1 /*
2 * Copyright (C) 2022 Huawei Technologies Co., Ltd.
3 * Licensed under the Mulan PSL v2.
4 * You can use this software according to the terms and conditions of the Mulan PSL v2.
5 * You may obtain a copy of Mulan PSL v2 at:
6 * http://license.coscl.org.cn/MulanPSL2
7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
9 * PURPOSE.
10 * See the Mulan PSL v2 for more details.
11 */
12 #include "ssa_fs.h"
13 #include <string.h>
14 #include <tee_init.h>
15 #include <tee_trusted_storage_api.h>
16 #include <tee_log.h>
17 #include <ta_framework.h>
18 #include <tee_crypto_api.h>
19 #include <securec.h>
20 #ifdef CRYPTO_USE_SW_ENGINE
21 #include <crypto_wrapper.h>
22 #endif
23 #include <tee_ss_agent_api.h>
24 #include "agent.h"
25 #include "sfs_internal.h"
26 #include "ssa_fs_error.h"
27
28 enum fs_cmd_t {
29 SEC_OPEN,
30 SEC_CLOSE,
31 SEC_READ,
32 SEC_WRITE,
33 SEC_SEEK,
34 SEC_REMOVE,
35 SEC_TRUNCATE,
36 SEC_RENAME,
37 SEC_CREATE,
38 SEC_INFO,
39 SEC_ACCESS,
40 SEC_ACCESS2, /* opt in all path */
41 SEC_FSYNC,
42 SEC_COPY,
43 SEC_DISKUSAGE,
44 SEC_DELETE_ALL,
45 };
46
47 enum {
48 SEC_WRITE_SLOG,
49 SEC_WRITE_SSA,
50 };
51
52 #ifndef FILE_NAME_MAX_BUF
53 #define FILE_NAME_MAX_BUF 256
54 #endif
55
56 #define DOUBLE_FILE_NAME_MAX_BUF (256 * 2)
57 #define MAX_MODE_LEN 4
58 struct sec_storage_t {
59 enum fs_cmd_t cmd; /* for s to n */
60 int32_t ret; /* fxxx call's return */
61 int32_t ret2; /* just for fread, judge end-of-file or error */
62 uint32_t userid;
63 uint32_t storageid;
64 uint32_t magic;
65 uint32_t errnum;
66 union __args {
67 struct {
68 char mode[MAX_MODE_LEN];
69 uint32_t name_len;
70 uint32_t name[1];
71 } open;
72 struct {
73 int32_t fd;
74 } close;
75 struct {
76 int32_t fd;
77 uint32_t count;
78 uint32_t buffer[1];
79 } read;
80 struct {
81 int32_t fd;
82 uint32_t count;
83 uint32_t buffer[1];
84 } write;
85 struct {
86 int32_t fd;
87 int32_t offset;
88 uint32_t whence;
89 } seek;
90 struct {
91 uint32_t name_len;
92 uint32_t name[1];
93 } remove;
94 struct {
95 uint32_t len;
96 uint32_t name_len;
97 uint32_t name[1];
98 } truncate;
99 struct {
100 uint32_t old_name_len;
101 uint32_t new_name_len;
102 uint32_t buffer[1]; /* old_name + new_name */
103 } rename;
104 struct {
105 uint32_t from_path_len;
106 uint32_t to_path_len;
107 uint32_t buffer[1]; /* from_path + to_path */
108 } cp;
109 struct {
110 char mode[MAX_MODE_LEN];
111 uint32_t name_len;
112 uint32_t name[1];
113 } create;
114 struct {
115 int32_t fd;
116 uint32_t cur_pos;
117 uint32_t file_len;
118 } info;
119 struct {
120 int mode;
121 uint32_t name_len;
122 uint32_t name[1];
123 } access;
124 struct {
125 int32_t fd;
126 } fsync;
127 struct {
128 uint32_t sec_storage;
129 uint32_t data;
130 } diskusage;
131 struct {
132 uint32_t path_len;
133 uint32_t path[1];
134 } deleteall;
135 } args;
136 };
137
138 /* sec storage share buffer control struct, agent trans buffer */
139 static struct sec_storage_t *g_fs_agent_buffer = NULL;
140
check_file_name(const char * name)141 TEE_Result check_file_name(const char *name)
142 {
143 if (name == NULL)
144 return TEE_ERROR_BAD_PARAMETERS;
145
146 /*
147 * If TA or storage task pass sec_storage/../data/xxx, this will write to data dir.
