From ab8fe428db9503a623e946a55cbf7b3605dc5658 Mon Sep 17 00:00:00 2001 From: Mattias Nissler Date: Mon, 13 Jun 2016 16:10:17 +0200 Subject: [PATCH] trusty: Add nvram-wipe utility. This adds a small utility which is useful to trigger access-controlled NVRAM wipes from recovery and to disable wiping functionality after boot. BUG: 29260086 Change-Id: I131d400ab2643ce91d7838a2bb770afd48f83b5f --- trusty/nvram/Android.mk | 13 ++++ trusty/nvram/module.c | 2 +- trusty/nvram/nvram_wipe.cpp | 66 ++++++++++++++++++++ trusty/nvram/trusty_nvram_device.cpp | 32 ++++++++++ trusty/nvram/trusty_nvram_implementation.cpp | 50 ++------------- trusty/nvram/trusty_nvram_implementation.h | 59 +++++++++++++++++ 6 files changed, 176 insertions(+), 46 deletions(-) create mode 100644 trusty/nvram/nvram_wipe.cpp create mode 100644 trusty/nvram/trusty_nvram_device.cpp create mode 100644 trusty/nvram/trusty_nvram_implementation.h diff --git a/trusty/nvram/Android.mk b/trusty/nvram/Android.mk index 18c54d56a..44e2212b1 100644 --- a/trusty/nvram/Android.mk +++ b/trusty/nvram/Android.mk @@ -22,9 +22,22 @@ LOCAL_MODULE := nvram.trusty LOCAL_MODULE_RELATIVE_PATH := hw LOCAL_SRC_FILES := \ module.c \ + trusty_nvram_device.cpp \ trusty_nvram_implementation.cpp LOCAL_MODULE_TAGS := optional LOCAL_CFLAGS := -Wall -Werror -Wextra -fvisibility=hidden LOCAL_STATIC_LIBRARIES := libnvram-hal LOCAL_SHARED_LIBRARIES := libtrusty libnvram-messages liblog include $(BUILD_SHARED_LIBRARY) + +# nvram-wipe is a helper tool for clearing NVRAM state. +include $(CLEAR_VARS) +LOCAL_MODULE := nvram-wipe +LOCAL_SRC_FILES := \ + nvram_wipe.cpp \ + trusty_nvram_implementation.cpp +LOCAL_MODULE_TAGS := optional +LOCAL_CFLAGS := -Wall -Werror -Wextra -fvisibility=hidden +LOCAL_STATIC_LIBRARIES := libnvram-hal +LOCAL_SHARED_LIBRARIES := libtrusty libnvram-messages liblog +include $(BUILD_EXECUTABLE) diff --git a/trusty/nvram/module.c b/trusty/nvram/module.c index 06819c0d0..a2e64d372 100644 --- a/trusty/nvram/module.c +++ b/trusty/nvram/module.c @@ -16,7 +16,7 @@ #include -// This function is defined in trusty_nvram_implementation.cpp. +// This function is defined in trusty_nvram_device.cpp. int trusty_nvram_open(const hw_module_t* module, const char* device_id, hw_device_t** device_ptr); diff --git a/trusty/nvram/nvram_wipe.cpp b/trusty/nvram/nvram_wipe.cpp new file mode 100644 index 000000000..d0f4faded --- /dev/null +++ b/trusty/nvram/nvram_wipe.cpp @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include + +#include + +#include "trusty_nvram_implementation.h" + +void usage(const char* program_name) { + fprintf(stderr, "Usage: %s [status|disable|wipe]\n", program_name); + exit(-1); +} + +int main(int argc, char* argv[]) { + if (argc < 2) { + usage(argv[0]); + } + + nvram::TrustyNvramImplementation nvram_proxy; + nvram::Request request; + nvram::Response response; + + if (!strcmp(argv[1], "status")) { + request.payload.Activate(); + nvram_proxy.Execute(request, &response); + const nvram::GetInfoResponse* get_info_response = + response.payload.get(); + if (response.result == NV_RESULT_SUCCESS) { + int status = get_info_response && get_info_response->wipe_disabled; + printf("Wiping disabled: %d\n", status); + return status; + } + } else if (!strcmp(argv[1], "disable")) { + request.payload.Activate(); + nvram_proxy.Execute(request, &response); + } else if (!strcmp(argv[1], "wipe")) { + request.payload.Activate(); + nvram_proxy.Execute(request, &response); + } else { + usage(argv[0]); + } + + if (response.result != NV_RESULT_SUCCESS) { + fprintf(stderr, "Command execution failure: %u\n", response.result); + return -1; + } + + return 0; +} + diff --git a/trusty/nvram/trusty_nvram_device.cpp b/trusty/nvram/trusty_nvram_device.cpp new file mode 100644 index 000000000..2c50915d4 --- /dev/null +++ b/trusty/nvram/trusty_nvram_device.cpp @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "trusty_nvram_implementation.h" + +extern "C" int trusty_nvram_open(const hw_module_t* module, + const char* device_id, + hw_device_t** device_ptr) { + if (strcmp(NVRAM_HARDWARE_DEVICE_ID, device_id) != 0) { + return -EINVAL; + } + + nvram::NvramDeviceAdapter* adapter = new nvram::NvramDeviceAdapter( + module, new