summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorElliott Hughes2017-05-12 19:28:25 -0500
committerGerrit Code Review2017-05-12 19:28:28 -0500
commit81824ebf1f9fbae84da63df946d2a4b5e13838ad (patch)
tree1dbcc7fafa64c7f0530cd6364dcef796c7319fb4
parentf218210f6e312e0d175d9f4501dc705108496a4f (diff)
parentf8627cea7fd13ab5217aa97258b30199d189f0bb (diff)
downloadplatform-system-core-81824ebf1f9fbae84da63df946d2a4b5e13838ad.tar.gz
platform-system-core-81824ebf1f9fbae84da63df946d2a4b5e13838ad.tar.xz
platform-system-core-81824ebf1f9fbae84da63df946d2a4b5e13838ad.zip
Merge "Add libkeyutils."
-rw-r--r--init/Android.mk3
-rw-r--r--init/init.cpp11
-rw-r--r--init/keyutils.h44
l---------libkeyutils/.clang-format1
-rw-r--r--libkeyutils/Android.bp16
-rw-r--r--libkeyutils/include/keyutils.h56
-rw-r--r--libkeyutils/keyutils.cpp71
-rw-r--r--libkeyutils/keyutils_test.cpp46
8 files changed, 197 insertions, 51 deletions
diff --git a/init/Android.mk b/init/Android.mk
index d25e11982..0db65cb94 100644
--- a/init/Android.mk
+++ b/init/Android.mk
@@ -128,7 +128,8 @@ LOCAL_STATIC_LIBRARIES := \
128 libsparse \ 128 libsparse \
129 libz \ 129 libz \
130 libprocessgroup \ 130 libprocessgroup \
131 libavb 131 libavb \
132 libkeyutils \
132 133
133# Create symlinks. 134# Create symlinks.
134LOCAL_POST_INSTALL_CMD := $(hide) mkdir -p $(TARGET_ROOT_OUT)/sbin; \ 135LOCAL_POST_INSTALL_CMD := $(hide) mkdir -p $(TARGET_ROOT_OUT)/sbin; \
diff --git a/init/init.cpp b/init/init.cpp
index 878f164e0..8b5d15eee 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -21,7 +21,6 @@
21#include <errno.h> 21#include <errno.h>
22#include <fcntl.h> 22#include <fcntl.h>
23#include <inttypes.h> 23#include <inttypes.h>
24#include <keyutils.h>
25#include <libgen.h> 24#include <libgen.h>
26#include <paths.h> 25#include <paths.h>
27#include <signal.h> 26#include <signal.h>
@@ -39,10 +38,6 @@
39#include <sys/wait.h> 38#include <sys/wait.h>
40#include <unistd.h> 39#include <unistd.h>
41 40
42#include <selinux/selinux.h>
43#include <selinux/label.h>
44#include <selinux/android.h>
45
46#include <android-base/chrono_utils.h> 41#include <android-base/chrono_utils.h>
47#include <android-base/file.h> 42#include <android-base/file.h>
48#include <android-base/logging.h> 43#include <android-base/logging.h>
@@ -50,8 +45,12 @@
50#include <android-base/stringprintf.h> 45#include <android-base/stringprintf.h>
51#include <android-base/strings.h> 46#include <android-base/strings.h>
52#include <android-base/unique_fd.h> 47#include <android-base/unique_fd.h>
48#include <keyutils.h>
53#include <libavb/libavb.h> 49#include <libavb/libavb.h>
54#include <private/android_filesystem_config.h> 50#include <private/android_filesystem_config.h>
51#include <selinux/android.h>
52#include <selinux/label.h>
53#include <selinux/selinux.h>
55 54
56#include <fstream> 55#include <fstream>
57#include <memory> 56#include <memory>
@@ -1024,7 +1023,7 @@ int main(int argc, char** argv) {
1024 // Set up a session keyring that all processes will have access to. It 1023 // Set up a session keyring that all processes will have access to. It
1025 // will hold things like FBE encryption keys. No process should override 1024 // will hold things like FBE encryption keys. No process should override
1026 // its session keyring. 1025 // its session keyring.
1027 keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_SESSION_KEYRING, 1); 1026 keyctl_get_keyring_ID(KEY_SPEC_SESSION_KEYRING, 1);
1028 1027
1029 // Indicate that booting is in progress to background fw loaders, etc. 1028 // Indicate that booting is in progress to background fw loaders, etc.