148 * file name must not have ".." str, to against sec_storage/../data attack
149 */
150 if (strstr(name, FILE_NAME_INVALID_STR)) {
151 tloge("Invalid file name(file name contain ..) :%s\n", name);
152 return TEE_ERROR_BAD_PARAMETERS;
153 }
154 if (strlen(name) > (HASH_NAME_BUFF_LEN - 1)) {
155 tloge("Invalid file name name is too long :%s\n", name);
156 return TEE_ERROR_BAD_PARAMETERS;
157 }
158
159 return TEE_SUCCESS;
160 }
161
check_name_by_storageid_for_ce(const char * obj_id,char * pos)162 static TEE_Result check_name_by_storageid_for_ce(const char *obj_id, char *pos)
163 {
164 if (pos == NULL) {
165 tloge("invalid paramerers");
166 return TEE_ERROR_BAD_PARAMETERS;
167 }
168
169 char *ptr = NULL;
170
171 if (strstr(pos, FILE_DIR_FLAG) == NULL) {
172 tloge("For CE storage, the file name must meet the rule 'userid/xxx'");
173 return TEE_ERROR_STORAGE_PATH_WRONG;
174 }
175
176 if (strncmp(pos, USERID0_DIR_FLAG, strlen(USERID0_DIR_FLAG)) != 0 || strlen(pos) <= strlen(USERID0_DIR_FLAG)) {
177 (void)strtok_r(pos, FILE_DIR_FLAG, &ptr);
178 if (strlen(ptr) == 0 || !(atoi(pos) >= MULTI_USERID)) {
179 tloge("The file name does not match the CE storage ID, obj_id:%s", obj_id);
180 return TEE_ERROR_STORAGE_PATH_WRONG;
181 }
182 }
183
184 return TEE_SUCCESS;
185 }
186
check_name_by_storageid(const char * obj_id,uint32_t obj_len,uint32_t storage_id)187 TEE_Result check_name_by_storageid(const char *obj_id, uint32_t obj_len, uint32_t storage_id)
188 {
189 char temp[FILE_NAME_MAX_BUF] = { '\0' };
190 char *pos = temp;
191 int rc;
192
193 if (obj_id == NULL)
194 return TEE_ERROR_BAD_PARAMETERS;
195
196 rc = memcpy_s(pos, FILE_NAME_MAX_BUF, obj_id, obj_len);
197 if (rc != EOK) {
198 tloge("copy failed");
199 return TEE_ERROR_SECURITY;
200 }
201
202 if (strncmp(pos, FILE_DIR_FLAG, strlen(FILE_DIR_FLAG)) == 0)
203 pos += strlen(FILE_DIR_FLAG);
204 else if (strncmp(pos, CUR_FILE_DIR_FLAG, strlen(CUR_FILE_DIR_FLAG)) == 0)
205 pos += strlen(CUR_FILE_DIR_FLAG);
206
207 if (storage_id == TEE_OBJECT_STORAGE_PRIVATE) {
208 if (pos == strstr(pos, SFS_PERSO) || pos == strstr(pos, SFS_PRIVATE) ||
209 pos == strstr(pos, SFS_PARTITION_TRANSIENT_PERSO) || pos == strstr(pos, SFS_PARTITION_TRANSIENT_PRIVATE)) {
210 tloge("The file name does not match the storage ID, obj_id:%s", pos);
211 return TEE_ERROR_STORAGE_PATH_WRONG;
212 }
213 } else if (storage_id == TEE_OBJECT_STORAGE_CE) {
214 return check_name_by_storageid_for_ce(obj_id, pos);
215 }
216 return TEE_SUCCESS;
217 }
218
tee_fs_init(void * control)219 TEE_Result tee_fs_init(void *control)
220 {
221 if (control == NULL)
222 return TEE_ERROR_BAD_PARAMETERS;
223
224 g_fs_agent_buffer = control;
225 if (g_fs_agent_buffer)
226 g_fs_agent_buffer->magic = TEE_FS_AGENT_ID;
227
228 return TEE_SUCCESS;
229 }
230
tee_fs_exit(void)231 void tee_fs_exit(void)
232 {
233 g_fs_agent_buffer = NULL;
234 }
235
fs_ns_error_lookup(uint32_t ns_errno)236 static TEE_Result fs_ns_error_lookup(uint32_t ns_errno)
237 {
238 uint32_t i;
239 for (i = 0; g_fs_error_strings[i].msg != NULL; ++i) {
240 if (g_fs_error_strings[i].ns_errno == ns_errno)
241 return g_fs_error_strings[i].s_errno;
242 }
243 return TEE_ERROR_GENERIC;
244 }
245
246 static TEE_Result g_fs_errno = TEE_SUCCESS;
fs_set_serr(uint32_t ns_errno)247 void fs_set_serr(uint32_t ns_errno)
248 {
249 g_fs_errno = fs_ns_error_lookup(ns_errno);
250 }
251
fs_get_serr(void)252 TEE_Result fs_get_serr(void)
253 {
254 return g_fs_errno;
255 }
256
get_fs_meta_size()257 uint32_t get_fs_meta_size()
258 {
259 return (sizeof(struct sec_storage_t));
260 }
261
is_agent_alive(void)262 static bool is_agent_alive(void)
263 {
264 return (g_fs_agent_buffer != NULL) ? true : false;
265 }
266
encode_open_mode(uint32_t flag,char * mode)267 static int32_t encode_open_mode(uint32_t flag, char *mode)
268 {
269 uint32_t use_flag = flag & (uint32_t)(TEE_DATA_FLAG_ACCESS_WRITE | TEE_DATA_FLAG_ACCESS_READ);
270
271 if (mode == NULL)
