Multithreaded Keystore
This patch transitions keystore a threading model with one dispatcher
thread and one worker thread per keymaster instance, i.e. fallback, TEE,
Strongbox (if available). Singleton objects, such as the user state
database, the enforcement policy, and grant database have been moved to
KeyStore and were made concurrency safe.
Other noteworthy changes in this patch:
* Cached key characteristics. The key characteristics file used to hold
a limited set of parameters used generate or import the key. This
patch introduces a new blob type that holds full characteristics as
returned by generate, import, or getKeyCharacteristics, with the
original parameters mixed into the software enforced list. When
keystore encounters a lagacy characteristics file it will grab the
characteristics from keymaster, merge them with the cached parameters,
and update the cache file to the new format. If keystore encounters
the new cache no call to keymaster will be made for retrieving the
key characteristics.
* Changed semantic of list. The list call takes a prefix used for
filtering key entries. By the old semantic, list would return a list
of aliases stripped of the given prefix. By the new semantic list
always returns a filtered list of full alias string. Callers may
strip prefixes if they are so inclined.
* Entertain per keymaster instance operation maps. With the introduction
of Strongbox keystore had to deal with multiple keymaster instances.
But until now it would entertain a single operations map. Keystore
also enforces the invariant that no more than 15 operation slots are
used so there is always a free slot available for vold. With a single
operation map, this means no more than 15 slots can ever be used
although with TEE and Strongbox there are a total of 32 slots. With
strongbox implementation that have significantly fewer slots we see
another effect of the single operation map. If a slot needs to be
freed on Stronbox but the oldest operations are on TEE, the latter
will be unnecessarily pruned before a Strongbox slot is freed up.
With this patch each keymaster instance has its own operation map and
pruning is performed on a per keymaster instance basis.
* Introduce KeyBlobEntries which are independent from files. To allow
concurrent access to the key blob data base, entries can be
individually locked so that operations on entries become atomic.
LockedKeyBlobEntries are move only objects that track ownership of an
Entry on the stack or in functor object representing keymaster worker
requests. Entries must only be locked by the dispatcher Thread. Worker
threads can only be granted access to a LockedKeyBlobEntry by the
dispatcher thread. This allows the dispatcher thread to execute a
barrier that waits until all locks held by workers have been
relinquished to perform blob database maintenance operations, e.g.,
clearing a uid of all entries.
* Verification tokens are now acquired asynchronously. When a begin
operation requires a verification token a request is submitted to the
other keymaster worker while the begin call returns. When the
operation commences with update or finish, we block until the
verification token becomes available.
As of this patch the keystore IPC interface is still synchronous. That
is, the dispatcher thread dispatches a request to a worker and then
waits until the worker has finished. In a followup patch the IPC
interface shall be made asynchronous so that multiple requests may be in
flight.
Test: Ran full CTS test suite
atest android.keystore.cts
Bug: 111443219
Bug: 110495056
Change-Id: I305e28d784295a0095a34810d83202f7423498bd
diff --git a/keystore/keymaster_worker.h b/keystore/keymaster_worker.h
new file mode 100644
index 0000000..b39ae83
--- /dev/null
+++ b/keystore/keymaster_worker.h
@@ -0,0 +1,306 @@
+/*
+**
+** Copyright 2018, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+** http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#ifndef KEYSTORE_KEYMASTER_WORKER_H_
+#define KEYSTORE_KEYMASTER_WORKER_H_
+
+#include <condition_variable>
+#include <functional>
+#include <keymasterV4_0/Keymaster.h>
+#include <memory>
+#include <mutex>
+#include <optional>
+#include <queue>
+#include <thread>
+#include <tuple>
+
+#include <keystore/ExportResult.h>
+#include <keystore/KeyCharacteristics.h>
+#include <keystore/KeymasterBlob.h>
+#include <keystore/OperationResult.h>
+#include <keystore/keystore_return_types.h>
+
+#include "blob.h"
+#include "operation.h"
+
+namespace keystore {
+
+using android::sp;
+using ::android::hardware::hidl_vec;
+using ::android::hardware::Return;
+using ::android::hardware::Void;
+using android::hardware::keymaster::V4_0::ErrorCode;
+using android::hardware::keymaster::V4_0::HardwareAuthToken;
+using android::hardware::keymaster::V4_0::HmacSharingParameters;
+using android::hardware::keymaster::V4_0::KeyCharacteristics;
+using android::hardware::keymaster::V4_0::KeyFormat;
+using android::hardware::keymaster::V4_0::KeyParameter;
+using android::hardware::keymaster::V4_0::KeyPurpose;
+using android::hardware::keymaster::V4_0::VerificationToken;
+using android::hardware::keymaster::V4_0::support::Keymaster;
+// using KeystoreCharacteristics = ::android::security::keymaster::KeyCharacteristics;
+using ::android::security::keymaster::KeymasterBlob;
+
+class KeyStore;
+
+class Worker {
+
+ /*
+ * NonCopyableFunction works similar to std::function in that it wraps callable objects and
+ * erases their type. The rationale for using a custom class instead of
+ * std::function is that std::function requires the wrapped object to be copy contructible.
