSFS_PREFIX) + upath;
+
+ listnode* node;
+ list_for_each(node, &sys_perms) {
+ perms_* dp = &(node_to_item(node, perm_node, plist))->dp;
+ if (match_subsystem(dp, SYSFS_PREFIX "/class/%s/%s", path.c_str(), subsystem)) {
+ ; // matched
+ } else if (match_subsystem(dp, SYSFS_PREFIX "/bus/%s/devices/%s", path.c_str(), subsystem)) {
+ ; // matched
+ } else if (!perm_path_matches(path.c_str(), dp)) {
+ continue;
+ }
+
+ std::string attr_file = path + "/" + dp->attr;
+ INFO("fixup %s %d %d 0%o\n", attr_file.c_str(), dp->uid, dp->gid, dp->perm);
+ chown(attr_file.c_str(), dp->uid, dp->gid);
+ chmod(attr_file.c_str(), dp->perm);
+ }
+
+ if (access(path.c_str(), F_OK) == 0) {
+ INFO("restorecon_recursive: %s\n", path.c_str());
+ restorecon_recursive(path.c_str());
+ }
+}
+
static mode_t get_device_perm(const char *path, const char **links,
unsigned *uid, unsigned *gid)
{
@@ -747,7 +743,7 @@
static void handle_device_event(struct uevent *uevent)
{
if (!strcmp(uevent->action,"add") || !strcmp(uevent->action, "change") || !strcmp(uevent->action, "online"))
- fixup_sys_perms(uevent->path);
+ fixup_sys_perms(uevent->path, uevent->subsystem);
if (!strncmp(uevent->subsystem, "block", 5)) {
handle_block_device_event(uevent);
diff --git a/init/ueventd_parser.cpp b/init/ueventd_parser.cpp
index 09f4638..baff58c 100644
--- a/init/ueventd_parser.cpp
+++ b/init/ueventd_parser.cpp
@@ -38,7 +38,7 @@
#include "ueventd_keywords.h"
#define KEYWORD(symbol, flags, nargs) \
- [ K_##symbol ] = { #symbol, nargs + 1, flags, },
+ [ K_##symbol ] = { #symbol, (nargs) + 1, flags, },
static struct {
const char *name;
diff --git a/libbacktrace/Android.mk b/libbacktrace/Android.mk
index 632b1b6..356ab8b 100644
--- a/libbacktrace/Android.mk
+++ b/libbacktrace/Android.mk
@@ -25,7 +25,9 @@
libbacktrace_common_cppflags := \
-std=gnu++11 \
- -I external/libunwind/include/tdep \
+
+libbacktrace_common_c_includes := \
+ external/libunwind/include/tdep \
# The latest clang (r230699) does not allow SP/PC to be declared in inline asm lists.
libbacktrace_common_clang_cflags += \
diff --git a/libbacktrace/GetPss.cpp b/libbacktrace/GetPss.cpp
index b4dc48d..6d750ea 100644
--- a/libbacktrace/GetPss.cpp
+++ b/libbacktrace/GetPss.cpp
@@ -24,7 +24,7 @@
// This is an extremely simplified version of libpagemap.
-#define _BITS(x, offset, bits) (((x) >> offset) & ((1LL << (bits)) - 1))
+#define _BITS(x, offset, bits) (((x) >> (offset)) & ((1LL << (bits)) - 1))
#define PAGEMAP_PRESENT(x) (_BITS(x, 63, 1))
#define PAGEMAP_SWAPPED(x) (_BITS(x, 62, 1))
diff --git a/libbacktrace/backtrace_test.cpp b/libbacktrace/backtrace_test.cpp
index df6c6c1..7066c79 100644
--- a/libbacktrace/backtrace_test.cpp
+++ b/libbacktrace/backtrace_test.cpp
@@ -1420,7 +1420,7 @@
#if defined(ENABLE_PSS_TESTS)
#include "GetPss.h"
-#define MAX_LEAK_BYTES 32*1024UL
+#define MAX_LEAK_BYTES (32*1024UL)
void CheckForLeak(pid_t pid, pid_t tid) {
// Do a few runs to get the PSS stable.
diff --git a/libbinderwrapper/real_binder_wrapper.h b/libbinderwrapper/real_binder_wrapper.h
index 1675432..fa05383 100644
--- a/libbinderwrapper/real_binder_wrapper.h
+++ b/libbinderwrapper/real_binder_wrapper.h
@@ -17,6 +17,8 @@
#ifndef SYSTEM_CORE_LIBBINDERWRAPPER_REAL_BINDER_WRAPPER_H_
#define SYSTEM_CORE_LIBBINDERWRAPPER_REAL_BINDER_WRAPPER_H_
+#include <map>
+
#include <base/macros.h>
#include <binderwrapper/binder_wrapper.h>
diff --git a/libcutils/Android.mk b/libcutils/Android.mk
index c0d4d76..822a7d3 100644
--- a/libcutils/Android.mk
+++ b/libcutils/Android.mk
@@ -17,9 +17,9 @@
include $(CLEAR_VARS)
libcutils_common_sources := \
- atomic.c.arm \
config_utils.c \
fs_config.c \
+ canned_fs_config.c \
hashmap.c \
iosched_policy.c \
load_file.c \
diff --git a/libcutils/ashmem-host.c b/libcutils/ashmem-host.c
index c85f06b..1f9f753 100644
--- a/libcutils/ashmem-host.c
+++ b/libcutils/ashmem-host.c
@@ -62,12 +62,12 @@
int ashmem_pin_region(int fd __unused, size_t offset __unused, size_t len __unused)
{
- return ASHMEM_NOT_PURGED;
+ return 0 /*ASHMEM_NOT_PURGED*/;
}
int ashmem_unpin_region(int fd __unused, size_t offset __unused, size_t len __unused)
{
- return ASHMEM_IS_UNPINNED;
+ return 0 /*ASHMEM_IS_UNPINNED*/;
}
int ashmem_get_size_region(int fd)
diff --git a/libcutils/canned_fs_config.c b/libcutils/canned_fs_config.c
new file mode 100644
index 0000000..5800857
--- /dev/null
+++ b/libcutils/canned_fs_config.c
@@ -0,0 +1,117 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <inttypes.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <limits.h>
+#include <stdlib.h>
+
+#include <private/android_filesystem_config.h>
+#include <private/canned_fs_config.h>
+
+typedef struct {
+ const char* path;
+ unsigned uid;
+ unsigned gid;
+ unsigned mode;
+ uint64_t capabilities;
+} Path;
+
+static Path* canned_data = NULL;
+static int canned_alloc = 0;
+static int canned_used = 0;
+
+static int path_compare(const void* a, const void* b) {
+ return strcmp(((Path*)a)->path, ((Path*)b)->path);
+}
+
+int load_canned_fs_config(const char* fn) {
+ FILE* f = fopen(fn, "r");
+ if (f == NULL) {
+ fprintf(stderr, "failed to open %s: %s\n", fn, strerror(errno));
+ return -1;
+ }
+
+ char line[PATH_MAX + 200];
+ while (fgets(line, sizeof(line), f)) {
+ while (canned_used >= canned_alloc) {
+ canned_alloc = (canned_alloc+1) * 2;
+ canned_data = (Path*) realloc(canned_data, canned_alloc * sizeof(Path));
+ }
+ Path* p = canned_data + canned_used;
+ p->path = strdup(strtok(line, " "));
+ p->uid = atoi(strtok(NULL, " "));
+ p->gid = atoi(strtok(NULL, " "));
+ p->mode = strtol(strtok(NULL, " "), NULL, 8); // mode is in octal
+ p->capabilities = 0;
+
+ char* token = NULL;
+ do {
+ token = strtok(NULL, " ");
+ if (token && strncmp(token, "capabilities=", 13) == 0) {
+ p->capabilities = strtoll(token+13, NULL, 0);
+ break;
+ }
+ } while (token);
+
+ canned_used++;
+ }
+
+ fclose(f);
+
+ qsort(canned_data, canned_used, sizeof(Path), path_compare);
+ printf("loaded %d fs_config entries\n", canned_used);
+
+ return 0;
+}
+
+static const int kDebugCannedFsConfig = 0;
+
+void canned_fs_config(const char* path, int dir, const char* target_out_path,
+ unsigned* uid, unsigned* gid, unsigned* mode, uint64_t* capabilities) {
+ Path key;
+ key.path = path;
+ if (path[0] == '/')
+ key.path++; // canned paths lack the leading '/'
+ Path* p = (Path*) bsearch(&key, canned_data, canned_used, sizeof(Path), path_compare);
+ if (p == NULL) {
+ fprintf(stderr, "failed to find [%s] in canned fs_config\n", path);
+ exit(1);
+ }
+ *uid = p->uid;
+ *gid = p->gid;
+ *mode = p->mode;
+ *capabilities = p->capabilities;
+
+ if (kDebugCannedFsConfig) {
+ // for debugging, run the built-in fs_config and compare the results.
+
+ unsigned c_uid, c_gid, c_mode;
+ uint64_t c_capabilities;
+ fs_config(path, dir, target_out_path, &c_uid, &c_gid, &c_mode, &c_capabilities);
+
+ if (c_uid != *uid) printf("%s uid %d %d\n", path, *uid, c_uid);
+ if (c_gid != *gid) printf("%s gid %d %d\n", path, *gid, c_gid);
+ if (c_mode != *mode) printf("%s mode 0%o 0%o\n", path, *mode, c_mode);
+ if (c_capabilities != *capabilities)
+ printf("%s capabilities %" PRIx64 " %" PRIx64 "\n",
+ path,
+ *capabilities,
+ c_capabilities);
+ }
+}
diff --git a/libcutils/strdup8to16.c b/libcutils/strdup8to16.c
index 63e5ca4..c23cf8b 100644
--- a/libcutils/strdup8to16.c
+++ b/libcutils/strdup8to16.c
@@ -27,7 +27,7 @@
#define UTF16_REPLACEMENT_CHAR 0xfffd
/* Clever trick from Dianne that returns 1-4 depending on leading bit sequence*/
-#define UTF8_SEQ_LENGTH(ch) (((0xe5000000 >> ((ch >> 3) & 0x1e)) & 3) + 1)
+#define UTF8_SEQ_LENGTH(ch) (((0xe5000000 >> (((ch) >> 3) & 0x1e)) & 3) + 1)
/* note: macro expands to multiple lines */
#define UTF8_SHIFT_AND_MASK(unicode, byte) \
diff --git a/libion/kernel-headers/linux/ion.h b/libion/kernel-headers/linux/ion.h
index 5af39d0..3c28080 100644
--- a/libion/kernel-headers/linux/ion.h
+++ b/libion/kernel-headers/linux/ion.h
@@ -38,7 +38,7 @@
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define ION_HEAP_CARVEOUT_MASK (1 << ION_HEAP_TYPE_CARVEOUT)
#define ION_HEAP_TYPE_DMA_MASK (1 << ION_HEAP_TYPE_DMA)
-#define ION_NUM_HEAP_IDS sizeof(unsigned int) * 8
+#define ION_NUM_HEAP_IDS (sizeof(unsigned int) * 8)
#define ION_FLAG_CACHED 1
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
#define ION_FLAG_CACHED_NEEDS_SYNC 2
diff --git a/liblog/Android.bp b/liblog/Android.bp
index 7a95dbd..81a510e 100644
--- a/liblog/Android.bp
+++ b/liblog/Android.bp
@@ -24,7 +24,6 @@
]
liblog_host_sources = [
"fake_log_device.c",
- //"event.logtags",
"fake_writer.c",
]
liblog_target_sources = [
@@ -87,6 +86,7 @@
"-DLIBLOG_LOG_TAG=1005",
"-DSNET_EVENT_LOG_TAG=1397638484",
],
+ logtags: ["event.logtags"],
compile_multilib: "both",
stl: "none",
}
diff --git a/liblog/Android.mk b/liblog/Android.mk
deleted file mode 100644
index b24b489..0000000
--- a/liblog/Android.mk
+++ /dev/null
@@ -1,85 +0,0 @@
-#
-# Copyright (C) 2008-2014 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-LOCAL_PATH := $(my-dir)
-include $(CLEAR_VARS)
-
-# This is what we want to do:
-# liblog_cflags := $(shell \
-# sed -n \
-# 's/^\([0-9]*\)[ \t]*liblog[ \t].*/-DLIBLOG_LOG_TAG=\1/p' \
-# $(LOCAL_PATH)/event.logtags)
-# so make sure we do not regret hard-coding it as follows:
-liblog_cflags := -DLIBLOG_LOG_TAG=1005
-liblog_cflags += -DSNET_EVENT_LOG_TAG=1397638484
-
-liblog_sources := log_event_list.c log_event_write.c logger_write.c
-liblog_sources += config_write.c logger_name.c logger_lock.c
-liblog_host_sources := $(liblog_sources) fake_log_device.c event.logtags
-liblog_host_sources += fake_writer.c
-liblog_target_sources := $(liblog_sources) event_tag_map.c
-liblog_target_sources += config_read.c log_time.cpp log_is_loggable.c logprint.c
-liblog_target_sources += pmsg_reader.c pmsg_writer.c
-liblog_target_sources += logd_reader.c logd_writer.c logger_read.c
-
-# Shared and static library for host
-# ========================================================
-LOCAL_MODULE := liblog
-LOCAL_SRC_FILES := $(liblog_host_sources)
-# some files must not be compiled when building against Mingw
-# they correspond to features not used by our host development tools
-# which are also hard or even impossible to port to native Win32
-LOCAL_SRC_FILES_darwin := event_tag_map.c
-LOCAL_SRC_FILES_linux := event_tag_map.c
-LOCAL_SRC_FILES_windows := uio.c
-LOCAL_CFLAGS := -DFAKE_LOG_DEVICE=1 -Werror -fvisibility=hidden $(liblog_cflags)
-LOCAL_MULTILIB := both
-LOCAL_MODULE_HOST_OS := darwin linux windows
-include $(BUILD_HOST_STATIC_LIBRARY)
-
-include $(CLEAR_VARS)
-LOCAL_MODULE := liblog
-LOCAL_WHOLE_STATIC_LIBRARIES := liblog
-LOCAL_LDLIBS_linux := -lrt
-LOCAL_MULTILIB := both
-LOCAL_CXX_STL := none
-LOCAL_MODULE_HOST_OS := darwin linux windows
-include $(BUILD_HOST_SHARED_LIBRARY)
-
-
-# Shared and static library for target
-# ========================================================
-include $(CLEAR_VARS)
-LOCAL_MODULE := liblog
-LOCAL_SRC_FILES := $(liblog_target_sources)
-LOCAL_CFLAGS := -Werror -fvisibility=hidden $(liblog_cflags)
-# AddressSanitizer runtime library depends on liblog.
-LOCAL_SANITIZE := never
-include $(BUILD_STATIC_LIBRARY)
-
-include $(CLEAR_VARS)
-LOCAL_MODULE := liblog
-LOCAL_WHOLE_STATIC_LIBRARIES := liblog
-LOCAL_CFLAGS := -Werror -fvisibility=hidden $(liblog_cflags)
-
-# TODO: This is to work around b/24465209. Remove after root cause is fixed
-LOCAL_LDFLAGS_arm := -Wl,--hash-style=both
-
-LOCAL_SANITIZE := never
-LOCAL_CXX_STL := none
-
-include $(BUILD_SHARED_LIBRARY)
-
-include $(call first-makefiles-under,$(LOCAL_PATH))
diff --git a/liblog/Android.soong.mk b/liblog/Android.soong.mk
new file mode 100644
index 0000000..6c4dff5
--- /dev/null
+++ b/liblog/Android.soong.mk
@@ -0,0 +1,3 @@
+LOCAL_PATH := $(my-dir)
+
+include $(call first-makefiles-under,$(LOCAL_PATH))
diff --git a/liblog/config_read.h b/liblog/config_read.h
index 67f4c20..49a3b75 100644
--- a/liblog/config_read.h
+++ b/liblog/config_read.h
@@ -27,21 +27,21 @@
extern LIBLOG_HIDDEN struct listnode __android_log_persist_read;
#define read_transport_for_each(transp, transports) \
- for (transp = node_to_item((transports)->next, \
+ for ((transp) = node_to_item((transports)->next, \
struct android_log_transport_read, node); \
- (transp != node_to_item(transports, \
+ ((transp) != node_to_item(transports, \
struct android_log_transport_read, node)); \
- transp = node_to_item(transp->node.next, \
+ (transp) = node_to_item((transp)->node.next, \
struct android_log_transport_read, node)) \
#define read_transport_for_each_safe(transp, n, transports) \
- for (transp = node_to_item((transports)->next, \
+ for ((transp) = node_to_item((transports)->next, \
struct android_log_transport_read, node), \
- n = transp->node.next; \
- (transp != node_to_item(transports, \
+ (n) = (transp)->node.next; \
+ ((transp) != node_to_item(transports, \
struct android_log_transport_read, node)); \
- transp = node_to_item(n, struct android_log_transport_read, node), \
- n = transp->node.next)
+ (transp) = node_to_item(n, struct android_log_transport_read, node), \
+ (n) = (transp)->node.next)
LIBLOG_HIDDEN void __android_log_config_read();
diff --git a/liblog/config_write.h b/liblog/config_write.h
index 3a02a4e..3b01a9a 100644
--- a/liblog/config_write.h
+++ b/liblog/config_write.h
@@ -27,21 +27,21 @@
extern LIBLOG_HIDDEN struct listnode __android_log_persist_write;
#define write_transport_for_each(transp, transports) \
- for (transp = node_to_item((transports)->next, \
- struct android_log_transport_write, node); \
- (transp != node_to_item(transports, \
+ for ((transp) = node_to_item((transports)->next, \
+ struct android_log_transport_write, node); \
+ ((transp) != node_to_item(transports, \
struct android_log_transport_write, node)); \
- transp = node_to_item(transp->node.next, \
- struct android_log_transport_write, node)) \
+ (transp) = node_to_item((transp)->node.next, \
+ struct android_log_transport_write, node)) \
#define write_transport_for_each_safe(transp, n, transports) \
- for (transp = node_to_item((transports)->next, \
- struct android_log_transport_write, node), \
- n = transp->node.next; \
- (transp != node_to_item(transports, \
- struct android_log_transport_write, node)); \
- transp = node_to_item(n, struct android_log_transport_write, node), \
- n = transp->node.next)
+ for ((transp) = node_to_item((transports)->next, \
+ struct android_log_transport_write, node), \
+ (n) = (transp)->node.next; \
+ ((transp) != node_to_item(transports, \
+ struct android_log_transport_write, node)); \
+ (transp) = node_to_item(n, struct android_log_transport_write, node), \
+ (n) = (transp)->node.next)
LIBLOG_HIDDEN void __android_log_config_write();
diff --git a/liblog/logger.h b/liblog/logger.h
index c727f29..5087256 100644
--- a/liblog/logger.h
+++ b/liblog/logger.h
@@ -124,23 +124,23 @@
/* assumes caller has structures read-locked, single threaded, or fenced */
#define transport_context_for_each(transp, logger_list) \
- for (transp = node_to_item((logger_list)->transport.next, \
+ for ((transp) = node_to_item((logger_list)->transport.next, \
struct android_log_transport_context, \
node); \
- (transp != node_to_item(&(logger_list)->transport, \
+ ((transp) != node_to_item(&(logger_list)->transport, \
struct android_log_transport_context, \
node)) && \
- (transp->parent == (logger_list)); \
- transp = node_to_item(transp->node.next, \
+ ((transp)->parent == (logger_list)); \
+ (transp) = node_to_item((transp)->node.next, \
struct android_log_transport_context, node))
#define logger_for_each(logp, logger_list) \
- for (logp = node_to_item((logger_list)->logger.next, \
+ for ((logp) = node_to_item((logger_list)->logger.next, \
struct android_log_logger, node); \
- (logp != node_to_item(&(logger_list)->logger, \
+ ((logp) != node_to_item(&(logger_list)->logger, \
struct android_log_logger, node)) && \
- (logp->parent == (logger_list)); \
- logp = node_to_item((logp)->node.next, \
+ ((logp)->parent == (logger_list)); \
+ (logp) = node_to_item((logp)->node.next, \
struct android_log_logger, node))
/* OS specific dribs and drabs */
diff --git a/liblog/logger_read.c b/liblog/logger_read.c
index 0d6ba08..00157b7 100644
--- a/liblog/logger_read.c
+++ b/liblog/logger_read.c
@@ -125,7 +125,7 @@
ssize_t ret = -EINVAL; \
struct android_log_transport_context *transp; \
struct android_log_logger *logger_internal = \
- (struct android_log_logger *)logger; \
+ (struct android_log_logger *)(logger); \
\
if (!logger_internal) { \
return ret; \
@@ -186,7 +186,7 @@
#define LOGGER_LIST_FUNCTION(logger_list, def, func, args...) \
struct android_log_transport_context *transp; \
struct android_log_logger_list *logger_list_internal = \
- (struct android_log_logger_list *)logger_list; \
+ (struct android_log_logger_list *)(logger_list); \
\
ssize_t ret = init_transport_context(logger_list_internal); \
if (ret < 0) { \
@@ -341,6 +341,43 @@
return logger_list;
}
+/* Validate log_msg packet, read function has already been null checked */
+static int android_transport_read(struct android_log_logger_list *logger_list,
+ struct android_log_transport_context *transp,
+ struct log_msg *log_msg)
+{
+ int ret = (*transp->transport->read)(logger_list, transp, log_msg);
+
+ if (ret > (int)sizeof(*log_msg)) {
+ ret = sizeof(*log_msg);
+ }
+
+ transp->ret = ret;
+
+ /* propagate errors, or make sure len & hdr_size members visible */
+ if (ret < (int)(sizeof(log_msg->entry.len) +
+ sizeof(log_msg->entry.hdr_size))) {
+ if (ret >= (int)sizeof(log_msg->entry.len)) {
+ log_msg->entry.len = 0;
+ }
+ return ret;
+ }
+
+ /* hdr_size correction (logger_entry -> logger_entry_v2+ conversion) */
+ if (log_msg->entry_v2.hdr_size == 0) {
+ log_msg->entry_v2.hdr_size = sizeof(struct logger_entry);
+ }
+
+ /* len validation */
+ if (ret <= log_msg->entry_v2.hdr_size) {
+ log_msg->entry.len = 0;
+ } else {
+ log_msg->entry.len = ret - log_msg->entry_v2.hdr_size;
+ }
+
+ return ret;
+}
+
/* Read from the selected logs */
LIBLOG_ABI_PUBLIC int android_logger_list_read(struct logger_list *logger_list,
struct log_msg *log_msg)
@@ -378,7 +415,7 @@
} else if ((logger_list_internal->mode &
ANDROID_LOG_NONBLOCK) ||
!transp->transport->poll) {
- retval = transp->ret = (*transp->transport->read)(
+ retval = android_transport_read(
logger_list_internal,
transp,
&transp->logMsg);
@@ -397,7 +434,7 @@
}
retval = transp->ret = pollval;
} else if (pollval > 0) {
- retval = transp->ret = (*transp->transport->read)(
+ retval = android_transport_read(
logger_list_internal,
transp,
&transp->logMsg);
@@ -434,16 +471,22 @@
if (!oldest) {
return ret;
}
- memcpy(log_msg, &oldest->logMsg, oldest->logMsg.entry.len +
- (oldest->logMsg.entry.hdr_size ?
- oldest->logMsg.entry.hdr_size :
- sizeof(struct logger_entry)));
+ // ret is a positive value less than sizeof(struct log_msg)
+ ret = oldest->ret;
+ if (ret < oldest->logMsg.entry.hdr_size) {
+ // zero truncated header fields.
+ memset(log_msg, 0,
+ (oldest->logMsg.entry.hdr_size > sizeof(oldest->logMsg) ?
+ sizeof(oldest->logMsg) :
+ oldest->logMsg.entry.hdr_size));
+ }
+ memcpy(log_msg, &oldest->logMsg, ret);
oldest->logMsg.entry.len = 0; /* Mark it as copied */
- return oldest->ret;
+ return ret;
}
/* if only one, no need to copy into transport_context and merge-sort */
- return (transp->transport->read)(logger_list_internal, transp, log_msg);
+ return android_transport_read(logger_list_internal, transp, log_msg);
}
/* Close all the logs */
diff --git a/liblog/pmsg_reader.c b/liblog/pmsg_reader.c
index f5e91c8..2e4fc5d 100644
--- a/liblog/pmsg_reader.c
+++ b/liblog/pmsg_reader.c
@@ -227,7 +227,7 @@
log_msg->entry_v4.uid = buf.p.uid;
}
- return ret;
+ return ret + log_msg->entry_v4.hdr_size;
}
}
diff --git a/liblog/tests/benchmark.h b/liblog/tests/benchmark.h
index 7f96e6d..57b3748 100644
--- a/liblog/tests/benchmark.h
+++ b/liblog/tests/benchmark.h
@@ -141,7 +141,7 @@
void StopBenchmarkTiming(uint64_t);
#define BENCHMARK(f) \
- static ::testing::Benchmark* _benchmark_##f __attribute__((unused)) = \
- (::testing::Benchmark*)::testing::BenchmarkFactory(#f, f)
+ static ::testing::Benchmark* _benchmark_##f __attribute__((unused)) = /* NOLINT */ \
+ (::testing::Benchmark*)::testing::BenchmarkFactory(#f, f) /* NOLINT */
#endif // BIONIC_BENCHMARK_H_
diff --git a/liblog/tests/liblog_test.cpp b/liblog/tests/liblog_test.cpp
index 1a7d4aa..df2c766 100644
--- a/liblog/tests/liblog_test.cpp
+++ b/liblog/tests/liblog_test.cpp
@@ -1368,6 +1368,7 @@
snprintf(key, sizeof(key), "%s%s", log_namespace, tag);
fprintf(stderr, "i=%zu j=%zu property_set(\"%s\",\"%s\")\r",
i, j, key, buf);
+ usleep(20000);
property_set(key, buf);
bool android_log_is_loggable = __android_log_is_loggable(
levels[i].level, tag, ANDROID_LOG_DEBUG);
@@ -1393,6 +1394,7 @@
levels[i].level, tag, ANDROID_LOG_DEBUG));
}
}
+ usleep(20000);
property_set(key, "");
fprintf(stderr, "i=%zu j=%zu property_set(\"%s\",\"%s\")\r",
@@ -1422,6 +1424,7 @@
levels[i].level, tag, ANDROID_LOG_DEBUG));
}
}
+ usleep(20000);
property_set(key + base_offset, "");
strcpy(key, log_namespace);
@@ -1453,6 +1456,7 @@
levels[i].level, tag, ANDROID_LOG_DEBUG));
}
}
+ usleep(20000);
property_set(key, "");
fprintf(stderr, "i=%zu j=%zu property_set(\"%s\",\"%s\")\r",
@@ -1482,6 +1486,7 @@
levels[i].level, tag, ANDROID_LOG_DEBUG));
}
}
+ usleep(20000);
property_set(key + base_offset, "");
}
}
@@ -1489,6 +1494,7 @@
// All combinations of level and tag properties, but with global set to INFO
strcpy(key, log_namespace);
key[sizeof(log_namespace) - 2] = '\0';
+ usleep(20000);
property_set(key, "I");
snprintf(key, sizeof(key), "%s%s", log_namespace, tag);
for(size_t i = 0; i < (sizeof(levels) / sizeof(levels[0])); ++i) {
@@ -1502,6 +1508,7 @@
fprintf(stderr, "i=%zu j=%zu property_set(\"%s\",\"%s\")\r",
i, j, key, buf);
+ usleep(20000);
property_set(key, buf);
bool android_log_is_loggable = __android_log_is_loggable(
levels[i].level, tag, ANDROID_LOG_DEBUG);
@@ -1527,6 +1534,7 @@
levels[i].level, tag, ANDROID_LOG_DEBUG));
}
}
+ usleep(20000);
property_set(key, "");
fprintf(stderr, "i=%zu j=%zu property_set(\"%s\",\"%s\")\r",
@@ -1556,12 +1564,14 @@
levels[i].level, tag, ANDROID_LOG_DEBUG));
}
}
+ usleep(20000);
property_set(key + base_offset, "");
}
}
// reset parms
snprintf(key, sizeof(key), "%s%s", log_namespace, tag);
+ usleep(20000);
property_set(key, hold[0]);
property_set(key + base_offset, hold[1]);
strcpy(key, log_namespace);
diff --git a/libmemtrack/memtrack.c b/libmemtrack/memtrack.c
index 21d9ebd..b528214 100644
--- a/libmemtrack/memtrack.c
+++ b/libmemtrack/memtrack.c
@@ -26,7 +26,7 @@
#include <hardware/memtrack.h>
-#define ARRAY_SIZE(x) (sizeof(x)/sizeof(x[0]))
+#define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)[0]))
static const memtrack_module_t *module;
diff --git a/libmemunreachable/tests/LeakFolding_test.cpp b/libmemunreachable/tests/LeakFolding_test.cpp
index 879a3a0..e85df5f 100644
--- a/libmemunreachable/tests/LeakFolding_test.cpp
+++ b/libmemunreachable/tests/LeakFolding_test.cpp
@@ -37,10 +37,10 @@
Heap heap_;
};
-#define buffer_begin(buffer) reinterpret_cast<uintptr_t>(&buffer[0])
-#define buffer_end(buffer) (reinterpret_cast<uintptr_t>(&buffer[0]) + sizeof(buffer))
+#define buffer_begin(buffer) reinterpret_cast<uintptr_t>(&(buffer)[0])
+#define buffer_end(buffer) (reinterpret_cast<uintptr_t>(&(buffer)[0]) + sizeof(buffer))
#define ALLOCATION(heap_walker, buffer) \
- ASSERT_EQ(true, heap_walker.Allocation(buffer_begin(buffer), buffer_end(buffer)))
+ ASSERT_EQ(true, (heap_walker).Allocation(buffer_begin(buffer), buffer_end(buffer)))
TEST_F(LeakFoldingTest, one) {
void* buffer1[1] = {nullptr};
diff --git a/libnativebridge/Android.mk b/libnativebridge/Android.mk
index d20d44c..b88621e 100644
--- a/libnativebridge/Android.mk
+++ b/libnativebridge/Android.mk
@@ -10,12 +10,11 @@
LOCAL_MODULE:= libnativebridge
LOCAL_SRC_FILES:= $(NATIVE_BRIDGE_COMMON_SRC_FILES)
-LOCAL_SHARED_LIBRARIES := liblog
+LOCAL_SHARED_LIBRARIES := liblog libdl
LOCAL_CLANG := true
LOCAL_CPP_EXTENSION := .cc
LOCAL_CFLAGS += -Werror -Wall
LOCAL_CPPFLAGS := -std=gnu++11 -fvisibility=protected
-LOCAL_LDFLAGS := -ldl
LOCAL_MULTILIB := both
include $(BUILD_SHARED_LIBRARY)
diff --git a/libnativebridge/tests/Android.nativebridge-dummy.mk b/libnativebridge/tests/Android.nativebridge-dummy.mk
index 2efc176..551765a 100644
--- a/libnativebridge/tests/Android.nativebridge-dummy.mk
+++ b/libnativebridge/tests/Android.nativebridge-dummy.mk
@@ -13,7 +13,7 @@
LOCAL_CLANG := true
LOCAL_CFLAGS += -Werror -Wall
LOCAL_CPPFLAGS := -std=gnu++11 -fvisibility=protected
-LOCAL_LDFLAGS := -ldl
+LOCAL_SHARED_LIBRARIES := libdl
LOCAL_MULTILIB := both
include $(BUILD_SHARED_LIBRARY)
@@ -49,7 +49,7 @@
LOCAL_CLANG := true
LOCAL_CFLAGS += -Werror -Wall
LOCAL_CPPFLAGS := -std=gnu++11 -fvisibility=protected
-LOCAL_LDFLAGS := -ldl
+LOCAL_SHARED_LIBRARIES := libdl
LOCAL_MULTILIB := both
include $(BUILD_SHARED_LIBRARY)
diff --git a/libnativeloader/Android.mk b/libnativeloader/Android.mk
index 6c064c7..c81c671 100644
--- a/libnativeloader/Android.mk
+++ b/libnativeloader/Android.mk
@@ -1,21 +1,22 @@
LOCAL_PATH:= $(call my-dir)
-NATIVE_LOADER_COMMON_SRC_FILES := \
+native_loader_common_src_files := \
native_loader.cpp
+native_loader_common_cflags := -Werror -Wall
+
# Shared library for target
# ========================================================
include $(CLEAR_VARS)
LOCAL_MODULE:= libnativeloader
-LOCAL_SRC_FILES:= $(NATIVE_LOADER_COMMON_SRC_FILES)
-LOCAL_SHARED_LIBRARIES := libnativehelper liblog libcutils
+LOCAL_SRC_FILES:= $(native_loader_common_src_files)
+LOCAL_SHARED_LIBRARIES := libnativehelper liblog libcutils libdl
LOCAL_STATIC_LIBRARIES := libbase
LOCAL_CLANG := true
-LOCAL_CFLAGS += -Werror -Wall
+LOCAL_CFLAGS := $(native_loader_common_cflags)
LOCAL_CPPFLAGS := -std=gnu++14 -fvisibility=hidden
-LOCAL_LDFLAGS := -ldl
LOCAL_MULTILIB := both
LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include
LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
@@ -27,11 +28,11 @@
LOCAL_MODULE:= libnativeloader
-LOCAL_SRC_FILES:= $(NATIVE_LOADER_COMMON_SRC_FILES)
+LOCAL_SRC_FILES:= $(native_loader_common_src_files)
LOCAL_SHARED_LIBRARIES := libnativehelper liblog libcutils
LOCAL_STATIC_LIBRARIES := libbase
LOCAL_CLANG := true
-LOCAL_CFLAGS += -Werror -Wall
+LOCAL_CFLAGS := $(native_loader_common_cflags)
LOCAL_CPPFLAGS := -std=gnu++14 -fvisibility=hidden
LOCAL_LDFLAGS := -ldl
LOCAL_MULTILIB := both
@@ -45,10 +46,10 @@
LOCAL_MODULE:= libnativeloader
-LOCAL_SRC_FILES:= $(NATIVE_LOADER_COMMON_SRC_FILES)
+LOCAL_SRC_FILES:= $(native_loader_common_src_files)
LOCAL_STATIC_LIBRARIES := libnativehelper libcutils liblog libbase
LOCAL_CLANG := true
-LOCAL_CFLAGS += -Werror -Wall
+LOCAL_CFLAGS := $(native_loader_common_cflags)
LOCAL_CPPFLAGS := -std=gnu++14 -fvisibility=hidden
LOCAL_LDFLAGS := -ldl
LOCAL_MULTILIB := both
diff --git a/libnativeloader/dlext_namespaces.h b/libnativeloader/dlext_namespaces.h
new file mode 100644
index 0000000..13a44e2
--- /dev/null
+++ b/libnativeloader/dlext_namespaces.h
@@ -0,0 +1,91 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __ANDROID_DLEXT_NAMESPACES_H__
+#define __ANDROID_DLEXT_NAMESPACES_H__
+
+#include <android/dlext.h>
+
+__BEGIN_DECLS
+
+/*
+ * Initializes public and anonymous namespaces. The public_ns_sonames is the list of sonames
+ * to be included into public namespace separated by colon. Example: "libc.so:libm.so:libdl.so".
+ * The libraries in this list should be loaded prior to this call.
+ *
+ * The anon_ns_library_path is the search path for anonymous namespace. The anonymous namespace
+ * is used in the case when linker cannot identify the caller of dlopen/dlsym. This happens
+ * for the code not loaded by dynamic linker; for example calls from the mono-compiled code.
+ */
+extern bool android_init_namespaces(const char* public_ns_sonames,
+ const char* anon_ns_library_path);
+
+
+enum {
+ /* A regular namespace is the namespace with a custom search path that does
+ * not impose any restrictions on the location of native libraries.
+ */
+ ANDROID_NAMESPACE_TYPE_REGULAR = 0,
+
+ /* An isolated namespace requires all the libraries to be on the search path
+ * or under permitted_when_isolated_path. The search path is the union of
+ * ld_library_path and default_library_path.
+ */
+ ANDROID_NAMESPACE_TYPE_ISOLATED = 1,
+
+ /* The shared namespace clones the list of libraries of the caller namespace upon creation
+ * which means that they are shared between namespaces - the caller namespace and the new one
+ * will use the same copy of a library if it was loaded prior to android_create_namespace call.
+ *
+ * Note that libraries loaded after the namespace is created will not be shared.
+ *
+ * Shared namespaces can be isolated or regular. Note that they do not inherit the search path nor
+ * permitted_path from the caller's namespace.
+ */
+ ANDROID_NAMESPACE_TYPE_SHARED = 2,
+ ANDROID_NAMESPACE_TYPE_SHARED_ISOLATED = ANDROID_NAMESPACE_TYPE_SHARED |
+ ANDROID_NAMESPACE_TYPE_ISOLATED,
+};
+
+/*
+ * Creates new linker namespace.
+ * ld_library_path and default_library_path represent the search path
+ * for the libraries in the namespace.
+ *
+ * The libraries in the namespace are searched by folowing order:
+ * 1. ld_library_path (Think of this as namespace-local LD_LIBRARY_PATH)
+ * 2. In directories specified by DT_RUNPATH of the "needed by" binary.
+ * 3. deault_library_path (This of this as namespace-local default library path)
+ *
+ * When type is ANDROID_NAMESPACE_TYPE_ISOLATED the resulting namespace requires all of
+ * the libraries to be on the search path or under the permitted_when_isolated_path;
+ * the search_path is ld_library_path:default_library_path. Note that the
+ * permitted_when_isolated_path path is not part of the search_path and
+ * does not affect the search order. It is a way to allow loading libraries from specific
+ * locations when using absolute path.
+ * If a library or any of its dependencies are outside of the permitted_when_isolated_path
+ * and search_path, and it is not part of the public namespace dlopen will fail.
+ */
+extern struct android_namespace_t* android_create_namespace(const char* name,
+ const char* ld_library_path,
+ const char* default_library_path,
+ uint64_t type,
+ const char* permitted_when_isolated_path,
+ android_namespace_t* parent);
+
+__END_DECLS
+
+#endif /* __ANDROID_DLEXT_NAMESPACES_H__ */
diff --git a/libnativeloader/include/nativeloader/native_loader.h b/libnativeloader/include/nativeloader/native_loader.h
index 1bd3b8f..2a6aaec 100644
--- a/libnativeloader/include/nativeloader/native_loader.h
+++ b/libnativeloader/include/nativeloader/native_loader.h
@@ -43,6 +43,9 @@
jobject class_loader,
jstring library_path);
+__attribute__((visibility("default")))
+bool CloseNativeLibrary(void* handle);
+
#if defined(__ANDROID__)
// Look up linker namespace by class_loader. Returns nullptr if
// there is no namespace associated with the class_loader.