272 return -1;
273
274 switch (use_flag) {
275 case TEE_DATA_FLAG_ACCESS_WRITE:
276 mode[0] = 'r';
277 mode[1] = '+';
278 mode[2] = '\0';
279 break;
280 case TEE_DATA_FLAG_ACCESS_READ:
281 mode[0] = 'r';
282 mode[1] = '\0';
283 break;
284 case (TEE_DATA_FLAG_ACCESS_WRITE | TEE_DATA_FLAG_ACCESS_READ):
285 mode[0] = 'r';
286 mode[1] = '+';
287 mode[2] = '\0';
288 break;
289 default:
290 tloge("deny read/write access, flag = 0x%x, use_flag = 0x%x\n", flag, use_flag);
291 return -1;
292 }
293 return 0;
294 }
295
296 #define TEE_EXT_GET_REE_USERID get_ree_user_id()
297
get_fs_agent_lock()298 int32_t get_fs_agent_lock()
299 {
300 if (!is_agent_alive()) {
301 tloge("sec storage is dead\n");
302 return -1;
303 }
304
305 ssa_obtain_agent_work_lock(TEE_FS_AGENT_ID);
306 return 0;
307 }
308
ssa_fs_fopen(const char * name,uint32_t flag,uint32_t storage_id)309 int32_t ssa_fs_fopen(const char *name, uint32_t flag, uint32_t storage_id)
310 {
311 char mode[MAX_MODE_LEN] = { 0 };
312 uint32_t name_len;
313 int32_t fd = -1;
314 uint32_t ret_errno = EINVAL;
315
316 if (name == NULL)
317 goto return_fd;
318
319 if (encode_open_mode(flag, mode)) {
320 tloge("encode open mode error!\n");
321 goto return_fd;
322 }
323 /* obtaion tee fs's work lock */
324 if (get_fs_agent_lock() != 0) {
325 ret_errno = ESTORAGEDEAD;
326 goto return_fd;
327 }
328
329 /* encode args */
330 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
331 g_fs_agent_buffer->storageid = storage_id;
332 if (memmove_s(g_fs_agent_buffer->args.open.mode, sizeof(g_fs_agent_buffer->args.open.mode),
333 mode, sizeof(mode)) != EOK)
334 goto return_unlock;
335
336 name_len = (uint32_t)strlen(name) + 1;
337 g_fs_agent_buffer->args.open.name_len = name_len;
338 if (memmove_s(g_fs_agent_buffer->args.open.name, FILE_NAME_MAX_BUF, (char *)name, name_len) != EOK)
339 goto return_unlock;
340
341 g_fs_agent_buffer->magic = 0;
342 /* call ns agent */
343 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_OPEN, (uint32_t *)(&g_fs_agent_buffer->cmd));
344 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
345 tloge("teecd was killed, just return Error\n");
346 ret_errno = ESTORAGEDEAD;
347 goto return_unlock;
348 }
349 /* -1:opt failed, >0:file handler */
350 fd = g_fs_agent_buffer->ret;
351 ret_errno = g_fs_agent_buffer->errnum;
352
353 return_unlock:
354 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
355 return_fd:
356 fs_set_serr(ret_errno);
357 return fd;
358 }
359
ssa_fs_fclose(int32_t fd)360 int32_t ssa_fs_fclose(int32_t fd)
361 {
362 int32_t ret = -1;
363 uint32_t ret_errno = ESTORAGEDEAD;
364
365 /* obtaion tee fs's work lock */
366 if (get_fs_agent_lock() != 0)
367 goto retrun_errno;
368
369 /* encode args */
370 g_fs_agent_buffer->args.close.fd = fd;
371 tlogd("close file: fd = %d\n", fd);
372 g_fs_agent_buffer->magic = 0;
373
374 /* call ns agent */
375 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_CLOSE, (uint32_t *)(&g_fs_agent_buffer->cmd));
376 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
377 tloge("teecd was killed, just return Error\n");
378 goto return_unlock;
379 }
380 /* get return val */
381 ret = g_fs_agent_buffer->ret;
382 ret_errno = g_fs_agent_buffer->errnum;
383
384 return_unlock:
385 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
386 retrun_errno:
387 fs_set_serr(ret_errno);
388 return ret;
389 }
390
ssa_fs_fread_params_check(int32_t * error,const void * out_buf,uint32_t count)391 static int32_t ssa_fs_fread_params_check(int32_t *error, const void *out_buf, uint32_t count)
392 {
393 if (error == NULL) {
394 fs_set_serr(EINVAL);
395 return -1;
396 }
397
398 if (out_buf == NULL) {
399 *error = -1;
400 fs_set_serr(EINVAL);
401 return -1;
402 }
403
404 if (count == 0) {
405 *error = 0;
406 return -1;
407 }
408
409 return 0;
410 }
411
412 /*
413 * Notice: total buffer is TRANS_BUFF_SIZE - sizeof(struct sec_storage_t),
414 * if read content is more than it, it need to read for N times.
