diff --git a/trusty/Android.bp b/trusty/Android.bp index 386fbe623..2fb2e194b 100644 --- a/trusty/Android.bp +++ b/trusty/Android.bp @@ -2,6 +2,5 @@ subdirs = [ "gatekeeper", "keymaster", "libtrusty", - "nvram", "storage/*", ] diff --git a/trusty/nvram/Android.bp b/trusty/nvram/Android.bp deleted file mode 100644 index 15e6c3e5e..000000000 --- a/trusty/nvram/Android.bp +++ /dev/null @@ -1,61 +0,0 @@ -// -// Copyright (C) 2016 The Android Open-Source Project -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// - -// nvram.trusty is the Trusty NVRAM HAL module. -cc_library_shared { - name: "nvram.trusty", - relative_install_path: "hw", - srcs: [ - "module.c", - "trusty_nvram_device.cpp", - "trusty_nvram_implementation.cpp", - ], - - cflags: [ - "-Wall", - "-Werror", - "-Wextra", - "-fvisibility=hidden", - ], - static_libs: ["libnvram-hal"], - shared_libs: [ - "libtrusty", - "libnvram-messages", - "liblog", - ], -} - -// nvram-wipe is a helper tool for clearing NVRAM state. -cc_binary { - name: "nvram-wipe", - srcs: [ - "nvram_wipe.cpp", - "trusty_nvram_implementation.cpp", - ], - - cflags: [ - "-Wall", - "-Werror", - "-Wextra", - "-fvisibility=hidden", - ], - static_libs: ["libnvram-hal"], - shared_libs: [ - "libtrusty", - "libnvram-messages", - "liblog", - ], -} diff --git a/trusty/nvram/module.c b/trusty/nvram/module.c deleted file mode 100644 index a2e64d372..000000000 --- a/trusty/nvram/module.c +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -// This function is defined in trusty_nvram_device.cpp. -int trusty_nvram_open(const hw_module_t* module, - const char* device_id, - hw_device_t** device_ptr); - -static struct hw_module_methods_t nvram_module_methods = { - .open = trusty_nvram_open, -}; - -struct nvram_module HAL_MODULE_INFO_SYM - __attribute__((visibility("default"))) = { - .common = {.tag = HARDWARE_MODULE_TAG, - .module_api_version = NVRAM_MODULE_API_VERSION_0_1, - .hal_api_version = HARDWARE_HAL_API_VERSION, - .id = NVRAM_HARDWARE_MODULE_ID, - .name = "Trusty NVRAM HAL", - .author = "The Android Open Source Project", - .methods = &nvram_module_methods, - .dso = 0, - .reserved = {}}, -}; diff --git a/trusty/nvram/nvram_wipe.cpp b/trusty/nvram/nvram_wipe.cpp deleted file mode 100644 index d0f4faded..000000000 --- a/trusty/nvram/nvram_wipe.cpp +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include - -#include - -#include "trusty_nvram_implementation.h" - -void usage(const char* program_name) { - fprintf(stderr, "Usage: %s [status|disable|wipe]\n", program_name); - exit(-1); -} - -int main(int argc, char* argv[]) { - if (argc < 2) { - usage(argv[0]); - } - - nvram::TrustyNvramImplementation nvram_proxy; - nvram::Request request; - nvram::Response response; - - if (!strcmp(argv[1], "status")) { - request.payload.Activate(); - nvram_proxy.Execute(request, &response); - const nvram::GetInfoResponse* get_info_response = - response.payload.get(); - if (response.result == NV_RESULT_SUCCESS) { - int status = get_info_response && get_info_response->wipe_disabled; - printf("Wiping disabled: %d\n", status); - return status; - } - } else if (!strcmp(argv[1], "disable")) { - request.payload.Activate(); - nvram_proxy.Execute(request, &response); - } else if (!strcmp(argv[1], "wipe")) { - request.payload.Activate(); - nvram_proxy.Execute(request, &response); - } else { - usage(argv[0]); - } - - if (response.result != NV_RESULT_SUCCESS) { - fprintf(stderr, "Command execution failure: %u\n", response.result); - return -1; - } - - return 0; -} - diff --git a/trusty/nvram/trusty_nvram_device.cpp b/trusty/nvram/trusty_nvram_device.cpp deleted file mode 100644 index 2c50915d4..000000000 --- a/trusty/nvram/trusty_nvram_device.cpp +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "trusty_nvram_implementation.h" - -extern "C" int trusty_nvram_open(const hw_module_t* module, - const char* device_id, - hw_device_t** device_ptr) { - if (strcmp(NVRAM_HARDWARE_DEVICE_ID, device_id) != 0) { - return -EINVAL; - } - - nvram::NvramDeviceAdapter* adapter = new nvram::NvramDeviceAdapter( - module, new nvram::TrustyNvramImplementation); - *device_ptr = adapter->as_device(); - return 