Merge "dmabuf_dump: Change the default view to per-process stats"
diff --git a/adb/Android.bp b/adb/Android.bp
index 114eb2a..b6aff3e 100644
--- a/adb/Android.bp
+++ b/adb/Android.bp
@@ -344,6 +344,7 @@
generated_headers: ["platform_tools_version"],
static_libs: [
+ "libadbconnection_server",
"libdiagnose_usb",
],
@@ -395,6 +396,7 @@
],
static_libs: [
+ "libadbconnection_server",
"libadbd_core",
"libdiagnose_usb",
],
@@ -531,6 +533,7 @@
},
static_libs: [
+ "libadbconnection_server",
"libadbd",
"libadbd_services",
"libasyncio",
diff --git a/adb/daemon/include/adbd/usb.h b/adb/daemon/include/adbd/usb.h
index fca3c58..2204246 100644
--- a/adb/daemon/include/adbd/usb.h
+++ b/adb/daemon/include/adbd/usb.h
@@ -16,6 +16,8 @@
* limitations under the License.
*/
+#include <linux/usb/functionfs.h>
+
#include <atomic>
#include <condition_variable>
#include <mutex>
diff --git a/adb/daemon/jdwp_service.cpp b/adb/daemon/jdwp_service.cpp
index cd9b669..b92a7de 100644
--- a/adb/daemon/jdwp_service.cpp
+++ b/adb/daemon/jdwp_service.cpp
@@ -30,15 +30,21 @@
#include <list>
#include <memory>
+#include <thread>
#include <vector>
+#include <adbconnection/server.h>
#include <android-base/cmsg.h>
+#include <android-base/unique_fd.h>
#include "adb.h"
#include "adb_io.h"
#include "adb_unique_fd.h"
#include "adb_utils.h"
+using android::base::borrowed_fd;
+using android::base::unique_fd;
+
/* here's how these things work.
when adbd starts, it creates a unix server socket
@@ -133,16 +139,16 @@
static auto& _jdwp_list = *new std::list<std::unique_ptr<JdwpProcess>>();
struct JdwpProcess {
- explicit JdwpProcess(int socket) {
+ JdwpProcess(unique_fd socket, pid_t pid) {
+ CHECK(pid != 0);
+
this->socket = socket;
- this->fde = fdevent_create(socket, jdwp_process_event, this);
+ this->pid = pid;
+ this->fde = fdevent_create(socket.release(), jdwp_process_event, this);
if (!this->fde) {
LOG(FATAL) << "could not create fdevent for new JDWP process";
}
-
- /* start by waiting for the PID */
- fdevent_add(this->fde, FDE_READ);
}
~JdwpProcess() {
@@ -160,18 +166,12 @@
}
void RemoveFromList() {
- if (this->pid >= 0) {
- D("removing pid %d from jdwp process list", this->pid);
- } else {
- D("removing transient JdwpProcess from list");
- }
-
auto pred = [this](const auto& proc) { return proc.get() == this; };
_jdwp_list.remove_if(pred);
}
+ borrowed_fd socket = -1;
int32_t pid = -1;
- int socket = -1;
fdevent* fde = nullptr;
std::vector<unique_fd> out_fds;
@@ -181,11 +181,6 @@
std::string temp;
for (auto& proc : _jdwp_list) {
- /* skip transient connections */
- if (proc->pid < 0) {
- continue;
- }
-
std::string next = std::to_string(proc->pid) + "\n";
if (temp.length() + next.length() > bufferlen) {
D("truncating JDWP process list (max len = %zu)", bufferlen);
@@ -214,24 +209,12 @@
static void jdwp_process_event(int socket, unsigned events, void* _proc) {
JdwpProcess* proc = reinterpret_cast<JdwpProcess*>(_proc);
- CHECK_EQ(socket, proc->socket);
+ CHECK_EQ(socket, proc->socket.get());
if (events & FDE_READ) {
- if (proc->pid < 0) {
- ssize_t rc = TEMP_FAILURE_RETRY(recv(socket, &proc->pid, sizeof(proc->pid), 0));
- if (rc != sizeof(proc->pid)) {
- D("failed to read jdwp pid: rc = %zd, errno = %s", rc, strerror(errno));
- goto CloseProcess;
- }
-
- /* all is well, keep reading to detect connection closure */
- D("Adding pid %d to jdwp process list", proc->pid);
- jdwp_process_list_updated();
- } else {
- // We already have the PID, if we can read from the socket, we've probably hit EOF.
- D("terminating JDWP connection %d", proc->pid);
- goto CloseProcess;
- }
+ // We already have the PID, if we can read from the socket, we've probably hit EOF.
+ D("terminating JDWP connection %d", proc->pid);
+ goto CloseProcess;
}
if (events & FDE_WRITE) {
@@ -284,98 +267,6 @@
return unique_fd{};
}
-/** VM DEBUG CONTROL SOCKET
- **
- ** we do implement a custom asocket to receive the data
- **/
-
-/* name of the debug control Unix socket */
-#define JDWP_CONTROL_NAME "\0jdwp-control"
-#define JDWP_CONTROL_NAME_LEN (sizeof(JDWP_CONTROL_NAME) - 1)
-
-struct JdwpControl {
- int listen_socket;
- fdevent* fde;
-};
-
-static JdwpControl _jdwp_control;
-
-static void jdwp_control_event(int s, unsigned events, void* user);
-
-static int jdwp_control_init(JdwpControl* control, const char* sockname, int socknamelen) {
- sockaddr_un addr;
- socklen_t addrlen;
- int maxpath = sizeof(addr.sun_path);
- int pathlen = socknamelen;
-
- if (pathlen >= maxpath) {
- D("vm debug control socket name too long (%d extra chars)", pathlen + 1 - maxpath);
- return -1;
- }
-
- memset(&addr, 0, sizeof(addr));
- addr.sun_family = AF_UNIX;
- memcpy(addr.sun_path, sockname, socknamelen);
-
- unique_fd s(socket(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0));
- if (s < 0) {
- D("could not create vm debug control socket. %d: %s", errno, strerror(errno));
- return -1;
- }
-
- addrlen = pathlen + sizeof(addr.sun_family);
-
- if (bind(s.get(), reinterpret_cast<sockaddr*>(&addr), addrlen) < 0) {
- D("could not bind vm debug control socket: %d: %s", errno, strerror(errno));
- return -1;
- }
-
- if (listen(s.get(), 4) < 0) {
- D("listen failed in jdwp control socket: %d: %s", errno, strerror(errno));
- return -1;
- }
-
- control->listen_socket = s.release();
- control->fde = fdevent_create(control->listen_socket, jdwp_control_event, control);
- if (control->fde == nullptr) {
- D("could not create fdevent for jdwp control socket");
- return -1;
- }
-
- /* only wait for incoming connections */
- fdevent_add(control->fde, FDE_READ);
-
- D("jdwp control socket started (%d)", control->listen_socket);
- return 0;
-}
-
-static void jdwp_control_event(int fd, unsigned events, void* _control) {
- JdwpControl* control = (JdwpControl*)_control;
-
- CHECK_EQ(fd, control->listen_socket);
- if (events & FDE_READ) {
- int s = adb_socket_accept(control->listen_socket, nullptr, nullptr);
- if (s < 0) {
- if (errno == ECONNABORTED) {
- /* oops, the JDWP process died really quick */
- D("oops, the JDWP process died really quick");
- return;
- } else {
- /* the socket is probably closed ? */
- D("weird accept() failed on jdwp control socket: %s", strerror(errno));
- return;
- }
- }
-
- auto proc = std::make_unique<JdwpProcess>(s);
- if (!proc) {
- LOG(FATAL) << "failed to allocate JdwpProcess";
- }
-
- _jdwp_list.emplace_back(std::move(proc));
- }
-}
-
/** "jdwp" local service implementation
** this simply returns the list of known JDWP process pids
**/
@@ -526,7 +417,22 @@
}
int init_jdwp(void) {
- return jdwp_control_init(&_jdwp_control, JDWP_CONTROL_NAME, JDWP_CONTROL_NAME_LEN);
+ std::thread([]() {
+ adb_thread_setname("jdwp control");
+ adbconnection_listen([](int fd, pid_t pid) {
+ LOG(INFO) << "jdwp connection from " << pid;
+ fdevent_run_on_main_thread([fd, pid] {
+ unique_fd ufd(fd);
+ auto proc = std::make_unique<JdwpProcess>(std::move(ufd), pid);
+ if (!proc) {
+ LOG(FATAL) << "failed to allocate JdwpProcess";
+ }
+ _jdwp_list.emplace_back(std::move(proc));
+ jdwp_process_list_updated();
+ });
+ });
+ }).detach();
+ return 0;
}
#endif /* !ADB_HOST */
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index 2a9a9d0..259f800 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -908,7 +908,7 @@
public:
CheckpointManager(int needs_checkpoint = -1) : needs_checkpoint_(needs_checkpoint) {}
- bool Update(FstabEntry* entry) {
+ bool Update(FstabEntry* entry, const std::string& block_device = std::string()) {
if (!entry->fs_mgr_flags.checkpoint_blk && !entry->fs_mgr_flags.checkpoint_fs) {
return true;
}
@@ -927,7 +927,7 @@
return true;
}
- if (!UpdateCheckpointPartition(entry)) {
+ if (!UpdateCheckpointPartition(entry, block_device)) {
LERROR << "Could not set up checkpoint partition, skipping!";
return false;
}
@@ -957,7 +957,7 @@
}
private:
- bool UpdateCheckpointPartition(FstabEntry* entry) {
+ bool UpdateCheckpointPartition(FstabEntry* entry, const std::string& block_device) {
if (entry->fs_mgr_flags.checkpoint_fs) {
if (is_f2fs(entry->fs_type)) {
entry->fs_options += ",checkpoint=disable";
@@ -965,39 +965,43 @@
LERROR << entry->fs_type << " does not implement checkpoints.";
}
} else if (entry->fs_mgr_flags.checkpoint_blk) {
- unique_fd fd(TEMP_FAILURE_RETRY(open(entry->blk_device.c_str(), O_RDONLY | O_CLOEXEC)));
- if (fd < 0) {
- PERROR << "Cannot open device " << entry->blk_device;
- return false;
- }
+ auto actual_block_device = block_device.empty() ? entry->blk_device : block_device;
+ if (fs_mgr_find_bow_device(actual_block_device).empty()) {
+ unique_fd fd(
+ TEMP_FAILURE_RETRY(open(entry->blk_device.c_str(), O_RDONLY | O_CLOEXEC)));
+ if (fd < 0) {
+ PERROR << "Cannot open device " << entry->blk_device;
+ return false;
+ }
- uint64_t size = get_block_device_size(fd) / 512;
- if (!size) {
- PERROR << "Cannot get device size";
- return false;
- }
+ uint64_t size = get_block_device_size(fd) / 512;
+ if (!size) {
+ PERROR << "Cannot get device size";
+ return false;
+ }
- android::dm::DmTable table;
- if (!table.AddTarget(
- std::make_unique<android::dm::DmTargetBow>(0, size, entry->blk_device))) {
- LERROR << "Failed to add bow target";
- return false;
- }
+ android::dm::DmTable table;
+ if (!table.AddTarget(std::make_unique<android::dm::DmTargetBow>(
+ 0, size, entry->blk_device))) {
+ LERROR << "Failed to add bow target";
+ return false;
+ }
- DeviceMapper& dm = DeviceMapper::Instance();
- if (!dm.CreateDevice("bow", table)) {
- PERROR << "Failed to create bow device";
- return false;
- }
+ DeviceMapper& dm = DeviceMapper::Instance();
+ if (!dm.CreateDevice("bow", table)) {
+ PERROR << "Failed to create bow device";
+ return false;
+ }
- std::string name;
- if (!dm.GetDmDevicePathByName("bow", &name)) {
- PERROR << "Failed to get bow device name";
- return false;
- }
+ std::string name;
+ if (!dm.GetDmDevicePathByName("bow", &name)) {
+ PERROR << "Failed to get bow device name";
+ return false;
+ }
- device_map_[name] = entry->blk_device;
- entry->blk_device = name;
+ device_map_[name] = entry->blk_device;
+ entry->blk_device = name;
+ }
}
return true;
}
@@ -1007,6 +1011,50 @@
std::map<std::string, std::string> device_map_;
};
+std::string fs_mgr_find_bow_device(const std::string& block_device) {
+ if (block_device.substr(0, 5) != "/dev/") {
+ LOG(ERROR) << "Expected block device, got " << block_device;
+ return std::string();
+ }
+
+ std::string sys_dir = std::string("/sys/") + block_device.substr(5);
+
+ for (;;) {
+ std::string name;
+ if (!android::base::ReadFileToString(sys_dir + "/dm/name", &name)) {
+ PLOG(ERROR) << block_device << " is not dm device";
+ return std::string();
+ }
+
+ if (name == "bow\n") return sys_dir;
+
+ std::string slaves = sys_dir + "/slaves";
+ std::unique_ptr<DIR, decltype(&closedir)> directory(opendir(slaves.c_str()), closedir);
+ if (!directory) {
+ PLOG(ERROR) << "Can't open slave directory " << slaves;
+ return std::string();
+ }
+
+ int count = 0;
+ for (dirent* entry = readdir(directory.get()); entry; entry = readdir(directory.get())) {
+ if (entry->d_type != DT_LNK) continue;
+
+ if (count == 1) {
+ LOG(ERROR) << "Too many slaves in " << slaves;
+ return std::string();
+ }
+
+ ++count;
+ sys_dir = std::string("/sys/block/") + entry->d_name;
+ }
+
+ if (count != 1) {
+ LOG(ERROR) << "No slave in " << slaves;
+ return std::string();
+ }
+ }
+}
+
static bool IsMountPointMounted(const std::string& mount_point) {
// Check if this is already mounted.
Fstab fstab;
@@ -1144,7 +1192,8 @@
}
encryptable = status;
if (status == FS_MGR_MNTALL_DEV_NEEDS_METADATA_ENCRYPTION) {
- if (!call_vdc({"cryptfs", "encryptFstab", attempted_entry.mount_point})) {
+ if (!call_vdc({"cryptfs", "encryptFstab", attempted_entry.blk_device,
+ attempted_entry.mount_point})) {
LERROR << "Encryption failed";
return FS_MGR_MNTALL_FAIL;
}
@@ -1215,7 +1264,8 @@
encryptable = FS_MGR_MNTALL_DEV_MIGHT_BE_ENCRYPTED;
} else if (mount_errno != EBUSY && mount_errno != EACCES &&
should_use_metadata_encryption(attempted_entry)) {
- if (!call_vdc({"cryptfs", "mountFstab", attempted_entry.mount_point})) {
+ if (!call_vdc({"cryptfs", "mountFstab", attempted_entry.blk_device,
+ attempted_entry.mount_point})) {
++error_count;
}
encryptable = FS_MGR_MNTALL_DEV_IS_METADATA_ENCRYPTED;
@@ -1345,7 +1395,7 @@
}
}
- if (!checkpoint_manager.Update(&fstab_entry)) {
+ if (!checkpoint_manager.Update(&fstab_entry, n_blk_device)) {
LERROR << "Could not set up checkpoint partition, skipping!";
continue;
}
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index 88b2f8f..bdec7be 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -104,3 +104,7 @@
// fs_mgr_umount_all() is the reverse of fs_mgr_mount_all. In particular,
// it destroys verity devices from device mapper after the device is unmounted.
