tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_core/gatekeeperd/gatekeeperd.cpp

448 lines
18 KiB
C++
Raw Normal View History

GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
/*
* Copyright (C) 2015 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#define LOG_TAG "gatekeeperd"
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
#include <android/service/gatekeeper/BnGateKeeperService.h>
#include <gatekeeper/GateKeeperResponse.h>
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
#include <endian.h>
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
gatekeeperd: use std::unique_ptr std::unique_ptr is available in this scope. Substitue the UniquePtr to std::unique_ptr. Bug: 63686260 Test: build and boot Change-Id: Ib8ea3fb5c49c0e92d962f65f1139b073168f8698
2017-08-16 11:54:20 +02:00
#include <memory>
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
#include <android-base/logging.h>
#include <android-base/properties.h>
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
#include <android/binder_ibinder.h>
#include <android/binder_manager.h>
#include <android/security/keystore/IKeystoreService.h>
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
#include <binder/IPCThreadState.h>
#include <binder/IServiceManager.h>
#include <binder/PermissionCache.h>
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
#include <gatekeeper/password_handle.h> // for password_handle_t
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
#include <hardware/hw_auth_token.h>
Get rid of manually created IKeystoreService in gatekeeper.cpp Bug:68389643 Test: manual Change-Id: I2c1404f4c6597e63bc0a360a7bf598e35585b30e
2017-11-14 21:53:39 +01:00
#include <keystore/keystore_return_types.h>
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
#include <libgsi/libgsi.h>
liblog: use log/log.h when utilizing ALOG macros Test: compile Bug: 30465923 Change-Id: Id6d76510819ebd88c3f5003d00d73a0dbe85e943
2017-01-10 22:19:54 +01:00
#include <log/log.h>
system/core Replace cutils/log.h with android/log.h Should use android/log.h instead of cutils/log.h as a good example to all others. Adjust header order to comply with Android Coding standards. Test: Compile Bug: 26552300 Bug: 31289077 Change-Id: I2c9cbbbd64d8dccf2d44356361d9742e4a9b9031
2016-09-28 19:07:20 +02:00
#include <utils/String16.h>
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
#include <aidl/android/hardware/security/keymint/HardwareAuthToken.h>
#include <aidl/android/security/authorization/IKeystoreAuthorization.h>
Revert "Integrate IKeystoreAuthorization aidl's addAuthToken wit..." Revert "Implement addAuthToken method of IKeystoreAuthorization ..." Revert "Integrate IKeystoreAuthorization aidl's addAuthToken wit..." Revert submission 1519257-rename_auth_service Reason for revert: breaking WM presubmit, b/177787180 Reverted Changes: Ib847b68d4:Integrate IKeystoreAuthorization aidl's addAuthTok... I7893ab452:Integrate IKeystoreAuthorization aidl's addAuthTok... I4a092119c:Implement addAuthToken method of IKeystoreAuthoriz... Change-Id: Icc48050a127fa3a931cb0b591db8165384e2fe25
2021-01-18 11:01:12 +01:00
#include <android/hardware/gatekeeper/1.0/IGatekeeper.h>
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
#include <hidl/HidlSupport.h>
Use HIDL-generated HAL interworking code Change-Id: Ide455f8e8bba8b7f403cc7a8971848c11d3b37a8 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-10-18 22:59:26 +02:00
using android::sp;
Revert "Integrate IKeystoreAuthorization aidl's addAuthToken wit..." Revert "Implement addAuthToken method of IKeystoreAuthorization ..." Revert "Integrate IKeystoreAuthorization aidl's addAuthToken wit..." Revert submission 1519257-rename_auth_service Reason for revert: breaking WM presubmit, b/177787180 Reverted Changes: Ib847b68d4:Integrate IKeystoreAuthorization aidl's addAuthTok... I7893ab452:Integrate IKeystoreAuthorization aidl's addAuthTok... I4a092119c:Implement addAuthToken method of IKeystoreAuthoriz... Change-Id: Icc48050a127fa3a931cb0b591db8165384e2fe25
2021-01-18 11:01:12 +01:00
using android::hardware::Return;
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
using android::hardware::gatekeeper::V1_0::GatekeeperResponse;
using android::hardware::gatekeeper::V1_0::GatekeeperStatusCode;
using android::hardware::gatekeeper::V1_0::IGatekeeper;