@@ -50,6 +53,9 @@
android_namespace_t* FindNamespaceByClassLoader(JNIEnv* env, jobject class_loader);
#endif
+__attribute__((visibility("default")))
+void ResetNativeLoader();
+
}; // namespace android
#endif // NATIVE_BRIDGE_H_
diff --git a/libnativeloader/native_loader.cpp b/libnativeloader/native_loader.cpp
index e20c823..713a59d 100644
--- a/libnativeloader/native_loader.cpp
+++ b/libnativeloader/native_loader.cpp
@@ -19,7 +19,7 @@
#include <dlfcn.h>
#ifdef __ANDROID__
-#include <android/dlext.h>
+#include "dlext_namespaces.h"
#include "cutils/properties.h"
#include "log/log.h"
#endif
@@ -39,6 +39,17 @@
static constexpr const char* kPublicNativeLibrariesSystemConfigPathFromRoot = "/etc/public.libraries.txt";
static constexpr const char* kPublicNativeLibrariesVendorConfig = "/vendor/etc/public.libraries.txt";
+// (http://b/27588281) This is a workaround for apps using custom classloaders and calling
+// System.load() with an absolute path which is outside of the classloader library search path.
+// This list includes all directories app is allowed to access this way.
+static constexpr const char* kWhitelistedDirectories = "/data:/mnt/expand";
+
+static bool is_debuggable() {
+ char debuggable[PROP_VALUE_MAX];
+ property_get("ro.debuggable", debuggable, "0");
+ return std::string(debuggable) == "1";
+}
+
class LibraryNamespaces {
public:
LibraryNamespaces() : initialized_(false) { }
@@ -48,12 +59,26 @@
bool is_shared,
jstring java_library_path,
jstring java_permitted_path) {
- ScopedUtfChars library_path(env, java_library_path);
+ std::string library_path; // empty string by default.
- std::string permitted_path;
+ if (java_library_path != nullptr) {
+ ScopedUtfChars library_path_utf_chars(env, java_library_path);
+ library_path = library_path_utf_chars.c_str();
+ }
+
+ // (http://b/27588281) This is a workaround for apps using custom
+ // classloaders and calling System.load() with an absolute path which
+ // is outside of the classloader library search path.
+ //
+ // This part effectively allows such a classloader to access anything
+ // under /data and /mnt/expand
+ std::string permitted_path = kWhitelistedDirectories;
+
if (java_permitted_path != nullptr) {
ScopedUtfChars path(env, java_permitted_path);
- permitted_path = path.c_str();
+ if (path.c_str() != nullptr && path.size() > 0) {
+ permitted_path = permitted_path + ":" + path.c_str();
+ }
}
if (!initialized_ && !InitPublicNamespace(library_path.c_str())) {
@@ -70,13 +95,14 @@
namespace_type |= ANDROID_NAMESPACE_TYPE_SHARED;
}
+ android_namespace_t* parent_ns = FindParentNamespaceByClassLoader(env, class_loader);
+
ns = android_create_namespace("classloader-namespace",
nullptr,
library_path.c_str(),
namespace_type,
- java_permitted_path != nullptr ?
- permitted_path.c_str() :
- nullptr);
+ permitted_path.c_str(),
+ parent_ns);
if (ns != nullptr) {
namespaces_.push_back(std::make_pair(env->NewWeakGlobalRef(class_loader), ns));
@@ -94,6 +120,13 @@
}
void Initialize() {
+ // Once public namespace is initialized there is no
+ // point in running this code - it will have no effect
+ // on the current list of public libraries.
+ if (initialized_) {
+ return;
+ }
+
std::vector<std::string> sonames;
const char* android_root_env = getenv("ANDROID_ROOT");
std::string root_dir = android_root_env != nullptr ? android_root_env : "/system";
@@ -103,6 +136,19 @@
LOG_ALWAYS_FATAL_IF(!ReadConfig(public_native_libraries_system_config, &sonames),
"Error reading public native library list from \"%s\": %s",
public_native_libraries_system_config.c_str(), strerror(errno));
+
+ // For debuggable platform builds use ANDROID_ADDITIONAL_PUBLIC_LIBRARIES environment
+ // variable to add libraries to the list. This is intended for platform tests only.
+ if (is_debuggable()) {
+ const char* additional_libs = getenv("ANDROID_ADDITIONAL_PUBLIC_LIBRARIES");
+ if (additional_libs != nullptr && additional_libs[0] != '\0') {
+ std::vector<std::string> additional_libs_vector = base::Split(additional_libs, ":");
+ std::copy(additional_libs_vector.begin(),
+ additional_libs_vector.end(),
+ std::back_inserter(sonames));
+ }
+ }
+
// This file is optional, quietly ignore if the file does not exist.
ReadConfig(kPublicNativeLibrariesVendorConfig, &sonames);
@@ -121,6 +167,10 @@
public_libraries_ = base::Join(sonames, ':');
}
+ void Reset() {
+ namespaces_.clear();
+ }
+
private:
bool ReadConfig(const std::string& configFile, std::vector<std::string>* sonames) {
// Read list of public native libraries from the config file.
@@ -153,6 +203,29 @@
return initialized_;
}
+ jobject GetParentClassLoader(JNIEnv* env, jobject class_loader) {
+ jclass class_loader_class = env->FindClass("java/lang/ClassLoader");
+ jmethodID get_parent = env->GetMethodID(class_loader_class,
+ "getParent",
+ "()Ljava/lang/ClassLoader;");
+
+ return env->CallObjectMethod(class_loader, get_parent);
+ }
+
+ android_namespace_t* FindParentNamespaceByClassLoader(JNIEnv* env, jobject class_loader) {
+ jobject parent_class_loader = GetParentClassLoader(env, class_loader);
+
+ while (parent_class_loader != nullptr) {
+ android_namespace_t* ns = FindNamespaceByClassLoader(env, parent_class_loader);
+ if (ns != nullptr) {
+ return ns;
+ }
+
+ parent_class_loader = GetParentClassLoader(env, parent_class_loader);
+ }
+ return nullptr;
+ }
+
bool initialized_;
std::vector<std::pair<jweak, android_namespace_t*>> namespaces_;
std::string public_libraries_;
@@ -172,6 +245,12 @@
#endif
}
+void ResetNativeLoader() {
+#if defined(__ANDROID__)
+ std::lock_guard<std::mutex> guard(g_namespaces_mutex);
+ g_namespaces->Reset();
+#endif
+}
jstring CreateClassLoaderNamespace(JNIEnv* env,
int32_t target_sdk_version,
@@ -231,6 +310,10 @@
#endif
}
+bool CloseNativeLibrary(void* handle) {
+ return dlclose(handle) == 0;
+}
+
#if defined(__ANDROID__)
android_namespace_t* FindNamespaceByClassLoader(JNIEnv* env, jobject class_loader) {
std::lock_guard<std::mutex> guard(g_namespaces_mutex);
diff --git a/libnetutils/dhcp_utils.c b/libnetutils/dhcp_utils.c
index c6b9fe4..56e1d59 100644
--- a/libnetutils/dhcp_utils.c
+++ b/libnetutils/dhcp_utils.c
@@ -243,12 +243,8 @@
property_set(result_prop_name, "");
/* Start the daemon and wait until it's ready */
- if (property_get(HOSTNAME_PROP_NAME, prop_value, NULL) && (prop_value[0] != '\0'))
- snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s:-f %s -h %s %s", DAEMON_NAME,
- p2p_interface, DHCP_CONFIG_PATH, prop_value, interface);
- else
- snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s:-f %s %s", DAEMON_NAME,
- p2p_interface, DHCP_CONFIG_PATH, interface);
+ snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s", DAEMON_NAME,
+ p2p_interface);
memset(prop_value, '\0', PROPERTY_VALUE_MAX);
property_set(ctrl_prop, daemon_cmd);
if (wait_for_property(daemon_prop_name, desired_status, 10) < 0) {
@@ -288,7 +284,8 @@
DAEMON_PROP_NAME,
p2p_interface);
- snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s", DAEMON_NAME, p2p_interface);
+ snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s", DAEMON_NAME,
+ p2p_interface);
/* Stop the daemon and wait until it's reported to be stopped */
property_set(ctrl_prop, daemon_cmd);
@@ -317,7 +314,8 @@
DAEMON_PROP_NAME,
p2p_interface);
- snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s", DAEMON_NAME, p2p_interface);
+ snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s", DAEMON_NAME,
+ p2p_interface);
/* Stop the daemon and wait until it's reported to be stopped */
property_set(ctrl_prop, daemon_cmd);
@@ -357,8 +355,8 @@
property_set(result_prop_name, "");
/* Start the renew daemon and wait until it's ready */
- snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s:%s", DAEMON_NAME_RENEW,
- p2p_interface, interface);
+ snprintf(daemon_cmd, sizeof(daemon_cmd), "%s_%s", DAEMON_NAME_RENEW,
+ p2p_interface);
memset(prop_value, '\0', PROPERTY_VALUE_MAX);
property_set(ctrl_prop, daemon_cmd);
diff --git a/libpixelflinger/codeflinger/disassem.c b/libpixelflinger/codeflinger/disassem.c
index 39dd614..5cbd63d 100644
--- a/libpixelflinger/codeflinger/disassem.c
+++ b/libpixelflinger/codeflinger/disassem.c
@@ -279,14 +279,14 @@
"4.0", "5.0", "0.5", "10.0"
};
-#define insn_condition(x) arm32_insn_conditions[(x >> 28) & 0x0f]
-#define insn_blktrans(x) insn_block_transfers[(x >> 23) & 3]
-#define insn_stkblktrans(x) insn_stack_block_transfers[(3*((x >> 20)&1))^((x >> 23)&3)]
-#define op2_shift(x) op_shifts[(x >> 5) & 3]
-#define insn_fparnd(x) insn_fpa_rounding[(x >> 5) & 0x03]
-#define insn_fpaprec(x) insn_fpa_precision[(((x >> 18) & 2)|(x >> 7)) & 1]
-#define insn_fpaprect(x) insn_fpa_precision[(((x >> 21) & 2)|(x >> 15)) & 1]
-#define insn_fpaimm(x) insn_fpaconstants[x & 0x07]
+#define insn_condition(x) arm32_insn_conditions[((x) >> 28) & 0x0f]
+#define insn_blktrans(x) insn_block_transfers[((x) >> 23) & 3]
+#define insn_stkblktrans(x) insn_stack_block_transfers[(3*(((x) >> 20)&1))^(((x) >> 23)&3)]
+#define op2_shift(x) op_shifts[((x) >> 5) & 3]
+#define insn_fparnd(x) insn_fpa_rounding[((x) >> 5) & 0x03]
+#define insn_fpaprec(x) insn_fpa_precision[((((x) >> 18) & 2)|((x) >> 7)) & 1]
+#define insn_fpaprect(x) insn_fpa_precision[((((x) >> 21) & 2)|((x) >> 15)) & 1]
+#define insn_fpaimm(x) insn_fpaconstants[(x) & 0x07]
/* Local prototypes */
static void disasm_register_shift(const disasm_interface_t *di, u_int insn);
diff --git a/libpixelflinger/include/private/pixelflinger/ggl_context.h b/libpixelflinger/include/private/pixelflinger/ggl_context.h
index d45dabc..563b0f1 100644
--- a/libpixelflinger/include/private/pixelflinger/ggl_context.h
+++ b/libpixelflinger/include/private/pixelflinger/ggl_context.h
@@ -120,7 +120,7 @@
template<bool> struct CTA;
template<> struct CTA<true> { };
-#define GGL_CONTEXT(con, c) context_t *con = static_cast<context_t *>(c)
+#define GGL_CONTEXT(con, c) context_t *(con) = static_cast<context_t *>(c) /* NOLINT */
#define GGL_OFFSETOF(field) uintptr_t(&(((context_t*)0)->field))
#define GGL_INIT_PROC(p, f) p.f = ggl_ ## f;
#define GGL_BETWEEN(x, L, H) (uint32_t((x)-(L)) <= ((H)-(L)))
@@ -136,14 +136,14 @@
// ----------------------------------------------------------------------------
#define GGL_RESERVE_NEEDS(name, l, s) \
- const uint32_t GGL_NEEDS_##name##_MASK = (((1LU<<(s))-1)<<l); \
+ const uint32_t GGL_NEEDS_##name##_MASK = (((1LU<<(s))-1)<<(l)); \
const uint32_t GGL_NEEDS_##name##_SHIFT = (l);
#define GGL_BUILD_NEEDS(val, name) \
(((val)<<(GGL_NEEDS_##name##_SHIFT)) & GGL_NEEDS_##name##_MASK)
#define GGL_READ_NEEDS(name, n) \
- (uint32_t(n & GGL_NEEDS_##name##_MASK) >> GGL_NEEDS_##name##_SHIFT)
+ (uint32_t((n) & GGL_NEEDS_##name##_MASK) >> GGL_NEEDS_##name##_SHIFT)
#define GGL_NEED_MASK(name) (uint32_t(GGL_NEEDS_##name##_MASK))
#define GGL_NEED(name, val) GGL_BUILD_NEEDS(val, name)
diff --git a/libpixelflinger/scanline.cpp b/libpixelflinger/scanline.cpp
index f48e1d0..aa18360 100644
--- a/libpixelflinger/scanline.cpp
+++ b/libpixelflinger/scanline.cpp
@@ -26,10 +26,6 @@
#include <cutils/memory.h>
#include <cutils/log.h>
-#ifdef __arm__
-#include <machine/cpu-features.h>
-#endif
-
#include "buffer.h"
#include "scanline.h"
diff --git a/libsparse/output_file.c b/libsparse/output_file.c
index cd30800..d284736 100644
--- a/libsparse/output_file.c
+++ b/libsparse/output_file.c
@@ -57,7 +57,7 @@
#define CHUNK_HEADER_LEN (sizeof(chunk_header_t))
#define container_of(inner, outer_t, elem) \
- ((outer_t *)((char *)inner - offsetof(outer_t, elem)))
+ ((outer_t *)((char *)(inner) - offsetof(outer_t, elem)))
struct output_file_ops {
int (*open)(struct output_file *, int fd);
diff --git a/libutils/RefBase.cpp b/libutils/RefBase.cpp
index 22162fa..085b314 100644
--- a/libutils/RefBase.cpp
+++ b/libutils/RefBase.cpp
@@ -27,7 +27,6 @@
#include <utils/RefBase.h>
-#include <utils/Atomic.h>
#include <utils/CallStack.h>
#include <utils/Log.h>
#include <utils/threads.h>
@@ -57,6 +56,68 @@
namespace android {
+// Usage, invariants, etc:
+
+// It is normally OK just to keep weak pointers to an object. The object will
+// be deallocated by decWeak when the last weak reference disappears.
+// Once a a strong reference has been created, the object will disappear once
+// the last strong reference does (decStrong).
+// AttemptIncStrong will succeed if the object has a strong reference, or if it
+// has a weak reference and has never had a strong reference.
+// AttemptIncWeak really does succeed only if there is already a WEAK
+// reference, and thus may fail when attemptIncStrong would succeed.
+// OBJECT_LIFETIME_WEAK changes this behavior to retain the object
+// unconditionally until the last reference of either kind disappears. The
+// client ensures that the extendObjectLifetime call happens before the dec
+// call that would otherwise have deallocated the object, or before an
+// attemptIncStrong call that might rely on it. We do not worry about
+// concurrent changes to the object lifetime.
+// mStrong is the strong reference count. mWeak is the weak reference count.
+// Between calls, and ignoring memory ordering effects, mWeak includes strong
+// references, and is thus >= mStrong.
+//
+// A weakref_impl is allocated as the value of mRefs in a RefBase object on
+// construction.
+// In the OBJECT_LIFETIME_STRONG case, it is deallocated in the RefBase
+// destructor iff the strong reference count was never incremented. The
+// destructor can be invoked either from decStrong, or from decWeak if there
+// was never a strong reference. If the reference count had been incremented,
+// it is deallocated directly in decWeak, and hence still lives as long as
+// the last weak reference.
+// In the OBJECT_LIFETIME_WEAK case, it is always deallocated from the RefBase
+// destructor, which is always invoked by decWeak. DecStrong explicitly avoids
+// the deletion in this case.
+//
+// Memory ordering:
+// The client must ensure that every inc() call, together with all other
+// accesses to the object, happens before the corresponding dec() call.
+//
+// We try to keep memory ordering constraints on atomics as weak as possible,
+// since memory fences or ordered memory accesses are likely to be a major
+// performance cost for this code. All accesses to mStrong, mWeak, and mFlags
+// explicitly relax memory ordering in some way.
+//
+// The only operations that are not memory_order_relaxed are reference count
+// decrements. All reference count decrements are release operations. In
+// addition, the final decrement leading the deallocation is followed by an
+// acquire fence, which we can view informally as also turning it into an
+// acquire operation. (See 29.8p4 [atomics.fences] for details. We could
+// alternatively use acq_rel operations for all decrements. This is probably
+// slower on most current (2016) hardware, especially on ARMv7, but that may
+// not be true indefinitely.)
+//
+// This convention ensures that the second-to-last decrement synchronizes with
+// (in the language of 1.10 in the C++ standard) the final decrement of a
+// reference count. Since reference counts are only updated using atomic
+// read-modify-write operations, this also extends to any earlier decrements.
+// (See "release sequence" in 1.10.)
+//
+// Since all operations on an object happen before the corresponding reference
+// count decrement, and all reference count decrements happen before the final
+// one, we are guaranteed that all other object accesses happen before the
+// object is destroyed.
+
+
#define INITIAL_STRONG_VALUE (1<<28)
// ---------------------------------------------------------------------------
@@ -64,10 +125,10 @@
class RefBase::weakref_impl : public RefBase::weakref_type
{
public:
- volatile int32_t mStrong;
- volatile int32_t mWeak;
- RefBase* const mBase;
- volatile int32_t mFlags;
+ std::atomic<int32_t> mStrong;
+ std::atomic<int32_t> mWeak;
+ RefBase* const mBase;
+ std::atomic<int32_t> mFlags;
#if !DEBUG_REFS
@@ -141,7 +202,7 @@
void addStrongRef(const void* id) {
//ALOGD_IF(mTrackEnabled,
// "addStrongRef: RefBase=%p, id=%p", mBase, id);
- addRef(&mStrongRefs, id, mStrong);
+ addRef(&mStrongRefs, id, mStrong.load(std::memory_order_relaxed));
}
void removeStrongRef(const void* id) {
@@ -150,7 +211,7 @@
if (!mRetain) {
removeRef(&mStrongRefs, id);
} else {
- addRef(&mStrongRefs, id, -mStrong);
+ addRef(&mStrongRefs, id, -mStrong.load(std::memory_order_relaxed));
}
}
@@ -162,14 +223,14 @@
}
void addWeakRef(const void* id) {
- addRef(&mWeakRefs, id, mWeak);
+ addRef(&mWeakRefs, id, mWeak.load(std::memory_order_relaxed));
}
void removeWeakRef(const void* id) {
if (!mRetain) {
removeRef(&mWeakRefs, id);
} else {
- addRef(&mWeakRefs, id, -mWeak);
+ addRef(&mWeakRefs, id, -mWeak.load(std::memory_order_relaxed));
}
}
@@ -330,7 +391,7 @@
refs->incWeak(id);
refs->addStrongRef(id);
- const int32_t c = android_atomic_inc(&refs->mStrong);
+ const int32_t c = refs->mStrong.fetch_add(1, std::memory_order_relaxed);
ALOG_ASSERT(c > 0, "incStrong() called on %p after last strong ref", refs);
#if PRINT_REFS
ALOGD("incStrong of %p from %p: cnt=%d\n", this, id, c);
@@ -339,7 +400,10 @@
return;
}
- android_atomic_add(-INITIAL_STRONG_VALUE, &refs->mStrong);
+ int32_t old = refs->mStrong.fetch_sub(INITIAL_STRONG_VALUE,
+ std::memory_order_relaxed);
+ // A decStrong() must still happen after us.
+ ALOG_ASSERT(old > INITIAL_STRONG_VALUE, "0x%x too small", old);
refs->mBase->onFirstRef();
}
@@ -347,27 +411,39 @@
{
weakref_impl* const refs = mRefs;
refs->removeStrongRef(id);
- const int32_t c = android_atomic_dec(&refs->mStrong);
+ const int32_t c = refs->mStrong.fetch_sub(1, std::memory_order_release);
#if PRINT_REFS
ALOGD("decStrong of %p from %p: cnt=%d\n", this, id, c);
#endif
ALOG_ASSERT(c >= 1, "decStrong() called on %p too many times", refs);
if (c == 1) {
+ std::atomic_thread_fence(std::memory_order_acquire);
refs->mBase->onLastStrongRef(id);
- if ((refs->mFlags&OBJECT_LIFETIME_MASK) == OBJECT_LIFETIME_STRONG) {
+ int32_t flags = refs->mFlags.load(std::memory_order_relaxed);
+ if ((flags&OBJECT_LIFETIME_MASK) == OBJECT_LIFETIME_STRONG) {
delete this;
+ // Since mStrong had been incremented, the destructor did not
+ // delete refs.
}
}
+ // Note that even with only strong reference operations, the thread
+ // deallocating this may not be the same as the thread deallocating refs.
+ // That's OK: all accesses to this happen before its deletion here,
+ // and all accesses to refs happen before its deletion in the final decWeak.
+ // The destructor can safely access mRefs because either it's deleting
+ // mRefs itself, or it's running entirely before the final mWeak decrement.
refs->decWeak(id);
}
void RefBase::forceIncStrong(const void* id) const
{
+ // Allows initial mStrong of 0 in addition to INITIAL_STRONG_VALUE.
+ // TODO: Better document assumptions.
weakref_impl* const refs = mRefs;
refs->incWeak(id);
refs->addStrongRef(id);
- const int32_t c = android_atomic_inc(&refs->mStrong);
+ const int32_t c = refs->mStrong.fetch_add(1, std::memory_order_relaxed);
ALOG_ASSERT(c >= 0, "forceIncStrong called on %p after ref count underflow",
refs);
#if PRINT_REFS
@@ -376,7 +452,8 @@
switch (c) {
case INITIAL_STRONG_VALUE:
- android_atomic_add(-INITIAL_STRONG_VALUE, &refs->mStrong);
+ refs->mStrong.fetch_sub(INITIAL_STRONG_VALUE,
+ std::memory_order_relaxed);
// fall through...
case 0:
refs->mBase->onFirstRef();
@@ -385,7 +462,8 @@
int32_t RefBase::getStrongCount() const
{
- return mRefs->mStrong;
+ // Debugging only; No memory ordering guarantees.
+ return mRefs->mStrong.load(std::memory_order_relaxed);
}
RefBase* RefBase::weakref_type::refBase() const
@@ -397,7 +475,8 @@
{
weakref_impl* const impl = static_cast<weakref_impl*>(this);
impl->addWeakRef(id);
- const int32_t c __unused = android_atomic_inc(&impl->mWeak);
+ const int32_t c __unused = impl->mWeak.fetch_add(1,
+ std::memory_order_relaxed);
ALOG_ASSERT(c >= 0, "incWeak called on %p after last weak ref", this);
}
@@ -406,16 +485,19 @@
{
weakref_impl* const impl = static_cast<weakref_impl*>(this);
impl->removeWeakRef(id);
- const int32_t c = android_atomic_dec(&impl->mWeak);
+ const int32_t c = impl->mWeak.fetch_sub(1, std::memory_order_release);
ALOG_ASSERT(c >= 1, "decWeak called on %p too many times", this);
if (c != 1) return;
+ atomic_thread_fence(std::memory_order_acquire);
- if ((impl->mFlags&OBJECT_LIFETIME_WEAK) == OBJECT_LIFETIME_STRONG) {
+ int32_t flags = impl->mFlags.load(std::memory_order_relaxed);
+ if ((flags&OBJECT_LIFETIME_MASK) == OBJECT_LIFETIME_STRONG) {
// This is the regular lifetime case. The object is destroyed
// when the last strong reference goes away. Since weakref_impl
// outlive the object, it is not destroyed in the dtor, and
// we'll have to do it here.
- if (impl->mStrong == INITIAL_STRONG_VALUE) {
+ if (impl->mStrong.load(std::memory_order_relaxed)
+ == INITIAL_STRONG_VALUE) {
// Special case: we never had a strong reference, so we need to
// destroy the object now.
delete impl->mBase;
@@ -424,13 +506,10 @@
delete impl;
}
} else {
- // less common case: lifetime is OBJECT_LIFETIME_{WEAK|FOREVER}
+ // This is the OBJECT_LIFETIME_WEAK case. The last weak-reference
+ // is gone, we can destroy the object.
impl->mBase->onLastWeakRef(id);
- if ((impl->mFlags&OBJECT_LIFETIME_MASK) == OBJECT_LIFETIME_WEAK) {
- // this is the OBJECT_LIFETIME_WEAK case. The last weak-reference
- // is gone, we can destroy the object.
- delete impl->mBase;
- }
+ delete impl->mBase;
}
}
@@ -439,7 +518,7 @@
incWeak(id);
weakref_impl* const impl = static_cast<weakref_impl*>(this);
- int32_t curCount = impl->mStrong;
+ int32_t curCount = impl->mStrong.load(std::memory_order_relaxed);
ALOG_ASSERT(curCount >= 0,
"attemptIncStrong called on %p after underflow", this);
@@ -447,19 +526,20 @@
while (curCount > 0 && curCount != INITIAL_STRONG_VALUE) {
// we're in the easy/common case of promoting a weak-reference
// from an existing strong reference.
- if (android_atomic_cmpxchg(curCount, curCount+1, &impl->mStrong) == 0) {
+ if (impl->mStrong.compare_exchange_weak(curCount, curCount+1,
+ std::memory_order_relaxed)) {
break;
}
// the strong count has changed on us, we need to re-assert our
- // situation.
- curCount = impl->mStrong;
+ // situation. curCount was updated by compare_exchange_weak.
}
if (curCount <= 0 || curCount == INITIAL_STRONG_VALUE) {
// we're now in the harder case of either:
// - there never was a strong reference on us
// - or, all strong references have been released
- if ((impl->mFlags&OBJECT_LIFETIME_WEAK) == OBJECT_LIFETIME_STRONG) {
+ int32_t flags = impl->mFlags.load(std::memory_order_relaxed);
+ if ((flags&OBJECT_LIFETIME_MASK) == OBJECT_LIFETIME_STRONG) {
// this object has a "normal" life-time, i.e.: it gets destroyed
// when the last strong reference goes away
if (curCount <= 0) {
@@ -473,13 +553,13 @@
// there never was a strong-reference, so we can try to
// promote this object; we need to do that atomically.
while (curCount > 0) {
- if (android_atomic_cmpxchg(curCount, curCount + 1,
- &impl->mStrong) == 0) {
+ if (impl->mStrong.compare_exchange_weak(curCount, curCount+1,
+ std::memory_order_relaxed)) {
break;
}
// the strong count has changed on us, we need to re-assert our
// situation (e.g.: another thread has inc/decStrong'ed us)
- curCount = impl->mStrong;
+ // curCount has been updated.
}
if (curCount <= 0) {
@@ -499,7 +579,7 @@
}
// grab a strong-reference, which is always safe due to the
// extended life-time.
- curCount = android_atomic_inc(&impl->mStrong);
+ curCount = impl->mStrong.fetch_add(1, std::memory_order_relaxed);
}
// If the strong reference count has already been incremented by
@@ -518,21 +598,16 @@
ALOGD("attemptIncStrong of %p from %p: cnt=%d\n", this, id, curCount);
#endif
- // now we need to fix-up the count if it was INITIAL_STRONG_VALUE
- // this must be done safely, i.e.: handle the case where several threads
+ // curCount is the value of mStrong before we increment ed it.
+ // Now we need to fix-up the count if it was INITIAL_STRONG_VALUE.
+ // This must be done safely, i.e.: handle the case where several threads
// were here in attemptIncStrong().
- curCount = impl->mStrong;
- while (curCount >= INITIAL_STRONG_VALUE) {
- ALOG_ASSERT(curCount > INITIAL_STRONG_VALUE,
- "attemptIncStrong in %p underflowed to INITIAL_STRONG_VALUE",
- this);
- if (android_atomic_cmpxchg(curCount, curCount-INITIAL_STRONG_VALUE,
- &impl->mStrong) == 0) {
- break;
- }
- // the strong-count changed on us, we need to re-assert the situation,
- // for e.g.: it's possible the fix-up happened in another thread.
- curCount = impl->mStrong;
+ // curCount > INITIAL_STRONG_VALUE is OK, and can happen if we're doing
+ // this in the middle of another incStrong. The subtraction is handled
+ // by the thread that started with INITIAL_STRONG_VALUE.
+ if (curCount == INITIAL_STRONG_VALUE) {
+ impl->mStrong.fetch_sub(INITIAL_STRONG_VALUE,
+ std::memory_order_relaxed);
}
return true;
@@ -542,14 +617,15 @@
{
weakref_impl* const impl = static_cast<weakref_impl*>(this);
- int32_t curCount = impl->mWeak;
+ int32_t curCount = impl->mWeak.load(std::memory_order_relaxed);
ALOG_ASSERT(curCount >= 0, "attemptIncWeak called on %p after underflow",
this);
while (curCount > 0) {
- if (android_atomic_cmpxchg(curCount, curCount+1, &impl->mWeak) == 0) {
+ if (impl->mWeak.compare_exchange_weak(curCount, curCount+1,
+ std::memory_order_relaxed)) {
break;
}
- curCount = impl->mWeak;
+ // curCount has been updated.
}
if (curCount > 0) {
@@ -561,7 +637,9 @@
int32_t RefBase::weakref_type::getWeakCount() const
{
- return static_cast<const weakref_impl*>(this)->mWeak;
+ // Debug only!
+ return static_cast<const weakref_impl*>(this)->mWeak
+ .load(std::memory_order_relaxed);
}
void RefBase::weakref_type::printRefs() const
@@ -592,17 +670,19 @@
RefBase::~RefBase()
{
- if (mRefs->mStrong == INITIAL_STRONG_VALUE) {
+ if (mRefs->mStrong.load(std::memory_order_relaxed)
+ == INITIAL_STRONG_VALUE) {
// we never acquired a strong (and/or weak) reference on this object.
delete mRefs;
} else {
- // life-time of this object is extended to WEAK or FOREVER, in
+ // life-time of this object is extended to WEAK, in
// which case weakref_impl doesn't out-live the object and we
// can free it now.
- if ((mRefs->mFlags & OBJECT_LIFETIME_MASK) != OBJECT_LIFETIME_STRONG) {
+ int32_t flags = mRefs->mFlags.load(std::memory_order_relaxed);
+ if ((flags & OBJECT_LIFETIME_MASK) != OBJECT_LIFETIME_STRONG) {
// It's possible that the weak count is not 0 if the object
// re-acquired a weak reference in its destructor
- if (mRefs->mWeak == 0) {
+ if (mRefs->mWeak.load(std::memory_order_relaxed) == 0) {
delete mRefs;
}
}
@@ -613,7 +693,9 @@
void RefBase::extendObjectLifetime(int32_t mode)
{
- android_atomic_or(mode, &mRefs->mFlags);
+ // Must be happens-before ordered with respect to construction or any
+ // operation that could destroy the object.
+ mRefs->mFlags.fetch_or(mode, std::memory_order_relaxed);
}
void RefBase::onFirstRef()
diff --git a/libutils/SharedBuffer.cpp b/libutils/SharedBuffer.cpp
index c7dd1ab..f3d6d8f 100644
--- a/libutils/SharedBuffer.cpp
+++ b/libutils/SharedBuffer.cpp
@@ -20,7 +20,6 @@
#include <string.h>
#include <log/log.h>
-#include <utils/Atomic.h>
#include "SharedBuffer.h"
@@ -37,18 +36,19 @@
SharedBuffer* sb = static_cast<SharedBuffer *>(malloc(sizeof(SharedBuffer) + size));
if (sb) {
- sb->mRefs = 1;
+ // Should be std::atomic_init(&sb->mRefs, 1);
+ // But that generates a warning with some compilers.
+ // The following is OK on Android-supported platforms.
+ sb->mRefs.store(1, std::memory_order_relaxed);
sb->mSize = size;
}
return sb;
}
-ssize_t SharedBuffer::dealloc(const SharedBuffer* released)
+void SharedBuffer::dealloc(const SharedBuffer* released)
{
- if (released->mRefs != 0) return -1; // XXX: invalid operation
free(const_cast<SharedBuffer*>(released));
- return 0;
}
SharedBuffer* SharedBuffer::edit() const
@@ -108,14 +108,15 @@
}
void SharedBuffer::acquire() const {
- android_atomic_inc(&mRefs);
+ mRefs.fetch_add(1, std::memory_order_relaxed);
}
int32_t SharedBuffer::release(uint32_t flags) const
{
int32_t prev = 1;
- if (onlyOwner() || ((prev = android_atomic_dec(&mRefs)) == 1)) {
- mRefs = 0;
+ if (onlyOwner() || ((prev = mRefs.fetch_sub(1, std::memory_order_release) == 1)
+ && (atomic_thread_fence(std::memory_order_acquire), true))) {
+ mRefs.store(0, std::memory_order_relaxed);
if ((flags & eKeepStorage) == 0) {
free(const_cast<SharedBuffer*>(this));
}
diff --git a/libutils/SharedBuffer.h b/libutils/SharedBuffer.h
index b670953..48358cd 100644
--- a/libutils/SharedBuffer.h
+++ b/libutils/SharedBuffer.h
@@ -14,9 +14,14 @@
* limitations under the License.
*/
+/*
+ * DEPRECATED. DO NOT USE FOR NEW CODE.
+ */
+
#ifndef ANDROID_SHARED_BUFFER_H
#define ANDROID_SHARED_BUFFER_H
+#include <atomic>
#include <stdint.h>
#include <sys/types.h>
@@ -43,7 +48,7 @@
* In other words, the buffer must have been release by all its
* users.
*/
- static ssize_t dealloc(const SharedBuffer* released);
+ static void dealloc(const SharedBuffer* released);
//! access the data for read
inline const void* data() const;
@@ -94,12 +99,16 @@
SharedBuffer(const SharedBuffer&);
SharedBuffer& operator = (const SharedBuffer&);
- // 16 bytes. must be sized to preserve correct alignment.
- mutable int32_t mRefs;
- size_t mSize;
- uint32_t mReserved[2];
+ // Must be sized to preserve correct alignment.
+ mutable std::atomic<int32_t> mRefs;
+ size_t mSize;
+ uint32_t mReserved[2];
};
+static_assert(sizeof(SharedBuffer) % 8 == 0
+ && (sizeof(size_t) > 4 || sizeof(SharedBuffer) == 16),
+ "SharedBuffer has unexpected size");
+
// ---------------------------------------------------------------------------
const void* SharedBuffer::data() const {
@@ -127,7 +136,7 @@
}
bool SharedBuffer::onlyOwner() const {
- return (mRefs == 1);
+ return (mRefs.load(std::memory_order_acquire) == 1);
}
}; // namespace android
diff --git a/libutils/SystemClock.cpp b/libutils/SystemClock.cpp
index c5ae327..965e32c 100644
--- a/libutils/SystemClock.cpp
+++ b/libutils/SystemClock.cpp
@@ -19,18 +19,13 @@
* System clock functions.
*/
-#if defined(__ANDROID__)
-#include <linux/ioctl.h>
-#include <linux/rtc.h>
-#include <utils/Atomic.h>
-#include <linux/android_alarm.h>
-#endif
-
#include <sys/time.h>
#include <limits.h>
#include <fcntl.h>
#include <string.h>
+#include <errno.h>
+#include <cutils/compiler.h>
#include <utils/SystemClock.h>
#include <utils/Timers.h>
@@ -61,30 +56,16 @@
*/
int64_t elapsedRealtimeNano()
{
-#if defined(__ANDROID__)
- static int s_fd = -1;
-
- if (s_fd == -1) {
- int fd = open("/dev/alarm", O_RDONLY);
- if (android_atomic_cmpxchg(-1, fd, &s_fd)) {
- close(fd);
- }
- }
-
+#if defined(__linux__)
struct timespec ts;
- if (ioctl(s_fd, ANDROID_ALARM_GET_TIME(ANDROID_ALARM_ELAPSED_REALTIME), &ts) == 0) {
- return seconds_to_nanoseconds(ts.tv_sec) + ts.tv_nsec;
+ int err = clock_gettime(CLOCK_BOOTTIME, &ts);
+ if (CC_UNLIKELY(err)) {
+ // This should never happen, but just in case ...
+ ALOGE("clock_gettime(CLOCK_BOOTTIME) failed: %s", strerror(errno));
+ return 0;
}
- // /dev/alarm doesn't exist, fallback to CLOCK_BOOTTIME
- if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0) {
- return seconds_to_nanoseconds(ts.tv_sec) + ts.tv_nsec;
- }
-
- // XXX: there was an error, probably because the driver didn't
- // exist ... this should return
- // a real error, like an exception!