int fs_mgr_umount_all(android::fs_mgr::Fstab* fstab);
+
+// Finds the dm_bow device on which this block device is stacked, or returns
+// empty string
+std::string fs_mgr_find_bow_device(const std::string& block_device);
diff --git a/gatekeeperd/Android.bp b/gatekeeperd/Android.bp
index 2b7db79..778e08c 100644
--- a/gatekeeperd/Android.bp
+++ b/gatekeeperd/Android.bp
@@ -23,8 +23,6 @@
"-Wunused",
],
srcs: [
- "SoftGateKeeperDevice.cpp",
- "IGateKeeperService.cpp",
"gatekeeperd.cpp",
],
@@ -43,9 +41,44 @@
"libhidltransport",
"libhwbinder",
"android.hardware.gatekeeper@1.0",
+ "libgatekeeper_aidl",
],
static_libs: ["libscrypt_static"],
include_dirs: ["external/scrypt/lib/crypto"],
init_rc: ["gatekeeperd.rc"],
}
+
+filegroup {
+ name: "gatekeeper_aidl",
+ srcs: [
+ "binder/android/service/gatekeeper/IGateKeeperService.aidl",
+ ],
+ path: "binder",
+}
+
+cc_library_shared {
+ name: "libgatekeeper_aidl",
+ srcs: [
+ ":gatekeeper_aidl",
+ "GateKeeperResponse.cpp",
+ ],
+ aidl: {
+ export_aidl_headers: true,
+ include_dirs: [
+ "system/core/gatekeeperd/binder",
+ "frameworks/base/core/java/",
+ ],
+ },
+ export_include_dirs: ["include"],
+ shared_libs: [
+ "libbase",
+ "libbinder",
+ "libcutils",
+ "liblog",
+ "libutils",
+ ],
+ export_shared_lib_headers: [
+ "libbinder",
+ ],
+}
diff --git a/gatekeeperd/GateKeeperResponse.cpp b/gatekeeperd/GateKeeperResponse.cpp
new file mode 100644
index 0000000..ca0c98f
--- /dev/null
+++ b/gatekeeperd/GateKeeperResponse.cpp
@@ -0,0 +1,83 @@
+/*
+**
+** Copyright 2019, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+** http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#define LOG_TAG "gatekeeperd"
+
+#include <gatekeeper/GateKeeperResponse.h>
+
+#include <binder/Parcel.h>
+
+#include <android-base/logging.h>
+
+namespace android {
+namespace service {
+namespace gatekeeper {
+
+status_t GateKeeperResponse::readFromParcel(const Parcel* in) {
+ if (in == nullptr) {
+ LOG(ERROR) << "readFromParcel got null in parameter";
+ return BAD_VALUE;
+ }
+ timeout_ = 0;
+ should_reenroll_ = false;
+ payload_ = {};
+ response_code_ = ResponseCode(in->readInt32());
+ if (response_code_ == ResponseCode::OK) {
+ should_reenroll_ = in->readInt32();
+ ssize_t length = in->readInt32();
+ if (length > 0) {
+ length = in->readInt32();
+ const uint8_t* buf = reinterpret_cast<const uint8_t*>(in->readInplace(length));
+ if (buf == nullptr) {
+ LOG(ERROR) << "readInplace returned null buffer for length " << length;
+ return BAD_VALUE;
+ }
+ payload_.resize(length);
+ std::copy(buf, buf + length, payload_.data());
+ }
+ } else if (response_code_ == ResponseCode::RETRY) {
+ timeout_ = in->readInt32();
+ }
+ return NO_ERROR;
+}
+status_t GateKeeperResponse::writeToParcel(Parcel* out) const {
+ if (out == nullptr) {
+ LOG(ERROR) << "writeToParcel got null out parameter";
+ return BAD_VALUE;
+ }
+ out->writeInt32(int32_t(response_code_));
+ if (response_code_ == ResponseCode::OK) {
+ out->writeInt32(should_reenroll_);
+ out->writeInt32(payload_.size());
+ if (payload_.size() != 0) {
+ out->writeInt32(payload_.size());
+ uint8_t* buf = reinterpret_cast<uint8_t*>(out->writeInplace(payload_.size()));
+ if (buf == nullptr) {
+ LOG(ERROR) << "writeInplace returned null buffer for length " << payload_.size();
+ return BAD_VALUE;
+ }
+ std::copy(payload_.begin(), payload_.end(), buf);
+ }
+ } else if (response_code_ == ResponseCode::RETRY) {
+ out->writeInt32(timeout_);
+ }
+ return NO_ERROR;
+}
+
+} // namespace gatekeeper
+} // namespace service
+} // namespace android
diff --git a/gatekeeperd/IGateKeeperService.cpp b/gatekeeperd/IGateKeeperService.cpp
deleted file mode 100644
index 43d5708..0000000
--- a/gatekeeperd/IGateKeeperService.cpp
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * Copyright 2015, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-*/
-
-#define LOG_TAG "GateKeeperService"
-#include <utils/Log.h>
-
-#include "IGateKeeperService.h"
-
-namespace android {
-
-const android::String16 IGateKeeperService::descriptor("android.service.gatekeeper.IGateKeeperService");
-const android::String16& IGateKeeperService::getInterfaceDescriptor() const {
- return IGateKeeperService::descriptor;
-}
-
-status_t BnGateKeeperService::onTransact(
- uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) {
- switch(code) {
- case ENROLL: {
- CHECK_INTERFACE(IGateKeeperService, data, reply);
- uint32_t uid = data.readInt32();
-
- ssize_t currentPasswordHandleSize = data.readInt32();
- const uint8_t *currentPasswordHandle =
- static_cast<const uint8_t *>(data.readInplace(currentPasswordHandleSize));
- if (!currentPasswordHandle) currentPasswordHandleSize = 0;
-
- ssize_t currentPasswordSize = data.readInt32();
- const uint8_t *currentPassword =
- static_cast<const uint8_t *>(data.readInplace(currentPasswordSize));
- if (!currentPassword) currentPasswordSize = 0;
-
- ssize_t desiredPasswordSize = data.readInt32();
- const uint8_t *desiredPassword =
- static_cast<const uint8_t *>(data.readInplace(desiredPasswordSize));
- if (!desiredPassword) desiredPasswordSize = 0;
-
- uint8_t *out = NULL;
- uint32_t outSize = 0;
- int ret = enroll(uid, currentPasswordHandle, currentPasswordHandleSize,
- currentPassword, currentPasswordSize, desiredPassword,
- desiredPasswordSize, &out, &outSize);
-
- reply->writeNoException();
- reply->writeInt32(1);
- if (ret == 0 && outSize > 0 && out != NULL) {
- reply->writeInt32(GATEKEEPER_RESPONSE_OK);
- reply->writeInt32(0);
- reply->writeInt32(outSize);
- reply->writeInt32(outSize);
- void *buf = reply->writeInplace(outSize);
- memcpy(buf, out, outSize);
- delete[] out;
- } else if (ret > 0) {
- reply->writeInt32(GATEKEEPER_RESPONSE_RETRY);
- reply->writeInt32(ret);
- } else {
- reply->writeInt32(GATEKEEPER_RESPONSE_ERROR);
- }
- return OK;
- }
- case VERIFY: {
- CHECK_INTERFACE(IGateKeeperService, data, reply);
- uint32_t uid = data.readInt32();
- ssize_t currentPasswordHandleSize = data.readInt32();
- const uint8_t *currentPasswordHandle =
- static_cast<const uint8_t *>(data.readInplace(currentPasswordHandleSize));
- if (!currentPasswordHandle) currentPasswordHandleSize = 0;
-
- ssize_t currentPasswordSize = data.readInt32();
- const uint8_t *currentPassword =
- static_cast<const uint8_t *>(data.readInplace(currentPasswordSize));
- if (!currentPassword) currentPasswordSize = 0;
-
- bool request_reenroll = false;
- int ret = verify(uid, (uint8_t *) currentPasswordHandle,
- currentPasswordHandleSize, (uint8_t *) currentPassword, currentPasswordSize,
- &request_reenroll);
-
- reply->writeNoException();
- reply->writeInt32(1);
- if (ret == 0) {
- reply->writeInt32(GATEKEEPER_RESPONSE_OK);
- reply->writeInt32(request_reenroll ? 1 : 0);
- reply->writeInt32(0); // no payload returned from this call
- } else if (ret > 0) {
- reply->writeInt32(GATEKEEPER_RESPONSE_RETRY);
- reply->writeInt32(ret);
- } else {
- reply->writeInt32(GATEKEEPER_RESPONSE_ERROR);
- }
- return OK;
- }
- case VERIFY_CHALLENGE: {
- CHECK_INTERFACE(IGateKeeperService, data, reply);
- uint32_t uid = data.readInt32();
- uint64_t challenge = data.readInt64();
- ssize_t currentPasswordHandleSize = data.readInt32();
- const uint8_t *currentPasswordHandle =
- static_cast<const uint8_t *>(data.readInplace(currentPasswordHandleSize));
- if (!currentPasswordHandle) currentPasswordHandleSize = 0;
-
- ssize_t currentPasswordSize = data.readInt32();
- const uint8_t *currentPassword =
- static_cast<const uint8_t *>(data.readInplace(currentPasswordSize));
- if (!currentPassword) currentPasswordSize = 0;
-
-
- uint8_t *out = NULL;
- uint32_t outSize = 0;
- bool request_reenroll = false;
- int ret = verifyChallenge(uid, challenge, (uint8_t *) currentPasswordHandle,
- currentPasswordHandleSize, (uint8_t *) currentPassword, currentPasswordSize,
- &out, &outSize, &request_reenroll);
- reply->writeNoException();
- reply->writeInt32(1);
- if (ret == 0 && outSize > 0 && out != NULL) {
- reply->writeInt32(GATEKEEPER_RESPONSE_OK);
- reply->writeInt32(request_reenroll ? 1 : 0);
- reply->writeInt32(outSize);
- reply->writeInt32(outSize);
- void *buf = reply->writeInplace(outSize);
- memcpy(buf, out, outSize);
- delete[] out;
- } else if (ret > 0) {
- reply->writeInt32(GATEKEEPER_RESPONSE_RETRY);
- reply->writeInt32(ret);
- } else {
- reply->writeInt32(GATEKEEPER_RESPONSE_ERROR);
- }
- return OK;
- }
- case GET_SECURE_USER_ID: {
- CHECK_INTERFACE(IGateKeeperService, data, reply);
- uint32_t uid = data.readInt32();
- uint64_t sid = getSecureUserId(uid);
- reply->writeNoException();
- reply->writeInt64(sid);
- return OK;
- }
- case CLEAR_SECURE_USER_ID: {
- CHECK_INTERFACE(IGateKeeperService, data, reply);
- uint32_t uid = data.readInt32();
- clearSecureUserId(uid);
- reply->writeNoException();
- return OK;
- }
- case REPORT_DEVICE_SETUP_COMPLETE: {
- CHECK_INTERFACE(IGateKeeperService, data, reply);
- reportDeviceSetupComplete();
- reply->writeNoException();
- return OK;
- }
- default:
- return BBinder::onTransact(code, data, reply, flags);
- }
-};
-
-
-}; // namespace android
diff --git a/gatekeeperd/IGateKeeperService.h b/gatekeeperd/IGateKeeperService.h
deleted file mode 100644
index 2816efc..0000000
--- a/gatekeeperd/IGateKeeperService.h
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef IGATEKEEPER_SERVICE_H_
-#define IGATEKEEPER_SERVICE_H_
-
-#include <binder/IInterface.h>
-#include <binder/Parcel.h>
-
-namespace android {
-
-/*
- * This must be kept manually in sync with frameworks/base's IGateKeeperService.aidl
- */
-class IGateKeeperService : public IInterface {
-public:
- enum {
- ENROLL = IBinder::FIRST_CALL_TRANSACTION + 0,
- VERIFY = IBinder::FIRST_CALL_TRANSACTION + 1,
- VERIFY_CHALLENGE = IBinder::FIRST_CALL_TRANSACTION + 2,
- GET_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 3,
- CLEAR_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 4,
- REPORT_DEVICE_SETUP_COMPLETE = IBinder::FIRST_CALL_TRANSACTION + 5,
- };
-
- enum {
- GATEKEEPER_RESPONSE_OK = 0,
- GATEKEEPER_RESPONSE_RETRY = 1,
- GATEKEEPER_RESPONSE_ERROR = -1,
- };
-
- // DECLARE_META_INTERFACE - C++ client interface not needed
- static const android::String16 descriptor;
- virtual const android::String16& getInterfaceDescriptor() const;
- IGateKeeperService() {}
- virtual ~IGateKeeperService() {}
-
- /**
- * Enrolls a password with the GateKeeper. Returns 0 on success, negative on failure.
- * Returns:
- * - 0 on success
- * - A timestamp T > 0 if the call has failed due to throttling and should not
- * be reattempted until T milliseconds have elapsed
- * - -1 on failure
- */
- virtual int enroll(uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) = 0;
-
- /**
- * Verifies a password previously enrolled with the GateKeeper.
- * Returns:
- * - 0 on success
- * - A timestamp T > 0 if the call has failed due to throttling and should not
- * be reattempted until T milliseconds have elapsed
- * - -1 on failure
- */
- virtual int verify(uint32_t uid, const uint8_t *enrolled_password_handle,
- uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length,
- bool *request_reenroll) = 0;
-
- /**
- * Verifies a password previously enrolled with the GateKeeper.
- * Returns:
- * - 0 on success
- * - A timestamp T > 0 if the call has failed due to throttling and should not
- * be reattempted until T milliseconds have elapsed
- * - -1 on failure
- */
- virtual int verifyChallenge(uint32_t uid, uint64_t challenge,
- const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length,
- uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll) = 0;
- /**
- * Returns the secure user ID for the provided android user
- */
- virtual uint64_t getSecureUserId(uint32_t uid) = 0;
-
- /**
- * Clears the secure user ID associated with the user.
- */
- virtual void clearSecureUserId(uint32_t uid) = 0;
-
- /**
- * Notifies gatekeeper that device setup has been completed and any potentially still existing
- * state from before a factory reset can be cleaned up (if it has not been already).
- */
- virtual void reportDeviceSetupComplete() = 0;
-};
-
-// ----------------------------------------------------------------------------
-
-class BnGateKeeperService: public BnInterface<IGateKeeperService> {
-public:
- virtual status_t onTransact(uint32_t code, const Parcel& data, Parcel* reply,
- uint32_t flags = 0);
-};
-
-} // namespace android
-
-#endif
-
diff --git a/gatekeeperd/SoftGateKeeper.h b/gatekeeperd/SoftGateKeeper.h
deleted file mode 100644
index 2f4f4d7..0000000
--- a/gatekeeperd/SoftGateKeeper.h
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * Copyright 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef SOFT_GATEKEEPER_H_
-#define SOFT_GATEKEEPER_H_
-
-extern "C" {
-#include <openssl/rand.h>
-#include <openssl/sha.h>
-
-#include <crypto_scrypt.h>
-}
-
-#include <android-base/memory.h>
-#include <gatekeeper/gatekeeper.h>
-
-#include <iostream>
-#include <unordered_map>
-#include <memory>
-
-namespace gatekeeper {
-
-struct fast_hash_t {
- uint64_t salt;
- uint8_t digest[SHA256_DIGEST_LENGTH];
-};
-
-class SoftGateKeeper : public GateKeeper {
-public:
- static const uint32_t SIGNATURE_LENGTH_BYTES = 32;
-
- // scrypt params
- static const uint64_t N = 16384;
- static const uint32_t r = 8;
- static const uint32_t p = 1;
-
- static const int MAX_UINT_32_CHARS = 11;
-
- SoftGateKeeper() {
- key_.reset(new uint8_t[SIGNATURE_LENGTH_BYTES]);
- memset(key_.get(), 0, SIGNATURE_LENGTH_BYTES);
- }
-
- virtual ~SoftGateKeeper() {
- }
-
- virtual bool GetAuthTokenKey(const uint8_t **auth_token_key,
- uint32_t *length) const {
- if (auth_token_key == NULL || length == NULL) return false;
- uint8_t *auth_token_key_copy = new uint8_t[SIGNATURE_LENGTH_BYTES];
- memcpy(auth_token_key_copy, key_.get(), SIGNATURE_LENGTH_BYTES);
-
- *auth_token_key = auth_token_key_copy;
- *length = SIGNATURE_LENGTH_BYTES;
- return true;
- }
-
- virtual void GetPasswordKey(const uint8_t **password_key, uint32_t *length) {
- if (password_key == NULL || length == NULL) return;
- uint8_t *password_key_copy = new uint8_t[SIGNATURE_LENGTH_BYTES];
- memcpy(password_key_copy, key_.get(), SIGNATURE_LENGTH_BYTES);
-
- *password_key = password_key_copy;
- *length = SIGNATURE_LENGTH_BYTES;
- }
-
- virtual void ComputePasswordSignature(uint8_t *signature, uint32_t signature_length,
- const uint8_t *, uint32_t, const uint8_t *password,
- uint32_t password_length, salt_t salt) const {
- if (signature == NULL) return;
- crypto_scrypt(password, password_length, reinterpret_cast<uint8_t *>(&salt),
- sizeof(salt), N, r, p, signature, signature_length);
- }
-
- virtual void GetRandom(void *random, uint32_t requested_length) const {
- if (random == NULL) return;
- RAND_pseudo_bytes((uint8_t *) random, requested_length);
- }
-
- virtual void ComputeSignature(uint8_t *signature, uint32_t signature_length,
- const uint8_t *, uint32_t, const uint8_t *, const uint32_t) const {
- if (signature == NULL) return;
- memset(signature, 0, signature_length);
- }
-
- virtual uint64_t GetMillisecondsSinceBoot() const {
- struct timespec time;
- int res = clock_gettime(CLOCK_BOOTTIME, &time);
- if (res < 0) return 0;
- return (time.tv_sec * 1000) + (time.tv_nsec / 1000 / 1000);
- }
-
- virtual bool IsHardwareBacked() const {
- return false;
- }
-
- virtual bool GetFailureRecord(uint32_t uid, secure_id_t user_id, failure_record_t *record,
- bool /* secure */) {
- failure_record_t *stored = &failure_map_[uid];
- if (user_id != stored->secure_user_id) {
- stored->secure_user_id = user_id;
- stored->last_checked_timestamp = 0;
- stored->failure_counter = 0;
- }
- memcpy(record, stored, sizeof(*record));
- return true;
- }
-
- virtual bool ClearFailureRecord(uint32_t uid, secure_id_t user_id, bool /* secure */) {
- failure_record_t *stored = &failure_map_[uid];
- stored->secure_user_id = user_id;
- stored->last_checked_timestamp = 0;
- stored->failure_counter = 0;
- return true;
- }
-
- virtual bool WriteFailureRecord(uint32_t uid, failure_record_t *record, bool /* secure */) {
- failure_map_[uid] = *record;
- return true;
- }
-
- fast_hash_t ComputeFastHash(const SizedBuffer &password, uint64_t salt) {
- fast_hash_t fast_hash;
- size_t digest_size = password.length + sizeof(salt);
- std::unique_ptr<uint8_t[]> digest(new uint8_t[digest_size]);
- memcpy(digest.get(), &salt, sizeof(salt));
- memcpy(digest.get() + sizeof(salt), password.buffer.get(), password.length);
-
- SHA256(digest.get(), digest_size, (uint8_t *) &fast_hash.digest);
-
- fast_hash.salt = salt;
- return fast_hash;
- }
-
- bool VerifyFast(const fast_hash_t &fast_hash, const SizedBuffer &password) {
- fast_hash_t computed = ComputeFastHash(password, fast_hash.salt);
- return memcmp(computed.digest, fast_hash.digest, SHA256_DIGEST_LENGTH) == 0;
- }
-
- bool DoVerify(const password_handle_t *expected_handle, const SizedBuffer &password) {
- uint64_t user_id = android::base::get_unaligned<secure_id_t>(&expected_handle->user_id);
- FastHashMap::const_iterator it = fast_hash_map_.find(user_id);
- if (it != fast_hash_map_.end() && VerifyFast(it->second, password)) {
- return true;
- } else {
- if (GateKeeper::DoVerify(expected_handle, password)) {
- uint64_t salt;
- GetRandom(&salt, sizeof(salt));
- fast_hash_map_[user_id] = ComputeFastHash(password, salt);
- return true;
- }
- }
-
- return false;
- }
-
-private:
-
- typedef std::unordered_map<uint32_t, failure_record_t> FailureRecordMap;
- typedef std::unordered_map<uint64_t, fast_hash_t> FastHashMap;
-
- std::unique_ptr<uint8_t[]> key_;
- FailureRecordMap failure_map_;
- FastHashMap fast_hash_map_;
-};
-}
-
-#endif // SOFT_GATEKEEPER_H_
diff --git a/gatekeeperd/SoftGateKeeperDevice.cpp b/gatekeeperd/SoftGateKeeperDevice.cpp
deleted file mode 100644
index f5e2ce6..0000000
--- a/gatekeeperd/SoftGateKeeperDevice.cpp
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "SoftGateKeeper.h"
-#include "SoftGateKeeperDevice.h"
-
-namespace android {
-
-int SoftGateKeeperDevice::enroll(uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) {
-
- if (enrolled_password_handle == NULL || enrolled_password_handle_length == NULL ||
- desired_password == NULL || desired_password_length == 0)
- return -EINVAL;
-
- // Current password and current password handle go together
- if (current_password_handle == NULL || current_password_handle_length == 0 ||
- current_password == NULL || current_password_length == 0) {
- current_password_handle = NULL;
- current_password_handle_length = 0;
- current_password = NULL;
- current_password_length = 0;
- }
-
- SizedBuffer desired_password_buffer(desired_password_length);
- memcpy(desired_password_buffer.buffer.get(), desired_password, desired_password_length);
-
- SizedBuffer current_password_handle_buffer(current_password_handle_length);
- if (current_password_handle) {
- memcpy(current_password_handle_buffer.buffer.get(), current_password_handle,
- current_password_handle_length);
- }
-
- SizedBuffer current_password_buffer(current_password_length);
- if (current_password) {
- memcpy(current_password_buffer.buffer.get(), current_password, current_password_length);
- }
-
- EnrollRequest request(uid, ¤t_password_handle_buffer, &desired_password_buffer,
- ¤t_password_buffer);
- EnrollResponse response;
-
- impl_->Enroll(request, &response);
-
- if (response.error == ERROR_RETRY) {
- return response.retry_timeout;
- } else if (response.error != ERROR_NONE) {
- return -EINVAL;
- }
-
- *enrolled_password_handle = response.enrolled_password_handle.buffer.release();
- *enrolled_password_handle_length = response.enrolled_password_handle.length;
- return 0;
-}
-
-int SoftGateKeeperDevice::verify(uint32_t uid,
- uint64_t challenge, const uint8_t *enrolled_password_handle,
- uint32_t enrolled_password_handle_length, const uint8_t *provided_password,
- uint32_t provided_password_length, uint8_t **auth_token, uint32_t *auth_token_length,
- bool *request_reenroll) {
-
- if (enrolled_password_handle == NULL ||
- provided_password == NULL) {
- return -EINVAL;
- }
-
- SizedBuffer password_handle_buffer(enrolled_password_handle_length);
- memcpy(password_handle_buffer.buffer.get(), enrolled_password_handle,
- enrolled_password_handle_length);
- SizedBuffer provided_password_buffer(provided_password_length);
- memcpy(provided_password_buffer.buffer.get(), provided_password, provided_password_length);
-
- VerifyRequest request(uid, challenge, &password_handle_buffer, &provided_password_buffer);
- VerifyResponse response;
-
- impl_->Verify(request, &response);
-
- if (response.error == ERROR_RETRY) {
- return response.retry_timeout;
- } else if (response.error != ERROR_NONE) {
- return -EINVAL;
- }
-
- if (auth_token != NULL && auth_token_length != NULL) {
- *auth_token = response.auth_token.buffer.release();
- *auth_token_length = response.auth_token.length;
- }
-
- if (request_reenroll != NULL) {
- *request_reenroll = response.request_reenroll;
- }
-
- return 0;
-}
-} // namespace android
diff --git a/gatekeeperd/SoftGateKeeperDevice.h b/gatekeeperd/SoftGateKeeperDevice.h
deleted file mode 100644
index e3dc068..0000000
--- a/gatekeeperd/SoftGateKeeperDevice.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef SOFT_GATEKEEPER_DEVICE_H_
-#define SOFT_GATEKEEPER_DEVICE_H_
-
-#include "SoftGateKeeper.h"
-
-#include <memory>
-
-using namespace gatekeeper;
-
-namespace android {
-
-/**
- * Software based GateKeeper implementation
- */
-class SoftGateKeeperDevice {
-public:
- SoftGateKeeperDevice() {
- impl_.reset(new SoftGateKeeper());
- }
-
- // Wrappers to translate the gatekeeper HAL API to the Kegyuard Messages API.
-
- /**
- * Enrolls password_payload, which should be derived from a user selected pin or password,
- * with the authentication factor private key used only for enrolling authentication
- * factor data.
- *
- * Returns: 0 on success or an error code less than 0 on error.
- * On error, enrolled_password_handle will not be allocated.
- */
- int enroll(uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length);
-
- /**
- * Verifies provided_password matches enrolled_password_handle.
- *
- * Implementations of this module may retain the result of this call
- * to attest to the recency of authentication.
- *
- * On success, writes the address of a verification token to auth_token,
- * usable to attest password verification to other trusted services. Clients
- * may pass NULL for this value.
- *
- * Returns: 0 on success or an error code less than 0 on error
- * On error, verification token will not be allocated
- */
- int verify(uint32_t uid, uint64_t challenge,
- const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length,
- uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll);
-private:
- std::unique_ptr<SoftGateKeeper> impl_;
-};
-
-} // namespace gatekeeper
-
-#endif //SOFT_GATEKEEPER_DEVICE_H_
diff --git a/gatekeeperd/binder/android/service/gatekeeper/GateKeeperResponse.aidl b/gatekeeperd/binder/android/service/gatekeeper/GateKeeperResponse.aidl
new file mode 100644
index 0000000..097bb54
--- /dev/null
+++ b/gatekeeperd/binder/android/service/gatekeeper/GateKeeperResponse.aidl
@@ -0,0 +1,24 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.service.gatekeeper;
+
+/**
+ * Response object for a GateKeeper verification request.
