commit a359c67241f1309ec9ef870a548dc6c40e7b96aa
author Janis Danisevskis <jdanis@google.com> Thu Mar 14 17:15:06 2019 -0700
committer Janis Danisevskis <jdanis@google.com> Wed Mar 20 16:14:17 2019 +0000
tree f739aefa0e81cde38afb2ccb7ffccf966071d757
parent e534419c71e1dc8772df41eb2aba1a509431bd76

Clearly indicate vendor errors from keymaster in logcat

This patch addes verbose logging whenever an error code in the vendor
error code range is returned by keymaster.

Bug: 123562864
Test: atest android.keystore.cts
Change-Id: Ifceece542d6f3536ad87d053145c7aa8dd6d6603

keystore/key_store_service.cpp

diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index bbf93ad..0bd3e03 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -617,8 +617,8 @@
         return AIDL_RETURN(ErrorCode::HARDWARE_TYPE_UNAVAILABLE);
     }
 
-    device->addRngEntropy(entropy, [cb](Return<ErrorCode> rc) {
-        cb->onFinished(KeyStoreServiceReturnCode(KS_HANDLE_HIDL_ERROR(rc)));
+    device->addRngEntropy(entropy, [device, cb](Return<ErrorCode> rc) {
+        cb->onFinished(KeyStoreServiceReturnCode(KS_HANDLE_HIDL_ERROR(device, rc)));
     });
 
     return AIDL_RETURN(ResponseCode::NO_ERROR);
@@ -1012,11 +1012,13 @@
     auto hidlKey = blob2hidlVec(keyBlob);
     dev->attestKey(
         std::move(hidlKey), mutableParams.hidl_data(),
-        [cb](Return<void> rc, std::tuple<ErrorCode, hidl_vec<hidl_vec<uint8_t>>>&& hidlResult) {
+        [dev, cb](Return<void> rc,
+                  std::tuple<ErrorCode, hidl_vec<hidl_vec<uint8_t>>>&& hidlResult) {
             auto& [ret, certChain] = hidlResult;
             if (!rc.isOk()) {
                 cb->onFinished(KeyStoreServiceReturnCode(ResponseCode::SYSTEM_ERROR), {});
             } else if (ret != ErrorCode::OK) {
+                dev->logIfKeymasterVendorError(ret);
                 cb->onFinished(KeyStoreServiceReturnCode(ret), {});
             } else {
                 cb->onFinished(KeyStoreServiceReturnCode(ret),
@@ -1094,6 +1096,7 @@
                 return;
             }
             if (ret != ErrorCode::OK) {
+                dev->logIfKeymasterVendorError(ret);
                 cb->onFinished(KeyStoreServiceReturnCode(ret), {});
                 return;
             }
@@ -1104,9 +1107,9 @@
                               std::tuple<ErrorCode, hidl_vec<hidl_vec<uint8_t>>>&& hidlResult) {
                     auto& [ret, certChain] = hidlResult;
                     // schedule temp key for deletion
-                    dev->deleteKey(std::move(hidlKeyBlob), [](Return<ErrorCode> rc) {
+                    dev->deleteKey(std::move(hidlKeyBlob), [dev](Return<ErrorCode> rc) {
                         // log error but don't return an error
-                        KS_HANDLE_HIDL_ERROR(rc);
+                        KS_HANDLE_HIDL_ERROR(dev, rc);
                     });
                     if (!rc.isOk()) {
                         cb->onFinished(KeyStoreServiceReturnCode(ResponseCode::SYSTEM_ERROR), {});
@@ -1117,6 +1120,7 @@
                             KeyStoreServiceReturnCode(ret),
                             ::android::security::keymaster::KeymasterCertificateChain(certChain));
                     } else {
+                        dev->logIfKeymasterVendorError(ret);
                         cb->onFinished(KeyStoreServiceReturnCode(ret), {});
                     }
                 });