commit debb61e86c0f0c2815ce1629640589f959e65b6a
author Shawn Willden <swillden@google.com> Sun Dec 03 12:51:19 2017 -0700
committer Shawn Willden <swillden@google.com> Mon Dec 18 20:28:18 2017 -0700
tree 2db044ad293dca14cc3e602d6bcfe9435f87363d
parent 9e8edcf57414d7623c7bc2fee9bec27452a51fcd

Small refactor to clarify auth token ownership.

The Operation interface confused me.  It looked like it was holding a
pointer to an auth token from the AuthTokenTable.  In fact it made a
copy, but that wasn't clear from the interface.  Ths CL changes
Operation::setOperationAuthtoken to take the token by value, making
clear that it copies (unless std::move is used).

Test: runtest --path cts/tests/tests/keystore/src/android/keystore/cts
Change-Id: I1d1b6983f421f5be9f56c60aaf56dda8fc4aa207

keystore/key_store_service.cpp

diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index b309ad6..0a8648f 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -1342,7 +1342,7 @@
     result->token = operationToken;
 
     if (authToken) {
-        mOperationMap.setOperationAuthToken(operationToken, authToken);
+        mOperationMap.setOperationAuthToken(operationToken, *authToken);
     }
     // Return the authentication lookup result. If this is a per operation
     // auth'd key then the resultCode will be ::OP_AUTH_NEEDED and the
@@ -1956,7 +1956,7 @@
             return result;
         }
         if (authToken) {
-            mOperationMap.setOperationAuthToken(token, authToken);
+            mOperationMap.setOperationAuthToken(token, *authToken);
         }
     }
     addAuthTokenToParams(params, authToken);

keystore/operation.cpp

diff --git a/keystore/operation.cpp b/keystore/operation.cpp
index 8c39716..e1ba713 100644
--- a/keystore/operation.cpp
+++ b/keystore/operation.cpp
@@ -126,14 +126,12 @@
     return true;
 }
 
-bool OperationMap::setOperationAuthToken(const sp<IBinder>& token,
-                                         const HardwareAuthToken* authToken) {
+bool OperationMap::setOperationAuthToken(const sp<IBinder>& token, HardwareAuthToken authToken) {
     auto entry = mMap.find(token);
     if (entry == mMap.end()) {
         return false;
     }
-    entry->second.authToken.reset(new HardwareAuthToken);
-    *entry->second.authToken = *authToken;
+    entry->second.authToken = std::make_unique<HardwareAuthToken>(std::move(authToken));
     return true;
 }
 

keystore/operation.h

diff --git a/keystore/operation.h b/keystore/operation.h
index e69b43a..9249437 100644
--- a/keystore/operation.h
+++ b/keystore/operation.h
@@ -57,7 +57,7 @@
     bool getOperationAuthToken(const android::sp<android::IBinder>& token,
                                const HardwareAuthToken** outToken);
     bool setOperationAuthToken(const android::sp<android::IBinder>& token,
-                               const HardwareAuthToken* authToken);
+                               HardwareAuthToken authToken);
     android::sp<android::IBinder> getOldestPruneableOperation();
     std::vector<android::sp<android::IBinder>>
     getOperationsForToken(const android::sp<android::IBinder>& appToken);