+ * @hide
+ */
+parcelable GateKeeperResponse cpp_header "gatekeeper/GateKeeperResponse.h";
+
diff --git a/gatekeeperd/binder/android/service/gatekeeper/IGateKeeperService.aidl b/gatekeeperd/binder/android/service/gatekeeper/IGateKeeperService.aidl
new file mode 100644
index 0000000..57adaba
--- /dev/null
+++ b/gatekeeperd/binder/android/service/gatekeeper/IGateKeeperService.aidl
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.service.gatekeeper;
+
+import android.service.gatekeeper.GateKeeperResponse;
+
+/**
+ * Interface for communication with GateKeeper, the
+ * secure password storage daemon.
+ *
+ * This must be kept manually in sync with system/core/gatekeeperd
+ * until AIDL can generate both C++ and Java bindings.
+ *
+ * @hide
+ */
+interface IGateKeeperService {
+ /**
+ * Enrolls a password, returning the handle to the enrollment to be stored locally.
+ * @param uid The Android user ID associated to this enrollment
+ * @param currentPasswordHandle The previously enrolled handle, or null if none
+ * @param currentPassword The previously enrolled plaintext password, or null if none.
+ * If provided, must verify against the currentPasswordHandle.
+ * @param desiredPassword The new desired password, for which a handle will be returned
+ * upon success.
+ * @return an EnrollResponse or null on failure
+ */
+ GateKeeperResponse enroll(int uid, in @nullable byte[] currentPasswordHandle,
+ in @nullable byte[] currentPassword, in byte[] desiredPassword);
+
+ /**
+ * Verifies an enrolled handle against a provided, plaintext blob.
+ * @param uid The Android user ID associated to this enrollment
+ * @param enrolledPasswordHandle The handle against which the provided password will be
+ * verified.
+ * @param The plaintext blob to verify against enrolledPassword.
+ * @return a VerifyResponse, or null on failure.
+ */
+ GateKeeperResponse verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword);
+
+ /**
+ * Verifies an enrolled handle against a provided, plaintext blob.
+ * @param uid The Android user ID associated to this enrollment
+ * @param challenge a challenge to authenticate agaisnt the device credential. If successful
+ * authentication occurs, this value will be written to the returned
+ * authentication attestation.
+ * @param enrolledPasswordHandle The handle against which the provided password will be
+ * verified.
+ * @param The plaintext blob to verify against enrolledPassword.
+ * @return a VerifyResponse with an attestation, or null on failure.
+ */
+ GateKeeperResponse verifyChallenge(int uid, long challenge, in byte[] enrolledPasswordHandle,
+ in byte[] providedPassword);
+
+ /**
+ * Retrieves the secure identifier for the user with the provided Android ID,
+ * or 0 if none is found.
+ * @param uid the Android user id
+ */
+ long getSecureUserId(int uid);
+
+ /**
+ * Clears secure user id associated with the provided Android ID.
+ * Must be called when password is set to NONE.
+ * @param uid the Android user id.
+ */
+ void clearSecureUserId(int uid);
+
+ /**
+ * Notifies gatekeeper that device setup has been completed and any potentially still existing
+ * state from before a factory reset can be cleaned up (if it has not been already).
+ */
+ void reportDeviceSetupComplete();
+}
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index 8700c34..1d65b1c 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -16,7 +16,8 @@
#define LOG_TAG "gatekeeperd"
-#include "IGateKeeperService.h"
+#include <android/service/gatekeeper/BnGateKeeperService.h>
+#include <gatekeeper/GateKeeperResponse.h>
#include <errno.h>
#include <fcntl.h>
@@ -41,8 +42,6 @@
#include <utils/Log.h>
#include <utils/String16.h>
-#include "SoftGateKeeperDevice.h"
-
#include <hidl/HidlSupport.h>
#include <android/hardware/gatekeeper/1.0/IGatekeeper.h>
@@ -52,6 +51,11 @@
using android::hardware::gatekeeper::V1_0::GatekeeperResponse;
using android::hardware::Return;
+using ::android::binder::Status;
+using ::android::service::gatekeeper::BnGateKeeperService;
+using GKResponse = ::android::service::gatekeeper::GateKeeperResponse;
+using GKResponseCode = ::android::service::gatekeeper::ResponseCode;
+
namespace android {
static const String16 KEYGUARD_PERMISSION("android.permission.ACCESS_KEYGUARD_SECURE_STORAGE");
@@ -64,9 +68,8 @@
hw_device = IGatekeeper::getService();
is_running_gsi = android::base::GetBoolProperty(android::gsi::kGsiBootedProp, false);
- if (hw_device == nullptr) {
- ALOGW("falling back to software GateKeeper");
- soft_device.reset(new SoftGateKeeperDevice());
+ if (!hw_device) {
+ LOG(ERROR) << "Could not find Gatekeeper device, which makes me very sad.";
}
}
@@ -92,7 +95,7 @@
if (mark_cold_boot() && !is_running_gsi) {
ALOGI("cold boot: clearing state");
- if (hw_device != nullptr) {
+ if (hw_device) {
hw_device->deleteAllUsers([](const GatekeeperResponse &){});
}
}
@@ -154,16 +157,16 @@
return uid;
}
- virtual int enroll(uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) {
+#define GK_ERROR *gkResponse = GKResponse::error(), Status::ok()
+
+ Status enroll(int32_t uid, const std::unique_ptr<std::vector<uint8_t>>& currentPasswordHandle,
+ const std::unique_ptr<std::vector<uint8_t>>& currentPassword,
+ const std::vector<uint8_t>& desiredPassword, GKResponse* gkResponse) override {
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
- return PERMISSION_DENIED;
+ return GK_ERROR;
}
// Make sure to clear any state from before factory reset as soon as a credential is
@@ -171,225 +174,189 @@
clear_state_if_needed();
// need a desired password to enroll
- if (desired_password_length == 0) return -EINVAL;
+ if (desiredPassword.size() == 0) return GK_ERROR;
- int ret;
- if (hw_device != nullptr) {
- const gatekeeper::password_handle_t *handle =
- reinterpret_cast<const gatekeeper::password_handle_t *>(current_password_handle);
+ if (!hw_device) {
+ LOG(ERROR) << "has no HAL to talk to";
+ return GK_ERROR;
+ }
- if (handle != NULL && handle->version != 0 && !handle->hardware_backed) {
- // handle is being re-enrolled from a software version. HAL probably won't accept
- // the handle as valid, so we nullify it and enroll from scratch
- current_password_handle = NULL;
- current_password_handle_length = 0;
- current_password = NULL;
- current_password_length = 0;
+ android::hardware::hidl_vec<uint8_t> curPwdHandle;
+ android::hardware::hidl_vec<uint8_t> curPwd;
+
+ if (currentPasswordHandle && currentPassword) {
+ if (currentPasswordHandle->size() != sizeof(gatekeeper::password_handle_t)) {
+ LOG(INFO) << "Password handle has wrong length";
+ return GK_ERROR;
}
+ curPwdHandle.setToExternal(const_cast<uint8_t*>(currentPasswordHandle->data()),
+ currentPasswordHandle->size());
+ curPwd.setToExternal(const_cast<uint8_t*>(currentPassword->data()),
+ currentPassword->size());
+ }
- android::hardware::hidl_vec<uint8_t> curPwdHandle;
- curPwdHandle.setToExternal(const_cast<uint8_t*>(current_password_handle),
- current_password_handle_length);
- android::hardware::hidl_vec<uint8_t> curPwd;
- curPwd.setToExternal(const_cast<uint8_t*>(current_password),
- current_password_length);
- android::hardware::hidl_vec<uint8_t> newPwd;
- newPwd.setToExternal(const_cast<uint8_t*>(desired_password),
- desired_password_length);
+ android::hardware::hidl_vec<uint8_t> newPwd;
+ newPwd.setToExternal(const_cast<uint8_t*>(desiredPassword.data()), desiredPassword.size());
- uint32_t hw_uid = adjust_uid(uid);
- Return<void> hwRes = hw_device->enroll(hw_uid, curPwdHandle, curPwd, newPwd,
- [&ret, enrolled_password_handle, enrolled_password_handle_length]
- (const GatekeeperResponse &rsp) {
- ret = static_cast<int>(rsp.code); // propagate errors
- if (rsp.code >= GatekeeperStatusCode::STATUS_OK) {
- if (enrolled_password_handle != nullptr &&
- enrolled_password_handle_length != nullptr) {
- *enrolled_password_handle = new uint8_t[rsp.data.size()];
- *enrolled_password_handle_length = rsp.data.size();
- memcpy(*enrolled_password_handle, rsp.data.data(),
- *enrolled_password_handle_length);
+ uint32_t hw_uid = adjust_uid(uid);
+ Return<void> hwRes = hw_device->enroll(
+ hw_uid, curPwdHandle, curPwd, newPwd, [&gkResponse](const GatekeeperResponse& rsp) {
+ if (rsp.code >= GatekeeperStatusCode::STATUS_OK) {
+ *gkResponse = GKResponse::ok({rsp.data.begin(), rsp.data.end()});
+ } else if (rsp.code == GatekeeperStatusCode::ERROR_RETRY_TIMEOUT &&
+ rsp.timeout > 0) {
+ *gkResponse = GKResponse::retry(rsp.timeout);
+ } else {
+ *gkResponse = GKResponse::error();
}
- ret = 0; // all success states are reported as 0
- } else if (rsp.code == GatekeeperStatusCode::ERROR_RETRY_TIMEOUT && rsp.timeout > 0) {
- ret = rsp.timeout;
- }
- });
- if (!hwRes.isOk()) {
- ALOGE("enroll transaction failed\n");
- ret = -1;
+ });
+ if (!hwRes.isOk()) {
+ LOG(ERROR) << "enroll transaction failed";
+ return GK_ERROR;
+ }
+
+ if (gkResponse->response_code() == GKResponseCode::OK && !gkResponse->should_reenroll()) {
+ if (gkResponse->payload().size() != sizeof(gatekeeper::password_handle_t)) {
+ LOG(ERROR) << "HAL returned password handle of invalid length "
+ << gkResponse->payload().size();
+ return GK_ERROR;
}
- } else {
- ret = soft_device->enroll(uid,
- current_password_handle, current_password_handle_length,
- current_password, current_password_length,
- desired_password, desired_password_length,
- enrolled_password_handle, enrolled_password_handle_length);
- }
- if (ret == GATEKEEPER_RESPONSE_OK && (*enrolled_password_handle == nullptr ||
- *enrolled_password_handle_length != sizeof(password_handle_t))) {
- ret = GATEKEEPER_RESPONSE_ERROR;
- ALOGE("HAL: password_handle=%p size_of_handle=%" PRIu32 "\n",
- *enrolled_password_handle, *enrolled_password_handle_length);
- }
-
- if (ret == GATEKEEPER_RESPONSE_OK) {
- gatekeeper::password_handle_t *handle =
- reinterpret_cast<gatekeeper::password_handle_t *>(*enrolled_password_handle);
+ const gatekeeper::password_handle_t* handle =
+ reinterpret_cast<const gatekeeper::password_handle_t*>(
+ gkResponse->payload().data());
store_sid(uid, handle->user_id);
- bool rr;
+ GKResponse verifyResponse;
// immediately verify this password so we don't ask the user to enter it again
// if they just created it.
- verify(uid, *enrolled_password_handle, sizeof(password_handle_t), desired_password,
- desired_password_length, &rr);
+ auto status = verify(uid, gkResponse->payload(), desiredPassword, &verifyResponse);
+ if (!status.isOk() || verifyResponse.response_code() != GKResponseCode::OK) {
+ LOG(ERROR) << "Failed to verify password after enrolling";
+ }
}
- return ret;
+ return Status::ok();
}
- virtual int verify(uint32_t uid,
- const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length, bool *request_reenroll) {
- uint8_t *auth_token = nullptr;
- uint32_t auth_token_length;
- int ret = verifyChallenge(uid, 0, enrolled_password_handle, enrolled_password_handle_length,
- provided_password, provided_password_length,
- &auth_token, &auth_token_length, request_reenroll);
- delete [] auth_token;
- return ret;
+ Status verify(int32_t uid, const ::std::vector<uint8_t>& enrolledPasswordHandle,
+ const ::std::vector<uint8_t>& providedPassword, GKResponse* gkResponse) override {
+ return verifyChallenge(uid, 0 /* challenge */, enrolledPasswordHandle, providedPassword,
+ gkResponse);
}
- virtual int verifyChallenge(uint32_t uid, uint64_t challenge,
- const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length,
- uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll) {
+ Status verifyChallenge(int32_t uid, int64_t challenge,
+ const std::vector<uint8_t>& enrolledPasswordHandle,
+ const std::vector<uint8_t>& providedPassword,
+ GKResponse* gkResponse) override {
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
- return PERMISSION_DENIED;
+ return GK_ERROR;
}
// can't verify if we're missing either param
- if ((enrolled_password_handle_length | provided_password_length) == 0)
- return -EINVAL;
+ if (enrolledPasswordHandle.size() == 0 || providedPassword.size() == 0) return GK_ERROR;
- int ret;
- if (hw_device != nullptr) {
- const gatekeeper::password_handle_t *handle =
- reinterpret_cast<const gatekeeper::password_handle_t *>(enrolled_password_handle);
- // handle version 0 does not have hardware backed flag, and thus cannot be upgraded to
- // a HAL if there was none before
- if (handle->version == 0 || handle->hardware_backed) {
- uint32_t hw_uid = adjust_uid(uid);
- android::hardware::hidl_vec<uint8_t> curPwdHandle;
- curPwdHandle.setToExternal(const_cast<uint8_t*>(enrolled_password_handle),
- enrolled_password_handle_length);
- android::hardware::hidl_vec<uint8_t> enteredPwd;
- enteredPwd.setToExternal(const_cast<uint8_t*>(provided_password),
- provided_password_length);
- Return<void> hwRes = hw_device->verify(hw_uid, challenge, curPwdHandle, enteredPwd,
- [&ret, request_reenroll, auth_token, auth_token_length]
- (const GatekeeperResponse &rsp) {
- ret = static_cast<int>(rsp.code); // propagate errors
- if (auth_token != nullptr && auth_token_length != nullptr &&
- rsp.code >= GatekeeperStatusCode::STATUS_OK) {
- *auth_token = new uint8_t[rsp.data.size()];
- *auth_token_length = rsp.data.size();
- memcpy(*auth_token, rsp.data.data(), *auth_token_length);
- if (request_reenroll != nullptr) {
- *request_reenroll = (rsp.code == GatekeeperStatusCode::STATUS_REENROLL);
- }
- ret = 0; // all success states are reported as 0
- } else if (rsp.code == GatekeeperStatusCode::ERROR_RETRY_TIMEOUT &&
- rsp.timeout > 0) {
- ret = rsp.timeout;
+ if (!hw_device) return GK_ERROR;
+
+ if (enrolledPasswordHandle.size() != sizeof(gatekeeper::password_handle_t)) {
+ LOG(INFO) << "Password handle has wrong length";
+ return GK_ERROR;
+ }
+ const gatekeeper::password_handle_t* handle =
+ reinterpret_cast<const gatekeeper::password_handle_t*>(
+ enrolledPasswordHandle.data());
+
+ uint32_t hw_uid = adjust_uid(uid);
+ android::hardware::hidl_vec<uint8_t> curPwdHandle;
+ curPwdHandle.setToExternal(const_cast<uint8_t*>(enrolledPasswordHandle.data()),
+ enrolledPasswordHandle.size());
+ android::hardware::hidl_vec<uint8_t> enteredPwd;
+ enteredPwd.setToExternal(const_cast<uint8_t*>(providedPassword.data()),
+ providedPassword.size());
+
+ Return<void> hwRes = hw_device->verify(
+ hw_uid, challenge, curPwdHandle, enteredPwd,
+ [&gkResponse](const GatekeeperResponse& rsp) {
+ if (rsp.code >= GatekeeperStatusCode::STATUS_OK) {
+ *gkResponse = GKResponse::ok(
+ {rsp.data.begin(), rsp.data.end()},
+ rsp.code == GatekeeperStatusCode::STATUS_REENROLL /* reenroll */);
+ } else if (rsp.code == GatekeeperStatusCode::ERROR_RETRY_TIMEOUT) {
+ *gkResponse = GKResponse::retry(rsp.timeout);
+ } else {
+ *gkResponse = GKResponse::error();
}
});
- if (!hwRes.isOk()) {
- ALOGE("verify transaction failed\n");
- ret = -1;
- }
- } else {
- // upgrade scenario, a HAL has been added to this device where there was none before
- SoftGateKeeperDevice soft_dev;
- ret = soft_dev.verify(uid, challenge,
- enrolled_password_handle, enrolled_password_handle_length,
- provided_password, provided_password_length, auth_token, auth_token_length,
- request_reenroll);
- if (ret == 0) {
- // success! re-enroll with HAL
- *request_reenroll = true;
+ if (!hwRes.isOk()) {
+ LOG(ERROR) << "verify transaction failed";
+ return GK_ERROR;
+ }
+
+ if (gkResponse->response_code() == GKResponseCode::OK) {
+ if (gkResponse->payload().size() != 0) {
+ sp<IServiceManager> sm = defaultServiceManager();
+ sp<IBinder> binder = sm->getService(String16("android.security.keystore"));
+ sp<security::keystore::IKeystoreService> service =
+ interface_cast<security::keystore::IKeystoreService>(binder);
+
+ if (service) {
+ int result = 0;
+ auto binder_result = service->addAuthToken(gkResponse->payload(), &result);
+ if (!binder_result.isOk() ||
+ !keystore::KeyStoreServiceReturnCode(result).isOk()) {
+ LOG(ERROR) << "Failure sending auth token to KeyStore: " << result;
+ }
+ } else {
+ LOG(ERROR) << "Cannot deliver auth token. Unable to communicate with Keystore.";
}
}
- } else {
- ret = soft_device->verify(uid, challenge,
- enrolled_password_handle, enrolled_password_handle_length,
- provided_password, provided_password_length, auth_token, auth_token_length,
- request_reenroll);
+
+ maybe_store_sid(uid, handle->user_id);
}
- if (ret == 0 && *auth_token != NULL && *auth_token_length > 0) {
- // TODO: cache service?
