Andres Morales
b15e63602d
am d3b8b72e: am 9a53bb0f: Merge "[gatekeeperd] fix issue with SW->HW upgrades" into mnc-dev
...
* commit 'd3b8b72ec9cbaf202053f0281c33a8da432222ca':
[gatekeeperd] fix issue with SW->HW upgrades
2015-06-25 16:10:35 +00:00
Andres Morales
9a53bb0f80
Merge "[gatekeeperd] fix issue with SW->HW upgrades" into mnc-dev
2015-06-25 15:43:02 +00:00
Andres Morales
7f6dcf6576
[gatekeeperd] fix issue with SW->HW upgrades
...
If the handle version is 0, there's no hardware_backed flag
meaning hardware backed handles will be attempted against
the soft impl. Ensure we don't try to read from hardware_backed
unless the version is > 0.
Bug: 21090356
Change-Id: I65f009c55538ea3c20eb486b580eb11ce93934fc
2015-06-24 18:40:24 -07:00
Dan Albert
262be42687
Merge "Add missing include. Clang build fix." into mnc-dev
2015-06-24 21:41:13 +00:00
Andres Morales
db100ff076
am 7f270fa8: am 3c2086da: [gatekeeperd] clear state and mark on cold boot
...
* commit '7f270fa8a18c86b8d5451dfcd8936c79115440ef':
[gatekeeperd] clear state and mark on cold boot
2015-06-24 18:52:51 +00:00
Andres Morales
3c2086dabd
[gatekeeperd] clear state and mark on cold boot
...
required to initialize state by certain HAL impls
Bug: 22011857
Change-Id: Ibb01a799da983e1a930aae946c331b23f571861d
2015-06-24 10:22:45 -07:00
Andres Morales
991680bf60
am 343d7082: am b2856ddb: Merge "[gatekeeperd] invalidate stale password cache" into mnc-dev
...
* commit '343d708234636d505653d4ed1c9104463db76bab':
[gatekeeperd] invalidate stale password cache
2015-06-23 22:21:15 +00:00
Andres Morales
9ea9a06b06
[gatekeeperd] invalidate stale password cache
...
password may change offline, invalidate the cache if it is
stale
Bug: 22019187
Change-Id: I2aaae978c8bd4629a0f93df3778d8679ae9b53d5
2015-06-23 11:29:57 -07:00
Andres Morales
0fdae23b53
am 1e8a4588: am 835d96ea: [gatekeeperd] handle upgrades from software version to HAL
...
* commit '1e8a4588346bfaf1bb8f2c909e95669e29bd0d6e':
[gatekeeperd] handle upgrades from software version to HAL
2015-06-22 21:56:41 +00:00
Andres Morales
835d96eae5
[gatekeeperd] handle upgrades from software version to HAL
...
Certain devices, like Shamu, are currently running an interim
software-only gatekeeper. When the HAL for those devices is merged,
we need to handle upgrading to the HAL smoothly.
Bug: 21090356
Change-Id: I5352bc547a43671a08249eae532e8b3ce6b90087
2015-06-22 13:12:41 -07:00
Andres Morales
c5b8743ff6
am b58866fb: am c7ab1e81: [gatekeeperd] add fast path for SW password verification
...
* commit 'b58866fbec93d6469f578c668a037738eefe5759':
[gatekeeperd] add fast path for SW password verification
2015-06-22 20:08:51 +00:00
Andres Morales
c7ab1e8177
[gatekeeperd] add fast path for SW password verification
...
Bug: 21445004
Change-Id: I5e36ddbefaf1fa8de8623858fd785ac8fb651a4f
2015-06-22 12:05:57 -07:00
Dan Albert
8f7f0f88a3
Add missing include. Clang build fix.
...
Change-Id: I74bed4f27e34c6bbf904058c14e124d8f5d35d82
2015-06-10 17:34:58 -07:00
Dan Albert
460f6b1f11
Add missing arpa/inet.h include for ntohl.
...
Clang build fix. Not sure why this is happening with gcc.
Change-Id: Ic3e192e31ba8d1d78dab83a6af13e82d261e5938
2015-06-09 20:10:19 -07:00
Andres Morales
b8216007c6
Merge "[gatekeeperd] track gk failure record changes" into mnc-dev
2015-06-04 01:27:34 +00:00
Andres Morales
e1f827fc1f
[gatekeeperd] track gk failure record changes
...
Bug:21118563
Change-Id: Ia726dc4db6ec5c6a1e8e08a689ec82568ff1e5aa
2015-06-03 18:24:36 -07:00
Andres Morales
531e3e83c2
[gatekeeperd] verify a password after enrolling successfully
...
Bug: 20918106
Change-Id: Ia3cb6d1375d9ee2a6e543ee97d37b7c4f0459447
2015-06-02 10:43:21 -07:00
Andres Morales
ae242929da
[gatekeeperd] return brute-force throttling information
...
Bug: 21118563
Change-Id: I13c6a44f61668be8b4c1fde8c84dcfebab84517c
2015-05-27 07:45:22 -07:00
Andres Morales
33dfdc7bbc
Move SoftGateKeeper into gatekeeperd
...
Allows for easy determination of whether there's a
hardware module in place. Permits tighter coupling of
software implementation with upper-level stack.
Bug:21090356
Change-Id: I275b57cd976c233c43c476c5869c5a4b29fbc175
2015-05-14 12:58:13 -07:00
Andres Morales
dcb3fbdaa4
Make clear SID delete the file
...
This allows us to recover in situations where we manage
to clear the SID in GateKeeper but fail to remove the
password in LockSettingsService.
Change-Id: Ib64ead137632f9615745a414c90a9b66b847134f
2015-04-17 09:01:41 -07:00
Andres Morales
7c9c3bc9c2
Implement clear SID API
...
Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
2015-04-16 15:57:17 -07:00
Andres Morales
6a49c2fa43
Implement SID API
...
Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-16 13:17:54 -07:00
Andres Morales
2ae8b4c28f
Use proper NO_ERROR checking KS return value
...
It's a bit weird that KS defines NO_ERROR outside a
namespace like the Android binder lib, but assigns
it the value 1 instead of 0.
Change-Id: I5aedfd495f2f3bdff7eb1b4ba0f75d335dfe12d9
2015-04-13 09:20:09 -07:00
Andres Morales
c828ae8776
Update verify API to return auth token blob
...
Change-Id: I853e61815458b54fb3b2f29e12a147b3b9aa3788
2015-04-11 18:29:04 -07:00
Andres Morales
851b57c1f8
Add challenge to verify call
...
required for enrolling secondary auth form factors
Change-Id: Ia3e1d47f988bca1bb1a0e713c000886e60b4e839
2015-04-10 19:56:07 -07:00
Andres Morales
2d08dce0be
GateKeeper proxy service
...
Until we have SELinux support for gating access
to individual TEE services, we will proxy TEE requests
to GateKeeper via this daemon.
Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8
2015-04-08 15:20:22 -07:00