diff options
-rw-r--r-- | trusty/Android.bp | 1 | ||||
-rw-r--r-- | trusty/nvram/Android.bp | 61 | ||||
-rw-r--r-- | trusty/nvram/module.c | 39 | ||||
-rw-r--r-- | trusty/nvram/nvram_wipe.cpp | 66 | ||||
-rw-r--r-- | trusty/nvram/trusty_nvram_device.cpp | 32 | ||||
-rw-r--r-- | trusty/nvram/trusty_nvram_implementation.cpp | 113 | ||||
-rw-r--r-- | trusty/nvram/trusty_nvram_implementation.h | 59 |
7 files changed, 0 insertions, 371 deletions
diff --git a/trusty/Android.bp b/trusty/Android.bp index 386fbe623..2fb2e194b 100644 --- a/trusty/Android.bp +++ b/trusty/Android.bp | |||
@@ -2,6 +2,5 @@ subdirs = [ | |||
2 | "gatekeeper", | 2 | "gatekeeper", |
3 | "keymaster", | 3 | "keymaster", |
4 | "libtrusty", | 4 | "libtrusty", |
5 | "nvram", | ||
6 | "storage/*", | 5 | "storage/*", |
7 | ] | 6 | ] |
diff --git a/trusty/nvram/Android.bp b/trusty/nvram/Android.bp deleted file mode 100644 index 15e6c3e5e..000000000 --- a/trusty/nvram/Android.bp +++ /dev/null | |||
@@ -1,61 +0,0 @@ | |||
1 | // | ||
2 | // Copyright (C) 2016 The Android Open-Source Project | ||
3 | // | ||
4 | // Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | // you may not use this file except in compliance with the License. | ||
6 | // You may obtain a copy of the License at | ||
7 | // | ||
8 | // http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | // | ||
10 | // Unless required by applicable law or agreed to in writing, software | ||
11 | // distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | // See the License for the specific language governing permissions and | ||
14 | // limitations under the License. | ||
15 | // | ||
16 | |||
17 | // nvram.trusty is the Trusty NVRAM HAL module. | ||
18 | cc_library_shared { | ||
19 | name: "nvram.trusty", | ||
20 | relative_install_path: "hw", | ||
21 | srcs: [ | ||
22 | "module.c", | ||
23 | "trusty_nvram_device.cpp", | ||
24 | "trusty_nvram_implementation.cpp", | ||
25 | ], | ||
26 | |||
27 | cflags: [ | ||
28 | "-Wall", | ||
29 | "-Werror", | ||
30 | "-Wextra", | ||
31 | "-fvisibility=hidden", | ||
32 | ], | ||
33 | static_libs: ["libnvram-hal"], | ||
34 | shared_libs: [ | ||
35 | "libtrusty", | ||
36 | "libnvram-messages", | ||
37 | "liblog", | ||
38 | ], | ||
39 | } | ||
40 | |||
41 | // nvram-wipe is a helper tool for clearing NVRAM state. | ||
42 | cc_binary { | ||
43 | name: "nvram-wipe", | ||
44 | srcs: [ | ||
45 | "nvram_wipe.cpp", | ||
46 | "trusty_nvram_implementation.cpp", | ||
47 | ], | ||
48 | |||
49 | cflags: [ | ||
50 | "-Wall", | ||
51 | "-Werror", | ||
52 | "-Wextra", | ||
53 | "-fvisibility=hidden", | ||
54 | ], | ||
55 | static_libs: ["libnvram-hal"], | ||
56 | shared_libs: [ | ||
57 | "libtrusty", | ||
58 | "libnvram-messages", | ||
59 | "liblog", | ||
60 | ], | ||
61 | } | ||
diff --git a/trusty/nvram/module.c b/trusty/nvram/module.c deleted file mode 100644 index a2e64d372..000000000 --- a/trusty/nvram/module.c +++ /dev/null | |||
@@ -1,39 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2016 The Android Open Source Project | ||
3 | * | ||
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | * you may not use this file except in compliance with the License. | ||
6 | * You may obtain a copy of the License at | ||
7 | * | ||
8 | * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | * | ||
10 | * Unless required by applicable law or agreed to in writing, software | ||
11 | * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | * See the License for the specific language governing permissions and | ||
14 | * limitations under the License. | ||
15 | */ | ||
16 | |||
17 | #include <hardware/nvram.h> | ||
18 | |||
19 | // This function is defined in trusty_nvram_device.cpp. | ||
20 | int trusty_nvram_open(const hw_module_t* module, | ||
21 | const char* device_id, | ||
22 | hw_device_t** device_ptr); | ||