- return systemTime(SYSTEM_TIME_MONOTONIC);
+ return seconds_to_nanoseconds(ts.tv_sec) + ts.tv_nsec;
#else
return systemTime(SYSTEM_TIME_MONOTONIC);
#endif
diff --git a/libutils/tests/Android.mk b/libutils/tests/Android.mk
index 8f07f1a..21fe19c 100644
--- a/libutils/tests/Android.mk
+++ b/libutils/tests/Android.mk
@@ -28,6 +28,7 @@
LruCache_test.cpp \
String8_test.cpp \
StrongPointer_test.cpp \
+ SystemClock_test.cpp \
Unicode_test.cpp \
Vector_test.cpp \
diff --git a/libutils/tests/SystemClock_test.cpp b/libutils/tests/SystemClock_test.cpp
new file mode 100644
index 0000000..5ad060b
--- /dev/null
+++ b/libutils/tests/SystemClock_test.cpp
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <unistd.h>
+#include <utils/SystemClock.h>
+
+#include <gtest/gtest.h>
+
+static const auto MS_IN_NS = 1000000;
+
+static const int64_t SLEEP_MS = 500;
+static const int64_t SLEEP_NS = SLEEP_MS * MS_IN_NS;
+// Conservatively assume that we might be descheduled for up to 50 ms
+static const int64_t SLACK_MS = 50;
+static const int64_t SLACK_NS = SLACK_MS * MS_IN_NS;
+
+TEST(SystemClock, SystemClock) {
+ auto startUptimeMs = android::uptimeMillis();
+ auto startRealtimeMs = android::elapsedRealtime();
+ auto startRealtimeNs = android::elapsedRealtimeNano();
+
+ ASSERT_GT(startUptimeMs, 0)
+ << "uptimeMillis() reported an impossible uptime";
+ ASSERT_GE(startRealtimeMs, startUptimeMs)
+ << "elapsedRealtime() thinks we've suspended for negative time";
+ ASSERT_GE(startRealtimeNs, startUptimeMs * MS_IN_NS)
+ << "elapsedRealtimeNano() thinks we've suspended for negative time";
+
+ ASSERT_GE(startRealtimeNs, startRealtimeMs * MS_IN_NS)
+ << "elapsedRealtime() and elapsedRealtimeNano() are inconsistent";
+ ASSERT_LT(startRealtimeNs, (startRealtimeMs + SLACK_MS) * MS_IN_NS)
+ << "elapsedRealtime() and elapsedRealtimeNano() are inconsistent";
+
+ timespec ts;
+ ts.tv_sec = 0;
+ ts.tv_nsec = SLEEP_MS * MS_IN_NS;
+ auto nanosleepErr = TEMP_FAILURE_RETRY(nanosleep(&ts, nullptr));
+ ASSERT_EQ(nanosleepErr, 0) << "nanosleep() failed: " << strerror(errno);
+
+ auto endUptimeMs = android::uptimeMillis();
+ auto endRealtimeMs = android::elapsedRealtime();
+ auto endRealtimeNs = android::elapsedRealtimeNano();
+
+ EXPECT_GE(endUptimeMs - startUptimeMs, SLEEP_MS)
+ << "uptimeMillis() advanced too little after nanosleep()";
+ EXPECT_LT(endUptimeMs - startUptimeMs, SLEEP_MS + SLACK_MS)
+ << "uptimeMillis() advanced too much after nanosleep()";
+ EXPECT_GE(endRealtimeMs - startRealtimeMs, SLEEP_MS)
+ << "elapsedRealtime() advanced too little after nanosleep()";
+ EXPECT_LT(endRealtimeMs - startRealtimeMs, SLEEP_MS + SLACK_MS)
+ << "elapsedRealtime() advanced too much after nanosleep()";
+ EXPECT_GE(endRealtimeNs - startRealtimeNs, SLEEP_NS)
+ << "elapsedRealtimeNano() advanced too little after nanosleep()";
+ EXPECT_LT(endRealtimeNs - startRealtimeNs, SLEEP_NS + SLACK_NS)
+ << "elapsedRealtimeNano() advanced too much after nanosleep()";
+
+ EXPECT_GE(endRealtimeNs, endRealtimeMs * MS_IN_NS)
+ << "elapsedRealtime() and elapsedRealtimeNano() are inconsistent after nanosleep()";
+ EXPECT_LT(endRealtimeNs, (endRealtimeMs + SLACK_MS) * MS_IN_NS)
+ << "elapsedRealtime() and elapsedRealtimeNano() are inconsistent after nanosleep()";
+}
diff --git a/lmkd/lmkd.c b/lmkd/lmkd.c
index aa3db8a..37fbdb8 100644
--- a/lmkd/lmkd.c
+++ b/lmkd/lmkd.c
@@ -114,7 +114,7 @@
static struct proc *pidhash[PIDHASH_SZ];
#define pid_hashfn(x) ((((x) >> 8) ^ (x)) & (PIDHASH_SZ - 1))
-#define ADJTOSLOT(adj) (adj + -OOM_ADJUST_MIN)
+#define ADJTOSLOT(adj) ((adj) + -OOM_ADJUST_MIN)
static struct adjslot_list procadjslot_list[ADJTOSLOT(OOM_ADJUST_MAX) + 1];
/*
diff --git a/logd/LogStatistics.h b/logd/LogStatistics.h
index 6f7d264..b32c27d 100644
--- a/logd/LogStatistics.h
+++ b/logd/LogStatistics.h
@@ -33,7 +33,7 @@
#include "LogUtils.h"
#define log_id_for_each(i) \
- for (log_id_t i = LOG_ID_MIN; i < LOG_ID_MAX; i = (log_id_t) (i + 1))
+ for (log_id_t i = LOG_ID_MIN; (i) < LOG_ID_MAX; (i) = (log_id_t) ((i) + 1))
class LogStatistics;
diff --git a/metricsd/uploader/metrics_log_base.cc b/metricsd/uploader/metrics_log_base.cc
index 1a60b4f..f23bd63 100644
--- a/metricsd/uploader/metrics_log_base.cc
+++ b/metricsd/uploader/metrics_log_base.cc
@@ -16,6 +16,8 @@
#include "uploader/metrics_log_base.h"
+#include <memory>
+
#include "base/build_time.h"
#include "base/metrics/histogram_base.h"
#include "base/metrics/histogram_samples.h"
@@ -125,7 +127,7 @@
histogram_proto->set_name_hash(Hash(histogram_name));
histogram_proto->set_sum(snapshot.sum());
- for (scoped_ptr<SampleCountIterator> it = snapshot.Iterator(); !it->Done();
+ for (std::unique_ptr<SampleCountIterator> it = snapshot.Iterator(); !it->Done();
it->Next()) {
HistogramBase::Sample min;
HistogramBase::Sample max;
diff --git a/rootdir/init.rc b/rootdir/init.rc
index aa32343..a359713 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -140,7 +140,6 @@
chown system system /dev/cpuctl
chown system system /dev/cpuctl/tasks
chmod 0666 /dev/cpuctl/tasks
- write /dev/cpuctl/cpu.shares 1024
write /dev/cpuctl/cpu.rt_runtime_us 800000
write /dev/cpuctl/cpu.rt_period_us 1000000
@@ -572,6 +571,11 @@
on property:sys.sysctl.tcp_def_init_rwnd=*
write /proc/sys/net/ipv4/tcp_default_init_rwnd ${sys.sysctl.tcp_def_init_rwnd}
+on property:security.perf_harden=0
+ write /proc/sys/kernel/perf_event_paranoid 1
+
+on property:security.perf_harden=1
+ write /proc/sys/kernel/perf_event_paranoid 3
## Daemon processes to be run by init.
##
diff --git a/rootdir/init.usb.configfs.rc b/rootdir/init.usb.configfs.rc
index 186384b..e19b058 100644
--- a/rootdir/init.usb.configfs.rc
+++ b/rootdir/init.usb.configfs.rc
@@ -1,6 +1,7 @@
on property:sys.usb.config=none && property:sys.usb.configfs=1
write /config/usb_gadget/g1/UDC "none"
stop adbd
+ setprop sys.usb.ffs.ready 0
write /config/usb_gadget/g1/bDeviceClass 0
write /config/usb_gadget/g1/bDeviceSubClass 0
write /config/usb_gadget/g1/bDeviceProtocol 0
diff --git a/sdcard/Android.mk b/sdcard/Android.mk
index 2d04a7f..ac5faa7 100644
--- a/sdcard/Android.mk
+++ b/sdcard/Android.mk
@@ -7,4 +7,7 @@
LOCAL_CFLAGS := -Wall -Wno-unused-parameter -Werror
LOCAL_SHARED_LIBRARIES := liblog libcutils libpackagelistparser
+LOCAL_SANITIZE := integer
+LOCAL_CLANG := true
+
include $(BUILD_EXECUTABLE)
diff --git a/toolbox/Android.mk b/toolbox/Android.mk
index 85f9415..ba04364 100644
--- a/toolbox/Android.mk
+++ b/toolbox/Android.mk
@@ -3,7 +3,6 @@
common_cflags := \
-Werror -Wno-unused-parameter -Wno-unused-const-variable \
- -I$(LOCAL_PATH)/upstream-netbsd/include/ \
-include bsd-compatibility.h \
@@ -21,6 +20,7 @@
upstream-netbsd/lib/libc/string/swab.c \
upstream-netbsd/lib/libutil/raise_default_signal.c
LOCAL_CFLAGS += $(common_cflags) -Dmain=dd_main -DNO_CONV
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/upstream-netbsd/include/
LOCAL_MODULE := libtoolbox_dd
include $(BUILD_STATIC_LIBRARY)
@@ -36,7 +36,6 @@
log \
nandread \
newfs_msdos \
- ps \
sendevent \
start \
stop \
@@ -50,6 +49,7 @@
$(patsubst %,%.c,$(OUR_TOOLS)) \
LOCAL_CFLAGS += $(common_cflags)
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/upstream-netbsd/include/
LOCAL_CONLYFLAGS += -std=gnu99
LOCAL_SHARED_LIBRARIES := \
@@ -96,6 +96,7 @@
include $(CLEAR_VARS)
LOCAL_SRC_FILES := r.c
LOCAL_CFLAGS += $(common_cflags)
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/upstream-netbsd/include/
LOCAL_MODULE := r
LOCAL_MODULE_TAGS := debug
include $(BUILD_EXECUTABLE)
@@ -110,6 +111,7 @@
upstream-netbsd/usr.bin/grep/queue.c \
upstream-netbsd/usr.bin/grep/util.c
LOCAL_CFLAGS += $(common_cflags)
+LOCAL_C_INCLUDES += $(LOCAL_PATH)/upstream-netbsd/include/
LOCAL_MODULE := grep
LOCAL_POST_INSTALL_CMD := $(hide) $(foreach t,egrep fgrep,ln -sf grep $(TARGET_OUT)/bin/$(t);)
include $(BUILD_EXECUTABLE)
diff --git a/toolbox/bsd-compatibility.h b/toolbox/bsd-compatibility.h
index 434d370..7c3ddd4 100644
--- a/toolbox/bsd-compatibility.h
+++ b/toolbox/bsd-compatibility.h
@@ -43,7 +43,7 @@
#define __type_fit(t, a) (0 == 0)
// TODO: should this be in our <sys/cdefs.h>?
-#define __arraycount(a) (sizeof(a) / sizeof(a[0]))
+#define __arraycount(a) (sizeof(a) / sizeof((a)[0]))
// This at least matches GNU dd(1) behavior.
#define SIGINFO SIGUSR1
diff --git a/toolbox/ps.c b/toolbox/ps.c
deleted file mode 100644
index c129110..0000000
--- a/toolbox/ps.c
+++ /dev/null
@@ -1,340 +0,0 @@
-#include <ctype.h>
-#include <dirent.h>
-#include <fcntl.h>
-#include <inttypes.h>
-#include <pwd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <cutils/sched_policy.h>
-
-static char *nexttoksep(char **strp, char *sep)
-{
- char *p = strsep(strp,sep);
- return (p == 0) ? "" : p;
-}
-static char *nexttok(char **strp)
-{
- return nexttoksep(strp, " ");
-}
-
-#define SHOW_PRIO 1
-#define SHOW_TIME 2
-#define SHOW_POLICY 4
-#define SHOW_CPU 8
-#define SHOW_MACLABEL 16
-#define SHOW_NUMERIC_UID 32
-#define SHOW_ABI 64
-
-#if __LP64__
-#define PC_WIDTH 10 /* Realistically, the top bits will be 0, so don't waste space. */
-#else
-#define PC_WIDTH (2*sizeof(uintptr_t))
-#endif
-
-static int display_flags = 0;
-static int ppid_filter = 0;
-
-static void print_exe_abi(int pid);
-
-static int ps_line(int pid, int tid)
-{
- char statline[1024];
- char cmdline[1024];
- char macline[1024];
- char user[32];
- struct stat stats;
- int r;
- char *ptr, *name, *state;
- int ppid;
- unsigned rss, vss;
- uintptr_t eip;
- unsigned utime, stime;
- int prio, nice, rtprio, sched, psr;
- struct passwd *pw;
-
- snprintf(statline, sizeof(statline), "/proc/%d", tid ? tid : pid);
- stat(statline, &stats);
-
- if (tid) {
- snprintf(statline, sizeof(statline), "/proc/%d/task/%d/stat", pid, tid);
- cmdline[0] = 0;
- snprintf(macline, sizeof(macline), "/proc/%d/task/%d/attr/current", pid, tid);
- } else {
- snprintf(statline, sizeof(statline), "/proc/%d/stat", pid);
- snprintf(cmdline, sizeof(cmdline), "/proc/%d/cmdline", pid);
- snprintf(macline, sizeof(macline), "/proc/%d/attr/current", pid);
- int fd = open(cmdline, O_RDONLY);
- if (fd == 0) {
- r = 0;
- } else {
- r = read(fd, cmdline, 1023);
- close(fd);
- if (r < 0) r = 0;
- }
- cmdline[r] = 0;
- }
-
- int fd = open(statline, O_RDONLY);
- if (fd == 0) return -1;
- r = read(fd, statline, 1023);
- close(fd);
- if (r < 0) return -1;
- statline[r] = 0;
-
- ptr = statline;
- nexttok(&ptr); // skip pid
- ptr++; // skip "("
-
- name = ptr;
- ptr = strrchr(ptr, ')'); // Skip to *last* occurence of ')',
- *ptr++ = '\0'; // and null-terminate name.
-
- ptr++; // skip " "
- state = nexttok(&ptr);
- ppid = atoi(nexttok(&ptr));
- nexttok(&ptr); // pgrp
- nexttok(&ptr); // sid
- nexttok(&ptr); // tty
- nexttok(&ptr); // tpgid
- nexttok(&ptr); // flags
- nexttok(&ptr); // minflt
- nexttok(&ptr); // cminflt
- nexttok(&ptr); // majflt
- nexttok(&ptr); // cmajflt
-#if 1
- utime = atoi(nexttok(&ptr));
- stime = atoi(nexttok(&ptr));
-#else
- nexttok(&ptr); // utime
- nexttok(&ptr); // stime
-#endif
- nexttok(&ptr); // cutime
- nexttok(&ptr); // cstime
- prio = atoi(nexttok(&ptr));
- nice = atoi(nexttok(&ptr));
- nexttok(&ptr); // threads
- nexttok(&ptr); // itrealvalue
- nexttok(&ptr); // starttime
- vss = strtoul(nexttok(&ptr), 0, 10); // vsize
- rss = strtoul(nexttok(&ptr), 0, 10); // rss
- nexttok(&ptr); // rlim
- nexttok(&ptr); // startcode
- nexttok(&ptr); // endcode
- nexttok(&ptr); // startstack
- nexttok(&ptr); // kstkesp
- eip = strtoul(nexttok(&ptr), 0, 10); // kstkeip
- nexttok(&ptr); // signal
- nexttok(&ptr); // blocked
- nexttok(&ptr); // sigignore
- nexttok(&ptr); // sigcatch
- nexttok(&ptr); // wchan
- nexttok(&ptr); // nswap
- nexttok(&ptr); // cnswap
- nexttok(&ptr); // exit signal
- psr = atoi(nexttok(&ptr)); // processor
- rtprio = atoi(nexttok(&ptr)); // rt_priority
- sched = atoi(nexttok(&ptr)); // scheduling policy
-
- nexttok(&ptr); // tty
-
- if (tid != 0) {
- ppid = pid;
- pid = tid;
- }
-
- pw = getpwuid(stats.st_uid);
- if (pw == 0 || (display_flags & SHOW_NUMERIC_UID)) {
- snprintf(user, sizeof(user), "%d", (int)stats.st_uid);
- } else {
- snprintf(user, sizeof(user), "%s", pw->pw_name);
- }
-
- if (ppid_filter != 0 && ppid != ppid_filter) {
- return 0;
- }
-
- if (display_flags & SHOW_MACLABEL) {
- fd = open(macline, O_RDONLY);
- strcpy(macline, "-");
- if (fd >= 0) {
- r = read(fd, macline, sizeof(macline)-1);
- close(fd);
- if (r > 0)
- macline[r] = 0;
- }
- printf("%-30s ", macline);
- }
-
- printf("%-9s %-5d %-5d %-6d %-5d", user, pid, ppid, vss / 1024, rss * 4);
- if (display_flags & SHOW_CPU)
- printf(" %-2d", psr);
- if (display_flags & SHOW_PRIO)
- printf(" %-5d %-5d %-5d %-5d", prio, nice, rtprio, sched);
- if (display_flags & SHOW_POLICY) {
- SchedPolicy p;
- if (get_sched_policy(pid, &p) < 0)
- printf(" un ");
- else
- printf(" %.2s ", get_sched_policy_name(p));
- }
- char path[PATH_MAX];
- snprintf(path, sizeof(path), "/proc/%d/wchan", pid);
- char wchan[10];
- fd = open(path, O_RDONLY);
- ssize_t wchan_len = read(fd, wchan, sizeof(wchan));
- if (wchan_len == -1) {
- wchan[wchan_len = 0] = '\0';
- }
- close(fd);
- printf(" %10.*s %0*" PRIxPTR " %s ", (int) wchan_len, wchan, (int) PC_WIDTH, eip, state);
- if (display_flags & SHOW_ABI) {
- print_exe_abi(pid);
- }
- printf("%s", cmdline[0] ? cmdline : name);
- if (display_flags & SHOW_TIME)
- printf(" (u:%d, s:%d)", utime, stime);
-
- printf("\n");
- return 0;
-}
-
-static void print_exe_abi(int pid)
-{
- int fd, r;
- char exeline[1024];
-
- snprintf(exeline, sizeof(exeline), "/proc/%d/exe", pid);
- fd = open(exeline, O_RDONLY);
- if (fd == 0) {
- printf(" ");
- return;
- }
- r = read(fd, exeline, 5 /* 4 byte ELFMAG + 1 byte EI_CLASS */);
- close(fd);
- if (r < 0) {
- printf(" ");
- return;
- }
- if (memcmp("\177ELF", exeline, 4) != 0) {
- printf("?? ");
- return;
- }
- switch (exeline[4]) {
- case 1:
- printf("32 ");
- return;
- case 2:
- printf("64 ");
- return;
- default:
- printf("?? ");
- return;
- }
-}
-
-void ps_threads(int pid)
-{
- char tmp[128];
- DIR *d;
- struct dirent *de;
-
- snprintf(tmp,sizeof(tmp),"/proc/%d/task",pid);
- d = opendir(tmp);
- if (d == 0) return;
-
- while ((de = readdir(d)) != 0) {
- if (isdigit(de->d_name[0])) {
- int tid = atoi(de->d_name);
- if (tid == pid) continue;
- ps_line(pid, tid);
- }
- }
- closedir(d);
-}
-
-int ps_main(int argc, char **argv)
-{
- DIR *d;
- struct dirent *de;
- int pidfilter = 0;
- int threads = 0;
-
- while (argc > 1) {
- if (!strcmp(argv[1], "-t")) {
- threads = 1;
- } else if (!strcmp(argv[1], "-n")) {
- display_flags |= SHOW_NUMERIC_UID;
- } else if (!strcmp(argv[1], "-x")) {
- display_flags |= SHOW_TIME;
- } else if (!strcmp(argv[1], "-Z")) {
- display_flags |= SHOW_MACLABEL;
- } else if (!strcmp(argv[1], "-P")) {
- display_flags |= SHOW_POLICY;
- } else if (!strcmp(argv[1], "-p")) {
- display_flags |= SHOW_PRIO;
- } else if (!strcmp(argv[1], "-c")) {
- display_flags |= SHOW_CPU;
- } else if (!strcmp(argv[1], "--abi")) {
- display_flags |= SHOW_ABI;
- } else if (!strcmp(argv[1], "--ppid")) {
- if (argc < 3) {
- /* Bug 26554285: Use printf because some apps require at least
- * one line of output to stdout even for errors.
- */
- printf("no ppid\n");
- return 1;
- }
- ppid_filter = atoi(argv[2]);
- if (ppid_filter == 0) {
- /* Bug 26554285: Use printf because some apps require at least
- * one line of output to stdout even for errors.
- */
- printf("bad ppid '%s'\n", argv[2]);
- return 1;
- }
- argc--;
- argv++;
- } else {
- pidfilter = atoi(argv[1]);
- if (pidfilter == 0) {
- /* Bug 26554285: Use printf because some apps require at least
- * one line of output to stdout even for errors.
- */
- printf("bad pid '%s'\n", argv[1]);
- return 1;
- }
- }
- argc--;
- argv++;
- }
-
- if (display_flags & SHOW_MACLABEL) {
- printf("LABEL ");
- }
- printf("USER PID PPID VSIZE RSS %s%s %sWCHAN %*s %sNAME\n",
- (display_flags&SHOW_CPU)?"CPU ":"",
- (display_flags&SHOW_PRIO)?"PRIO NICE RTPRI SCHED ":"",
- (display_flags&SHOW_POLICY)?"PCY " : "",
- (int) PC_WIDTH, "PC",
- (display_flags&SHOW_ABI)?"ABI " : "");
-
- d = opendir("/proc");
- if (d == 0) return -1;
-
- while ((de = readdir(d)) != 0) {
- if (isdigit(de->d_name[0])) {
- int pid = atoi(de->d_name);
- if (!pidfilter || (pidfilter == pid)) {
- ps_line(pid, 0);
- if (threads) ps_threads(pid);
- }
- }
- }
- closedir(d);
- return 0;
-}
diff --git a/trusty/gatekeeper/Android.mk b/trusty/gatekeeper/Android.mk
new file mode 100644
index 0000000..3982c8f
--- /dev/null
+++ b/trusty/gatekeeper/Android.mk
@@ -0,0 +1,46 @@
+#
+# Copyright (C) 2015 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# WARNING: Everything listed here will be built on ALL platforms,
+# including x86, the emulator, and the SDK. Modules must be uniquely
+# named (liblights.panda), and must build everywhere, or limit themselves
+# to only building on ARM if they include assembly. Individual makefiles
+# are responsible for having their own logic, for fine-grained control.
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := gatekeeper.trusty
+
+LOCAL_MODULE_RELATIVE_PATH := hw
+
+LOCAL_SRC_FILES := \
+ module.cpp \
+ trusty_gatekeeper_ipc.c \
+ trusty_gatekeeper.cpp
+
+LOCAL_CLFAGS = -fvisibility=hidden -Wall -Werror
+
+LOCAL_SHARED_LIBRARIES := \
+ libgatekeeper \
+ liblog \
+ libcutils \
+ libtrusty
+
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SHARED_LIBRARY)
diff --git a/trusty/gatekeeper/gatekeeper_ipc.h b/trusty/gatekeeper/gatekeeper_ipc.h
new file mode 100644
index 0000000..b05dcd8
--- /dev/null
+++ b/trusty/gatekeeper/gatekeeper_ipc.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#define GATEKEEPER_PORT "com.android.trusty.gatekeeper"
+#define GATEKEEPER_MAX_BUFFER_LENGTH 1024
+
+enum gatekeeper_command {
+ GK_REQ_SHIFT = 1,
+ GK_RESP_BIT = 1,
+
+ GK_ENROLL = (0 << GK_REQ_SHIFT),
+ GK_VERIFY = (1 << GK_REQ_SHIFT),
+};
+
+/**
+ * gatekeeper_message - Serial header for communicating with GK server
+ * @cmd: the command, one of ENROLL, VERIFY. Payload must be a serialized
+ * buffer of the corresponding request object.
+ * @payload: start of the serialized command specific payload
+ */
+struct gatekeeper_message {
+ uint32_t cmd;
+ uint8_t payload[0];
+};
+
diff --git a/trusty/gatekeeper/module.cpp b/trusty/gatekeeper/module.cpp
new file mode 100644
index 0000000..0ee3c2f
--- /dev/null
+++ b/trusty/gatekeeper/module.cpp
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <hardware/hardware.h>
+
+#include <string.h>
+#include <errno.h>
+#include <stdlib.h>
+
+#include "trusty_gatekeeper.h"
+
+using gatekeeper::TrustyGateKeeperDevice;
+
+static int trusty_gatekeeper_open(const hw_module_t *module, const char *name,
+ hw_device_t **device) {
+
+ if (strcmp(name, HARDWARE_GATEKEEPER) != 0) {
+ return -EINVAL;
+ }
+
+ TrustyGateKeeperDevice *gatekeeper = new TrustyGateKeeperDevice(module);
+ if (gatekeeper == NULL) return -ENOMEM;
+ *device = gatekeeper->hw_device();
+
+ return 0;
+}
+
+static struct hw_module_methods_t gatekeeper_module_methods = {
+ .open = trusty_gatekeeper_open,
+};
+
+struct gatekeeper_module HAL_MODULE_INFO_SYM __attribute__((visibility("default"))) = {
+ .common = {
+ .tag = HARDWARE_MODULE_TAG,
+ .module_api_version = GATEKEEPER_MODULE_API_VERSION_0_1,
+ .hal_api_version = HARDWARE_HAL_API_VERSION,
+ .id = GATEKEEPER_HARDWARE_MODULE_ID,
+ .name = "Trusty GateKeeper HAL",
+ .author = "The Android Open Source Project",
+ .methods = &gatekeeper_module_methods,
+ .dso = 0,
+ .reserved = {}
+ },
+};
diff --git a/trusty/gatekeeper/trusty_gatekeeper.cpp b/trusty/gatekeeper/trusty_gatekeeper.cpp
new file mode 100644
index 0000000..d24f44f
--- /dev/null
+++ b/trusty/gatekeeper/trusty_gatekeeper.cpp
@@ -0,0 +1,230 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <stdio.h>
+#include <assert.h>
+#include <type_traits>
+
+#include "trusty_gatekeeper.h"
+#include "trusty_gatekeeper_ipc.h"
+#include "gatekeeper_ipc.h"
+
+#define LOG_TAG "TrustyGateKeeper"
+#include <cutils/log.h>
+
+namespace gatekeeper {
+
+const uint32_t SEND_BUF_SIZE = 8192;
+const uint32_t RECV_BUF_SIZE = 8192;
+
+TrustyGateKeeperDevice::TrustyGateKeeperDevice(const hw_module_t *module) {
+#if __cplusplus >= 201103L || defined(__GXX_EXPERIMENTAL_CXX0X__)
+ static_assert(std::is_standard_layout<TrustyGateKeeperDevice>::value,
+ "TrustyGateKeeperDevice must be standard layout");
+ static_assert(offsetof(TrustyGateKeeperDevice, device_) == 0,
+ "device_ must be the first member of TrustyGateKeeperDevice");
+ static_assert(offsetof(TrustyGateKeeperDevice, device_.common) == 0,
+ "common must be the first member of gatekeeper_device");
+#else
+ assert(reinterpret_cast<gatekeeper_device_t *>(this) == &device_);
+ assert(reinterpret_cast<hw_device_t *>(this) == &(device_.common));
+#endif
+
+ memset(&device_, 0, sizeof(device_));
+ device_.common.tag = HARDWARE_DEVICE_TAG;
+ device_.common.version = 1;
+ device_.common.module = const_cast<hw_module_t *>(module);
+ device_.common.close = close_device;
+
+ device_.enroll = enroll;
+ device_.verify = verify;
+ device_.delete_user = nullptr;
+ device_.delete_all_users = nullptr;
+
+ int rc = trusty_gatekeeper_connect();
+ if (rc < 0) {
+ ALOGE("Error initializing trusty session: %d", rc);
+ }
+
+ error_ = rc;
+
+}
+
+hw_device_t* TrustyGateKeeperDevice::hw_device() {
+ return &device_.common;
+}
+
+int TrustyGateKeeperDevice::close_device(hw_device_t* dev) {
+ delete reinterpret_cast<TrustyGateKeeperDevice *>(dev);
+ return 0;
+}
+
+TrustyGateKeeperDevice::~TrustyGateKeeperDevice() {
+ trusty_gatekeeper_disconnect();
+}
+
+int TrustyGateKeeperDevice::Enroll(uint32_t uid, const uint8_t *current_password_handle,
+ uint32_t current_password_handle_length, const uint8_t *current_password,
+ uint32_t current_password_length, const uint8_t *desired_password,
+ uint32_t desired_password_length, uint8_t **enrolled_password_handle,
+ uint32_t *enrolled_password_handle_length) {
+
+ if (error_ != 0) {
+ return error_;
+ }
+
+ SizedBuffer desired_password_buffer(desired_password_length);
+ memcpy(desired_password_buffer.buffer.get(), desired_password, desired_password_length);
+
+ SizedBuffer current_password_handle_buffer(current_password_handle_length);
+ if (current_password_handle) {
+ memcpy(current_password_handle_buffer.buffer.get(), current_password_handle,
+ current_password_handle_length);
+ }
+
+ SizedBuffer current_password_buffer(current_password_length);
+ if (current_password) {
+ memcpy(current_password_buffer.buffer.get(), current_password, current_password_length);
+ }
+
+ EnrollRequest request(uid, ¤t_password_handle_buffer, &desired_password_buffer,
+ ¤t_password_buffer);
+ EnrollResponse response;
+
+ gatekeeper_error_t error = Send(request, &response);
+
+ if (error == ERROR_RETRY) {
+ return response.retry_timeout;
+ } else if (error != ERROR_NONE) {
+ return -EINVAL;
+ }
+
+ *enrolled_password_handle = response.enrolled_password_handle.buffer.release();
+ *enrolled_password_handle_length = response.enrolled_password_handle.length;
+
+
+ return 0;
+}
+
+int TrustyGateKeeperDevice::Verify(uint32_t uid, uint64_t challenge,
+ const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
+ const uint8_t *provided_password, uint32_t provided_password_length,
+ uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll) {
+ if (error_ != 0) {
+ return error_;
+ }
+
+ SizedBuffer password_handle_buffer(enrolled_password_handle_length);
+ memcpy(password_handle_buffer.buffer.get(), enrolled_password_handle,
+ enrolled_password_handle_length);
+ SizedBuffer provided_password_buffer(provided_password_length);
+ memcpy(provided_password_buffer.buffer.get(), provided_password, provided_password_length);
+
+ VerifyRequest request(uid, challenge, &password_handle_buffer, &provided_password_buffer);
+ VerifyResponse response;
+
+ gatekeeper_error_t error = Send(request, &response);
+
+ if (error == ERROR_RETRY) {
+ return response.retry_timeout;
+ } else if (error != ERROR_NONE) {
+ return -EINVAL;
+ }
+
+ if (auth_token != NULL && auth_token_length != NULL) {
+ *auth_token = response.auth_token.buffer.release();
+ *auth_token_length = response.auth_token.length;
+ }
+
+ if (request_reenroll != NULL) {
+ *request_reenroll = response.request_reenroll;
+ }
+
+ return 0;
+}
+
+gatekeeper_error_t TrustyGateKeeperDevice::Send(uint32_t command, const GateKeeperMessage& request,
+ GateKeeperMessage *response) {
+ uint32_t request_size = request.GetSerializedSize();
+ if (request_size > SEND_BUF_SIZE)
+ return ERROR_INVALID;
+ uint8_t send_buf[SEND_BUF_SIZE];
+ request.Serialize(send_buf, send_buf + request_size);
+
+ // Send it
+ uint8_t recv_buf[RECV_BUF_SIZE];
+ uint32_t response_size = RECV_BUF_SIZE;
+ int rc = trusty_gatekeeper_call(command, send_buf, request_size, recv_buf, &response_size);
+ if (rc < 0) {
+ ALOGE("error (%d) calling gatekeeper TA", rc);
+ return ERROR_INVALID;
+ }
+
+ const gatekeeper_message *msg = reinterpret_cast<gatekeeper_message *>(recv_buf);
+ const uint8_t *payload = msg->payload;
+
+ return response->Deserialize(payload, payload + response_size);
+}
+
+static inline TrustyGateKeeperDevice *convert_device(const gatekeeper_device *dev) {
+ return reinterpret_cast<TrustyGateKeeperDevice *>(const_cast<gatekeeper_device *>(dev));
+}
+
+/* static */
+int TrustyGateKeeperDevice::enroll(const struct gatekeeper_device *dev, uint32_t uid,
+ const uint8_t *current_password_handle, uint32_t current_password_handle_length,
+ const uint8_t *current_password, uint32_t current_password_length,
+ const uint8_t *desired_password, uint32_t desired_password_length,
+ uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) {
+
+ if (dev == NULL ||
+ enrolled_password_handle == NULL || enrolled_password_handle_length == NULL ||
+ desired_password == NULL || desired_password_length == 0)
+ return -EINVAL;
+
+ // Current password and current password handle go together
+ if (current_password_handle == NULL || current_password_handle_length == 0 ||
+ current_password == NULL || current_password_length == 0) {
+ current_password_handle = NULL;
+ current_password_handle_length = 0;
+ current_password = NULL;
+ current_password_length = 0;
+ }
+
+ return convert_device(dev)->Enroll(uid, current_password_handle, current_password_handle_length,
+ current_password, current_password_length, desired_password, desired_password_length,
+ enrolled_password_handle, enrolled_password_handle_length);
+
+}
+
+/* static */
+int TrustyGateKeeperDevice::verify(const struct gatekeeper_device *dev, uint32_t uid,
+ uint64_t challenge, const uint8_t *enrolled_password_handle,
+ uint32_t enrolled_password_handle_length, const uint8_t *provided_password,
+ uint32_t provided_password_length, uint8_t **auth_token, uint32_t *auth_token_length,
+ bool *request_reenroll) {
+
+ if (dev == NULL || enrolled_password_handle == NULL ||
+ provided_password == NULL) {
+ return -EINVAL;
+ }
+
+ return convert_device(dev)->Verify(uid, challenge, enrolled_password_handle,
+ enrolled_password_handle_length, provided_password, provided_password_length,
+ auth_token, auth_token_length, request_reenroll);
+}
+};
diff --git a/trusty/gatekeeper/trusty_gatekeeper.h b/trusty/gatekeeper/trusty_gatekeeper.h
new file mode 100644
index 0000000..82108dc
--- /dev/null
+++ b/trusty/gatekeeper/trusty_gatekeeper.h
@@ -0,0 +1,126 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TRUSTY_GATEKEEPER_H
+#define TRUSTY_GATEKEEPER_H
+
+#include <hardware/gatekeeper.h>
+#include <gatekeeper/gatekeeper_messages.h>
+
+#include "gatekeeper_ipc.h"
+
+namespace gatekeeper {
+
+class TrustyGateKeeperDevice {
+ public:
+
+ TrustyGateKeeperDevice(const hw_module_t* module);
+ ~TrustyGateKeeperDevice();
+
+ hw_device_t* hw_device();
+
+ /**
+ * Enrolls password_payload, which should be derived from a user selected pin or password,
+ * with the authentication factor private key used only for enrolling authentication
+ * factor data.
+ *
+ * Returns: 0 on success or an error code less than 0 on error.
+ * On error, enrolled_password will not be allocated.
+ */
+ int Enroll(uint32_t uid, const uint8_t *current_password_handle,
+ uint32_t current_password_handle_length, const uint8_t *current_password,
+ uint32_t current_password_length, const uint8_t *desired_password,
+ uint32_t desired_password_length, uint8_t **enrolled_password_handle,
+ uint32_t *enrolled_password_handle_length);
+
+ /**
+ * Verifies provided_password matches expected_password after enrolling
+ * with the authentication factor private key.
+ *
+ * Implementations of this module may retain the result of this call
+ * to attest to the recency of authentication.
+ *
+ * On success, writes the address of a verification token to verification_token,
+ *
+ * Returns: 0 on success or an error code less than 0 on error
+ * On error, verification token will not be allocated
+ */
+ int Verify(uint32_t uid, uint64_t challenge, const uint8_t *enrolled_password_handle,
+ uint32_t enrolled_password_handle_length, const uint8_t *provided_password,
+ uint32_t provided_password_length, uint8_t **auth_token, uint32_t *auth_token_length,
+ bool *request_reenroll);
+
+ private:
+
+ gatekeeper_error_t Send(uint32_t command, const GateKeeperMessage& request,
+ GateKeeperMessage* response);
+
+ gatekeeper_error_t Send(const EnrollRequest& request, EnrollResponse *response) {
+ return Send(GK_ENROLL, request, response);
+ }
+
+ gatekeeper_error_t Send(const VerifyRequest& request, VerifyResponse *response) {
+ return Send(GK_VERIFY, request, response);
+ }
+
+ // Static methods interfacing the HAL API with the TrustyGateKeeper device
+
+ /**
+ * Enrolls desired_password, which should be derived from a user selected pin or password,
+ * with the authentication factor private key used only for enrolling authentication
+ * factor data.
+ *
+ * If there was already a password enrolled, it should be provided in
+ * current_password_handle, along with the current password in current_password
+ * that should validate against current_password_handle.
+ *
+ * Returns: 0 on success or an error code less than 0 on error.
+ * On error, enrolled_password_handle will not be allocated.
+ */
+ static int enroll(const struct gatekeeper_device *dev, uint32_t uid,
+ const uint8_t *current_password_handle, uint32_t current_password_handle_length,
+ const uint8_t *current_password, uint32_t current_password_length,
+ const uint8_t *desired_password, uint32_t desired_password_length,
+ uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length);
+
+ /**
+ * Verifies provided_password matches enrolled_password_handle.
+ *
+ * Implementations of this module may retain the result of this call
+ * to attest to the recency of authentication.
+ *
+ * On success, writes the address of a verification token to auth_token,
+ * usable to attest password verification to other trusted services. Clients
+ * may pass NULL for this value.
+ *
+ * Returns: 0 on success or an error code less than 0 on error
+ * On error, verification token will not be allocated
+ */
+ static int verify(const struct gatekeeper_device *dev, uint32_t uid, uint64_t challenge,
+ const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
+ const uint8_t *provided_password, uint32_t provided_password_length,
+ uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll);
+
+ static int close_device(hw_device_t* dev);
+
+ gatekeeper_device device_;
+ int error_;
+
+};
+}
+
+#endif
+
diff --git a/trusty/gatekeeper/trusty_gatekeeper_ipc.c b/trusty/gatekeeper/trusty_gatekeeper_ipc.c
new file mode 100644
index 0000000..a1c319e
--- /dev/null
+++ b/trusty/gatekeeper/trusty_gatekeeper_ipc.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define LOG_TAG "TrustyGateKeeper"
+#include <cutils/log.h>
+#include <trusty/tipc.h>
+
+#include "trusty_gatekeeper_ipc.h"
+#include "gatekeeper_ipc.h"
+
+#define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0"
+
+static int handle_ = 0;
+
+int trusty_gatekeeper_connect() {
+ int rc = tipc_connect(TRUSTY_DEVICE_NAME, GATEKEEPER_PORT);
+ if (rc < 0) {
+ return rc;
+ }
+
+ handle_ = rc;
+ return 0;
+}
+
+int trusty_gatekeeper_call(uint32_t cmd, void *in, uint32_t in_size, uint8_t *out,
+ uint32_t *out_size) {
+ if (handle_ == 0) {
+ ALOGE("not connected\n");
+ return -EINVAL;
+ }
+
+ size_t msg_size = in_size + sizeof(struct gatekeeper_message);
+ struct gatekeeper_message *msg = malloc(msg_size);
+ msg->cmd = cmd;
+ memcpy(msg->payload, in, in_size);
+
+ ssize_t rc = write(handle_, msg, msg_size);
+ free(msg);
+
+ if (rc < 0) {
+ ALOGE("failed to send cmd (%d) to %s: %s\n", cmd,
+ GATEKEEPER_PORT, strerror(errno));
+ return -errno;
+ }
+
+ rc = read(handle_, out, *out_size);
+ if (rc < 0) {
+ ALOGE("failed to retrieve response for cmd (%d) to %s: %s\n",
+ cmd, GATEKEEPER_PORT, strerror(errno));
+ return -errno;
+ }
+
+ if ((size_t) rc < sizeof(struct gatekeeper_message)) {
+ ALOGE("invalid response size (%d)\n", (int) rc);
+ return -EINVAL;
+ }
+
+ msg = (struct gatekeeper_message *) out;
+
+ if ((cmd | GK_RESP_BIT) != msg->cmd) {
+ ALOGE("invalid command (%d)\n", msg->cmd);
+ return -EINVAL;
+ }
+
+ *out_size = ((size_t) rc) - sizeof(struct gatekeeper_message);
+ return rc;
+}
+
+void trusty_gatekeeper_disconnect() {
+ if (handle_ != 0) {
+ tipc_close(handle_);
+ }
+}
+
diff --git a/libcutils/atomic.c b/trusty/gatekeeper/trusty_gatekeeper_ipc.h
similarity index 62%
copy from libcutils/atomic.c
copy to trusty/gatekeeper/trusty_gatekeeper_ipc.h
index d34aa00..f8de7f8 100644
--- a/libcutils/atomic.c
+++ b/trusty/gatekeeper/trusty_gatekeeper_ipc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007 The Android Open Source Project
+ * Copyright (C) 2015 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -14,13 +14,11 @@
* limitations under the License.
*/
-/*
- * Generate non-inlined versions of android_atomic functions.
- * Nobody should be using these, but some binary blobs currently (late 2014)
- * are.
- * If you read this in 2015 or later, please try to delete this file.
