Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / e09a42c20642bed51e6acecc685f8562828cea53^1..e09a42c20642bed51e6acecc685f8562828cea53 / .
commite09a42c20642bed51e6acecc685f8562828cea53[log] [tgz]
authorBill Yi <byi@google.com>Wed Nov 28 18:35:05 2018 -0800
committerBill Yi <byi@google.com>Wed Nov 28 18:35:05 2018 -0800
tree7bd5b9e872ca896d4a43e86f07c62c44ccabf59e
parent762b2b64c9e84f5972d41850e47f1454c8134d1f [diff]
parent926f647663d589f7b16887ecd10162b64736e521 [diff]
Merge pi-qpr1-release PQ1A.181105.017.A1 to pi-platform-release

Change-Id: I4e5befe2b190512c55e11d429aa57fa9132a5080

diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 9d035c8..c831085 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp

@@ -1324,23 +1324,34 @@
         result->outParams = outParams;
     };
 
-    ErrorCode rc =
+    KeyStoreServiceReturnCode rc =
         KS_HANDLE_HIDL_ERROR(dev->begin(keyPurpose, key, opParams.hidl_data(), authToken, hidlCb));
-    if (rc != ErrorCode::OK) {
-        ALOGW("Got error %d from begin()", rc);
+    if (!rc.isOk()) {
+        LOG(ERROR) << "Got error " << rc << " from begin()";
+        result->resultCode = ResponseCode::SYSTEM_ERROR;
+        return Status::ok();
     }
 
+    rc = result->resultCode;
+
     // If there are too many operations abort the oldest operation that was
     // started as pruneable and try again.
+    LOG(INFO) << rc << " " << mOperationMap.hasPruneableOperation();
     while (rc == ErrorCode::TOO_MANY_OPERATIONS && mOperationMap.hasPruneableOperation()) {
-        ALOGW("Ran out of operation handles");
+        LOG(INFO) << "Ran out of operation handles";
         if (!pruneOperation()) {
             break;
         }
         rc = KS_HANDLE_HIDL_ERROR(
             dev->begin(keyPurpose, key, opParams.hidl_data(), authToken, hidlCb));
+        if (!rc.isOk()) {
+            LOG(ERROR) << "Got error " << rc << " from begin()";
+            result->resultCode = ResponseCode::SYSTEM_ERROR;
+            return Status::ok();
+        }
+        rc = result->resultCode;
     }
-    if (rc != ErrorCode::OK) {
+    if (!rc.isOk()) {
         result->resultCode = rc;
         return Status::ok();
     }
@@ -1359,8 +1370,8 @@
                                                                 verificationToken = token;
                                                             }));
 
-        if (rc != ErrorCode::OK) result->resultCode = rc;
-        if (result->resultCode != ErrorCode::OK) return Status::ok();
+        if (!rc.isOk()) result->resultCode = rc;
+        if (!result->resultCode.isOk()) return Status::ok();
     }
 
     // Note: The operation map takes possession of the contents of "characteristics".
@@ -1697,11 +1708,9 @@
     }
 
     // Generate temporary key.
-    sp<Keymaster> dev;
-    SecurityLevel securityLevel;
-    std::tie(dev, securityLevel) = mKeyStore->getMostSecureDevice();
+    sp<Keymaster> dev = mKeyStore->getDevice(SecurityLevel::TRUSTED_ENVIRONMENT);
 
-    if (securityLevel == SecurityLevel::SOFTWARE) {
+    if (!dev) {
         *aidl_return = static_cast<int32_t>(ResponseCode::SYSTEM_ERROR);
         return Status::ok();
     }