23 | |||
24 | static struct hw_module_methods_t nvram_module_methods = { | ||
25 | .open = trusty_nvram_open, | ||
26 | }; | ||
27 | |||
28 | struct nvram_module HAL_MODULE_INFO_SYM | ||
29 | __attribute__((visibility("default"))) = { | ||
30 | .common = {.tag = HARDWARE_MODULE_TAG, | ||
31 | .module_api_version = NVRAM_MODULE_API_VERSION_0_1, | ||
32 | .hal_api_version = HARDWARE_HAL_API_VERSION, | ||
33 | .id = NVRAM_HARDWARE_MODULE_ID, | ||
34 | .name = "Trusty NVRAM HAL", | ||
35 | .author = "The Android Open Source Project", | ||
36 | .methods = &nvram_module_methods, | ||
37 | .dso = 0, | ||
38 | .reserved = {}}, | ||
39 | }; | ||
diff --git a/trusty/nvram/nvram_wipe.cpp b/trusty/nvram/nvram_wipe.cpp deleted file mode 100644 index d0f4faded..000000000 --- a/trusty/nvram/nvram_wipe.cpp +++ /dev/null | |||
@@ -1,66 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2016 The Android Open Source Project | ||
3 | * | ||
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | * you may not use this file except in compliance with the License. | ||
6 | * You may obtain a copy of the License at | ||
7 | * | ||
8 | * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | * | ||
10 | * Unless required by applicable law or agreed to in writing, software | ||
11 | * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | * See the License for the specific language governing permissions and | ||
14 | * limitations under the License. | ||
15 | */ | ||
16 | |||
17 | #include <stdio.h> | ||
18 | #include <stdlib.h> | ||
19 | #include <string.h> | ||
20 | |||
21 | #include <nvram/messages/nvram_messages.h> | ||
22 | |||
23 | #include "trusty_nvram_implementation.h" | ||
24 | |||
25 | void usage(const char* program_name) { | ||
26 | fprintf(stderr, "Usage: %s [status|disable|wipe]\n", program_name); | ||
27 | exit(-1); | ||
28 | } | ||
29 | |||
30 | int main(int argc, char* argv[]) { | ||
31 | if (argc < 2) { | ||
32 | usage(argv[0]); | ||
33 | } | ||
34 | |||
35 | nvram::TrustyNvramImplementation nvram_proxy; | ||
36 | nvram::Request request; | ||
37 | nvram::Response response; | ||
38 | |||
39 | if (!strcmp(argv[1], "status")) { | ||
40 | request.payload.Activate<nvram::COMMAND_GET_INFO>(); | ||
41 | nvram_proxy.Execute(request, &response); | ||
42 | const nvram::GetInfoResponse* get_info_response = | ||
43 | response.payload.get<nvram::COMMAND_GET_INFO>(); | ||
44 | if (response.result == NV_RESULT_SUCCESS) { | ||
45 | int status = get_info_response && get_info_response->wipe_disabled; | ||
46 | printf("Wiping disabled: %d\n", status); | ||
47 | return status; | ||
48 | } | ||
49 | } else if (!strcmp(argv[1], "disable")) { | ||
50 | request.payload.Activate<nvram::COMMAND_DISABLE_WIPE>(); | ||
51 | nvram_proxy.Execute(request, &response); | ||
52 | } else if (!strcmp(argv[1], "wipe")) { | ||
53 | request.payload.Activate<nvram::COMMAND_WIPE_STORAGE>(); | ||
54 | nvram_proxy.Execute(request, &response); | ||
55 | } else { | ||
56 | usage(argv[0]); | ||
57 | } | ||
58 | |||
59 | if (response.result != NV_RESULT_SUCCESS) { | ||
60 | fprintf(stderr, "Command execution failure: %u\n", response.result); | ||
61 | return -1; | ||
62 | } | ||
63 | |||
64 | return 0; | ||
65 | } | ||
66 | |||
diff --git a/trusty/nvram/trusty_nvram_device.cpp b/trusty/nvram/trusty_nvram_device.cpp deleted file mode 100644 index 2c50915d4..000000000 --- a/trusty/nvram/trusty_nvram_device.cpp +++ /dev/null | |||
@@ -1,32 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2016 The Android Open Source Project | ||
3 | * | ||
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | * you may not use this file except in compliance with the License. | ||
6 | * You may obtain a copy of the License at | ||
7 | * | ||
8 | * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | * | ||