- */
+__BEGIN_DECLS
-#define ANDROID_ATOMIC_INLINE
+int trusty_gatekeeper_connect();
+int trusty_gatekeeper_call(uint32_t cmd, void *in, uint32_t in_size, uint8_t *out,
+ uint32_t *out_size);
+void trusty_gatekeeper_disconnect();
-#include <cutils/atomic.h>
+__END_DECLS
diff --git a/trusty/keymaster/Android.mk b/trusty/keymaster/Android.mk
new file mode 100644
index 0000000..0ebf52d
--- /dev/null
+++ b/trusty/keymaster/Android.mk
@@ -0,0 +1,67 @@
+#
+# Copyright (C) 2015 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# WARNING: Everything listed here will be built on ALL platforms,
+# including x86, the emulator, and the SDK. Modules must be uniquely
+# named (liblights.panda), and must build everywhere, or limit themselves
+# to only building on ARM if they include assembly. Individual makefiles
+# are responsible for having their own logic, for fine-grained control.
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+
+###
+# trusty_keymaster is a binary used only for on-device testing. It
+# runs Trusty Keymaster through a basic set of operations with RSA
+# and ECDSA keys.
+###
+LOCAL_MODULE := trusty_keymaster_tipc
+LOCAL_SRC_FILES := \
+ trusty_keymaster_device.cpp \
+ trusty_keymaster_ipc.c \
+ trusty_keymaster_main.cpp
+LOCAL_SHARED_LIBRARIES := \
+ libcrypto \
+ libcutils \
+ libkeymaster1 \
+ libtrusty \
+ libkeymaster_messages \
+ liblog
+
+include $(BUILD_EXECUTABLE)
+
+###
+# keystore.trusty is the HAL used by keystore on Trusty devices.
+##
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := keystore.trusty
+LOCAL_MODULE_RELATIVE_PATH := hw
+LOCAL_SRC_FILES := module.cpp \
+ trusty_keymaster_ipc.c \
+ trusty_keymaster_device.cpp
+LOCAL_CLFAGS = -fvisibility=hidden -Wall -Werror
+LOCAL_SHARED_LIBRARIES := \
+ libcrypto \
+ libkeymaster_messages \
+ libtrusty \
+ liblog \
+ libcutils
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SHARED_LIBRARY)
diff --git a/trusty/keymaster/Makefile b/trusty/keymaster/Makefile
new file mode 100644
index 0000000..f575381
--- /dev/null
+++ b/trusty/keymaster/Makefile
@@ -0,0 +1,199 @@
+#####
+# Local unit test Makefile
+#
+# This makefile builds and runs the trusty_keymaster unit tests locally on the development
+# machine, not on an Android device.
+#
+# To build and run these tests, one pre-requisite must be manually installed: BoringSSL.
+# This Makefile expects to find BoringSSL in a directory adjacent to $ANDROID_BUILD_TOP.
+# To get and build it, first install the Ninja build tool (e.g. apt-get install
+# ninja-build), then do:
+#
+# cd $ANDROID_BUILD_TOP/..
+# git clone https://boringssl.googlesource.com/boringssl
+# cd boringssl
+# mdkir build
+# cd build
+# cmake -GNinja ..
+# ninja
+#
+# Then return to $ANDROID_BUILD_TOP/system/keymaster and run "make".
+#####
+
+BASE=../../../..
+SUBS=system/core \
+ system/keymaster \
+ hardware/libhardware \
+ external/gtest
+GTEST=$(BASE)/external/gtest
+KM=$(BASE)/system/keymaster
+
+INCLUDES=$(foreach dir,$(SUBS),-I $(BASE)/$(dir)/include) \
+ -I $(BASE)/libnativehelper/include/nativehelper \
+ -I ../tipc/include \
+ -I $(BASE)/system/keymaster \
+ -I $(GTEST) \
+ -I$(BASE)/../boringssl/include
+
+ifdef USE_CLANG
+CC=/usr/bin/clang
+CXX=/usr/bin/clang
+CLANG_TEST_DEFINE=-DKEYMASTER_CLANG_TEST_BUILD
+COMPILER_SPECIFIC_ARGS=-std=c++11 $(CLANG_TEST_DEFINE)
+else
+COMPILER_SPECIFIC_ARGS=-std=c++0x -fprofile-arcs
+endif
+
+CPPFLAGS=$(INCLUDES) -g -O0 -MD
+CXXFLAGS=-Wall -Werror -Wno-unused -Winit-self -Wpointer-arith -Wunused-parameter \
+ -Wmissing-declarations -ftest-coverage \
+ -Wno-deprecated-declarations -fno-exceptions -DKEYMASTER_NAME_TAGS \
+ $(COMPILER_SPECIFIC_ARGS)
+LDLIBS=-L$(BASE)/../boringssl/build/crypto -lcrypto -lpthread -lstdc++
+
+CPPSRCS=\
+ $(KM)/aead_mode_operation.cpp \
+ $(KM)/aes_key.cpp \
+ $(KM)/aes_operation.cpp \
+ $(KM)/android_keymaster.cpp \
+ $(KM)/android_keymaster_messages.cpp \
+ $(KM)/android_keymaster_messages_test.cpp \
+ $(KM)/android_keymaster_test.cpp \
+ $(KM)/android_keymaster_test_utils.cpp \
+ $(KM)/android_keymaster_utils.cpp \
+ $(KM)/asymmetric_key.cpp \
+ $(KM)/auth_encrypted_key_blob.cpp \
+ $(KM)/auth_encrypted_key_blob.cpp \
+ $(KM)/authorization_set.cpp \
+ $(KM)/authorization_set_test.cpp \
+ $(KM)/ec_key.cpp \
+ $(KM)/ec_keymaster0_key.cpp \
+ $(KM)/ecdsa_operation.cpp \
+ $(KM)/hmac_key.cpp \
+ $(KM)/hmac_operation.cpp \
+ $(KM)/integrity_assured_key_blob.cpp \
+ $(KM)/key.cpp \
+ $(KM)/key_blob_test.cpp \
+ $(KM)/keymaster0_engine.cpp \
+ $(KM)/logger.cpp \
+ $(KM)/ocb_utils.cpp \
+ $(KM)/openssl_err.cpp \
+ $(KM)/openssl_utils.cpp \
+ $(KM)/operation.cpp \
+ $(KM)/operation_table.cpp \
+ $(KM)/rsa_key.cpp \
+ $(KM)/rsa_keymaster0_key.cpp \
+ $(KM)/rsa_operation.cpp \
+ $(KM)/serializable.cpp \
+ $(KM)/soft_keymaster_context.cpp \
+ $(KM)/symmetric_key.cpp \
+ $(KM)/unencrypted_key_blob.cpp \
+ trusty_keymaster_device.cpp \
+ trusty_keymaster_device_test.cpp
+CCSRCS=$(GTEST)/src/gtest-all.cc
+CSRCS=ocb.c
+
+OBJS=$(CPPSRCS:.cpp=.o) $(CCSRCS:.cc=.o) $(CSRCS:.c=.o)
+DEPS=$(CPPSRCS:.cpp=.d) $(CCSRCS:.cc=.d) $(CSRCS:.c=.d)
+GCDA=$(CPPSRCS:.cpp=.gcda) $(CCSRCS:.cc=.gcda) $(CSRCS:.c=.gcda)
+GCNO=$(CPPSRCS:.cpp=.gcno) $(CCSRCS:.cc=.gcno) $(CSRCS:.c=.gcno)
+
+LINK.o=$(LINK.cc)
+
+BINARIES=trusty_keymaster_device_test
+
+ifdef TRUSTY
+BINARIES += trusty_keymaster_device_test
+endif # TRUSTY
+
+.PHONY: coverage memcheck massif clean run
+
+%.run: %
+ ./$<
+ touch $@
+
+run: $(BINARIES:=.run)
+
+coverage: coverage.info
+ genhtml coverage.info --output-directory coverage
+
+coverage.info: run
+ lcov --capture --directory=. --output-file coverage.info
+
+%.coverage : %
+ $(MAKE) clean && $(MAKE) $<
+ ./$<
+ lcov --capture --directory=. --output-file coverage.info
+ genhtml coverage.info --output-directory coverage
+
+#UNINIT_OPTS=--track-origins=yes
+UNINIT_OPTS=--undef-value-errors=no
+
+MEMCHECK_OPTS=--leak-check=full \
+ --show-reachable=yes \
+ --vgdb=full \
+ $(UNINIT_OPTS) \
+ --error-exitcode=1
+
+MASSIF_OPTS=--tool=massif \
+ --stacks=yes
+
+%.memcheck : %
+ valgrind $(MEMCHECK_OPTS) ./$< && \
+ touch $@
+
+%.massif : %
+ valgrind $(MASSIF_OPTS) --massif-out-file=$@ ./$<
+
+memcheck: $(BINARIES:=.memcheck)
+
+massif: $(BINARIES:=.massif)
+
+trusty_keymaster_device_test: trusty_keymaster_device_test.o \
+ trusty_keymaster_device.o \
+ $(KM)/aead_mode_operation.o \
+ $(KM)/aes_key.o \
+ $(KM)/aes_operation.o \
+ $(KM)/android_keymaster.o \
+ $(KM)/android_keymaster_messages.o \
+ $(KM)/android_keymaster_test_utils.o \
+ $(KM)/android_keymaster_utils.o \
+ $(KM)/asymmetric_key.o \
+ $(KM)/auth_encrypted_key_blob.o \
+ $(KM)/auth_encrypted_key_blob.o \
+ $(KM)/authorization_set.o \
+ $(KM)/ec_key.o \
+ $(KM)/ec_keymaster0_key.cpp \
+ $(KM)/ecdsa_operation.o \
+ $(KM)/hmac_key.o \
+ $(KM)/hmac_operation.o \
+ $(KM)/integrity_assured_key_blob.o \
+ $(KM)/key.o \
+ $(KM)/keymaster0_engine.o \
+ $(KM)/logger.o \
+ $(KM)/ocb.o \
+ $(KM)/ocb_utils.o \
+ $(KM)/openssl_err.o \
+ $(KM)/openssl_utils.o \
+ $(KM)/operation.o \
+ $(KM)/operation_table.o \
+ $(KM)/rsa_key.o \
+ $(KM)/rsa_keymaster0_key.o \
+ $(KM)/rsa_operation.o \
+ $(KM)/serializable.o \
+ $(KM)/soft_keymaster_context.o \
+ $(KM)/symmetric_key.o \
+ $(GTEST)/src/gtest-all.o
+
+$(GTEST)/src/gtest-all.o: CXXFLAGS:=$(subst -Wmissing-declarations,,$(CXXFLAGS))
+ocb.o: CFLAGS=$(CLANG_TEST_DEFINE)
+
+clean:
+ rm -f $(OBJS) $(DEPS) $(GCDA) $(GCNO) $(BINARIES) \
+ $(BINARIES:=.run) $(BINARIES:=.memcheck) $(BINARIES:=.massif) \
+ coverage.info
+ rm -rf coverage
+
+-include $(CPPSRCS:.cpp=.d)
+-include $(CCSRCS:.cc=.d)
+
diff --git a/trusty/keymaster/keymaster_ipc.h b/trusty/keymaster/keymaster_ipc.h
new file mode 100644
index 0000000..48fa53d
--- /dev/null
+++ b/trusty/keymaster/keymaster_ipc.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#define KEYMASTER_PORT "com.android.trusty.keymaster"
+#define KEYMASTER_MAX_BUFFER_LENGTH 4096
+
+// Commands
+enum keymaster_command {
+ KEYMASTER_RESP_BIT = 1,
+ KEYMASTER_REQ_SHIFT = 1,
+
+ KM_GENERATE_KEY = (0 << KEYMASTER_REQ_SHIFT),
+ KM_BEGIN_OPERATION = (1 << KEYMASTER_REQ_SHIFT),
+ KM_UPDATE_OPERATION = (2 << KEYMASTER_REQ_SHIFT),
+ KM_FINISH_OPERATION = (3 << KEYMASTER_REQ_SHIFT),
+ KM_ABORT_OPERATION = (4 << KEYMASTER_REQ_SHIFT),
+ KM_IMPORT_KEY = (5 << KEYMASTER_REQ_SHIFT),
+ KM_EXPORT_KEY = (6 << KEYMASTER_REQ_SHIFT),
+ KM_GET_VERSION = (7 << KEYMASTER_REQ_SHIFT),
+ KM_ADD_RNG_ENTROPY = (8 << KEYMASTER_REQ_SHIFT),
+ KM_GET_SUPPORTED_ALGORITHMS = (9 << KEYMASTER_REQ_SHIFT),
+ KM_GET_SUPPORTED_BLOCK_MODES = (10 << KEYMASTER_REQ_SHIFT),
+ KM_GET_SUPPORTED_PADDING_MODES = (11 << KEYMASTER_REQ_SHIFT),
+ KM_GET_SUPPORTED_DIGESTS = (12 << KEYMASTER_REQ_SHIFT),
+ KM_GET_SUPPORTED_IMPORT_FORMATS = (13 << KEYMASTER_REQ_SHIFT),
+ KM_GET_SUPPORTED_EXPORT_FORMATS = (14 << KEYMASTER_REQ_SHIFT),
+ KM_GET_KEY_CHARACTERISTICS = (15 << KEYMASTER_REQ_SHIFT),
+};
+
+#ifdef __ANDROID__
+
+/**
+ * keymaster_message - Serial header for communicating with KM server
+ * @cmd: the command, one of keymaster_command.
+ * @payload: start of the serialized command specific payload
+ */
+struct keymaster_message {
+ uint32_t cmd;
+ uint8_t payload[0];
+};
+
+#endif
diff --git a/trusty/keymaster/module.cpp b/trusty/keymaster/module.cpp
new file mode 100644
index 0000000..81597d9
--- /dev/null
+++ b/trusty/keymaster/module.cpp
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <errno.h>
+#include <string.h>
+
+#include <hardware/hardware.h>
+#include <hardware/keymaster0.h>
+
+#include "trusty_keymaster_device.h"
+
+using keymaster::TrustyKeymasterDevice;
+
+/*
+ * Generic device handling
+ */
+static int trusty_keymaster_open(const hw_module_t* module, const char* name,
+ hw_device_t** device) {
+ if (strcmp(name, KEYSTORE_KEYMASTER) != 0)
+ return -EINVAL;
+
+ TrustyKeymasterDevice* dev = new TrustyKeymasterDevice(module);
+ if (dev == NULL)
+ return -ENOMEM;
+ *device = dev->hw_device();
+ // Do not delete dev; it will get cleaned up when the caller calls device->close(), and must
+ // exist until then.
+ return 0;
+}
+
+static struct hw_module_methods_t keystore_module_methods = {
+ .open = trusty_keymaster_open,
+};
+
+struct keystore_module HAL_MODULE_INFO_SYM __attribute__((visibility("default"))) = {
+ .common =
+ {
+ .tag = HARDWARE_MODULE_TAG,
+ .module_api_version = KEYMASTER_MODULE_API_VERSION_0_3,
+ .hal_api_version = HARDWARE_HAL_API_VERSION,
+ .id = KEYSTORE_HARDWARE_MODULE_ID,
+ .name = "Trusty Keymaster HAL",
+ .author = "The Android Open Source Project",
+ .methods = &keystore_module_methods,
+ .dso = 0,
+ .reserved = {},
+ },
+};
diff --git a/trusty/keymaster/trusty_keymaster_device.cpp b/trusty/keymaster/trusty_keymaster_device.cpp
new file mode 100644
index 0000000..069b4fe
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_device.cpp
@@ -0,0 +1,536 @@
+/*
+ * Copyright 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "trusty_keymaster_device.h"
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <stddef.h>
+
+#include <type_traits>
+
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+#define LOG_TAG "TrustyKeymaster"
+#include <cutils/log.h>
+#include <hardware/keymaster0.h>
+
+#include <keymaster/authorization_set.h>
+
+#include "trusty_keymaster_ipc.h"
+#include "keymaster_ipc.h"
+
+const uint32_t SEND_BUF_SIZE = 8192;
+const uint32_t RECV_BUF_SIZE = 8192;
+
+namespace keymaster {
+
+static keymaster_error_t translate_error(int err) {
+ switch (err) {
+ case 0:
+ return KM_ERROR_OK;
+ case -EPERM:
+ case -EACCES:
+ return KM_ERROR_SECURE_HW_ACCESS_DENIED;
+
+ case -ECANCELED:
+ return KM_ERROR_OPERATION_CANCELLED;
+
+ case -ENODEV:
+ return KM_ERROR_UNIMPLEMENTED;
+
+ case -ENOMEM:
+ return KM_ERROR_MEMORY_ALLOCATION_FAILED;
+
+ case -EBUSY:
+ return KM_ERROR_SECURE_HW_BUSY;
+
+ case -EIO:
+ return KM_ERROR_SECURE_HW_COMMUNICATION_FAILED;
+
+ case -EOVERFLOW:
+ return KM_ERROR_INVALID_INPUT_LENGTH;
+
+ default:
+ return KM_ERROR_UNKNOWN_ERROR;
+ }
+}
+
+TrustyKeymasterDevice::TrustyKeymasterDevice(const hw_module_t* module) {
+ static_assert(std::is_standard_layout<TrustyKeymasterDevice>::value,
+ "TrustyKeymasterDevice must be standard layout");
+ static_assert(offsetof(TrustyKeymasterDevice, device_) == 0,
+ "device_ must be the first member of KeymasterOpenSsl");
+ static_assert(offsetof(TrustyKeymasterDevice, device_.common) == 0,
+ "common must be the first member of keymaster_device");
+
+ ALOGI("Creating device");
+ ALOGD("Device address: %p", this);
+
+ memset(&device_, 0, sizeof(device_));
+
+ device_.common.tag = HARDWARE_DEVICE_TAG;
+ device_.common.version = 1;
+ device_.common.module = const_cast<hw_module_t*>(module);
+ device_.common.close = close_device;
+
+ device_.flags = KEYMASTER_BLOBS_ARE_STANDALONE | KEYMASTER_SUPPORTS_EC;
+
+ device_.generate_keypair = generate_keypair;
+ device_.import_keypair = import_keypair;
+ device_.get_keypair_public = get_keypair_public;
+ device_.delete_keypair = NULL;
+ device_.delete_all = NULL;
+ device_.sign_data = sign_data;
+ device_.verify_data = verify_data;
+
+ device_.context = NULL;
+
+ int rc = trusty_keymaster_connect();
+ error_ = translate_error(rc);
+ if (rc < 0) {
+ ALOGE("failed to connect to keymaster (%d)", rc);
+ return;
+ }
+
+ GetVersionRequest version_request;
+ GetVersionResponse version_response;
+ error_ = Send(version_request, &version_response);
+ if (error_ == KM_ERROR_INVALID_ARGUMENT || error_ == KM_ERROR_UNIMPLEMENTED) {
+ ALOGI("\"Bad parameters\" error on GetVersion call. Assuming version 0.");
+ message_version_ = 0;
+ error_ = KM_ERROR_OK;
+ }
+ message_version_ = MessageVersion(version_response.major_ver, version_response.minor_ver,
+ version_response.subminor_ver);
+ if (message_version_ < 0) {
+ // Can't translate version? Keymaster implementation must be newer.
+ ALOGE("Keymaster version %d.%d.%d not supported.", version_response.major_ver,
+ version_response.minor_ver, version_response.subminor_ver);
+ error_ = KM_ERROR_VERSION_MISMATCH;
+ }
+}
+
+TrustyKeymasterDevice::~TrustyKeymasterDevice() {
+ trusty_keymaster_disconnect();
+}
+
+const uint64_t HUNDRED_YEARS = 1000LL * 60 * 60 * 24 * 365 * 100;
+
+int TrustyKeymasterDevice::generate_keypair(const keymaster_keypair_t key_type,
+ const void* key_params, uint8_t** key_blob,
+ size_t* key_blob_length) {
+ ALOGD("Device received generate_keypair");
+
+ if (error_ != KM_ERROR_OK)
+ return error_;
+
+ GenerateKeyRequest req(message_version_);
+ StoreNewKeyParams(&req.key_description);
+
+ switch (key_type) {
+ case TYPE_RSA: {
+ req.key_description.push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
+ const keymaster_rsa_keygen_params_t* rsa_params =
+ static_cast<const keymaster_rsa_keygen_params_t*>(key_params);
+ ALOGD("Generating RSA pair, modulus size: %u, public exponent: %lu",
+ rsa_params->modulus_size, rsa_params->public_exponent);
+ req.key_description.push_back(TAG_KEY_SIZE, rsa_params->modulus_size);
+ req.key_description.push_back(TAG_RSA_PUBLIC_EXPONENT, rsa_params->public_exponent);
+ break;
+ }
+
+ case TYPE_EC: {
+ req.key_description.push_back(TAG_ALGORITHM, KM_ALGORITHM_EC);
+ const keymaster_ec_keygen_params_t* ec_params =
+ static_cast<const keymaster_ec_keygen_params_t*>(key_params);
+ ALOGD("Generating ECDSA pair, key size: %u", ec_params->field_size);
+ req.key_description.push_back(TAG_KEY_SIZE, ec_params->field_size);
+ break;
+ }
+ default:
+ ALOGD("Received request for unsuported key type %d", key_type);
+ return KM_ERROR_UNSUPPORTED_ALGORITHM;
+ }
+
+ GenerateKeyResponse rsp(message_version_);
+ ALOGD("Sending generate request");
+ keymaster_error_t err = Send(req, &rsp);
+ if (err != KM_ERROR_OK) {
+ ALOGE("Got error %d from send", err);
+ return err;
+ }
+
+ *key_blob_length = rsp.key_blob.key_material_size;
+ *key_blob = static_cast<uint8_t*>(malloc(*key_blob_length));
+ memcpy(*key_blob, rsp.key_blob.key_material, *key_blob_length);
+ ALOGD("Returning %d bytes in key blob\n", (int)*key_blob_length);
+
+ return KM_ERROR_OK;
+}
+
+struct EVP_PKEY_Delete {
+ void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
+};
+
+struct PKCS8_PRIV_KEY_INFO_Delete {
+ void operator()(PKCS8_PRIV_KEY_INFO* p) const { PKCS8_PRIV_KEY_INFO_free(p); }
+};
+
+int TrustyKeymasterDevice::import_keypair(const uint8_t* key, const size_t key_length,
+ uint8_t** key_blob, size_t* key_blob_length) {
+ ALOGD("Device received import_keypair");
+ if (error_ != KM_ERROR_OK)
+ return error_;
+
+ if (!key)
+ return KM_ERROR_UNEXPECTED_NULL_POINTER;
+
+ if (!key_blob || !key_blob_length)
+ return KM_ERROR_OUTPUT_PARAMETER_NULL;
+
+ ImportKeyRequest request(message_version_);
+ StoreNewKeyParams(&request.key_description);
+ keymaster_algorithm_t algorithm;
+ keymaster_error_t err = GetPkcs8KeyAlgorithm(key, key_length, &algorithm);
+ if (err != KM_ERROR_OK)
+ return err;
+ request.key_description.push_back(TAG_ALGORITHM, algorithm);
+
+ request.SetKeyMaterial(key, key_length);
+ request.key_format = KM_KEY_FORMAT_PKCS8;
+ ImportKeyResponse response(message_version_);
+ err = Send(request, &response);
+ if (err != KM_ERROR_OK)
+ return err;
+
+ *key_blob_length = response.key_blob.key_material_size;
+ *key_blob = static_cast<uint8_t*>(malloc(*key_blob_length));
+ memcpy(*key_blob, response.key_blob.key_material, *key_blob_length);
+ printf("Returning %d bytes in key blob\n", (int)*key_blob_length);
+
+ return KM_ERROR_OK;
+}
+
+keymaster_error_t TrustyKeymasterDevice::GetPkcs8KeyAlgorithm(const uint8_t* key, size_t key_length,
+ keymaster_algorithm_t* algorithm) {
+ if (key == NULL) {
+ ALOGE("No key specified for import");
+ return KM_ERROR_UNEXPECTED_NULL_POINTER;
+ }
+
+ UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> pkcs8(
+ d2i_PKCS8_PRIV_KEY_INFO(NULL, &key, key_length));
+ if (pkcs8.get() == NULL) {
+ ALOGE("Could not parse PKCS8 key blob");
+ return KM_ERROR_INVALID_KEY_BLOB;
+ }
+
+ UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKCS82PKEY(pkcs8.get()));
+ if (pkey.get() == NULL) {
+ ALOGE("Could not extract key from PKCS8 key blob");
+ return KM_ERROR_INVALID_KEY_BLOB;
+ }
+
+ switch (EVP_PKEY_type(pkey->type)) {
+ case EVP_PKEY_RSA:
+ *algorithm = KM_ALGORITHM_RSA;
+ break;
+ case EVP_PKEY_EC:
+ *algorithm = KM_ALGORITHM_EC;
+ break;
+ default:
+ ALOGE("Unsupported algorithm %d", EVP_PKEY_type(pkey->type));
+ return KM_ERROR_UNSUPPORTED_ALGORITHM;
+ }
+
+ return KM_ERROR_OK;
+}
+
+int TrustyKeymasterDevice::get_keypair_public(const uint8_t* key_blob, const size_t key_blob_length,
+ uint8_t** x509_data, size_t* x509_data_length) {
+ ALOGD("Device received get_keypair_public");
+ if (error_ != KM_ERROR_OK)
+ return error_;
+
+ ExportKeyRequest request(message_version_);
+ request.SetKeyMaterial(key_blob, key_blob_length);
+ request.key_format = KM_KEY_FORMAT_X509;
+ ExportKeyResponse response(message_version_);
+ keymaster_error_t err = Send(request, &response);
+ if (err != KM_ERROR_OK)
+ return err;
+
+ *x509_data_length = response.key_data_length;
+ *x509_data = static_cast<uint8_t*>(malloc(*x509_data_length));
+ memcpy(*x509_data, response.key_data, *x509_data_length);
+ printf("Returning %d bytes in x509 key\n", (int)*x509_data_length);
+
+ return KM_ERROR_OK;
+}
+
+int TrustyKeymasterDevice::sign_data(const void* signing_params, const uint8_t* key_blob,
+ const size_t key_blob_length, const uint8_t* data,
+ const size_t data_length, uint8_t** signed_data,
+ size_t* signed_data_length) {
+ ALOGD("Device received sign_data, %d", error_);
+ if (error_ != KM_ERROR_OK)
+ return error_;
+
+ BeginOperationRequest begin_request(message_version_);
+ begin_request.purpose = KM_PURPOSE_SIGN;
+ begin_request.SetKeyMaterial(key_blob, key_blob_length);
+ keymaster_error_t err = StoreSigningParams(signing_params, key_blob, key_blob_length,
+ &begin_request.additional_params);
+ if (err != KM_ERROR_OK) {
+ ALOGE("Error extracting signing params: %d", err);
+ return err;
+ }
+
+ BeginOperationResponse begin_response(message_version_);
+ ALOGD("Sending signing request begin");
+ err = Send(begin_request, &begin_response);
+ if (err != KM_ERROR_OK) {
+ ALOGE("Error sending sign begin: %d", err);
+ return err;
+ }
+
+ UpdateOperationRequest update_request(message_version_);
+ update_request.op_handle = begin_response.op_handle;
+ update_request.input.Reinitialize(data, data_length);
+ UpdateOperationResponse update_response(message_version_);
+ ALOGD("Sending signing request update");
+ err = Send(update_request, &update_response);
+ if (err != KM_ERROR_OK) {
+ ALOGE("Error sending sign update: %d", err);
+ return err;
+ }
+
+ FinishOperationRequest finish_request(message_version_);
+ finish_request.op_handle = begin_response.op_handle;
+ FinishOperationResponse finish_response(message_version_);
+ ALOGD("Sending signing request finish");
+ err = Send(finish_request, &finish_response);
+ if (err != KM_ERROR_OK) {
+ ALOGE("Error sending sign finish: %d", err);
+ return err;
+ }
+
+ *signed_data_length = finish_response.output.available_read();
+ *signed_data = static_cast<uint8_t*>(malloc(*signed_data_length));
+ if (!finish_response.output.read(*signed_data, *signed_data_length)) {
+ ALOGE("Error reading response data: %d", err);
+ return KM_ERROR_UNKNOWN_ERROR;
+ }
+ return KM_ERROR_OK;
+}
+
+int TrustyKeymasterDevice::verify_data(const void* signing_params, const uint8_t* key_blob,
+ const size_t key_blob_length, const uint8_t* signed_data,
+ const size_t signed_data_length, const uint8_t* signature,
+ const size_t signature_length) {
+ ALOGD("Device received verify_data");
+ if (error_ != KM_ERROR_OK)
+ return error_;
+
+ BeginOperationRequest begin_request(message_version_);
+ begin_request.purpose = KM_PURPOSE_VERIFY;
+ begin_request.SetKeyMaterial(key_blob, key_blob_length);
+ keymaster_error_t err = StoreSigningParams(signing_params, key_blob, key_blob_length,
+ &begin_request.additional_params);
+ if (err != KM_ERROR_OK)
+ return err;
+
+ BeginOperationResponse begin_response(message_version_);
+ err = Send(begin_request, &begin_response);
+ if (err != KM_ERROR_OK)
+ return err;
+
+ UpdateOperationRequest update_request(message_version_);
+ update_request.op_handle = begin_response.op_handle;
+ update_request.input.Reinitialize(signed_data, signed_data_length);
+ UpdateOperationResponse update_response(message_version_);
+ err = Send(update_request, &update_response);
+ if (err != KM_ERROR_OK)
+ return err;
+
+ FinishOperationRequest finish_request(message_version_);
+ finish_request.op_handle = begin_response.op_handle;
+ finish_request.signature.Reinitialize(signature, signature_length);
+ FinishOperationResponse finish_response(message_version_);
+ err = Send(finish_request, &finish_response);
+ if (err != KM_ERROR_OK)
+ return err;
+ return KM_ERROR_OK;
+}
+
+hw_device_t* TrustyKeymasterDevice::hw_device() {
+ return &device_.common;
+}
+
+static inline TrustyKeymasterDevice* convert_device(const keymaster0_device_t* dev) {
+ return reinterpret_cast<TrustyKeymasterDevice*>(const_cast<keymaster0_device_t*>(dev));
+}
+
+/* static */
+int TrustyKeymasterDevice::close_device(hw_device_t* dev) {
+ delete reinterpret_cast<TrustyKeymasterDevice*>(dev);
+ return 0;
+}
+
+/* static */
+int TrustyKeymasterDevice::generate_keypair(const keymaster0_device_t* dev,
+ const keymaster_keypair_t key_type,
+ const void* key_params, uint8_t** keyBlob,
+ size_t* keyBlobLength) {
+ ALOGD("Generate keypair, sending to device: %p", convert_device(dev));
+ return convert_device(dev)->generate_keypair(key_type, key_params, keyBlob, keyBlobLength);
+}
+
+/* static */
+int TrustyKeymasterDevice::import_keypair(const keymaster0_device_t* dev, const uint8_t* key,
+ const size_t key_length, uint8_t** key_blob,
+ size_t* key_blob_length) {
+ return convert_device(dev)->import_keypair(key, key_length, key_blob, key_blob_length);
+}
+
+/* static */
+int TrustyKeymasterDevice::get_keypair_public(const keymaster0_device_t* dev,
+ const uint8_t* key_blob, const size_t key_blob_length,
+ uint8_t** x509_data, size_t* x509_data_length) {
+ return convert_device(dev)
+ ->get_keypair_public(key_blob, key_blob_length, x509_data, x509_data_length);
+}
+
+/* static */
+int TrustyKeymasterDevice::sign_data(const keymaster0_device_t* dev, const void* params,
+ const uint8_t* keyBlob, const size_t keyBlobLength,
+ const uint8_t* data, const size_t dataLength,
+ uint8_t** signedData, size_t* signedDataLength) {
+ return convert_device(dev)
+ ->sign_data(params, keyBlob, keyBlobLength, data, dataLength, signedData, signedDataLength);
+}
+
+/* static */
+int TrustyKeymasterDevice::verify_data(const keymaster0_device_t* dev, const void* params,
+ const uint8_t* keyBlob, const size_t keyBlobLength,
+ const uint8_t* signedData, const size_t signedDataLength,
+ const uint8_t* signature, const size_t signatureLength) {
+ return convert_device(dev)->verify_data(params, keyBlob, keyBlobLength, signedData,
+ signedDataLength, signature, signatureLength);
+}
+
+keymaster_error_t TrustyKeymasterDevice::Send(uint32_t command, const Serializable& req,
+ KeymasterResponse* rsp) {
+ uint32_t req_size = req.SerializedSize();
+ if (req_size > SEND_BUF_SIZE)
+ return KM_ERROR_MEMORY_ALLOCATION_FAILED;
+ uint8_t send_buf[SEND_BUF_SIZE];
+ Eraser send_buf_eraser(send_buf, SEND_BUF_SIZE);
+ req.Serialize(send_buf, send_buf + req_size);
+
+ // Send it
+ uint8_t recv_buf[RECV_BUF_SIZE];
+ Eraser recv_buf_eraser(recv_buf, RECV_BUF_SIZE);
+ uint32_t rsp_size = RECV_BUF_SIZE;
+ printf("Sending %d byte request\n", (int)req.SerializedSize());
+ int rc = trusty_keymaster_call(command, send_buf, req_size, recv_buf, &rsp_size);
+ if (rc < 0) {
+ ALOGE("tipc error: %d\n", rc);
+ // TODO(swillden): Distinguish permanent from transient errors and set error_ appropriately.
+ return translate_error(rc);
+ } else {
+ ALOGV("Received %d byte response\n", rsp_size);
+ }
+
+ const keymaster_message* msg = (keymaster_message *) recv_buf;
+ const uint8_t *p = msg->payload;
+ if (!rsp->Deserialize(&p, p + rsp_size)) {
+ ALOGE("Error deserializing response of size %d\n", (int)rsp_size);
+ return KM_ERROR_UNKNOWN_ERROR;
+ } else if (rsp->error != KM_ERROR_OK) {
+ ALOGE("Response of size %d contained error code %d\n", (int)rsp_size, (int)rsp->error);
+ return rsp->error;
+ }
+ return rsp->error;
+}
+
+keymaster_error_t TrustyKeymasterDevice::StoreSigningParams(const void* signing_params,
+ const uint8_t* key_blob,
+ size_t key_blob_length,
+ AuthorizationSet* auth_set) {
+ uint8_t* pub_key_data;
+ size_t pub_key_data_length;
+ int err = get_keypair_public(&device_, key_blob, key_blob_length, &pub_key_data,
+ &pub_key_data_length);
+ if (err < 0) {
+ ALOGE("Error %d extracting public key to determine algorithm", err);
+ return KM_ERROR_INVALID_KEY_BLOB;
+ }
+ UniquePtr<uint8_t, Malloc_Delete> pub_key(pub_key_data);
+
+ const uint8_t* p = pub_key_data;
+ UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(
+ d2i_PUBKEY(nullptr /* allocate new struct */, &p, pub_key_data_length));
+
+ switch (EVP_PKEY_type(pkey->type)) {
+ case EVP_PKEY_RSA: {
+ const keymaster_rsa_sign_params_t* rsa_params =
+ reinterpret_cast<const keymaster_rsa_sign_params_t*>(signing_params);
+ if (rsa_params->digest_type != DIGEST_NONE)
+ return KM_ERROR_UNSUPPORTED_DIGEST;
+ if (rsa_params->padding_type != PADDING_NONE)
+ return KM_ERROR_UNSUPPORTED_PADDING_MODE;
+ if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE) ||
+ !auth_set->push_back(TAG_PADDING, KM_PAD_NONE))
+ return KM_ERROR_MEMORY_ALLOCATION_FAILED;
+ } break;
+ case EVP_PKEY_EC: {
+ const keymaster_ec_sign_params_t* ecdsa_params =
+ reinterpret_cast<const keymaster_ec_sign_params_t*>(signing_params);
+ if (ecdsa_params->digest_type != DIGEST_NONE)
+ return KM_ERROR_UNSUPPORTED_DIGEST;
+ if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE))
+ return KM_ERROR_MEMORY_ALLOCATION_FAILED;
+ } break;
+ default:
+ return KM_ERROR_UNSUPPORTED_ALGORITHM;
+ }
+ return KM_ERROR_OK;
+}
+
+void TrustyKeymasterDevice::StoreNewKeyParams(AuthorizationSet* auth_set) {
+ auth_set->push_back(TAG_PURPOSE, KM_PURPOSE_SIGN);
+ auth_set->push_back(TAG_PURPOSE, KM_PURPOSE_VERIFY);
+ auth_set->push_back(TAG_ALL_USERS);
+ auth_set->push_back(TAG_NO_AUTH_REQUIRED);
+ uint64_t now = java_time(time(NULL));
+ auth_set->push_back(TAG_CREATION_DATETIME, now);
+ auth_set->push_back(TAG_ORIGINATION_EXPIRE_DATETIME, now + HUNDRED_YEARS);
+ if (message_version_ == 0) {
+ auth_set->push_back(TAG_DIGEST_OLD, KM_DIGEST_NONE);
+ auth_set->push_back(TAG_PADDING_OLD, KM_PAD_NONE);
+ } else {
+ auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE);
+ auth_set->push_back(TAG_PADDING, KM_PAD_NONE);
+ }
+}
+
+} // namespace keymaster
diff --git a/trusty/keymaster/trusty_keymaster_device.h b/trusty/keymaster/trusty_keymaster_device.h
new file mode 100644
index 0000000..cb74386
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_device.h
@@ -0,0 +1,124 @@
+/*
+ * Copyright 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef EXTERNAL_KEYMASTER_TRUSTY_KEYMASTER_DEVICE_H_
+#define EXTERNAL_KEYMASTER_TRUSTY_KEYMASTER_DEVICE_H_
+
+#include <hardware/keymaster0.h>
+
+#include <keymaster/android_keymaster_messages.h>
+
+#include "keymaster_ipc.h"
+
+namespace keymaster {
+
+/**
+ * Software OpenSSL-based Keymaster device.
+ *
+ * IMPORTANT MAINTAINER NOTE: Pointers to instances of this class must be castable to hw_device_t
+ * and keymaster_device. This means it must remain a standard layout class (no virtual functions and
+ * no data members which aren't standard layout), and device_ must be the first data member.
+ * Assertions in the constructor validate compliance with those constraints.
+ */
+class TrustyKeymasterDevice {
+ public:
+ /*
+ * These are the only symbols that will be exported by libtrustykeymaster. All functionality
+ * can be reached via the function pointers in device_.
