cryptfshw: Introduce QSEECom backend implementationlineage-17.0

Some code snippets are taken from the following set of changes: cryptfshw: Setup boilerplate items before actual implementation * This is also in preparation for splitting this into two impls: one for ioctl() calls and one for dlsym() calls * This includes: - Add a .clang-format file and format the source - Add an init rc file - Add service.cpp - Convert struct to a class - Setup Android.bp for building the HIDL hal and run through bpfix - Setup items shared between both impls in Android.bp Change-Id: I1db3773f49883aa492a041e794303a11dfa2da51 Signed-off-by: Michael Bestas <mkbestas@lineageos.org> cryptfshw: dlsym: Wire up the implementation Change-Id: I10473223ffd8f63dec759700a0fd989241af18a3 Change-Id: I7f27355a8a435f013b3b09cd5efac45452f7a4f3
author: dianlujitao <dianlujitao@lineageos.org> 2019-10-06 12:04:33 +0800
committer: Bruno Martins <bgcngm@gmail.com> 2019-12-24 16:36:03 +0100
commit: 47d41f62e6f950ebec39f23c2325bb070957340c (patch)
tree: 6d7e43d20c1519d1e27addd1577b73157c08e91c /cryptfshw/1.0/qsee/QSEEComController.cpp
parent: f59f921a5e9f059a6ce06f3a8e11982241ba54b8 (diff)
download: hardware_lineage_interfaces-lineage-17.0.tar.gz
hardware_lineage_interfaces-lineage-17.0.tar.bz2
hardware_lineage_interfaces-lineage-17.0.zip
1 files changed, 178 insertions, 0 deletions
diff --git a/cryptfshw/1.0/qsee/QSEEComController.cpp b/cryptfshw/1.0/qsee/QSEEComController.cpp
new file mode 100644
index 0000000..9cc5b2b
--- /dev/null
+++ b/cryptfshw/1.0/qsee/QSEEComController.cpp
@@ -0,0 +1,178 @@
+/*
+ * Copyright (C) 2019 The LineageOS Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "vendor.qti.hardware.cryptfshw@1.0-impl-qti.qsee"
+
+#include "QSEEComController.h"
+
+#include <CryptfsHwUtils.h>
+#include <Types.h>
+#include <android-base/logging.h>
+#include <android-base/properties.h>
+#include <dlfcn.h>
+
+#include <thread>
+
+namespace {
+constexpr char kFilename[] = "libQSEEComAPI.so";
+
+#ifdef WAIT_FOR_QSEE
+bool IsQseecomUp() {
+    using namespace std::chrono_literals;
+    for (size_t i = 0; i < CRYPTFS_HW_UP_CHECK_COUNT; i++) {
+        if (::android::base::GetBoolProperty("sys.keymaster.loaded", false)) {
+            return true;
+        }
+        std::this_thread::sleep_for(100ms);
+    }
+
+    LOG(ERROR) << "Timed out waiting for QSEECom";
+    return false;
+}
+#endif
+}  // anonymous namespace
+
+namespace vendor {
+namespace qti {
+namespace hardware {
+namespace cryptfshw {
+namespace V1_0 {
+namespace implementation {
+namespace qsee {
+
+Controller::Controller() {
+    std::shared_ptr<void> handle(dlopen(kFilename, RTLD_LAZY | RTLD_LOCAL), [this](void* p) {
+        mFn_create_key = nullptr;
+        mFn_update_key_user_info = nullptr;
+        mFn_wipe_key = nullptr;
+
+        if (p != nullptr) {
+            int err = dlclose(p);
+            p = nullptr;
+            if (err != 0) {
+                LOG(ERROR) << "FAILED TO CLOSE LIBRARY " << kFilename;
+            }
+        }
+    });
+    if (handle == nullptr) {
+        LOG(ERROR) << "FAILED TO LOAD LIBRARY " << kFilename << ": " << dlerror();
+        return;
+    }
+
+#ifdef WAIT_FOR_QSEE
+    if (!IsQseecomUp()) {
+        LOG_TO(SYSTEM, ERROR)
+                << "Timed out waiting for QSEECom listeners. Aborting FDE key operation";
+        return;
+    }
+#endif
+
+    handle_ = handle;
+    mFn_create_key = loadFunction<int (*)(int, void*)>("QSEECom_create_key");
+    mFn_update_key_user_info =
+            loadFunction<int (*)(int, void*, void*)>("QSEECom_update_key_user_info");
+    mFn_wipe_key = loadFunction<int (*)(int)>("QSEECom_wipe_key");