Use HIDL-generated HAL interworking code Change-Id: Ide455f8e8bba8b7f403cc7a8971848c11d3b37a8 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-10-18 22:59:26 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
using ::android::binder::Status;
using ::android::service::gatekeeper::BnGateKeeperService;
using GKResponse = ::android::service::gatekeeper::GateKeeperResponse;
using GKResponseCode = ::android::service::gatekeeper::ResponseCode;
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
using ::aidl::android::hardware::security::keymint::HardwareAuthenticatorType;
using ::aidl::android::hardware::security::keymint::HardwareAuthToken;
using ::aidl::android::security::authorization::IKeystoreAuthorization;
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
namespace android {
static const String16 KEYGUARD_PERMISSION("android.permission.ACCESS_KEYGUARD_SECURE_STORAGE");
static const String16 DUMP_PERMISSION("android.permission.DUMP");
class GateKeeperProxy : public BnGateKeeperService {
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
public:
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
GateKeeperProxy() {
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
clear_state_if_needed_done = false;
gatekeeper HAL uses "default" service name The getService() and registerAsService() methods of interface objects now have default parameters of "default" for the service name. HALs will not have to use any service name unless they want to register more than one service. Test: builds Bug: 33844934 Change-Id: Ie49c8cea290d328b2160f6012e7c143c49d535cc
2017-01-24 22:09:39 +01:00
hw_device = IGatekeeper::getService();
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
is_running_gsi = android::base::GetBoolProperty(android::gsi::kGsiBootedProp, false);
[gatekeeperd] fix use of uninitialized memory Bug: 22319772 Change-Id: I3cb83389f11e54867aca132de48a3f6407b7eaf3
2015-07-07 19:28:15 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (!hw_device) {
LOG(ERROR) << "Could not find Gatekeeper device, which makes me very sad.";
Move SoftGateKeeper into gatekeeperd Allows for easy determination of whether there's a hardware module in place. Permits tighter coupling of software implementation with upper-level stack. Bug:21090356 Change-Id: I275b57cd976c233c43c476c5869c5a4b29fbc175
2015-05-13 00:37:20 +02:00
}
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
}
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
virtual ~GateKeeperProxy() {}
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
void store_sid(uint32_t userId, uint64_t sid) {
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
char filename[21];
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
snprintf(filename, sizeof(filename), "%u", userId);
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
int fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR);
if (fd < 0) {
Make clear SID delete the file This allows us to recover in situations where we manage to clear the SID in GateKeeper but fail to remove the password in LockSettingsService. Change-Id: Ib64ead137632f9615745a414c90a9b66b847134f
2015-04-17 18:00:28 +02:00
ALOGE("could not open file: %s: %s", filename, strerror(errno));
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
return;
}
write(fd, &sid, sizeof(sid));
close(fd);
}
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
void clear_state_if_needed() {
if (clear_state_if_needed_done) {
return;
}
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
if (mark_cold_boot() && !is_running_gsi) {
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
ALOGI("cold boot: clearing state");
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (hw_device) {
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
hw_device->deleteAllUsers([](const GatekeeperResponse&) {});
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
}
}
clear_state_if_needed_done = true;
}
[gatekeeperd] clear state and mark on cold boot required to initialize state by certain HAL impls Bug: 22011857 Change-Id: Ibb01a799da983e1a930aae946c331b23f571861d
2015-06-24 19:21:16 +02:00
bool mark_cold_boot() {
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
const char* filename = ".coldboot";
[gatekeeperd] clear state and mark on cold boot required to initialize state by certain HAL impls Bug: 22011857 Change-Id: Ibb01a799da983e1a930aae946c331b23f571861d
2015-06-24 19:21:16 +02:00
if (access(filename, F_OK) == -1) {
int fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR);