+ */
+ __attribute__((visibility("default"))) TrustyKeymasterDevice(const hw_module_t* module);
+ __attribute__((visibility("default"))) hw_device_t* hw_device();
+
+ ~TrustyKeymasterDevice();
+
+ keymaster_error_t session_error() { return error_; }
+
+ int generate_keypair(const keymaster_keypair_t key_type, const void* key_params,
+ uint8_t** key_blob, size_t* key_blob_length);
+ int import_keypair(const uint8_t* key, const size_t key_length, uint8_t** key_blob,
+ size_t* key_blob_length);
+ int get_keypair_public(const uint8_t* key_blob, const size_t key_blob_length,
+ uint8_t** x509_data, size_t* x509_data_length);
+ int sign_data(const void* signing_params, const uint8_t* key_blob, const size_t key_blob_length,
+ const uint8_t* data, const size_t data_length, uint8_t** signed_data,
+ size_t* signed_data_length);
+ int verify_data(const void* signing_params, const uint8_t* key_blob,
+ const size_t key_blob_length, const uint8_t* signed_data,
+ const size_t signed_data_length, const uint8_t* signature,
+ const size_t signature_length);
+
+ private:
+ keymaster_error_t Send(uint32_t command, const Serializable& request,
+ KeymasterResponse* response);
+ keymaster_error_t Send(const GenerateKeyRequest& request, GenerateKeyResponse* response) {
+ return Send(KM_GENERATE_KEY, request, response);
+ }
+ keymaster_error_t Send(const BeginOperationRequest& request, BeginOperationResponse* response) {
+ return Send(KM_BEGIN_OPERATION, request, response);
+ }
+ keymaster_error_t Send(const UpdateOperationRequest& request,
+ UpdateOperationResponse* response) {
+ return Send(KM_UPDATE_OPERATION, request, response);
+ }
+ keymaster_error_t Send(const FinishOperationRequest& request,
+ FinishOperationResponse* response) {
+ return Send(KM_FINISH_OPERATION, request, response);
+ }
+ keymaster_error_t Send(const ImportKeyRequest& request, ImportKeyResponse* response) {
+ return Send(KM_IMPORT_KEY, request, response);
+ }
+ keymaster_error_t Send(const ExportKeyRequest& request, ExportKeyResponse* response) {
+ return Send(KM_EXPORT_KEY, request, response);
+ }
+ keymaster_error_t Send(const GetVersionRequest& request, GetVersionResponse* response) {
+ return Send(KM_GET_VERSION, request, response);
+ }
+
+ keymaster_error_t StoreSigningParams(const void* signing_params, const uint8_t* key_blob,
+ size_t key_blob_length, AuthorizationSet* auth_set);
+ void StoreNewKeyParams(AuthorizationSet* auth_set);
+ keymaster_error_t GetPkcs8KeyAlgorithm(const uint8_t* key, size_t key_length,
+ keymaster_algorithm_t* algorithm);
+
+ /*
+ * These static methods are the functions referenced through the function pointers in
+ * keymaster_device. They're all trivial wrappers.
+ */
+ static int close_device(hw_device_t* dev);
+ static int generate_keypair(const keymaster0_device_t* dev, const keymaster_keypair_t key_type,
+ const void* key_params, uint8_t** keyBlob, size_t* keyBlobLength);
+ static int import_keypair(const keymaster0_device_t* dev, const uint8_t* key,
+ const size_t key_length, uint8_t** key_blob, size_t* key_blob_length);
+ static int get_keypair_public(const keymaster0_device_t* dev, const uint8_t* key_blob,
+ const size_t key_blob_length, uint8_t** x509_data,
+ size_t* x509_data_length);
+ static int sign_data(const keymaster0_device_t* dev, const void* signing_params,
+ const uint8_t* key_blob, const size_t key_blob_length, const uint8_t* data,
+ const size_t data_length, uint8_t** signed_data,
+ size_t* signed_data_length);
+ static int verify_data(const keymaster0_device_t* dev, const void* signing_params,
+ const uint8_t* key_blob, const size_t key_blob_length,
+ const uint8_t* signed_data, const size_t signed_data_length,
+ const uint8_t* signature, const size_t signature_length);
+
+ keymaster0_device_t device_;
+ keymaster_error_t error_;
+ int32_t message_version_;
+};
+
+} // namespace keymaster
+
+#endif // EXTERNAL_KEYMASTER_TRUSTY_KEYMASTER_DEVICE_H_
diff --git a/trusty/keymaster/trusty_keymaster_device_test.cpp b/trusty/keymaster/trusty_keymaster_device_test.cpp
new file mode 100644
index 0000000..3bb5430
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_device_test.cpp
@@ -0,0 +1,562 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <algorithm>
+#include <fstream>
+
+#include <UniquePtr.h>
+#include <gtest/gtest.h>
+#include <openssl/engine.h>
+
+#include <hardware/keymaster0.h>
+
+#include <keymaster/android_keymaster.h>
+#include <keymaster/android_keymaster_messages.h>
+#include <keymaster/android_keymaster_utils.h>
+#include <keymaster/keymaster_tags.h>
+#include <keymaster/soft_keymaster_context.h>
+
+#include "android_keymaster_test_utils.h"
+#include "trusty_keymaster_device.h"
+#include "openssl_utils.h"
+
+using std::string;
+using std::ifstream;
+using std::istreambuf_iterator;
+
+static keymaster::AndroidKeymaster *impl_ = nullptr;
+
+extern "C" {
+int __android_log_print();
+}
+
+int __android_log_print() {
+ return 0;
+}
+
+int main(int argc, char** argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+ int result = RUN_ALL_TESTS();
+ // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+ return result;
+}
+
+int trusty_keymaster_connect() {
+ impl_ = new keymaster::AndroidKeymaster(new keymaster::SoftKeymasterContext(nullptr), 16);
+}
+
+void trusty_keymaster_disconnect() {
+ delete static_cast<keymaster::AndroidKeymaster*>(priv_);
+}
+
+template <typename Req, typename Rsp>
+static int fake_call(keymaster::AndroidKeymaster* device,
+ void (keymaster::AndroidKeymaster::*method)(const Req&, Rsp*), void* in_buf,
+ uint32_t in_size, void* out_buf, uint32_t* out_size) {
+ Req req;
+ const uint8_t* in = static_cast<uint8_t*>(in_buf);
+ req.Deserialize(&in, in + in_size);
+ Rsp rsp;
+ (device->*method)(req, &rsp);
+
+ *out_size = rsp.SerializedSize();
+ uint8_t* out = static_cast<uint8_t*>(out_buf);
+ rsp.Serialize(out, out + *out_size);
+ return 0;
+}
+
+int trusty_keymaster_call(uint32_t cmd, void* in_buf, uint32_t in_size, void* out_buf,
+ uint32_t* out_size) {
+ switch (cmd) {
+ case KM_GENERATE_KEY:
+ return fake_call(impl_, &keymaster::AndroidKeymaster::GenerateKey, in_buf, in_size,
+ out_buf, out_size);
+ case KM_BEGIN_OPERATION:
+ return fake_call(impl_, &keymaster::AndroidKeymaster::BeginOperation, in_buf, in_size,
+ out_buf, out_size);
+ case KM_UPDATE_OPERATION:
+ return fake_call(impl_, &keymaster::AndroidKeymaster::UpdateOperation, in_buf, in_size,
+ out_buf, out_size);
+ case KM_FINISH_OPERATION:
+ return fake_call(impl_, &keymaster::AndroidKeymaster::FinishOperation, in_buf, in_size,
+ out_buf, out_size);
+ case KM_IMPORT_KEY:
+ return fake_call(impl_, &keymaster::AndroidKeymaster::ImportKey, in_buf, in_size, out_buf,
+ out_size);
+ case KM_EXPORT_KEY:
+ return fake_call(impl_, &keymaster::AndroidKeymaster::ExportKey, in_buf, in_size, out_buf,
+ out_size);
+ }
+ return -EINVAL;
+
+}
+
+namespace keymaster {
+namespace test {
+
+class TrustyKeymasterTest : public testing::Test {
+ protected:
+ TrustyKeymasterTest() : device(NULL) {}
+
+ keymaster_rsa_keygen_params_t build_rsa_params() {
+ keymaster_rsa_keygen_params_t rsa_params;
+ rsa_params.public_exponent = 65537;
+ rsa_params.modulus_size = 2048;
+ return rsa_params;
+ }
+
+ uint8_t* build_message(size_t length) {
+ uint8_t* msg = new uint8_t[length];
+ memset(msg, 'a', length);
+ return msg;
+ }
+
+ size_t dsa_message_len(const keymaster_dsa_keygen_params_t& params) {
+ switch (params.key_size) {
+ case 256:
+ case 1024:
+ return 48;
+ case 2048:
+ case 4096:
+ return 72;
+ default:
+ // Oops.
+ return 0;
+ }
+ }
+
+ TrustyKeymasterDevice device;
+};
+
+class Malloc_Delete {
+ public:
+ Malloc_Delete(void* p) : p_(p) {}
+ ~Malloc_Delete() { free(p_); }
+
+ private:
+ void* p_;
+};
+
+typedef TrustyKeymasterTest KeyGenTest;
+TEST_F(KeyGenTest, RsaSuccess) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+}
+
+TEST_F(KeyGenTest, EcdsaSuccess) {
+ keymaster_ec_keygen_params_t ec_params = {256};
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &ec_params, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+}
+
+typedef TrustyKeymasterTest SigningTest;
+TEST_F(SigningTest, RsaSuccess) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(message_len, siglen);
+}
+
+TEST_F(SigningTest, RsaShortMessage) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8 - 1;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
+ message_len, &signature, &siglen));
+}
+
+TEST_F(SigningTest, RsaLongMessage) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8 + 1;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
+ message_len, &signature, &siglen));
+}
+
+TEST_F(SigningTest, EcdsaSuccess) {
+ keymaster_ec_keygen_params_t params = {256};
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
+ uint8_t message[] = "12345678901234567890123456789012";
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
+ array_size(message) - 1, &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_GT(siglen, 69U);
+ EXPECT_LT(siglen, 73U);
+}
+
+TEST_F(SigningTest, EcdsaEmptyMessageSuccess) {
+ keymaster_ec_keygen_params_t params = {256};
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
+ uint8_t message[] = "";
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
+ array_size(message) - 1, &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_GT(siglen, 69U);
+ EXPECT_LT(siglen, 73U);
+}
+
+TEST_F(SigningTest, EcdsaLargeMessageSuccess) {
+ keymaster_ec_keygen_params_t params = {256};
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
+ size_t message_len = 1024 * 7;
+ UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
+ // contents of message don't matter.
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_GT(siglen, 69U);
+ EXPECT_LT(siglen, 73U);
+}
+
+typedef TrustyKeymasterTest VerificationTest;
+TEST_F(VerificationTest, RsaSuccess) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+
+ EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
+ signature, siglen));
+}
+
+TEST_F(VerificationTest, RsaBadSignature) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+
+ Malloc_Delete sig_deleter(signature);
+ signature[siglen / 2]++;
+ EXPECT_EQ(
+ KM_ERROR_VERIFICATION_FAILED,
+ device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen));
+}
+
+TEST_F(VerificationTest, RsaBadMessage) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ message[0]++;
+ EXPECT_EQ(
+ KM_ERROR_VERIFICATION_FAILED,
+ device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen));
+}
+
+TEST_F(VerificationTest, RsaShortMessage) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
+ device.verify_data(&sig_params, ptr, size, message.get(), message_len - 1, signature,
+ siglen));
+}
+
+TEST_F(VerificationTest, RsaLongMessage) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(build_message(message_len + 1));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
+ device.verify_data(&sig_params, ptr, size, message.get(), message_len + 1, signature,
+ siglen));
+}
+
+TEST_F(VerificationTest, EcdsaSuccess) {
+ keymaster_ec_keygen_params_t params = {256};
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
+ uint8_t message[] = "12345678901234567890123456789012";
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
+ array_size(message) - 1, &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message,
+ array_size(message) - 1, signature, siglen));
+}
+
+TEST_F(VerificationTest, EcdsaLargeMessageSuccess) {
+ keymaster_ec_keygen_params_t params = {256};
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
+ size_t message_len = 1024 * 7;
+ UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
+ // contents of message don't matter.
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
+ signature, siglen));
+}
+
+static string read_file(const string& file_name) {
+ ifstream file_stream(file_name, std::ios::binary);
+ istreambuf_iterator<char> file_begin(file_stream);
+ istreambuf_iterator<char> file_end;
+ return string(file_begin, file_end);
+}
+
+typedef TrustyKeymasterTest ImportKeyTest;
+TEST_F(ImportKeyTest, RsaSuccess) {
+ string pk8_key = read_file("../../../../system/keymaster/rsa_privkey_pk8.der");
+ ASSERT_EQ(633U, pk8_key.size());
+
+ uint8_t* key = NULL;
+ size_t size;
+ ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
+ pk8_key.size(), &key, &size));
+ Malloc_Delete key_deleter(key);
+
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_size = 1024 /* key size */ / 8;
+ UniquePtr<uint8_t[]> message(new uint8_t[message_size]);
+ memset(message.get(), 'a', message_size);
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message.get(), message_size,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message.get(), message_size,
+ signature, siglen));
+}
+
+TEST_F(ImportKeyTest, EcdsaSuccess) {
+ string pk8_key = read_file("../../../../system/keymaster/ec_privkey_pk8.der");
+ ASSERT_EQ(138U, pk8_key.size());
+
+ uint8_t* key = NULL;
+ size_t size;
+ ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
+ pk8_key.size(), &key, &size));
+ Malloc_Delete key_deleter(key);
+
+ keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
+ uint8_t message[] = "12345678901234567890123456789012";
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
+ array_size(message) - 1, &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
+ array_size(message) - 1, signature, siglen));
+}
+
+struct EVP_PKEY_CTX_Delete {
+ void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); }
+};
+
+static void VerifySignature(const uint8_t* key, size_t key_len, const uint8_t* signature,
+ size_t signature_len, const uint8_t* message, size_t message_len) {
+ UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &key, key_len));
+ ASSERT_TRUE(pkey.get() != NULL);
+ UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
+ ASSERT_TRUE(ctx.get() != NULL);
+ ASSERT_EQ(1, EVP_PKEY_verify_init(ctx.get()));
+ if (EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA)
+ ASSERT_EQ(1, EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING));
+ EXPECT_EQ(1, EVP_PKEY_verify(ctx.get(), signature, signature_len, message, message_len));
+}
+
+typedef TrustyKeymasterTest ExportKeyTest;
+TEST_F(ExportKeyTest, RsaSuccess) {
+ keymaster_rsa_keygen_params_t params = build_rsa_params();
+ uint8_t* ptr = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, ¶ms, &ptr, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(ptr);
+
+ uint8_t* exported;
+ size_t exported_size;
+ EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(ptr, size, &exported, &exported_size));
+ Malloc_Delete exported_deleter(exported);
+
+ // Sign a message so we can verify it with the exported pubkey.
+ keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(build_message(message_len));
+ uint8_t* signature;
+ size_t siglen;
+ EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
+ &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(message_len, siglen);
+ const uint8_t* tmp = exported;
+
+ VerifySignature(exported, exported_size, signature, siglen, message.get(), message_len);
+}
+
+typedef TrustyKeymasterTest ExportKeyTest;
+TEST_F(ExportKeyTest, EcdsaSuccess) {
+ keymaster_ec_keygen_params_t params = {256};
+ uint8_t* key = NULL;
+ size_t size;
+ ASSERT_EQ(0, device.generate_keypair(TYPE_EC, ¶ms, &key, &size));
+ EXPECT_GT(size, 0U);
+ Malloc_Delete key_deleter(key);
+
+ uint8_t* exported;
+ size_t exported_size;
+ EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(key, size, &exported, &exported_size));
+ Malloc_Delete exported_deleter(exported);
+
+ // Sign a message so we can verify it with the exported pubkey.
+ keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
+ uint8_t message[] = "12345678901234567890123456789012";
+ uint8_t* signature;
+ size_t siglen;
+ ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
+ array_size(message) - 1, &signature, &siglen));
+ Malloc_Delete sig_deleter(signature);
+ EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
+ array_size(message) - 1, signature, siglen));
+
+ VerifySignature(exported, exported_size, signature, siglen, message, array_size(message) - 1);
+}
+
+} // namespace test
+} // namespace keymaster
diff --git a/trusty/keymaster/trusty_keymaster_ipc.c b/trusty/keymaster/trusty_keymaster_ipc.c
new file mode 100644
index 0000000..b68209e
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_ipc.c
@@ -0,0 +1,94 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+// TODO: make this generic in libtrusty
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define LOG_TAG "TrustyKeymaster"
+#include <cutils/log.h>
+
+#include <trusty/tipc.h>
+
+#include "trusty_keymaster_ipc.h"
+#include "keymaster_ipc.h"
+
+#define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0"
+
+static int handle_ = 0;
+
+int trusty_keymaster_connect() {
+ int rc = tipc_connect(TRUSTY_DEVICE_NAME, KEYMASTER_PORT);
+ if (rc < 0) {
+ return rc;
+ }
+
+ handle_ = rc;
+ return 0;
+}
+
+int trusty_keymaster_call(uint32_t cmd, void *in, uint32_t in_size, uint8_t *out,
+ uint32_t *out_size) {
+ if (handle_ == 0) {
+ ALOGE("not connected\n");
+ return -EINVAL;
+ }
+
+ size_t msg_size = in_size + sizeof(struct keymaster_message);
+ struct keymaster_message *msg = malloc(msg_size);
+ msg->cmd = cmd;
+ memcpy(msg->payload, in, in_size);
+
+ ssize_t rc = write(handle_, msg, msg_size);
+ free(msg);
+
+ if (rc < 0) {
+ ALOGE("failed to send cmd (%d) to %s: %s\n", cmd,
+ KEYMASTER_PORT, strerror(errno));
+ return -errno;
+ }
+
+ rc = read(handle_, out, *out_size);
+ if (rc < 0) {
+ ALOGE("failed to retrieve response for cmd (%d) to %s: %s\n",
+ cmd, KEYMASTER_PORT, strerror(errno));
+ return -errno;
+ }
+
+ if ((size_t) rc < sizeof(struct keymaster_message)) {
+ ALOGE("invalid response size (%d)\n", (int) rc);
+ return -EINVAL;
+ }
+
+ msg = (struct keymaster_message *) out;
+
+ if ((cmd | KEYMASTER_RESP_BIT) != msg->cmd) {
+ ALOGE("invalid command (%d)", msg->cmd);
+ return -EINVAL;
+ }
+
+ *out_size = ((size_t) rc) - sizeof(struct keymaster_message);
+ return rc;
+}
+
+void trusty_keymaster_disconnect() {
+ if (handle_ != 0) {
+ tipc_close(handle_);
+ }
+}
+
diff --git a/libcutils/atomic.c b/trusty/keymaster/trusty_keymaster_ipc.h
similarity index 62%
copy from libcutils/atomic.c
copy to trusty/keymaster/trusty_keymaster_ipc.h
index d34aa00..9785247 100644
--- a/libcutils/atomic.c
+++ b/trusty/keymaster/trusty_keymaster_ipc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007 The Android Open Source Project
+ * Copyright (C) 2015 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -14,13 +14,11 @@
* limitations under the License.
*/
-/*
- * Generate non-inlined versions of android_atomic functions.
- * Nobody should be using these, but some binary blobs currently (late 2014)
- * are.
- * If you read this in 2015 or later, please try to delete this file.
- */
+__BEGIN_DECLS
-#define ANDROID_ATOMIC_INLINE
+int trusty_keymaster_connect(void);
+int trusty_keymaster_call(uint32_t cmd, void *in, uint32_t in_size, uint8_t *out,
+ uint32_t *out_size);
+void trusty_keymaster_disconnect(void);
-#include <cutils/atomic.h>
+__END_DECLS
diff --git a/trusty/keymaster/trusty_keymaster_main.cpp b/trusty/keymaster/trusty_keymaster_main.cpp
new file mode 100644
index 0000000..7ed880e
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_main.cpp
@@ -0,0 +1,368 @@
+/*
+ * Copyright 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+#include "trusty_keymaster_device.h"
+
+using keymaster::TrustyKeymasterDevice;
+
+unsigned char rsa_privkey_pk8_der[] = {
+ 0x30, 0x82, 0x02, 0x75, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
+ 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x5f, 0x30, 0x82, 0x02, 0x5b, 0x02, 0x01,
+ 0x00, 0x02, 0x81, 0x81, 0x00, 0xc6, 0x09, 0x54, 0x09, 0x04, 0x7d, 0x86, 0x34, 0x81, 0x2d, 0x5a,
+ 0x21, 0x81, 0x76, 0xe4, 0x5c, 0x41, 0xd6, 0x0a, 0x75, 0xb1, 0x39, 0x01, 0xf2, 0x34, 0x22, 0x6c,
+ 0xff, 0xe7, 0x76, 0x52, 0x1c, 0x5a, 0x77, 0xb9, 0xe3, 0x89, 0x41, 0x7b, 0x71, 0xc0, 0xb6, 0xa4,
+ 0x4d, 0x13, 0xaf, 0xe4, 0xe4, 0xa2, 0x80, 0x5d, 0x46, 0xc9, 0xda, 0x29, 0x35, 0xad, 0xb1, 0xff,
+ 0x0c, 0x1f, 0x24, 0xea, 0x06, 0xe6, 0x2b, 0x20, 0xd7, 0x76, 0x43, 0x0a, 0x4d, 0x43, 0x51, 0x57,
+ 0x23, 0x3c, 0x6f, 0x91, 0x67, 0x83, 0xc3, 0x0e, 0x31, 0x0f, 0xcb, 0xd8, 0x9b, 0x85, 0xc2, 0xd5,
+ 0x67, 0x71, 0x16, 0x97, 0x85, 0xac, 0x12, 0xbc, 0xa2, 0x44, 0xab, 0xda, 0x72, 0xbf, 0xb1, 0x9f,
+ 0xc4, 0x4d, 0x27, 0xc8, 0x1e, 0x1d, 0x92, 0xde, 0x28, 0x4f, 0x40, 0x61, 0xed, 0xfd, 0x99, 0x28,
+ 0x07, 0x45, 0xea, 0x6d, 0x25, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x1b, 0xe0, 0xf0,
+ 0x4d, 0x9c, 0xae, 0x37, 0x18, 0x69, 0x1f, 0x03, 0x53, 0x38, 0x30, 0x8e, 0x91, 0x56, 0x4b, 0x55,
+ 0x89, 0x9f, 0xfb, 0x50, 0x84, 0xd2, 0x46, 0x0e, 0x66, 0x30, 0x25, 0x7e, 0x05, 0xb3, 0xce, 0xab,
+ 0x02, 0x97, 0x2d, 0xfa, 0xbc, 0xd6, 0xce, 0x5f, 0x6e, 0xe2, 0x58, 0x9e, 0xb6, 0x79, 0x11, 0xed,
+ 0x0f, 0xac, 0x16, 0xe4, 0x3a, 0x44, 0x4b, 0x8c, 0x86, 0x1e, 0x54, 0x4a, 0x05, 0x93, 0x36, 0x57,
+ 0x72, 0xf8, 0xba, 0xf6, 0xb2, 0x2f, 0xc9, 0xe3, 0xc5, 0xf1, 0x02, 0x4b, 0x06, 0x3a, 0xc0, 0x80,
+ 0xa7, 0xb2, 0x23, 0x4c, 0xf8, 0xae, 0xe8, 0xf6, 0xc4, 0x7b, 0xbf, 0x4f, 0xd3, 0xac, 0xe7, 0x24,
+ 0x02, 0x90, 0xbe, 0xf1, 0x6c, 0x0b, 0x3f, 0x7f, 0x3c, 0xdd, 0x64, 0xce, 0x3a, 0xb5, 0x91, 0x2c,
+ 0xf6, 0xe3, 0x2f, 0x39, 0xab, 0x18, 0x83, 0x58, 0xaf, 0xcc, 0xcd, 0x80, 0x81, 0x02, 0x41, 0x00,
+ 0xe4, 0xb4, 0x9e, 0xf5, 0x0f, 0x76, 0x5d, 0x3b, 0x24, 0xdd, 0xe0, 0x1a, 0xce, 0xaa, 0xf1, 0x30,
+ 0xf2, 0xc7, 0x66, 0x70, 0xa9, 0x1a, 0x61, 0xae, 0x08, 0xaf, 0x49, 0x7b, 0x4a, 0x82, 0xbe, 0x6d,
+ 0xee, 0x8f, 0xcd, 0xd5, 0xe3, 0xf7, 0xba, 0x1c, 0xfb, 0x1f, 0x0c, 0x92, 0x6b, 0x88, 0xf8, 0x8c,
+ 0x92, 0xbf, 0xab, 0x13, 0x7f, 0xba, 0x22, 0x85, 0x22, 0x7b, 0x83, 0xc3, 0x42, 0xff, 0x7c, 0x55,
+ 0x02, 0x41, 0x00, 0xdd, 0xab, 0xb5, 0x83, 0x9c, 0x4c, 0x7f, 0x6b, 0xf3, 0xd4, 0x18, 0x32, 0x31,
+ 0xf0, 0x05, 0xb3, 0x1a, 0xa5, 0x8a, 0xff, 0xdd, 0xa5, 0xc7, 0x9e, 0x4c, 0xce, 0x21, 0x7f, 0x6b,
+ 0xc9, 0x30, 0xdb, 0xe5, 0x63, 0xd4, 0x80, 0x70, 0x6c, 0x24, 0xe9, 0xeb, 0xfc, 0xab, 0x28, 0xa6,
+ 0xcd, 0xef, 0xd3, 0x24, 0xb7, 0x7e, 0x1b, 0xf7, 0x25, 0x1b, 0x70, 0x90, 0x92, 0xc2, 0x4f, 0xf5,
+ 0x01, 0xfd, 0x91, 0x02, 0x40, 0x23, 0xd4, 0x34, 0x0e, 0xda, 0x34, 0x45, 0xd8, 0xcd, 0x26, 0xc1,
+ 0x44, 0x11, 0xda, 0x6f, 0xdc, 0xa6, 0x3c, 0x1c, 0xcd, 0x4b, 0x80, 0xa9, 0x8a, 0xd5, 0x2b, 0x78,
+ 0xcc, 0x8a, 0xd8, 0xbe, 0xb2, 0x84, 0x2c, 0x1d, 0x28, 0x04, 0x05, 0xbc, 0x2f, 0x6c, 0x1b, 0xea,
+ 0x21, 0x4a, 0x1d, 0x74, 0x2a, 0xb9, 0x96, 0xb3, 0x5b, 0x63, 0xa8, 0x2a, 0x5e, 0x47, 0x0f, 0xa8,
+ 0x8d, 0xbf, 0x82, 0x3c, 0xdd, 0x02, 0x40, 0x1b, 0x7b, 0x57, 0x44, 0x9a, 0xd3, 0x0d, 0x15, 0x18,
+ 0x24, 0x9a, 0x5f, 0x56, 0xbb, 0x98, 0x29, 0x4d, 0x4b, 0x6a, 0xc1, 0x2f, 0xfc, 0x86, 0x94, 0x04,
+ 0x97, 0xa5, 0xa5, 0x83, 0x7a, 0x6c, 0xf9, 0x46, 0x26, 0x2b, 0x49, 0x45, 0x26, 0xd3, 0x28, 0xc1,
+ 0x1e, 0x11, 0x26, 0x38, 0x0f, 0xde, 0x04, 0xc2, 0x4f, 0x91, 0x6d, 0xec, 0x25, 0x08, 0x92, 0xdb,
+ 0x09, 0xa6, 0xd7, 0x7c, 0xdb, 0xa3, 0x51, 0x02, 0x40, 0x77, 0x62, 0xcd, 0x8f, 0x4d, 0x05, 0x0d,
+ 0xa5, 0x6b, 0xd5, 0x91, 0xad, 0xb5, 0x15, 0xd2, 0x4d, 0x7c, 0xcd, 0x32, 0xcc, 0xa0, 0xd0, 0x5f,
+ 0x86, 0x6d, 0x58, 0x35, 0x14, 0xbd, 0x73, 0x24, 0xd5, 0xf3, 0x36, 0x45, 0xe8, 0xed, 0x8b, 0x4a,
+ 0x1c, 0xb3, 0xcc, 0x4a, 0x1d, 0x67, 0x98, 0x73, 0x99, 0xf2, 0xa0, 0x9f, 0x5b, 0x3f, 0xb6, 0x8c,
+ 0x88, 0xd5, 0xe5, 0xd9, 0x0a, 0xc3, 0x34, 0x92, 0xd6};
+unsigned int rsa_privkey_pk8_der_len = 633;
+
+unsigned char dsa_privkey_pk8_der[] = {
+ 0x30, 0x82, 0x01, 0x4b, 0x02, 0x01, 0x00, 0x30, 0x82, 0x01, 0x2b, 0x06, 0x07, 0x2a, 0x86, 0x48,
+ 0xce, 0x38, 0x04, 0x01, 0x30, 0x82, 0x01, 0x1e, 0x02, 0x81, 0x81, 0x00, 0xa3, 0xf3, 0xe9, 0xb6,
+ 0x7e, 0x7d, 0x88, 0xf6, 0xb7, 0xe5, 0xf5, 0x1f, 0x3b, 0xee, 0xac, 0xd7, 0xad, 0xbc, 0xc9, 0xd1,
+ 0x5a, 0xf8, 0x88, 0xc4, 0xef, 0x6e, 0x3d, 0x74, 0x19, 0x74, 0xe7, 0xd8, 0xe0, 0x26, 0x44, 0x19,
+ 0x86, 0xaf, 0x19, 0xdb, 0x05, 0xe9, 0x3b, 0x8b, 0x58, 0x58, 0xde, 0xe5, 0x4f, 0x48, 0x15, 0x01,
+ 0xea, 0xe6, 0x83, 0x52, 0xd7, 0xc1, 0x21, 0xdf, 0xb9, 0xb8, 0x07, 0x66, 0x50, 0xfb, 0x3a, 0x0c,
+ 0xb3, 0x85, 0xee, 0xbb, 0x04, 0x5f, 0xc2, 0x6d, 0x6d, 0x95, 0xfa, 0x11, 0x93, 0x1e, 0x59, 0x5b,
+ 0xb1, 0x45, 0x8d, 0xe0, 0x3d, 0x73, 0xaa, 0xf2, 0x41, 0x14, 0x51, 0x07, 0x72, 0x3d, 0xa2, 0xf7,
+ 0x58, 0xcd, 0x11, 0xa1, 0x32, 0xcf, 0xda, 0x42, 0xb7, 0xcc, 0x32, 0x80, 0xdb, 0x87, 0x82, 0xec,
+ 0x42, 0xdb, 0x5a, 0x55, 0x24, 0x24, 0xa2, 0xd1, 0x55, 0x29, 0xad, 0xeb, 0x02, 0x15, 0x00, 0xeb,
+ 0xea, 0x17, 0xd2, 0x09, 0xb3, 0xd7, 0x21, 0x9a, 0x21, 0x07, 0x82, 0x8f, 0xab, 0xfe, 0x88, 0x71,
+ 0x68, 0xf7, 0xe3, 0x02, 0x81, 0x80, 0x19, 0x1c, 0x71, 0xfd, 0xe0, 0x03, 0x0c, 0x43, 0xd9, 0x0b,
+ 0xf6, 0xcd, 0xd6, 0xa9, 0x70, 0xe7, 0x37, 0x86, 0x3a, 0x78, 0xe9, 0xa7, 0x47, 0xa7, 0x47, 0x06,
+ 0x88, 0xb1, 0xaf, 0xd7, 0xf3, 0xf1, 0xa1, 0xd7, 0x00, 0x61, 0x28, 0x88, 0x31, 0x48, 0x60, 0xd8,
+ 0x11, 0xef, 0xa5, 0x24, 0x1a, 0x81, 0xc4, 0x2a, 0xe2, 0xea, 0x0e, 0x36, 0xd2, 0xd2, 0x05, 0x84,
+ 0x37, 0xcf, 0x32, 0x7d, 0x09, 0xe6, 0x0f, 0x8b, 0x0c, 0xc8, 0xc2, 0xa4, 0xb1, 0xdc, 0x80, 0xca,
+ 0x68, 0xdf, 0xaf, 0xd2, 0x90, 0xc0, 0x37, 0x58, 0x54, 0x36, 0x8f, 0x49, 0xb8, 0x62, 0x75, 0x8b,
+ 0x48, 0x47, 0xc0, 0xbe, 0xf7, 0x9a, 0x92, 0xa6, 0x68, 0x05, 0xda, 0x9d, 0xaf, 0x72, 0x9a, 0x67,
+ 0xb3, 0xb4, 0x14, 0x03, 0xae, 0x4f, 0x4c, 0x76, 0xb9, 0xd8, 0x64, 0x0a, 0xba, 0x3b, 0xa8, 0x00,
+ 0x60, 0x4d, 0xae, 0x81, 0xc3, 0xc5, 0x04, 0x17, 0x02, 0x15, 0x00, 0x81, 0x9d, 0xfd, 0x53, 0x0c,
+ 0xc1, 0x8f, 0xbe, 0x8b, 0xea, 0x00, 0x26, 0x19, 0x29, 0x33, 0x91, 0x84, 0xbe, 0xad, 0x81};
+unsigned int dsa_privkey_pk8_der_len = 335;
+
+unsigned char ec_privkey_pk8_der[] = {
+ 0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
+ 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x04, 0x6d, 0x30, 0x6b, 0x02,
+ 0x01, 0x01, 0x04, 0x20, 0x73, 0x7c, 0x2e, 0xcd, 0x7b, 0x8d, 0x19, 0x40, 0xbf, 0x29, 0x30, 0xaa,
+ 0x9b, 0x4e, 0xd3, 0xff, 0x94, 0x1e, 0xed, 0x09, 0x36, 0x6b, 0xc0, 0x32, 0x99, 0x98, 0x64, 0x81,
+ 0xf3, 0xa4, 0xd8, 0x59, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xbf, 0x85, 0xd7, 0x72, 0x0d, 0x07,
+ 0xc2, 0x54, 0x61, 0x68, 0x3b, 0xc6, 0x48, 0xb4, 0x77, 0x8a, 0x9a, 0x14, 0xdd, 0x8a, 0x02, 0x4e,
+ 0x3b, 0xdd, 0x8c, 0x7d, 0xdd, 0x9a, 0xb2, 0xb5, 0x28, 0xbb, 0xc7, 0xaa, 0x1b, 0x51, 0xf1, 0x4e,
+ 0xbb, 0xbb, 0x0b, 0xd0, 0xce, 0x21, 0xbc, 0xc4, 0x1c, 0x6e, 0xb0, 0x00, 0x83, 0xcf, 0x33, 0x76,
+ 0xd1, 0x1f, 0xd4, 0x49, 0x49, 0xe0, 0xb2, 0x18, 0x3b, 0xfe};
+unsigned int ec_privkey_pk8_der_len = 138;
+
+struct EVP_PKEY_Delete {
+ void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
+};
+
+struct EVP_PKEY_CTX_Delete {
+ void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); }
+};
+
+static bool test_import_rsa(TrustyKeymasterDevice* device) {
+ printf("===================\n");
+ printf("= RSA Import Test =\n");
+ printf("===================\n\n");
+
+ printf("=== Importing RSA keypair === \n");
+ uint8_t* key;
+ size_t size;
+ int error = device->import_keypair(rsa_privkey_pk8_der, rsa_privkey_pk8_der_len, &key, &size);
+ if (error != KM_ERROR_OK) {
+ printf("Error importing key pair: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> key_deleter(key);
+
+ printf("=== Signing with imported RSA key ===\n");
+ keymaster_rsa_sign_params_t sign_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = 1024 / 8;
+ UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
+ memset(message.get(), 'a', message_len);
+ uint8_t* signature;
+ size_t signature_len;
+ error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
+ &signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error signing data with imported RSA key: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> signature_deleter(signature);
+
+ printf("=== Verifying with imported RSA key === \n");
+ error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
+ signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error verifying data with imported RSA key: %d\n\n", error);
+ return false;
+ }
+
+ printf("\n");
+ return true;
+}
+
+static bool test_rsa(TrustyKeymasterDevice* device) {
+ printf("============\n");
+ printf("= RSA Test =\n");
+ printf("============\n\n");
+
+ printf("=== Generating RSA key pair ===\n");
+ keymaster_rsa_keygen_params_t params;
+ params.public_exponent = 65537;
+ params.modulus_size = 2048;
+
+ uint8_t* key;
+ size_t size;
+ int error = device->generate_keypair(TYPE_RSA, ¶ms, &key, &size);
+ if (error != KM_ERROR_OK) {
+ printf("Error generating RSA key pair: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> deleter(key);
+
+ printf("=== Signing with RSA key === \n");
+ keymaster_rsa_sign_params_t sign_params = {DIGEST_NONE, PADDING_NONE};
+ size_t message_len = params.modulus_size / 8;
+ UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
+ memset(message.get(), 'a', message_len);
+ uint8_t* signature;
+ size_t signature_len;
+ error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
+ &signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error signing data with RSA key: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> signature_deleter(signature);
+
+ printf("=== Verifying with RSA key === \n");
+ error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
+ signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error verifying data with RSA key: %d\n\n", error);
+ return false;
+ }
+
+ printf("=== Exporting RSA public key ===\n");
+ uint8_t* exported_key;
+ size_t exported_size;
+ error = device->get_keypair_public(key, size, &exported_key, &exported_size);
+ if (error != KM_ERROR_OK) {
+ printf("Error exporting RSA public key: %d\n\n", error);
+ return false;
+ }
+
+ printf("=== Verifying with exported key ===\n");
+ const uint8_t* tmp = exported_key;
+ UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &tmp, exported_size));
+ UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
+ if (EVP_PKEY_verify_init(ctx.get()) != 1) {
+ printf("Error initializing openss EVP context\n");
+ return false;
+ }
+ if (EVP_PKEY_type(pkey->type) != EVP_PKEY_RSA) {
+ printf("Exported key was the wrong type?!?\n");
+ return false;
+ }
+
+ EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING);
+ if (EVP_PKEY_verify(ctx.get(), signature, signature_len, message.get(), message_len) != 1) {
+ printf("Verification with exported pubkey failed.\n");
+ return false;
+ } else {
+ printf("Verification succeeded\n");
+ }
+
+ printf("\n");
+ return true;
+}
+
+static bool test_import_ecdsa(TrustyKeymasterDevice* device) {
+ printf("=====================\n");
+ printf("= ECDSA Import Test =\n");
+ printf("=====================\n\n");
+
+ printf("=== Importing ECDSA keypair === \n");
+ uint8_t* key;
+ size_t size;
+ int error = device->import_keypair(ec_privkey_pk8_der, ec_privkey_pk8_der_len, &key, &size);
+ if (error != KM_ERROR_OK) {
+ printf("Error importing key pair: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> deleter(key);
+
+ printf("=== Signing with imported ECDSA key ===\n");
+ keymaster_ec_sign_params_t sign_params = {DIGEST_NONE};
+ size_t message_len = 30 /* arbitrary */;
+ UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
+ memset(message.get(), 'a', message_len);
+ uint8_t* signature;
+ size_t signature_len;
+ error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
+ &signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error signing data with imported ECDSA key: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> signature_deleter(signature);
+
+ printf("=== Verifying with imported ECDSA key === \n");
+ error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
+ signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error verifying data with imported ECDSA key: %d\n\n", error);
+ return false;
+ }
+
+ printf("\n");
+ return true;
+}
+
+static bool test_ecdsa(TrustyKeymasterDevice* device) {
+ printf("==============\n");
+ printf("= ECDSA Test =\n");
+ printf("==============\n\n");
+
+ printf("=== Generating ECDSA key pair ===\n");
+ keymaster_ec_keygen_params_t params;
+ params.field_size = 521;
+ uint8_t* key;
+ size_t size;
+ int error = device->generate_keypair(TYPE_EC, ¶ms, &key, &size);
+ if (error != 0) {
+ printf("Error generating ECDSA key pair: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> deleter(key);
+
+ printf("=== Signing with ECDSA key === \n");
+ keymaster_ec_sign_params_t sign_params = {DIGEST_NONE};
+ size_t message_len = 30 /* arbitrary */;
+ UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
+ memset(message.get(), 'a', message_len);
+ uint8_t* signature;
+ size_t signature_len;
+ error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
+ &signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error signing data with ECDSA key: %d\n\n", error);
+ return false;
+ }
+ UniquePtr<uint8_t[]> signature_deleter(signature);
+
+ printf("=== Verifying with ECDSA key === \n");
+ error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
+ signature_len);
+ if (error != KM_ERROR_OK) {
+ printf("Error verifying data with ECDSA key: %d\n\n", error);
+ return false;
+ }
+
+ printf("=== Exporting ECDSA public key ===\n");
+ uint8_t* exported_key;
+ size_t exported_size;
+ error = device->get_keypair_public(key, size, &exported_key, &exported_size);
+ if (error != KM_ERROR_OK) {
+ printf("Error exporting ECDSA public key: %d\n\n", error);
+ return false;
+ }
+
+ printf("=== Verifying with exported key ===\n");
+ const uint8_t* tmp = exported_key;
+ UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &tmp, exported_size));
+ UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
+ if (EVP_PKEY_verify_init(ctx.get()) != 1) {
+ printf("Error initializing openss EVP context\n");
+ return false;
+ }
+ if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) {
+ printf("Exported key was the wrong type?!?\n");
+ return false;
+ }
+
+ if (EVP_PKEY_verify(ctx.get(), signature, signature_len, message.get(), message_len) != 1) {
+ printf("Verification with exported pubkey failed.\n");
+ return false;
+ } else {
+ printf("Verification succeeded\n");
+ }
+
+ printf("\n");
+ return true;
+}
+
+int main(void) {
+
+ TrustyKeymasterDevice device(NULL);
+ if (device.session_error() != KM_ERROR_OK) {
+ printf("Failed to initialize Trusty session: %d\n", device.session_error());
+ return 1;
+ }
+ printf("Trusty session initialized\n");
+
+ bool success = true;
+ success &= test_rsa(&device);
+ success &= test_import_rsa(&device);
+ success &= test_ecdsa(&device);
+ success &= test_import_ecdsa(&device);
+
+ if (success) {
+ printf("\nTESTS PASSED!\n");
+ } else {
+ printf("\n!!!!TESTS FAILED!!!\n");
+ }
+
+ return success ? 0 : 1;
+}
diff --git a/trusty/storage/interface/Android.mk b/trusty/storage/interface/Android.mk
new file mode 100644
index 0000000..15cb6f3
--- /dev/null
+++ b/trusty/storage/interface/Android.mk
@@ -0,0 +1,25 @@
+#
+# Copyright (C) 2015 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := libtrustystorageinterface
+
+LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include
+
+include $(BUILD_STATIC_LIBRARY)
diff --git a/trusty/storage/interface/include/trusty/interface/storage.h b/trusty/storage/interface/include/trusty/interface/storage.h
new file mode 100644
index 0000000..b196d88
--- /dev/null
+++ b/trusty/storage/interface/include/trusty/interface/storage.h
@@ -0,0 +1,285 @@
+/*
+ * Copyright (C) 2015-2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <stdint.h>
+
+/*
+ * Storage port names
+ * @STORAGE_CLIENT_TD_PORT: Port used by clients that require tamper and
+ * rollback detection.