1030 close(open("/dev/.booting", O_WRONLY | O_CREAT | O_CLOEXEC, 0000)); 1029 close(open("/dev/.booting", O_WRONLY | O_CREAT | O_CLOEXEC, 0000));
diff --git a/init/keyutils.h b/init/keyutils.h
deleted file mode 100644
index de01beb11..000000000
--- a/init/keyutils.h
+++ /dev/null
@@ -1,44 +0,0 @@
1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17/* Miniature version of a header-only keyutils.h (no library required) */
18
19#ifndef _INIT_KEYUTILS_H_
20#define _INIT_KEYUTILS_H_
21
22#ifndef KEYUTILS_H /* walk away if the _real_ one exists */
23
24#include <linux/keyctl.h>
25#include <stdarg.h>
26#include <sys/syscall.h>
27#include <unistd.h>
28
29static inline long keyctl(int cmd, ...) {
30 va_list va;
31 unsigned long arg2, arg3, arg4, arg5;
32
33 va_start(va, cmd);
34 arg2 = va_arg(va, unsigned long);
35 arg3 = va_arg(va, unsigned long);
36 arg4 = va_arg(va, unsigned long);
37 arg5 = va_arg(va, unsigned long);
38 va_end(va);
39 return syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5);
40}
41
42#endif
43
44#endif
diff --git a/libkeyutils/.clang-format b/libkeyutils/.clang-format
new file mode 120000
index 000000000..fd0645fdf
--- /dev/null
+++ b/libkeyutils/.clang-format
@@ -0,0 +1 @@
../.clang-format-2 \ No newline at end of file
diff --git a/libkeyutils/Android.bp b/libkeyutils/Android.bp
new file mode 100644
index 000000000..028525925
--- /dev/null
+++ b/libkeyutils/Android.bp
@@ -0,0 +1,16 @@
1cc_library {
2 name: "libkeyutils",
3 cflags: ["-Werror"],
4 defaults: ["linux_bionic_supported"],
5 export_include_dirs: ["include/"],
6 local_include_dirs: ["include/"],
7 srcs: ["keyutils.cpp"],
8 stl: "none",
9}
10
11cc_test {
12 name: "libkeyutils-tests",
13 cflags: ["-Werror"],
14 shared_libs: ["libkeyutils"],
15 srcs: ["keyutils_test.cpp"],
16}
diff --git a/libkeyutils/include/keyutils.h b/libkeyutils/include/keyutils.h
new file mode 100644
index 000000000..585767d7a
--- /dev/null
+++ b/libkeyutils/include/keyutils.h
@@ -0,0 +1,56 @@
1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the
13 * distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#ifndef _KEYUTILS_H_
30#define _KEYUTILS_H_
31
32#include <linux/keyctl.h>
33#include <stdint.h>
34#include <sys/cdefs.h>
35
36__BEGIN_DECLS
37
38typedef int32_t key_serial_t;
39
40key_serial_t add_key(const char* type, const char* description, const void* payload,
41 size_t payload_length, key_serial_t ring_id);
42
43key_serial_t keyctl_get_keyring_ID(key_serial_t id, int create);
44
45long keyctl_revoke(key_serial_t id); /* TODO: remove this */
46
47long keyctl_search(key_serial_t ring_id, const char* type, const char* description,
48 key_serial_t dest_ring_id);
49
50long keyctl_setperm(key_serial_t id, int permissions);
51
52long keyctl_unlink(key_serial_t key, key_serial_t keyring);
53
54__END_DECLS
55
56#endif
diff --git a/libkeyutils/keyutils.cpp b/libkeyutils/keyutils.cpp
new file mode 100644
index 000000000..58a2a17b0
--- /dev/null
+++ b/libkeyutils/keyutils.cpp
@@ -0,0 +1,71 @@
1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the
13 * distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#include <keyutils.h>
30
31#include <stdarg.h>
32#include <sys/syscall.h>
33#include <unistd.h>
34
35// Deliberately not exposed. Callers should use the typed APIs instead.
36static long keyctl(int cmd, ...) {
37 va_list va;
38 va_start(va, cmd);
39 unsigned long arg2 = va_arg(va, unsigned long);
40 unsigned long arg3 = va_arg(va, unsigned long);
41 unsigned long arg4 = va_arg(va, unsigned long);
42 unsigned long arg5 = va_arg(va, unsigned long);
43 va_end(va);
44 return syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5);
45}
46
47key_serial_t add_key(const char* type, const char* description, const void* payload,
48 size_t payload_length, key_serial_t ring_id) {
49 return syscall(__NR_add_key, type, description, payload, payload_length, ring_id);
50}
51
52key_serial_t keyctl_get_keyring_ID(key_serial_t id, int create) {
53 return keyctl(KEYCTL_GET_KEYRING_ID, id, create);
54}
55
56long keyctl_revoke(key_serial_t id) {
57 return keyctl(KEYCTL_REVOKE, id);
58}
59
60long keyctl_search(key_serial_t ring_id, const char* type, const char* description,
61 key_serial_t dest_ring_id) {
62 return keyctl(KEYCTL_SEARCH, ring_id, type, description, dest_ring_id);
63}
64
65long keyctl_setperm(key_serial_t id, int permissions) {
66 return keyctl(KEYCTL_SETPERM, id, permissions);
67}
68
69long keyctl_unlink(key_serial_t key, key_serial_t keyring) {
70 return keyctl(KEYCTL_UNLINK, key, keyring);
71}
diff --git a/libkeyutils/keyutils_test.cpp b/libkeyutils/keyutils_test.cpp
new file mode 100644
index 000000000..d41c91b68
--- /dev/null
+++ b/libkeyutils/keyutils_test.cpp
@@ -0,0 +1,46 @@
1/*
2 * Copyright (C) 2017 The Android Open Source Project
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the
13 * distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29#include <keyutils.h>
30
31#include <dlfcn.h>
32
33#include <gtest/gtest.h>
34
35TEST(keyutils, smoke) {
36 // Check that the exported type is sane.
37 ASSERT_EQ(4U, sizeof(key_serial_t));
38
39 // Check that all the functions actually exist.
40 ASSERT_TRUE(dlsym(nullptr, "add_key") != nullptr);
41 ASSERT_TRUE(dlsym(nullptr, "keyctl_get_keyring_ID") != nullptr);
42 ASSERT_TRUE(dlsym(nullptr, "keyctl_revoke") != nullptr);
43 ASSERT_TRUE(dlsym(nullptr, "keyctl_search") != nullptr);
44 ASSERT_TRUE(dlsym(nullptr, "keyctl_setperm") != nullptr);
45 ASSERT_TRUE(dlsym(nullptr, "keyctl_unlink") != nullptr);
46}