if (fd < 0) {
ALOGE("could not open file: %s : %s", filename, strerror(errno));
return false;
}
close(fd);
return true;
}
return false;
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
void maybe_store_sid(uint32_t userId, uint64_t sid) {
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
char filename[21];
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
snprintf(filename, sizeof(filename), "%u", userId);
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
if (access(filename, F_OK) == -1) {
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
store_sid(userId, sid);
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
}
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
uint64_t read_sid(uint32_t userId) {
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
char filename[21];
uint64_t sid;
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
snprintf(filename, sizeof(filename), "%u", userId);
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
int fd = open(filename, O_RDONLY);
if (fd < 0) return 0;
read(fd, &sid, sizeof(sid));
[gatekeeperd] fix file descriptor leak Bug: 22403703 Change-Id: I65da3b3b3f85db035d79277344beb5460cb025f2
2015-07-10 18:47:09 +02:00
close(fd);
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
return sid;
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
void clear_sid(uint32_t userId) {
Make clear SID delete the file This allows us to recover in situations where we manage to clear the SID in GateKeeper but fail to remove the password in LockSettingsService. Change-Id: Ib64ead137632f9615745a414c90a9b66b847134f
2015-04-17 18:00:28 +02:00
char filename[21];
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
snprintf(filename, sizeof(filename), "%u", userId);
Make clear SID delete the file This allows us to recover in situations where we manage to clear the SID in GateKeeper but fail to remove the password in LockSettingsService. Change-Id: Ib64ead137632f9615745a414c90a9b66b847134f
2015-04-17 18:00:28 +02:00
if (remove(filename) < 0) {
ALOGE("%s: could not remove file [%s], attempting 0 write", __func__, strerror(errno));
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
store_sid(userId, 0);
Make clear SID delete the file This allows us to recover in situations where we manage to clear the SID in GateKeeper but fail to remove the password in LockSettingsService. Change-Id: Ib64ead137632f9615745a414c90a9b66b847134f
2015-04-17 18:00:28 +02:00
}
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
// This should only be called on userIds being passed to the GateKeeper HAL. It ensures that
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
// secure storage shared across a GSI image and a host image will not overlap.
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
uint32_t adjust_userId(uint32_t userId) {
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
static constexpr uint32_t kGsiOffset = 1000000;
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
CHECK(userId < kGsiOffset);
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
CHECK(hw_device != nullptr);
if (is_running_gsi) {
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
return userId + kGsiOffset;
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
return userId;
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
#define GK_ERROR *gkResponse = GKResponse::error(), Status::ok()
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
Status enroll(int32_t userId, const std::optional<std::vector<uint8_t>>& currentPasswordHandle,
Use optional for nullable types AIDL generates optional<T> for nullable T types for C++, which is more efficient and idomatic and easy to use. Bug: 144773267 Test: build/flash/boot Merged-In: I6bf4c2017f113f4d326fddb1d76163c2fed34d50 Change-Id: I6bf4c2017f113f4d326fddb1d76163c2fed34d50 (cherry picked from commit 5f7f450fa38e752ae49ae91b1bdaf267ec9deea5)
2020-01-23 05:28:36 +01:00
const std::optional<std::vector<uint8_t>>& currentPassword,
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
const std::vector<uint8_t>& desiredPassword, GKResponse* gkResponse) override {
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return GK_ERROR;
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
}
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
// Make sure to clear any state from before factory reset as soon as a credential is
// enrolled (which may happen during device setup).
