Merge changes Ibaa89dd0,I7ca0a7e7,Ib2ef34df into main
* changes:
trusty: keymint: Add commandline option to specify device name
trusty: keymaster: Add commandline option to specify device name
trusty: gatekeeper: Add device option
diff --git a/trusty/gatekeeper/service.cpp b/trusty/gatekeeper/service.cpp
index d09804f..59366b8 100644
--- a/trusty/gatekeeper/service.cpp
+++ b/trusty/gatekeeper/service.cpp
@@ -18,12 +18,66 @@
#include <android-base/logging.h>
#include <android/binder_manager.h>
#include <android/binder_process.h>
+#include <getopt.h>
#include "trusty_gatekeeper.h"
+#include "trusty_gatekeeper_ipc.h"
using aidl::android::hardware::gatekeeper::TrustyGateKeeperDevice;
-int main() {
+static const char* _sopts = "hD:";
+static const struct option _lopts[] = {
+ {"help", no_argument, 0, 'h'},
+ {"dev", required_argument, 0, 'D'},
+ {0, 0, 0, 0},
+};
+
+static const char* usage =
+ "Usage: %s [options]\n"
+ "\n"
+ "options:\n"
+ " -h, --help prints this message and exit\n"
+ " -D, --dev name Trusty device name\n"
+ "\n";
+
+static const char* usage_long = "\n";
+
+static void print_usage_and_exit(const char* prog, int code, bool verbose) {
+ fprintf(stderr, usage, prog);
+ if (verbose) {
+ fprintf(stderr, "%s", usage_long);
+ }
+ exit(code);
+}
+
+static void parse_options(int argc, char** argv) {
+ int c;
+ int oidx = 0;
+
+ while (1) {
+ c = getopt_long(argc, argv, _sopts, _lopts, &oidx);
+ if (c == -1) {
+ break; /* done */
+ }
+
+ switch (c) {
+ case 'D':
+ trusty_gatekeeper_set_dev_name(optarg);
+ break;
+
+ case 'h':
+ print_usage_and_exit(argv[0], EXIT_SUCCESS, true);
+ break;
+
+ default:
+ print_usage_and_exit(argv[0], EXIT_FAILURE, false);
+ }
+ }
+}
+
+int main(int argc, char** argv) {
+ parse_options(argc, argv);
+
ABinderProcess_setThreadPoolMaxThreadCount(0);
std::shared_ptr<TrustyGateKeeperDevice> gatekeeper =
diff --git a/trusty/gatekeeper/trusty_gatekeeper_ipc.c b/trusty/gatekeeper/trusty_gatekeeper_ipc.c
index f67944b..5ca951c 100644
--- a/trusty/gatekeeper/trusty_gatekeeper_ipc.c
+++ b/trusty/gatekeeper/trusty_gatekeeper_ipc.c
@@ -28,12 +28,15 @@
#include "trusty_gatekeeper_ipc.h"
#include "gatekeeper_ipc.h"
-#define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0"
-
+static const char* trusty_device_name = "/dev/trusty-ipc-dev0";
static int handle_ = 0;
+void trusty_gatekeeper_set_dev_name(const char* device_name) {
+ trusty_device_name = device_name;
+}
+
int trusty_gatekeeper_connect() {
- int rc = tipc_connect(TRUSTY_DEVICE_NAME, GATEKEEPER_PORT);
+ int rc = tipc_connect(trusty_device_name, GATEKEEPER_PORT);
if (rc < 0) {
return rc;
}
diff --git a/trusty/gatekeeper/trusty_gatekeeper_ipc.h b/trusty/gatekeeper/trusty_gatekeeper_ipc.h
index f8de7f8..47ba33b 100644
--- a/trusty/gatekeeper/trusty_gatekeeper_ipc.h
+++ b/trusty/gatekeeper/trusty_gatekeeper_ipc.h
@@ -16,6 +16,7 @@
__BEGIN_DECLS
+void trusty_gatekeeper_set_dev_name(const char* device_name);
