platform_hardware_interfaces/keymaster/3.0/default/KeymasterDevice.cpp

/*
 **
 ** Copyright 2016, The Android Open Source Project
 **
 ** Licensed under the Apache License, Version 2.0 (the "License");
 ** you may not use this file except in compliance with the License.
 ** You may obtain a copy of the License at
 **
 **     http://www.apache.org/licenses/LICENSE-2.0
 **
 ** Unless required by applicable law or agreed to in writing, software
 ** distributed under the License is distributed on an "AS IS" BASIS,
 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 ** See the License for the specific language governing permissions and
 ** limitations under the License.
 */

#define LOG_TAG "android.hardware.keymaster@3.0-impl"

#include "KeymasterDevice.h"

#include <log/log.h>

#include <AndroidKeymaster3Device.h>
#include <hardware/keymaster1.h>
#include <hardware/keymaster2.h>
#include <hardware/keymaster_defs.h>

namespace android {
namespace hardware {
namespace keymaster {
namespace V3_0 {
namespace implementation {

static int get_keymaster1_dev(keymaster1_device_t** dev, const hw_module_t* mod) {
    int rc = keymaster1_open(mod, dev);
    if (rc) {
        ALOGE("Error %d opening keystore keymaster1 device", rc);
        if (*dev) {
            (*dev)->common.close(&(*dev)->common);
            *dev = nullptr;
        }
    }
    return rc;
}

static int get_keymaster2_dev(keymaster2_device_t** dev, const hw_module_t* mod) {
    int rc = keymaster2_open(mod, dev);
    if (rc) {
        ALOGE("Error %d opening keystore keymaster2 device", rc);
        *dev = nullptr;
    }
    return rc;
}

static IKeymasterDevice* createKeymaster3Device() {
    const hw_module_t* mod = nullptr;

    int rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod);
    if (rc) {
        ALOGI("Could not find any keystore module, using software-only implementation.");
        // SoftKeymasterDevice will be deleted by keymaster_device_release()
        return ::keymaster::ng::CreateKeymasterDevice();
    }

    if (mod->module_api_version < KEYMASTER_MODULE_API_VERSION_1_0) {
        return nullptr;
    } else if (mod->module_api_version == KEYMASTER_MODULE_API_VERSION_1_0) {
        keymaster1_device_t* dev = nullptr;
        if (get_keymaster1_dev(&dev, mod)) {
            return nullptr;
        }
        return ::keymaster::ng::CreateKeymasterDevice(dev);
    } else {
        keymaster2_device_t* dev = nullptr;
        if (get_keymaster2_dev(&dev, mod)) {
            return nullptr;
        }
        return ::keymaster::ng::CreateKeymasterDevice(dev);
    }
}

IKeymasterDevice* HIDL_FETCH_IKeymasterDevice(const char* name) {
    ALOGI("Fetching keymaster device name %s", name);

    if (name && strcmp(name, "softwareonly") == 0) {
        return ::keymaster::ng::CreateKeymasterDevice();
    } else if (name && strcmp(name, "default") == 0) {
        return createKeymaster3Device();
    }
    return nullptr;
}

}  // namespace implementation
}  // namespace V3_0
}  // namespace keymaster
}  // namespace hardware
}  // namespace android
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00			`/*`
			`**`
			`** Copyright 2016, The Android Open Source Project`
			`**`
			`** Licensed under the Apache License, Version 2.0 (the "License");`
			`** you may not use this file except in compliance with the License.`
			`** You may obtain a copy of the License at`
			`**`
			`** http://www.apache.org/licenses/LICENSE-2.0`
			`**`
			`** Unless required by applicable law or agreed to in writing, software`
			`** distributed under the License is distributed on an "AS IS" BASIS,`
			`** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`** See the License for the specific language governing permissions and`
			`** limitations under the License.`
			`*/`

			`#define LOG_TAG "android.hardware.keymaster@3.0-impl"`

			`#include "KeymasterDevice.h"`

Explicitly include log/log.h or android/log.h instead of cutils/log.h Eliminates the warning. Test: treehugger Bug: 123758136 Change-Id: Ibe50261efc18d659a10129977342bc765a9ba9d5 2019-02-01 02:19:58 +01:00			`#include <log/log.h>`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`#include <AndroidKeymaster3Device.h>`
Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert submission 1844016-delkm1 Reason for revert: b/202675261 Reverted Changes: Iba996962b:Delete KM1 Ia4c5359cd:Delete KM1 Iee6ec9816:Delete KM1 I6058e4d86:Delete KM1 I8abb9c570:Delete KM1 I9c4dc5c9e:Delete KM1 Change-Id: I2a2d4b737a90f8ce31cd14b68f64564d8d245ab3 2021-10-11 15:38:59 +02:00			`#include <hardware/keymaster1.h>`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`#include <hardware/keymaster2.h>`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00			`#include <hardware/keymaster_defs.h>`

			`namespace android {`
			`namespace hardware {`
			`namespace keymaster {`
			`namespace V3_0 {`
			`namespace implementation {`

Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert submission 1844016-delkm1 Reason for revert: b/202675261 Reverted Changes: Iba996962b:Delete KM1 Ia4c5359cd:Delete KM1 Iee6ec9816:Delete KM1 I6058e4d86:Delete KM1 I8abb9c570:Delete KM1 I9c4dc5c9e:Delete KM1 Change-Id: I2a2d4b737a90f8ce31cd14b68f64564d8d245ab3 2021-10-11 15:38:59 +02:00			`static int get_keymaster1_dev(keymaster1_device_t** dev, const hw_module_t* mod) {`
			`int rc = keymaster1_open(mod, dev);`
			`if (rc) {`
			`ALOGE("Error %d opening keystore keymaster1 device", rc);`
			`if (*dev) {`
			`(dev)->common.close(&(dev)->common);`
			`*dev = nullptr;`
			`}`
			`}`
			`return rc;`
			`}`

Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`static int get_keymaster2_dev(keymaster2_device_t** dev, const hw_module_t* mod) {`
			`int rc = keymaster2_open(mod, dev);`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00			`if (rc) {`
			`ALOGE("Error %d opening keystore keymaster2 device", rc);`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`*dev = nullptr;`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00			`}`
			`return rc;`
			`}`

Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`static IKeymasterDevice* createKeymaster3Device() {`
			`const hw_module_t* mod = nullptr;`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00
			`int rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod);`
			`if (rc) {`
			`ALOGI("Could not find any keystore module, using software-only implementation.");`
			`// SoftKeymasterDevice will be deleted by keymaster_device_release()`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`return ::keymaster::ng::CreateKeymasterDevice();`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00			`}`

Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert submission 1844016-delkm1 Reason for revert: b/202675261 Reverted Changes: Iba996962b:Delete KM1 Ia4c5359cd:Delete KM1 Iee6ec9816:Delete KM1 I6058e4d86:Delete KM1 I8abb9c570:Delete KM1 I9c4dc5c9e:Delete KM1 Change-Id: I2a2d4b737a90f8ce31cd14b68f64564d8d245ab3 2021-10-11 15:38:59 +02:00			`if (mod->module_api_version < KEYMASTER_MODULE_API_VERSION_1_0) {`
Delete keymaster0 Test: Build Change-Id: I2ffb10978af9add7792faff0675bd013d96b35b8 2020-12-02 03:07:41 +01:00			`return nullptr;`
Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert "Delete KM1" Revert submission 1844016-delkm1 Reason for revert: b/202675261 Reverted Changes: Iba996962b:Delete KM1 Ia4c5359cd:Delete KM1 Iee6ec9816:Delete KM1 I6058e4d86:Delete KM1 I8abb9c570:Delete KM1 I9c4dc5c9e:Delete KM1 Change-Id: I2a2d4b737a90f8ce31cd14b68f64564d8d245ab3 2021-10-11 15:38:59 +02:00			`} else if (mod->module_api_version == KEYMASTER_MODULE_API_VERSION_1_0) {`
			`keymaster1_device_t* dev = nullptr;`
			`if (get_keymaster1_dev(&dev, mod)) {`
			`return nullptr;`
			`}`
			`return ::keymaster::ng::CreateKeymasterDevice(dev);`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`} else {`
			`keymaster2_device_t* dev = nullptr;`
			`if (get_keymaster2_dev(&dev, mod)) {`
			`return nullptr;`
Add device id attestation This adds device id attestation to the Keymaster 3.0 HAL. Device id attestation must only be offered if the device can permanently destroy device ids on request. The default implementation cannot do this because it lacks storage that would survive device wipes. Hence, the implementation refuses all device id attestation requests. Bug: 34597337 Test: CTS CtsKeystoreTestCases and GTS DeviceIdAttestationHostTest Change-Id: I6ff6146fad4656b8e1367650de922124b3d7f7b2 2017-01-23 13:51:10 +01:00			`}`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`return ::keymaster::ng::CreateKeymasterDevice(dev);`
Add device id attestation This adds device id attestation to the Keymaster 3.0 HAL. Device id attestation must only be offered if the device can permanently destroy device ids on request. The default implementation cannot do this because it lacks storage that would survive device wipes. Hence, the implementation refuses all device id attestation requests. Bug: 34597337 Test: CTS CtsKeystoreTestCases and GTS DeviceIdAttestationHostTest Change-Id: I6ff6146fad4656b8e1367650de922124b3d7f7b2 2017-01-23 13:51:10 +01:00			`}`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00			`}`

Revert "Revert "Add keymaster VTS tests."" This reverts commit 8e10baee45a1bfab4094869159b8ede270b6d416. Test: Tests pass, except known failures with in-progress vendor fixes Change-Id: Ia95c1444100e123fa65d095b001878cf9040d0c4 2017-03-30 05:27:12 +02:00			`IKeymasterDevice* HIDL_FETCH_IKeymasterDevice(const char* name) {`
			`ALOGI("Fetching keymaster device name %s", name);`

			`if (name && strcmp(name, "softwareonly") == 0) {`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`return ::keymaster::ng::CreateKeymasterDevice();`
Revert "Revert "Add keymaster VTS tests."" This reverts commit 8e10baee45a1bfab4094869159b8ede270b6d416. Test: Tests pass, except known failures with in-progress vendor fixes Change-Id: Ia95c1444100e123fa65d095b001878cf9040d0c4 2017-03-30 05:27:12 +02:00			`} else if (name && strcmp(name, "default") == 0) {`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`return createKeymaster3Device();`
Revert "Revert "Add keymaster VTS tests."" This reverts commit 8e10baee45a1bfab4094869159b8ede270b6d416. Test: Tests pass, except known failures with in-progress vendor fixes Change-Id: Ia95c1444100e123fa65d095b001878cf9040d0c4 2017-03-30 05:27:12 +02:00			`}`
Switch to new NG AndroidKeymaster3Device Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0 2017-05-24 01:11:06 +02:00			`return nullptr;`
Add default implementation for binderized Keymaster HAL and service The default implementation loads the device's legacy keymaster hal and wraps in a softkeymasterdevice if the capabilities of the device is less than keymaster 2. Test: builds Bug: 32020919 Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158 2016-10-12 12:33:13 +02:00			`}`

			`} // namespace implementation`
			`} // namespace V3_0`
			`} // namespace keymaster`
			`} // namespace hardware`
			`} // namespace android`