Loading services/core/java/com/android/server/locksettings/AuthSecretHidlAdapter.java 0 → 100644 +61 −0 Original line number Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.locksettings; import android.hardware.authsecret.IAuthSecret; import android.os.IBinder; import android.os.RemoteException; import java.util.ArrayList; /** * Adapt the legacy HIDL interface to present the AIDL interface. */ class AuthSecretHidlAdapter implements IAuthSecret { // private final String TAG = "AuthSecretHidlAdapter"; private final android.hardware.authsecret.V1_0.IAuthSecret mImpl; AuthSecretHidlAdapter(android.hardware.authsecret.V1_0.IAuthSecret impl) { mImpl = impl; } @Override public void setPrimaryUserCredential(byte[] secret) throws RemoteException { final ArrayList<Byte> secretAsArrayList = new ArrayList<>(secret.length); for (int i = 0; i < secret.length; ++i) { secretAsArrayList.add(secret[i]); } mImpl.primaryUserCredential(secretAsArrayList); } @Override public int getInterfaceVersion() throws RemoteException { // Supports only V1 return 1; } @Override public IBinder asBinder() { throw new UnsupportedOperationException("AuthSecretHidlAdapter does not support asBinder"); } @Override public String getInterfaceHash() throws RemoteException { throw new UnsupportedOperationException( "AuthSecretHidlAdapter does not support getInterfaceHash"); } } services/core/java/com/android/server/locksettings/LockSettingsService.java +20 −27 Original line number Diff line number Diff line Loading @@ -267,8 +267,7 @@ public class LockSettingsService extends ILockSettings.Stub { protected boolean mHasSecureLockScreen; protected IGateKeeperService mGateKeeperService; protected IAuthSecret mAuthSecretServiceAidl; protected android.hardware.authsecret.V1_0.IAuthSecret mAuthSecretServiceHidl; protected IAuthSecret mAuthSecretService; private static final String GSI_RUNNING_PROP = "ro.gsid.image_running"; Loading Loading @@ -837,16 +836,19 @@ public class LockSettingsService extends ILockSettings.Stub { } private void getAuthSecretHal() { mAuthSecretServiceAidl = IAuthSecret.Stub.asInterface(ServiceManager. waitForDeclaredService(IAuthSecret.DESCRIPTOR + "/default")); if (mAuthSecretServiceAidl == null) { Slog.i(TAG, "Device doesn't implement AuthSecret HAL(aidl), try to get hidl version"); mAuthSecretService = IAuthSecret.Stub.asInterface( ServiceManager.waitForDeclaredService(IAuthSecret.DESCRIPTOR + "/default")); if (mAuthSecretService != null) { Slog.i(TAG, "Device implements AIDL AuthSecret HAL"); } else { try { mAuthSecretServiceHidl = android.hardware.authsecret.V1_0.IAuthSecret authSecretServiceHidl = android.hardware.authsecret.V1_0.IAuthSecret.getService(/* retry */ true); mAuthSecretService = new AuthSecretHidlAdapter(authSecretServiceHidl); Slog.i(TAG, "Device implements HIDL AuthSecret HAL"); } catch (NoSuchElementException e) { Slog.i(TAG, "Device doesn't implement AuthSecret HAL(hidl)"); Slog.i(TAG, "Device doesn't implement AuthSecret HAL"); } catch (RemoteException e) { Slog.w(TAG, "Failed to get AuthSecret HAL(hidl)", e); } Loading Loading @@ -2578,25 +2580,16 @@ public class LockSettingsService extends ILockSettings.Stub { // If the given user is the primary user, pass the auth secret to the HAL. Only the system // user can be primary. Check for the system user ID before calling getUserInfo(), as other // users may still be under construction. if (mAuthSecretService == null) { return; } if (userId == UserHandle.USER_SYSTEM && mUserManager.getUserInfo(userId).isPrimary()) { final byte[] rawSecret = sp.deriveVendorAuthSecret(); if (mAuthSecretServiceAidl != null) { final byte[] secret = sp.deriveVendorAuthSecret(); try { mAuthSecretServiceAidl.setPrimaryUserCredential(rawSecret); mAuthSecretService.setPrimaryUserCredential(secret); } catch (RemoteException e) { Slog.w(TAG, "Failed to pass primary user secret to AuthSecret HAL(aidl)", e); } } else if (mAuthSecretServiceHidl != null) { try { final ArrayList<Byte> secret = new ArrayList<>(rawSecret.length); for (int i = 0; i < rawSecret.length; ++i) { secret.add(rawSecret[i]); } mAuthSecretServiceHidl.primaryUserCredential(secret); } catch (RemoteException e) { Slog.w(TAG, "Failed to pass primary user secret to AuthSecret HAL(hidl)", e); } Slog.w(TAG, "Failed to pass primary user secret to AuthSecret HAL", e); } } } Loading services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java +1 −1 Original line number Diff line number Diff line Loading @@ -154,7 +154,7 @@ public class LockSettingsServiceTestable extends LockSettingsService { storageManager, spManager, gsiService, recoverableKeyStoreManager, userManagerInternal, deviceStateCache)); mGateKeeperService = gatekeeper; mAuthSecretServiceAidl = authSecretService; mAuthSecretService = authSecretService; } @Override Loading Loading