0; -} diff --git a/trusty/nvram/trusty_nvram_implementation.cpp b/trusty/nvram/trusty_nvram_implementation.cpp deleted file mode 100644 index 9215c8502..000000000 --- a/trusty/nvram/trusty_nvram_implementation.cpp +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#define LOG_TAG "TrustyNVRAM" - -#include "trusty_nvram_implementation.h" - -#include -#include -#include - -#include -#include -#include - -#include - -namespace nvram { -namespace { - -// Character device to open for Trusty IPC connections. -const char kTrustyDeviceName[] = "/dev/trusty-ipc-dev0"; - -// App identifier of the NVRAM app. -const char kTrustyNvramAppId[] = "com.android.trusty.nvram"; - -} // namespace - -TrustyNvramImplementation::~TrustyNvramImplementation() { - if (tipc_nvram_fd_ != -1) { - tipc_close(tipc_nvram_fd_); - tipc_nvram_fd_ = -1; - } -} - -void TrustyNvramImplementation::Execute(const nvram::Request& request, - nvram::Response* response) { - if (!SendRequest(request, response)) { - response->result = NV_RESULT_INTERNAL_ERROR; - } -} - -bool TrustyNvramImplementation::Connect() { - if (tipc_nvram_fd_ != -1) { - return true; - } - - int rc = tipc_connect(kTrustyDeviceName, kTrustyNvramAppId); - if (rc < 0) { - ALOGE("Failed to connect to Trusty NVRAM app: %s\n", strerror(-rc)); - return false; - } - - tipc_nvram_fd_ = rc; - return true; -} - -bool TrustyNvramImplementation::SendRequest(const nvram::Request& request, - nvram::Response* response) { - if (!Connect()) { - return false; - } - - nvram::Blob request_buffer; - if (!nvram::Encode(request, &request_buffer)) { - ALOGE("Failed to encode NVRAM request.\n"); - return false; - } - - ssize_t rc = - write(tipc_nvram_fd_, request_buffer.data(), request_buffer.size()); - if (rc < 0) { - ALOGE("Failed to send NVRAM request: %s\n", strerror(-rc)); - return false; - } - if (static_cast(rc) != request_buffer.size()) { - ALOGE("Failed to send full request buffer: %zd\n", rc); - return false; - } - - rc = read(tipc_nvram_fd_, response_buffer_, sizeof(response_buffer_)); - if (rc < 0) { - ALOGE("Failed to read NVRAM response: %s\n", strerror(-rc)); - return false; - } - - if (static_cast(rc) >= sizeof(response_buffer_)) { - ALOGE("NVRAM response exceeds response buffer size.\n"); - return false; - } - - if (!nvram::Decode(response_buffer_, static_cast(rc), response)) { - ALOGE("Failed to decode NVRAM response.\n"); - return false; - } - - return true; -} - -} // namespace nvram diff --git a/trusty/nvram/trusty_nvram_implementation.h b/trusty/nvram/trusty_nvram_implementation.h deleted file mode 100644 index 60758f7fb..000000000 --- a/trusty/nvram/trusty_nvram_implementation.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (C) 2016 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_ -#define TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_ - -#include - -#include -#include - -namespace nvram { - -// |TrustyNvramImplementation| proxies requests to the Trusty NVRAM app. It -// serializes the request objects, sends it to the Trusty app and finally reads -// back the result and decodes it. -class TrustyNvramImplementation : public nvram::NvramImplementation { - public: - ~TrustyNvramImplementation() override; - - void Execute(const nvram::Request& request, - nvram::Response* response) override; - - private: - // Connects the IPC channel to the Trusty app if it is not already open. - // Returns true if the channel is open, false on errors. - bool Connect(); - - // Dispatches a command to the trust app. Returns true if successful (note - // that the response may still indicate an error on the Trusty side), false if - // there are any I/O or encoding/decoding errors. - bool SendRequest(const nvram::Request& request, - nvram::Response* response); - - // The file descriptor for the IPC connection to the Trusty app. - int tipc_nvram_fd_ = -1; - - // Response buffer. This puts a hard size limit on the responses from the - // Trusty app. 4096 matches the maximum IPC message size currently supported - // by Trusty. - uint8_t response_buffer_[4096]; -}; - -} // namespace nvram - -#endif // TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_