int trusty_gatekeeper_connect();
int trusty_gatekeeper_call(uint32_t cmd, void *in, uint32_t in_size, uint8_t *out,
uint32_t *out_size);
diff --git a/trusty/keymaster/include/trusty_keymaster/ipc/trusty_keymaster_ipc.h b/trusty/keymaster/include/trusty_keymaster/ipc/trusty_keymaster_ipc.h
index efad254..15241f4 100644
--- a/trusty/keymaster/include/trusty_keymaster/ipc/trusty_keymaster_ipc.h
+++ b/trusty/keymaster/include/trusty_keymaster/ipc/trusty_keymaster_ipc.h
@@ -26,6 +26,7 @@
const uint32_t TRUSTY_KEYMASTER_SEND_BUF_SIZE =
(4096 - sizeof(struct keymaster_message) - 16 /* tipc header */);
+void trusty_keymaster_set_dev_name(const char* device_name);
int trusty_keymaster_connect(void);
int trusty_keymaster_call(uint32_t cmd, void* in, uint32_t in_size, uint8_t* out,
uint32_t* out_size);
diff --git a/trusty/keymaster/ipc/trusty_keymaster_ipc.cpp b/trusty/keymaster/ipc/trusty_keymaster_ipc.cpp
index db1a9f4..c01877f 100644
--- a/trusty/keymaster/ipc/trusty_keymaster_ipc.cpp
+++ b/trusty/keymaster/ipc/trusty_keymaster_ipc.cpp
@@ -36,15 +36,18 @@
#include <trusty_keymaster/ipc/trusty_keymaster_ipc.h>
#include <utils/Timers.h>
-#define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0"
+static const char* trusty_device_name = "/dev/trusty-ipc-dev0";
static int handle_ = -1;
static const int timeout_ms = 10 * 1000;
static const int max_timeout_ms = 60 * 1000;
+void trusty_keymaster_set_dev_name(const char* device_name) {
+ trusty_device_name = device_name;
+}
int trusty_keymaster_connect() {
- int rc = tipc_connect(TRUSTY_DEVICE_NAME, KEYMASTER_PORT);
+ int rc = tipc_connect(trusty_device_name, KEYMASTER_PORT);
if (rc < 0) {
return rc;
}
diff --git a/trusty/keymaster/keymint/service.cpp b/trusty/keymaster/keymint/service.cpp
index 14549d2..583d840 100644
--- a/trusty/keymaster/keymint/service.cpp
+++ b/trusty/keymaster/keymint/service.cpp
@@ -18,11 +18,13 @@
#include <android-base/logging.h>
#include <android/binder_manager.h>
#include <android/binder_process.h>
+#include <getopt.h>
#include <trusty_keymaster/TrustyKeyMintDevice.h>
#include <trusty_keymaster/TrustyRemotelyProvisionedComponentDevice.h>
#include <trusty_keymaster/TrustySecureClock.h>
#include <trusty_keymaster/TrustySharedSecret.h>
+#include <trusty_keymaster/ipc/trusty_keymaster_ipc.h>
using aidl::android::hardware::security::keymint::trusty::TrustyKeyMintDevice;
using aidl::android::hardware::security::keymint::trusty::TrustyRemotelyProvisionedComponentDevice;
@@ -39,7 +41,58 @@
return service;
}
-int main() {
+static const char* _sopts = "hD:";
+static const struct option _lopts[] = {
+ {"help", no_argument, 0, 'h'},
+ {"dev", required_argument, 0, 'D'},
+ {0, 0, 0, 0},
+};
+
+static const char* usage =
+ "Usage: %s [options]\n"
+ "\n"
+ "options:\n"
+ " -h, --help prints this message and exit\n"
+ " -D, --dev name Trusty device name\n"
+ "\n";
+
+static const char* usage_long = "\n";