clear_state_if_needed();
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
// need a desired password to enroll
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (desiredPassword.size() == 0) return GK_ERROR;
[gatekeeperd] handle upgrades from software version to HAL Certain devices, like Shamu, are currently running an interim software-only gatekeeper. When the HAL for those devices is merged, we need to handle upgrading to the HAL smoothly. Bug: 21090356 Change-Id: I5352bc547a43671a08249eae532e8b3ce6b90087
2015-06-04 00:06:24 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (!hw_device) {
LOG(ERROR) << "has no HAL to talk to";
return GK_ERROR;
}
Use HIDL-generated HAL interworking code Change-Id: Ide455f8e8bba8b7f403cc7a8971848c11d3b37a8 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-10-18 22:59:26 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
android::hardware::hidl_vec<uint8_t> curPwdHandle;
android::hardware::hidl_vec<uint8_t> curPwd;
if (currentPasswordHandle && currentPassword) {
if (currentPasswordHandle->size() != sizeof(gatekeeper::password_handle_t)) {
LOG(INFO) << "Password handle has wrong length";
return GK_ERROR;
Use HIDL-generated HAL interworking code Change-Id: Ide455f8e8bba8b7f403cc7a8971848c11d3b37a8 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-10-18 22:59:26 +02:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
curPwdHandle.setToExternal(const_cast<uint8_t*>(currentPasswordHandle->data()),
currentPasswordHandle->size());
curPwd.setToExternal(const_cast<uint8_t*>(currentPassword->data()),
currentPassword->size());
Move SoftGateKeeper into gatekeeperd Allows for easy determination of whether there's a hardware module in place. Permits tighter coupling of software implementation with upper-level stack. Bug:21090356 Change-Id: I275b57cd976c233c43c476c5869c5a4b29fbc175
2015-05-13 00:37:20 +02:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
android::hardware::hidl_vec<uint8_t> newPwd;
newPwd.setToExternal(const_cast<uint8_t*>(desiredPassword.data()), desiredPassword.size());
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
uint32_t hw_userId = adjust_userId(userId);
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
Return<void> hwRes = hw_device->enroll(
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
hw_userId, curPwdHandle, curPwd, newPwd,
[&gkResponse](const GatekeeperResponse& rsp) {
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (rsp.code >= GatekeeperStatusCode::STATUS_OK) {
*gkResponse = GKResponse::ok({rsp.data.begin(), rsp.data.end()});
} else if (rsp.code == GatekeeperStatusCode::ERROR_RETRY_TIMEOUT &&
rsp.timeout > 0) {
*gkResponse = GKResponse::retry(rsp.timeout);
} else {
*gkResponse = GKResponse::error();
}
});
if (!hwRes.isOk()) {
LOG(ERROR) << "enroll transaction failed";
return GK_ERROR;
gatekeeperd: protect from invalid data passed by HAL Bug: 31349112 Change-Id: I6c0656f85e44054147f8795c98baab7a98f575b9 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-09-08 03:51:28 +02:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (gkResponse->response_code() == GKResponseCode::OK && !gkResponse->should_reenroll()) {
if (gkResponse->payload().size() != sizeof(gatekeeper::password_handle_t)) {
LOG(ERROR) << "HAL returned password handle of invalid length "
<< gkResponse->payload().size();
return GK_ERROR;
}
const gatekeeper::password_handle_t* handle =
reinterpret_cast<const gatekeeper::password_handle_t*>(
gkResponse->payload().data());
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
store_sid(userId, handle->user_id);
[gatekeeperd] verify a password after enrolling successfully Bug: 20918106 Change-Id: Ia3cb6d1375d9ee2a6e543ee97d37b7c4f0459447
2015-06-02 02:23:04 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
GKResponse verifyResponse;
[gatekeeperd] verify a password after enrolling successfully Bug: 20918106 Change-Id: Ia3cb6d1375d9ee2a6e543ee97d37b7c4f0459447
2015-06-02 02:23:04 +02:00
// immediately verify this password so we don't ask the user to enter it again
// if they just created it.