nvram::TrustyNvramImplementation); + *device_ptr = adapter->as_device(); + return 0; +} diff --git a/trusty/nvram/trusty_nvram_implementation.cpp b/trusty/nvram/trusty_nvram_implementation.cpp index 39496b417..041c1bd3a 100644 --- a/trusty/nvram/trusty_nvram_implementation.cpp +++ b/trusty/nvram/trusty_nvram_implementation.cpp @@ -14,6 +14,8 @@ * limitations under the License. */ +#include "trusty_nvram_implementation.h" + #include #include @@ -23,10 +25,9 @@ #define LOG_TAG "TrustyNVRAM" #include -#include #include -#include +namespace nvram { namespace { // Character device to open for Trusty IPC connections. @@ -35,35 +36,7 @@ const char kTrustyDeviceName[] = "/dev/trusty-ipc-dev0"; // App identifier of the NVRAM app. const char kTrustyNvramAppId[] = "com.android.trusty.nvram"; -// |TrustyNvramImplementation| proxies requests to the Trusty NVRAM app. It -// serializes the request objects, sends it to the Trusty app and finally reads -// back the result and decodes it. -class TrustyNvramImplementation : public nvram::NvramImplementation { - public: - ~TrustyNvramImplementation() override; - - void Execute(const nvram::Request& request, - nvram::Response* response) override; - - private: - // Connects the IPC channel to the Trusty app if it is not already open. - // Returns true if the channel is open, false on errors. - bool Connect(); - - // Dispatches a command to the trust app. Returns true if successful (note - // that the response may still indicate an error on the Trusty side), false if - // there are any I/O or encoding/decoding errors. - bool SendRequest(const nvram::Request& request, - nvram::Response* response); - - // The file descriptor for the IPC connection to the Trusty app. - int tipc_nvram_fd_ = -1; - - // Response buffer. This puts a hard size limit on the responses from the - // Trusty app. 4096 matches the maximum IPC message size currently supported - // by Trusty. - uint8_t response_buffer_[4096]; -}; +} // namespace TrustyNvramImplementation::~TrustyNvramImplementation() { if (tipc_nvram_fd_ != -1) { @@ -136,17 +109,4 @@ bool TrustyNvramImplementation::SendRequest(const nvram::Request& request, return true; } -} // namespace - -extern "C" int trusty_nvram_open(const hw_module_t* module, - const char* device_id, - hw_device_t** device_ptr) { - if (strcmp(NVRAM_HARDWARE_DEVICE_ID, device_id) != 0) { - return -EINVAL; - } - - nvram::NvramDeviceAdapter* adapter = - new nvram::NvramDeviceAdapter(module, new TrustyNvramImplementation); - *device_ptr = adapter->as_device(); - return 0; -} +} // namespace nvram diff --git a/trusty/nvram/trusty_nvram_implementation.h b/trusty/nvram/trusty_nvram_implementation.h new file mode 100644 index 000000000..60758f7fb --- /dev/null +++ b/trusty/nvram/trusty_nvram_implementation.h @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_ +#define TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_ + +#include + +#include +#include + +namespace nvram { + +// |TrustyNvramImplementation| proxies requests to the Trusty NVRAM app. It +// serializes the request objects, sends it to the Trusty app and finally reads +// back the result and decodes it. +class TrustyNvramImplementation : public nvram::NvramImplementation { + public: + ~TrustyNvramImplementation() override; + + void Execute(const nvram::Request& request, + nvram::Response* response) override; + + private: + // Connects the IPC channel to the Trusty app if it is not already open. + // Returns true if the channel is open, false on errors. + bool Connect(); + + // Dispatches a command to the trust app. Returns true if successful (note + // that the response may still indicate an error on the Trusty side), false if + // there are any I/O or encoding/decoding errors. + bool SendRequest(const nvram::Request& request, + nvram::Response* response); + + // The file descriptor for the IPC connection to the Trusty app. + int tipc_nvram_fd_ = -1; + + // Response buffer. This puts a hard size limit on the responses from the + // Trusty app. 4096 matches the maximum IPC message size currently supported + // by Trusty. + uint8_t response_buffer_[4096]; +}; + +} // namespace nvram + +#endif // TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_