1 /*
2 * Copyright 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "common/libs/security/gatekeeper_channel.h"
18
19 #include <cstdlib>
20
21 #include <android-base/logging.h>
22 #include "keymaster/android_keymaster_utils.h"
23
24 #include "common/libs/fs/shared_buf.h"
25
26 namespace cuttlefish {
27
CreateGatekeeperMessage(uint32_t command,bool is_response,size_t payload_size)28 ManagedGatekeeperMessage CreateGatekeeperMessage(
29 uint32_t command, bool is_response, size_t payload_size) {
30 auto memory = std::malloc(payload_size + sizeof(GatekeeperRawMessage));
31 auto message = reinterpret_cast<GatekeeperRawMessage*>(memory);
32 message->cmd = command;
33 message->is_response = is_response;
34 message->payload_size = payload_size;
35 return ManagedGatekeeperMessage(message);
36 }
37
operator ()(GatekeeperRawMessage * ptr)38 void GatekeeperCommandDestroyer::operator()(GatekeeperRawMessage* ptr) {
39 {
40 keymaster::Eraser(ptr, sizeof(GatekeeperRawMessage) + ptr->payload_size);
41 }
42 std::free(ptr);
43 }
44
GatekeeperChannel(SharedFD input,SharedFD output)45 GatekeeperChannel::GatekeeperChannel(SharedFD input, SharedFD output)
46 : input_(input), output_(output) {
47 }
48
SendRequest(uint32_t command,const gatekeeper::GateKeeperMessage & message)49 bool GatekeeperChannel::SendRequest(
50 uint32_t command, const gatekeeper::GateKeeperMessage& message) {
51 return SendMessage(command, false, message);
52 }
53
SendResponse(uint32_t command,const gatekeeper::GateKeeperMessage & message)54 bool GatekeeperChannel::SendResponse(
55 uint32_t command, const gatekeeper::GateKeeperMessage& message) {
56 return SendMessage(command, true, message);
57 }
58
SendMessage(uint32_t command,bool is_response,const gatekeeper::GateKeeperMessage & message)59 bool GatekeeperChannel::SendMessage(
60 uint32_t command,
61 bool is_response,
62 const gatekeeper::GateKeeperMessage& message) {
63 LOG(DEBUG) << "Sending message with id: " << command;
64 auto payload_size = message.GetSerializedSize();
65 auto to_send = CreateGatekeeperMessage(command, is_response, payload_size);
66 message.Serialize(to_send->payload, to_send->payload + payload_size);
67 auto write_size = payload_size + sizeof(GatekeeperRawMessage);
68 auto to_send_bytes = reinterpret_cast<const char*>(to_send.get());
69 auto written = WriteAll(output_, to_send_bytes, write_size);
70 if (written == -1) {
71 LOG(ERROR) << "Could not write Gatekeeper Message: " << output_->StrError();
72 }
73 return written == write_size;
74 }
75
ReceiveMessage()76 ManagedGatekeeperMessage GatekeeperChannel::ReceiveMessage() {
77 struct GatekeeperRawMessage message_header;
78 auto read = ReadExactBinary(input_, &message_header);
79 if (read != sizeof(GatekeeperRawMessage)) {
80 LOG(ERROR) << "Expected " << sizeof(GatekeeperRawMessage) << ", received "
81 << read;
82 LOG(ERROR) << "Could not read Gatekeeper Message: " << input_->StrError();
83 return {};
84 }
85 LOG(DEBUG) << "Received message with id: " << message_header.cmd;
86 auto message = CreateGatekeeperMessage(message_header.cmd,
87 message_header.is_response,
88 message_header.payload_size);
89 auto message_bytes = reinterpret_cast<char*>(message->payload);
90 read = ReadExact(input_, message_bytes, message->payload_size);
91 if (read != message->payload_size) {
92 LOG(ERROR) << "Could not read Gatekeeper Message: " << input_->StrError();
93 return {};
94 }
95 return message;
96 }
97
98 } // namespace cuttlefish
99