- sp<IServiceManager> sm = defaultServiceManager();
- sp<IBinder> binder = sm->getService(String16("android.security.keystore"));
- sp<security::keystore::IKeystoreService> service =
- interface_cast<security::keystore::IKeystoreService>(binder);
- if (service != NULL) {
- std::vector<uint8_t> auth_token_vector(*auth_token,
- (*auth_token) + *auth_token_length);
- int result = 0;
- auto binder_result = service->addAuthToken(auth_token_vector, &result);
- if (!binder_result.isOk() || !keystore::KeyStoreServiceReturnCode(result).isOk()) {
- ALOGE("Failure sending auth token to KeyStore: %" PRId32, result);
- }
- } else {
- ALOGE("Unable to communicate with KeyStore");
- }
- }
-
- if (ret == 0) {
- maybe_store_sid(uid, reinterpret_cast<const gatekeeper::password_handle_t *>(
- enrolled_password_handle)->user_id);
- }
-
- return ret;
+ return Status::ok();
}
- virtual uint64_t getSecureUserId(uint32_t uid) { return read_sid(uid); }
+ Status getSecureUserId(int32_t uid, int64_t* sid) override {
+ *sid = read_sid(uid);
+ return Status::ok();
+ }
- virtual void clearSecureUserId(uint32_t uid) {
+ Status clearSecureUserId(int32_t uid) override {
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid);
- return;
+ return Status::ok();
}
clear_sid(uid);
- if (hw_device != nullptr) {
+ if (hw_device) {
uint32_t hw_uid = adjust_uid(uid);
hw_device->deleteUser(hw_uid, [] (const GatekeeperResponse &){});
}
+ return Status::ok();
}
- virtual void reportDeviceSetupComplete() {
+ Status reportDeviceSetupComplete() override {
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid);
- return;
+ return Status::ok();
}
clear_state_if_needed();
+ return Status::ok();
}
- virtual status_t dump(int fd, const Vector<String16> &) {
+ status_t dump(int fd, const Vector<String16>&) override {
IPCThreadState* ipc = IPCThreadState::self();
const int pid = ipc->getCallingPid();
const int uid = ipc->getCallingUid();
@@ -410,7 +377,6 @@
private:
sp<IGatekeeper> hw_device;
- std::unique_ptr<SoftGateKeeperDevice> soft_device;
bool clear_state_if_needed_done;
bool is_running_gsi;
diff --git a/gatekeeperd/include/gatekeeper/GateKeeperResponse.h b/gatekeeperd/include/gatekeeper/GateKeeperResponse.h
new file mode 100644
index 0000000..99fff02
--- /dev/null
+++ b/gatekeeperd/include/gatekeeper/GateKeeperResponse.h
@@ -0,0 +1,85 @@
+/*
+**
+** Copyright 2019, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+** http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#ifndef GATEKEEPERD_INCLUDE_GATEKEEPER_GATEKEEPERRESPONSE_H_
+#define GATEKEEPERD_INCLUDE_GATEKEEPER_GATEKEEPERRESPONSE_H_
+
+#include <binder/Parcelable.h>
+
+namespace android {
+namespace service {
+namespace gatekeeper {
+
+enum class ResponseCode : int32_t {
+ ERROR = -1,
+ OK = 0,
+ RETRY = 1,
+};
+
+class GateKeeperResponse : public ::android::Parcelable {
+ GateKeeperResponse(ResponseCode response_code, int32_t timeout = 0,
+ std::vector<uint8_t> payload = {}, bool should_reenroll = false)
+ : response_code_(response_code),
+ timeout_(timeout),
+ payload_(std::move(payload)),
+ should_reenroll_(should_reenroll) {}
+
+ public:
+ GateKeeperResponse() = default;
+ GateKeeperResponse(GateKeeperResponse&&) = default;
+ GateKeeperResponse(const GateKeeperResponse&) = default;
+ GateKeeperResponse& operator=(GateKeeperResponse&&) = default;
+
+ static GateKeeperResponse error() { return GateKeeperResponse(ResponseCode::ERROR); }
+ static GateKeeperResponse retry(int32_t timeout) {
+ return GateKeeperResponse(ResponseCode::RETRY, timeout);
+ }
+ static GateKeeperResponse ok(std::vector<uint8_t> payload, bool reenroll = false) {
+ return GateKeeperResponse(ResponseCode::OK, 0, std::move(payload), reenroll);
+ }
+
+ status_t readFromParcel(const Parcel* in) override;
+ status_t writeToParcel(Parcel* out) const override;
+
+ const std::vector<uint8_t>& payload() const { return payload_; }
+
+ void payload(std::vector<uint8_t> payload) { payload_ = payload; }
+
+ ResponseCode response_code() const { return response_code_; }
+
+ void response_code(ResponseCode response_code) { response_code_ = response_code; }
+
+ bool should_reenroll() const { return should_reenroll_; }
+
+ void should_reenroll(bool should_reenroll) { should_reenroll_ = should_reenroll; }
+
+ int32_t timeout() const { return timeout_; }
+
+ void timeout(int32_t timeout) { timeout_ = timeout; }
+
+ private:
+ ResponseCode response_code_;
+ int32_t timeout_;
+ std::vector<uint8_t> payload_;
+ bool should_reenroll_;
+};
+
+} // namespace gatekeeper
+} // namespace service
+} // namespace android
+
+#endif // GATEKEEPERD_INCLUDE_GATEKEEPER_GATEKEEPERRESPONSE_H_
diff --git a/gatekeeperd/tests/Android.bp b/gatekeeperd/tests/Android.bp
deleted file mode 100644
index d4cf93b..0000000
--- a/gatekeeperd/tests/Android.bp
+++ /dev/null
@@ -1,34 +0,0 @@
-//
-// Copyright (C) 2015 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-cc_test {
- name: "gatekeeperd-unit-tests",
-
- cflags: [
- "-g",
- "-Wall",
- "-Werror",
- "-Wno-missing-field-initializers",
- ],
- shared_libs: [
- "libgatekeeper",
- "libcrypto",
- "libbase",
- ],
- static_libs: ["libscrypt_static"],
- include_dirs: ["external/scrypt/lib/crypto"],
- srcs: ["gatekeeper_test.cpp"],
-}
diff --git a/gatekeeperd/tests/gatekeeper_test.cpp b/gatekeeperd/tests/gatekeeper_test.cpp
deleted file mode 100644
index 100375f..0000000
--- a/gatekeeperd/tests/gatekeeper_test.cpp
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * Copyright 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <arpa/inet.h>
-#include <iostream>
-
-#include <gtest/gtest.h>
-#include <hardware/hw_auth_token.h>
-
-#include "../SoftGateKeeper.h"
-
-using ::gatekeeper::SizedBuffer;
-using ::testing::Test;
-using ::gatekeeper::EnrollRequest;
-using ::gatekeeper::EnrollResponse;
-using ::gatekeeper::VerifyRequest;
-using ::gatekeeper::VerifyResponse;
-using ::gatekeeper::SoftGateKeeper;
-using ::gatekeeper::secure_id_t;
-
-static void do_enroll(SoftGateKeeper &gatekeeper, EnrollResponse *response) {
- SizedBuffer password;
-
- password.buffer.reset(new uint8_t[16]);
- password.length = 16;
- memset(password.buffer.get(), 0, 16);
- EnrollRequest request(0, NULL, &password, NULL);
-
- gatekeeper.Enroll(request, response);
-}
-
-TEST(GateKeeperTest, EnrollSuccess) {
- SoftGateKeeper gatekeeper;
- EnrollResponse response;
- do_enroll(gatekeeper, &response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
-}
-
-TEST(GateKeeperTest, EnrollBogusData) {
- SoftGateKeeper gatekeeper;
- SizedBuffer password;
- EnrollResponse response;
-
- EnrollRequest request(0, NULL, &password, NULL);
-
- gatekeeper.Enroll(request, &response);
-
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_INVALID, response.error);
-}
-
-TEST(GateKeeperTest, VerifySuccess) {
- SoftGateKeeper gatekeeper;
- SizedBuffer provided_password;
- EnrollResponse enroll_response;
-
- provided_password.buffer.reset(new uint8_t[16]);
- provided_password.length = 16;
- memset(provided_password.buffer.get(), 0, 16);
-
- do_enroll(gatekeeper, &enroll_response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
- VerifyRequest request(0, 1, &enroll_response.enrolled_password_handle,
- &provided_password);
- VerifyResponse response;
-
- gatekeeper.Verify(request, &response);
-
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
-
- hw_auth_token_t *auth_token =
- reinterpret_cast<hw_auth_token_t *>(response.auth_token.buffer.get());
-
- ASSERT_EQ((uint32_t) HW_AUTH_PASSWORD, ntohl(auth_token->authenticator_type));
- ASSERT_EQ((uint64_t) 1, auth_token->challenge);
- ASSERT_NE(~((uint32_t) 0), auth_token->timestamp);
- ASSERT_NE((uint64_t) 0, auth_token->user_id);
- ASSERT_NE((uint64_t) 0, auth_token->authenticator_id);
-}
-
-TEST(GateKeeperTest, TrustedReEnroll) {
- SoftGateKeeper gatekeeper;
- SizedBuffer provided_password;
- EnrollResponse enroll_response;
- SizedBuffer password_handle;
-
- // do_enroll enrolls an all 0 password
- provided_password.buffer.reset(new uint8_t[16]);
- provided_password.length = 16;
- memset(provided_password.buffer.get(), 0, 16);
- do_enroll(gatekeeper, &enroll_response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
-
- // keep a copy of the handle
- password_handle.buffer.reset(new uint8_t[enroll_response.enrolled_password_handle.length]);
- password_handle.length = enroll_response.enrolled_password_handle.length;
- memcpy(password_handle.buffer.get(), enroll_response.enrolled_password_handle.buffer.get(),
- password_handle.length);
-
- // verify first password
- VerifyRequest request(0, 0, &enroll_response.enrolled_password_handle,
- &provided_password);
- VerifyResponse response;
- gatekeeper.Verify(request, &response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
- hw_auth_token_t *auth_token =
- reinterpret_cast<hw_auth_token_t *>(response.auth_token.buffer.get());
-
- secure_id_t secure_id = auth_token->user_id;
-
- // enroll new password
- provided_password.buffer.reset(new uint8_t[16]);
- provided_password.length = 16;
- memset(provided_password.buffer.get(), 0, 16);
- SizedBuffer password;
- password.buffer.reset(new uint8_t[16]);
- memset(password.buffer.get(), 1, 16);
- password.length = 16;
- EnrollRequest enroll_request(0, &password_handle, &password, &provided_password);
- gatekeeper.Enroll(enroll_request, &enroll_response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
-
- // verify new password
- password.buffer.reset(new uint8_t[16]);
- memset(password.buffer.get(), 1, 16);
- password.length = 16;
- VerifyRequest new_request(0, 0, &enroll_response.enrolled_password_handle,
- &password);
- gatekeeper.Verify(new_request, &response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
- ASSERT_EQ(secure_id,
- reinterpret_cast<hw_auth_token_t *>(response.auth_token.buffer.get())->user_id);
-}
-
-
-TEST(GateKeeperTest, UntrustedReEnroll) {
- SoftGateKeeper gatekeeper;
- SizedBuffer provided_password;
- EnrollResponse enroll_response;
-
- // do_enroll enrolls an all 0 password
- provided_password.buffer.reset(new uint8_t[16]);
- provided_password.length = 16;
- memset(provided_password.buffer.get(), 0, 16);
- do_enroll(gatekeeper, &enroll_response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
-
- // verify first password
- VerifyRequest request(0, 0, &enroll_response.enrolled_password_handle,
- &provided_password);
- VerifyResponse response;
- gatekeeper.Verify(request, &response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
- hw_auth_token_t *auth_token =
- reinterpret_cast<hw_auth_token_t *>(response.auth_token.buffer.get());
-
- secure_id_t secure_id = auth_token->user_id;
-
- // enroll new password
- SizedBuffer password;
- password.buffer.reset(new uint8_t[16]);
- memset(password.buffer.get(), 1, 16);
- password.length = 16;
- EnrollRequest enroll_request(0, NULL, &password, NULL);
- gatekeeper.Enroll(enroll_request, &enroll_response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
-
- // verify new password
- password.buffer.reset(new uint8_t[16]);
- memset(password.buffer.get(), 1, 16);
- password.length = 16;
- VerifyRequest new_request(0, 0, &enroll_response.enrolled_password_handle,
- &password);
- gatekeeper.Verify(new_request, &response);
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
- ASSERT_NE(secure_id,
- reinterpret_cast<hw_auth_token_t *>(response.auth_token.buffer.get())->user_id);
-}
-
-
-TEST(GateKeeperTest, VerifyBogusData) {
- SoftGateKeeper gatekeeper;
- SizedBuffer provided_password;
- SizedBuffer password_handle;
- VerifyResponse response;
-
- VerifyRequest request(0, 0, &provided_password, &password_handle);
-
- gatekeeper.Verify(request, &response);
-
- ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_INVALID, response.error);
-}
diff --git a/init/Android.bp b/init/Android.bp
index 9c1ed15..6bc581d 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -128,6 +128,8 @@
"selabel.cpp",
"selinux.cpp",
"service.cpp",
+ "service_list.cpp",
+ "service_parser.cpp",
"service_utils.cpp",
"sigchld_handler.cpp",
"subcontext.cpp",
@@ -255,11 +257,12 @@
"import_parser.cpp",
"host_import_parser.cpp",
"host_init_verifier.cpp",
- "host_init_stubs.cpp",
"parser.cpp",
"rlimit_parser.cpp",
"tokenizer.cpp",
"service.cpp",
+ "service_list.cpp",
+ "service_parser.cpp",
"service_utils.cpp",
"subcontext.cpp",
"subcontext.proto",
diff --git a/init/builtins.cpp b/init/builtins.cpp
index d9b1b85..cc84aa0 100644
--- a/init/builtins.cpp
+++ b/init/builtins.cpp
@@ -63,7 +63,6 @@
#include "action_manager.h"
#include "bootchart.h"
-#include "host_init_stubs.h"
#include "init.h"
#include "mount_namespace.h"
#include "parser.h"
@@ -73,6 +72,7 @@
#include "selabel.h"
#include "selinux.h"
#include "service.h"
+#include "service_list.h"
#include "subcontext.h"
#include "util.h"
@@ -88,6 +88,8 @@
namespace android {
namespace init {
+std::vector<std::string> late_import_paths;
+
static constexpr std::chrono::nanoseconds kCommandRetryTimeout = 5s;
static Result<void> reboot_into_recovery(const std::vector<std::string>& options) {
diff --git a/init/builtins.h b/init/builtins.h
index 5db0d1c..7bbf6aa 100644
--- a/init/builtins.h
+++ b/init/builtins.h
@@ -40,6 +40,8 @@
const Map& map() const override;
};
+extern std::vector<std::string> late_import_paths;
+
} // namespace init
} // namespace android
diff --git a/init/devices.cpp b/init/devices.cpp
index 5e760d0..e8e6cd7 100644
--- a/init/devices.cpp
+++ b/init/devices.cpp
@@ -39,10 +39,6 @@
#include "selabel.h"
#include "util.h"
-#ifdef _INIT_INIT_H
-#error "Do not include init.h in files used by ueventd; it will expose init's globals"
-#endif
-
using namespace std::chrono_literals;
using android::base::Basename;
diff --git a/init/host_init_stubs.cpp b/init/host_init_stubs.cpp
deleted file mode 100644
index b85e54a..0000000
--- a/init/host_init_stubs.cpp
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (C) 2018 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "host_init_stubs.h"
-
-#include <android-base/properties.h>
-
-// unistd.h
-int setgroups(size_t __size, const gid_t* __list) {
- return 0;
-}
-
-namespace android {
-namespace init {
-
-// init.h
-std::string default_console = "/dev/console";
-
-// property_service.h
-bool CanReadProperty(const std::string& source_context, const std::string& name) {
- return true;
-}
-uint32_t SetProperty(const std::string& key, const std::string& value) {
- android::base::SetProperty(key, value);
- return 0;
-}
-uint32_t (*property_set)(const std::string& name, const std::string& value) = SetProperty;
-uint32_t HandlePropertySet(const std::string&, const std::string&, const std::string&, const ucred&,
- std::string*) {
- return 0;
-}
-
-// selinux.h
-int SelinuxGetVendorAndroidVersion() {
- return 10000;
-}
-void SelabelInitialize() {}
-
-bool SelabelLookupFileContext(const std::string& key, int type, std::string* result) {
- return false;
-}
-
-} // namespace init
-} // namespace android
diff --git a/init/host_init_stubs.h b/init/host_init_stubs.h
index f6e9676..7c0544a 100644
--- a/init/host_init_stubs.h
+++ b/init/host_init_stubs.h
@@ -14,8 +14,7 @@
* limitations under the License.
*/
-#ifndef _INIT_HOST_INIT_STUBS_H
-#define _INIT_HOST_INIT_STUBS_H
+#pragma once
#include <stddef.h>
#include <sys/socket.h>
@@ -23,26 +22,30 @@
#include <string>
+#include <android-base/properties.h>
+
// android/api-level.h
#define __ANDROID_API_P__ 28
// sys/system_properties.h
#define PROP_VALUE_MAX 92
-// unistd.h
-int setgroups(size_t __size, const gid_t* __list);
-
namespace android {
namespace init {
-// init.h
-extern std::string default_console;
-
// property_service.h
-bool CanReadProperty(const std::string& source_context, const std::string& name);
-extern uint32_t (*property_set)(const std::string& name, const std::string& value);
-uint32_t HandlePropertySet(const std::string& name, const std::string& value,
- const std::string& source_context, const ucred& cr, std::string* error);
+inline bool CanReadProperty(const std::string&, const std::string&) {
+ return true;
+}
+inline uint32_t SetProperty(const std::string& key, const std::string& value) {
+ android::base::SetProperty(key, value);
+ return 0;
+}
+inline uint32_t (*property_set)(const std::string& name, const std::string& value) = SetProperty;
+inline uint32_t HandlePropertySet(const std::string&, const std::string&, const std::string&,
+ const ucred&, std::string*) {
+ return 0;
+}
// reboot_utils.h
inline void SetFatalRebootTarget() {}
@@ -50,12 +53,16 @@
abort();
}
+// selabel.h
+inline void SelabelInitialize() {}
+inline bool SelabelLookupFileContext(const std::string&, int, std::string*) {
+ return false;
+}
+
// selinux.h
-int SelinuxGetVendorAndroidVersion();
-void SelabelInitialize();
-bool SelabelLookupFileContext(const std::string& key, int type, std::string* result);
+inline int SelinuxGetVendorAndroidVersion() {
+ return 10000;
+}
} // namespace init
} // namespace android
-
-#endif
diff --git a/init/host_init_verifier.cpp b/init/host_init_verifier.cpp
index cb861f3..9323aa0 100644
--- a/init/host_init_verifier.cpp
+++ b/init/host_init_verifier.cpp
@@ -15,11 +15,13 @@
//
#include <errno.h>
+#include <getopt.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <iostream>
+#include <iterator>
#include <string>
#include <vector>
@@ -36,6 +38,8 @@
#include "parser.h"
#include "result.h"
#include "service.h"
+#include "service_list.h"
+#include "service_parser.h"
#define EXCLUDE_FS_CONFIG_STRUCTURES
#include "generated_android_ids.h"
@@ -46,9 +50,9 @@
using android::base::ReadFileToString;
using android::base::Split;
-static std::string passwd_file;
+static std::vector<std::string> passwd_files;
-static std::vector<std::pair<std::string, int>> GetVendorPasswd() {
+static std::vector<std::pair<std::string, int>> GetVendorPasswd(const std::string& passwd_file) {
std::string passwd;
if (!ReadFileToString(passwd_file, &passwd)) {
return {};
@@ -70,6 +74,16 @@
return result;
}
+static std::vector<std::pair<std::string, int>> GetVendorPasswd() {
+ std::vector<std::pair<std::string, int>> result;
+ for (const auto& passwd_file : passwd_files) {
+ auto individual_result = GetVendorPasswd(passwd_file);
+ std::move(individual_result.begin(), individual_result.end(),
+ std::back_insert_iterator(result));
+ }
+ return result;
+}
+
passwd* getpwnam(const char* login) { // NOLINT: implementing bad function.
// This isn't thread safe, but that's okay for our purposes.
static char static_name[32] = "";
@@ -124,17 +138,50 @@
#include "generated_stub_builtin_function_map.h"
+void PrintUsage() {
+ std::cout << "usage: host_init_verifier [-p FILE] <init rc file>\n"
+ "\n"
+ "Tests an init script for correctness\n"
+ "\n"
+ "-p FILE\tSearch this passwd file for users and groups\n"
+ << std::endl;
+}
+
int main(int argc, char** argv) {
android::base::InitLogging(argv, &android::base::StdioLogger);
android::base::SetMinimumLogSeverity(android::base::ERROR);
- if (argc != 2 && argc != 3) {
- LOG(ERROR) << "Usage: " << argv[0] << " <init rc file> [passwd file]";
- return EXIT_FAILURE;
+ while (true) {
+ static const struct option long_options[] = {
+ {"help", no_argument, nullptr, 'h'},
+ {nullptr, 0, nullptr, 0},
+ };
+
+ int arg = getopt_long(argc, argv, "p:", long_options, nullptr);
+
+ if (arg == -1) {
+ break;
+ }
+
+ switch (arg) {
+ case 'h':
+ PrintUsage();
+ return EXIT_FAILURE;
+ case 'p':
+ passwd_files.emplace_back(optarg);
+ break;
+ default:
+ std::cerr << "getprop: getopt returned invalid result: " << arg << std::endl;
+ return EXIT_FAILURE;
+ }
}
- if (argc == 3) {
- passwd_file = argv[2];
+ argc -= optind;
+ argv += optind;
+
+ if (argc != 1) {
+ PrintUsage();
+ return EXIT_FAILURE;
}
const BuiltinFunctionMap function_map;
@@ -146,12 +193,12 @@
parser.AddSectionParser("on", std::make_unique<ActionParser>(&am, nullptr));
parser.AddSectionParser("import", std::make_unique<HostImportParser>());
- if (!parser.ParseConfigFileInsecure(argv[1])) {
- LOG(ERROR) << "Failed to open init rc script '" << argv[1] << "'";
+ if (!parser.ParseConfigFileInsecure(*argv)) {
+ LOG(ERROR) << "Failed to open init rc script '" << *argv << "'";
return EXIT_FAILURE;
}
if (parser.parse_error_count() > 0) {
- LOG(ERROR) << "Failed to parse init script '" << argv[1] << "' with "
+ LOG(ERROR) << "Failed to parse init script '" << *argv << "' with "
<< parser.parse_error_count() << " errors";
return EXIT_FAILURE;
}
diff --git a/init/init.cpp b/init/init.cpp
index 0d3b99f..b6911e5 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -28,9 +28,11 @@
#include <sys/types.h>
#include <unistd.h>
+#include <functional>
#include <map>
#include <memory>
#include <optional>
+#include <vector>
#include <android-base/chrono_utils.h>
#include <android-base/file.h>
@@ -54,6 +56,7 @@
#include "action_parser.h"
#include "boringssl_self_test.h"
+#include "builtins.h"
#include "epoll.h"
#include "first_stage_init.h"
#include "first_stage_mount.h"
@@ -67,6 +70,8 @@
#include "security.h"
#include "selabel.h"
#include "selinux.h"
+#include "service.h"
+#include "service_parser.h"
#include "sigchld_handler.h"
#include "util.h"
@@ -88,8 +93,6 @@
static char qemu[32];
-std::string default_console = "/dev/console";
-
static int signal_fd = -1;
static std::unique_ptr<Timer> waiting_for_prop(nullptr);
@@ -100,8 +103,6 @@
static bool do_shutdown = false;
static bool load_debug_prop = false;
-std::vector<std::string> late_import_paths;
-
static std::vector<Subcontext>* subcontexts;
void DumpState() {
@@ -346,14 +347,6 @@
return {};
}
-static Result<void> console_init_action(const BuiltinArguments& args) {
- std::string console = GetProperty("ro.boot.console", "");
- if (!console.empty()) {
- default_console = "/dev/" + console;
- }
- return {};
-}
-
static Result<void> SetupCgroupsAction(const BuiltinArguments&) {
// Have to create <CGROUPS_RC_DIR> using make_dir function
// for appropriate sepolicy to be set for it
@@ -760,7 +753,6 @@
return {};
},
"KeychordInit");
- am.QueueBuiltinAction(console_init_action, "console_init");
// Trigger all the boot actions to get us started.
am.QueueEventTrigger("init");
diff --git a/init/init.h b/init/init.h
index 90ead0e..cfc28f1 100644
--- a/init/init.h
+++ b/init/init.h
@@ -14,29 +14,20 @@
* limitations under the License.