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
auto status = verify(userId, gkResponse->payload(), desiredPassword, &verifyResponse);
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (!status.isOk() || verifyResponse.response_code() != GKResponseCode::OK) {
LOG(ERROR) << "Failed to verify password after enrolling";
}
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
}
[gatekeeperd] return brute-force throttling information Bug: 21118563 Change-Id: I13c6a44f61668be8b4c1fde8c84dcfebab84517c
2015-05-18 18:26:19 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return Status::ok();
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
Status verify(int32_t userId, const ::std::vector<uint8_t>& enrolledPasswordHandle,
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
const ::std::vector<uint8_t>& providedPassword, GKResponse* gkResponse) override {
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
return verifyChallenge(userId, 0 /* challenge */, enrolledPasswordHandle, providedPassword,
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
gkResponse);
Update verify API to return auth token blob Change-Id: I853e61815458b54fb3b2f29e12a147b3b9aa3788
2015-04-11 06:03:07 +02:00
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
Status verifyChallenge(int32_t userId, int64_t challenge,
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
const std::vector<uint8_t>& enrolledPasswordHandle,
const std::vector<uint8_t>& providedPassword,
GKResponse* gkResponse) override {
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return GK_ERROR;
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
}
// can't verify if we're missing either param
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (enrolledPasswordHandle.size() == 0 || providedPassword.size() == 0) return GK_ERROR;
if (!hw_device) return GK_ERROR;
if (enrolledPasswordHandle.size() != sizeof(gatekeeper::password_handle_t)) {
LOG(INFO) << "Password handle has wrong length";
return GK_ERROR;
}
const gatekeeper::password_handle_t* handle =
reinterpret_cast<const gatekeeper::password_handle_t*>(
enrolledPasswordHandle.data());
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
uint32_t hw_userId = adjust_userId(userId);
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
android::hardware::hidl_vec<uint8_t> curPwdHandle;
curPwdHandle.setToExternal(const_cast<uint8_t*>(enrolledPasswordHandle.data()),
enrolledPasswordHandle.size());
android::hardware::hidl_vec<uint8_t> enteredPwd;
enteredPwd.setToExternal(const_cast<uint8_t*>(providedPassword.data()),
providedPassword.size());
Return<void> hwRes = hw_device->verify(
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
hw_userId, challenge, curPwdHandle, enteredPwd,
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
[&gkResponse](const GatekeeperResponse& rsp) {
if (rsp.code >= GatekeeperStatusCode::STATUS_OK) {
*gkResponse = GKResponse::ok(
{rsp.data.begin(), rsp.data.end()},
rsp.code == GatekeeperStatusCode::STATUS_REENROLL /* reenroll */);
} else if (rsp.code == GatekeeperStatusCode::ERROR_RETRY_TIMEOUT) {
*gkResponse = GKResponse::retry(rsp.timeout);
} else {
*gkResponse = GKResponse::error();
Use HIDL-generated HAL interworking code Change-Id: Ide455f8e8bba8b7f403cc7a8971848c11d3b37a8 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-10-18 22:59:26 +02:00
}
});
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (!hwRes.isOk()) {
LOG(ERROR) << "verify transaction failed";
return GK_ERROR;
Move SoftGateKeeper into gatekeeperd Allows for easy determination of whether there's a hardware module in place. Permits tighter coupling of software implementation with upper-level stack. Bug:21090356 Change-Id: I275b57cd976c233c43c476c5869c5a4b29fbc175
2015-05-13 00:37:20 +02:00
}
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (gkResponse->response_code() == GKResponseCode::OK) {
if (gkResponse->payload().size() != 0) {
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
// try to connect to IKeystoreAuthorization AIDL service first.
