1 /*
2 * Copyright 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "common/libs/security/gatekeeper_channel.h"
18
19 #include <cstdlib>
20
21 #include <android-base/logging.h>
22 #include "keymaster/android_keymaster_utils.h"
23
24 #include "common/libs/fs/shared_buf.h"
25
26 namespace cuttlefish {
27
CreateGatekeeperMessage(uint32_t command,bool is_response,size_t payload_size)28 ManagedGatekeeperMessage CreateGatekeeperMessage(
29 uint32_t command, bool is_response, size_t payload_size) {
30 auto memory = std::malloc(payload_size + sizeof(GatekeeperRawMessage));
31 auto message = reinterpret_cast<GatekeeperRawMessage*>(memory);
32 message->cmd = command;
33 message->is_response = is_response;
34 message->payload_size = payload_size;
35 return ManagedGatekeeperMessage(message);
36 }
37
operator ()(GatekeeperRawMessage * ptr)38 void GatekeeperCommandDestroyer::operator()(GatekeeperRawMessage* ptr) {
39 {
40 keymaster::Eraser(ptr, sizeof(GatekeeperRawMessage) + ptr->payload_size);
41 }
42 std::free(ptr);
43 }
44
GatekeeperChannel(SharedFD channel)45 GatekeeperChannel::GatekeeperChannel(SharedFD channel) : channel_(channel) {
46 }
47
SendRequest(uint32_t command,const gatekeeper::GateKeeperMessage & message)48 bool GatekeeperChannel::SendRequest(
49 uint32_t command, const gatekeeper::GateKeeperMessage& message) {
50 return SendMessage(command, false, message);
51 }
52
SendResponse(uint32_t command,const gatekeeper::GateKeeperMessage & message)53 bool GatekeeperChannel::SendResponse(
54 uint32_t command, const gatekeeper::GateKeeperMessage& message) {
55 return SendMessage(command, true, message);
56 }
57
SendMessage(uint32_t command,bool is_response,const gatekeeper::GateKeeperMessage & message)58 bool GatekeeperChannel::SendMessage(
59 uint32_t command,
60 bool is_response,
61 const gatekeeper::GateKeeperMessage& message) {
62 LOG(DEBUG) << "Sending message with id: " << command;
63 auto payload_size = message.GetSerializedSize();
64 auto to_send = CreateGatekeeperMessage(command, is_response, payload_size);
65 message.Serialize(to_send->payload, to_send->payload + payload_size);
66 auto write_size = payload_size + sizeof(GatekeeperRawMessage);
67 auto to_send_bytes = reinterpret_cast<const char*>(to_send.get());
68 auto written = WriteAll(channel_, to_send_bytes, write_size);
69 if (written == -1) {
70 LOG(ERROR) << "Could not write Gatekeeper Message: " << channel_->StrError();
71 }
72 return written == write_size;
73 }
74
ReceiveMessage()75 ManagedGatekeeperMessage GatekeeperChannel::ReceiveMessage() {
76 struct GatekeeperRawMessage message_header;
77 auto read = ReadExactBinary(channel_, &message_header);
78 if (read != sizeof(GatekeeperRawMessage)) {
79 LOG(ERROR) << "Expected " << sizeof(GatekeeperRawMessage) << ", received "
80 << read;
81 LOG(ERROR) << "Could not read Gatekeeper Message: " << channel_->StrError();
82 return {};
83 }
84 LOG(DEBUG) << "Received message with id: " << message_header.cmd;
85 auto message = CreateGatekeeperMessage(message_header.cmd,
86 message_header.is_response,
87 message_header.payload_size);
88 auto message_bytes = reinterpret_cast<char*>(message->payload);
89 read = ReadExact(channel_, message_bytes, message->payload_size);
90 if (read != message->payload_size) {
91 LOG(ERROR) << "Could not read Gatekeeper Message: " << channel_->StrError();
92 return {};
93 }
94 return message;
95 }
96
97 } // namespace cuttlefish
98