diff options
author | Kenny Root <kroot@google.com> | 2013-03-29 11:15:50 -0700 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2013-03-29 14:22:25 -0700 |
commit | 4306123e81371bd8bd85f77c2375d29ac53ff771 (patch) | |
tree | 92431a66dcb87e3f6ca5582a85957069e05e27f6 | |
parent | cfc38e553023ba4825e22603b2e7c7e954147a71 (diff) | |
download | security-4306123e81371bd8bd85f77c2375d29ac53ff771.tar.gz |
keystore: add API to query storage type
Add an API to query the HAL to see what kind of storage it reports the
device is.
(cherry picked from commit 8ddf35a6e1fd80a7d0685041d2bfc77078277c9d)
Change-Id: I04a9421053a0b8bbe4f0dd73fefdfdbe4ab4add9
-rw-r--r-- | keystore/IKeystoreService.cpp | 25 | ||||
-rw-r--r-- | keystore/include/keystore/IKeystoreService.h | 3 | ||||
-rw-r--r-- | keystore/keystore.cpp | 8 |
3 files changed, 36 insertions, 0 deletions
diff --git a/keystore/IKeystoreService.cpp b/keystore/IKeystoreService.cpp index 08030713..520d2663 100644 --- a/keystore/IKeystoreService.cpp +++ b/keystore/IKeystoreService.cpp @@ -510,6 +510,24 @@ public: } return ret; } + + virtual int32_t is_hardware_backed() + { + Parcel data, reply; + data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); + status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply); + if (status != NO_ERROR) { + ALOGD("is_hardware_backed() could not contact remote: %d\n", status); + return -1; + } + int32_t err = reply.readExceptionCode(); + int32_t ret = reply.readInt32(); + if (err < 0) { + ALOGD("is_hardware_backed() caught exception %d\n", err); + return -1; + } + return ret; + } }; IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.keystore"); @@ -772,6 +790,13 @@ status_t BnKeystoreService::onTransact( reply->writeInt32(ret); return NO_ERROR; } break; + case IS_HARDWARE_BACKED: { + CHECK_INTERFACE(IKeystoreService, data, reply); + int32_t ret = is_hardware_backed(); + reply->writeNoException(); + reply->writeInt32(ret); + return NO_ERROR; + } default: return BBinder::onTransact(code, data, reply, flags); } diff --git a/keystore/include/keystore/IKeystoreService.h b/keystore/include/keystore/IKeystoreService.h index 7659f473..6b2f406d 100644 --- a/keystore/include/keystore/IKeystoreService.h +++ b/keystore/include/keystore/IKeystoreService.h @@ -50,6 +50,7 @@ public: UNGRANT = IBinder::FIRST_CALL_TRANSACTION + 18, GETMTIME = IBinder::FIRST_CALL_TRANSACTION + 19, DUPLICATE = IBinder::FIRST_CALL_TRANSACTION + 20, + IS_HARDWARE_BACKED = IBinder::FIRST_CALL_TRANSACTION + 21, }; DECLARE_META_INTERFACE(KeystoreService); @@ -98,6 +99,8 @@ public: virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey, int32_t destUid) = 0; + + virtual int32_t is_hardware_backed() = 0; }; // ---------------------------------------------------------------------------- diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp index 385f005e..438a8e46 100644 --- a/keystore/keystore.cpp +++ b/keystore/keystore.cpp @@ -742,6 +742,10 @@ public: return put(filename, &keyBlob); } + bool isHardwareBacked() const { + return (mDevice->flags & KEYMASTER_SOFTWARE_ONLY) != 0; + } + private: static const char* MASTER_KEY_FILE; static const int MASTER_KEY_SIZE_BYTES = 16; @@ -1648,6 +1652,10 @@ public: return mKeyStore->put(target, &keyBlob); } + int32_t is_hardware_backed() { + return mKeyStore->isHardwareBacked() ? 1 : 0; + } + private: inline bool isKeystoreUnlocked(State state) { switch (state) { |