10 | * Unless required by applicable law or agreed to in writing, software | ||
11 | * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | * See the License for the specific language governing permissions and | ||
14 | * limitations under the License. | ||
15 | */ | ||
16 | |||
17 | #include <nvram/hal/nvram_device_adapter.h> | ||
18 | |||
19 | #include "trusty_nvram_implementation.h" | ||
20 | |||
21 | extern "C" int trusty_nvram_open(const hw_module_t* module, | ||
22 | const char* device_id, | ||
23 | hw_device_t** device_ptr) { | ||
24 | if (strcmp(NVRAM_HARDWARE_DEVICE_ID, device_id) != 0) { | ||
25 | return -EINVAL; | ||
26 | } | ||
27 | |||
28 | nvram::NvramDeviceAdapter* adapter = new nvram::NvramDeviceAdapter( | ||
29 | module, new nvram::TrustyNvramImplementation); | ||
30 | *device_ptr = adapter->as_device(); | ||
31 | return 0; | ||
32 | } | ||
diff --git a/trusty/nvram/trusty_nvram_implementation.cpp b/trusty/nvram/trusty_nvram_implementation.cpp deleted file mode 100644 index 9215c8502..000000000 --- a/trusty/nvram/trusty_nvram_implementation.cpp +++ /dev/null | |||
@@ -1,113 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2016 The Android Open Source Project | ||
3 | * | ||
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | * you may not use this file except in compliance with the License. | ||
6 | * You may obtain a copy of the License at | ||
7 | * | ||
8 | * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | * | ||
10 | * Unless required by applicable law or agreed to in writing, software | ||
11 | * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | * See the License for the specific language governing permissions and | ||
14 | * limitations under the License. | ||
15 | */ | ||
16 | |||
17 | #define LOG_TAG "TrustyNVRAM" | ||
18 | |||
19 | #include "trusty_nvram_implementation.h" | ||
20 | |||
21 | #include <errno.h> | ||
22 | #include <string.h> | ||
23 | #include <unistd.h> | ||
24 | |||
25 | #include <hardware/nvram.h> | ||
26 | #include <log/log.h> | ||
27 | #include <trusty/tipc.h> | ||
28 | |||
29 | #include <nvram/messages/blob.h> | ||
30 | |||
31 | namespace nvram { | ||
32 | namespace { | ||
33 | |||
34 | // Character device to open for Trusty IPC connections. | ||
35 | const char kTrustyDeviceName[] = "/dev/trusty-ipc-dev0"; | ||
36 | |||
37 | // App identifier of the NVRAM app. | ||
38 | const char kTrustyNvramAppId[] = "com.android.trusty.nvram"; | ||
39 | |||
40 | } // namespace | ||
41 | |||
42 | TrustyNvramImplementation::~TrustyNvramImplementation() { | ||
43 | if (tipc_nvram_fd_ != -1) { | ||
44 | tipc_close(tipc_nvram_fd_); | ||
45 | tipc_nvram_fd_ = -1; | ||
46 | } | ||
47 | } | ||
48 | |||
49 | void TrustyNvramImplementation::Execute(const nvram::Request& request, | ||
50 | nvram::Response* response) { | ||
51 | if (!SendRequest(request, response)) { | ||
52 | response->result = NV_RESULT_INTERNAL_ERROR; | ||
53 | } | ||
54 | } | ||
55 | |||
56 | bool TrustyNvramImplementation::Connect() { | ||
57 | if (tipc_nvram_fd_ != -1) { | ||
58 | return true; | ||
59 | } | ||
60 | |||
61 | int rc = tipc_connect(kTrustyDeviceName, kTrustyNvramAppId); | ||
62 | if (rc < 0) { | ||
63 | ALOGE("Failed to connect to Trusty NVRAM app: %s\n", strerror(-rc)); | ||
64 | return false; | ||
65 | } | ||
66 | |||
67 | tipc_nvram_fd_ = rc; | ||
68 | return true; | ||
69 | } | ||
70 | |||
71 | bool TrustyNvramImplementation::SendRequest(const nvram::Request& request, | ||
72 | nvram::Response* response) { | ||
73 | if (!Connect()) { | ||
74 | return false; | ||
75 | } | ||
76 | |||
77 | nvram::Blob request_buffer; | ||
78 | if (!nvram::Encode(request, &request_buffer)) { | ||
79 | ALOGE("Failed to encode NVRAM request.\n"); | ||
80 | return false; | ||
81 | } | ||
82 | |||
83 | ssize_t rc = | ||
84 | write(tipc_nvram_fd_, request_buffer.data(), request_buffer.size()); | ||