+ * NonCopyableFunction is itself not copyable and never attempts to copy the wrapped object.
+ * TODO use similar optimization as std::function to remove the extra make_unique allocation.
+ */
+ template <typename Fn> class NonCopyableFunction;
+
+ template <typename Ret, typename... Args> class NonCopyableFunction<Ret(Args...)> {
+
+ class NonCopyableFunctionBase {
+ public:
+ NonCopyableFunctionBase() = default;
+ virtual ~NonCopyableFunctionBase() {}
+ virtual Ret operator()(Args... args) = 0;
+ NonCopyableFunctionBase(const NonCopyableFunctionBase&) = delete;
+ NonCopyableFunctionBase& operator=(const NonCopyableFunctionBase&) = delete;
+ };
+
+ template <typename Fn>
+ class NonCopyableFunctionTypeEraser : public NonCopyableFunctionBase {
+ private:
+ Fn f_;
+
+ public:
+ NonCopyableFunctionTypeEraser() = default;
+ explicit NonCopyableFunctionTypeEraser(Fn f) : f_(std::move(f)) {}
+ Ret operator()(Args... args) override { return f_(std::move(args)...); }
+ };
+
+ private:
+ std::unique_ptr<NonCopyableFunctionBase> f_;
+
+ public:
+ NonCopyableFunction() = default;
+ template <typename F> NonCopyableFunction(F f) {
+ f_ = std::make_unique<NonCopyableFunctionTypeEraser<F>>(std::move(f));
+ }
+ NonCopyableFunction(NonCopyableFunction&& other) = default;
+ NonCopyableFunction& operator=(NonCopyableFunction&& other) = default;
+ NonCopyableFunction(const NonCopyableFunction& other) = delete;
+ NonCopyableFunction& operator=(const NonCopyableFunction& other) = delete;
+
+ Ret operator()(Args... args) {
+ if (f_) return (*f_)(std::move(args)...);
+ }
+ };
+
+ using WorkerTask = NonCopyableFunction<void()>;
+
+ std::queue<WorkerTask> pending_requests_;
+ std::mutex pending_requests_mutex_;
+ std::condition_variable pending_requests_cond_var_;
+ std::thread worker_;
+ bool running_ = false;
+
+ public:
+ Worker();
+ ~Worker();
+ void addRequest(WorkerTask request);
+};
+
+template <typename... Args> struct MakeKeymasterWorkerCB;
+
+template <typename ErrorType, typename... Args>
+struct MakeKeymasterWorkerCB<ErrorType, std::function<void(Args...)>> {
+ using type = std::function<void(ErrorType, std::tuple<std::decay_t<Args>...>&&)>;
+};
+
+template <typename ErrorType> struct MakeKeymasterWorkerCB<ErrorType> {
+ using type = std::function<void(ErrorType)>;
+};
+
+template <typename... Args>
+using MakeKeymasterWorkerCB_t = typename MakeKeymasterWorkerCB<Args...>::type;
+
+class KeymasterWorker : protected Worker {
+ private:
+ sp<Keymaster> keymasterDevice_;
+ OperationMap operationMap_;
+ KeyStore* keyStore_;
+
+ template <typename KMFn, typename ErrorType, typename... Args, size_t... I>
+ void unwrap_tuple(KMFn kmfn, std::function<void(ErrorType)> cb,
+ const std::tuple<Args...>& tuple, std::index_sequence<I...>) {
+ cb(((*keymasterDevice_).*kmfn)(std::get<I>(tuple)...));
+ }
+
+ template <typename KMFn, typename ErrorType, typename... ReturnTypes, typename... Args,
+ size_t... I>
+ void unwrap_tuple(KMFn kmfn, std::function<void(ErrorType, std::tuple<ReturnTypes...>&&)> cb,
+ const std::tuple<Args...>& tuple, std::index_sequence<I...>) {
+ std::tuple<ReturnTypes...> returnValue;
+ auto result = ((*keymasterDevice_).*kmfn)(
+ std::get<I>(tuple)...,
+ [&returnValue](const ReturnTypes&... args) { returnValue = std::make_tuple(args...); });
+ cb(std::move(result), std::move(returnValue));
+ }
+
+ template <typename KMFn, typename ErrorType, typename... Args>
+ void addRequest(KMFn kmfn, std::function<void(ErrorType)> cb, Args&&... args) {