*/
-#ifndef _INIT_INIT_H
-#define _INIT_INIT_H
+#pragma once
#include <sys/types.h>
-#include <functional>
#include <string>
-#include <vector>
#include "action.h"
#include "action_manager.h"
#include "parser.h"
-#include "service.h"
+#include "service_list.h"
namespace android {
namespace init {
-// Note: These globals are *only* valid in init, so they should not be used in ueventd
-// or any files that may be included in ueventd, such as devices.cpp and util.cpp.
-// TODO: Have an Init class and remove all globals.
-extern std::string default_console;
-extern std::vector<std::string> late_import_paths;
-
Parser CreateParser(ActionManager& action_manager, ServiceList& service_list);
Parser CreateServiceOnlyParser(ServiceList& service_list);
@@ -54,5 +45,3 @@
} // namespace init
} // namespace android
-
-#endif /* _INIT_INIT_H */
diff --git a/init/init_test.cpp b/init/init_test.cpp
index 18c2b38..1bcc5ef 100644
--- a/init/init_test.cpp
+++ b/init/init_test.cpp
@@ -27,6 +27,8 @@
#include "keyword_map.h"
#include "parser.h"
#include "service.h"
+#include "service_list.h"
+#include "service_parser.h"
#include "test_function_map.h"
#include "util.h"
diff --git a/init/reboot.cpp b/init/reboot.cpp
index eaba3cc..d9d885c 100644
--- a/init/reboot.cpp
+++ b/init/reboot.cpp
@@ -55,6 +55,7 @@
#include "property_service.h"
#include "reboot_utils.h"
#include "service.h"
+#include "service_list.h"
#include "sigchld_handler.h"
#define PROC_SYSRQ "/proc/sysrq-trigger"
diff --git a/init/service.cpp b/init/service.cpp
index 4fe374c..cd08f3d 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -18,11 +18,9 @@
#include <fcntl.h>
#include <inttypes.h>
-#include <linux/input.h>
#include <linux/securebits.h>
#include <sched.h>
#include <sys/prctl.h>
-#include <sys/resource.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <termios.h>
@@ -30,27 +28,20 @@
#include <android-base/file.h>
#include <android-base/logging.h>
-#include <android-base/parseint.h>
#include <android-base/properties.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
-#include <hidl-util/FQName.h>
#include <processgroup/processgroup.h>
#include <selinux/selinux.h>
-#include <system/thread_defs.h>
-#include "rlimit_parser.h"
+#include "service_list.h"
#include "util.h"
#if defined(__ANDROID__)
#include <ApexProperties.sysprop.h>
-#include <android/api-level.h>
-#include <sys/system_properties.h>
-#include "init.h"
#include "mount_namespace.h"
#include "property_service.h"
-#include "selinux.h"
#else
#include "host_init_stubs.h"
#endif
@@ -58,8 +49,6 @@
using android::base::boot_clock;
using android::base::GetProperty;
using android::base::Join;
-using android::base::ParseInt;
-using android::base::Split;
using android::base::StartsWith;
using android::base::StringPrintf;
using android::base::WriteStringToFile;
@@ -315,450 +304,6 @@
[] (const auto& info) { LOG(INFO) << *info; });
}
-Result<void> Service::ParseCapabilities(std::vector<std::string>&& args) {
- capabilities_ = 0;
-
- if (!CapAmbientSupported()) {
- return Error()
- << "capabilities requested but the kernel does not support ambient capabilities";
- }
-
- unsigned int last_valid_cap = GetLastValidCap();
- if (last_valid_cap >= capabilities_->size()) {
- LOG(WARNING) << "last valid run-time capability is larger than CAP_LAST_CAP";
- }
-
- for (size_t i = 1; i < args.size(); i++) {
- const std::string& arg = args[i];
- int res = LookupCap(arg);
- if (res < 0) {
- return Errorf("invalid capability '{}'", arg);
- }
- unsigned int cap = static_cast<unsigned int>(res); // |res| is >= 0.
- if (cap > last_valid_cap) {
- return Errorf("capability '{}' not supported by the kernel", arg);
- }
- (*capabilities_)[cap] = true;
- }
- return {};
-}
-
-Result<void> Service::ParseClass(std::vector<std::string>&& args) {
- classnames_ = std::set<std::string>(args.begin() + 1, args.end());
- return {};
-}
-
-Result<void> Service::ParseConsole(std::vector<std::string>&& args) {
- flags_ |= SVC_CONSOLE;
- proc_attr_.console = args.size() > 1 ? "/dev/" + args[1] : "";
- return {};
-}
-
-Result<void> Service::ParseCritical(std::vector<std::string>&& args) {
- flags_ |= SVC_CRITICAL;
- return {};
-}
-
-Result<void> Service::ParseDisabled(std::vector<std::string>&& args) {
- flags_ |= SVC_DISABLED;
- flags_ |= SVC_RC_DISABLED;
- return {};
-}
-
-Result<void> Service::ParseEnterNamespace(std::vector<std::string>&& args) {
- if (args[1] != "net") {
- return Error() << "Init only supports entering network namespaces";
- }
- if (!namespaces_.namespaces_to_enter.empty()) {
- return Error() << "Only one network namespace may be entered";
- }
- // Network namespaces require that /sys is remounted, otherwise the old adapters will still be
- // present. Therefore, they also require mount namespaces.
- namespaces_.flags |= CLONE_NEWNS;
- namespaces_.namespaces_to_enter.emplace_back(CLONE_NEWNET, std::move(args[2]));
- return {};
-}
-
-Result<void> Service::ParseGroup(std::vector<std::string>&& args) {
- auto gid = DecodeUid(args[1]);
- if (!gid) {
- return Error() << "Unable to decode GID for '" << args[1] << "': " << gid.error();
- }
- proc_attr_.gid = *gid;
-
- for (std::size_t n = 2; n < args.size(); n++) {
- gid = DecodeUid(args[n]);
- if (!gid) {
- return Error() << "Unable to decode GID for '" << args[n] << "': " << gid.error();
- }
- proc_attr_.supp_gids.emplace_back(*gid);
- }
- return {};
-}
-
-Result<void> Service::ParsePriority(std::vector<std::string>&& args) {
- proc_attr_.priority = 0;
- if (!ParseInt(args[1], &proc_attr_.priority,
- static_cast<int>(ANDROID_PRIORITY_HIGHEST), // highest is negative
- static_cast<int>(ANDROID_PRIORITY_LOWEST))) {
- return Errorf("process priority value must be range {} - {}", ANDROID_PRIORITY_HIGHEST,
- ANDROID_PRIORITY_LOWEST);
- }
- return {};
-}
-
-Result<void> Service::ParseInterface(std::vector<std::string>&& args) {
- const std::string& interface_name = args[1];
- const std::string& instance_name = args[2];
-
- FQName fq_name;
- if (!FQName::parse(interface_name, &fq_name)) {
- return Error() << "Invalid fully-qualified name for interface '" << interface_name << "'";
- }
-
- if (!fq_name.isFullyQualified()) {
- return Error() << "Interface name not fully-qualified '" << interface_name << "'";
- }
-
- if (fq_name.isValidValueName()) {
- return Error() << "Interface name must not be a value name '" << interface_name << "'";
- }
-
- const std::string fullname = interface_name + "/" + instance_name;
-
- for (const auto& svc : ServiceList::GetInstance()) {
- if (svc->interfaces().count(fullname) > 0) {
- return Error() << "Interface '" << fullname << "' redefined in " << name()
- << " but is already defined by " << svc->name();
- }
- }
-
- interfaces_.insert(fullname);
-
- return {};
-}
-
-Result<void> Service::ParseIoprio(std::vector<std::string>&& args) {
- if (!ParseInt(args[2], &proc_attr_.ioprio_pri, 0, 7)) {
- return Error() << "priority value must be range 0 - 7";
- }
-
- if (args[1] == "rt") {
- proc_attr_.ioprio_class = IoSchedClass_RT;
- } else if (args[1] == "be") {
- proc_attr_.ioprio_class = IoSchedClass_BE;
- } else if (args[1] == "idle") {
- proc_attr_.ioprio_class = IoSchedClass_IDLE;
- } else {
- return Error() << "ioprio option usage: ioprio <rt|be|idle> <0-7>";
- }
-
- return {};
-}
-
-Result<void> Service::ParseKeycodes(std::vector<std::string>&& args) {
- auto it = args.begin() + 1;
- if (args.size() == 2 && StartsWith(args[1], "$")) {
- std::string expanded;
- if (!expand_props(args[1], &expanded)) {
- return Error() << "Could not expand property '" << args[1] << "'";
- }
-
- // If the property is not set, it defaults to none, in which case there are no keycodes
- // for this service.
- if (expanded == "none") {
- return {};
- }
-
- args = Split(expanded, ",");
- it = args.begin();
- }
-
- for (; it != args.end(); ++it) {
- int code;
- if (ParseInt(*it, &code, 0, KEY_MAX)) {
- for (auto& key : keycodes_) {
- if (key == code) return Error() << "duplicate keycode: " << *it;
- }
- keycodes_.insert(std::upper_bound(keycodes_.begin(), keycodes_.end(), code), code);
- } else {
- return Error() << "invalid keycode: " << *it;
- }
- }
- return {};
-}
-
-Result<void> Service::ParseOneshot(std::vector<std::string>&& args) {
- flags_ |= SVC_ONESHOT;
- return {};
-}
-
-Result<void> Service::ParseOnrestart(std::vector<std::string>&& args) {
- args.erase(args.begin());
- int line = onrestart_.NumCommands() + 1;
- if (auto result = onrestart_.AddCommand(std::move(args), line); !result) {
- return Error() << "cannot add Onrestart command: " << result.error();
- }
- return {};
-}
-
-Result<void> Service::ParseNamespace(std::vector<std::string>&& args) {
- for (size_t i = 1; i < args.size(); i++) {
- if (args[i] == "pid") {
- namespaces_.flags |= CLONE_NEWPID;
- // PID namespaces require mount namespaces.
- namespaces_.flags |= CLONE_NEWNS;
- } else if (args[i] == "mnt") {
- namespaces_.flags |= CLONE_NEWNS;
- } else {
- return Error() << "namespace must be 'pid' or 'mnt'";
- }
- }
- return {};
-}
-
-Result<void> Service::ParseOomScoreAdjust(std::vector<std::string>&& args) {
- if (!ParseInt(args[1], &oom_score_adjust_, -1000, 1000)) {
- return Error() << "oom_score_adjust value must be in range -1000 - +1000";
- }
- return {};
-}
-
-Result<void> Service::ParseOverride(std::vector<std::string>&& args) {
- override_ = true;
- return {};
-}
-
-Result<void> Service::ParseMemcgSwappiness(std::vector<std::string>&& args) {
- if (!ParseInt(args[1], &swappiness_, 0)) {
- return Error() << "swappiness value must be equal or greater than 0";
- }
- return {};
-}
-
-Result<void> Service::ParseMemcgLimitInBytes(std::vector<std::string>&& args) {
- if (!ParseInt(args[1], &limit_in_bytes_, 0)) {
- return Error() << "limit_in_bytes value must be equal or greater than 0";
- }
- return {};
-}
-
-Result<void> Service::ParseMemcgLimitPercent(std::vector<std::string>&& args) {
- if (!ParseInt(args[1], &limit_percent_, 0)) {
- return Error() << "limit_percent value must be equal or greater than 0";
- }
- return {};
-}
-
-Result<void> Service::ParseMemcgLimitProperty(std::vector<std::string>&& args) {
- limit_property_ = std::move(args[1]);
- return {};
-}
-
-Result<void> Service::ParseMemcgSoftLimitInBytes(std::vector<std::string>&& args) {
- if (!ParseInt(args[1], &soft_limit_in_bytes_, 0)) {
- return Error() << "soft_limit_in_bytes value must be equal or greater than 0";
- }
- return {};
-}
-
-Result<void> Service::ParseProcessRlimit(std::vector<std::string>&& args) {
- auto rlimit = ParseRlimit(args);
- if (!rlimit) return rlimit.error();
-
- proc_attr_.rlimits.emplace_back(*rlimit);
- return {};
-}
-
-Result<void> Service::ParseRestartPeriod(std::vector<std::string>&& args) {
- int period;
- if (!ParseInt(args[1], &period, 5)) {
- return Error() << "restart_period value must be an integer >= 5";
- }
- restart_period_ = std::chrono::seconds(period);
- return {};
-}
-
-Result<void> Service::ParseSeclabel(std::vector<std::string>&& args) {
- seclabel_ = std::move(args[1]);
- return {};
-}
-
-Result<void> Service::ParseSigstop(std::vector<std::string>&& args) {
- sigstop_ = true;
- return {};
-}
-
-Result<void> Service::ParseSetenv(std::vector<std::string>&& args) {
- environment_vars_.emplace_back(std::move(args[1]), std::move(args[2]));
- return {};
-}
-
-Result<void> Service::ParseShutdown(std::vector<std::string>&& args) {
- if (args[1] == "critical") {
- flags_ |= SVC_SHUTDOWN_CRITICAL;
- return {};
- }
- return Error() << "Invalid shutdown option";
-}
-
-Result<void> Service::ParseTimeoutPeriod(std::vector<std::string>&& args) {
- int period;
- if (!ParseInt(args[1], &period, 1)) {
- return Error() << "timeout_period value must be an integer >= 1";
- }
- timeout_period_ = std::chrono::seconds(period);
- return {};
-}
-
-template <typename T>
-Result<void> Service::AddDescriptor(std::vector<std::string>&& args) {
- int perm = args.size() > 3 ? std::strtoul(args[3].c_str(), 0, 8) : -1;
- Result<uid_t> uid = 0;
- Result<gid_t> gid = 0;
- std::string context = args.size() > 6 ? args[6] : "";
-
- if (args.size() > 4) {
- uid = DecodeUid(args[4]);
- if (!uid) {
- return Error() << "Unable to find UID for '" << args[4] << "': " << uid.error();
- }
- }
-
- if (args.size() > 5) {
- gid = DecodeUid(args[5]);
- if (!gid) {
- return Error() << "Unable to find GID for '" << args[5] << "': " << gid.error();
- }
- }
-
- auto descriptor = std::make_unique<T>(args[1], args[2], *uid, *gid, perm, context);
-
- auto old =
- std::find_if(descriptors_.begin(), descriptors_.end(),
- [&descriptor] (const auto& other) { return descriptor.get() == other.get(); });
-
- if (old != descriptors_.end()) {
- return Error() << "duplicate descriptor " << args[1] << " " << args[2];
- }
-
- descriptors_.emplace_back(std::move(descriptor));
- return {};
-}
-
-// name type perm [ uid gid context ]
-Result<void> Service::ParseSocket(std::vector<std::string>&& args) {
- if (!StartsWith(args[2], "dgram") && !StartsWith(args[2], "stream") &&
- !StartsWith(args[2], "seqpacket")) {
- return Error() << "socket type must be 'dgram', 'stream' or 'seqpacket'";
- }
- return AddDescriptor<SocketInfo>(std::move(args));
-}
-
-// name type perm [ uid gid context ]
-Result<void> Service::ParseFile(std::vector<std::string>&& args) {
- if (args[2] != "r" && args[2] != "w" && args[2] != "rw") {
- return Error() << "file type must be 'r', 'w' or 'rw'";
- }
- std::string expanded;
- if (!expand_props(args[1], &expanded)) {
- return Error() << "Could not expand property in file path '" << args[1] << "'";
- }
- args[1] = std::move(expanded);
- if ((args[1][0] != '/') || (args[1].find("../") != std::string::npos)) {
- return Error() << "file name must not be relative";
- }
- return AddDescriptor<FileInfo>(std::move(args));
-}
-
-Result<void> Service::ParseUser(std::vector<std::string>&& args) {
- auto uid = DecodeUid(args[1]);
- if (!uid) {
- return Error() << "Unable to find UID for '" << args[1] << "': " << uid.error();
- }
- proc_attr_.uid = *uid;
- return {};
-}
-
-Result<void> Service::ParseWritepid(std::vector<std::string>&& args) {
- args.erase(args.begin());
- writepid_files_ = std::move(args);
- return {};
-}
-
-Result<void> Service::ParseUpdatable(std::vector<std::string>&& args) {
- updatable_ = true;
- return {};
-}
-
-class Service::OptionParserMap : public KeywordMap<OptionParser> {
- public:
- OptionParserMap() {}
-
- private:
- const Map& map() const override;
-};
-
-const Service::OptionParserMap::Map& Service::OptionParserMap::map() const {
- constexpr std::size_t kMax = std::numeric_limits<std::size_t>::max();
- // clang-format off
- static const Map option_parsers = {
- {"capabilities",
- {0, kMax, &Service::ParseCapabilities}},
- {"class", {1, kMax, &Service::ParseClass}},
- {"console", {0, 1, &Service::ParseConsole}},
- {"critical", {0, 0, &Service::ParseCritical}},
- {"disabled", {0, 0, &Service::ParseDisabled}},
- {"enter_namespace",
- {2, 2, &Service::ParseEnterNamespace}},
- {"file", {2, 2, &Service::ParseFile}},
- {"group", {1, NR_SVC_SUPP_GIDS + 1, &Service::ParseGroup}},
- {"interface", {2, 2, &Service::ParseInterface}},
- {"ioprio", {2, 2, &Service::ParseIoprio}},
- {"keycodes", {1, kMax, &Service::ParseKeycodes}},
- {"memcg.limit_in_bytes",
- {1, 1, &Service::ParseMemcgLimitInBytes}},
- {"memcg.limit_percent",
- {1, 1, &Service::ParseMemcgLimitPercent}},
- {"memcg.limit_property",
- {1, 1, &Service::ParseMemcgLimitProperty}},
- {"memcg.soft_limit_in_bytes",
- {1, 1, &Service::ParseMemcgSoftLimitInBytes}},
- {"memcg.swappiness",
- {1, 1, &Service::ParseMemcgSwappiness}},
- {"namespace", {1, 2, &Service::ParseNamespace}},
- {"oneshot", {0, 0, &Service::ParseOneshot}},
- {"onrestart", {1, kMax, &Service::ParseOnrestart}},
- {"oom_score_adjust",
- {1, 1, &Service::ParseOomScoreAdjust}},
- {"override", {0, 0, &Service::ParseOverride}},
- {"priority", {1, 1, &Service::ParsePriority}},
- {"restart_period",
- {1, 1, &Service::ParseRestartPeriod}},
- {"rlimit", {3, 3, &Service::ParseProcessRlimit}},
- {"seclabel", {1, 1, &Service::ParseSeclabel}},
- {"setenv", {2, 2, &Service::ParseSetenv}},
- {"shutdown", {1, 1, &Service::ParseShutdown}},
- {"sigstop", {0, 0, &Service::ParseSigstop}},
- {"socket", {3, 6, &Service::ParseSocket}},
- {"timeout_period",
- {1, 1, &Service::ParseTimeoutPeriod}},
- {"updatable", {0, 0, &Service::ParseUpdatable}},
- {"user", {1, 1, &Service::ParseUser}},
- {"writepid", {1, kMax, &Service::ParseWritepid}},
- };
- // clang-format on
- return option_parsers;
-}
-
-Result<void> Service::ParseLine(std::vector<std::string>&& args) {
- static const OptionParserMap parser_map;
- auto parser = parser_map.FindFunction(args);
-
- if (!parser) return parser.error();
-
- return std::invoke(*parser, this, std::move(args));
-}
Result<void> Service::ExecStart() {
if (is_updatable() && !ServiceList::GetInstance().IsServicesUpdated()) {
@@ -813,7 +358,7 @@
bool needs_console = (flags_ & SVC_CONSOLE);
if (needs_console) {
if (proc_attr_.console.empty()) {
- proc_attr_.console = default_console;
+ proc_attr_.console = "/dev/" + GetProperty("ro.boot.console", "console");
}
// Make sure that open call succeeds to ensure a console driver is
@@ -1072,17 +617,6 @@
}
}
-ServiceList::ServiceList() {}
-
-ServiceList& ServiceList::GetInstance() {
- static ServiceList instance;
- return instance;
-}
-
-void ServiceList::AddService(std::unique_ptr<Service> service) {
- services_.emplace_back(std::move(service));
-}
-
std::unique_ptr<Service> Service::MakeTemporaryOneshotService(const std::vector<std::string>& args) {
// Parse the arguments: exec [SECLABEL [UID [GID]*] --] COMMAND ARGS...
