Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c51ed4c5 authored by Pawan Wagh's avatar Pawan Wagh Committed by Gerrit Code Review
Browse files

Merge "Return error from gatekeeperd"

parents 3fbe2ca3 d2d320ab
Loading
Loading
Loading
Loading
+31 −8
Original line number Diff line number Diff line
@@ -144,14 +144,22 @@ void GateKeeperProxy::clear_sid(uint32_t userId) {
    }
}

uint32_t GateKeeperProxy::adjust_userId(uint32_t userId) {
Status GateKeeperProxy::adjust_userId(uint32_t userId, uint32_t* hw_userId) {
    static constexpr uint32_t kGsiOffset = 1000000;
    CHECK(userId < kGsiOffset);
    CHECK((aidl_hw_device != nullptr) || (hw_device != nullptr));
    if (userId >= kGsiOffset) {
        return Status::fromExceptionCode(Status::EX_ILLEGAL_ARGUMENT);
    }

    if ((aidl_hw_device == nullptr) && (hw_device == nullptr)) {
        return Status::fromExceptionCode(Status::EX_ILLEGAL_STATE);
    }

    if (is_running_gsi) {
        return userId + kGsiOffset;
        *hw_userId = userId + kGsiOffset;
        return Status::ok();
    }
    return userId;
    *hw_userId = userId;
    return Status::ok();
}

#define GK_ERROR *gkResponse = GKResponse::error(), Status::ok()
@@ -201,7 +209,12 @@ Status GateKeeperProxy::enroll(int32_t userId,
    android::hardware::hidl_vec<uint8_t> newPwd;
    newPwd.setToExternal(const_cast<uint8_t*>(desiredPassword.data()), desiredPassword.size());

    uint32_t hw_userId = adjust_userId(userId);
    uint32_t hw_userId = 0;
    Status result = adjust_userId(userId, &hw_userId);
    if (!result.isOk()) {
        return result;
    }

    uint64_t secureUserId = 0;
    if (aidl_hw_device) {
        // AIDL gatekeeper service
@@ -300,7 +313,12 @@ Status GateKeeperProxy::verifyChallenge(int32_t userId, int64_t challenge,
        }
    }

    uint32_t hw_userId = adjust_userId(userId);
    uint32_t hw_userId = 0;
    Status result = adjust_userId(userId, &hw_userId);
    if (!result.isOk()) {
        return result;
    }

    android::hardware::hidl_vec<uint8_t> curPwdHandle;
    curPwdHandle.setToExternal(const_cast<uint8_t*>(enrolledPasswordHandle.data()),
                               enrolledPasswordHandle.size());
@@ -410,7 +428,12 @@ Status GateKeeperProxy::clearSecureUserId(int32_t userId) {
    }
    clear_sid(userId);

    uint32_t hw_userId = adjust_userId(userId);
    uint32_t hw_userId = 0;
    Status result = adjust_userId(userId, &hw_userId);
    if (!result.isOk()) {
        return result;
    }

    if (aidl_hw_device) {
        aidl_hw_device->deleteUser(hw_userId);
    } else if (hw_device) {
+1 −1
Original line number Diff line number Diff line
@@ -47,7 +47,7 @@ class GateKeeperProxy : public BnGateKeeperService {

    // This should only be called on userIds being passed to the GateKeeper HAL. It ensures that
    // secure storage shared across a GSI image and a host image will not overlap.
    uint32_t adjust_userId(uint32_t userId);
    Status adjust_userId(uint32_t userId, uint32_t* hw_userId);

#define GK_ERROR *gkResponse = GKResponse::error(), Status::ok()