85 | if (rc < 0) { | ||
86 | ALOGE("Failed to send NVRAM request: %s\n", strerror(-rc)); | ||
87 | return false; | ||
88 | } | ||
89 | if (static_cast<size_t>(rc) != request_buffer.size()) { | ||
90 | ALOGE("Failed to send full request buffer: %zd\n", rc); | ||
91 | return false; | ||
92 | } | ||
93 | |||
94 | rc = read(tipc_nvram_fd_, response_buffer_, sizeof(response_buffer_)); | ||
95 | if (rc < 0) { | ||
96 | ALOGE("Failed to read NVRAM response: %s\n", strerror(-rc)); | ||
97 | return false; | ||
98 | } | ||
99 | |||
100 | if (static_cast<size_t>(rc) >= sizeof(response_buffer_)) { | ||
101 | ALOGE("NVRAM response exceeds response buffer size.\n"); | ||
102 | return false; | ||
103 | } | ||
104 | |||
105 | if (!nvram::Decode(response_buffer_, static_cast<size_t>(rc), response)) { | ||
106 | ALOGE("Failed to decode NVRAM response.\n"); | ||
107 | return false; | ||
108 | } | ||
109 | |||
110 | return true; | ||
111 | } | ||
112 | |||
113 | } // namespace nvram | ||
diff --git a/trusty/nvram/trusty_nvram_implementation.h b/trusty/nvram/trusty_nvram_implementation.h deleted file mode 100644 index 60758f7fb..000000000 --- a/trusty/nvram/trusty_nvram_implementation.h +++ /dev/null | |||
@@ -1,59 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2016 The Android Open Source Project | ||
3 | * | ||
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | ||
5 | * you may not use this file except in compliance with the License. | ||
6 | * You may obtain a copy of the License at | ||
7 | * | ||
8 | * http://www.apache.org/licenses/LICENSE-2.0 | ||
9 | * | ||
10 | * Unless required by applicable law or agreed to in writing, software | ||
11 | * distributed under the License is distributed on an "AS IS" BASIS, | ||
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
13 | * See the License for the specific language governing permissions and | ||
14 | * limitations under the License. | ||
15 | */ | ||
16 | |||
17 | #ifndef TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_ | ||
18 | #define TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_ | ||
19 | |||
20 | #include <stdint.h> | ||
21 | |||
22 | #include <nvram/hal/nvram_device_adapter.h> | ||
23 | #include <nvram/messages/nvram_messages.h> | ||
24 | |||
25 | namespace nvram { | ||
26 | |||
27 | // |TrustyNvramImplementation| proxies requests to the Trusty NVRAM app. It | ||
28 | // serializes the request objects, sends it to the Trusty app and finally reads | ||
29 | // back the result and decodes it. | ||
30 | class TrustyNvramImplementation : public nvram::NvramImplementation { | ||
31 | public: | ||
32 | ~TrustyNvramImplementation() override; | ||
33 | |||
34 | void Execute(const nvram::Request& request, | ||
35 | nvram::Response* response) override; | ||
36 | |||
37 | private: | ||
38 | // Connects the IPC channel to the Trusty app if it is not already open. | ||
39 | // Returns true if the channel is open, false on errors. | ||
40 | bool Connect(); | ||
41 | |||
42 | // Dispatches a command to the trust app. Returns true if successful (note | ||
43 | // that the response may still indicate an error on the Trusty side), false if | ||
44 | // there are any I/O or encoding/decoding errors. | ||
45 | bool SendRequest(const nvram::Request& request, | ||
46 | nvram::Response* response); | ||
47 | |||
48 | // The file descriptor for the IPC connection to the Trusty app. | ||
49 | int tipc_nvram_fd_ = -1; | ||
50 | |||
51 | // Response buffer. This puts a hard size limit on the responses from the | ||
52 | // Trusty app. 4096 matches the maximum IPC message size currently supported | ||
53 | // by Trusty. | ||
54 | uint8_t response_buffer_[4096]; | ||
55 | }; | ||
56 | |||
57 | } // namespace nvram | ||
58 | |||
59 | #endif // TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_ | ||