+ * @STORAGE_CLIENT_TDEA_PORT: Port used by clients that require storage before
+ * the non-secure os has booted.
+ * @STORAGE_CLIENT_TP_PORT: Port used by clients that require tamper proof
+ * storage. Note that non-secure code can prevent
+ read and write operations from succeeding, but
+ it cannot modify on-disk data.
+ * @STORAGE_DISK_PROXY_PORT: Port used by non-secure proxy server
+ */
+#define STORAGE_CLIENT_TD_PORT "com.android.trusty.storage.client.td"
+#define STORAGE_CLIENT_TDEA_PORT "com.android.trusty.storage.client.tdea"
+#define STORAGE_CLIENT_TP_PORT "com.android.trusty.storage.client.tp"
+#define STORAGE_DISK_PROXY_PORT "com.android.trusty.storage.proxy"
+
+enum storage_cmd {
+ STORAGE_REQ_SHIFT = 1,
+ STORAGE_RESP_BIT = 1,
+
+ STORAGE_RESP_MSG_ERR = STORAGE_RESP_BIT,
+
+ STORAGE_FILE_DELETE = 1 << STORAGE_REQ_SHIFT,
+ STORAGE_FILE_OPEN = 2 << STORAGE_REQ_SHIFT,
+ STORAGE_FILE_CLOSE = 3 << STORAGE_REQ_SHIFT,
+ STORAGE_FILE_READ = 4 << STORAGE_REQ_SHIFT,
+ STORAGE_FILE_WRITE = 5 << STORAGE_REQ_SHIFT,
+ STORAGE_FILE_GET_SIZE = 6 << STORAGE_REQ_SHIFT,
+ STORAGE_FILE_SET_SIZE = 7 << STORAGE_REQ_SHIFT,
+
+ STORAGE_RPMB_SEND = 8 << STORAGE_REQ_SHIFT,
+
+ /* transaction support */
+ STORAGE_END_TRANSACTION = 9 << STORAGE_REQ_SHIFT,
+};
+
+/**
+ * enum storage_err - error codes for storage protocol
+ * @STORAGE_NO_ERROR: all OK
+ * @STORAGE_ERR_GENERIC: unknown error. Can occur when there's an internal server
+ * error, e.g. the server runs out of memory or is in a bad state.
+ * @STORAGE_ERR_NOT_VALID: input not valid. May occur if the arguments passed
+ * into the command are not valid, for example if the file handle
+ * passed in is not a valid one.
+ * @STORAGE_ERR_UNIMPLEMENTED: the command passed in is not recognized
+ * @STORAGE_ERR_ACCESS: the file is not accessible in the requested mode
+ * @STORAGE_ERR_NOT_FOUND: the file was not found
+ * @STORAGE_ERR_EXIST the file exists when it shouldn't as in with OPEN_CREATE | OPEN_EXCLUSIVE.
+ * @STORAGE_ERR_TRANSACT returned by various operations to indicate that current transaction
+ * is in error state. Such state could be only cleared by sending
+ * STORAGE_END_TRANSACTION message.
+ */
+enum storage_err {
+ STORAGE_NO_ERROR = 0,
+ STORAGE_ERR_GENERIC = 1,
+ STORAGE_ERR_NOT_VALID = 2,
+ STORAGE_ERR_UNIMPLEMENTED = 3,
+ STORAGE_ERR_ACCESS = 4,
+ STORAGE_ERR_NOT_FOUND = 5,
+ STORAGE_ERR_EXIST = 6,
+ STORAGE_ERR_TRANSACT = 7,
+};
+
+/**
+ * storage_delete_flag - flags for controlling delete semantics
+ */
+enum storage_file_delete_flag {
+ STORAGE_FILE_DELETE_MASK = 0,
+};
+
+/**
+ * storage_file_flag - Flags to control 'open' semantics.
+ * @STORAGE_FILE_OPEN_CREATE: if this file does not exist, create it.
+ * @STORAGE_FILE_OPEN_CREATE_EXCLUSIVE: causes STORAGE_FILE_OPEN_CREATE to fail if the file
+ * already exists. Only meaningful if used in combination
+ * with STORAGE_FILE_OPEN_CREATE.
+ * @STORAGE_FILE_OPEN_TRUNCATE: if this file already exists, discard existing content
+ * and open it as a new file. No change in semantics if the
+ * file does not exist.
+ * @STORAGE_FILE_OPEN_MASK: mask for all open flags supported in current protocol.
+ * All other bits must be set to 0.
+ */
+enum storage_file_open_flag {
+ STORAGE_FILE_OPEN_CREATE = (1 << 0),
+ STORAGE_FILE_OPEN_CREATE_EXCLUSIVE = (1 << 1),
+ STORAGE_FILE_OPEN_TRUNCATE = (1 << 2),
+ STORAGE_FILE_OPEN_MASK = STORAGE_FILE_OPEN_CREATE |
+ STORAGE_FILE_OPEN_TRUNCATE |
+ STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+};
+
+/**
+ * enum storage_msg_flag - protocol-level flags in struct storage_msg
+ * @STORAGE_MSG_FLAG_BATCH: if set, command belongs to a batch transaction.
+ * No response will be sent by the server until
+ * it receives a command with this flag unset, at
+ * which point a cummulative result for all messages
+ * sent with STORAGE_MSG_FLAG_BATCH will be sent.
+ * This is only supported by the non-secure disk proxy
+ * server.
+ * @STORAGE_MSG_FLAG_PRE_COMMIT: if set, indicates that server need to commit
+ * pending changes before processing this message.
+ * @STORAGE_MSG_FLAG_POST_COMMIT: if set, indicates that server need to commit
+ * pending changes after processing this message.
+ * @STORAGE_MSG_FLAG_TRANSACT_COMPLETE: if set, indicates that server need to commit
+ * current transaction after processing this message.
+ * It is an alias for STORAGE_MSG_FLAG_POST_COMMIT.
+ */
+enum storage_msg_flag {
+ STORAGE_MSG_FLAG_BATCH = 0x1,
+ STORAGE_MSG_FLAG_PRE_COMMIT = 0x2,
+ STORAGE_MSG_FLAG_POST_COMMIT = 0x4,
+ STORAGE_MSG_FLAG_TRANSACT_COMPLETE = STORAGE_MSG_FLAG_POST_COMMIT,
+};
+
+/*
+ * The following declarations are the message-specific contents of
+ * the 'payload' element inside struct storage_msg.
+ */
+
+/**
+ * struct storage_file_delete_req - request format for STORAGE_FILE_DELETE
+ * @flags: currently unused, must be set to 0.
+ * @name: the name of the file
+ */
+struct storage_file_delete_req {
+ uint32_t flags;
+ char name[0];
+};
+
+/**
+ * struct storage_file_open_req - request format for STORAGE_FILE_OPEN
+ * @flags: any of enum storage_file_flag or'ed together
+ * @name: the name of the file
+ */
+struct storage_file_open_req {
+ uint32_t flags;
+ char name[0];
+};
+
+/**
+ * struct storage_file_open_resp - response format for STORAGE_FILE_OPEN
+ * @handle: opaque handle to the opened file. Only present on success.
+ */
+struct storage_file_open_resp {
+ uint32_t handle;
+};
+
+/**
+ * struct storage_file_close_req - request format for STORAGE_FILE_CLOSE
+ * @handle: the handle for the file to close
+ */
+struct storage_file_close_req {
+ uint32_t handle;
+};
+
+/**
+ * struct storage_file_read_req - request format for STORAGE_FILE_READ
+ * @handle: the handle for the file from which to read
+ * @size: the quantity of bytes to read from the file
+ * @offset: the offset in the file from whence to read
+ */
+struct storage_file_read_req {
+ uint32_t handle;
+ uint32_t size;
+ uint64_t offset;
+};
+
+/**
+ * struct storage_file_read_resp - response format for STORAGE_FILE_READ
+ * @data: beginning of data retrieved from file
+ */
+struct storage_file_read_resp {
+ uint8_t data[0];
+};
+
+/**
+ * struct storage_file_write_req - request format for STORAGE_FILE_WRITE
+ * @handle: the handle for the file to write to
+ * @offset: the offset in the file from whence to write
+ * @__reserved: unused, must be set to 0.
+ * @data: beginning of the data to be written
+ */
+struct storage_file_write_req {
+ uint64_t offset;
+ uint32_t handle;
+ uint32_t __reserved;
+ uint8_t data[0];
+};
+
+/**
+ * struct storage_file_get_size_req - request format for STORAGE_FILE_GET_SIZE
+ * @handle: handle for which the size is requested
+ */
+struct storage_file_get_size_req {
+ uint32_t handle;
+};
+
+/**
+ * struct storage_file_get_size_resp - response format for STORAGE_FILE_GET_SIZE
+ * @size: the size of the file
+ */
+struct storage_file_get_size_resp {
+ uint64_t size;
+};
+
+/**
+ * struct storage_file_set_size_req - request format for STORAGE_FILE_SET_SIZE
+ * @handle: the file handle
+ * @size: the desired size of the file
+ */
+struct storage_file_set_size_req {
+ uint64_t size;
+ uint32_t handle;
+};
+
+/**
+ * struct storage_rpmb_send_req - request format for STORAGE_RPMB_SEND
+ * @reliable_write_size: size in bytes of reliable write region
+ * @write_size: size in bytes of write region
+ * @read_size: number of bytes to read for a read request
+ * @__reserved: unused, must be set to 0
+ * @payload: start of reliable write region, followed by
+ * write region.
+ *
+ * Only used in proxy<->server interface.
+ */
+struct storage_rpmb_send_req {
+ uint32_t reliable_write_size;
+ uint32_t write_size;
+ uint32_t read_size;
+ uint32_t __reserved;
+ uint8_t payload[0];
+};
+
+/**
+ * struct storage_rpmb_send_resp: response type for STORAGE_RPMB_SEND
+ * @data: the data frames frames retrieved from the MMC.
+ */
+struct storage_rpmb_send_resp {
+ uint8_t data[0];
+};
+
+/**
+ * struct storage_msg - generic req/resp format for all storage commands
+ * @cmd: one of enum storage_cmd
+ * @op_id: client chosen operation identifier for an instance
+ * of a command or atomic grouping of commands (transaction).
+ * @flags: one or many of enum storage_msg_flag or'ed together.
+ * @size: total size of the message including this header
+ * @result: one of enum storage_err
+ * @__reserved: unused, must be set to 0.
+ * @payload: beginning of command specific message format
+ */
+struct storage_msg {
+ uint32_t cmd;
+ uint32_t op_id;
+ uint32_t flags;
+ uint32_t size;
+ int32_t result;
+ uint32_t __reserved;
+ uint8_t payload[0];
+};
+
diff --git a/trusty/storage/lib/Android.mk b/trusty/storage/lib/Android.mk
new file mode 100644
index 0000000..7e0fc9d
--- /dev/null
+++ b/trusty/storage/lib/Android.mk
@@ -0,0 +1,37 @@
+#
+# Copyright (C) 2015 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := libtrustystorage
+
+LOCAL_SRC_FILES := \
+ storage.c \
+
+LOCAL_CLFAGS = -fvisibility=hidden -Wall -Werror
+
+LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+
+LOCAL_STATIC_LIBRARIES := \
+ liblog \
+ libtrusty \
+ libtrustystorageinterface
+
+include $(BUILD_STATIC_LIBRARY)
+
diff --git a/trusty/storage/lib/include/trusty/lib/storage.h b/trusty/storage/lib/include/trusty/lib/storage.h
new file mode 100644
index 0000000..b8ddf67
--- /dev/null
+++ b/trusty/storage/lib/include/trusty/lib/storage.h
@@ -0,0 +1,154 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <stdint.h>
+#include <trusty/interface/storage.h>
+
+#define STORAGE_MAX_NAME_LENGTH_BYTES 159
+
+__BEGIN_DECLS
+
+typedef uint32_t storage_session_t;
+typedef uint64_t file_handle_t;
+typedef uint64_t storage_off_t;
+
+#define STORAGE_INVALID_SESSION ((storage_session_t)-1)
+
+/**
+ * storage_ops_flags - storage related operation flags
+ * @STORAGE_OP_COMPLETE: forces to commit current transaction
+ */
+enum storage_ops_flags {
+ STORAGE_OP_COMPLETE = 0x1,
+};
+
+/**
+ * storage_open_session() - Opens a storage session.
+ * @device: device node for talking with Trusty
+ * @session_p: pointer to location in which to store session handle
+ * in case of success.
+ *
+ * Return: 0 on success, or an error code < 0 on failure.
+ */
+int storage_open_session(const char *device, storage_session_t *session_p, const char *port);
+
+/**
+ * storage_close_session() - Closes the session.
+ * @session: the session to close
+ */
+void storage_close_session(storage_session_t session);
+
+/**
+ * storage_open_file() - Opens a file
+ * @session: the storage_session_t returned from a call to storage_open_session
+ * @handle_p: pointer to location in which to store file handle in case of success
+ * @name: a null-terminated string identifier of the file to open.
+ * Cannot be more than STORAGE_MAX_NAME_LENGTH_BYTES in length.
+ * @flags: A bitmask consisting any storage_file_flag value or'ed together:
+ * - STORAGE_FILE_OPEN_CREATE: if this file does not exist, create it.
+ * - STORAGE_FILE_OPEN_CREATE_EXCLUSIVE: when specified, opening file with
+ * STORAGE_OPEN_FILE_CREATE flag will
+ * fail if the file already exists.
+ * Only meaningful if used in combination
+ * with STORAGE_FILE_OPEN_CREATE flag.
+ * - STORAGE_FILE_OPEN_TRUNCATE: if this file already exists, discard existing
+ * content and open it as a new file. No change
+ * in semantics if the file does not exist.
+ * @opflags: a combination of @storage_op_flags
+ *
+ * Return: 0 on success, or an error code < 0 on failure.
+ */
+int storage_open_file(storage_session_t session, file_handle_t *handle_p,
+ const char *name, uint32_t flags, uint32_t opflags);
+
+/**
+ * storage_close_file() - Closes a file.
+ * @handle: the file_handle_t retrieved from storage_open_file
+ */
+void storage_close_file(file_handle_t handle);
+
+/**
+ * storage_delete_file - Deletes a file.
+ * @session: the storage_session_t returned from a call to storage_open_session
+ * @name: the name of the file to delete
+ * @opflags: a combination of @storage_op_flags
+ *
+ * Return: 0 on success, or an error code < 0 on failure.
+ */
+int storage_delete_file(storage_session_t session, const char *name,
+ uint32_t opflags);
+
+/**
+ * storage_read() - Reads a file at a given offset.
+ * @handle: the file_handle_t retrieved from storage_open_file
+ * @off: the start offset from whence to read in the file
+ * @buf: the buffer in which to write the data read
+ * @size: the size of buf and number of bytes to read
+ *
+ * Return: the number of bytes read on success, negative error code on failure
+ */
+ssize_t storage_read(file_handle_t handle,
+ storage_off_t off, void *buf, size_t size);
+
+/**
+ * storage_write() - Writes to a file at a given offset. Grows the file if necessary.
+ * @handle: the file_handle_t retrieved from storage_open_file
+ * @off: the start offset from whence to write in the file
+ * @buf: the buffer containing the data to write
+ * @size: the size of buf and number of bytes to write
+ * @opflags: a combination of @storage_op_flags
+ *
+ * Return: the number of bytes written on success, negative error code on failure
+ */
+ssize_t storage_write(file_handle_t handle,
+ storage_off_t off, const void *buf, size_t size,
+ uint32_t opflags);
+
+/**
+ * storage_set_file_size() - Sets the size of the file.
+ * @handle: the file_handle_t retrieved from storage_open_file
+ * @off: the number of bytes to set as the new size of the file
+ * @opflags: a combination of @storage_op_flags
+ *
+ * Return: 0 on success, negative error code on failure.
+ */
+int storage_set_file_size(file_handle_t handle, storage_off_t file_size,
+ uint32_t opflags);
+
+/**
+ * storage_get_file_size() - Gets the size of the file.
+ * @session: the storage_session_t returned from a call to storage_open_session
+ * @handle: the file_handle_t retrieved from storage_open_file
+ * @size: pointer to storage_off_t in which to store the file size
+ *
+ * Return: 0 on success, negative error code on failure.
+ */
+int storage_get_file_size(file_handle_t handle, storage_off_t *size);
+
+
+/**
+ * storage_end_transaction: End current transaction
+ * @session: the storage_session_t returned from a call to storage_open_session
+ * @complete: if true, commit current transaction, discard it otherwise
+ *
+ * Return: 0 on success, negative error code on failure.
+ */
+int storage_end_transaction(storage_session_t session, bool complete);
+
+
+__END_DECLS
diff --git a/trusty/storage/lib/storage.c b/trusty/storage/lib/storage.c
new file mode 100644
index 0000000..8130f76
--- /dev/null
+++ b/trusty/storage/lib/storage.c
@@ -0,0 +1,311 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <stdarg.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <string.h>
+#include <sys/uio.h>
+
+#include <trusty/tipc.h>
+#include <trusty/lib/storage.h>
+
+#define LOG_TAG "trusty_storage_client"
+#include <cutils/log.h>
+
+#define MAX_CHUNK_SIZE 4040
+
+static inline file_handle_t make_file_handle(storage_session_t s, uint32_t fid)
+{
+ return ((uint64_t)s << 32) | fid;
+}
+
+static inline storage_session_t _to_session(file_handle_t fh)
+{
+ return (storage_session_t)(fh >> 32);
+}
+
+static inline uint32_t _to_handle(file_handle_t fh)
+{
+ return (uint32_t) fh;
+}
+
+static inline uint32_t _to_msg_flags(uint32_t opflags)
+{
+ uint32_t msg_flags = 0;
+
+ if (opflags & STORAGE_OP_COMPLETE)
+ msg_flags |= STORAGE_MSG_FLAG_TRANSACT_COMPLETE;
+
+ return msg_flags;
+}
+
+static ssize_t check_response(struct storage_msg *msg, ssize_t res)
+{
+ if (res < 0)
+ return res;
+
+ if ((size_t)res < sizeof(*msg)) {
+ ALOGE("invalid msg length (%zd < %zd)\n", res, sizeof(*msg));
+ return -EIO;
+ }
+
+ ALOGV("cmd 0x%x: server returned %u\n", msg->cmd, msg->result);
+
+ switch(msg->result) {
+ case STORAGE_NO_ERROR:
+ return res - sizeof(*msg);
+
+ case STORAGE_ERR_NOT_FOUND:
+ return -ENOENT;
+
+ case STORAGE_ERR_EXIST:
+ return -EEXIST;
+
+ case STORAGE_ERR_NOT_VALID:
+ return -EINVAL;
+
+ case STORAGE_ERR_UNIMPLEMENTED:
+ ALOGE("cmd 0x%x: is unhandles command\n", msg->cmd);
+ return -EINVAL;
+
+ case STORAGE_ERR_ACCESS:
+ return -EACCES;
+
+ case STORAGE_ERR_TRANSACT:
+ return -EBUSY;
+
+ case STORAGE_ERR_GENERIC:
+ ALOGE("cmd 0x%x: internal server error\n", msg->cmd);
+ return -EIO;
+
+ default:
+ ALOGE("cmd 0x%x: unhandled server response %u\n",
+ msg->cmd, msg->result);
+ }
+
+ return -EIO;
+}
+
+static ssize_t send_reqv(storage_session_t session,
+ const struct iovec *tx_iovs, uint tx_iovcnt,
+ const struct iovec *rx_iovs, uint rx_iovcnt)
+{
+ ssize_t rc;
+
+ rc = writev(session, tx_iovs, tx_iovcnt);
+ if (rc < 0) {
+ rc = -errno;
+ ALOGE("failed to send request: %s\n", strerror(errno));
+ return rc;
+ }
+
+ rc = readv(session, rx_iovs, rx_iovcnt);
+ if (rc < 0) {
+ rc = -errno;
+ ALOGE("failed to recv response: %s\n", strerror(errno));
+ return rc;
+ }
+
+ return rc;
+}
+
+int storage_open_session(const char *device, storage_session_t *session_p,
+ const char *port)
+{
+ int rc = tipc_connect(device, port);
+ if (rc < 0)
+ return rc;
+ *session_p = (storage_session_t) rc;
+ return 0;
+}
+
+void storage_close_session(storage_session_t session)
+{
+ tipc_close(session);
+}
+
+
+int storage_open_file(storage_session_t session, file_handle_t *handle_p, const char *name,
+ uint32_t flags, uint32_t opflags)
+{
+ struct storage_msg msg = { .cmd = STORAGE_FILE_OPEN, .flags = _to_msg_flags(opflags)};
+ struct storage_file_open_req req = { .flags = flags };
+ struct iovec tx[3] = {{&msg, sizeof(msg)}, {&req, sizeof(req)}, {(void *)name, strlen(name)}};
+ struct storage_file_open_resp rsp = { 0 };
+ struct iovec rx[2] = {{&msg, sizeof(msg)}, {&rsp, sizeof(rsp)}};
+
+ ssize_t rc = send_reqv(session, tx, 3, rx, 2);
+ rc = check_response(&msg, rc);
+ if (rc < 0)
+ return rc;
+
+ if ((size_t)rc != sizeof(rsp)) {
+ ALOGE("%s: invalid response length (%zd != %zd)\n", __func__, rc, sizeof(rsp));
+ return -EIO;
+ }
+
+ *handle_p = make_file_handle(session, rsp.handle);
+ return 0;
+}
+
+void storage_close_file(file_handle_t fh)
+{
+ struct storage_msg msg = { .cmd = STORAGE_FILE_CLOSE };
+ struct storage_file_close_req req = { .handle = _to_handle(fh)};
+ struct iovec tx[2] = {{&msg, sizeof(msg)}, {&req, sizeof(req)}};
+ struct iovec rx[1] = {{&msg, sizeof(msg)}};
+
+ ssize_t rc = send_reqv(_to_session(fh), tx, 2, rx, 1);
+ rc = check_response(&msg, rc);
+ if (rc < 0) {
+ ALOGE("close file failed (%d)\n", (int)rc);
+ }
+}
+
+int storage_delete_file(storage_session_t session, const char *name, uint32_t opflags)
+{
+ struct storage_msg msg = { .cmd = STORAGE_FILE_DELETE, .flags = _to_msg_flags(opflags)};
+ struct storage_file_delete_req req = { .flags = 0, };
+ struct iovec tx[3] = {{&msg, sizeof(msg)}, {&req, sizeof(req)}, {(void *)name, strlen(name)}};
+ struct iovec rx[1] = {{&msg, sizeof(msg)}};
+
+ ssize_t rc = send_reqv(session, tx, 3, rx, 1);
+ return check_response(&msg, rc);
+}
+
+static int _read_chunk(file_handle_t fh, storage_off_t off, void *buf, size_t size)
+{
+ struct storage_msg msg = { .cmd = STORAGE_FILE_READ };
+ struct storage_file_read_req req = { .handle = _to_handle(fh), .size = size, .offset = off };
+ struct iovec tx[2] = {{&msg, sizeof(msg)}, {&req, sizeof(req)}};
+ struct iovec rx[2] = {{&msg, sizeof(msg)}, {buf, size}};
+
+ ssize_t rc = send_reqv(_to_session(fh), tx, 2, rx, 2);
+ return check_response(&msg, rc);
+}
+
+ssize_t storage_read(file_handle_t fh, storage_off_t off, void *buf, size_t size)
+{
+ int rc;
+ size_t bytes_read = 0;
+ size_t chunk = MAX_CHUNK_SIZE;
+ uint8_t *ptr = buf;
+
+ while (size) {
+ if (chunk > size)
+ chunk = size;
+ rc = _read_chunk(fh, off, ptr, chunk);
+ if (rc < 0)
+ return rc;
+ if (rc == 0)
+ break;
+ off += rc;
+ ptr += rc;
+ bytes_read += rc;
+ size -= rc;
+ }
+ return bytes_read;
+}
+
+static int _write_req(file_handle_t fh, storage_off_t off,
+ const void *buf, size_t size, uint32_t msg_flags)
+{
+ struct storage_msg msg = { .cmd = STORAGE_FILE_WRITE, .flags = msg_flags, };
+ struct storage_file_write_req req = { .handle = _to_handle(fh), .offset = off, };
+ struct iovec tx[3] = {{&msg, sizeof(msg)}, {&req, sizeof(req)}, {(void *)buf, size}};
+ struct iovec rx[1] = {{&msg, sizeof(msg)}};
+
+ ssize_t rc = send_reqv(_to_session(fh), tx, 3, rx, 1);
+ rc = check_response(&msg, rc);
+ return rc < 0 ? rc : size;
+}
+
+ssize_t storage_write(file_handle_t fh, storage_off_t off,
+ const void *buf, size_t size, uint32_t opflags)
+{
+ int rc;
+ size_t bytes_written = 0;
+ size_t chunk = MAX_CHUNK_SIZE;
+ const uint8_t *ptr = buf;
+ uint32_t msg_flags = _to_msg_flags(opflags & ~STORAGE_OP_COMPLETE);
+
+ while (size) {
+ if (chunk >= size) {
+ /* last chunk in sequence */
+ chunk = size;
+ msg_flags = _to_msg_flags(opflags);
+ }
+ rc = _write_req(fh, off, ptr, chunk, msg_flags);
+ if (rc < 0)
+ return rc;
+ if ((size_t)rc != chunk) {
+ ALOGE("got partial write (%d)\n", (int)rc);
+ return -EIO;
+ }
+ off += chunk;
+ ptr += chunk;
+ bytes_written += chunk;
+ size -= chunk;
+ }
+ return bytes_written;
+}
+
+int storage_set_file_size(file_handle_t fh, storage_off_t file_size, uint32_t opflags)
+{
+ struct storage_msg msg = { .cmd = STORAGE_FILE_SET_SIZE, .flags = _to_msg_flags(opflags)};
+ struct storage_file_set_size_req req = { .handle = _to_handle(fh), .size = file_size, };
+ struct iovec tx[2] = {{&msg, sizeof(msg)}, {&req, sizeof(req)}};
+ struct iovec rx[1] = {{&msg, sizeof(msg)}};
+
+ ssize_t rc = send_reqv(_to_session(fh), tx, 2, rx, 1);
+ return check_response(&msg, rc);
+}
+
+int storage_get_file_size(file_handle_t fh, storage_off_t *size_p)
+{
+ struct storage_msg msg = { .cmd = STORAGE_FILE_GET_SIZE };
+ struct storage_file_get_size_req req = { .handle = _to_handle(fh), };
+ struct iovec tx[2] = {{&msg, sizeof(msg)}, {&req, sizeof(req)}};
+ struct storage_file_get_size_resp rsp;
+ struct iovec rx[2] = {{&msg, sizeof(msg)}, {&rsp, sizeof(rsp)}};
+
+ ssize_t rc = send_reqv(_to_session(fh), tx, 2, rx, 2);
+ rc = check_response(&msg, rc);
+ if (rc < 0)
+ return rc;
+
+ if ((size_t)rc != sizeof(rsp)) {
+ ALOGE("%s: invalid response length (%zd != %zd)\n", __func__, rc, sizeof(rsp));
+ return -EIO;
+ }
+
+ *size_p = rsp.size;
+ return 0;
+}
+
+int storage_end_transaction(storage_session_t session, bool complete)
+{
+ struct storage_msg msg = {
+ .cmd = STORAGE_END_TRANSACTION,
+ .flags = complete ? STORAGE_MSG_FLAG_TRANSACT_COMPLETE : 0,
+ };
+ struct iovec iov = {&msg, sizeof(msg)};
+
+ ssize_t rc = send_reqv(session, &iov, 1, &iov, 1);
+ return check_response(&msg, rc);
+}
diff --git a/trusty/storage/proxy/Android.mk b/trusty/storage/proxy/Android.mk
new file mode 100644
index 0000000..745e302
--- /dev/null
+++ b/trusty/storage/proxy/Android.mk
@@ -0,0 +1,41 @@
+#
+# Copyright (C) 2016 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := storageproxyd
+
+LOCAL_C_INCLUDES += bionic/libc/kernel/uapi
+
+LOCAL_SRC_FILES := \
+ ipc.c \
+ rpmb.c \
+ storage.c \
+ proxy.c
+
+LOCAL_CLFAGS = -Wall -Werror
+
+LOCAL_SHARED_LIBRARIES := \
+ liblog \
+
+LOCAL_STATIC_LIBRARIES := \
+ libtrustystorageinterface \
+ libtrusty
+
+include $(BUILD_EXECUTABLE)
+
diff --git a/trusty/storage/proxy/ipc.c b/trusty/storage/proxy/ipc.c
new file mode 100644
index 0000000..b4748e2
--- /dev/null
+++ b/trusty/storage/proxy/ipc.c
@@ -0,0 +1,114 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <assert.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/uio.h>
+
+#include <trusty/tipc.h>
+
+#include "ipc.h"
+#include "log.h"
+
+#define MAX_RECONNECT_RETRY_COUNT 5
+#define TRUSTY_RECONNECT_TIMEOUT_SEC 5
+
+static int tipc_fd = -1;
+
+int ipc_connect(const char *device, const char *port)
+{
+ int rc;
+ uint retry_cnt = 0;
+
+ assert(tipc_fd == -1);
+
+ while(true) {
+ rc = tipc_connect(device, port);
+ if (rc >= 0)
+ break;
+
+ ALOGE("failed (%d) to connect to storage server\n", rc);
+ if (++retry_cnt > MAX_RECONNECT_RETRY_COUNT) {
+ ALOGE("max number of reconnect retries (%d) has been reached\n",
+ retry_cnt);
+ return -1;
+ }
+ sleep(TRUSTY_RECONNECT_TIMEOUT_SEC);
+ }
+ tipc_fd = rc;
+ return 0;
+}
+
+void ipc_disconnect(void)
+{
+ assert(tipc_fd >= 0);
+
+ tipc_close(tipc_fd);
+ tipc_fd = -1;
+}
+
+ssize_t ipc_get_msg(struct storage_msg *msg, void *req_buf, size_t req_buf_len)
+{
+ ssize_t rc;
+ struct iovec iovs[2] = {{msg, sizeof(*msg)}, {req_buf, req_buf_len}};
+
+ assert(tipc_fd >= 0);
+
+ rc = readv(tipc_fd, iovs, 2);
+ if (rc < 0) {
+ ALOGE("failed to read request: %s\n", strerror(errno));
+ return rc;
+ }
+
+ /* check for minimum size */
+ if ((size_t)rc < sizeof(*msg)) {
+ ALOGE("message is too short (%zu bytes received)\n", rc);
+ return -1;
+ }
+
+ /* check for message completeness */
+ if (msg->size != (uint32_t)rc) {
+ ALOGE("inconsistent message size [cmd=%d] (%u != %u)\n",
+ msg->cmd, msg->size, (uint32_t)rc);
+ return -1;
+ }
+
+ return rc - sizeof(*msg);
+}
+
+int ipc_respond(struct storage_msg *msg, void *out, size_t out_size)
+{
+ ssize_t rc;
+ struct iovec iovs[2] = {{msg, sizeof(*msg)}, {out, out_size}};
+
+ assert(tipc_fd >= 0);
+
+ msg->cmd |= STORAGE_RESP_BIT;
+
+ rc = writev(tipc_fd, iovs, out ? 2 : 1);
+ if (rc < 0) {
+ ALOGE("error sending response 0x%x: %s\n",
+ msg->cmd, strerror(errno));
+ return -1;
+ }
+
+ return 0;
+}
+
+
diff --git a/libcutils/atomic.c b/trusty/storage/proxy/ipc.h
similarity index 60%
copy from libcutils/atomic.c
copy to trusty/storage/proxy/ipc.h
index d34aa00..2e366bb 100644
--- a/libcutils/atomic.c
+++ b/trusty/storage/proxy/ipc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007 The Android Open Source Project
+ * Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -13,14 +13,12 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+#pragma once
-/*
- * Generate non-inlined versions of android_atomic functions.
- * Nobody should be using these, but some binary blobs currently (late 2014)
- * are.
- * If you read this in 2015 or later, please try to delete this file.
- */
+#include <stdint.h>
+#include <trusty/interface/storage.h>
-#define ANDROID_ATOMIC_INLINE
-
-#include <cutils/atomic.h>
+int ipc_connect(const char *device, const char *service_name);
+void ipc_disconnect(void);
+ssize_t ipc_get_msg(struct storage_msg *msg, void *req_buf, size_t req_buf_len);
+int ipc_respond(struct storage_msg *msg, void *out, size_t out_size);
diff --git a/libcutils/atomic.c b/trusty/storage/proxy/log.h
similarity index 62%
copy from libcutils/atomic.c
copy to trusty/storage/proxy/log.h
index d34aa00..471cb50 100644
--- a/libcutils/atomic.c
+++ b/trusty/storage/proxy/log.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007 The Android Open Source Project
+ * Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -14,13 +14,6 @@
* limitations under the License.
*/
-/*
- * Generate non-inlined versions of android_atomic functions.
- * Nobody should be using these, but some binary blobs currently (late 2014)
- * are.
- * If you read this in 2015 or later, please try to delete this file.
- */
+#define LOG_TAG "storageproxyd"
+#include <cutils/log.h>
-#define ANDROID_ATOMIC_INLINE
-
-#include <cutils/atomic.h>
diff --git a/trusty/storage/proxy/proxy.c b/trusty/storage/proxy/proxy.c
new file mode 100644
index 0000000..d645ac0
--- /dev/null
+++ b/trusty/storage/proxy/proxy.c
@@ -0,0 +1,264 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <errno.h>
+#include <getopt.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <string.h>
+#include <stdlib.h>
+#include <sys/capability.h>
+#include <sys/prctl.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+#include <private/android_filesystem_config.h>
+
+#include "ipc.h"
+#include "log.h"
+#include "rpmb.h"
+#include "storage.h"
+
+#define REQ_BUFFER_SIZE 4096
+static uint8_t req_buffer[REQ_BUFFER_SIZE + 1];
+
+static const char *ss_data_root;
+static const char *trusty_devname;
+static const char *rpmb_devname;
+static const char *ss_srv_name = STORAGE_DISK_PROXY_PORT;
+
+static const char *_sopts = "hp:d:r:";
+static const struct option _lopts[] = {
+ {"help", no_argument, NULL, 'h'},
+ {"trusty_dev", required_argument, NULL, 'd'},
+ {"data_path", required_argument, NULL, 'p'},
+ {"rpmb_dev", required_argument, NULL, 'r'},
+ {0, 0, 0, 0}
+};
+
+static void show_usage_and_exit(int code)
+{
+ ALOGE("usage: storageproxyd -d <trusty_dev> -p <data_path> -r <rpmb_dev>\n");
+ exit(code);
+}
+
+static int drop_privs(void)
+{
+ struct __user_cap_header_struct capheader;
+ struct __user_cap_data_struct capdata[2];
+
+ if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) {
+ return -1;
+ }
+
+ /*
+ * ensure we're running as the system user
+ */
+ if (setgid(AID_SYSTEM) != 0) {
+ return -1;
+ }
+
+ if (setuid(AID_SYSTEM) != 0) {
+ return -1;
+ }
+
+ /*
+ * drop all capabilities except SYS_RAWIO
+ */
+ memset(&capheader, 0, sizeof(capheader));
+ memset(&capdata, 0, sizeof(capdata));
+ capheader.version = _LINUX_CAPABILITY_VERSION_3;
+ capheader.pid = 0;
+
+ capdata[CAP_TO_INDEX(CAP_SYS_RAWIO)].permitted = CAP_TO_MASK(CAP_SYS_RAWIO);
+ capdata[CAP_TO_INDEX(CAP_SYS_RAWIO)].effective = CAP_TO_MASK(CAP_SYS_RAWIO);
+
+ if (capset(&capheader, &capdata[0]) < 0) {
+ return -1;
+ }
+
+ /* no-execute for user, no access for group and other */
+ umask(S_IXUSR | S_IRWXG | S_IRWXO);
+
+ return 0;
+}
+
+static int handle_req(struct storage_msg *msg, const void *req, size_t req_len)
+{
+ int rc;
+
+ if ((msg->flags & STORAGE_MSG_FLAG_POST_COMMIT) &&
+ (msg->cmd != STORAGE_RPMB_SEND)) {
+ /*
+ * handling post commit messages on non rpmb commands are not
+ * implemented as there is no use case for this yet.
