diced/src/error_vendor.rs - android_system_security - Gitiles

 // Copyright 2021, The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 use android_hardware_security_dice::aidl::android::hardware::security::dice::ResponseCode::ResponseCode;
 use anyhow::Result;
 use binder::{ExceptionCode, Result as BinderResult, Status as BinderStatus, StatusCode};
 use std::ffi::CString;

 /// This is the error type for DICE HAL implementations. It wraps
 /// `android::hardware::security::dice::ResponseCode` generated
 /// from AIDL in the `Rc` variant and Binder and BinderTransaction errors in the respective
 /// variants.
 #[allow(dead_code)] // Binder error forwarding will be needed when proxy nodes are implemented.
 #[derive(Debug, thiserror::Error, Eq, PartialEq, Clone)]
 pub enum Error {
     /// Wraps a dice `ResponseCode` as defined by the Keystore AIDL interface specification.
     #[error("Error::Rc({0:?})")]
     Rc(ResponseCode),
     /// Wraps a Binder exception code other than a service specific exception.
     #[error("Binder exception code {0:?}, {1:?}")]
     Binder(ExceptionCode, i32),
     /// Wraps a Binder status code.
     #[error("Binder transaction error {0:?}")]
     BinderTransaction(StatusCode),
 }

 /// This function should be used by dice service calls to translate error conditions
 /// into service specific exceptions.
 ///
 /// All error conditions get logged by this function.
 ///
 /// All `Error::Rc(x)` variants get mapped onto a service specific error code of x.
 /// `selinux::Error::PermissionDenied` is mapped on `ResponseCode::PERMISSION_DENIED`.
 ///
 /// All non `Error` error conditions and the Error::Binder variant get mapped onto
 /// ResponseCode::SYSTEM_ERROR`.
 ///
 /// `handle_ok` will be called if `result` is `Ok(value)` where `value` will be passed
 /// as argument to `handle_ok`. `handle_ok` must generate a `BinderResult<T>`, but it
 /// typically returns Ok(value).
 ///
 /// # Examples
 ///
 /// ```
 /// fn do_something() -> anyhow::Result<Vec<u8>> {
 ///     Err(anyhow!(Error::Rc(ResponseCode::NOT_IMPLEMENTED)))
 /// }
 ///
 /// map_or_log_err(do_something(), Ok)
 /// ```
 pub fn map_or_log_err<T, U, F>(result: Result<U>, handle_ok: F) -> BinderResult<T>
 where
     F: FnOnce(U) -> BinderResult<T>,
 {
     map_err_with(
         result,
         |e| {
             log::error!("{:?}", e);
             e
         },
         handle_ok,
     )
 }

 /// This function behaves similar to map_or_log_error, but it does not log the errors, instead
 /// it calls map_err on the error before mapping it to a binder result allowing callers to
 /// log or transform the error before mapping it.
 fn map_err_with<T, U, F1, F2>(result: Result<U>, map_err: F1, handle_ok: F2) -> BinderResult<T>
 where
     F1: FnOnce(anyhow::Error) -> anyhow::Error,
     F2: FnOnce(U) -> BinderResult<T>,
 {
     result.map_or_else(
         |e| {
             let e = map_err(e);
             let msg = match CString::new(format!("{:?}", e)) {
                 Ok(msg) => Some(msg),
                 Err(_) => {
                     log::warn!(
                         "Cannot convert error message to CStr. It contained a nul byte.
                          Omitting message from service specific error."
                     );
                     None
                 }
             };
             let rc = get_error_code(&e);
             Err(BinderStatus::new_service_specific_error(rc, msg.as_deref()))
         },
         handle_ok,
     )
 }

 /// Extracts the error code from an `anyhow::Error` mapping any error that does not have a
 /// root cause of `Error::Rc` onto `ResponseCode::SYSTEM_ERROR` and to `e` with `Error::Rc(e)`
 /// otherwise.
 fn get_error_code(e: &anyhow::Error) -> i32 {
     let root_cause = e.root_cause();
     match root_cause.downcast_ref::<Error>() {
         Some(Error::Rc(rcode)) => rcode.0,
         // If an Error::Binder reaches this stage we report a system error.
         // The exception code and possible service specific error will be
         // printed in the error log above.
         Some(Error::Binder(_, _)) | Some(Error::BinderTransaction(_)) => {
             ResponseCode::SYSTEM_ERROR.0
         }
         None => ResponseCode::SYSTEM_ERROR.0,
     }
 }
	// Copyright 2021, The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	use android_hardware_security_dice::aidl::android::hardware::security::dice::ResponseCode::ResponseCode;
	use anyhow::Result;
	use binder::{ExceptionCode, Result as BinderResult, Status as BinderStatus, StatusCode};
	use std::ffi::CString;