415 */
ssa_fs_fread(void * out_buf,uint32_t count,int32_t fd,int32_t * error)416 uint32_t ssa_fs_fread(void *out_buf, uint32_t count, int32_t fd, int32_t *error)
417 {
418 uint32_t ret_errno = ESTORAGEDEAD;
419 uint32_t rev_count;
420 uint32_t agent_buff_len;
421 char *agent_buff = NULL;
422
423 if (ssa_fs_fread_params_check(error, out_buf, count) != 0)
424 return 0;
425
426 *error = -1;
427
428 /* exclude sizeof(struct sec_storage_t) */
429 uint32_t count_per_time = TRANS_BUFF_SIZE - sizeof(struct sec_storage_t);
430 uint32_t left_count = count;
431 char *dst_addr = (char *)out_buf;
432 /* obtaion tee fs's work lock */
433 if (get_fs_agent_lock() != 0)
434 goto return_errno;
435
436 do {
437 g_fs_agent_buffer->args.read.fd = fd;
438
439 rev_count = left_count > count_per_time ? count_per_time : left_count;
440
441 /* encode args */
442 g_fs_agent_buffer->args.read.count = rev_count;
443 g_fs_agent_buffer->magic = 0;
444 /* call ns agent */
445 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_READ, (uint32_t *)(&g_fs_agent_buffer->cmd));
446 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
447 tloge("teecd was killed, just return Error\n");
448 goto return_unlock;
449 }
450 /* process return value */
451 agent_buff_len = (uint32_t)g_fs_agent_buffer->ret;
452 agent_buff = (char *)g_fs_agent_buffer->args.read.buffer;
453 ret_errno = g_fs_agent_buffer->errnum;
454
455 if (agent_buff_len > rev_count) {
456 tloge("the number of items unexpectedly, expected=%u, actual=%u\n", rev_count, agent_buff_len);
457 goto return_unlock;
458 }
459
460 left_count -= agent_buff_len;
461 if (memmove_s(dst_addr, (count - ((uint8_t *)dst_addr - (uint8_t *)out_buf)), agent_buff, agent_buff_len) !=
462 EOK)
463 goto return_unlock;
464
465 dst_addr += agent_buff_len;
466
467 if ((uint32_t)agent_buff_len < rev_count) {
468 if (g_fs_agent_buffer->ret2 == -1)
469 tloge("fread failed : total count = %u, leftcount = %u ns errnum=%u\n", count, left_count, ret_errno);
470 /* When ret2 is not -1, the end of the file is read */
471 break;
472 }
473 } while (left_count != 0);
474
475 /* judge if end of file or error occurs when left count > 0 */
476 *error = g_fs_agent_buffer->ret2;
477
478 return_unlock:
479 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
480 return_errno:
481 fs_set_serr(ret_errno);
482 return count - left_count;
483 }
484
485 /*
486 * Notice: total buffer is TRANS_BUFF_SIZE - sizeof(struct sec_storage_t),
487 * if write content is more than it, it need to write for N times.
488 */
ssa_fs_fwrite(const void * content,uint32_t count,int32_t fd)489 uint32_t ssa_fs_fwrite(const void *content, uint32_t count, int32_t fd)
490 {
491 uint32_t ret_errno = EINVAL;
492 uint32_t send_count;
493 uint32_t agent_buff_len;
494 char *src_addr = NULL;
495 uint32_t count_per_time = TRANS_BUFF_SIZE - sizeof(struct sec_storage_t); /* exclude sizeof(struct sec_storage_t) */
496 uint32_t left_count = count;
497
498 if (content == NULL || count == 0)
499 goto return_errno;
500
501 src_addr = (char *)content;
502 /* obtaion tee fs's work lock */
503 if (get_fs_agent_lock() != 0) {
504 ret_errno = ESTORAGEDEAD;
505 goto return_errno;
506 }
507
508 do {
509 g_fs_agent_buffer->args.write.fd = fd;
510
511 send_count = left_count > count_per_time ? count_per_time : left_count;
512
513 /* encode args */
514 g_fs_agent_buffer->args.write.count = send_count;
515
516 if (memmove_s(g_fs_agent_buffer->args.write.buffer, count_per_time, src_addr, send_count) != EOK)
517 break;
518
519 tlogd("write count=%u\n", g_fs_agent_buffer->args.write.count);
520 g_fs_agent_buffer->magic = 0;
521 g_fs_agent_buffer->ret2 = SEC_WRITE_SSA;
522
523 /* call ns agent */
524 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_WRITE, (uint32_t *)(&g_fs_agent_buffer->cmd));
525 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
526 tloge("teecd was killed, just return Error\n");
527 ret_errno = ESTORAGEDEAD;
528 break;
529 }
530
531 agent_buff_len = (uint32_t)g_fs_agent_buffer->ret;
532 ret_errno = g_fs_agent_buffer->errnum;
533
534 /* process return value */
535 if (agent_buff_len > send_count) {
536 tloge("the number of items unexpectedly, expected=%u, actual=%u\n", send_count, agent_buff_len);
537 break;
538 }
539 left_count -= agent_buff_len;
540 src_addr += agent_buff_len;
