Loading trusty/keymaster/Android.bp +11 −6 Original line number Diff line number Diff line Loading @@ -27,14 +27,17 @@ cc_binary { name: "trusty_keymaster_tipc", vendor: true, srcs: [ "trusty_keymaster_device.cpp", "trusty_keymaster_ipc.cpp", "trusty_keymaster_main.cpp", "ipc/trusty_keymaster_ipc.cpp", "legacy/trusty_keymaster_device.cpp", "legacy/trusty_keymaster_main.cpp", ], cflags: [ "-Wall", "-Werror", ], local_include_dirs: ["include"], shared_libs: [ "libcrypto", "libcutils", Loading @@ -52,9 +55,9 @@ cc_library_shared { vendor: true, relative_install_path: "hw", srcs: [ "module.cpp", "trusty_keymaster_ipc.cpp", "trusty_keymaster_device.cpp", "ipc/trusty_keymaster_ipc.cpp", "legacy/module.cpp", "legacy/trusty_keymaster_device.cpp", ], cflags: [ Loading @@ -63,6 +66,8 @@ cc_library_shared { "-Werror", ], local_include_dirs: ["include"], shared_libs: [ "libcrypto", "libkeymaster_messages", Loading trusty/keymaster/keymaster_ipc.h→trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h +0 −0 File moved. View file trusty/keymaster/trusty_keymaster_ipc.h→trusty/keymaster/include/trusty_keymaster/ipc/trusty_keymaster_ipc.h +11 −0 Original line number Diff line number Diff line Loading @@ -17,13 +17,24 @@ #ifndef TRUSTY_KEYMASTER_TRUSTY_KEYMASTER_IPC_H_ #define TRUSTY_KEYMASTER_TRUSTY_KEYMASTER_IPC_H_ #include <keymaster/android_keymaster_messages.h> #include <trusty_keymaster/ipc/keymaster_ipc.h> __BEGIN_DECLS const uint32_t TRUSTY_KEYMASTER_RECV_BUF_SIZE = 2 * PAGE_SIZE; const uint32_t TRUSTY_KEYMASTER_SEND_BUF_SIZE = (PAGE_SIZE - sizeof(struct keymaster_message) - 16 /* tipc header */); int trusty_keymaster_connect(void); int trusty_keymaster_call(uint32_t cmd, void* in, uint32_t in_size, uint8_t* out, uint32_t* out_size); void trusty_keymaster_disconnect(void); keymaster_error_t translate_error(int err); keymaster_error_t trusty_keymaster_send(uint32_t command, const keymaster::Serializable& req, keymaster::KeymasterResponse* rsp); __END_DECLS #endif // TRUSTY_KEYMASTER_TRUSTY_KEYMASTER_IPC_H_ trusty/keymaster/trusty_keymaster_device.h→trusty/keymaster/include/trusty_keymaster/legacy/trusty_keymaster_device.h +8 −4 Original line number Diff line number Diff line Loading @@ -36,7 +36,8 @@ class TrustyKeymasterDevice { * These are the only symbols that will be exported by libtrustykeymaster. All functionality * can be reached via the function pointers in device_. */ __attribute__((visibility("default"))) explicit TrustyKeymasterDevice(const hw_module_t* module); __attribute__((visibility("default"))) explicit TrustyKeymasterDevice( const hw_module_t* module); __attribute__((visibility("default"))) hw_device_t* hw_device(); ~TrustyKeymasterDevice(); Loading Loading @@ -134,12 +135,15 @@ class TrustyKeymasterDevice { keymaster_operation_handle_t operation_handle, const keymaster_key_param_set_t* in_params, const keymaster_blob_t* input, size_t* input_consumed, keymaster_key_param_set_t* out_params, keymaster_blob_t* output); keymaster_key_param_set_t* out_params, keymaster_blob_t* output); static keymaster_error_t finish(const keymaster2_device_t* dev, keymaster_operation_handle_t operation_handle, const keymaster_key_param_set_t* in_params, const keymaster_blob_t* input, const keymaster_blob_t* signature, keymaster_key_param_set_t* out_params, keymaster_blob_t* output); const