// SECLABEL can be a - to denote default
@@ -1147,139 +681,5 @@
nullptr, str_args);
}
-// Shutdown services in the opposite order that they were started.
-const std::vector<Service*> ServiceList::services_in_shutdown_order() const {
- std::vector<Service*> shutdown_services;
- for (const auto& service : services_) {
- if (service->start_order() > 0) shutdown_services.emplace_back(service.get());
- }
- std::sort(shutdown_services.begin(), shutdown_services.end(),
- [](const auto& a, const auto& b) { return a->start_order() > b->start_order(); });
- return shutdown_services;
-}
-
-void ServiceList::RemoveService(const Service& svc) {
- auto svc_it = std::find_if(services_.begin(), services_.end(),
- [&svc] (const std::unique_ptr<Service>& s) {
- return svc.name() == s->name();
- });
- if (svc_it == services_.end()) {
- return;
- }
-
- services_.erase(svc_it);
-}
-
-void ServiceList::DumpState() const {
- for (const auto& s : services_) {
- s->DumpState();
- }
-}
-
-void ServiceList::MarkPostData() {
- post_data_ = true;
-}
-
-bool ServiceList::IsPostData() {
- return post_data_;
-}
-
-void ServiceList::MarkServicesUpdate() {
- services_update_finished_ = true;
-
- // start the delayed services
- for (const auto& name : delayed_service_names_) {
- Service* service = FindService(name);
- if (service == nullptr) {
- LOG(ERROR) << "delayed service '" << name << "' could not be found.";
- continue;
- }
- if (auto result = service->Start(); !result) {
- LOG(ERROR) << result.error().message();
- }
- }
- delayed_service_names_.clear();
-}
-
-void ServiceList::DelayService(const Service& service) {
- if (services_update_finished_) {
- LOG(ERROR) << "Cannot delay the start of service '" << service.name()
- << "' because all services are already updated. Ignoring.";
- return;
- }
- delayed_service_names_.emplace_back(service.name());
-}
-
-Result<void> ServiceParser::ParseSection(std::vector<std::string>&& args,
- const std::string& filename, int line) {
- if (args.size() < 3) {
- return Error() << "services must have a name and a program";
- }
-
- const std::string& name = args[1];
- if (!IsValidName(name)) {
- return Error() << "invalid service name '" << name << "'";
- }
-
- filename_ = filename;
-
- Subcontext* restart_action_subcontext = nullptr;
- if (subcontexts_) {
- for (auto& subcontext : *subcontexts_) {
- if (StartsWith(filename, subcontext.path_prefix())) {
- restart_action_subcontext = &subcontext;
- break;
- }
- }
- }
-
- std::vector<std::string> str_args(args.begin() + 2, args.end());
-
- if (SelinuxGetVendorAndroidVersion() <= __ANDROID_API_P__) {
- if (str_args[0] == "/sbin/watchdogd") {
- str_args[0] = "/system/bin/watchdogd";
- }
- }
-
- service_ = std::make_unique<Service>(name, restart_action_subcontext, str_args);
- return {};
-}
-
-Result<void> ServiceParser::ParseLineSection(std::vector<std::string>&& args, int line) {
- return service_ ? service_->ParseLine(std::move(args)) : Result<void>{};
-}
-
-Result<void> ServiceParser::EndSection() {
- if (service_) {
- Service* old_service = service_list_->FindService(service_->name());
- if (old_service) {
- if (!service_->is_override()) {
- return Error() << "ignored duplicate definition of service '" << service_->name()
- << "'";
- }
-
- if (StartsWith(filename_, "/apex/") && !old_service->is_updatable()) {
- return Error() << "cannot update a non-updatable service '" << service_->name()
- << "' with a config in APEX";
- }
-
- service_list_->RemoveService(*old_service);
- old_service = nullptr;
- }
-
- service_list_->AddService(std::move(service_));
- }
-
- return {};
-}
-
-bool ServiceParser::IsValidName(const std::string& name) const {
- // Property names can be any length, but may only contain certain characters.
- // Property values can contain any characters, but may only be a certain length.
- // (The latter restriction is needed because `start` and `stop` work by writing
- // the service name to the "ctl.start" and "ctl.stop" properties.)
- return IsLegalPropertyName("init.svc." + name) && name.size() <= PROP_VALUE_MAX;
-}
-
} // namespace init
} // namespace android
diff --git a/init/service.h b/init/service.h
index b4356c8..78f94ce 100644
--- a/init/service.h
+++ b/init/service.h
@@ -14,11 +14,9 @@
* limitations under the License.
*/
-#ifndef _INIT_SERVICE_H
-#define _INIT_SERVICE_H
+#pragma once
#include <signal.h>
-#include <sys/resource.h>
#include <sys/types.h>
#include <chrono>
@@ -64,6 +62,8 @@
namespace init {
class Service {
+ friend class ServiceParser;
+
public:
Service(const std::string& name, Subcontext* subcontext_for_restart_commands,
const std::vector<std::string>& args);
@@ -76,7 +76,6 @@
static std::unique_ptr<Service> MakeTemporaryOneshotService(const std::vector<std::string>& args);
bool IsRunning() { return (flags_ & SVC_RUNNING) != 0; }
- Result<void> ParseLine(std::vector<std::string>&& args);
Result<void> ExecStart();
Result<void> Start();
Result<void> StartIfNotDisabled();
@@ -130,51 +129,11 @@
bool is_post_data() const { return post_data_; }
private:
- using OptionParser = Result<void> (Service::*)(std::vector<std::string>&& args);
- class OptionParserMap;
-
void NotifyStateChange(const std::string& new_state) const;
void StopOrReset(int how);
void KillProcessGroup(int signal);
void SetProcessAttributesAndCaps();
- Result<void> ParseCapabilities(std::vector<std::string>&& args);
- Result<void> ParseClass(std::vector<std::string>&& args);
- Result<void> ParseConsole(std::vector<std::string>&& args);
- Result<void> ParseCritical(std::vector<std::string>&& args);
- Result<void> ParseDisabled(std::vector<std::string>&& args);
- Result<void> ParseEnterNamespace(std::vector<std::string>&& args);
- Result<void> ParseGroup(std::vector<std::string>&& args);
- Result<void> ParsePriority(std::vector<std::string>&& args);
- Result<void> ParseInterface(std::vector<std::string>&& args);
- Result<void> ParseIoprio(std::vector<std::string>&& args);
- Result<void> ParseKeycodes(std::vector<std::string>&& args);
- Result<void> ParseOneshot(std::vector<std::string>&& args);
- Result<void> ParseOnrestart(std::vector<std::string>&& args);
- Result<void> ParseOomScoreAdjust(std::vector<std::string>&& args);
- Result<void> ParseOverride(std::vector<std::string>&& args);
- Result<void> ParseMemcgLimitInBytes(std::vector<std::string>&& args);
- Result<void> ParseMemcgLimitPercent(std::vector<std::string>&& args);
- Result<void> ParseMemcgLimitProperty(std::vector<std::string>&& args);
- Result<void> ParseMemcgSoftLimitInBytes(std::vector<std::string>&& args);
- Result<void> ParseMemcgSwappiness(std::vector<std::string>&& args);
- Result<void> ParseNamespace(std::vector<std::string>&& args);
- Result<void> ParseProcessRlimit(std::vector<std::string>&& args);
- Result<void> ParseRestartPeriod(std::vector<std::string>&& args);
- Result<void> ParseSeclabel(std::vector<std::string>&& args);
- Result<void> ParseSetenv(std::vector<std::string>&& args);
- Result<void> ParseShutdown(std::vector<std::string>&& args);
- Result<void> ParseSigstop(std::vector<std::string>&& args);
- Result<void> ParseSocket(std::vector<std::string>&& args);
- Result<void> ParseTimeoutPeriod(std::vector<std::string>&& args);
- Result<void> ParseFile(std::vector<std::string>&& args);
- Result<void> ParseUser(std::vector<std::string>&& args);
- Result<void> ParseWritepid(std::vector<std::string>&& args);
- Result<void> ParseUpdatable(std::vector<std::string>&& args);
-
- template <typename T>
- Result<void> AddDescriptor(std::vector<std::string>&& args);
-
static unsigned long next_start_order_;
static bool is_exec_service_running_;
@@ -238,79 +197,5 @@
bool running_at_post_data_reset_ = false;
};
-class ServiceList {
- public:
- static ServiceList& GetInstance();
-
- // Exposed for testing
- ServiceList();
-
- void AddService(std::unique_ptr<Service> service);
- void RemoveService(const Service& svc);
-
- template <typename T, typename F = decltype(&Service::name)>
- Service* FindService(T value, F function = &Service::name) const {
- auto svc = std::find_if(services_.begin(), services_.end(),
- [&function, &value](const std::unique_ptr<Service>& s) {
- return std::invoke(function, s) == value;
- });
- if (svc != services_.end()) {
- return svc->get();
- }
- return nullptr;
- }
-
- Service* FindInterface(const std::string& interface_name) {
- for (const auto& svc : services_) {
- if (svc->interfaces().count(interface_name) > 0) {
- return svc.get();
- }
- }
-
- return nullptr;
- }
-
- void DumpState() const;
-
- auto begin() const { return services_.begin(); }
- auto end() const { return services_.end(); }
- const std::vector<std::unique_ptr<Service>>& services() const { return services_; }
- const std::vector<Service*> services_in_shutdown_order() const;
-
- void MarkPostData();
- bool IsPostData();
- void MarkServicesUpdate();
- bool IsServicesUpdated() const { return services_update_finished_; }
- void DelayService(const Service& service);
-
- private:
- std::vector<std::unique_ptr<Service>> services_;
-
- bool post_data_ = false;
- bool services_update_finished_ = false;
- std::vector<std::string> delayed_service_names_;
-};
-
-class ServiceParser : public SectionParser {
- public:
- ServiceParser(ServiceList* service_list, std::vector<Subcontext>* subcontexts)
- : service_list_(service_list), subcontexts_(subcontexts), service_(nullptr) {}
- Result<void> ParseSection(std::vector<std::string>&& args, const std::string& filename,
- int line) override;
- Result<void> ParseLineSection(std::vector<std::string>&& args, int line) override;
- Result<void> EndSection() override;
- void EndFile() override { filename_ = ""; }
-
- private:
- bool IsValidName(const std::string& name) const;
-
- ServiceList* service_list_;
- std::vector<Subcontext>* subcontexts_;
- std::unique_ptr<Service> service_;
- std::string filename_;
-};
-
} // namespace init
} // namespace android
-
-#endif
diff --git a/init/service_list.cpp b/init/service_list.cpp
new file mode 100644
index 0000000..3a48183
--- /dev/null
+++ b/init/service_list.cpp
@@ -0,0 +1,98 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "service_list.h"
+
+#include <android-base/logging.h>
+
+namespace android {
+namespace init {
+
+ServiceList::ServiceList() {}
+
+ServiceList& ServiceList::GetInstance() {
+ static ServiceList instance;
+ return instance;
+}
+
+void ServiceList::AddService(std::unique_ptr<Service> service) {
+ services_.emplace_back(std::move(service));
+}
+
+// Shutdown services in the opposite order that they were started.
+const std::vector<Service*> ServiceList::services_in_shutdown_order() const {
+ std::vector<Service*> shutdown_services;
+ for (const auto& service : services_) {
+ if (service->start_order() > 0) shutdown_services.emplace_back(service.get());
+ }
+ std::sort(shutdown_services.begin(), shutdown_services.end(),
+ [](const auto& a, const auto& b) { return a->start_order() > b->start_order(); });
+ return shutdown_services;
+}
+
+void ServiceList::RemoveService(const Service& svc) {
+ auto svc_it = std::find_if(
+ services_.begin(), services_.end(),
+ [&svc](const std::unique_ptr<Service>& s) { return svc.name() == s->name(); });
+ if (svc_it == services_.end()) {
+ return;
+ }
+
+ services_.erase(svc_it);
+}
+
+void ServiceList::DumpState() const {
+ for (const auto& s : services_) {
+ s->DumpState();
+ }
+}
+
+void ServiceList::MarkPostData() {
+ post_data_ = true;
+}
+
+bool ServiceList::IsPostData() {
+ return post_data_;
+}
+
+void ServiceList::MarkServicesUpdate() {
+ services_update_finished_ = true;
+
+ // start the delayed services
+ for (const auto& name : delayed_service_names_) {
+ Service* service = FindService(name);
+ if (service == nullptr) {
+ LOG(ERROR) << "delayed service '" << name << "' could not be found.";
+ continue;
+ }
+ if (auto result = service->Start(); !result) {
+ LOG(ERROR) << result.error().message();
+ }
+ }
+ delayed_service_names_.clear();
+}
+
+void ServiceList::DelayService(const Service& service) {
+ if (services_update_finished_) {
+ LOG(ERROR) << "Cannot delay the start of service '" << service.name()
+ << "' because all services are already updated. Ignoring.";
+ return;
+ }
+ delayed_service_names_.emplace_back(service.name());
+}
+
+} // namespace init
+} // namespace android
diff --git a/init/service_list.h b/init/service_list.h
new file mode 100644
index 0000000..2136a21
--- /dev/null
+++ b/init/service_list.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <memory>
+#include <vector>
+
+#include "service.h"
+
+namespace android {
+namespace init {
+
+class ServiceList {
+ public:
+ static ServiceList& GetInstance();
+
+ // Exposed for testing
+ ServiceList();
+
+ void AddService(std::unique_ptr<Service> service);
+ void RemoveService(const Service& svc);
+
+ template <typename T, typename F = decltype(&Service::name)>
+ Service* FindService(T value, F function = &Service::name) const {
+ auto svc = std::find_if(services_.begin(), services_.end(),
+ [&function, &value](const std::unique_ptr<Service>& s) {
+ return std::invoke(function, s) == value;
+ });
+ if (svc != services_.end()) {
+ return svc->get();
+ }
+ return nullptr;
+ }
+
+ Service* FindInterface(const std::string& interface_name) {
+ for (const auto& svc : services_) {
+ if (svc->interfaces().count(interface_name) > 0) {
+ return svc.get();
+ }
+ }
+
+ return nullptr;
+ }
+
+ void DumpState() const;
+
+ auto begin() const { return services_.begin(); }
+ auto end() const { return services_.end(); }
+ const std::vector<std::unique_ptr<Service>>& services() const { return services_; }
+ const std::vector<Service*> services_in_shutdown_order() const;
+
+ void MarkPostData();
+ bool IsPostData();
+ void MarkServicesUpdate();
+ bool IsServicesUpdated() const { return services_update_finished_; }
+ void DelayService(const Service& service);
+
+ private:
+ std::vector<std::unique_ptr<Service>> services_;
+
+ bool post_data_ = false;
+ bool services_update_finished_ = false;
+ std::vector<std::string> delayed_service_names_;
+};
+
+} // namespace init
+} // namespace android
diff --git a/init/service_parser.cpp b/init/service_parser.cpp
new file mode 100644
index 0000000..33ed050
--- /dev/null
+++ b/init/service_parser.cpp
@@ -0,0 +1,567 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "service_parser.h"
+
+#include <linux/input.h>
+
+#include <android-base/logging.h>
+#include <android-base/parseint.h>
+#include <android-base/strings.h>
+#include <hidl-util/FQName.h>
+#include <system/thread_defs.h>
+
+#include "rlimit_parser.h"
+#include "util.h"
+
+#if defined(__ANDROID__)
+#include <android/api-level.h>
+#include <sys/system_properties.h>
+
+#include "selinux.h"
+#else
+#include "host_init_stubs.h"
+#endif
+
+using android::base::ParseInt;
+using android::base::Split;
+using android::base::StartsWith;
+
+namespace android {
+namespace init {
+
+Result<void> ServiceParser::ParseCapabilities(std::vector<std::string>&& args) {
+ service_->capabilities_ = 0;
+
+ if (!CapAmbientSupported()) {
+ return Error()
+ << "capabilities requested but the kernel does not support ambient capabilities";
+ }
+
+ unsigned int last_valid_cap = GetLastValidCap();
+ if (last_valid_cap >= service_->capabilities_->size()) {
+ LOG(WARNING) << "last valid run-time capability is larger than CAP_LAST_CAP";
+ }
+
+ for (size_t i = 1; i < args.size(); i++) {
+ const std::string& arg = args[i];
+ int res = LookupCap(arg);
+ if (res < 0) {
+ return Errorf("invalid capability '{}'", arg);
+ }
+ unsigned int cap = static_cast<unsigned int>(res); // |res| is >= 0.
+ if (cap > last_valid_cap) {
+ return Errorf("capability '{}' not supported by the kernel", arg);
+ }
+ (*service_->capabilities_)[cap] = true;
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseClass(std::vector<std::string>&& args) {
+ service_->classnames_ = std::set<std::string>(args.begin() + 1, args.end());
+ return {};
+}
+
+Result<void> ServiceParser::ParseConsole(std::vector<std::string>&& args) {
+ service_->flags_ |= SVC_CONSOLE;
+ service_->proc_attr_.console = args.size() > 1 ? "/dev/" + args[1] : "";
+ return {};
+}
+
+Result<void> ServiceParser::ParseCritical(std::vector<std::string>&& args) {
+ service_->flags_ |= SVC_CRITICAL;
+ return {};
+}
+
+Result<void> ServiceParser::ParseDisabled(std::vector<std::string>&& args) {
+ service_->flags_ |= SVC_DISABLED;
+ service_->flags_ |= SVC_RC_DISABLED;
+ return {};
+}
+
+Result<void> ServiceParser::ParseEnterNamespace(std::vector<std::string>&& args) {
+ if (args[1] != "net") {
+ return Error() << "Init only supports entering network namespaces";
+ }
+ if (!service_->namespaces_.namespaces_to_enter.empty()) {
+ return Error() << "Only one network namespace may be entered";
+ }
+ // Network namespaces require that /sys is remounted, otherwise the old adapters will still be
+ // present. Therefore, they also require mount namespaces.
+ service_->namespaces_.flags |= CLONE_NEWNS;
+ service_->namespaces_.namespaces_to_enter.emplace_back(CLONE_NEWNET, std::move(args[2]));
+ return {};
+}
+
+Result<void> ServiceParser::ParseGroup(std::vector<std::string>&& args) {
+ auto gid = DecodeUid(args[1]);
+ if (!gid) {
+ return Error() << "Unable to decode GID for '" << args[1] << "': " << gid.error();
+ }
+ service_->proc_attr_.gid = *gid;
+
+ for (std::size_t n = 2; n < args.size(); n++) {
+ gid = DecodeUid(args[n]);
+ if (!gid) {
+ return Error() << "Unable to decode GID for '" << args[n] << "': " << gid.error();
+ }
+ service_->proc_attr_.supp_gids.emplace_back(*gid);
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParsePriority(std::vector<std::string>&& args) {
+ service_->proc_attr_.priority = 0;
+ if (!ParseInt(args[1], &service_->proc_attr_.priority,
+ static_cast<int>(ANDROID_PRIORITY_HIGHEST), // highest is negative
+ static_cast<int>(ANDROID_PRIORITY_LOWEST))) {
+ return Errorf("process priority value must be range {} - {}", ANDROID_PRIORITY_HIGHEST,
+ ANDROID_PRIORITY_LOWEST);
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseInterface(std::vector<std::string>&& args) {
+ const std::string& interface_name = args[1];
+ const std::string& instance_name = args[2];
+
+ FQName fq_name;
+ if (!FQName::parse(interface_name, &fq_name)) {
+ return Error() << "Invalid fully-qualified name for interface '" << interface_name << "'";
+ }
+
+ if (!fq_name.isFullyQualified()) {
+ return Error() << "Interface name not fully-qualified '" << interface_name << "'";
+ }
+
+ if (fq_name.isValidValueName()) {
+ return Error() << "Interface name must not be a value name '" << interface_name << "'";
+ }
+
+ const std::string fullname = interface_name + "/" + instance_name;
+
+ for (const auto& svc : *service_list_) {
+ if (svc->interfaces().count(fullname) > 0) {
+ return Error() << "Interface '" << fullname << "' redefined in " << service_->name()
+ << " but is already defined by " << svc->name();
+ }
+ }
+
+ service_->interfaces_.insert(fullname);
+
+ return {};
+}
+
+Result<void> ServiceParser::ParseIoprio(std::vector<std::string>&& args) {
+ if (!ParseInt(args[2], &service_->proc_attr_.ioprio_pri, 0, 7)) {
+ return Error() << "priority value must be range 0 - 7";
+ }
+
+ if (args[1] == "rt") {
+ service_->proc_attr_.ioprio_class = IoSchedClass_RT;
+ } else if (args[1] == "be") {
+ service_->proc_attr_.ioprio_class = IoSchedClass_BE;
+ } else if (args[1] == "idle") {
+ service_->proc_attr_.ioprio_class = IoSchedClass_IDLE;
+ } else {
+ return Error() << "ioprio option usage: ioprio <rt|be|idle> <0-7>";
+ }
+
+ return {};
+}
+
+Result<void> ServiceParser::ParseKeycodes(std::vector<std::string>&& args) {
+ auto it = args.begin() + 1;
+ if (args.size() == 2 && StartsWith(args[1], "$")) {
+ std::string expanded;
+ if (!expand_props(args[1], &expanded)) {
+ return Error() << "Could not expand property '" << args[1] << "'";
+ }
+
+ // If the property is not set, it defaults to none, in which case there are no keycodes
+ // for this service.