541 if (agent_buff_len < send_count) {
542 tloge("fwrite failed : total count = %u, leftcount = %u\n", count, left_count);
543 tloge("ns errnum=%u\n", ret_errno);
544 break;
545 }
546 } while (left_count != 0);
547
548 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
549 return_errno:
550 fs_set_serr(ret_errno);
551 return count - left_count;
552 }
553
ssa_fs_fseek(int32_t fd,int32_t offset,uint32_t whence)554 int32_t ssa_fs_fseek(int32_t fd, int32_t offset, uint32_t whence)
555 {
556 int32_t ret = -1;
557 uint32_t ret_errno = ESTORAGEDEAD;
558
559 /* obtaion tee fs's work lock */
560 if (get_fs_agent_lock() != 0)
561 goto return_errno;
562
563 /* encode args */
564 g_fs_agent_buffer->args.seek.fd = fd;
565 g_fs_agent_buffer->args.seek.offset = offset;
566 g_fs_agent_buffer->args.seek.whence = whence;
567 g_fs_agent_buffer->magic = 0;
568
569 /* call ns agent */
570 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_SEEK, (uint32_t *)(&g_fs_agent_buffer->cmd));
571 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
572 tloge("teecd was killed, just return Error\n");
573 goto return_unlock;
574 }
575
576 ret = g_fs_agent_buffer->ret;
577 ret_errno = g_fs_agent_buffer->errnum;
578
579 return_unlock:
580 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
581 return_errno:
582 fs_set_serr(ret_errno);
583 return ret;
584 }
585
ssa_fs_fremove(const char * name,uint32_t storage_id)586 int32_t ssa_fs_fremove(const char *name, uint32_t storage_id)
587 {
588 uint32_t ret_errno = EINVAL;
589 int32_t ret = -1;
590 uint32_t name_len;
591
592 if (name == NULL)
593 goto return_errno;
594
595 /* obtaion tee fs's work lock */
596 if (get_fs_agent_lock() != 0) {
597 ret_errno = ESTORAGEDEAD;
598 goto return_errno;
599 }
600
601 /* encode args */
602 name_len = (uint32_t)strlen(name) + 1;
603 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
604 g_fs_agent_buffer->storageid = storage_id;
605 g_fs_agent_buffer->args.remove.name_len = name_len;
606 if (memmove_s(g_fs_agent_buffer->args.remove.name, FILE_NAME_MAX_BUF, (char *)name, name_len) != EOK)
607 goto return_unlock;
608
609 g_fs_agent_buffer->magic = 0;
610
611 /* call ns agent */
612 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_REMOVE, (uint32_t *)(&g_fs_agent_buffer->cmd));
613 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
614 tloge("teecd was killed, just return Error\n");
615 ret_errno = ESTORAGEDEAD;
616 goto return_unlock;
617 }
618
619 ret = g_fs_agent_buffer->ret;
620 ret_errno = g_fs_agent_buffer->errnum;
621
622 return_unlock:
623 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
624 return_errno:
625 fs_set_serr(ret_errno);
626 return ret;
627 }
628
ssa_fs_fsync(int32_t fd)629 int32_t ssa_fs_fsync(int32_t fd)
630 {
631 int32_t ret = -1;
632 uint32_t ret_errno = ESTORAGEDEAD;
633
634 /* obtaion tee fs's work lock */
635 if (get_fs_agent_lock() != 0)
636 goto return_errno;
637
638 /* encode args */
639 g_fs_agent_buffer->args.fsync.fd = fd;
640 tlogd("fsync file: fd = %d\n", fd);
641 g_fs_agent_buffer->magic = 0;
642
643 /* call ns agent */
644 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_FSYNC, (uint32_t *)(&g_fs_agent_buffer->cmd));
645 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
646 tloge("teecd was killed, just return Error\n");
647 goto return_unlock;
648 }
649 ret = g_fs_agent_buffer->ret;
650 ret_errno = g_fs_agent_buffer->errnum;
651
652 return_unlock:
653 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
654 return_errno:
655 fs_set_serr(ret_errno);
656 return ret;
657 }
658
ssa_fs_ftruncate(const char * name,uint32_t len,uint32_t storage_id)659 int32_t ssa_fs_ftruncate(const char *name, uint32_t len, uint32_t storage_id)
660 {
661 uint32_t name_len;
662 int32_t ret = -1;
663 uint32_t ret_errno = EINVAL;
664
665 if (name == NULL)
666 goto return_errno;
667
668 /* obtaion tee fs's work lock */
669 if (get_fs_agent_lock() != 0) {
670 ret_errno = ESTORAGEDEAD;
671 goto return_errno;
672 }
673
674 /* encode args */
675 g_fs_agent_buffer->magic = 0;
676 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
677 g_fs_agent_buffer->storageid = storage_id;
678 g_fs_agent_buffer->args.truncate.len = len;
679 name_len = (uint32_t)strlen(name) + 1;
680 g_fs_agent_buffer->args.truncate.name_len = name_len;