+ */
+ ALOGE("cmd 0x%x: post commit option is not implemented\n", msg->cmd);
+ msg->result = STORAGE_ERR_UNIMPLEMENTED;
+ return ipc_respond(msg, NULL, 0);
+ }
+
+ if (msg->flags & STORAGE_MSG_FLAG_PRE_COMMIT) {
+ rc = storage_sync_checkpoint();
+ if (rc < 0) {
+ msg->result = STORAGE_ERR_GENERIC;
+ return ipc_respond(msg, NULL, 0);
+ }
+ }
+
+ switch (msg->cmd) {
+ case STORAGE_FILE_DELETE:
+ rc = storage_file_delete(msg, req, req_len);
+ break;
+
+ case STORAGE_FILE_OPEN:
+ rc = storage_file_open(msg, req, req_len);
+ break;
+
+ case STORAGE_FILE_CLOSE:
+ rc = storage_file_close(msg, req, req_len);
+ break;
+
+ case STORAGE_FILE_WRITE:
+ rc = storage_file_write(msg, req, req_len);
+ break;
+
+ case STORAGE_FILE_READ:
+ rc = storage_file_read(msg, req, req_len);
+ break;
+
+ case STORAGE_FILE_GET_SIZE:
+ rc = storage_file_get_size(msg, req, req_len);
+ break;
+
+ case STORAGE_FILE_SET_SIZE:
+ rc = storage_file_set_size(msg, req, req_len);
+ break;
+
+ case STORAGE_RPMB_SEND:
+ rc = rpmb_send(msg, req, req_len);
+ break;
+
+ default:
+ ALOGE("unhandled command 0x%x\n", msg->cmd);
+ msg->result = STORAGE_ERR_UNIMPLEMENTED;
+ rc = 1;
+ }
+
+ if (rc > 0) {
+ /* still need to send response */
+ rc = ipc_respond(msg, NULL, 0);
+ }
+ return rc;
+}
+
+static int proxy_loop(void)
+{
+ ssize_t rc;
+ struct storage_msg msg;
+
+ /* enter main message handling loop */
+ while (true) {
+
+ /* get incoming message */
+ rc = ipc_get_msg(&msg, req_buffer, REQ_BUFFER_SIZE);
+ if (rc < 0)
+ return rc;
+
+ /* handle request */
+ req_buffer[rc] = 0; /* force zero termination */
+ rc = handle_req(&msg, req_buffer, rc);
+ if (rc)
+ return rc;
+ }
+
+ return 0;
+}
+
+static void parse_args(int argc, char *argv[])
+{
+ int opt;
+ int oidx = 0;
+
+ while ((opt = getopt_long(argc, argv, _sopts, _lopts, &oidx)) != -1) {
+ switch (opt) {
+
+ case 'd':
+ trusty_devname = strdup(optarg);
+ break;
+
+ case 'p':
+ ss_data_root = strdup(optarg);
+ break;
+
+ case 'r':
+ rpmb_devname = strdup(optarg);
+ break;
+
+ default:
+ ALOGE("unrecognized option (%c):\n", opt);
+ show_usage_and_exit(EXIT_FAILURE);
+ }
+ }
+
+ if (ss_data_root == NULL ||
+ trusty_devname == NULL ||
+ rpmb_devname == NULL) {
+ ALOGE("missing required argument(s)\n");
+ show_usage_and_exit(EXIT_FAILURE);
+ }
+
+ ALOGI("starting storageproxyd\n");
+ ALOGI("storage data root: %s\n", ss_data_root);
+ ALOGI("trusty dev: %s\n", trusty_devname);
+ ALOGI("rpmb dev: %s\n", rpmb_devname);
+}
+
+int main(int argc, char *argv[])
+{
+ int rc;
+ uint retry_cnt;
+
+ /* drop privileges */
+ if (drop_privs() < 0)
+ return EXIT_FAILURE;
+
+ /* parse arguments */
+ parse_args(argc, argv);
+
+ /* initialize secure storage directory */
+ rc = storage_init(ss_data_root);
+ if (rc < 0)
+ return EXIT_FAILURE;
+
+ /* open rpmb device */
+ rc = rpmb_open(rpmb_devname);
+ if (rc < 0)
+ return EXIT_FAILURE;
+
+ /* connect to Trusty secure storage server */
+ rc = ipc_connect(trusty_devname, ss_srv_name);
+ if (rc < 0)
+ return EXIT_FAILURE;
+
+ /* enter main loop */
+ rc = proxy_loop();
+ ALOGE("exiting proxy loop with status (%d)\n", rc);
+
+ ipc_disconnect();
+ rpmb_close();
+
+ return (rc < 0) ? EXIT_FAILURE : EXIT_SUCCESS;
+}
diff --git a/trusty/storage/proxy/rpmb.c b/trusty/storage/proxy/rpmb.c
new file mode 100644
index 0000000..9130458
--- /dev/null
+++ b/trusty/storage/proxy/rpmb.c
@@ -0,0 +1,210 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/ioctl.h>
+
+#include <linux/major.h>
+#include <linux/mmc/ioctl.h>
+
+#include "ipc.h"
+#include "log.h"
+#include "rpmb.h"
+#include "storage.h"
+
+#define MMC_READ_MULTIPLE_BLOCK 18
+#define MMC_WRITE_MULTIPLE_BLOCK 25
+#define MMC_RELIABLE_WRITE_FLAG (1 << 31)
+
+#define MMC_RSP_PRESENT (1 << 0)
+#define MMC_RSP_CRC (1 << 2)
+#define MMC_RSP_OPCODE (1 << 4)
+#define MMC_CMD_ADTC (1 << 5)
+#define MMC_RSP_SPI_S1 (1 << 7)
+#define MMC_RSP_R1 (MMC_RSP_PRESENT | MMC_RSP_CRC | MMC_RSP_OPCODE)
+#define MMC_RSP_SPI_R1 (MMC_RSP_SPI_S1)
+
+#define MMC_WRITE_FLAG_R 0
+#define MMC_WRITE_FLAG_W 1
+#define MMC_WRITE_FLAG_RELW (MMC_WRITE_FLAG_W | MMC_RELIABLE_WRITE_FLAG)
+
+#define MMC_BLOCK_SIZE 512
+
+static int rpmb_fd = -1;
+static uint8_t read_buf[4096];
+
+#ifdef RPMB_DEBUG
+
+static void print_buf(const char *prefix, const uint8_t *buf, size_t size)
+{
+ size_t i;
+
+ printf("%s @%p [%zu]", prefix, buf, size);
+ for (i = 0; i < size; i++) {
+ if (i && i % 32 == 0)
+ printf("\n%*s", (int) strlen(prefix), "");
+ printf(" %02x", buf[i]);
+ }
+ printf("\n");
+ fflush(stdout);
+}
+
+#endif
+
+
+int rpmb_send(struct storage_msg *msg, const void *r, size_t req_len)
+{
+ int rc;
+ struct {
+ struct mmc_ioc_multi_cmd multi;
+ struct mmc_ioc_cmd cmd_buf[3];
+ } mmc = {};
+ struct mmc_ioc_cmd *cmd = mmc.multi.cmds;
+ const struct storage_rpmb_send_req *req = r;
+
+ if (req_len < sizeof(*req)) {
+ ALOGW("malformed rpmb request: invalid length (%zu < %zu)\n",
+ req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ size_t expected_len =
+ sizeof(*req) + req->reliable_write_size + req->write_size;
+ if (req_len != expected_len) {
+ ALOGW("malformed rpmb request: invalid length (%zu != %zu)\n",
+ req_len, expected_len);
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ const uint8_t *write_buf = req->payload;
+ if (req->reliable_write_size) {
+ if ((req->reliable_write_size % MMC_BLOCK_SIZE) != 0) {
+ ALOGW("invalid reliable write size %u\n", req->reliable_write_size);
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ cmd->write_flag = MMC_WRITE_FLAG_RELW;
+ cmd->opcode = MMC_WRITE_MULTIPLE_BLOCK;
+ cmd->flags = MMC_RSP_SPI_R1 | MMC_RSP_R1 | MMC_CMD_ADTC;
+ cmd->blksz = MMC_BLOCK_SIZE;
+ cmd->blocks = req->reliable_write_size / MMC_BLOCK_SIZE;
+ mmc_ioc_cmd_set_data((*cmd), write_buf);
+#ifdef RPMB_DEBUG
+ ALOGI("opcode: 0x%x, write_flag: 0x%x\n", cmd->opcode, cmd->write_flag);
+ print_buf("request: ", write_buf, req->reliable_write_size);
+#endif
+ write_buf += req->reliable_write_size;
+ mmc.multi.num_of_cmds++;
+ cmd++;
+ }
+
+ if (req->write_size) {
+ if ((req->write_size % MMC_BLOCK_SIZE) != 0) {
+ ALOGW("invalid write size %u\n", req->write_size);
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ cmd->write_flag = MMC_WRITE_FLAG_W;
+ cmd->opcode = MMC_WRITE_MULTIPLE_BLOCK;
+ cmd->flags = MMC_RSP_SPI_R1 | MMC_RSP_R1 | MMC_CMD_ADTC;
+ cmd->blksz = MMC_BLOCK_SIZE;
+ cmd->blocks = req->write_size / MMC_BLOCK_SIZE;
+ mmc_ioc_cmd_set_data((*cmd), write_buf);
+#ifdef RPMB_DEBUG
+ ALOGI("opcode: 0x%x, write_flag: 0x%x\n", cmd->opcode, cmd->write_flag);
+ print_buf("request: ", write_buf, req->write_size);
+#endif
+ write_buf += req->write_size;
+ mmc.multi.num_of_cmds++;
+ cmd++;
+ }
+
+ if (req->read_size) {
+ if (req->read_size % MMC_BLOCK_SIZE != 0 ||
+ req->read_size > sizeof(read_buf)) {
+ ALOGE("%s: invalid read size %u\n", __func__, req->read_size);
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ cmd->write_flag = MMC_WRITE_FLAG_R;
+ cmd->opcode = MMC_READ_MULTIPLE_BLOCK;
+ cmd->flags = MMC_RSP_SPI_R1 | MMC_RSP_R1 | MMC_CMD_ADTC,
+ cmd->blksz = MMC_BLOCK_SIZE;
+ cmd->blocks = req->read_size / MMC_BLOCK_SIZE;
+ mmc_ioc_cmd_set_data((*cmd), read_buf);
+#ifdef RPMB_DEBUG
+ ALOGI("opcode: 0x%x, write_flag: 0x%x\n", cmd->opcode, cmd->write_flag);
+#endif
+ mmc.multi.num_of_cmds++;
+ cmd++;
+ }
+
+ rc = ioctl(rpmb_fd, MMC_IOC_MULTI_CMD, &mmc.multi);
+ if (rc < 0) {
+ ALOGE("%s: mmc ioctl failed: %d, %s\n", __func__, rc, strerror(errno));
+ msg->result = STORAGE_ERR_GENERIC;
+ goto err_response;
+ }
+#ifdef RPMB_DEBUG
+ if (req->read_size)
+ print_buf("response: ", read_buf, req->read_size);
+#endif
+
+ if (msg->flags & STORAGE_MSG_FLAG_POST_COMMIT) {
+ /*
+ * Nothing todo for post msg commit request as MMC_IOC_MULTI_CMD
+ * is fully synchronous in this implementation.
+ */
+ }
+
+ msg->result = STORAGE_NO_ERROR;
+ return ipc_respond(msg, read_buf, req->read_size);
+
+err_response:
+ return ipc_respond(msg, NULL, 0);
+}
+
+
+int rpmb_open(const char *rpmb_devname)
+{
+ int rc;
+
+ rc = open(rpmb_devname, O_RDWR, 0);
+ if (rc < 0) {
+ ALOGE("unable (%d) to open rpmb device '%s': %s\n",
+ errno, rpmb_devname, strerror(errno));
+ return rc;
+ }
+ rpmb_fd = rc;
+ return 0;
+}
+
+void rpmb_close(void)
+{
+ close(rpmb_fd);
+ rpmb_fd = -1;
+}
+
diff --git a/libcutils/atomic.c b/trusty/storage/proxy/rpmb.h
similarity index 62%
rename from libcutils/atomic.c
rename to trusty/storage/proxy/rpmb.h
index d34aa00..85cff44 100644
--- a/libcutils/atomic.c
+++ b/trusty/storage/proxy/rpmb.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2007 The Android Open Source Project
+ * Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -13,14 +13,11 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+#pragma once
-/*
- * Generate non-inlined versions of android_atomic functions.
- * Nobody should be using these, but some binary blobs currently (late 2014)
- * are.
- * If you read this in 2015 or later, please try to delete this file.
- */
+#include <stdint.h>
+#include <trusty/interface/storage.h>
-#define ANDROID_ATOMIC_INLINE
-
-#include <cutils/atomic.h>
+int rpmb_open(const char *rpmb_devname);
+int rpmb_send(struct storage_msg *msg, const void *r, size_t req_len);
+void rpmb_close(void);
diff --git a/trusty/storage/proxy/storage.c b/trusty/storage/proxy/storage.c
new file mode 100644
index 0000000..c61e89d
--- /dev/null
+++ b/trusty/storage/proxy/storage.c
@@ -0,0 +1,529 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <errno.h>
+#include <fcntl.h>
+#include <inttypes.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/syscall.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include "log.h"
+#include "ipc.h"
+#include "storage.h"
+
+#define FD_TBL_SIZE 64
+#define MAX_READ_SIZE 4096
+
+enum sync_state {
+ SS_UNUSED = -1,
+ SS_CLEAN = 0,
+ SS_DIRTY = 1,
+};
+
+static int ssdir_fd = -1;
+static const char *ssdir_name;
+
+static enum sync_state fs_state;
+static enum sync_state dir_state;
+static enum sync_state fd_state[FD_TBL_SIZE];
+
+static struct {
+ struct storage_file_read_resp hdr;
+ uint8_t data[MAX_READ_SIZE];
+} read_rsp;
+
+static uint32_t insert_fd(int open_flags, int fd)
+{
+ uint32_t handle = fd;
+
+ if (open_flags & O_CREAT) {
+ dir_state = SS_DIRTY;
+ }
+
+ if (handle < FD_TBL_SIZE) {
+ fd_state[fd] = SS_CLEAN; /* fd clean */
+ if (open_flags & O_TRUNC) {
+ fd_state[fd] = SS_DIRTY; /* set fd dirty */
+ }
+ } else {
+ ALOGW("%s: untracked fd %u\n", __func__, fd);
+ if (open_flags & (O_TRUNC | O_CREAT)) {
+ fs_state = SS_DIRTY;
+ }
+ }
+ return handle;
+}
+
+static int lookup_fd(uint32_t handle, bool dirty)
+{
+ if (dirty) {
+ if (handle < FD_TBL_SIZE) {
+ fd_state[handle] = SS_DIRTY;
+ } else {
+ fs_state = SS_DIRTY;
+ }
+ }
+ return handle;
+}
+
+static int remove_fd(uint32_t handle)
+{
+ if (handle < FD_TBL_SIZE) {
+ fd_state[handle] = SS_UNUSED; /* set to uninstalled */
+ }
+ return handle;
+}
+
+static enum storage_err translate_errno(int error)
+{
+ enum storage_err result;
+ switch (error) {
+ case 0:
+ result = STORAGE_NO_ERROR;
+ break;
+ case EBADF:
+ case EINVAL:
+ case ENOTDIR:
+ case EISDIR:
+ case ENAMETOOLONG:
+ result = STORAGE_ERR_NOT_VALID;
+ break;
+ case ENOENT:
+ result = STORAGE_ERR_NOT_FOUND;
+ break;
+ case EEXIST:
+ result = STORAGE_ERR_EXIST;
+ break;
+ case EPERM:
+ case EACCES:
+ result = STORAGE_ERR_ACCESS;
+ break;
+ default:
+ result = STORAGE_ERR_GENERIC;
+ break;
+ }
+
+ return result;
+}
+
+static ssize_t write_with_retry(int fd, const void *buf_, size_t size, off_t offset)
+{
+ ssize_t rc;
+ const uint8_t *buf = buf_;
+
+ while (size > 0) {
+ rc = TEMP_FAILURE_RETRY(pwrite(fd, buf, size, offset));
+ if (rc < 0)
+ return rc;
+ size -= rc;
+ buf += rc;
+ offset += rc;
+ }
+ return 0;
+}
+
+static ssize_t read_with_retry(int fd, void *buf_, size_t size, off_t offset)
+{
+ ssize_t rc;
+ size_t rcnt = 0;
+ uint8_t *buf = buf_;
+
+ while (size > 0) {
+ rc = TEMP_FAILURE_RETRY(pread(fd, buf, size, offset));
+ if (rc < 0)
+ return rc;
+ if (rc == 0)
+ break;
+ size -= rc;
+ buf += rc;
+ offset += rc;
+ rcnt += rc;
+ }
+ return rcnt;
+}
+
+int storage_file_delete(struct storage_msg *msg,
+ const void *r, size_t req_len)
+{
+ char *path = NULL;
+ const struct storage_file_delete_req *req = r;
+
+ if (req_len < sizeof(*req)) {
+ ALOGE("%s: invalid request length (%zd < %zd)\n",
+ __func__, req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ size_t fname_len = strlen(req->name);
+ if (fname_len != req_len - sizeof(*req)) {
+ ALOGE("%s: invalid filename length (%zd != %zd)\n",
+ __func__, fname_len, req_len - sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ int rc = asprintf(&path, "%s/%s", ssdir_name, req->name);
+ if (rc < 0) {
+ ALOGE("%s: asprintf failed\n", __func__);
+ msg->result = STORAGE_ERR_GENERIC;
+ goto err_response;
+ }
+
+ dir_state = SS_DIRTY;
+ rc = unlink(path);
+ if (rc < 0) {
+ rc = errno;
+ if (errno == ENOENT) {
+ ALOGV("%s: error (%d) unlinking file '%s'\n",
+ __func__, rc, path);
+ } else {
+ ALOGE("%s: error (%d) unlinking file '%s'\n",
+ __func__, rc, path);
+ }
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+
+ ALOGV("%s: \"%s\"\n", __func__, path);
+ msg->result = STORAGE_NO_ERROR;
+
+err_response:
+ if (path)
+ free(path);
+ return ipc_respond(msg, NULL, 0);
+}
+
+
+int storage_file_open(struct storage_msg *msg,
+ const void *r, size_t req_len)
+{
+ char *path = NULL;
+ const struct storage_file_open_req *req = r;
+ struct storage_file_open_resp resp = {0};
+
+ if (req_len < sizeof(*req)) {
+ ALOGE("%s: invalid request length (%zd < %zd)\n",
+ __func__, req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ size_t fname_len = strlen(req->name);
+ if (fname_len != req_len - sizeof(*req)) {
+ ALOGE("%s: invalid filename length (%zd != %zd)\n",
+ __func__, fname_len, req_len - sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ int rc = asprintf(&path, "%s/%s", ssdir_name, req->name);
+ if (rc < 0) {
+ ALOGE("%s: asprintf failed\n", __func__);
+ msg->result = STORAGE_ERR_GENERIC;
+ goto err_response;
+ }
+
+ int open_flags = O_RDWR;
+
+ if (req->flags & STORAGE_FILE_OPEN_TRUNCATE)
+ open_flags |= O_TRUNC;
+
+ if (req->flags & STORAGE_FILE_OPEN_CREATE) {
+ /* open or create */
+ if (req->flags & STORAGE_FILE_OPEN_CREATE_EXCLUSIVE) {
+ /* create exclusive */
+ open_flags |= O_CREAT | O_EXCL;
+ rc = TEMP_FAILURE_RETRY(open(path, open_flags, S_IRUSR | S_IWUSR));
+ } else {
+ /* try open first */
+ rc = TEMP_FAILURE_RETRY(open(path, open_flags, S_IRUSR | S_IWUSR));
+ if (rc == -1 && errno == ENOENT) {
+ /* then try open with O_CREATE */
+ open_flags |= O_CREAT;
+ rc = TEMP_FAILURE_RETRY(open(path, open_flags, S_IRUSR | S_IWUSR));
+ }
+
+ }
+ } else {
+ /* open an existing file */
+ rc = TEMP_FAILURE_RETRY(open(path, open_flags, S_IRUSR | S_IWUSR));
+ }
+
+ if (rc < 0) {
+ rc = errno;
+ if (errno == EEXIST || errno == ENOENT) {
+ ALOGV("%s: failed to open file \"%s\": %s\n",
+ __func__, path, strerror(errno));
+ } else {
+ ALOGE("%s: failed to open file \"%s\": %s\n",
+ __func__, path, strerror(errno));
+ }
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+ free(path);
+
+ /* at this point rc contains storage file fd */
+ msg->result = STORAGE_NO_ERROR;
+ resp.handle = insert_fd(open_flags, rc);
+ ALOGV("%s: \"%s\": fd = %u: handle = %d\n",
+ __func__, path, rc, resp.handle);
+
+ return ipc_respond(msg, &resp, sizeof(resp));
+
+err_response:
+ if (path)
+ free(path);
+ return ipc_respond(msg, NULL, 0);
+}
+
+int storage_file_close(struct storage_msg *msg,
+ const void *r, size_t req_len)
+{
+ const struct storage_file_close_req *req = r;
+
+ if (req_len != sizeof(*req)) {
+ ALOGE("%s: invalid request length (%zd != %zd)\n",
+ __func__, req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ int fd = remove_fd(req->handle);
+ ALOGV("%s: handle = %u: fd = %u\n", __func__, req->handle, fd);
+
+ int rc = fsync(fd);
+ if (rc < 0) {
+ rc = errno;
+ ALOGE("%s: fsync failed for fd=%u: %s\n",
+ __func__, fd, strerror(errno));
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+
+ rc = close(fd);
+ if (rc < 0) {
+ rc = errno;
+ ALOGE("%s: close failed for fd=%u: %s\n",
+ __func__, fd, strerror(errno));
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+
+ msg->result = STORAGE_NO_ERROR;
+
+err_response:
+ return ipc_respond(msg, NULL, 0);
+}
+
+
+int storage_file_write(struct storage_msg *msg,
+ const void *r, size_t req_len)
+{
+ int rc;
+ const struct storage_file_write_req *req = r;
+
+ if (req_len < sizeof(*req)) {
+ ALOGE("%s: invalid request length (%zd < %zd)\n",
+ __func__, req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ int fd = lookup_fd(req->handle, true);
+ if (write_with_retry(fd, &req->data[0], req_len - sizeof(*req),
+ req->offset) < 0) {
+ rc = errno;
+ ALOGW("%s: error writing file (fd=%d): %s\n",
+ __func__, fd, strerror(errno));
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+
+ msg->result = STORAGE_NO_ERROR;
+
+err_response:
+ return ipc_respond(msg, NULL, 0);
+}
+
+
+int storage_file_read(struct storage_msg *msg,
+ const void *r, size_t req_len)
+{
+ int rc;
+ const struct storage_file_read_req *req = r;
+
+ if (req_len != sizeof(*req)) {
+ ALOGE("%s: invalid request length (%zd != %zd)\n",
+ __func__, req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ if (req->size > MAX_READ_SIZE) {
+ ALOGW("%s: request is too large (%zd > %zd) - refusing\n",
+ __func__, req->size, MAX_READ_SIZE);
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ int fd = lookup_fd(req->handle, false);
+ ssize_t read_res = read_with_retry(fd, read_rsp.hdr.data, req->size,
+ (off_t)req->offset);
+ if (read_res < 0) {
+ rc = errno;
+ ALOGW("%s: error reading file (fd=%d): %s\n",
+ __func__, fd, strerror(errno));
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+
+ msg->result = STORAGE_NO_ERROR;
+ return ipc_respond(msg, &read_rsp, read_res + sizeof(read_rsp.hdr));
+
+err_response:
+ return ipc_respond(msg, NULL, 0);
+}
+
+
+int storage_file_get_size(struct storage_msg *msg,
+ const void *r, size_t req_len)
+{
+ const struct storage_file_get_size_req *req = r;
+ struct storage_file_get_size_resp resp = {0};
+
+ if (req_len != sizeof(*req)) {
+ ALOGE("%s: invalid request length (%zd != %zd)\n",
+ __func__, req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ struct stat stat;
+ int fd = lookup_fd(req->handle, false);
+ int rc = fstat(fd, &stat);
+ if (rc < 0) {
+ rc = errno;
+ ALOGE("%s: error stat'ing file (fd=%d): %s\n",
+ __func__, fd, strerror(errno));
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+
+ resp.size = stat.st_size;
+ msg->result = STORAGE_NO_ERROR;
+ return ipc_respond(msg, &resp, sizeof(resp));
+
+err_response:
+ return ipc_respond(msg, NULL, 0);
+}
+
+
+int storage_file_set_size(struct storage_msg *msg,
+ const void *r, size_t req_len)
+{
+ const struct storage_file_set_size_req *req = r;
+
+ if (req_len != sizeof(*req)) {
+ ALOGE("%s: invalid request length (%zd != %zd)\n",
+ __func__, req_len, sizeof(*req));
+ msg->result = STORAGE_ERR_NOT_VALID;
+ goto err_response;
+ }
+
+ int fd = lookup_fd(req->handle, true);
+ int rc = TEMP_FAILURE_RETRY(ftruncate(fd, req->size));
+ if (rc < 0) {
+ rc = errno;
+ ALOGE("%s: error truncating file (fd=%d): %s\n",
+ __func__, fd, strerror(errno));
+ msg->result = translate_errno(rc);
+ goto err_response;
+ }
+
+ msg->result = STORAGE_NO_ERROR;
+
+err_response:
+ return ipc_respond(msg, NULL, 0);
+}
+
+int storage_init(const char *dirname)
+{
+ fs_state = SS_CLEAN;
+ dir_state = SS_CLEAN;
+ for (uint i = 0; i < FD_TBL_SIZE; i++) {
+ fd_state[i] = SS_UNUSED; /* uninstalled */
+ }
+
+ ssdir_fd = open(dirname, O_RDONLY);
+ if (ssdir_fd < 0) {
+ ALOGE("failed to open ss root dir \"%s\": %s\n",
+ dirname, strerror(errno));
+ return -1;
+ }
+ ssdir_name = dirname;
+ return 0;
+}
+
+int storage_sync_checkpoint(void)
+{
+ int rc;
+
+ /* sync fd table and reset it to clean state first */
+ for (uint fd = 0; fd < FD_TBL_SIZE; fd++) {
+ if (fd_state[fd] == SS_DIRTY) {
+ if (fs_state == SS_CLEAN) {
+ /* need to sync individual fd */
+ rc = fsync(fd);
+ if (rc < 0) {
+ ALOGE("fsync for fd=%d failed: %s\n", fd, strerror(errno));
+ return rc;
+ }
+ }
+ fd_state[fd] = SS_CLEAN; /* set to clean */
+ }
+ }
+
+ /* check if we need to sync the directory */
+ if (dir_state == SS_DIRTY) {
+ if (fs_state == SS_CLEAN) {
+ rc = fsync(ssdir_fd);
+ if (rc < 0) {
+ ALOGE("fsync for ssdir failed: %s\n", strerror(errno));
+ return rc;
+ }
+ }
+ dir_state = SS_CLEAN; /* set to clean */
+ }
+
+ /* check if we need to sync the whole fs */
+ if (fs_state == SS_DIRTY) {
+ rc = syscall(SYS_syncfs, ssdir_fd);
+ if (rc < 0) {
+ ALOGE("syncfs failed: %s\n", strerror(errno));
+ return rc;
+ }
+ fs_state = SS_CLEAN;
+ }
+
+ return 0;
+}
+
diff --git a/trusty/storage/proxy/storage.h b/trusty/storage/proxy/storage.h
new file mode 100644
index 0000000..5a670d4
--- /dev/null
+++ b/trusty/storage/proxy/storage.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#pragma once
+
+#include <stdint.h>
+#include <trusty/interface/storage.h>
+
+int storage_file_delete(struct storage_msg *msg,
+ const void *req, size_t req_len);
+
+int storage_file_open(struct storage_msg *msg,
+ const void *req, size_t req_len);
+
+int storage_file_close(struct storage_msg *msg,
+ const void *req, size_t req_len);
+
+int storage_file_write(struct storage_msg *msg,
+ const void *req, size_t req_len);
+
+int storage_file_read(struct storage_msg *msg,
+ const void *req, size_t req_len);
+
+int storage_file_get_size(struct storage_msg *msg,
+ const void *req, size_t req_len);
+
+int storage_file_set_size(struct storage_msg *msg,
+ const void *req, size_t req_len);
+
+int storage_init(const char *dirname);
+
+int storage_sync_checkpoint(void);
+
diff --git a/trusty/storage/tests/Android.mk b/trusty/storage/tests/Android.mk
new file mode 100644
index 0000000..71c904d
--- /dev/null
+++ b/trusty/storage/tests/Android.mk
@@ -0,0 +1,29 @@
+#
+# Copyright (C) 2016 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := secure-storage-unit-test
+LOCAL_CFLAGS += -g -Wall -Werror -std=gnu++11 -Wno-missing-field-initializers
+LOCAL_STATIC_LIBRARIES := \
+ libtrustystorageinterface \
+ libtrustystorage \
+ libtrusty \
+ liblog
+LOCAL_SRC_FILES := main.cpp
+include $(BUILD_NATIVE_TEST)
+
diff --git a/trusty/storage/tests/main.cpp b/trusty/storage/tests/main.cpp
new file mode 100644
index 0000000..a771b87
--- /dev/null
+++ b/trusty/storage/tests/main.cpp
@@ -0,0 +1,3040 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <assert.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include <gtest/gtest.h>
+
+#include <trusty/lib/storage.h>
+
+#define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0"
+
+#define ARRAY_SIZE(x) (sizeof(x)/sizeof(x[0]))
+
+static inline bool is_32bit_aligned(size_t sz)
+{
+ return ((sz & 0x3) == 0);
+}
+
+static inline bool is_valid_size(size_t sz) {
+ return (sz > 0) && is_32bit_aligned(sz);
+}
+
+static bool is_valid_offset(storage_off_t off)
+{
+ return (off & 0x3) == 0ULL;
+}
+
+static void fill_pattern32(uint32_t *buf, size_t len, storage_off_t off)
+{
+ size_t cnt = len / sizeof(uint32_t);
+ uint32_t pattern = (uint32_t)(off / sizeof(uint32_t));
+ while (cnt--) {
+ *buf++ = pattern++;
+ }
+}
+
+static bool check_pattern32(const uint32_t *buf, size_t len, storage_off_t off)
+{
+ size_t cnt = len / sizeof(uint32_t);
+ uint32_t pattern = (uint32_t)(off / sizeof(uint32_t));
+ while (cnt--) {
+ if (*buf != pattern)
+ return false;
+ buf++;
+ pattern++;
+ }
+ return true;
+}
+
+static bool check_value32(const uint32_t *buf, size_t len, uint32_t val)
+{
+ size_t cnt = len / sizeof(uint32_t);
+ while (cnt--) {
+ if (*buf != val)
+ return false;
+ buf++;
+ }
+ return true;
+}
+
+using testing::TestWithParam;
+
+class StorageServiceTest : public virtual TestWithParam<const char *> {
+public:
+ StorageServiceTest() {}
+ virtual ~StorageServiceTest() {}
+
+ virtual void SetUp() {
+ port_ = GetParam();
+ test_buf_ = NULL;
+ aux_session_ = STORAGE_INVALID_SESSION;
+ int rc = storage_open_session(TRUSTY_DEVICE_NAME, &session_, port_);
+ ASSERT_EQ(0, rc);
+ }
+
+ virtual void TearDown() {
+ if (test_buf_) {
+ delete[] test_buf_;
+ test_buf_ = NULL;
+ }
+ storage_close_session(session_);
+
+ if (aux_session_ != STORAGE_INVALID_SESSION) {
+ storage_close_session(aux_session_);
+ aux_session_ = STORAGE_INVALID_SESSION;
+ }
+ }
+
+ void WriteReadAtOffsetHelper(file_handle_t handle, size_t blk, size_t cnt, bool complete);
+
+ void WriteZeroChunk(file_handle_t handle, storage_off_t off, size_t chunk_len, bool complete );
+ void WritePatternChunk(file_handle_t handle, storage_off_t off, size_t chunk_len, bool complete);
+ void WritePattern(file_handle_t handle, storage_off_t off, size_t data_len, size_t chunk_len, bool complete);
+
+ void ReadChunk(file_handle_t handle, storage_off_t off, size_t chunk_len,
+ size_t head_len, size_t pattern_len, size_t tail_len);
+ void ReadPattern(file_handle_t handle, storage_off_t off, size_t data_len, size_t chunk_len);
+ void ReadPatternEOF(file_handle_t handle, storage_off_t off, size_t chunk_len, size_t exp_len);
+
+protected:
+ const char *port_;
+ uint32_t *test_buf_;
+ storage_session_t session_;
+ storage_session_t aux_session_;
+};
+
+INSTANTIATE_TEST_CASE_P(SS_TD_Tests, StorageServiceTest, ::testing::Values(STORAGE_CLIENT_TD_PORT));
+INSTANTIATE_TEST_CASE_P(SS_TDEA_Tests, StorageServiceTest, ::testing::Values(STORAGE_CLIENT_TDEA_PORT));
+INSTANTIATE_TEST_CASE_P(SS_TP_Tests, StorageServiceTest, ::testing::Values(STORAGE_CLIENT_TP_PORT));
+
+
+void StorageServiceTest::WriteZeroChunk(file_handle_t handle, storage_off_t off,
+ size_t chunk_len, bool complete)
+{
+ int rc;
+ uint32_t data_buf[chunk_len/sizeof(uint32_t)];
+
+ ASSERT_PRED1(is_valid_size, chunk_len);
+ ASSERT_PRED1(is_valid_offset, off);
+
+ memset(data_buf, 0, chunk_len);
+
+ rc = storage_write(handle, off, data_buf, sizeof(data_buf),
+ complete ? STORAGE_OP_COMPLETE : 0);
+ ASSERT_EQ((int)chunk_len, rc);
+}
+
+void StorageServiceTest::WritePatternChunk(file_handle_t handle, storage_off_t off,
+ size_t chunk_len, bool complete)
+{
+ int rc;
+ uint32_t data_buf[chunk_len/sizeof(uint32_t)];
+
+ ASSERT_PRED1(is_valid_size, chunk_len);
+ ASSERT_PRED1(is_valid_offset, off);
+
+ fill_pattern32(data_buf, chunk_len, off);
+
+ rc = storage_write(handle, off, data_buf, sizeof(data_buf),
+ complete ? STORAGE_OP_COMPLETE : 0);
+ ASSERT_EQ((int)chunk_len, rc);
+}
+
+void StorageServiceTest::WritePattern(file_handle_t handle, storage_off_t off,
+ size_t data_len, size_t chunk_len, bool complete)
+{
+ ASSERT_PRED1(is_valid_size, data_len);
+ ASSERT_PRED1(is_valid_size, chunk_len);
+
+ while (data_len) {
+ if (data_len < chunk_len)
+ chunk_len = data_len;
+ WritePatternChunk(handle, off, chunk_len, (chunk_len == data_len) && complete);
+ ASSERT_FALSE(HasFatalFailure());
+ off += chunk_len;
+ data_len -= chunk_len;
+ }
+}
+
+void StorageServiceTest::ReadChunk(file_handle_t handle,
+ storage_off_t off, size_t chunk_len,
+ size_t head_len, size_t pattern_len,
+ size_t tail_len)
+{
+ int rc;
+ uint32_t data_buf[chunk_len/sizeof(uint32_t)];
+ uint8_t *data_ptr = (uint8_t *)data_buf;
+
+ ASSERT_PRED1(is_valid_size, chunk_len);
+ ASSERT_PRED1(is_valid_offset, off);
+ ASSERT_EQ(head_len + pattern_len + tail_len, chunk_len);
+
+ rc = storage_read(handle, off, data_buf, chunk_len);
+ ASSERT_EQ((int)chunk_len, rc);
+
+ if (head_len) {
+ ASSERT_TRUE(check_value32((const uint32_t *)data_ptr, head_len, 0));
+ data_ptr += head_len;
+ off += head_len;
+ }
+
+ if (pattern_len) {
+ ASSERT_TRUE(check_pattern32((const uint32_t *)data_ptr, pattern_len, off));
+ data_ptr += pattern_len;
+ }
+
+ if (tail_len) {
+ ASSERT_TRUE(check_value32((const uint32_t *)data_ptr, tail_len, 0));
+ }
+}
+
+void StorageServiceTest::ReadPattern(file_handle_t handle, storage_off_t off,
+ size_t data_len, size_t chunk_len)
+{
+ int rc;
+ uint32_t data_buf[chunk_len/sizeof(uint32_t)];
+
+ ASSERT_PRED1(is_valid_size, chunk_len);
+ ASSERT_PRED1(is_valid_size, data_len);
+ ASSERT_PRED1(is_valid_offset, off);
+
+ while (data_len) {
+ if (chunk_len > data_len)
+ chunk_len = data_len;
+ rc = storage_read(handle, off, data_buf, sizeof(data_buf));
+ ASSERT_EQ((int)chunk_len, rc);
+ ASSERT_TRUE(check_pattern32(data_buf, chunk_len, off));
+ off += chunk_len;
+ data_len -= chunk_len;
+ }
+}
+
+void StorageServiceTest::ReadPatternEOF(file_handle_t handle, storage_off_t off,
+ size_t chunk_len, size_t exp_len)
+{
+ int rc;
+ size_t bytes_read = 0;
+ uint32_t data_buf[chunk_len/sizeof(uint32_t)];
+
+ ASSERT_PRED1(is_valid_size, chunk_len);
+ ASSERT_PRED1(is_32bit_aligned, exp_len);
+
+ while (true) {
+ rc = storage_read(handle, off, data_buf, sizeof(data_buf));
+ ASSERT_GE(rc, 0);
+ if (rc == 0)
+ break; // end of file reached
+ ASSERT_PRED1(is_valid_size, (size_t)rc);
+ ASSERT_TRUE(check_pattern32(data_buf, rc, off));
+ off += rc;
+ bytes_read += rc;
+ }
+ ASSERT_EQ(bytes_read, exp_len);
+}
+
+TEST_P(StorageServiceTest, CreateDelete) {
+ int rc;
+ file_handle_t handle;
+ const char *fname = "test_create_delete_file";
+
+ // make sure test file does not exist (expect success or -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+
+ // one more time (expect -ENOENT only)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // create file (expect 0)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // try to create it again while it is still opened (expect -EEXIST)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EEXIST, rc);
+
+ // close it
+ storage_close_file(handle);
+
+ // try to create it again while it is closed (expect -EEXIST)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EEXIST, rc);
+
+ // delete file (expect 0)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // one more time (expect -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-ENOENT, rc);
+}
+
+
+TEST_P(StorageServiceTest, DeleteOpened) {
+ int rc;
+ file_handle_t handle;
+ const char *fname = "delete_opened_test_file";
+
+ // make sure test file does not exist (expect success or -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+
+ // one more time (expect -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // open/create file (expect 0)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // delete opened file (expect 0)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // one more time (expect -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // close file
+ storage_close_file(handle);
+
+ // one more time (expect -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-ENOENT, rc);
+}
+
+
+TEST_P(StorageServiceTest, OpenNoCreate) {
+ int rc;
+ file_handle_t handle;
+ const char *fname = "test_open_no_create_file";
+
+ // make sure test file does not exist (expect success or -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+
+ // open non-existing file (expect -ENOENT)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // create file (expect 0)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle);
+
+ // open existing file (expect 0)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // close it
+ storage_close_file(handle);
+
+ // delete file (expect 0)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+}
+
+
+TEST_P(StorageServiceTest, OpenOrCreate) {
+ int rc;
+ file_handle_t handle;
+ const char *fname = "test_open_create_file";
+
+ // make sure test file does not exist (expect success or -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+
+ // open/create a non-existing file (expect 0)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle);
+
+ // open/create an existing file (expect 0)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle);
+
+ // delete file (expect 0)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+}
+
+
+TEST_P(StorageServiceTest, OpenCreateDeleteCharset) {
+ int rc;
+ file_handle_t handle;
+ const char *fname = "ABCDEFGHIJKLMNOPQRSTUVWXYZ-abcdefghijklmnopqrstuvwxyz_01234.56789";
+
+ // open/create file (expect 0)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle);
+
+ // open/create an existing file (expect 0)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle);
+
+ // delete file (expect 0)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open again
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+}
+
+
+TEST_P(StorageServiceTest, WriteReadSequential) {
+ int rc;
+ size_t blk = 2048;
+ file_handle_t handle;
+ const char *fname = "test_write_read_sequential";
+
+ // make sure test file does not exist (expect success or -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+
+ // create file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write a bunch of blocks (sequentially)
+ WritePattern(handle, 0, 32 * blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPattern(handle, 0, 32 * blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close file
+ storage_close_file(handle);
+
+ // open the same file again
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // read data back (sequentially) and check pattern again
+ ReadPattern(handle, 0, 32 * blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, OpenTruncate) {
+ int rc;
+ uint32_t val;
+ size_t blk = 2048;
+ file_handle_t handle;
+ const char *fname = "test_open_truncate";
+
+ // make sure test file does not exist (expect success or -ENOENT)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+
+ // create file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write some data and read it back
+ WritePatternChunk(handle, 0, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPattern(handle, 0, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close file
+ storage_close_file(handle);
+
+ // reopen with truncate
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_TRUNCATE, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ /* try to read data back (expect no data) */
+ rc = storage_read(handle, 0LL, &val, sizeof(val));
+ ASSERT_EQ(0, rc);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, OpenSame) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ file_handle_t handle3;
+ const char *fname = "test_open_same_file";
+
+ // open/create file (expect 0)
+ rc = storage_open_file(session_, &handle1, fname, STORAGE_FILE_OPEN_CREATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle1);
+
+ // open an existing file first time (expect 0)
+ rc = storage_open_file(session_, &handle1, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // open the same file second time (expect error)
+ rc = storage_open_file(session_, &handle2, fname, 0, 0);
+ ASSERT_NE(0, rc);
+
+ storage_close_file(handle1);
+
+ // delete file (expect 0)
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open deleted file (expect -ENOENT)
+ rc = storage_open_file(session_, &handle3, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+}
+
+
+TEST_P(StorageServiceTest, OpenMany) {
+ int rc;
+ file_handle_t handles[10];
+ char filename[10];
+ const char *fname_fmt = "mf%d";
+
+ // open or create a bunch of files (expect 0)
+ for (uint i = 0; i < ARRAY_SIZE(handles); ++i) {
+ snprintf(filename, sizeof(filename), fname_fmt, i);
+ rc = storage_open_file(session_, &handles[i], filename,
+ STORAGE_FILE_OPEN_CREATE, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+ }
+
+ // check that all handles are different
+ for (uint i = 0; i < ARRAY_SIZE(handles)-1; i++) {
+ for (uint j = i+1; j < ARRAY_SIZE(handles); j++) {
+ ASSERT_NE(handles[i], handles[j]);
+ }
+ }
+
+ // close them all
+ for (uint i = 0; i < ARRAY_SIZE(handles); ++i) {
+ storage_close_file(handles[i]);
+ }
+
+ // open all files without CREATE flags (expect 0)
+ for (uint i = 0; i < ARRAY_SIZE(handles); ++i) {
+ snprintf(filename, sizeof(filename), fname_fmt, i);
+ rc = storage_open_file(session_, &handles[i], filename, 0, 0);
+ ASSERT_EQ(0, rc);
+ }
+
+ // check that all handles are different
+ for (uint i = 0; i < ARRAY_SIZE(handles)-1; i++) {
+ for (uint j = i+1; j < ARRAY_SIZE(handles); j++) {
+ ASSERT_NE(handles[i], handles[j]);
+ }
+ }
+
+ // close and remove all test files
+ for (uint i = 0; i < ARRAY_SIZE(handles); ++i) {
+ storage_close_file(handles[i]);
+ snprintf(filename, sizeof(filename), fname_fmt, i);
+ rc = storage_delete_file(session_, filename, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+ }
+}
+
+
+TEST_P(StorageServiceTest, ReadAtEOF) {
+ int rc;
+ uint32_t val;
+ size_t blk = 2048;
+ file_handle_t handle;
+ const char *fname = "test_read_eof";
+
+ // open/create/truncate file
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write block at offset 0
+ WritePatternChunk(handle, 0, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close file
+ storage_close_file(handle);
+
+ // open same file again
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // read the whole block back and check pattern again
+ ReadPattern(handle, 0, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read at end of file (expected 0 bytes)
+ rc = storage_read(handle, blk, &val, sizeof(val));
+ ASSERT_EQ(0, rc);
+
+ // partial read at end of the file (expected partial data)
+ ReadPatternEOF(handle, blk/2, blk, blk/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read past end of file
+ rc = storage_read(handle, blk + 2, &val, sizeof(val));
+ ASSERT_EQ(-EINVAL, rc);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, GetFileSize) {
+ int rc;
+ size_t blk = 2048;
+ storage_off_t size;
+ file_handle_t handle;
+ const char *fname = "test_get_file_size";
+
+ // open/create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // check file size (expect success and size == 0)
+ size = 1;
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, size);
+
+ // write block
+ WritePatternChunk(handle, 0, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check size
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ(blk, size);
+
+ // write another block
+ WritePatternChunk(handle, blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check size again
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ(blk*2, size);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, SetFileSize) {
+ int rc;
+ size_t blk = 2048;
+ storage_off_t size;
+ file_handle_t handle;
+ const char *fname = "test_set_file_size";
+
+ // open/create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // check file size (expect success and size == 0)
+ size = 1;
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, size);
+
+ // write block
+ WritePatternChunk(handle, 0, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check size
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ(blk, size);
+
+ storage_close_file(handle);
+
+ // reopen normally
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // check size again
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ(blk, size);
+
+ // set file size to half
+ rc = storage_set_file_size(handle, blk/2, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // check size again (should be half of original size)
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ(blk/2, size);
+
+ // read data back
+ ReadPatternEOF(handle, 0, blk, blk/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // set file size to 0
+ rc = storage_set_file_size(handle, 0, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // check size again (should be 0)
+ rc = storage_get_file_size(handle, &size);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0LL, size);
+
+ // try to read again
+ ReadPatternEOF(handle, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+void StorageServiceTest::WriteReadAtOffsetHelper(file_handle_t handle, size_t blk, size_t cnt, bool complete)
+{
+ storage_off_t off1 = blk;
+ storage_off_t off2 = blk * (cnt-1);
+
+ // write known pattern data at non-zero offset1
+ WritePatternChunk(handle, off1, blk, complete);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // write known pattern data at non-zero offset2
+ WritePatternChunk(handle, off2, blk, complete);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read data back at offset1
+ ReadPattern(handle, off1, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read data back at offset2
+ ReadPattern(handle, off2, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read partially written data at end of file(expect to get data only, no padding)
+ ReadPatternEOF(handle, off2 + blk/2, blk, blk/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read data at offset 0 (expect success and zero data)
+ ReadChunk(handle, 0, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read data from gap (expect success and zero data)
+ ReadChunk(handle, off1 + blk, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read partially written data (start pointing within written data)
+ // (expect to get written data back and zeroes at the end)
+ ReadChunk(handle, off1 + blk/2, blk, 0, blk/2, blk/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read partially written data (start pointing withing unwritten data)
+ // expect to get zeroes at the beginning and proper data at the end
+ ReadChunk(handle, off1 - blk/2, blk, blk/2, blk/2, 0);
+ ASSERT_FALSE(HasFatalFailure());
+}
+
+
+TEST_P(StorageServiceTest, WriteReadAtOffset) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t blk_cnt = 32;
+ const char *fname = "test_write_at_offset";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write a bunch of blocks filled with zeroes
+ for (uint i = 0; i < blk_cnt; i++) {
+ WriteZeroChunk(handle, i * blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+ }
+
+ WriteReadAtOffsetHelper(handle, blk, blk_cnt, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, WriteSparse) {
+ int rc;
+ file_handle_t handle;
+ const char *fname = "test_write_sparse";
+
+ // open/create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write value past en of file
+ uint32_t val = 0xDEADBEEF;
+ rc = storage_write(handle, 1, &val, sizeof(val), STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+// Persistent 32k
+
+TEST_P(StorageServiceTest, CreatePersistent32K) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t file_size = 32768;
+ const char *fname = "test_persistent_32K_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write a bunch of blocks filled with pattern
+ WritePattern(handle, 0, file_size, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, ReadPersistent32k) {
+ int rc;
+ file_handle_t handle;
+ size_t exp_len = 32 * 1024;
+ const char *fname = "test_persistent_32K_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ ReadPatternEOF(handle, 0, 2048, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPatternEOF(handle, 0, 1024, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPatternEOF(handle, 0, 332, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, CleanUpPersistent32K) {
+ int rc;
+ const char *fname = "test_persistent_32K_file";
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+}
+
+// Persistent 1M
+TEST_P(StorageServiceTest, CreatePersistent1M_4040) {
+ int rc;
+ file_handle_t handle;
+ size_t file_size = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write a bunch of blocks filled with pattern
+ WritePattern(handle, 0, file_size, 4040, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, CreatePersistent1M_2032) {
+ int rc;
+ file_handle_t handle;
+ size_t file_size = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write a bunch of blocks filled with pattern
+ WritePattern(handle, 0, file_size, 2032, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+
+TEST_P(StorageServiceTest, CreatePersistent1M_496) {
+ int rc;
+ file_handle_t handle;
+ size_t file_size = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write a bunch of blocks filled with pattern
+ WritePattern(handle, 0, file_size, 496, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, CreatePersistent1M_240) {
+ int rc;
+ file_handle_t handle;
+ size_t file_size = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write a bunch of blocks filled with pattern
+ WritePattern(handle, 0, file_size, 240, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, ReadPersistent1M_4040) {
+ int rc;
+ file_handle_t handle;
+ size_t exp_len = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ ReadPatternEOF(handle, 0, 4040, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, ReadPersistent1M_2032) {
+ int rc;
+ file_handle_t handle;
+ size_t exp_len = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ ReadPatternEOF(handle, 0, 2032, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, ReadPersistent1M_496) {
+ int rc;
+ file_handle_t handle;
+ size_t exp_len = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ ReadPatternEOF(handle, 0, 496, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, ReadPersistent1M_240) {
+ int rc;
+ file_handle_t handle;
+ size_t exp_len = 1024 * 1024;
+ const char *fname = "test_persistent_1M_file";
+
+ // create/truncate file.