AIBinder* authzAIBinder =
AServiceManager_checkService("android.security.authorization");
::ndk::SpAIBinder authzBinder(authzAIBinder);
auto authzService = IKeystoreAuthorization::fromBinder(authzBinder);
if (authzService) {
if (gkResponse->payload().size() != sizeof(hw_auth_token_t)) {
LOG(ERROR) << "Incorrect size of AuthToken payload.";
return GK_ERROR;
}
const hw_auth_token_t* hwAuthToken =
reinterpret_cast<const hw_auth_token_t*>(gkResponse->payload().data());
HardwareAuthToken authToken;
authToken.timestamp.milliSeconds = betoh64(hwAuthToken->timestamp);
authToken.challenge = hwAuthToken->challenge;
Gatekeeper: Add missing user_id. Auth tokens sent to keystore2 where missing the user id. Test: Timeout bound keys can be authorized. Change-Id: Ifd27d2d8c4e153d2e21460574a073516e276aae0
2021-02-12 08:16:58 +01:00
authToken.userId = hwAuthToken->user_id;
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
authToken.authenticatorId = hwAuthToken->authenticator_id;
authToken.authenticatorType = static_cast<HardwareAuthenticatorType>(
betoh32(hwAuthToken->authenticator_type));
authToken.mac.assign(&hwAuthToken->hmac[0], &hwAuthToken->hmac[32]);
auto result = authzService->addAuthToken(authToken);
if (!result.isOk()) {
LOG(ERROR) << "Failure in sending AuthToken to AuthorizationService.";
return GK_ERROR;
}
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
sp<IServiceManager> sm = defaultServiceManager();
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
sp<IBinder> binder = sm->getService(String16("android.security.keystore"));
sp<security::keystore::IKeystoreService> service =
interface_cast<security::keystore::IKeystoreService>(binder);
if (service) {
int result = 0;
auto binder_result = service->addAuthToken(gkResponse->payload(), &result);
if (!binder_result.isOk() ||
!keystore::KeyStoreServiceReturnCode(result).isOk()) {
LOG(ERROR) << "Failure sending auth token to KeyStore: " << result;
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
return GK_ERROR;
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
}
} else {
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
LOG(ERROR) << "Cannot deliver auth token. Unable to communicate with "
"Keystore.";
return GK_ERROR;
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
}
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
maybe_store_sid(userId, handle->user_id);
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return Status::ok();
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
Status getSecureUserId(int32_t userId, int64_t* sid) override {
*sid = read_sid(userId);
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return Status::ok();
}
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
Status clearSecureUserId(int32_t userId) override {
Implement clear SID API Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
2015-04-17 00:57:17 +02:00
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid);
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return Status::ok();
Implement clear SID API Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
2015-04-17 00:57:17 +02:00
}
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
clear_sid(userId);
[gatekeeperd] clear state and mark on cold boot required to initialize state by certain HAL impls Bug: 22011857 Change-Id: Ibb01a799da983e1a930aae946c331b23f571861d
2015-06-24 19:21:16 +02:00
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
if (hw_device) {
Chanage uid to userId where it denotes an Android user id. This patch changes the variable name `uid` to `userId` where it denotes an Android user id. This makes it harder to mistake the user id for an actual UID. Test: Trivial refactoring no logical changes. Bug: 163636858 Change-Id: I9e240367bcd30bbfa1816014a7f44bbcb58ede4b
2020-09-24 02:00:20 +02:00
uint32_t hw_userId = adjust_userId(userId);
hw_device->deleteUser(hw_userId, [](const GatekeeperResponse&) {});
[gatekeeperd] clear state and mark on cold boot required to initialize state by certain HAL impls Bug: 22011857 Change-Id: Ibb01a799da983e1a930aae946c331b23f571861d
2015-06-24 19:21:16 +02:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return Status::ok();
Implement clear SID API Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
2015-04-17 00:57:17 +02:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
Status reportDeviceSetupComplete() override {
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
IPCThreadState* ipc = IPCThreadState::self();
const int calling_pid = ipc->getCallingPid();
const int calling_uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(KEYGUARD_PERMISSION, calling_pid, calling_uid)) {
ALOGE("%s: permission denied for [%d:%d]", __func__, calling_pid, calling_uid);
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return Status::ok();
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
}
clear_state_if_needed();
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
return Status::ok();
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
}
Gatekeeperd maintenance * Move gatekeeper aidl definition to system/core/gatekeeperd * Retire hand written IGateKeeperService and use generated instead * Adjust gatekeeperd to use the generated aidl stubs. * Annotated enroll parameters with @nullable to match the documentation and the way it was used. (The hand written code was tolerant to null parameters, but it was undefined behavior.) * Removed Software implementation from gatekeeperd. * Also removed the upgrade path. * Software implementation including test moved to hardware/interfaces/gatekeeper/1.0/software Change-Id: I72b734db6f67b79b29c2629764490d75d179908a Merged-In: I72b734db6f67b79b29c2629764490d75d179908a Test: Manually tested setting pin and login.