681 if (memmove_s(g_fs_agent_buffer->args.truncate.name, FILE_NAME_MAX_BUF, (char *)name, name_len) != EOK)
682 goto return_unlock;
683
684 /* call ns agent */
685 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_TRUNCATE, (uint32_t *)(&g_fs_agent_buffer->cmd));
686 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
687 tloge("teecd was killed, just return Error\n");
688 ret_errno = ESTORAGEDEAD;
689 goto return_unlock;
690 }
691
692 ret = g_fs_agent_buffer->ret;
693 ret_errno = g_fs_agent_buffer->errnum;
694
695 return_unlock:
696 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
697 return_errno:
698 fs_set_serr(ret_errno);
699 return ret;
700 }
701
ssa_fs_frename(const char * old_name,const char * new_name,uint32_t storage_id)702 int32_t ssa_fs_frename(const char *old_name, const char *new_name, uint32_t storage_id)
703 {
704 uint32_t old_name_len, new_name_len;
705 int32_t ret = -1;
706 uint32_t ret_errno = EINVAL;
707
708 if (old_name == NULL || new_name == NULL)
709 goto return_errno;
710
711 /* obtaion tee fs's work lock */
712 if (get_fs_agent_lock() != 0) {
713 ret_errno = ESTORAGEDEAD;
714 goto return_errno;
715 }
716
717 old_name_len = (uint32_t)strlen(old_name) + 1;
718 new_name_len = (uint32_t)strlen(new_name) + 1;
719
720 /* encode args */
721 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
722 g_fs_agent_buffer->storageid = storage_id;
723 g_fs_agent_buffer->args.rename.old_name_len = old_name_len;
724 g_fs_agent_buffer->args.rename.new_name_len = new_name_len;
725
726 if (memmove_s((char *)g_fs_agent_buffer->args.rename.buffer,
727 DOUBLE_FILE_NAME_MAX_BUF, (char *)old_name, old_name_len) != EOK)
728 goto return_unlock;
729
730 if (memmove_s((char *)(g_fs_agent_buffer->args.rename.buffer) + old_name_len,
731 (DOUBLE_FILE_NAME_MAX_BUF - old_name_len), (char *)new_name, new_name_len) != EOK)
732 goto return_unlock;
733
734 g_fs_agent_buffer->magic = 0;
735
736 /* call ns agent */
737 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_RENAME, (uint32_t *)(&g_fs_agent_buffer->cmd));
738 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
739 tloge("teecd was killed, just return Error\n");
740 ret_errno = ESTORAGEDEAD;
741 goto return_unlock;
742 }
743
744 ret = g_fs_agent_buffer->ret;
745 ret_errno = g_fs_agent_buffer->errnum;
746
747 return_unlock:
748 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
749 return_errno:
750 fs_set_serr(ret_errno);
751 return ret;
752 }
753
ssa_fs_fcopy(const char * from_path,const char * to_path,uint32_t storage_id)754 int32_t ssa_fs_fcopy(const char *from_path, const char *to_path, uint32_t storage_id)
755 {
756 uint32_t from_path_len, to_path_len;
757 int32_t ret = -1;
758 uint32_t ret_errno = EINVAL;
759
760 if (from_path == NULL || to_path == NULL)
761 goto return_errno;
762
763 /* obtaion tee fs's work lock */
764 if (get_fs_agent_lock() != 0) {
765 ret_errno = ESTORAGEDEAD;
766 goto return_errno;
767 }
768
769 from_path_len = (uint32_t)strlen(from_path) + 1;
770 to_path_len = (uint32_t)strlen(to_path) + 1;
771
772 /* encode args */
773 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
774 g_fs_agent_buffer->storageid = storage_id;
775 g_fs_agent_buffer->args.cp.from_path_len = from_path_len;
776 g_fs_agent_buffer->args.cp.to_path_len = to_path_len;
777 if (memmove_s((char *)g_fs_agent_buffer->args.cp.buffer, DOUBLE_FILE_NAME_MAX_BUF,
778 (char *)from_path, from_path_len) != EOK)
779 goto return_unlock;
780
781 if (memmove_s((char *)(g_fs_agent_buffer->args.cp.buffer) + from_path_len, DOUBLE_FILE_NAME_MAX_BUF - from_path_len,
782 (char *)to_path, to_path_len) != EOK)
783 goto return_unlock;
784
785 g_fs_agent_buffer->magic = 0;
786
787 /* call ns agent */
788 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_COPY, (uint32_t *)(&g_fs_agent_buffer->cmd));
789 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
790 tloge("teecd was killed, just return Error\n");
791 ret_errno = ESTORAGEDEAD;
792 goto return_unlock;
793 }
794
795 ret = g_fs_agent_buffer->ret;
796 ret_errno = g_fs_agent_buffer->errnum;
797
798 return_unlock:
799 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
800 return_errno:
801 fs_set_serr(ret_errno);
802 return ret;
803 }
804
ssa_fs_fcreate(const char * name,uint32_t flag,uint32_t storage_id)805 int32_t ssa_fs_fcreate(const char *name, uint32_t flag, uint32_t storage_id)