	/// This is the error type for DICE HAL implementations. It wraps
	/// `android::hardware::security::dice::ResponseCode` generated
	/// from AIDL in the `Rc` variant and Binder and BinderTransaction errors in the respective
	/// variants.
	#[allow(dead_code)] // Binder error forwarding will be needed when proxy nodes are implemented.
	#[derive(Debug, thiserror::Error, Eq, PartialEq, Clone)]
	pub enum Error {
	/// Wraps a dice `ResponseCode` as defined by the Keystore AIDL interface specification.
	#[error("Error::Rc({0:?})")]
	Rc(ResponseCode),
	/// Wraps a Binder exception code other than a service specific exception.
	#[error("Binder exception code {0:?}, {1:?}")]
	Binder(ExceptionCode, i32),
	/// Wraps a Binder status code.
	#[error("Binder transaction error {0:?}")]
	BinderTransaction(StatusCode),
	}

	/// This function should be used by dice service calls to translate error conditions
	/// into service specific exceptions.
	///
	/// All error conditions get logged by this function.
	///
	/// All `Error::Rc(x)` variants get mapped onto a service specific error code of x.
	/// `selinux::Error::PermissionDenied` is mapped on `ResponseCode::PERMISSION_DENIED`.
	///
	/// All non `Error` error conditions and the Error::Binder variant get mapped onto
	/// ResponseCode::SYSTEM_ERROR`.
	///
	/// `handle_ok` will be called if `result` is `Ok(value)` where `value` will be passed
	/// as argument to `handle_ok`. `handle_ok` must generate a `BinderResult<T>`, but it
	/// typically returns Ok(value).
	///
	/// # Examples
	///
	/// ```
	/// fn do_something() -> anyhow::Result<Vec<u8>> {
	/// Err(anyhow!(Error::Rc(ResponseCode::NOT_IMPLEMENTED)))
	/// }
	///
	/// map_or_log_err(do_something(), Ok)
	/// ```
	pub fn map_or_log_err<T, U, F>(result: Result<U>, handle_ok: F) -> BinderResult<T>
	where
	F: FnOnce(U) -> BinderResult<T>,
	{
	map_err_with(
	result,
	\|e\| {
	log::error!("{:?}", e);
	e
	},
	handle_ok,
	)
	}

	/// This function behaves similar to map_or_log_error, but it does not log the errors, instead
	/// it calls map_err on the error before mapping it to a binder result allowing callers to
	/// log or transform the error before mapping it.
	fn map_err_with<T, U, F1, F2>(result: Result<U>, map_err: F1, handle_ok: F2) -> BinderResult<T>
	where
	F1: FnOnce(anyhow::Error) -> anyhow::Error,
	F2: FnOnce(U) -> BinderResult<T>,
	{
	result.map_or_else(
	\|e\| {
	let e = map_err(e);
	let msg = match CString::new(format!("{:?}", e)) {
	Ok(msg) => Some(msg),
	Err(_) => {
	log::warn!(
	"Cannot convert error message to CStr. It contained a nul byte.
	Omitting message from service specific error."
	);
	None
	}
	};
	let rc = get_error_code(&e);
	Err(BinderStatus::new_service_specific_error(rc, msg.as_deref()))
	},
	handle_ok,
	)
	}

	/// Extracts the error code from an `anyhow::Error` mapping any error that does not have a
	/// root cause of `Error::Rc` onto `ResponseCode::SYSTEM_ERROR` and to `e` with `Error::Rc(e)`
	/// otherwise.
	fn get_error_code(e: &anyhow::Error) -> i32 {
	let root_cause = e.root_cause();
	match root_cause.downcast_ref::<Error>() {
	Some(Error::Rc(rcode)) => rcode.0,
	// If an Error::Binder reaches this stage we report a system error.
	// The exception code and possible service specific error will be
	// printed in the error log above.
	Some(Error::Binder(_, _)) \| Some(Error::BinderTransaction(_)) => {
	ResponseCode::SYSTEM_ERROR.0
	}
	None => ResponseCode::SYSTEM_ERROR.0,
	}
	}