Add custom keymaster implementation

This commit is contained in:
ivanmeler 2023-05-01 08:15:05 +00:00
parent aa4b12191d
commit 269f46d93f
9 changed files with 226 additions and 4 deletions

48
keymaster/Android.mk Normal file
View file

@ -0,0 +1,48 @@
LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)
LOCAL_MODULE := android.hardware.keymaster@3.0-impl.msm8996
LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
LOCAL_LICENSE_CONDITIONS := notice
LOCAL_NOTICE_FILE := $(LOCAL_PATH)/../../../../hardware/interfaces/NOTICE
LOCAL_PROPRIETARY_MODULE := true
LOCAL_MODULE_RELATIVE_PATH := hw
LOCAL_SRC_FILES := \
KeymasterDevice.cpp \
LOCAL_SHARED_LIBRARIES := \
liblog \
libsoftkeymasterdevice \
libcrypto \
libkeymaster_portable \
libpuresoftkeymasterdevice \
libkeymaster3device \
libhidlbase \
libutils \
libhardware \
android.hardware.keymaster@3.0
include $(BUILD_SHARED_LIBRARY)
include $(CLEAR_VARS)
LOCAL_MODULE_RELATIVE_PATH := hw
LOCAL_PROPRIETARY_MODULE := true
LOCAL_MODULE := android.hardware.keymaster@3.0-service.msm8996
LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
LOCAL_LICENSE_CONDITIONS := notice
LOCAL_NOTICE_FILE := $(LOCAL_PATH)/../../../../hardware/interfaces/NOTICE
LOCAL_INIT_RC := android.hardware.keymaster@3.0-service.msm8996.rc
LOCAL_SRC_FILES := \
service.cpp
LOCAL_SHARED_LIBRARIES := \
liblog \
libcutils \
libdl \
libbase \
libutils \
libhardware \
libhidlbase \
android.hardware.keymaster@3.0
include $(BUILD_EXECUTABLE)

View file

@ -0,0 +1,98 @@
/*
**
** Copyright 2016, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
#define LOG_TAG "android.hardware.keymaster@3.0-impl.msm8996"
#include "KeymasterDevice.h"
#include <log/log.h>
#include <AndroidKeymaster3Device.h>
#include <hardware/keymaster1.h>
#include <hardware/keymaster2.h>
#include <hardware/keymaster_defs.h>
namespace android {
namespace hardware {
namespace keymaster {
namespace V3_0 {
namespace implementation {
static int get_keymaster1_dev(keymaster1_device_t** dev, const hw_module_t* mod) {
int rc = keymaster1_open(mod, dev);
if (rc) {
ALOGE("Error %d opening keystore keymaster1 device", rc);
if (*dev) {
(*dev)->common.close(&(*dev)->common);
*dev = nullptr;
}
}
return rc;
}
static int get_keymaster2_dev(keymaster2_device_t** dev, const hw_module_t* mod) {
int rc = keymaster2_open(mod, dev);
if (rc) {
ALOGE("Error %d opening keystore keymaster2 device", rc);
*dev = nullptr;
}
return rc;
}
static IKeymasterDevice* createKeymaster3Device() {
const hw_module_t* mod = nullptr;
int rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod);
if (rc) {
ALOGI("Could not find any keystore module, using software-only implementation.");
// SoftKeymasterDevice will be deleted by keymaster_device_release()
return ::keymaster::ng::CreateKeymasterDevice();
}
if (mod->module_api_version < KEYMASTER_MODULE_API_VERSION_1_0) {
return nullptr;
} else if (mod->module_api_version == KEYMASTER_MODULE_API_VERSION_1_0) {
keymaster1_device_t* dev = nullptr;
if (get_keymaster1_dev(&dev, mod)) {
return nullptr;
}
return ::keymaster::ng::CreateKeymasterDevice(dev);
} else {
keymaster2_device_t* dev = nullptr;
if (get_keymaster2_dev(&dev, mod)) {
return nullptr;
}
return ::keymaster::ng::CreateKeymasterDevice(dev);
}
}
IKeymasterDevice* HIDL_FETCH_IKeymasterDevice(const char* name) {
ALOGI("Fetching keymaster device name %s", name);
if (name && strcmp(name, "softwareonly") == 0) {
return ::keymaster::ng::CreateKeymasterDevice();
} else if (name && strcmp(name, "default") == 0) {
return createKeymaster3Device();
}
return nullptr;
}
} // namespace implementation
} // namespace V3_0
} // namespace keymaster
} // namespace hardware
} // namespace android

