[rkp] Report request processing error from service VM to host
This cl moves the request processing error from the service VM
to the communication protocol library so that the service VM can
send the error the host.
This change is necessary to enable the service VM to send back
RKP service specific error later.
Bug: 299256925
Test: atest rialto_test
Change-Id: I2cd718d8606880188866e954ac7c4eb8bb732bb4
diff --git a/libs/service_vm_comm/Android.bp b/libs/service_vm_comm/Android.bp
index cdb8fc3..9bce2f4 100644
--- a/libs/service_vm_comm/Android.bp
+++ b/libs/service_vm_comm/Android.bp
@@ -21,6 +21,8 @@
"libcore.rust_sysroot",
],
rustlibs: [
+ "libcoset_nostd",
+ "liblog_rust_nostd",
"libserde_nostd",
],
}
@@ -29,6 +31,8 @@
name: "libservice_vm_comm",
defaults: ["libservice_vm_comm_defaults"],
rustlibs: [
+ "libcoset",
+ "liblog_rust",
"libserde",
],
features: [
diff --git a/libs/service_vm_comm/src/lib.rs b/libs/service_vm_comm/src/lib.rs
index ca97ca1..d8f7bd7 100644
--- a/libs/service_vm_comm/src/lib.rs
+++ b/libs/service_vm_comm/src/lib.rs
@@ -23,6 +23,7 @@
mod vsock;
pub use message::{
- EcdsaP256KeyPair, GenerateCertificateRequestParams, Request, Response, ServiceVmRequest,
+ EcdsaP256KeyPair, GenerateCertificateRequestParams, Request, RequestProcessingError, Response,
+ ServiceVmRequest,
};
pub use vsock::VmType;
diff --git a/libs/service_vm_comm/src/message.rs b/libs/service_vm_comm/src/message.rs
index 80956cb..407c5e5 100644
--- a/libs/service_vm_comm/src/message.rs
+++ b/libs/service_vm_comm/src/message.rs
@@ -15,8 +15,10 @@
//! This module contains the requests and responses definitions exchanged
//! between the host and the service VM.
+use alloc::string::String;
use alloc::vec::Vec;
-
+use core::fmt;
+use log::error;
use serde::{Deserialize, Serialize};
type MacedPublicKey = Vec<u8>;
@@ -64,6 +66,41 @@
/// Returns a CBOR Certificate Signing Request (Csr) serialized into a byte array.
GenerateCertificateRequest(Vec<u8>),
+
+ /// Encountered an error during the request processing.
+ Err(RequestProcessingError),
+}
+
+/// Errors related to request processing.
+#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
+pub enum RequestProcessingError {
+ /// Failed to invoke a BoringSSL API.
+ BoringSSLCallFailed(String),
+
+ /// An error happened during the interaction with coset.
+ CosetError,
+
+ /// Any key to sign lacks a valid MAC. Maps to `STATUS_INVALID_MAC`.
+ InvalidMac,
+}
+
+impl fmt::Display for RequestProcessingError {
+ fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+ match self {
+ Self::BoringSSLCallFailed(api_name) => {
+ write!(f, "Failed to invoke a BoringSSL API: {api_name}")
+ }
+ Self::CosetError => write!(f, "Encountered an error with coset"),
+ Self::InvalidMac => write!(f, "A key to sign lacks a valid MAC."),
+ }
+ }
+}
+
+impl From<coset::CoseError> for RequestProcessingError {
+ fn from(e: coset::CoseError) -> Self {
+ error!("Coset error: {e}");
+ Self::CosetError
+ }
}
/// Represents the params passed to GenerateCertificateRequest