+ Worker::addRequest([this, kmfn, cb = std::move(cb),
+ tuple = std::make_tuple(std::forward<Args>(args)...)]() {
+ unwrap_tuple(kmfn, std::move(cb), tuple, std::index_sequence_for<Args...>{});
+ });
+ }
+
+ template <typename KMFn, typename ErrorType, typename... ReturnTypes, typename... Args>
+ void addRequest(KMFn kmfn, std::function<void(ErrorType, std::tuple<ReturnTypes...>&&)> cb,
+ Args&&... args) {
+ Worker::addRequest([this, kmfn, cb = std::move(cb),
+ tuple = std::make_tuple(std::forward<Args>(args)...)]() {
+ unwrap_tuple(kmfn, std::move(cb), tuple, std::index_sequence_for<Args...>{});
+ });
+ }
+ std::tuple<KeyStoreServiceReturnCode, Blob>
+ upgradeKeyBlob(const LockedKeyBlobEntry& lockedEntry, const AuthorizationSet& params);
+ std::tuple<KeyStoreServiceReturnCode, KeyCharacteristics, Blob, Blob>
+ createKeyCharacteristicsCache(const LockedKeyBlobEntry& lockedEntry,
+ const hidl_vec<uint8_t>& clientId,
+ const hidl_vec<uint8_t>& appData, Blob keyBlob, Blob charBlob);
+
+ /**
+ * Get the auth token for this operation from the auth token table.
+ *
+ * Returns NO_ERROR if the auth token was found or none was required. If not needed, the
+ * token will be empty (which keymaster interprets as no auth token).
+ * OP_AUTH_NEEDED if it is a per op authorization, no authorization token exists for
+ * that operation and failOnTokenMissing is false.
+ * KM_ERROR_KEY_USER_NOT_AUTHENTICATED if there is no valid auth token for the operation
+ */
+ std::pair<KeyStoreServiceReturnCode, HardwareAuthToken>
+ getAuthToken(const KeyCharacteristics& characteristics, uint64_t handle, KeyPurpose purpose,
+ bool failOnTokenMissing = true);
+
+ KeyStoreServiceReturnCode abort(const sp<IBinder>& token);
+
+ bool pruneOperation();
+
+ KeyStoreServiceReturnCode getOperationAuthTokenIfNeeded(std::shared_ptr<Operation> op);
+
+ void appendConfirmationTokenIfNeeded(const KeyCharacteristics& keyCharacteristics,
+ hidl_vec<KeyParameter>* params);
+
+ public:
+ KeymasterWorker(sp<Keymaster> keymasterDevice, KeyStore* keyStore);
+
+ using worker_begin_cb = std::function<void(::android::security::keymaster::OperationResult)>;
+ void begin(LockedKeyBlobEntry, sp<IBinder> appToken, Blob keyBlob, Blob charBlob,
+ bool pruneable, KeyPurpose purpose, AuthorizationSet opParams,
+ hidl_vec<uint8_t> entropy, worker_begin_cb worker_cb);
+
+ using update_cb = std::function<void(::android::security::keymaster::OperationResult)>;
+ void update(sp<IBinder> token, AuthorizationSet params, hidl_vec<uint8_t> data,
+ update_cb _hidl_cb);
+
+ using finish_cb = std::function<void(::android::security::keymaster::OperationResult)>;
+ void finish(sp<IBinder> token, AuthorizationSet params, hidl_vec<uint8_t> input,
+ hidl_vec<uint8_t> signature, hidl_vec<uint8_t> entorpy, finish_cb worker_cb);
+
+ using abort_cb = std::function<void(KeyStoreServiceReturnCode)>;
+ void abort(sp<IBinder> token, abort_cb _hidl_cb);
+
+ using getHardwareInfo_cb = MakeKeymasterWorkerCB_t<Return<void>, Keymaster::getHardwareInfo_cb>;
+ void getHardwareInfo(getHardwareInfo_cb _hidl_cb);
+
+ using getHmacSharingParameters_cb =
+ MakeKeymasterWorkerCB_t<Return<void>, Keymaster::getHmacSharingParameters_cb>;
+ void getHmacSharingParameters(getHmacSharingParameters_cb _hidl_cb);
+
+ using computeSharedHmac_cb =
+ MakeKeymasterWorkerCB_t<Return<void>, Keymaster::computeSharedHmac_cb>;
+ void computeSharedHmac(hidl_vec<HmacSharingParameters> params, computeSharedHmac_cb _hidl_cb);
+