+
+static void print_usage_and_exit(const char* prog, int code, bool verbose) {
+ fprintf(stderr, usage, prog);
+ if (verbose) {
+ fprintf(stderr, "%s", usage_long);
+ }
+ exit(code);
+}
+
+static void parse_options(int argc, char** argv) {
+ int c;
+ int oidx = 0;
+
+ while (1) {
+ c = getopt_long(argc, argv, _sopts, _lopts, &oidx);
+ if (c == -1) {
+ break; /* done */
+ }
+
+ switch (c) {
+ case 'D':
+ trusty_keymaster_set_dev_name(optarg);
+ break;
+
+ case 'h':
+ print_usage_and_exit(argv[0], EXIT_SUCCESS, true);
+ break;
+
+ default:
+ print_usage_and_exit(argv[0], EXIT_FAILURE, false);
+ }
+ }
+}
+
+int main(int argc, char** argv) {
+ parse_options(argc, argv);
auto trustyKeymaster = std::make_shared<keymaster::TrustyKeymaster>();
int err = trustyKeymaster->Initialize(keymaster::KmVersion::KEYMINT_3);
if (err != 0) {
diff --git a/trusty/keymint/Android.bp b/trusty/keymint/Android.bp
index 19dcc98..92d9c6f 100644
--- a/trusty/keymint/Android.bp
+++ b/trusty/keymint/Android.bp
@@ -24,11 +24,12 @@
init_rc: ["android.hardware.security.keymint-service.rust.trusty.rc"],
vintf_fragments: ["android.hardware.security.keymint-service.rust.trusty.xml"],
srcs: [
- "src/keymint_hal_main.rs"
+ "src/keymint_hal_main.rs",
],
rustlibs: [
"libandroid_logger",
"libbinder_rs",
+ "libclap",
"libkmr_wire",
"libkmr_hal",
"libtrusty-rs",
diff --git a/trusty/keymint/src/keymint_hal_main.rs b/trusty/keymint/src/keymint_hal_main.rs
index ef0c598..3c5627b 100644
--- a/trusty/keymint/src/keymint_hal_main.rs
+++ b/trusty/keymint/src/keymint_hal_main.rs
@@ -14,6 +14,7 @@
// limitations under the License.
//! This module implements the HAL service for Keymint (Rust) in Trusty.
+use clap::Parser;
use kmr_hal::{
extract_rsp, keymint, rpc, secureclock, send_hal_info, sharedsecret, SerializedChannel,
};
@@ -81,6 +82,13 @@
}
}
+#[derive(Parser, Debug)]
+struct Args {
+ /// Tipc device path
+ #[arg(short, long, default_value_t = DEFAULT_DEVICE.to_string())]
+ dev: String,
+}
+
fn main() {
if let Err(HalServiceError(e)) = inner_main() {
panic!("HAL service failed: {:?}", e);
@@ -88,6 +96,7 @@
}
fn inner_main() -> Result<(), HalServiceError> {
+ let args = Args::parse();
// Initialize Android logging.
android_logger::init_once(
android_logger::Config::default()
@@ -106,10 +115,15 @@
binder::ProcessState::start_thread_pool();
// Create connection to the TA
- let connection = trusty::TipcChannel::connect(DEFAULT_DEVICE, TRUSTY_KEYMINT_RUST_SERVICE_NAME)
- .map_err(|e| {
- HalServiceError(format!("Failed to connect to Trusty Keymint TA because of {:?}.", e))
- })?;
+ let connection =
+ trusty::TipcChannel::connect(args.dev.as_str(), TRUSTY_KEYMINT_RUST_SERVICE_NAME).map_err(
+ |e| {
+ HalServiceError(format!(
+ "Failed to connect to Trusty Keymint TA at {} because of {:?}.",
+ args.dev, e
+ ))
+ },
+ )?;
let tipc_channel = Arc::new(Mutex::new(TipcChannel(connection)));
// Register the Keymint service