services/core/java/com/android/server/locksettings/AuthSecretHidlAdapter.java 0 → 100644 +61 −0 Original line number Diff line number Diff line /* * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.server.locksettings; import android.hardware.authsecret.IAuthSecret; import android.os.IBinder; import android.os.RemoteException; import java.util.ArrayList; /** * Adapt the legacy HIDL interface to present the AIDL interface. */ class AuthSecretHidlAdapter implements IAuthSecret { // private final String TAG = "AuthSecretHidlAdapter"; private final android.hardware.authsecret.V1_0.IAuthSecret mImpl; AuthSecretHidlAdapter(android.hardware.authsecret.V1_0.IAuthSecret impl) { mImpl = impl; } @Override public void setPrimaryUserCredential(byte[] secret) throws RemoteException { final ArrayList<Byte> secretAsArrayList = new ArrayList<>(secret.length); for (int i = 0; i < secret.length; ++i) { secretAsArrayList.add(secret[i]); } mImpl.primaryUserCredential(secretAsArrayList); } @Override public int getInterfaceVersion() throws RemoteException { // Supports only V1 return 1; } @Override public IBinder asBinder() { throw new UnsupportedOperationException("AuthSecretHidlAdapter does not support asBinder"); } @Override public String getInterfaceHash() throws RemoteException { throw new UnsupportedOperationException( "AuthSecretHidlAdapter does not support getInterfaceHash"); } }
services/core/java/com/android/server/locksettings/LockSettingsService.java +20 −27 Original line number Diff line number Diff line Loading @@ -267,8 +267,7 @@ public class LockSettingsService extends ILockSettings.Stub { protected boolean mHasSecureLockScreen; protected IGateKeeperService mGateKeeperService; protected IAuthSecret mAuthSecretServiceAidl; protected android.hardware.authsecret.V1_0.IAuthSecret mAuthSecretServiceHidl; protected IAuthSecret mAuthSecretService; private static final String GSI_RUNNING_PROP = "ro.gsid.image_running"; Loading Loading @@ -837,16 +836,19 @@ public class LockSettingsService extends ILockSettings.Stub { } private void getAuthSecretHal() { mAuthSecretServiceAidl = IAuthSecret.Stub.asInterface(ServiceManager. waitForDeclaredService(IAuthSecret.DESCRIPTOR + "/default")); if (mAuthSecretServiceAidl == null) { Slog.i(TAG, "Device doesn't implement AuthSecret HAL(aidl), try to get hidl version"); mAuthSecretService = IAuthSecret.Stub.asInterface( ServiceManager.waitForDeclaredService(IAuthSecret.DESCRIPTOR + "/default")); if (mAuthSecretService != null) { Slog.i(TAG, "Device implements AIDL AuthSecret HAL"); } else { try { mAuthSecretServiceHidl = android.hardware.authsecret.V1_0.IAuthSecret authSecretServiceHidl = android.hardware.authsecret.V1_0.IAuthSecret.getService(/* retry */ true); mAuthSecretService = new AuthSecretHidlAdapter(authSecretServiceHidl); Slog.i(TAG, "Device implements HIDL AuthSecret HAL"); } catch (NoSuchElementException e) { Slog.i(TAG, "Device doesn't implement AuthSecret HAL(hidl)"); Slog.i(TAG, "Device doesn't implement AuthSecret HAL"); } catch (RemoteException e) { Slog.w(TAG, "Failed to get AuthSecret HAL(hidl)", e); } Loading Loading @@ -2578,25 +2580,16 @@ public class LockSettingsService extends ILockSettings.Stub { // If the given user is the primary user, pass the auth secret to the HAL. Only the system // user can be primary. Check for the system user ID before calling getUserInfo(), as other // users may still be under construction. if (mAuthSecretService == null) { return; } if (userId == UserHandle.USER_SYSTEM && mUserManager.getUserInfo(userId).isPrimary()) { final byte[] rawSecret = sp.deriveVendorAuthSecret(); if (mAuthSecretServiceAidl != null) { final byte[] secret = sp.deriveVendorAuthSecret(); try { mAuthSecretServiceAidl.setPrimaryUserCredential(rawSecret); mAuthSecretService.setPrimaryUserCredential(secret); } catch (RemoteException e) { Slog.w(TAG, "Failed to pass primary user secret to AuthSecret HAL(aidl)", e); } } else if (mAuthSecretServiceHidl != null) { try { final ArrayList<Byte> secret = new ArrayList<>(rawSecret.length); for (int i = 0; i < rawSecret.length; ++i) { secret.add(rawSecret[i]); } mAuthSecretServiceHidl.primaryUserCredential(secret); } catch (RemoteException e) { Slog.w(TAG, "Failed to pass primary user secret to AuthSecret HAL(hidl)", e); } Slog.w(TAG, "Failed to pass primary user secret to AuthSecret HAL", e); } } } Loading
services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java +1 −1 Original line number Diff line number Diff line Loading @@ -154,7 +154,7 @@ public class LockSettingsServiceTestable extends LockSettingsService { storageManager, spManager, gsiService, recoverableKeyStoreManager, userManagerInternal, deviceStateCache)); mGateKeeperService = gatekeeper; mAuthSecretServiceAidl = authSecretService; mAuthSecretService = authSecretService; } @Override Loading