806 {
807 uint32_t name_len;
808 char mode[MAX_MODE_LEN] = { 0 };
809 uint32_t ret_errno = EINVAL;
810 int32_t fd = -1;
811
812 if (name == NULL)
813 goto return_errno;
814
815 if (encode_open_mode(flag, mode))
816 goto return_errno;
817
818 /* obtaion tee fs's work lock */
819 if (get_fs_agent_lock() != 0) {
820 ret_errno = ESTORAGEDEAD;
821 goto return_errno;
822 }
823
824 name_len = (uint32_t)strlen(name) + 1;
825
826 /* encode args */
827 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
828 g_fs_agent_buffer->storageid = storage_id;
829 if (memmove_s(g_fs_agent_buffer->args.create.mode, sizeof(g_fs_agent_buffer->args.create.mode),
830 mode, sizeof(mode)) != EOK)
831 goto return_unlock;
832
833 g_fs_agent_buffer->args.create.name_len = name_len;
834 if (memmove_s((char *)(g_fs_agent_buffer->args.create.name), FILE_NAME_MAX_BUF,
835 (char *)name, name_len) != EOK)
836 goto return_unlock;
837
838 g_fs_agent_buffer->magic = 0;
839
840 /* call ns agent */
841 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_CREATE, (uint32_t *)(&g_fs_agent_buffer->cmd));
842 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
843 tloge("teecd was killed, just return Error\n");
844 ret_errno = ESTORAGEDEAD;
845 goto return_unlock;
846 }
847 /* -1:opt failed, >0:file handler */
848 fd = g_fs_agent_buffer->ret;
849 ret_errno = g_fs_agent_buffer->errnum;
850
851 return_unlock:
852 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
853 return_errno:
854 fs_set_serr(ret_errno);
855 return fd;
856 }
857
ssa_fs_finfo(int32_t fd,uint32_t * pos,uint32_t * len)858 int32_t ssa_fs_finfo(int32_t fd, uint32_t *pos, uint32_t *len)
859 {
860 int32_t ret = -1;
861 uint32_t ret_errno = ESTORAGEDEAD;
862
863 /* obtaion tee fs's work lock */
864 if (get_fs_agent_lock() != 0)
865 goto return_errno;
866
867 /* encode args */
868 g_fs_agent_buffer->args.info.fd = fd;
869 g_fs_agent_buffer->magic = 0;
870
871 /* call ns agent */
872 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_INFO, (uint32_t *)(&g_fs_agent_buffer->cmd));
873 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
874 tloge("teecd was killed, just return Error\n");
875 goto return_unlock;
876 }
877
878 /* process return value */
879 if (pos != NULL)
880 *pos = g_fs_agent_buffer->args.info.cur_pos;
881 if (len != NULL)
882 *len = g_fs_agent_buffer->args.info.file_len;
883 ret = g_fs_agent_buffer->ret;
884 ret_errno = g_fs_agent_buffer->errnum;
885
886 return_unlock:
887 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
888 return_errno:
889 fs_set_serr(ret_errno);
890 return ret;
891 }
892
_ssa_fs_faccess(const char * path,int mode,char all_path,uint32_t storage_id)893 static int32_t _ssa_fs_faccess(const char *path, int mode, char all_path, uint32_t storage_id)
894 {
895 uint32_t name_len;
896 int32_t ret = -1;
897 uint32_t ret_errno = EINVAL;
898 uint32_t sec_cmd;
899
900 if (path == NULL)
901 goto return_errno;
902
903 /* obtaion tee fs's work lock */
904 if (get_fs_agent_lock() != 0) {
905 ret_errno = ESTORAGEDEAD;
906 goto return_errno;
907 }
908
909 name_len = (uint32_t)strlen(path) + 1;
910
911 /* encode args */
912 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
913 g_fs_agent_buffer->storageid = storage_id;
914 g_fs_agent_buffer->args.access.mode = mode;
915 g_fs_agent_buffer->args.access.name_len = name_len;
916 if (memmove_s(g_fs_agent_buffer->args.access.name, FILE_NAME_MAX_BUF, (char *)path, name_len) != EOK)
917 goto return_unlock;
918
919 g_fs_agent_buffer->magic = 0;
920 /* call ns agent */
921 if (all_path == 0) {
922 sec_cmd = SEC_ACCESS;
923 } else {
924 sec_cmd = SEC_ACCESS2;
925 }
926 ssa_send_agent_cmd(TEE_FS_AGENT_ID, sec_cmd, (uint32_t *)(&g_fs_agent_buffer->cmd));
927 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
928 tloge("teecd was killed, just return Error\n");
929 ret_errno = ESTORAGEDEAD;
930 goto return_unlock;
931 }
932
933 ret = g_fs_agent_buffer->ret;
934 ret_errno = g_fs_agent_buffer->errnum;
935
936 return_unlock:
937 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
938 return_errno:
939 fs_set_serr(ret_errno);
940 return ret;
941 }
942
943 /*
944 * difference between faccess and faccess2: faccess2 can detect all path file,
945 * but faccess can just detect secure storage dir.