keymaster_blob_t* input, const keymaster_blob_t* signature, keymaster_key_param_set_t* out_params, keymaster_blob_t* output); static keymaster_error_t abort(const keymaster2_device_t* dev, keymaster_operation_handle_t operation_handle); Loading trusty/keymaster/trusty_keymaster_ipc.cpp→trusty/keymaster/ipc/trusty_keymaster_ipc.cpp +75 −5 Original line number Diff line number Diff line Loading @@ -29,8 +29,8 @@ #include <log/log.h> #include <trusty/tipc.h> #include "keymaster_ipc.h" #include "trusty_keymaster_ipc.h" #include <trusty_keymaster/ipc/keymaster_ipc.h> #include <trusty_keymaster/ipc/trusty_keymaster_ipc.h> #define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0" Loading Loading @@ -76,9 +76,9 @@ int trusty_keymaster_call(uint32_t cmd, void* in, uint32_t in_size, uint8_t* out struct keymaster_message header; iov[0] = {.iov_base = &header, .iov_len = sizeof(struct keymaster_message)}; while (true) { iov[1] = { .iov_base = out + *out_size, .iov_len = std::min<uint32_t>(KEYMASTER_MAX_BUFFER_LENGTH, out_max_size - *out_size)}; iov[1] = {.iov_base = out + *out_size, .iov_len = std::min<uint32_t>(KEYMASTER_MAX_BUFFER_LENGTH, out_max_size - *out_size)}; rc = readv(handle_, iov, 2); if (rc < 0) { ALOGE("failed to retrieve response for cmd (%d) to %s: %s\n", cmd, KEYMASTER_PORT, Loading Loading @@ -110,3 +110,73 @@ void trusty_keymaster_disconnect() { } handle_ = -1; } keymaster_error_t translate_error(int err) { switch (err) { case 0: return KM_ERROR_OK; case -EPERM: case -EACCES: return KM_ERROR_SECURE_HW_ACCESS_DENIED; case -ECANCELED: return KM_ERROR_OPERATION_CANCELLED; case -ENODEV: return KM_ERROR_UNIMPLEMENTED; case -ENOMEM: return KM_ERROR_MEMORY_ALLOCATION_FAILED; case -EBUSY: return KM_ERROR_SECURE_HW_BUSY; case -EIO: return KM_ERROR_SECURE_HW_COMMUNICATION_FAILED; case -EOVERFLOW: return KM_ERROR_INVALID_INPUT_LENGTH; default: return KM_ERROR_UNKNOWN_ERROR; } } keymaster_error_t trusty_keymaster_send(uint32_t command, const keymaster::Serializable& req, keymaster::KeymasterResponse* rsp) { uint32_t req_size = req.SerializedSize(); if (req_size > TRUSTY_KEYMASTER_SEND_BUF_SIZE) { ALOGE("Request too big: %u Max size: %u", req_size, TRUSTY_KEYMASTER_SEND_BUF_SIZE); return KM_ERROR_INVALID_INPUT_LENGTH; } uint8_t send_buf[TRUSTY_KEYMASTER_SEND_BUF_SIZE]; keymaster::Eraser send_buf_eraser(send_buf, TRUSTY_KEYMASTER_SEND_BUF_SIZE); req.Serialize(send_buf, send_buf + req_size); // Send it uint8_t recv_buf[TRUSTY_KEYMASTER_RECV_BUF_SIZE]; keymaster::Eraser recv_buf_eraser(recv_buf, TRUSTY_KEYMASTER_RECV_BUF_SIZE); uint32_t rsp_size = TRUSTY_KEYMASTER_RECV_BUF_SIZE; int rc = trusty_keymaster_call(command, send_buf, req_size, recv_buf, &rsp_size); if (rc < 0) { // Reset the connection on tipc error trusty_keymaster_disconnect(); trusty_keymaster_connect(); ALOGE("tipc error: %d\n", rc); // TODO(swillden): Distinguish permanent from transient errors and set error_ appropriately. return translate_error(rc); } else { ALOGE("Received %d byte response\n", rsp_size); } const uint8_t* p = recv_buf; if (!rsp->Deserialize(&p, p + rsp_size)) { ALOGE("Error deserializing response of size %d\n", (int)rsp_size); return KM_ERROR_UNKNOWN_ERROR; } else if (rsp->error != KM_ERROR_OK) { ALOGE("Response of size %d contained error code %d\n", (int)rsp_size, (int)rsp->error); return rsp->error; } return rsp->error; } Loading