View file

@ -0,0 +1,37 @@
/*
**
** Copyright 2016, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
#ifndef HIDL_GENERATED_android_hardware_keymaster_V3_0_KeymasterDevice_H_
#define HIDL_GENERATED_android_hardware_keymaster_V3_0_KeymasterDevice_H_
#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
namespace android {
namespace hardware {
namespace keymaster {
namespace V3_0 {
namespace implementation {
extern "C" IKeymasterDevice* HIDL_FETCH_IKeymasterDevice(const char* name);
} // namespace implementation
} // namespace V3_0
} // namespace keymaster
} // namespace hardware
} // namespace android
#endif // HIDL_GENERATED_android_hardware_keymaster_V3_0_KeymasterDevice_H_

View file

@ -0,0 +1,5 @@
service vendor.keymaster-3-0 /vendor/bin/hw/android.hardware.keymaster@3.0-service.msm8996
interface android.hardware.keymaster@3.0::IKeymasterDevice default
class early_hal
user system
group system drmrpc

33
keymaster/service.cpp Normal file
View file

@ -0,0 +1,33 @@
/*
**
** Copyright 2016, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
#define LOG_TAG "android.hardware.keymaster@3.0-service.msm8996"
#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
#include <hidl/HidlTransportSupport.h>
#include <hidl/LegacySupport.h>
using android::hardware::configureRpcThreadpool;
using android::hardware::joinRpcThreadpool;
using android::hardware::keymaster::V3_0::IKeymasterDevice;
using android::hardware::defaultPassthroughServiceImplementation;
int main() {
return defaultPassthroughServiceImplementation<IKeymasterDevice>();
}

View file

@ -250,8 +250,8 @@ PRODUCT_COPY_FILES += \
# Keymaster # Keymaster
PRODUCT_PACKAGES += \ PRODUCT_PACKAGES += \
android.hardware.keymaster@3.0-impl:64 \ android.hardware.keymaster@3.0-impl.msm8996:64 \
android.hardware.keymaster@3.0-service android.hardware.keymaster@3.0-service.msm8996
# Lights # Lights
PRODUCT_PACKAGES += \ PRODUCT_PACKAGES += \

View file

@ -986,7 +986,9 @@ lib64/vendor.qti.hardware.iop@2.0.so|6acc2005f51164b6897d5a39556368e34b7793fd
vendor/bin/msm_irqbalance|e70694e0412052cd591389b8c1bf4573e5777257 vendor/bin/msm_irqbalance|e70694e0412052cd591389b8c1bf4573e5777257
# Keystore (from T825UBU3CUF1) # Keystore (from T825UBU3CUF1)
lib64/libskeymaster.so:vendor/lib64/libskeymaster.so|8b42585476b2b4b1d33be92c9af8afc1c6899840
vendor/lib64/hw/keystore.mdfpp.so|8b4f36230f788f624ca339af479e10b1ab47b2b1 vendor/lib64/hw/keystore.mdfpp.so|8b4f36230f788f624ca339af479e10b1ab47b2b1
vendor/lib64/libkeymaster_helper.so|b933e9350be2ac11ebf2bb05939ee6ca1a05881d
vendor/lib64/libkeymaster_mdfpp.so|6e0559087716c23c4963e302ff595d38ffdd53d3 vendor/lib64/libkeymaster_mdfpp.so|6e0559087716c23c4963e302ff595d38ffdd53d3
# Media - from daisy - QKQ1.191002.002 # Media - from daisy - QKQ1.191002.002

View file

@ -11,7 +11,6 @@
/dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait /dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait
/dev/block/bootdevice/by-name/apnhlos /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait /dev/block/bootdevice/by-name/apnhlos /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait
/dev/block/bootdevice/by-name/modem /vendor/firmware-modem vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait /dev/block/bootdevice/by-name/modem /vendor/firmware-modem vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait
/dev/block/bootdevice/by-name/bluetooth /vendor/bt_firmware vfat ro,shortname=lower,uid=1002,gid=3002,dmask=227,fmask=337,context=u:object_r:bt_firmware_file:s0 wait
/dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic wait /dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic wait
/dev/block/bootdevice/by-name/misc /misc emmc defaults defaults /dev/block/bootdevice/by-name/misc /misc emmc defaults defaults

View file

@ -173,7 +173,7 @@
# HALs # HALs
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.samsung u:object_r:hal_fingerprint_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.samsung u:object_r:hal_fingerprint_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.health@2\.0-service\.samsung u:object_r:hal_health_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.health@2\.0-service\.samsung u:object_r:hal_health_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@4\.0-service\.samsung u:object_r:hal_keymaster_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@3\.0-service\.msm8996 u:object_r:hal_keymaster_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.samsung u:object_r:hal_light_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.samsung u:object_r:hal_light_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.usb@1\.2-service-qti u:object_r:hal_usb_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.usb@1\.2-service-qti u:object_r:hal_usb_default_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.lineage\.fastcharge@1\.0-service\.samsung u:object_r:hal_lineage_fastcharge_default_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.lineage\.fastcharge@1\.0-service\.samsung u:object_r:hal_lineage_fastcharge_default_exec:s0