+ if (expanded == "none") {
+ return {};
+ }
+
+ args = Split(expanded, ",");
+ it = args.begin();
+ }
+
+ for (; it != args.end(); ++it) {
+ int code;
+ if (ParseInt(*it, &code, 0, KEY_MAX)) {
+ for (auto& key : service_->keycodes_) {
+ if (key == code) return Error() << "duplicate keycode: " << *it;
+ }
+ service_->keycodes_.insert(
+ std::upper_bound(service_->keycodes_.begin(), service_->keycodes_.end(), code),
+ code);
+ } else {
+ return Error() << "invalid keycode: " << *it;
+ }
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseOneshot(std::vector<std::string>&& args) {
+ service_->flags_ |= SVC_ONESHOT;
+ return {};
+}
+
+Result<void> ServiceParser::ParseOnrestart(std::vector<std::string>&& args) {
+ args.erase(args.begin());
+ int line = service_->onrestart_.NumCommands() + 1;
+ if (auto result = service_->onrestart_.AddCommand(std::move(args), line); !result) {
+ return Error() << "cannot add Onrestart command: " << result.error();
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseNamespace(std::vector<std::string>&& args) {
+ for (size_t i = 1; i < args.size(); i++) {
+ if (args[i] == "pid") {
+ service_->namespaces_.flags |= CLONE_NEWPID;
+ // PID namespaces require mount namespaces.
+ service_->namespaces_.flags |= CLONE_NEWNS;
+ } else if (args[i] == "mnt") {
+ service_->namespaces_.flags |= CLONE_NEWNS;
+ } else {
+ return Error() << "namespace must be 'pid' or 'mnt'";
+ }
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseOomScoreAdjust(std::vector<std::string>&& args) {
+ if (!ParseInt(args[1], &service_->oom_score_adjust_, -1000, 1000)) {
+ return Error() << "oom_score_adjust value must be in range -1000 - +1000";
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseOverride(std::vector<std::string>&& args) {
+ service_->override_ = true;
+ return {};
+}
+
+Result<void> ServiceParser::ParseMemcgSwappiness(std::vector<std::string>&& args) {
+ if (!ParseInt(args[1], &service_->swappiness_, 0)) {
+ return Error() << "swappiness value must be equal or greater than 0";
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseMemcgLimitInBytes(std::vector<std::string>&& args) {
+ if (!ParseInt(args[1], &service_->limit_in_bytes_, 0)) {
+ return Error() << "limit_in_bytes value must be equal or greater than 0";
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseMemcgLimitPercent(std::vector<std::string>&& args) {
+ if (!ParseInt(args[1], &service_->limit_percent_, 0)) {
+ return Error() << "limit_percent value must be equal or greater than 0";
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseMemcgLimitProperty(std::vector<std::string>&& args) {
+ service_->limit_property_ = std::move(args[1]);
+ return {};
+}
+
+Result<void> ServiceParser::ParseMemcgSoftLimitInBytes(std::vector<std::string>&& args) {
+ if (!ParseInt(args[1], &service_->soft_limit_in_bytes_, 0)) {
+ return Error() << "soft_limit_in_bytes value must be equal or greater than 0";
+ }
+ return {};
+}
+
+Result<void> ServiceParser::ParseProcessRlimit(std::vector<std::string>&& args) {
+ auto rlimit = ParseRlimit(args);
+ if (!rlimit) return rlimit.error();
+
+ service_->proc_attr_.rlimits.emplace_back(*rlimit);
+ return {};
+}
+
+Result<void> ServiceParser::ParseRestartPeriod(std::vector<std::string>&& args) {
+ int period;
+ if (!ParseInt(args[1], &period, 5)) {
+ return Error() << "restart_period value must be an integer >= 5";
+ }
+ service_->restart_period_ = std::chrono::seconds(period);
+ return {};
+}
+
+Result<void> ServiceParser::ParseSeclabel(std::vector<std::string>&& args) {
+ service_->seclabel_ = std::move(args[1]);
+ return {};
+}
+
+Result<void> ServiceParser::ParseSigstop(std::vector<std::string>&& args) {
+ service_->sigstop_ = true;
+ return {};
+}
+
+Result<void> ServiceParser::ParseSetenv(std::vector<std::string>&& args) {
+ service_->environment_vars_.emplace_back(std::move(args[1]), std::move(args[2]));
+ return {};
+}
+
+Result<void> ServiceParser::ParseShutdown(std::vector<std::string>&& args) {
+ if (args[1] == "critical") {
+ service_->flags_ |= SVC_SHUTDOWN_CRITICAL;
+ return {};
+ }
+ return Error() << "Invalid shutdown option";
+}
+
+Result<void> ServiceParser::ParseTimeoutPeriod(std::vector<std::string>&& args) {
+ int period;
+ if (!ParseInt(args[1], &period, 1)) {
+ return Error() << "timeout_period value must be an integer >= 1";
+ }
+ service_->timeout_period_ = std::chrono::seconds(period);
+ return {};
+}
+
+template <typename T>
+Result<void> ServiceParser::AddDescriptor(std::vector<std::string>&& args) {
+ int perm = args.size() > 3 ? std::strtoul(args[3].c_str(), 0, 8) : -1;
+ Result<uid_t> uid = 0;
+ Result<gid_t> gid = 0;
+ std::string context = args.size() > 6 ? args[6] : "";
+
+ if (args.size() > 4) {
+ uid = DecodeUid(args[4]);
+ if (!uid) {
+ return Error() << "Unable to find UID for '" << args[4] << "': " << uid.error();
+ }
+ }
+
+ if (args.size() > 5) {
+ gid = DecodeUid(args[5]);
+ if (!gid) {
+ return Error() << "Unable to find GID for '" << args[5] << "': " << gid.error();
+ }
+ }
+
+ auto descriptor = std::make_unique<T>(args[1], args[2], *uid, *gid, perm, context);
+
+ auto old = std::find_if(
+ service_->descriptors_.begin(), service_->descriptors_.end(),
+ [&descriptor](const auto& other) { return descriptor.get() == other.get(); });
+
+ if (old != service_->descriptors_.end()) {
+ return Error() << "duplicate descriptor " << args[1] << " " << args[2];
+ }
+
+ service_->descriptors_.emplace_back(std::move(descriptor));
+ return {};
+}
+
+// name type perm [ uid gid context ]
+Result<void> ServiceParser::ParseSocket(std::vector<std::string>&& args) {
+ if (!StartsWith(args[2], "dgram") && !StartsWith(args[2], "stream") &&
+ !StartsWith(args[2], "seqpacket")) {
+ return Error() << "socket type must be 'dgram', 'stream' or 'seqpacket'";
+ }
+ return AddDescriptor<SocketInfo>(std::move(args));
+}
+
+// name type perm [ uid gid context ]
+Result<void> ServiceParser::ParseFile(std::vector<std::string>&& args) {
+ if (args[2] != "r" && args[2] != "w" && args[2] != "rw") {
+ return Error() << "file type must be 'r', 'w' or 'rw'";
+ }
+ std::string expanded;
+ if (!expand_props(args[1], &expanded)) {
+ return Error() << "Could not expand property in file path '" << args[1] << "'";
+ }
+ args[1] = std::move(expanded);
+ if ((args[1][0] != '/') || (args[1].find("../") != std::string::npos)) {
+ return Error() << "file name must not be relative";
+ }
+ return AddDescriptor<FileInfo>(std::move(args));
+}
+
+Result<void> ServiceParser::ParseUser(std::vector<std::string>&& args) {
+ auto uid = DecodeUid(args[1]);
+ if (!uid) {
+ return Error() << "Unable to find UID for '" << args[1] << "': " << uid.error();
+ }
+ service_->proc_attr_.uid = *uid;
+ return {};
+}
+
+Result<void> ServiceParser::ParseWritepid(std::vector<std::string>&& args) {
+ args.erase(args.begin());
+ service_->writepid_files_ = std::move(args);
+ return {};
+}
+
+Result<void> ServiceParser::ParseUpdatable(std::vector<std::string>&& args) {
+ service_->updatable_ = true;
+ return {};
+}
+
+class ServiceParser::OptionParserMap : public KeywordMap<OptionParser> {
+ public:
+ OptionParserMap() {}
+
+ private:
+ const Map& map() const override;
+};
+
+const ServiceParser::OptionParserMap::Map& ServiceParser::OptionParserMap::map() const {
+ constexpr std::size_t kMax = std::numeric_limits<std::size_t>::max();
+ // clang-format off
+ static const Map option_parsers = {
+ {"capabilities",
+ {0, kMax, &ServiceParser::ParseCapabilities}},
+ {"class", {1, kMax, &ServiceParser::ParseClass}},
+ {"console", {0, 1, &ServiceParser::ParseConsole}},
+ {"critical", {0, 0, &ServiceParser::ParseCritical}},
+ {"disabled", {0, 0, &ServiceParser::ParseDisabled}},
+ {"enter_namespace",
+ {2, 2, &ServiceParser::ParseEnterNamespace}},
+ {"file", {2, 2, &ServiceParser::ParseFile}},
+ {"group", {1, NR_SVC_SUPP_GIDS + 1, &ServiceParser::ParseGroup}},
+ {"interface", {2, 2, &ServiceParser::ParseInterface}},
+ {"ioprio", {2, 2, &ServiceParser::ParseIoprio}},
+ {"keycodes", {1, kMax, &ServiceParser::ParseKeycodes}},
+ {"memcg.limit_in_bytes",
+ {1, 1, &ServiceParser::ParseMemcgLimitInBytes}},
+ {"memcg.limit_percent",
+ {1, 1, &ServiceParser::ParseMemcgLimitPercent}},
+ {"memcg.limit_property",
+ {1, 1, &ServiceParser::ParseMemcgLimitProperty}},
+ {"memcg.soft_limit_in_bytes",
+ {1, 1, &ServiceParser::ParseMemcgSoftLimitInBytes}},
+ {"memcg.swappiness",
+ {1, 1, &ServiceParser::ParseMemcgSwappiness}},
+ {"namespace", {1, 2, &ServiceParser::ParseNamespace}},
+ {"oneshot", {0, 0, &ServiceParser::ParseOneshot}},
+ {"onrestart", {1, kMax, &ServiceParser::ParseOnrestart}},
+ {"oom_score_adjust",
+ {1, 1, &ServiceParser::ParseOomScoreAdjust}},
+ {"override", {0, 0, &ServiceParser::ParseOverride}},
+ {"priority", {1, 1, &ServiceParser::ParsePriority}},
+ {"restart_period",
+ {1, 1, &ServiceParser::ParseRestartPeriod}},
+ {"rlimit", {3, 3, &ServiceParser::ParseProcessRlimit}},
+ {"seclabel", {1, 1, &ServiceParser::ParseSeclabel}},
+ {"setenv", {2, 2, &ServiceParser::ParseSetenv}},
+ {"shutdown", {1, 1, &ServiceParser::ParseShutdown}},
+ {"sigstop", {0, 0, &ServiceParser::ParseSigstop}},
+ {"socket", {3, 6, &ServiceParser::ParseSocket}},
+ {"timeout_period",
+ {1, 1, &ServiceParser::ParseTimeoutPeriod}},
+ {"updatable", {0, 0, &ServiceParser::ParseUpdatable}},
+ {"user", {1, 1, &ServiceParser::ParseUser}},
+ {"writepid", {1, kMax, &ServiceParser::ParseWritepid}},
+ };
+ // clang-format on
+ return option_parsers;
+}
+
+Result<void> ServiceParser::ParseSection(std::vector<std::string>&& args,
+ const std::string& filename, int line) {
+ if (args.size() < 3) {
+ return Error() << "services must have a name and a program";
+ }
+
+ const std::string& name = args[1];
+ if (!IsValidName(name)) {
+ return Error() << "invalid service name '" << name << "'";
+ }
+
+ filename_ = filename;
+
+ Subcontext* restart_action_subcontext = nullptr;
+ if (subcontexts_) {
+ for (auto& subcontext : *subcontexts_) {
+ if (StartsWith(filename, subcontext.path_prefix())) {
+ restart_action_subcontext = &subcontext;
+ break;
+ }
+ }
+ }
+
+ std::vector<std::string> str_args(args.begin() + 2, args.end());
+
+ if (SelinuxGetVendorAndroidVersion() <= __ANDROID_API_P__) {
+ if (str_args[0] == "/sbin/watchdogd") {
+ str_args[0] = "/system/bin/watchdogd";
+ }
+ }
+
+ service_ = std::make_unique<Service>(name, restart_action_subcontext, str_args);
+ return {};
+}
+
+Result<void> ServiceParser::ParseLineSection(std::vector<std::string>&& args, int line) {
+ if (!service_) {
+ return {};
+ }
+
+ static const OptionParserMap parser_map;
+ auto parser = parser_map.FindFunction(args);
+
+ if (!parser) return parser.error();
+
+ return std::invoke(*parser, this, std::move(args));
+}
+
+Result<void> ServiceParser::EndSection() {
+ if (!service_) {
+ return {};
+ }
+
+ Service* old_service = service_list_->FindService(service_->name());
+ if (old_service) {
+ if (!service_->is_override()) {
+ return Error() << "ignored duplicate definition of service '" << service_->name()
+ << "'";
+ }
+
+ if (StartsWith(filename_, "/apex/") && !old_service->is_updatable()) {
+ return Error() << "cannot update a non-updatable service '" << service_->name()
+ << "' with a config in APEX";
+ }
+
+ service_list_->RemoveService(*old_service);
+ old_service = nullptr;
+ }
+
+ service_list_->AddService(std::move(service_));
+
+ return {};
+}
+
+bool ServiceParser::IsValidName(const std::string& name) const {
+ // Property names can be any length, but may only contain certain characters.
+ // Property values can contain any characters, but may only be a certain length.
+ // (The latter restriction is needed because `start` and `stop` work by writing
+ // the service name to the "ctl.start" and "ctl.stop" properties.)
+ return IsLegalPropertyName("init.svc." + name) && name.size() <= PROP_VALUE_MAX;
+}
+
+} // namespace init
+} // namespace android
diff --git a/init/service_parser.h b/init/service_parser.h
new file mode 100644
index 0000000..0a5b291
--- /dev/null
+++ b/init/service_parser.h
@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <vector>
+
+#include "parser.h"
+#include "service.h"
+#include "service_list.h"
+#include "subcontext.h"
+
+namespace android {
+namespace init {
+
+class ServiceParser : public SectionParser {
+ public:
+ ServiceParser(ServiceList* service_list, std::vector<Subcontext>* subcontexts)
+ : service_list_(service_list), subcontexts_(subcontexts), service_(nullptr) {}
+ Result<void> ParseSection(std::vector<std::string>&& args, const std::string& filename,
+ int line) override;
+ Result<void> ParseLineSection(std::vector<std::string>&& args, int line) override;
+ Result<void> EndSection() override;
+ void EndFile() override { filename_ = ""; }
+
+ private:
+ using OptionParser = Result<void> (ServiceParser::*)(std::vector<std::string>&& args);
+ class OptionParserMap;
+
+ Result<void> ParseCapabilities(std::vector<std::string>&& args);
+ Result<void> ParseClass(std::vector<std::string>&& args);
+ Result<void> ParseConsole(std::vector<std::string>&& args);
+ Result<void> ParseCritical(std::vector<std::string>&& args);
+ Result<void> ParseDisabled(std::vector<std::string>&& args);
+ Result<void> ParseEnterNamespace(std::vector<std::string>&& args);
+ Result<void> ParseGroup(std::vector<std::string>&& args);
+ Result<void> ParsePriority(std::vector<std::string>&& args);
+ Result<void> ParseInterface(std::vector<std::string>&& args);
+ Result<void> ParseIoprio(std::vector<std::string>&& args);
+ Result<void> ParseKeycodes(std::vector<std::string>&& args);
+ Result<void> ParseOneshot(std::vector<std::string>&& args);
+ Result<void> ParseOnrestart(std::vector<std::string>&& args);
+ Result<void> ParseOomScoreAdjust(std::vector<std::string>&& args);
+ Result<void> ParseOverride(std::vector<std::string>&& args);
+ Result<void> ParseMemcgLimitInBytes(std::vector<std::string>&& args);
+ Result<void> ParseMemcgLimitPercent(std::vector<std::string>&& args);
+ Result<void> ParseMemcgLimitProperty(std::vector<std::string>&& args);
+ Result<void> ParseMemcgSoftLimitInBytes(std::vector<std::string>&& args);
+ Result<void> ParseMemcgSwappiness(std::vector<std::string>&& args);
+ Result<void> ParseNamespace(std::vector<std::string>&& args);
+ Result<void> ParseProcessRlimit(std::vector<std::string>&& args);
+ Result<void> ParseRestartPeriod(std::vector<std::string>&& args);
+ Result<void> ParseSeclabel(std::vector<std::string>&& args);
+ Result<void> ParseSetenv(std::vector<std::string>&& args);
+ Result<void> ParseShutdown(std::vector<std::string>&& args);
+ Result<void> ParseSigstop(std::vector<std::string>&& args);
+ Result<void> ParseSocket(std::vector<std::string>&& args);
+ Result<void> ParseTimeoutPeriod(std::vector<std::string>&& args);
+ Result<void> ParseFile(std::vector<std::string>&& args);
+ Result<void> ParseUser(std::vector<std::string>&& args);
+ Result<void> ParseWritepid(std::vector<std::string>&& args);
+ Result<void> ParseUpdatable(std::vector<std::string>&& args);
+
+ template <typename T>
+ Result<void> AddDescriptor(std::vector<std::string>&& args);
+
+ bool IsValidName(const std::string& name) const;
+
+ ServiceList* service_list_;
+ std::vector<Subcontext>* subcontexts_;
+ std::unique_ptr<Service> service_;
+ std::string filename_;
+};
+
+} // namespace init
+} // namespace android
diff --git a/init/sigchld_handler.cpp b/init/sigchld_handler.cpp
index 987b2f9..c9a09cd 100644
--- a/init/sigchld_handler.cpp
+++ b/init/sigchld_handler.cpp
@@ -30,6 +30,7 @@
#include "init.h"
#include "service.h"
+#include "service_list.h"
using android::base::StringPrintf;
using android::base::boot_clock;
diff --git a/init/util.cpp b/init/util.cpp
index 14acaa2..2b34242 100644
--- a/init/util.cpp
+++ b/init/util.cpp
@@ -46,10 +46,6 @@
#include "host_init_stubs.h"
#endif
-#ifdef _INIT_INIT_H
-#error "Do not include init.h in files used by ueventd; it will expose init's globals"
-#endif
-
using android::base::boot_clock;
using namespace std::literals::string_literals;
diff --git a/trusty/gatekeeper/Android.bp b/trusty/gatekeeper/Android.bp
index 65b271a..1666cfb 100644
--- a/trusty/gatekeeper/Android.bp
+++ b/trusty/gatekeeper/Android.bp
@@ -1,4 +1,3 @@
-//
// Copyright (C) 2015 The Android Open-Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,14 +19,15 @@
// to only building on ARM if they include assembly. Individual makefiles
// are responsible for having their own logic, for fine-grained control.