+ using verifyAuthorization_cb =
+ std::function<void(KeyStoreServiceReturnCode ec, HardwareAuthToken, VerificationToken)>;
+ void verifyAuthorization(uint64_t challenge, hidl_vec<KeyParameter> params,
+ HardwareAuthToken token, verifyAuthorization_cb _hidl_cb);
+
+ using addRngEntropy_cb = MakeKeymasterWorkerCB_t<Return<ErrorCode>>;
+ void addRngEntropy(hidl_vec<uint8_t> data, addRngEntropy_cb _hidl_cb);
+
+ using generateKey_cb = std::function<void(
+ KeyStoreServiceReturnCode, ::android::hardware::keymaster::V4_0::KeyCharacteristics)>;
+ void generateKey(LockedKeyBlobEntry, hidl_vec<KeyParameter> keyParams,
+ hidl_vec<uint8_t> entropy, int flags, generateKey_cb _hidl_cb);
+
+ using generateKey2_cb = MakeKeymasterWorkerCB_t<Return<void>, Keymaster::generateKey_cb>;
+ void generateKey(hidl_vec<KeyParameter> keyParams, generateKey2_cb _hidl_cb);
+
+ using getKeyCharacteristics_cb = std::function<void(
+ KeyStoreServiceReturnCode, ::android::hardware::keymaster::V4_0::KeyCharacteristics)>;
+ void getKeyCharacteristics(LockedKeyBlobEntry lockedEntry, hidl_vec<uint8_t> clientId,
+ hidl_vec<uint8_t> appData, Blob keyBlob, Blob charBlob,
+ getKeyCharacteristics_cb _hidl_cb);
+
+ using importKey_cb = std::function<void(
+ KeyStoreServiceReturnCode, ::android::hardware::keymaster::V4_0::KeyCharacteristics)>;
+ void importKey(LockedKeyBlobEntry lockedEntry, hidl_vec<KeyParameter> params,
+ KeyFormat keyFormat, hidl_vec<uint8_t> keyData, int flags,
+ importKey_cb _hidl_cb);
+
+ using importWrappedKey_cb = std::function<void(
+ KeyStoreServiceReturnCode, ::android::hardware::keymaster::V4_0::KeyCharacteristics)>;
+ void importWrappedKey(LockedKeyBlobEntry wrappingLockedEntry,
+ LockedKeyBlobEntry wrapppedLockedEntry, hidl_vec<uint8_t> wrappedKeyData,
+ hidl_vec<uint8_t> maskingKey, hidl_vec<KeyParameter> unwrappingParams,
+ Blob wrappingBlob, Blob wrappingCharBlob, uint64_t passwordSid,
+ uint64_t biometricSid, importWrappedKey_cb worker_cb);
+
+ using exportKey_cb = std::function<void(::android::security::keymaster::ExportResult)>;
+ void exportKey(LockedKeyBlobEntry lockedEntry, KeyFormat exportFormat,
+ hidl_vec<uint8_t> clientId, hidl_vec<uint8_t> appData, Blob keyBlob,
+ Blob charBlob, exportKey_cb _hidl_cb);
+
+ using attestKey_cb = MakeKeymasterWorkerCB_t<Return<void>, Keymaster::attestKey_cb>;
+ void attestKey(hidl_vec<uint8_t> keyToAttest, hidl_vec<KeyParameter> attestParams,
+ attestKey_cb _hidl_cb);
+
+ using upgradeKey_cb = MakeKeymasterWorkerCB_t<Return<void>, Keymaster::upgradeKey_cb>;
+ void upgradeKey(hidl_vec<uint8_t> keyBlobToUpgrade, hidl_vec<KeyParameter> upgradeParams,
+ upgradeKey_cb _hidl_cb);
+
+ using deleteKey_cb = MakeKeymasterWorkerCB_t<Return<ErrorCode>>;
+ void deleteKey(hidl_vec<uint8_t> keyBlob, deleteKey_cb _hidl_cb);
+
+ using deleteAllKeys_cb = MakeKeymasterWorkerCB_t<Return<ErrorCode>>;
+ void deleteAllKeys(deleteAllKeys_cb _hidl_cb);
+
+ using destroyAttestationIds_cb = MakeKeymasterWorkerCB_t<Return<ErrorCode>>;
+ void destroyAttestationIds(destroyAttestationIds_cb _hidl_cb);
+
+ using begin_cb = MakeKeymasterWorkerCB_t<Return<void>, Keymaster::begin_cb>;
+ void begin(KeyPurpose purpose, hidl_vec<uint8_t> key, hidl_vec<KeyParameter> inParams,
+ HardwareAuthToken authToken, begin_cb _hidl_cb);
+
+ void binderDied(android::wp<IBinder> who);
+
+ const Keymaster::VersionResult& halVersion() { return keymasterDevice_->halVersion(); }
+};
+
+} // namespace keystore
+
+#endif // KEYSTORE_KEYMASTER_WORKER_H_