2019-03-29 19:14:31 +01:00
status_t dump(int fd, const Vector<String16>&) override {
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
IPCThreadState* ipc = IPCThreadState::self();
const int pid = ipc->getCallingPid();
const int uid = ipc->getCallingUid();
if (!PermissionCache::checkPermission(DUMP_PERMISSION, pid, uid)) {
return PERMISSION_DENIED;
}
Use HIDL-generated HAL interworking code Change-Id: Ide455f8e8bba8b7f403cc7a8971848c11d3b37a8 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-10-18 22:59:26 +02:00
if (hw_device == NULL) {
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
const char* result = "Device not available";
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
write(fd, result, strlen(result) + 1);
} else {
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
const char* result = "OK";
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
write(fd, result, strlen(result) + 1);
}
Move system/core/ off NO_ERROR. It causes trouble for Windows, and OK already exists. Bug: N/A Test: builds Change-Id: Ida22fd658b0ebb259c710ba39049b07c9e495d9c
2018-10-08 20:10:11 +02:00
return OK;
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
}
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
private:
Use HIDL-generated HAL interworking code Change-Id: Ide455f8e8bba8b7f403cc7a8971848c11d3b37a8 Signed-off-by: Alexey Polyudov <apolyudov@google.com>
2016-10-18 22:59:26 +02:00
sp<IGatekeeper> hw_device;
Credential FRP: keep gatekeeperd credentials after reset Gatekeeperd now delays clearing all user credentials until the device setup is complete or we enroll a new credential (whichever comes first). Bug: 36814845 Test: Set lockscreen credential, "adb reboot-bootloader && fastboot -w", "adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL", verify that credential still works Change-Id: If2ad78ff5b80a6ddffd997be0949b03ed11797f4
2017-04-12 22:03:04 +02:00
bool clear_state_if_needed_done;
Use distinct GateKeeper userids when running a GSI. GateKeeper uses userids to key authentication data. This poses a problem for GSIs, since both the GSI and the host image will be storing separate authentication data for the same userids. To account for this, we add a large offset (1000000) to GSI userids before handing them off to the GateKeeper HAL. Note that SyntheticPasswordManager uses a similar trick to store Weaver data in GateKeeper (when a Weaver HAL is not available). Bug: 123716647 Test: PIN authentication works after booting into a GSI Change-Id: I714368919f8e46ff1931f350342f09fa09225a35
2019-02-16 00:59:39 +01:00
bool is_running_gsi;
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
};
Integrate IKeystoreAuthorization aidl's addAuthToken with gatekeeperd. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I15b751ec993a240756e58c2df3352c544bced517
2020-12-08 22:08:13 +01:00
} // namespace android
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
int main(int argc, char* argv[]) {
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
ALOGI("Starting gatekeeperd...");
Implement SID API Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 22:16:24 +02:00
if (argc < 2) {
ALOGE("A directory must be specified!");
return 1;
}
if (chdir(argv[1]) == -1) {
ALOGE("chdir: %s: %s", argv[1], strerror(errno));
return 1;
}
GateKeeper proxy service Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-04 01:40:15 +02:00
android::sp<android::IServiceManager> sm = android::defaultServiceManager();
android::sp<android::GateKeeperProxy> proxy = new android::GateKeeperProxy();
android::status_t ret = sm->addService(
android::String16("android.service.gatekeeper.IGateKeeperService"), proxy);
if (ret != android::OK) {
ALOGE("Couldn't register binder service!");
return -1;
}
/*
* We're the only thread in existence, so we're just going to process
* Binder transaction as a single-threaded program.
*/
android::IPCThreadState::self()->joinThreadPool();
return 0;
}
Reference in a new issue Copy permalink