Merge "Fix Keystore 2.0 related bug in gatekeeperd."
diff --git a/init/service.cpp b/init/service.cpp
index f6ce094..cfb8284 100644
--- a/init/service.cpp
+++ b/init/service.cpp
@@ -127,8 +127,7 @@
static bool AreRuntimeApexesReady() {
struct stat buf;
- return stat("/apex/com.android.art/", &buf) == 0 &&
- stat("/apex/com.android.runtime/", &buf) == 0;
+ return stat("/apex/com.android.runtime/", &buf) == 0;
}
unsigned long Service::next_start_order_ = 1;
diff --git a/trusty/gatekeeper/gatekeeper_ipc.h b/trusty/gatekeeper/gatekeeper_ipc.h
index b05dcd8..8709d1a 100644
--- a/trusty/gatekeeper/gatekeeper_ipc.h
+++ b/trusty/gatekeeper/gatekeeper_ipc.h
@@ -20,11 +20,13 @@
#define GATEKEEPER_MAX_BUFFER_LENGTH 1024
enum gatekeeper_command {
- GK_REQ_SHIFT = 1,
- GK_RESP_BIT = 1,
+ GK_REQ_SHIFT = 1,
+ GK_RESP_BIT = 1,
- GK_ENROLL = (0 << GK_REQ_SHIFT),
- GK_VERIFY = (1 << GK_REQ_SHIFT),
+ GK_ENROLL = (0 << GK_REQ_SHIFT),
+ GK_VERIFY = (1 << GK_REQ_SHIFT),
+ GK_DELETE_USER = (2 << GK_REQ_SHIFT),
+ GK_DELETE_ALL_USERS = (3 << GK_REQ_SHIFT),
};
/**
diff --git a/trusty/gatekeeper/trusty_gatekeeper.cpp b/trusty/gatekeeper/trusty_gatekeeper.cpp
index e416fb2..ec4f81b 100644
--- a/trusty/gatekeeper/trusty_gatekeeper.cpp
+++ b/trusty/gatekeeper/trusty_gatekeeper.cpp
@@ -133,13 +133,48 @@
return {};
}
-Return<void> TrustyGateKeeperDevice::deleteUser(uint32_t /*uid*/, deleteUser_cb _hidl_cb) {
- _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+Return<void> TrustyGateKeeperDevice::deleteUser(uint32_t uid, deleteUser_cb _hidl_cb) {
+ if (error_ != 0) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
+ }
+
+ DeleteUserRequest request(uid);
+ DeleteUserResponse response;
+ auto error = Send(request, &response);
+
+ if (error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else if (response.error == ERROR_NOT_IMPLEMENTED) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ } else if (response.error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else {
+ _hidl_cb({GatekeeperStatusCode::STATUS_OK, response.retry_timeout, {}});
+ }
return {};
}
Return<void> TrustyGateKeeperDevice::deleteAllUsers(deleteAllUsers_cb _hidl_cb) {
- _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ if (error_ != 0) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ return {};
+ }
+
+ DeleteAllUsersRequest request;
+ DeleteAllUsersResponse response;
+ auto error = Send(request, &response);
+
+ if (error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else if (response.error == ERROR_NOT_IMPLEMENTED) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED, 0, {}});
+ } else if (response.error != ERROR_NONE) {
+ _hidl_cb({GatekeeperStatusCode::ERROR_GENERAL_FAILURE, 0, {}});
+ } else {
+ _hidl_cb({GatekeeperStatusCode::STATUS_OK, response.retry_timeout, {}});
+ }
+
return {};
}
diff --git a/trusty/gatekeeper/trusty_gatekeeper.h b/trusty/gatekeeper/trusty_gatekeeper.h
index c0713f4..420dd7a 100644
--- a/trusty/gatekeeper/trusty_gatekeeper.h
+++ b/trusty/gatekeeper/trusty_gatekeeper.h
@@ -81,6 +81,15 @@
return Send(GK_VERIFY, request, response);
}
+ gatekeeper_error_t Send(const DeleteUserRequest& request, DeleteUserResponse* response) {
+ return Send(GK_DELETE_USER, request, response);
+ }
+
+ gatekeeper_error_t Send(const DeleteAllUsersRequest& request,
+ DeleteAllUsersResponse* response) {
+ return Send(GK_DELETE_ALL_USERS, request, response);
+ }
+
int error_;
};
diff --git a/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp b/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
index 7184e4d..d787f7a 100644
--- a/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
+++ b/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
@@ -276,7 +276,7 @@
ImportKeyRequest request(impl_->message_version());
request.key_description.Reinitialize(KmParamSet(params));
request.key_format = legacy_enum_conversion(keyFormat);
- request.SetKeyMaterial(keyData.data(), keyData.size());
+ request.key_data = KeymasterKeyBlob(keyData.data(), keyData.size());
ImportKeyResponse response(impl_->message_version());
impl_->ImportKey(request, &response);
diff --git a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
index 73ad6ae..e68ba82 100644
--- a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
+++ b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
@@ -391,7 +391,7 @@
ImportKeyRequest request(impl_->message_version());
request.key_description.Reinitialize(KmParamSet(params));
request.key_format = legacy_enum_conversion(keyFormat);
- request.SetKeyMaterial(keyData.data(), keyData.size());
+ request.key_data = KeymasterKeyBlob(keyData.data(), keyData.size());
ImportKeyResponse response(impl_->message_version());
impl_->ImportKey(request, &response);