Merge "[refactor] Split watchdog in a standalone library for reuse" into main am: 9e89235bf1 am: f001f6c7ea am: 584b7d4e5f

Original change: https://android-review.googlesource.com/c/platform/system/security/+/2817564

Change-Id: Idfdf3ae9e7d98601195768cb63b083334ec2ddfa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Alice Wang 2023-11-07 14:02:15 +00:00 committed by Automerger Merge Worker
commit cdb3ee9fd1
8 changed files with 120 additions and 53 deletions

View file

@ -61,6 +61,7 @@ rust_defaults {
"libserde_cbor",
"libthiserror",
"libtokio",
"libwatchdog_rs",
],
shared_libs: [
"libcutils",

View file

@ -33,6 +33,9 @@
},
{
"name": "keystore2_client_tests"
},
{
"name": "libwatchdog_rs.test"
}
]
}

View file

@ -50,6 +50,4 @@ mod gc;
mod km_compat;
mod super_key;
mod sw_keyblob;
#[cfg(feature = "watchdog")]
mod watchdog;
mod watchdog_helper;

View file

@ -17,7 +17,7 @@
use crate::error::{map_binder_status_code, Error, ResponseCode};
use crate::globals::get_remotely_provisioned_component_name;
use crate::ks_err;
use crate::utils::watchdog as wd;
use crate::watchdog_helper::watchdog as wd;
use android_hardware_security_keymint::aidl::android::hardware::security::keymint::SecurityLevel::SecurityLevel;
use android_security_rkp_aidl::aidl::android::security::rkp::{
IGetKeyCallback::BnGetKeyCallback, IGetKeyCallback::ErrorCode::ErrorCode as GetKeyErrorCode,

View file

@ -20,6 +20,7 @@ use crate::key_parameter::KeyParameter;
use crate::ks_err;
use crate::permission;
use crate::permission::{KeyPerm, KeyPermSet, KeystorePerm};
pub use crate::watchdog_helper::watchdog;
use crate::{
database::{KeyType, KeystoreDB},
globals::LEGACY_IMPORTER,
@ -421,36 +422,6 @@ pub fn count_key_entries(db: &mut KeystoreDB, domain: Domain, namespace: i64) ->
Ok((legacy_keys.len() + num_keys_in_db) as i32)
}
/// This module provides helpers for simplified use of the watchdog module.
#[cfg(feature = "watchdog")]
pub mod watchdog {
pub use crate::watchdog::WatchPoint;
use crate::watchdog::Watchdog;
use lazy_static::lazy_static;
use std::sync::Arc;
use std::time::Duration;
lazy_static! {
/// A Watchdog thread, that can be used to create watch points.
static ref WD: Arc<Watchdog> = Watchdog::new(Duration::from_secs(10));
}
/// Sets a watch point with `id` and a timeout of `millis` milliseconds.
pub fn watch_millis(id: &'static str, millis: u64) -> Option<WatchPoint> {
Watchdog::watch(&WD, id, Duration::from_millis(millis))
}
/// Like `watch_millis` but with a callback that is called every time a report
/// is printed about this watch point.
pub fn watch_millis_with(
id: &'static str,
millis: u64,
callback: impl Fn() -> String + Send + 'static,
) -> Option<WatchPoint> {
Watchdog::watch_with(&WD, id, Duration::from_millis(millis), callback)
}
}
/// Trait implemented by objects that can be used to decrypt cipher text using AES-GCM.
pub trait AesGcm {
/// Deciphers `data` using the initialization vector `iv` and AEAD tag `tag`
@ -480,25 +451,6 @@ impl<T: AesGcmKey> AesGcm for T {
}
}
/// This module provides empty/noop implementations of the watch dog utility functions.
#[cfg(not(feature = "watchdog"))]
pub mod watchdog {
/// Noop watch point.
pub struct WatchPoint();
/// Sets a Noop watch point.
fn watch_millis(_: &'static str, _: u64) -> Option<WatchPoint> {
None
}
pub fn watch_millis_with(
_: &'static str,
_: u64,
_: impl Fn() -> String + Send + 'static,
) -> Option<WatchPoint> {
None
}
}
#[cfg(test)]
mod tests {
use super::*;

View file

@ -0,0 +1,64 @@
// Copyright 2023, The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//! Helpers for the watchdog module.
/// This module provides helpers for simplified use of the watchdog module.
#[cfg(feature = "watchdog")]
pub mod watchdog {
use lazy_static::lazy_static;
use std::sync::Arc;
use std::time::Duration;
pub use watchdog_rs::WatchPoint;
use watchdog_rs::Watchdog;
lazy_static! {
/// A Watchdog thread, that can be used to create watch points.
static ref WD: Arc<Watchdog> = Watchdog::new(Duration::from_secs(10));
}
/// Sets a watch point with `id` and a timeout of `millis` milliseconds.
pub fn watch_millis(id: &'static str, millis: u64) -> Option<WatchPoint> {
Watchdog::watch(&WD, id, Duration::from_millis(millis))
}
/// Like `watch_millis` but with a callback that is called every time a report
/// is printed about this watch point.
pub fn watch_millis_with(
id: &'static str,
millis: u64,
callback: impl Fn() -> String + Send + 'static,
) -> Option<WatchPoint> {
Watchdog::watch_with(&WD, id, Duration::from_millis(millis), callback)
}
}
/// This module provides empty/noop implementations of the watch dog utility functions.
#[cfg(not(feature = "watchdog"))]
pub mod watchdog {
/// Noop watch point.
pub struct WatchPoint();
/// Sets a Noop watch point.
fn watch_millis(_: &'static str, _: u64) -> Option<WatchPoint> {
None
}
pub fn watch_millis_with(
_: &'static str,
_: u64,
_: impl Fn() -> String + Send + 'static,
) -> Option<WatchPoint> {
None
}
}

View file

@ -0,0 +1,49 @@
// Copyright 2023, The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package {
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "system_security_license"
// to get the below license kinds:
// SPDX-license-identifier-Apache-2.0
default_applicable_licenses: ["system_security_license"],
}
rust_defaults {
name: "libwatchdog_defaults",
crate_name: "watchdog_rs",
srcs: ["src/lib.rs"],
rustlibs: [
"liblog_rust",
]
}
rust_library {
name: "libwatchdog_rs",
defaults: ["libwatchdog_defaults"],
apex_available: [
"//apex_available:platform",
"com.android.virt",
],
}
rust_test {
name: "libwatchdog_rs.test",
defaults: ["libwatchdog_defaults"],
test_suites: ["general-tests"],
rustlibs: [
"libandroid_logger",
]
}