trusty/keymaster/Android.bp +11 −6 Original line number Diff line number Diff line Loading @@ -27,14 +27,17 @@ cc_binary { name: "trusty_keymaster_tipc", vendor: true, srcs: [ "trusty_keymaster_device.cpp", "trusty_keymaster_ipc.cpp", "trusty_keymaster_main.cpp", "ipc/trusty_keymaster_ipc.cpp", "legacy/trusty_keymaster_device.cpp", "legacy/trusty_keymaster_main.cpp", ], cflags: [ "-Wall", "-Werror", ], local_include_dirs: ["include"], shared_libs: [ "libcrypto", "libcutils", Loading @@ -52,9 +55,9 @@ cc_library_shared { vendor: true, relative_install_path: "hw", srcs: [ "module.cpp", "trusty_keymaster_ipc.cpp", "trusty_keymaster_device.cpp", "ipc/trusty_keymaster_ipc.cpp", "legacy/module.cpp", "legacy/trusty_keymaster_device.cpp", ], cflags: [ Loading @@ -63,6 +66,8 @@ cc_library_shared { "-Werror", ], local_include_dirs: ["include"], shared_libs: [ "libcrypto", "libkeymaster_messages", Loading
trusty/keymaster/keymaster_ipc.h→trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h +0 −0 File moved. View file
trusty/keymaster/trusty_keymaster_ipc.h→trusty/keymaster/include/trusty_keymaster/ipc/trusty_keymaster_ipc.h +11 −0 Original line number Diff line number Diff line Loading @@ -17,13 +17,24 @@ #ifndef TRUSTY_KEYMASTER_TRUSTY_KEYMASTER_IPC_H_ #define TRUSTY_KEYMASTER_TRUSTY_KEYMASTER_IPC_H_ #include <keymaster/android_keymaster_messages.h> #include <trusty_keymaster/ipc/keymaster_ipc.h> __BEGIN_DECLS const uint32_t TRUSTY_KEYMASTER_RECV_BUF_SIZE = 2 * PAGE_SIZE; const uint32_t TRUSTY_KEYMASTER_SEND_BUF_SIZE = (PAGE_SIZE - sizeof(struct keymaster_message) - 16 /* tipc header */); int trusty_keymaster_connect(void); int trusty_keymaster_call(uint32_t cmd, void* in, uint32_t in_size, uint8_t* out, uint32_t* out_size); void trusty_keymaster_disconnect(void); keymaster_error_t translate_error(int err); keymaster_error_t trusty_keymaster_send(uint32_t command, const keymaster::Serializable& req, keymaster::KeymasterResponse* rsp); __END_DECLS #endif // TRUSTY_KEYMASTER_TRUSTY_KEYMASTER_IPC_H_
trusty/keymaster/trusty_keymaster_device.h→trusty/keymaster/include/trusty_keymaster/legacy/trusty_keymaster_device.h +8 −4 Original line number Diff line number Diff line Loading @@ -36,7 +36,8 @@ class TrustyKeymasterDevice { * These are the only symbols that will be exported by libtrustykeymaster. All functionality * can be reached via the function pointers in device_. */ __attribute__((visibility("default"))) explicit TrustyKeymasterDevice(const hw_module_t* module); __attribute__((visibility("default"))) explicit TrustyKeymasterDevice( const hw_module_t* module); __attribute__((visibility("default"))) hw_device_t* hw_device(); ~TrustyKeymasterDevice(); Loading Loading @@ -134,12 +135,15 @@ class TrustyKeymasterDevice { keymaster_operation_handle_t operation_handle, const keymaster_key_param_set_t* in_params, const keymaster_blob_t* input, size_t* input_consumed, keymaster_key_param_set_t* out_params, keymaster_blob_t* output); keymaster_key_param_set_t* out_params, keymaster_blob_t* output); static keymaster_error_t finish(const keymaster2_device_t* dev, keymaster_operation_handle_t operation_handle, const keymaster_key_param_set_t* in_params, const keymaster_blob_t* input, const keymaster_blob_t* signature, keymaster_key_param_set_t* out_params, keymaster_blob_t* output); const keymaster_blob_t* input, const keymaster_blob_t* signature, keymaster_key_param_set_t* out_params, keymaster_blob_t* output); static keymaster_error_t abort(const keymaster2_device_t* dev, keymaster_operation_handle_t operation_handle); Loading