-cc_library_shared {
- name: "gatekeeper.trusty",
+cc_binary {
+ name: "android.hardware.gatekeeper@1.0-service.trusty",
+ defaults: ["hidl_defaults"],
vendor: true,
-
relative_install_path: "hw",
+ init_rc: ["android.hardware.gatekeeper@1.0-service.trusty.rc"],
srcs: [
- "module.cpp",
+ "service.cpp",
"trusty_gatekeeper_ipc.c",
"trusty_gatekeeper.cpp",
],
@@ -39,10 +39,16 @@
],
shared_libs: [
+ "android.hardware.gatekeeper@1.0",
+ "libbase",
+ "libhidlbase",
+ "libhidltransport",
"libgatekeeper",
+ "libutils",
"liblog",
"libcutils",
"libtrusty",
],
- header_libs: ["libhardware_headers"],
+
+ vintf_fragments: ["android.hardware.gatekeeper@1.0-service.trusty.xml"],
}
diff --git a/trusty/gatekeeper/android.hardware.gatekeeper@1.0-service.trusty.rc b/trusty/gatekeeper/android.hardware.gatekeeper@1.0-service.trusty.rc
new file mode 100644
index 0000000..5413a6c
--- /dev/null
+++ b/trusty/gatekeeper/android.hardware.gatekeeper@1.0-service.trusty.rc
@@ -0,0 +1,4 @@
+service vendor.gatekeeper-1-0 /vendor/bin/hw/android.hardware.gatekeeper@1.0-service.trusty
+ class hal
+ user system
+ group system
diff --git a/trusty/gatekeeper/android.hardware.gatekeeper@1.0-service.trusty.xml b/trusty/gatekeeper/android.hardware.gatekeeper@1.0-service.trusty.xml
new file mode 100644
index 0000000..19714a8
--- /dev/null
+++ b/trusty/gatekeeper/android.hardware.gatekeeper@1.0-service.trusty.xml
@@ -0,0 +1,11 @@
+<manifest version="1.0" type="device">
+ <hal format="hidl">
+ <name>android.hardware.gatekeeper</name>
+ <transport>hwbinder</transport>
+ <version>1.0</version>
+ <interface>
+ <name>IGatekeeper</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
+</manifest>
diff --git a/trusty/gatekeeper/module.cpp b/trusty/gatekeeper/module.cpp
deleted file mode 100644
index 0ee3c2f..0000000
--- a/trusty/gatekeeper/module.cpp
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright (C) 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <hardware/hardware.h>
-
-#include <string.h>
-#include <errno.h>
-#include <stdlib.h>
-
-#include "trusty_gatekeeper.h"
-
-using gatekeeper::TrustyGateKeeperDevice;
-
-static int trusty_gatekeeper_open(const hw_module_t *module, const char *name,
- hw_device_t **device) {
-
- if (strcmp(name, HARDWARE_GATEKEEPER) != 0) {
- return -EINVAL;
- }
-
- TrustyGateKeeperDevice *gatekeeper = new TrustyGateKeeperDevice(module);
- if (gatekeeper == NULL) return -ENOMEM;
- *device = gatekeeper->hw_device();
-
- return 0;
-}
-
-static struct hw_module_methods_t gatekeeper_module_methods = {
- .open = trusty_gatekeeper_open,
-};
-
-struct gatekeeper_module HAL_MODULE_INFO_SYM __attribute__((visibility("default"))) = {
- .common = {
- .tag = HARDWARE_MODULE_TAG,
- .module_api_version = GATEKEEPER_MODULE_API_VERSION_0_1,
- .hal_api_version = HARDWARE_HAL_API_VERSION,
- .id = GATEKEEPER_HARDWARE_MODULE_ID,
- .name = "Trusty GateKeeper HAL",
- .author = "The Android Open Source Project",
- .methods = &gatekeeper_module_methods,
- .dso = 0,
- .reserved = {}
- },
-};
diff --git a/trusty/gatekeeper/service.cpp b/trusty/gatekeeper/service.cpp
new file mode 100644
index 0000000..c5ee488
--- /dev/null
+++ b/trusty/gatekeeper/service.cpp
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#define LOG_TAG "android.hardware.gatekeeper@1.0-service.trusty"
+
+#include <android-base/logging.h>
+#include <android/hardware/gatekeeper/1.0/IGatekeeper.h>
+
+#include <hidl/LegacySupport.h>
+
+#include "trusty_gatekeeper.h"
+
+// Generated HIDL files
+using android::hardware::gatekeeper::V1_0::IGatekeeper;
+using gatekeeper::TrustyGateKeeperDevice;
+
+int main() {
+ ::android::hardware::configureRpcThreadpool(1, true /* willJoinThreadpool */);
+ android::sp<TrustyGateKeeperDevice> gatekeeper(new TrustyGateKeeperDevice());
+ auto status = gatekeeper->registerAsService();
+ if (status != android::OK) {
+ LOG(FATAL) << "Could not register service for Gatekeeper 1.0 (trusty) (" << status << ")";
+ }
+
+ android::hardware::joinRpcThreadpool();
+ return -1; // Should never get here.
+}
diff --git a/trusty/gatekeeper/trusty_gatekeeper.cpp b/trusty/gatekeeper/trusty_gatekeeper.cpp
index b3fbfa9..d149664 100644
--- a/trusty/gatekeeper/trusty_gatekeeper.cpp
+++ b/trusty/gatekeeper/trusty_gatekeeper.cpp
@@ -16,147 +16,131 @@
#define LOG_TAG "TrustyGateKeeper"
-#include <assert.h>
-#include <errno.h>
-#include <stdio.h>
-
-#include <type_traits>
-
-#include <log/log.h>
+#include <android-base/logging.h>
+#include <limits>
#include "trusty_gatekeeper.h"
#include "trusty_gatekeeper_ipc.h"
#include "gatekeeper_ipc.h"
+using ::android::hardware::hidl_vec;
+using ::android::hardware::Return;
+using ::android::hardware::gatekeeper::V1_0::GatekeeperStatusCode;
+using ::gatekeeper::EnrollRequest;
+using ::gatekeeper::EnrollResponse;
+using ::gatekeeper::ERROR_INVALID;
+using ::gatekeeper::ERROR_MEMORY_ALLOCATION_FAILED;
+using ::gatekeeper::ERROR_NONE;
+using ::gatekeeper::ERROR_RETRY;
+using ::gatekeeper::SizedBuffer;
+using ::gatekeeper::VerifyRequest;
+using ::gatekeeper::VerifyResponse;
+
namespace gatekeeper {
-const uint32_t SEND_BUF_SIZE = 8192;
-const uint32_t RECV_BUF_SIZE = 8192;
+constexpr const uint32_t SEND_BUF_SIZE = 8192;
+constexpr const uint32_t RECV_BUF_SIZE = 8192;
-TrustyGateKeeperDevice::TrustyGateKeeperDevice(const hw_module_t *module) {
-#if __cplusplus >= 201103L || defined(__GXX_EXPERIMENTAL_CXX0X__)
- static_assert(std::is_standard_layout<TrustyGateKeeperDevice>::value,
- "TrustyGateKeeperDevice must be standard layout");
- static_assert(offsetof(TrustyGateKeeperDevice, device_) == 0,
- "device_ must be the first member of TrustyGateKeeperDevice");
- static_assert(offsetof(TrustyGateKeeperDevice, device_.common) == 0,
- "common must be the first member of gatekeeper_device");
-#else
- assert(reinterpret_cast<gatekeeper_device_t *>(this) == &device_);
- assert(reinterpret_cast<hw_device_t *>(this) == &(device_.common));
-#endif
-
- memset(&device_, 0, sizeof(device_));
- device_.common.tag = HARDWARE_DEVICE_TAG;
- device_.common.version = 1;
- device_.common.module = const_cast<hw_module_t *>(module);
- device_.common.close = close_device;
-
- device_.enroll = enroll;
- device_.verify = verify;
- device_.delete_user = nullptr;
- device_.delete_all_users = nullptr;
-
+TrustyGateKeeperDevice::TrustyGateKeeperDevice() {
int rc = trusty_gatekeeper_connect();
if (rc < 0) {
- ALOGE("Error initializing trusty session: %d", rc);
+ LOG(ERROR) << "Error initializing trusty session: " << rc;
}
error_ = rc;
-
-}
-
-hw_device_t* TrustyGateKeeperDevice::hw_device() {
- return &device_.common;
-}
-
-int TrustyGateKeeperDevice::close_device(hw_device_t* dev) {
- delete reinterpret_cast<TrustyGateKeeperDevice *>(dev);
- return 0;
}
TrustyGateKeeperDevice::~TrustyGateKeeperDevice() {
trusty_gatekeeper_disconnect();
}
-int TrustyGateKeeperDevice::Enroll(uint32_t uid, const uint8_t *current_password_handle,
- uint32_t current_password_handle_length, const uint8_t *current_password,
- uint32_t current_password_length, const uint8_t *desired_password,
- uint32_t desired_password_length, uint8_t **enrolled_password_handle,
- uint32_t *enrolled_password_handle_length) {
-
- if (error_ != 0) {
- return error_;
- }
-
- SizedBuffer desired_password_buffer(desired_password_length);
- memcpy(desired_password_buffer.buffer.get(), desired_password, desired_password_length);
-
- SizedBuffer current_password_handle_buffer(current_password_handle_length);
- if (current_password_handle) {
- memcpy(current_password_handle_buffer.buffer.get(), current_password_handle,
- current_password_handle_length);
- }
-
- SizedBuffer current_password_buffer(current_password_length);
- if (current_password) {
- memcpy(current_password_buffer.buffer.get(), current_password, current_password_length);
- }
-
- EnrollRequest request(uid, ¤t_password_handle_buffer, &desired_password_buffer,
- ¤t_password_buffer);
- EnrollResponse response;
-
- gatekeeper_error_t error = Send(request, &response);
-
- if (error == ERROR_RETRY) {
- return response.retry_timeout;
- } else if (error != ERROR_NONE) {
- return -EINVAL;
- }
-
- *enrolled_password_handle = response.enrolled_password_handle.buffer.release();
- *enrolled_password_handle_length = response.enrolled_password_handle.length;
-
-
- return 0;
+SizedBuffer hidl_vec2sized_buffer(const hidl_vec<uint8_t>& vec) {
+ if (vec.size() == 0 || vec.size() > std::numeric_limits<uint32_t>::max()) return {};
+ auto dummy = new uint8_t[vec.size()];
+ std::copy(vec.begin(), vec.end(), dummy);
+ return {dummy, static_cast<uint32_t>(vec.size())};
}
-int TrustyGateKeeperDevice::Verify(uint32_t uid, uint64_t challenge,
- const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length,
- uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll) {
+Return<void> TrustyGateKeeperDevice::enroll(uint32_t uid,
+ const hidl_vec<uint8_t>& currentPasswordHandle,
+ const hidl_vec<uint8_t>& currentPassword,
+ const hidl_vec<uint8_t>& desiredPassword,
+ enroll_cb _hidl_cb) {
if (error_ != 0) {
- return error_;
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
}
- SizedBuffer password_handle_buffer(enrolled_password_handle_length);
- memcpy(password_handle_buffer.buffer.get(), enrolled_password_handle,
- enrolled_password_handle_length);
- SizedBuffer provided_password_buffer(provided_password_length);
- memcpy(provided_password_buffer.buffer.get(), provided_password, provided_password_length);
+ if (desiredPassword.size() == 0) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
+ }
- VerifyRequest request(uid, challenge, &password_handle_buffer, &provided_password_buffer);
+ EnrollRequest request(uid, hidl_vec2sized_buffer(currentPasswordHandle),
+ hidl_vec2sized_buffer(desiredPassword),
+ hidl_vec2sized_buffer(currentPassword));
+ EnrollResponse response;
+ auto error = Send(request, &response);
+ if (error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else if (response.error == ERROR_RETRY) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_RETRY_TIMEOUT, response.retry_timeout, {}});
+ } else if (response.error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else {
+ hidl_vec<uint8_t> new_handle(response.enrolled_password_handle.Data<uint8_t>(),
+ response.enrolled_password_handle.Data<uint8_t>() +
+ response.enrolled_password_handle.size());
+ _hidl_cb({GatekeeperStatusCode::STATUS_OK, response.retry_timeout, new_handle});
+ }
+ return {};
+}
+
+Return<void> TrustyGateKeeperDevice::verify(
+ uint32_t uid, uint64_t challenge,
+ const ::android::hardware::hidl_vec<uint8_t>& enrolledPasswordHandle,
+ const ::android::hardware::hidl_vec<uint8_t>& providedPassword, verify_cb _hidl_cb) {
+ if (error_ != 0) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
+ }
+
+ if (enrolledPasswordHandle.size() == 0) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
+ }
+
+ VerifyRequest request(uid, challenge, hidl_vec2sized_buffer(enrolledPasswordHandle),
+ hidl_vec2sized_buffer(providedPassword));
VerifyResponse response;
- gatekeeper_error_t error = Send(request, &response);
+ auto error = Send(request, &response);
+ if (error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else if (response.error == ERROR_RETRY) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_RETRY_TIMEOUT, response.retry_timeout, {}});
+ } else if (response.error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else {
+ hidl_vec<uint8_t> auth_token(
+ response.auth_token.Data<uint8_t>(),
+ response.auth_token.Data<uint8_t>() + response.auth_token.size());
- if (error == ERROR_RETRY) {
- return response.retry_timeout;
- } else if (error != ERROR_NONE) {
- return -EINVAL;
+ _hidl_cb({response.request_reenroll ? GatekeeperStatusCode::STATUS_REENROLL
+ : GatekeeperStatusCode::STATUS_OK,
+ response.retry_timeout, auth_token});
}
+ return {};
+}
- if (auth_token != NULL && auth_token_length != NULL) {
- *auth_token = response.auth_token.buffer.release();
- *auth_token_length = response.auth_token.length;
- }
+Return<void> TrustyGateKeeperDevice::deleteUser(uint32_t /*uid*/, deleteUser_cb _hidl_cb) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ return {};
+}
- if (request_reenroll != NULL) {
- *request_reenroll = response.request_reenroll;
- }
-
- return 0;
+Return<void> TrustyGateKeeperDevice::deleteAllUsers(deleteAllUsers_cb _hidl_cb) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ return {};
}
gatekeeper_error_t TrustyGateKeeperDevice::Send(uint32_t command, const GateKeeperMessage& request,
@@ -172,7 +156,7 @@
uint32_t response_size = RECV_BUF_SIZE;
int rc = trusty_gatekeeper_call(command, send_buf, request_size, recv_buf, &response_size);
if (rc < 0) {
- ALOGE("error (%d) calling gatekeeper TA", rc);
+ LOG(ERROR) << "error (" << rc << ") calling gatekeeper TA";
return ERROR_INVALID;
}
@@ -182,51 +166,4 @@
return response->Deserialize(payload, payload + response_size);
}
-static inline TrustyGateKeeperDevice *convert_device(const gatekeeper_device *dev) {
- return reinterpret_cast<TrustyGateKeeperDevice *>(const_cast<gatekeeper_device *>(dev));
-}
-
-/* static */
-int TrustyGateKeeperDevice::enroll(const struct gatekeeper_device *dev, uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) {
-
- if (dev == NULL ||
- enrolled_password_handle == NULL || enrolled_password_handle_length == NULL ||
- desired_password == NULL || desired_password_length == 0)
- return -EINVAL;
-
- // Current password and current password handle go together
- if (current_password_handle == NULL || current_password_handle_length == 0 ||
- current_password == NULL || current_password_length == 0) {
- current_password_handle = NULL;
- current_password_handle_length = 0;
- current_password = NULL;
- current_password_length = 0;
- }
-
- return convert_device(dev)->Enroll(uid, current_password_handle, current_password_handle_length,
- current_password, current_password_length, desired_password, desired_password_length,
- enrolled_password_handle, enrolled_password_handle_length);
-
-}
-
-/* static */
-int TrustyGateKeeperDevice::verify(const struct gatekeeper_device *dev, uint32_t uid,
- uint64_t challenge, const uint8_t *enrolled_password_handle,
- uint32_t enrolled_password_handle_length, const uint8_t *provided_password,
- uint32_t provided_password_length, uint8_t **auth_token, uint32_t *auth_token_length,
- bool *request_reenroll) {
-
- if (dev == NULL || enrolled_password_handle == NULL ||
- provided_password == NULL) {
- return -EINVAL;
- }
-
- return convert_device(dev)->Verify(uid, challenge, enrolled_password_handle,
- enrolled_password_handle_length, provided_password, provided_password_length,
- auth_token, auth_token_length, request_reenroll);
-}
};
diff --git a/trusty/gatekeeper/trusty_gatekeeper.h b/trusty/gatekeeper/trusty_gatekeeper.h
index 2becc49..c0713f4 100644
--- a/trusty/gatekeeper/trusty_gatekeeper.h
+++ b/trusty/gatekeeper/trusty_gatekeeper.h
@@ -17,84 +17,34 @@
#ifndef TRUSTY_GATEKEEPER_H
#define TRUSTY_GATEKEEPER_H
-#include <hardware/gatekeeper.h>
+#include <android/hardware/gatekeeper/1.0/IGatekeeper.h>
+#include <hidl/Status.h>
+
+#include <memory>
+
#include <gatekeeper/gatekeeper_messages.h>
#include "gatekeeper_ipc.h"
namespace gatekeeper {
-class TrustyGateKeeperDevice {
- public:
-
- explicit TrustyGateKeeperDevice(const hw_module_t* module);
+class TrustyGateKeeperDevice : public ::android::hardware::gatekeeper::V1_0::IGatekeeper {
+ public:
+ explicit TrustyGateKeeperDevice();
~TrustyGateKeeperDevice();
-
- hw_device_t* hw_device();
-
/**
* Enrolls password_payload, which should be derived from a user selected pin or password,
* with the authentication factor private key used only for enrolling authentication
* factor data.
*
* Returns: 0 on success or an error code less than 0 on error.
- * On error, enrolled_password will not be allocated.
- */
- int Enroll(uint32_t uid, const uint8_t *current_password_handle,
- uint32_t current_password_handle_length, const uint8_t *current_password,
- uint32_t current_password_length, const uint8_t *desired_password,
- uint32_t desired_password_length, uint8_t **enrolled_password_handle,
- uint32_t *enrolled_password_handle_length);
-
- /**
- * Verifies provided_password matches expected_password after enrolling
- * with the authentication factor private key.
- *
- * Implementations of this module may retain the result of this call
- * to attest to the recency of authentication.
- *
- * On success, writes the address of a verification token to verification_token,
- *
- * Returns: 0 on success or an error code less than 0 on error
- * On error, verification token will not be allocated
- */
- int Verify(uint32_t uid, uint64_t challenge, const uint8_t *enrolled_password_handle,
- uint32_t enrolled_password_handle_length, const uint8_t *provided_password,
- uint32_t provided_password_length, uint8_t **auth_token, uint32_t *auth_token_length,
- bool *request_reenroll);
-
- private:
-
- gatekeeper_error_t Send(uint32_t command, const GateKeeperMessage& request,
- GateKeeperMessage* response);
-
- gatekeeper_error_t Send(const EnrollRequest& request, EnrollResponse *response) {
- return Send(GK_ENROLL, request, response);
- }
-
- gatekeeper_error_t Send(const VerifyRequest& request, VerifyResponse *response) {
- return Send(GK_VERIFY, request, response);
- }
-
- // Static methods interfacing the HAL API with the TrustyGateKeeper device
-
- /**
- * Enrolls desired_password, which should be derived from a user selected pin or password,
- * with the authentication factor private key used only for enrolling authentication
- * factor data.
- *
- * If there was already a password enrolled, it should be provided in
- * current_password_handle, along with the current password in current_password
- * that should validate against current_password_handle.
- *
- * Returns: 0 on success or an error code less than 0 on error.
* On error, enrolled_password_handle will not be allocated.
*/
- static int enroll(const struct gatekeeper_device *dev, uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length);
+ ::android::hardware::Return<void> enroll(
+ uint32_t uid, const ::android::hardware::hidl_vec<uint8_t>& currentPasswordHandle,
+ const ::android::hardware::hidl_vec<uint8_t>& currentPassword,
+ const ::android::hardware::hidl_vec<uint8_t>& desiredPassword,
+ enroll_cb _hidl_cb) override;
/**
* Verifies provided_password matches enrolled_password_handle.
@@ -109,18 +59,32 @@
* Returns: 0 on success or an error code less than 0 on error
* On error, verification token will not be allocated
*/
- static int verify(const struct gatekeeper_device *dev, uint32_t uid, uint64_t challenge,
- const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length,
- uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll);
+ ::android::hardware::Return<void> verify(
+ uint32_t uid, uint64_t challenge,
+ const ::android::hardware::hidl_vec<uint8_t>& enrolledPasswordHandle,
+ const ::android::hardware::hidl_vec<uint8_t>& providedPassword,
+ verify_cb _hidl_cb) override;
- static int close_device(hw_device_t* dev);
+ ::android::hardware::Return<void> deleteUser(uint32_t uid, deleteUser_cb _hidl_cb) override;
- gatekeeper_device device_;
+ ::android::hardware::Return<void> deleteAllUsers(deleteAllUsers_cb _hidl_cb) override;
+
+ private:
+ gatekeeper_error_t Send(uint32_t command, const GateKeeperMessage& request,
+ GateKeeperMessage* response);
+
+ gatekeeper_error_t Send(const EnrollRequest& request, EnrollResponse *response) {
+ return Send(GK_ENROLL, request, response);
+ }
+
+ gatekeeper_error_t Send(const VerifyRequest& request, VerifyResponse *response) {
+ return Send(GK_VERIFY, request, response);
+ }
+
int error_;
-
};
-}
+
+} // namespace gatekeeper
#endif
diff --git a/trusty/trusty-base.mk b/trusty/trusty-base.mk
index 445d3ce..fd8daa8 100644
--- a/trusty/trusty-base.mk
+++ b/trusty/trusty-base.mk
@@ -24,9 +24,7 @@
PRODUCT_PACKAGES += \
android.hardware.keymaster@4.0-service.trusty \
- android.hardware.gatekeeper@1.0-service \
- android.hardware.gatekeeper@1.0-impl \
- gatekeeper.trusty
+ android.hardware.gatekeeper@1.0-service.trusty
PRODUCT_PROPERTY_OVERRIDES += \
ro.hardware.keystore=trusty \