diff options
Diffstat (limited to 'keystore2/legacykeystore/lib.rs')
-rw-r--r-- | keystore2/legacykeystore/lib.rs | 78 |
1 files changed, 36 insertions, 42 deletions
diff --git a/keystore2/legacykeystore/lib.rs b/keystore2/legacykeystore/lib.rs index db3eff63..b173da83 100644 --- a/keystore2/legacykeystore/lib.rs +++ b/keystore2/legacykeystore/lib.rs @@ -134,6 +134,7 @@ impl DB { } fn get(&mut self, caller_uid: u32, alias: &str) -> Result<Option<Vec<u8>>> { + ensure_keystore_get_is_enabled()?; self.with_transaction(TransactionBehavior::Deferred, |tx| { tx.query_row( "SELECT profile FROM profiles WHERE owner = ? AND alias = ?;", @@ -210,41 +211,22 @@ impl Error { } } -/// This function should be used by legacykeystore service calls to translate error conditions -/// into service specific exceptions. +/// Translate an error into a service specific exception, logging along the way. /// -/// All error conditions get logged by this function, except for ERROR_ENTRY_NOT_FOUND error. -/// -/// `Error::Error(x)` variants get mapped onto a service specific error code of `x`. -/// -/// All non `Error` error conditions get mapped onto `ERROR_SYSTEM_ERROR`. -/// -/// `handle_ok` will be called if `result` is `Ok(value)` where `value` will be passed -/// as argument to `handle_ok`. `handle_ok` must generate a `BinderResult<T>`, but it -/// typically returns Ok(value). -fn map_or_log_err<T, U, F>(result: Result<U>, handle_ok: F) -> BinderResult<T> -where - F: FnOnce(U) -> BinderResult<T>, -{ - result.map_or_else( - |e| { - let root_cause = e.root_cause(); - let (rc, log_error) = match root_cause.downcast_ref::<Error>() { - // Make the entry not found errors silent. - Some(Error::Error(ERROR_ENTRY_NOT_FOUND)) => (ERROR_ENTRY_NOT_FOUND, false), - Some(Error::Error(e)) => (*e, true), - Some(Error::Binder(_, _)) | None => (ERROR_SYSTEM_ERROR, true), - }; - if log_error { - log::error!("{:?}", e); - } - Err(BinderStatus::new_service_specific_error( - rc, - anyhow_error_to_cstring(&e).as_deref(), - )) - }, - handle_ok, - ) +/// `Error::Error(x)` variants get mapped onto a service specific error code of `x`, other errors +/// are mapped to `ERROR_SYSTEM_ERROR`. +fn into_logged_binder(e: anyhow::Error) -> BinderStatus { + let root_cause = e.root_cause(); + let (rc, log_error) = match root_cause.downcast_ref::<Error>() { + // Make the entry not found errors silent. + Some(Error::Error(ERROR_ENTRY_NOT_FOUND)) => (ERROR_ENTRY_NOT_FOUND, false), + Some(Error::Error(e)) => (*e, true), + Some(Error::Binder(_, _)) | None => (ERROR_SYSTEM_ERROR, true), + }; + if log_error { + log::error!("{:?}", e); + } + BinderStatus::new_service_specific_error(rc, anyhow_error_to_cstring(&e).as_deref()) } fn ensure_keystore_put_is_enabled() -> Result<()> { @@ -258,6 +240,17 @@ fn ensure_keystore_put_is_enabled() -> Result<()> { } } +fn ensure_keystore_get_is_enabled() -> Result<()> { + if keystore2_flags::disable_legacy_keystore_get() { + Err(Error::deprecated()).context(concat!( + "Retrieving from Keystore's legacy database is ", + "no longer supported, store in an app-specific database instead" + )) + } else { + Ok(()) + } +} + struct LegacyKeystoreDeleteListener { legacy_keystore: Arc<LegacyKeystore>, } @@ -332,6 +325,7 @@ impl LegacyKeystore { } fn get(&self, alias: &str, uid: i32) -> Result<Vec<u8>> { + ensure_keystore_get_is_enabled()?; let mut db = self.open_db().context("In get.")?; let uid = Self::get_effective_uid(uid).context("In get.")?; @@ -551,20 +545,20 @@ impl binder::Interface for LegacyKeystoreService {} impl ILegacyKeystore for LegacyKeystoreService { fn get(&self, alias: &str, uid: i32) -> BinderResult<Vec<u8>> { - let _wp = wd::watch_millis("ILegacyKeystore::get", 500); - map_or_log_err(self.legacy_keystore.get(alias, uid), Ok) + let _wp = wd::watch("ILegacyKeystore::get"); + self.legacy_keystore.get(alias, uid).map_err(into_logged_binder) } fn put(&self, alias: &str, uid: i32, entry: &[u8]) -> BinderResult<()> { - let _wp = wd::watch_millis("ILegacyKeystore::put", 500); - map_or_log_err(self.legacy_keystore.put(alias, uid, entry), Ok) + let _wp = wd::watch("ILegacyKeystore::put"); + self.legacy_keystore.put(alias, uid, entry).map_err(into_logged_binder) } fn remove(&self, alias: &str, uid: i32) -> BinderResult<()> { - let _wp = wd::watch_millis("ILegacyKeystore::remove", 500); - map_or_log_err(self.legacy_keystore.remove(alias, uid), Ok) + let _wp = wd::watch("ILegacyKeystore::remove"); + self.legacy_keystore.remove(alias, uid).map_err(into_logged_binder) } fn list(&self, prefix: &str, uid: i32) -> BinderResult<Vec<String>> { - let _wp = wd::watch_millis("ILegacyKeystore::list", 500); - map_or_log_err(self.legacy_keystore.list(prefix, uid), Ok) + let _wp = wd::watch("ILegacyKeystore::list"); + self.legacy_keystore.list(prefix, uid).map_err(into_logged_binder) } } |