trusty/keymaster/trusty_keymaster_ipc.cpp→trusty/keymaster/ipc/trusty_keymaster_ipc.cpp +75 −5 Original line number Diff line number Diff line Loading @@ -29,8 +29,8 @@ #include <log/log.h> #include <trusty/tipc.h> #include "keymaster_ipc.h" #include "trusty_keymaster_ipc.h" #include <trusty_keymaster/ipc/keymaster_ipc.h> #include <trusty_keymaster/ipc/trusty_keymaster_ipc.h> #define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0" Loading Loading @@ -76,9 +76,9 @@ int trusty_keymaster_call(uint32_t cmd, void* in, uint32_t in_size, uint8_t* out struct keymaster_message header; iov[0] = {.iov_base = &header, .iov_len = sizeof(struct keymaster_message)}; while (true) { iov[1] = { .iov_base = out + *out_size, .iov_len = std::min<uint32_t>(KEYMASTER_MAX_BUFFER_LENGTH, out_max_size - *out_size)}; iov[1] = {.iov_base = out + *out_size, .iov_len = std::min<uint32_t>(KEYMASTER_MAX_BUFFER_LENGTH, out_max_size - *out_size)}; rc = readv(handle_, iov, 2); if (rc < 0) { ALOGE("failed to retrieve response for cmd (%d) to %s: %s\n", cmd, KEYMASTER_PORT, Loading Loading @@ -110,3 +110,73 @@ void trusty_keymaster_disconnect() { } handle_ = -1; } keymaster_error_t translate_error(int err) { switch (err) { case 0: return KM_ERROR_OK; case -EPERM: case -EACCES: return KM_ERROR_SECURE_HW_ACCESS_DENIED; case -ECANCELED: return KM_ERROR_OPERATION_CANCELLED; case -ENODEV: return KM_ERROR_UNIMPLEMENTED; case -ENOMEM: return KM_ERROR_MEMORY_ALLOCATION_FAILED; case -EBUSY: return KM_ERROR_SECURE_HW_BUSY; case -EIO: return KM_ERROR_SECURE_HW_COMMUNICATION_FAILED; case -EOVERFLOW: return KM_ERROR_INVALID_INPUT_LENGTH; default: return KM_ERROR_UNKNOWN_ERROR; } } keymaster_error_t trusty_keymaster_send(uint32_t command, const keymaster::Serializable& req, keymaster::KeymasterResponse* rsp) { uint32_t req_size = req.SerializedSize(); if (req_size > TRUSTY_KEYMASTER_SEND_BUF_SIZE) { ALOGE("Request too big: %u Max size: %u", req_size, TRUSTY_KEYMASTER_SEND_BUF_SIZE); return KM_ERROR_INVALID_INPUT_LENGTH; } uint8_t send_buf[TRUSTY_KEYMASTER_SEND_BUF_SIZE]; keymaster::Eraser send_buf_eraser(send_buf, TRUSTY_KEYMASTER_SEND_BUF_SIZE); req.Serialize(send_buf, send_buf + req_size); // Send it uint8_t recv_buf[TRUSTY_KEYMASTER_RECV_BUF_SIZE]; keymaster::Eraser recv_buf_eraser(recv_buf, TRUSTY_KEYMASTER_RECV_BUF_SIZE); uint32_t rsp_size = TRUSTY_KEYMASTER_RECV_BUF_SIZE; int rc = trusty_keymaster_call(command, send_buf, req_size, recv_buf, &rsp_size); if (rc < 0) { // Reset the connection on tipc error trusty_keymaster_disconnect(); trusty_keymaster_connect(); ALOGE("tipc error: %d\n", rc); // TODO(swillden): Distinguish permanent from transient errors and set error_ appropriately. return translate_error(rc); } else { ALOGE("Received %d byte response\n", rsp_size); } const uint8_t* p = recv_buf; if (!rsp->Deserialize(&p, p + rsp_size)) { ALOGE("Error deserializing response of size %d\n", (int)rsp_size); return KM_ERROR_UNKNOWN_ERROR; } else if (rsp->error != KM_ERROR_OK) { ALOGE("Response of size %d contained error code %d\n", (int)rsp_size, (int)rsp->error); return rsp->error; } return rsp->error; }