946 */
ssa_fs_faccess(const char * name,int mode,uint32_t storage_id)947 int32_t ssa_fs_faccess(const char *name, int mode, uint32_t storage_id)
948 {
949 return _ssa_fs_faccess(name, mode, 0, storage_id);
950 }
951
ssa_fs_faccess2(const char * name,int mode)952 int32_t ssa_fs_faccess2(const char *name, int mode)
953 {
954 return _ssa_fs_faccess(name, mode, 1, TEE_OBJECT_STORAGE_PRIVATE);
955 }
956
ssa_fs_disk_usage(uint32_t * secure_remain,uint32_t * data_secure_remain)957 int32_t ssa_fs_disk_usage(uint32_t *secure_remain, uint32_t *data_secure_remain)
958 {
959 int32_t ret = -1;
960 uint32_t ret_errno = ESTORAGEDEAD;
961
962 /* obtaion tee fs's work lock */
963 if (get_fs_agent_lock() != 0)
964 goto return_errno;
965
966 /* encode args */
967 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
968 g_fs_agent_buffer->magic = 0;
969 g_fs_agent_buffer->storageid = TEE_OBJECT_STORAGE_PRIVATE;
970
971 /* call ns agent */
972 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_DISKUSAGE, (uint32_t *)(&g_fs_agent_buffer->cmd));
973 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
974 tloge("teecd was killed, just return Error\n");
975 goto return_unlock;
976 }
977
978 ret = g_fs_agent_buffer->ret;
979 ret_errno = g_fs_agent_buffer->errnum;
980
981 /* process return value */
982 if (secure_remain != NULL)
983 *secure_remain = g_fs_agent_buffer->args.diskusage.sec_storage;
984 if (data_secure_remain != NULL)
985 *data_secure_remain = g_fs_agent_buffer->args.diskusage.data;
986
987 return_unlock:
988 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
989 return_errno:
990 fs_set_serr(ret_errno);
991 return ret;
992 }
993
ssa_fs_delete_all(const char * path,uint32_t path_len)994 int32_t ssa_fs_delete_all(const char *path, uint32_t path_len)
995 {
996 int32_t ret = -1;
997 uint32_t err_no = EINVAL;
998
999 if (path == NULL)
1000 goto return_errno;
1001
1002 /* obtaion tee fs's work lock */
1003 if (get_fs_agent_lock() != 0) {
1004 err_no = ESTORAGEDEAD;
1005 goto return_errno;
1006 }
1007
1008 /* encode args */
1009 g_fs_agent_buffer->userid = TEE_EXT_GET_REE_USERID;
1010 g_fs_agent_buffer->storageid = TEE_OBJECT_STORAGE_PRIVATE;
1011 g_fs_agent_buffer->args.deleteall.path_len = path_len;
1012 if (memmove_s(g_fs_agent_buffer->args.deleteall.path, FILE_NAME_MAX_BUF, path, path_len) != EOK)
1013 goto return_unlock;
1014
1015 g_fs_agent_buffer->magic = 0;
1016
1017 /* call ns agent */
1018 ssa_send_agent_cmd(TEE_FS_AGENT_ID, SEC_DELETE_ALL, (uint32_t *)(&g_fs_agent_buffer->cmd));
1019 if (g_fs_agent_buffer->magic != TEE_FS_AGENT_ID) {
1020 tloge("teecd was killed, just return Error\n");
1021 err_no = ESTORAGEDEAD;
1022 goto return_unlock;
1023 }
1024
1025 ret = g_fs_agent_buffer->ret;
1026 err_no = g_fs_agent_buffer->errnum;
1027
1028 return_unlock:
1029 ssa_agent_work_unlock(TEE_FS_AGENT_ID);
1030 return_errno:
1031 fs_set_serr(err_no);
1032 return ret;
1033 }
1034