+}
+
+template <typename Function>
+Function Controller::loadFunction(const char* name) {
+    void* fn = dlsym(handle_.get(), name);
+    if (fn == nullptr) {
+        LOG(ERROR) << "loadFunction -- failed to load function " << name;
+    }
+    return reinterpret_cast<Function>(fn);
+}
+
+int Controller::createKey(int usage, const char* passwd) {
+    int32_t ret;
+    unsigned char hash32[MAX_PASSWORD_LEN];
+
+    if (mFn_create_key == nullptr) return CRYPTFS_HW_UPDATE_KEY_FAILED;
+
+    GetTmpPasswd(passwd, hash32, MAX_PASSWORD_LEN);
+
+    ret = mFn_create_key(usage, hash32);
+    if (ret) {
+        LOG_TO(SYSTEM, ERROR) << "Error::Qseecom call to create encryption key for usage " << usage
+                              << " failed with ret = " << ret << ", errno = " << errno;
+        if (errno == ERANGE) {
+            ret = CRYPTFS_HW_KMS_MAX_FAILURE;
+        } else {
+            ret = CRYPTFS_HW_CREATE_KEY_FAILED;
+        }
+    } else {
+        LOG_TO(SYSTEM, ERROR) << "SUCESS::Qseecom call to create encryption key for usage " << usage
+                              << " success with ret = " << ret;
+    }
+
+    secure_memset(hash32, 0, MAX_PASSWORD_LEN);
+
+    return ret;
+}
+
+int Controller::updateKey(int usage, const char* oldpw, const char* newpw) {
+    int32_t ret;
+    unsigned char current_hash32[MAX_PASSWORD_LEN], new_hash32[MAX_PASSWORD_LEN];
+
+    if (mFn_update_key_user_info == nullptr) return CRYPTFS_HW_UPDATE_KEY_FAILED;
+
+    GetTmpPasswd(oldpw, current_hash32, MAX_PASSWORD_LEN);
+    GetTmpPasswd(newpw, new_hash32, MAX_PASSWORD_LEN);
+
+    ret = mFn_update_key_user_info(usage, current_hash32, new_hash32);
+    if (ret) {
+        LOG_TO(SYSTEM, ERROR) << "Error::Qseecom call to update the encryption key for usage "
+                              << usage << " failed with ret = " << ret << ", errno = " << errno;
+        if (errno == ERANGE) {
+            ret = CRYPTFS_HW_KMS_MAX_FAILURE;
+        } else {
+            ret = CRYPTFS_HW_UPDATE_KEY_FAILED;
+        }
+    } else {
+        LOG_TO(SYSTEM, ERROR) << "SUCCESS::Qseecom call to update the encryption key for usage "
+                              << usage << " success with ret = " << ret;
+    }
+
+    secure_memset(current_hash32, 0, MAX_PASSWORD_LEN);
+    secure_memset(new_hash32, 0, MAX_PASSWORD_LEN);
+
+    return ret;
+}
+
+int Controller::wipeKey(int usage) {
+    int32_t ret;
+
+    if (mFn_wipe_key == nullptr) return CRYPTFS_HW_UPDATE_KEY_FAILED;
+
+    ret = mFn_wipe_key(usage);
+    if (ret) {
+        LOG_TO(SYSTEM, ERROR) << "Error::Qseecom call to wipe the encryption key for usage "
+                              << usage << " failed with ret = " << ret << ", errno = " << errno;
+        ret = CRYPTFS_HW_WIPE_KEY_FAILED;
+    } else {
+        LOG_TO(SYSTEM, ERROR) << "SUCCESS::Qseecom call to wipe the encryption key for usage "
+                              << usage << " success with ret = " << ret;
+    }
+    return ret;
+}
+
+}  // namespace qsee
+}  // namespace implementation
+}  // namespace V1_0
+}  // namespace cryptfshw
+}  // namespace hardware
+}  // namespace qti
+}  // namespace vendor
author	dianlujitao <dianlujitao@lineageos.org>	2019-10-06 12:04:33 +0800
committer	Bruno Martins <bgcngm@gmail.com>	2019-12-24 16:36:03 +0100
commit	47d41f62e6f950ebec39f23c2325bb070957340c (patch)
tree	6d7e43d20c1519d1e27addd1577b73157c08e91c /cryptfshw/1.0/qsee/QSEEComController.cpp
parent	f59f921a5e9f059a6ce06f3a8e11982241ba54b8 (diff)
download	hardware_lineage_interfaces-lineage-17.0.tar.gz hardware_lineage_interfaces-lineage-17.0.tar.bz2 hardware_lineage_interfaces-lineage-17.0.zip