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ ReadPatternEOF(handle, 0, 240, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close but do not delete file
+ storage_close_file(handle);
+}
+
+TEST_P(StorageServiceTest, CleanUpPersistent1M) {
+ int rc;
+ const char *fname = "test_persistent_1M_file";
+ rc = storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+ rc = (rc == -ENOENT) ? 0 : rc;
+ ASSERT_EQ(0, rc);
+}
+
+TEST_P(StorageServiceTest, WriteReadLong) {
+ int rc;
+ file_handle_t handle;
+ size_t wc = 10000;
+ const char *fname = "test_write_read_long";
+
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ test_buf_ = new uint32_t[wc];
+ fill_pattern32(test_buf_, wc * sizeof(uint32_t), 0);
+ rc = storage_write(handle, 0, test_buf_, wc * sizeof(uint32_t), STORAGE_OP_COMPLETE);
+ ASSERT_EQ((int)(wc * sizeof(uint32_t)), rc);
+
+ rc = storage_read(handle, 0, test_buf_, wc * sizeof(uint32_t));
+ ASSERT_EQ((int)(wc * sizeof(uint32_t)), rc);
+ ASSERT_TRUE(check_pattern32(test_buf_, wc * sizeof(uint32_t), 0));
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+// Negative tests
+
+TEST_P(StorageServiceTest, OpenInvalidFileName) {
+ int rc;
+ file_handle_t handle;
+ const char *fname1 = "";
+ const char *fname2 = "ffff$ffff";
+ const char *fname3 = "ffff\\ffff";
+ char max_name[STORAGE_MAX_NAME_LENGTH_BYTES+1];
+
+ rc = storage_open_file(session_, &handle, fname1,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ rc = storage_open_file(session_, &handle, fname2,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ rc = storage_open_file(session_, &handle, fname3,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ /* max name */
+ memset(max_name, 'a', sizeof(max_name));
+ max_name[sizeof(max_name)-1] = 0;
+
+ rc = storage_open_file(session_, &handle, max_name,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ max_name[sizeof(max_name)-2] = 0;
+ rc = storage_open_file(session_, &handle, max_name,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ storage_close_file(handle);
+ storage_delete_file(session_, max_name, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, BadFileHnadle) {
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle1;
+ const char *fname = "test_invalid_file_handle";
+
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ handle1 = handle + 1;
+
+ // write to invalid file handle
+ uint32_t val = 0xDEDBEEF;
+ rc = storage_write(handle1, 0, &val, sizeof(val), STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // read from invalid handle
+ rc = storage_read(handle1, 0, &val, sizeof(val));
+ ASSERT_EQ(-EINVAL, rc);
+
+ // set size
+ rc = storage_set_file_size(handle1, 0, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // get size
+ storage_off_t fsize = (storage_off_t)(-1);
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // close (there is no way to check errors here)
+ storage_close_file(handle1);
+
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, ClosedFileHnadle) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ const char *fname1 = "test_invalid_file_handle1";
+ const char *fname2 = "test_invalid_file_handle2";
+
+ rc = storage_open_file(session_, &handle1, fname1,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(session_, &handle2, fname2,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // close first file handle
+ storage_close_file(handle1);
+
+ // write to invalid file handle
+ uint32_t val = 0xDEDBEEF;
+ rc = storage_write(handle1, 0, &val, sizeof(val), STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // read from invalid handle
+ rc = storage_read(handle1, 0, &val, sizeof(val));
+ ASSERT_EQ(-EINVAL, rc);
+
+ // set size
+ rc = storage_set_file_size(handle1, 0, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // get size
+ storage_off_t fsize = (storage_off_t)(-1);
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // close (there is no way to check errors here)
+ storage_close_file(handle1);
+
+ // clean up
+ storage_close_file(handle2);
+ storage_delete_file(session_, fname1, STORAGE_OP_COMPLETE);
+ storage_delete_file(session_, fname2, STORAGE_OP_COMPLETE);
+}
+
+// Transactions
+
+TEST_P(StorageServiceTest, TransactDiscardInactive) {
+ int rc;
+
+ // discard current transaction (there should not be any)
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // try it again
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+}
+
+TEST_P(StorageServiceTest, TransactCommitInactive) {
+ int rc;
+
+ // try to commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // try it again
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+}
+
+TEST_P(StorageServiceTest, TransactDiscardWrite) {
+
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_discard_write";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // write (without commit)
+ WritePattern(handle, 0, exp_len, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // abort current transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // cleanup
+ storage_close_file( handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactDiscardWriteAppend) {
+
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_write_append";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data with commit
+ WritePattern(handle, 0, exp_len/2, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // write data without commit
+ WritePattern(handle, exp_len/2, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size (should be exp_len)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // discard transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check file size, it should be exp_len/2
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/2, fsize);
+
+ // check file data
+ ReadPatternEOF(handle, 0, blk, exp_len/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactDiscardWriteRead) {
+
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_discard_write_read";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // Fill with zeroes (with commit)
+ for (uint i = 0; i < 32; i++) {
+ WriteZeroChunk(handle, i * blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+ }
+
+ // check that test chunk is filled with zeroes
+ ReadChunk(handle, blk, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // write test pattern (without commit)
+ WritePattern(handle, blk, blk, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read it back an check pattern
+ ReadChunk(handle, blk, blk, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // abort current transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // read same chunk back (should be filled with zeros)
+ ReadChunk(handle, blk, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactDiscardWriteMany) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ size_t blk = 2048;
+ size_t exp_len1 = 32 * 1024;
+ size_t exp_len2 = 31 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname1 = "test_transact_discard_write_file1";
+ const char *fname2 = "test_transact_discard_write_file2";
+
+ // open create truncate (with commit)
+ rc = storage_open_file(session_, &handle1, fname1,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate (with commit)
+ rc = storage_open_file(session_, &handle2, fname2,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // file1: fill file with pattern (without commit)
+ WritePattern(handle1, 0, exp_len1, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // file2: fill file with pattern (without commit)
+ WritePattern(handle2, 0, exp_len2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size, it should be exp_len1
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len1, fsize);
+
+ // check file size, it should be exp_len2
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len2, fsize);
+
+ // commit transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check file size, it should be exp_len1
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // check file size, it should be exp_len2
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // check data
+ ReadPatternEOF(handle1, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPatternEOF(handle2, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_delete_file(session_, fname1, STORAGE_OP_COMPLETE);
+ storage_close_file(handle2);
+ storage_delete_file(session_, fname2, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactDiscardTruncate) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_discard_truncate";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // close file
+ storage_close_file(handle);
+
+ // open truncate file (without commit)
+ rc = storage_open_file(session_, &handle, fname, STORAGE_FILE_OPEN_TRUNCATE, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // abort current transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check file size (should be an oruginal size)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactDiscardSetSize) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_discard_set_size";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // set file size to half of original (no commit)
+ rc = storage_set_file_size(handle, (storage_off_t)exp_len/2, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/2, fsize);
+
+ // set file size to 1/3 of original (no commit)
+ rc = storage_set_file_size(handle, (storage_off_t)exp_len/3, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/3, fsize);
+
+ // abort current transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check file size (should be an original size)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactDiscardDelete) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_discard_delete";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close it
+ storage_close_file(handle);
+
+ // delete file (without commit)
+ rc = storage_delete_file(session_, fname, 0);
+ ASSERT_EQ(0, rc);
+
+ // try to open it (should fail)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // abort current transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // try to open it
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size (should be an original size)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactDiscardDelete2) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_discard_delete";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // delete file (without commit)
+ rc = storage_delete_file(session_, fname, 0);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle);
+
+ // try to open it (should fail)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // abort current transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // try to open it
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size (should be an original size)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactDiscardCreate) {
+ int rc;
+ file_handle_t handle;
+ const char *fname = "test_transact_discard_create_excl";
+
+ // delete test file just in case
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+
+ // create file (without commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ 0);
+ ASSERT_EQ(0, rc);
+
+ // abort current transaction
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactCommitWrites) {
+
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle_aux;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_commit_writes";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open the same file in aux session
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size, it should be 0
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // write data in primary session (without commit)
+ WritePattern(handle, 0, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // write more data in primary session (without commit)
+ WritePattern(handle, exp_len/2, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size in aux session, it should still be 0
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // check file size of aux session, should fail
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // abort transaction in aux session to recover
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check file size in aux session, it should be exp_len
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // check file size in primary session, it should be exp_len
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // check data in primary session
+ ReadPatternEOF(handle, 0, blk, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check data in aux session
+ ReadPatternEOF(handle_aux, 0, blk, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_close_file(handle_aux);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactCommitWrites2) {
+
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle_aux;
+ size_t blk = 2048;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_commit_writes2";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open the same file in separate session
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // discard transaction in aux_session
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // Fill with zeroes (with commit)
+ for (uint i = 0; i < 8; i++) {
+ WriteZeroChunk(handle, i * blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+ }
+
+ // check that test chunks are filled with zeroes
+ ReadChunk(handle, blk, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadChunk(handle, 2 * blk, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // write test pattern (without commit)
+ WritePattern(handle, blk, blk, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // write test pattern (without commit)
+ WritePattern(handle, 2 * blk, blk, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read it back and check pattern
+ ReadChunk(handle, blk, blk, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadChunk(handle, 2 * blk, blk, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // In aux session it still should be empty
+ ReadChunk(handle_aux, blk, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadChunk(handle_aux, 2 * blk, blk, blk, 0, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // read same chunks back in primary session
+ ReadChunk(handle, blk, blk, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadChunk(handle, 2 * blk, blk, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read same chunks back in aux session (should fail)
+ uint32_t val;
+ rc = storage_read(handle_aux, blk, &val, sizeof(val));
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_read(handle_aux, 2 * blk, &val, sizeof(val));
+ ASSERT_EQ(-EBUSY, rc);
+
+ // abort transaction in aux session
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // read same chunk again in aux session
+ ReadChunk(handle_aux, blk, blk, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadChunk(handle_aux, 2 * blk, blk, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+
+ // cleanup
+ storage_close_file(handle);
+ storage_close_file(handle_aux);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactCommitSetSize) {
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle_aux;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_commit_set_size";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open the same file in separate session
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // same in aux session
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // set file size to half of original (no commit)
+ rc = storage_set_file_size(handle, (storage_off_t)exp_len/2, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/2, fsize);
+
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // set file size to 1/3 of original (no commit)
+ rc = storage_set_file_size(handle, (storage_off_t)exp_len/3, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/3, fsize);
+
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // check file size (should be 1/3 of an original size)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/3, fsize);
+
+ // check file size from aux session
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // abort transaction in aux_session
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check again
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/3, fsize);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_close_file(handle_aux);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactCommitDelete) {
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle_aux;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ const char *fname = "test_transact_commit_delete";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close it
+ storage_close_file(handle);
+
+ // open the same file in separate session
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle_aux);
+
+ // delete file (without commit)
+ rc = storage_delete_file(session_, fname, 0);
+ ASSERT_EQ(0, rc);
+
+ // try to open it (should fail)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // open the same file in separate session (should be fine)
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+ storage_close_file(handle_aux);
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // try to open it in primary session (still fails)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // open the same file in aux session (should also fail)
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+}
+
+
+TEST_P(StorageServiceTest, TransactCommitTruncate) {
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle_aux;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_commit_truncate";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // close file
+ storage_close_file(handle);
+
+ // check from different session
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // open truncate file (without commit)
+ rc = storage_open_file(session_, &handle, fname, STORAGE_FILE_OPEN_TRUNCATE, 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // check file size (should be 0)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // check file size in aux session (should be -EBUSY)
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // abort transaction in aux session
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // check again
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_close_file(handle_aux);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactCommitCreate) {
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle_aux;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_commit_create";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // delete test file just in case
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+
+ // check from aux session
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // create file (without commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ 0);
+ ASSERT_EQ(0, rc);
+
+ // check file size
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // close file
+ storage_close_file(handle);
+
+ // check from aux session (should fail)
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // check open from normal session
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // check open from aux session (should succeed)
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // cleanup
+ storage_close_file(handle);
+ storage_close_file(handle_aux);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactCommitCreateMany) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ file_handle_t handle1_aux;
+ file_handle_t handle2_aux;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname1 = "test_transact_commit_create1";
+ const char *fname2 = "test_transact_commit_create2";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // delete test file just in case
+ storage_delete_file(session_, fname1, STORAGE_OP_COMPLETE);
+ storage_delete_file(session_, fname2, STORAGE_OP_COMPLETE);
+
+ // create file (without commit)
+ rc = storage_open_file(session_, &handle1, fname1,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ 0);
+ ASSERT_EQ(0, rc);
+
+ // create file (without commit)
+ rc = storage_open_file(session_, &handle2, fname2,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ 0);
+ ASSERT_EQ(0, rc);
+
+ // check file sizes
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // close files
+ storage_close_file(handle1);
+ storage_close_file(handle2);
+
+ // open files from aux session
+ rc = storage_open_file(aux_session_, &handle1_aux, fname1, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ rc = storage_open_file(aux_session_, &handle2_aux, fname2, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // open from primary session
+ rc = storage_open_file(session_, &handle1, fname1, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(session_, &handle2, fname2, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // open from aux session
+ rc = storage_open_file(aux_session_, &handle1_aux, fname1, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(aux_session_, &handle2_aux, fname2, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle1_aux);
+ storage_delete_file(session_, fname1, STORAGE_OP_COMPLETE);
+ storage_close_file(handle2);
+ storage_close_file(handle2_aux);
+ storage_delete_file(session_, fname2, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactCommitWriteMany) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ file_handle_t handle1_aux;
+ file_handle_t handle2_aux;
+ size_t blk = 2048;
+ size_t exp_len1 = 32 * 1024;
+ size_t exp_len2 = 31 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname1 = "test_transact_commit_write_file1";
+ const char *fname2 = "test_transact_commit_write_file2";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate (with commit)
+ rc = storage_open_file(session_, &handle1, fname1,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate (with commit)
+ rc = storage_open_file(session_, &handle2, fname2,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // open same files from aux session
+ rc = storage_open_file(aux_session_, &handle1_aux, fname1, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(aux_session_, &handle2_aux, fname2, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // file1: fill file with pattern (without commit)
+ WritePattern(handle1, 0, exp_len1, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // file2: fill file with pattern (without commit)
+ WritePattern(handle2, 0, exp_len2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size, it should be exp_len1
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len1, fsize);
+
+ // check file size, it should be exp_len2
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len2, fsize);
+
+ // check file sizes from aux session (should be 0)
+ rc = storage_get_file_size(handle1_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ rc = storage_get_file_size(handle2_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // commit transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // check file size, it should be exp_len1
+ rc = storage_get_file_size(handle1, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len1, fsize);
+
+ // check file size, it should be exp_len2
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len2, fsize);
+
+ // check from aux session (should be -EBUSY)
+ rc = storage_get_file_size(handle1_aux, &fsize);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // abort transaction in aux session
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // and check again
+ rc = storage_get_file_size(handle1_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len1, fsize);
+
+ rc = storage_get_file_size(handle2_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len2, fsize);
+
+ // check data
+ ReadPatternEOF(handle1, 0, blk, exp_len1);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPatternEOF(handle2, 0, blk, exp_len2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPatternEOF(handle1_aux, 0, blk, exp_len1);
+ ASSERT_FALSE(HasFatalFailure());
+
+ ReadPatternEOF(handle2_aux, 0, blk, exp_len2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle1_aux);
+ storage_delete_file(session_, fname1, STORAGE_OP_COMPLETE);
+ storage_close_file(handle2);
+ storage_close_file(handle2_aux);
+ storage_delete_file(session_, fname2, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactCommitDeleteCreate) {
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle_aux;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_delete_create";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, exp_len, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close it
+ storage_close_file(handle);
+
+ // delete file (without commit)
+ rc = storage_delete_file(session_, fname, 0);
+ ASSERT_EQ(0, rc);
+
+ // try to open it (should fail)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // try to open it in aux session (should succeed)
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // create file with the same name (no commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_CREATE_EXCLUSIVE,
+ 0);
+ ASSERT_EQ(0, rc);
+
+ // write half of data (with commit)
+ WritePattern(handle, 0, exp_len/2, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check file size (should be half)
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/2, fsize);
+
+ // commit transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // check data from primary session
+ ReadPatternEOF(handle, 0, blk, exp_len/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // check from aux session (should fail)
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // abort trunsaction in aux session
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // and try again (should still fail)
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // close file and reopen it again
+ storage_close_file(handle_aux);
+ rc = storage_open_file(aux_session_, &handle_aux, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // try it again (should succeed)
+ rc = storage_get_file_size(handle_aux, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/2, fsize);
+
+ // check data
+ ReadPatternEOF(handle_aux, 0, blk, exp_len/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_close_file(handle_aux);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, TransactRewriteExistingTruncate) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ const char *fname = "test_transact_rewrite_existing_truncate";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // close it
+ storage_close_file(handle);
+
+ // up
+ for (uint i = 1; i < 32; i++) {
+ // open truncate (no commit)
+ rc = storage_open_file(session_, &handle, fname, STORAGE_FILE_OPEN_TRUNCATE, 0);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, i * blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close
+ storage_close_file(handle);
+ }
+
+ // down
+ for (uint i = 1; i < 32; i++) {
+ // open truncate (no commit)
+ rc = storage_open_file(session_, &handle, fname, STORAGE_FILE_OPEN_TRUNCATE, 0);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, (32 - i) * blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close
+ storage_close_file(handle);
+ }
+
+ // cleanup
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactRewriteExistingSetSize) {
+ int rc;
+ file_handle_t handle;
+ size_t blk = 2048;
+ const char *fname = "test_transact_rewrite_existing_set_size";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // close it
+ storage_close_file(handle);
+
+ // up
+ for (uint i = 1; i < 32; i++) {
+ // open truncate (no commit)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, i * blk, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // update size (with commit)
+ rc = storage_set_file_size(handle, i * blk, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // close
+ storage_close_file(handle);
+ }
+
+ // down
+ for (uint i = 1; i < 32; i++) {
+ // open trancate (no commit)
+ rc = storage_open_file(session_, &handle, fname, 0, 0);
+ ASSERT_EQ(0, rc);
+
+ // write data (with commit)
+ WritePattern(handle, 0, (32 - i) * blk, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // update size (with commit)
+ rc = storage_set_file_size(handle, (32 - i) * blk, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // close
+ storage_close_file(handle);
+ }
+
+ // cleanup
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, TransactResumeAfterNonFatalError) {
+
+ int rc;
+ file_handle_t handle;
+ file_handle_t handle1;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_resume_writes";
+
+ // open create truncate file (with commit)
+ rc = storage_open_file(session_, &handle, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // write (without commit)
+ WritePattern(handle, 0, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // issue some commands that should fail with non-fatal errors
+
+ // write past end of file
+ uint32_t val = 0xDEDBEEF;
+ rc = storage_write(handle, exp_len/2 + 1, &val, sizeof(val), 0);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // read past end of file
+ rc = storage_read(handle, exp_len/2 + 1, &val, sizeof(val));
+ ASSERT_EQ(-EINVAL, rc);
+
+ // try to extend file past end of file
+ rc = storage_set_file_size(handle, exp_len/2 + 1, 0);
+ ASSERT_EQ(-EINVAL, rc);
+
+ // open non existing file
+ rc = storage_open_file(session_, &handle1, "foo",
+ STORAGE_FILE_OPEN_TRUNCATE, STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // delete non-existing file
+ rc = storage_delete_file(session_, "foo", STORAGE_OP_COMPLETE);
+ ASSERT_EQ(-ENOENT, rc);
+
+ // then resume writinga (without commit)
+ WritePattern(handle, exp_len/2, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // commit current transaction
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // check file size, it should be exp_len
+ rc = storage_get_file_size(handle, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // check data
+ ReadPatternEOF(handle, 0, blk, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle);
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+// Transaction Collisions
+
+TEST_P(StorageServiceTest, Transact2_WriteNC) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ size_t blk = 2048;
+ const char *fname1 = "test_transact_f1";
+ const char *fname2 = "test_transact_f2";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(session_, &handle1, fname1,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(aux_session_, &handle2, fname2,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // session 1
+ WritePattern(handle1, 0, blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read it back
+ ReadPatternEOF(handle1, 0, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // session 2
+ WritePattern(handle2, 0, blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read it back
+ ReadPatternEOF(handle2, 0, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle2);
+
+ storage_delete_file(session_, fname1, STORAGE_OP_COMPLETE);
+ storage_delete_file(aux_session_, fname2, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, Transact2_DeleteNC) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ size_t blk = 2048;
+ const char *fname1 = "test_transact_delete_f1";
+ const char *fname2 = "test_transact_delete_f2";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(session_, &handle1, fname1,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_open_file(aux_session_, &handle2, fname2,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // session 1
+ WritePattern(handle1, 0, blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read it back
+ ReadPatternEOF(handle1, 0, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // session 2
+ WritePattern(handle2, 0, blk, blk, true);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // read it back
+ ReadPatternEOF(handle2, 0, blk, blk);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // close files and delete them
+ storage_close_file(handle1);
+ storage_delete_file(session_, fname1, 0);
+
+ storage_close_file(handle2);
+ storage_delete_file(aux_session_, fname2, 0);
+
+ // commit
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ rc = storage_end_transaction(aux_session_, true);
+ ASSERT_EQ(0, rc);
+}
+
+
+TEST_P(StorageServiceTest, Transact2_Write_Read) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_writeRead";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // S1: open create truncate file
+ rc = storage_open_file(session_, &handle1, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S2: open the same file
+ rc = storage_open_file(aux_session_, &handle2, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S1: write (no commit)
+ WritePattern(handle1, 0, exp_len, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S1: read it back
+ ReadPatternEOF(handle1, 0, blk, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S2: check file size, it should be 0
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // S2: read it back (should no data)
+ ReadPatternEOF(handle2, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S1: commit
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // S2: check file size, it should fail
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // S2: abort transaction
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // S2: check file size again, it should be exp_len
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // S2: read it again (should be exp_len)
+ ReadPatternEOF(handle2, 0, blk, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle2);
+
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, Transact2_Write_Write_Commit_Commit) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ file_handle_t handle3;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_write_write_commit_commit";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // S1: open create truncate file
+ rc = storage_open_file(session_, &handle1, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S2: open the same file
+ rc = storage_open_file(aux_session_, &handle2, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S1: write (no commit)
+ WritePattern(handle1, 0, exp_len, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S2: write (no commit)
+ WritePattern(handle2, 0, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S1: commit
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // S2: read/write/get/set size/delete (all should fail)
+ uint32_t val = 0;
+ rc = storage_read(handle2, 0, &val, sizeof(val));
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_write(handle2, 0, &val, sizeof(val), 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_set_file_size(handle2, fsize, 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_delete_file(aux_session_, fname, 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_open_file(aux_session_, &handle3, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE, 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // S2: commit (should fail, and failed state should be cleared)
+ rc = storage_end_transaction(aux_session_, true);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // S2: check file size, it should be exp_len
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // S2: read it again (should be exp_len)
+ ReadPatternEOF(handle2, 0, blk, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle2);
+
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, Transact2_Write_Write_Commit_Discard) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ file_handle_t handle3;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_write_write_commit_discard";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // S1: open create truncate file
+ rc = storage_open_file(session_, &handle1, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S2: open the same file
+ rc = storage_open_file(aux_session_, &handle2, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S1: write (no commit)
+ WritePattern(handle1, 0, exp_len, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S2: write (no commit)
+ WritePattern(handle2, 0, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S1: commit
+ rc = storage_end_transaction(session_, true);
+ ASSERT_EQ(0, rc);
+
+ // S2: read/write/get/set size/delete (all should fail)
+ uint32_t val = 0;
+ rc = storage_read(handle2, 0, &val, sizeof(val));
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_write(handle2, 0, &val, sizeof(val), 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_set_file_size(handle2, fsize, 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_delete_file(aux_session_, fname, 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ rc = storage_open_file(aux_session_, &handle3, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE, 0);
+ ASSERT_EQ(-EBUSY, rc);
+
+ // S2: discard (should fail, and failed state should be cleared)
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // S2: check file size, it should be exp_len
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len, fsize);
+
+ // S2: read it again (should be exp_len)
+ ReadPatternEOF(handle2, 0, blk, exp_len);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle2);
+
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+TEST_P(StorageServiceTest, Transact2_Write_Write_Discard_Commit) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_write_write_discard_commit";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // S1: open create truncate file
+ rc = storage_open_file(session_, &handle1, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S2: open the same file
+ rc = storage_open_file(aux_session_, &handle2, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S1: write (no commit)
+ WritePattern(handle1, 0, exp_len, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S2: write (no commit)
+ WritePattern(handle2, 0, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S1: discard
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // S2: commit (should succeed)
+ rc = storage_end_transaction(aux_session_, true);
+ ASSERT_EQ(0, rc);
+
+ // S2: check file size, it should be exp_len
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)exp_len/2, fsize);
+
+ // S2: read it again (should be exp_len)
+ ReadPatternEOF(handle2, 0, blk, exp_len/2);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle2);
+
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
+
+TEST_P(StorageServiceTest, Transact2_Write_Write_Discard_Discard) {
+ int rc;
+ file_handle_t handle1;
+ file_handle_t handle2;
+ size_t blk = 2048;
+ size_t exp_len = 32 * 1024;
+ storage_off_t fsize = (storage_off_t)(-1);
+ const char *fname = "test_transact_write_write_discard_Discard";
+
+ // open second session
+ rc = storage_open_session(TRUSTY_DEVICE_NAME, &aux_session_, port_);
+ ASSERT_EQ(0, rc);
+
+ // S1: open create truncate file
+ rc = storage_open_file(session_, &handle1, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S2: open the same file
+ rc = storage_open_file(aux_session_, &handle2, fname,
+ STORAGE_FILE_OPEN_CREATE | STORAGE_FILE_OPEN_TRUNCATE,
+ STORAGE_OP_COMPLETE);
+ ASSERT_EQ(0, rc);
+
+ // S1: write (no commit)
+ WritePattern(handle1, 0, exp_len, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S2: write (no commit)
+ WritePattern(handle2, 0, exp_len/2, blk, false);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // S1: discard
+ rc = storage_end_transaction(session_, false);
+ ASSERT_EQ(0, rc);
+
+ // S2: discard
+ rc = storage_end_transaction(aux_session_, false);
+ ASSERT_EQ(0, rc);
+
+ // S2: check file size, it should be 0
+ rc = storage_get_file_size(handle2, &fsize);
+ ASSERT_EQ(0, rc);
+ ASSERT_EQ((storage_off_t)0, fsize);
+
+ // S2: read it again (should be 0)
+ ReadPatternEOF(handle2, 0, blk, 0);
+ ASSERT_FALSE(HasFatalFailure());
+
+ // cleanup
+ storage_close_file(handle1);
+ storage_close_file(handle2);
+
+ storage_delete_file(session_, fname, STORAGE_OP_COMPLETE);
+}
+
diff --git a/trusty/trusty-base.mk b/trusty/trusty-base.mk
new file mode 100644
index 0000000..9c3a7df
--- /dev/null
+++ b/trusty/trusty-base.mk
@@ -0,0 +1,28 @@
+#
+# Copyright (C) 2016 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# This makefile should be included by devices that use Trusty TEE
+# to pull in the baseline set of Trusty specific modules.
+#
+
+PRODUCT_PACKAGES += \
+ keystore.trusty \
+ gatekeeper.trusty
+
+PRODUCT_PROPERTY_OVERRIDES += \
+ ro.hardware.keystore=trusty \
+ ro.hardware.gatekeeper=trusty
diff --git a/trusty/trusty-storage.mk b/trusty/trusty-storage.mk
new file mode 100644
index 0000000..3f26316
--- /dev/null
+++ b/trusty/trusty-storage.mk
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2015 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+PRODUCT_PACKAGES += \
+ storageproxyd \