trusty: confui: Add option to use handle prot library am: c7d8c1cc22

Original change: https://android-review.googlesource.com/c/trusty/app/confirmationui/+/2654014 Change-Id: I97f83687f2fdcb67cbffcbce2b7f1dd62302b675 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Mike McTernan <mikemcternan@google.com> 2024-02-16 03:35:12 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2024-02-16 03:35:12 +0000
commit: 9266fc5594992c07437d3f9af2ff94661aabb988 (patch)
tree: 92efd6302246b34cbe81e2126a53a445693880d5
parent: 4d594ac72d9d2a2bec0f6990a9179d1e7548ebf8 (diff)
parent: c7d8c1cc2249269f43ac1a95c216c33cae08451e (diff)
download: confirmationui-9266fc5594992c07437d3f9af2ff94661aabb988.tar.gz
2 files changed, 22 insertions, 0 deletions
diff --git a/rules.mk b/rules.mk
index a5b0063..98432a2 100644
--- a/rules.mk
+++ b/rules.mk
@@ -35,6 +35,13 @@ MODULE_LIBRARY_DEPS += \
 	trusty/user/base/lib/tipc \
 	external/boringssl \
 
+# Enable handle prot if required
+ifeq (true,$(call TOBOOL,$(CONFIRMATIONUI_HANDLE_PROT)))
+MODULE_DEFINES += WITH_HANDLE_PROT
+MODULE_LIBRARY_DEPS += \
+	trusty/user/whitechapel/tz/base/lib/handle_prot
+endif
+
 # Use the example layouts unless we have a vendor specific layout defined.
 ifeq ($(CONFIRMATIONUI_LAYOUTS),)
 MODULE_LIBRARY_DEPS += $(LOCAL_DIR)/examples/layouts
diff --git a/src/main.cpp b/src/main.cpp
index b6f3ad6..54adda4 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -16,6 +16,9 @@
 
 #define TLOG_TAG "confirmationui"
 
+#ifdef WITH_HANDLE_PROT
+#include <lib/handle_prot/handle_prot.h>
+#endif
 #include <lib/keymaster/keymaster.h>
 #include <lib/tipc/tipc.h>
 #include <lib/tipc/tipc_srv.h>
@@ -133,7 +136,19 @@ static int handle_init(handle_t chan,
         TLOGE("Shared memory too long\n");
         return ERR_BAD_LEN;
     }
+#ifdef WITH_HANDLE_PROT
+    rc = handle_prot_secure(shm_handle, false);
+    if (rc < 0) {
+        TLOGE("Shared memory should be non-secure, rc=%d\n", rc);
+        return rc;
+    }
 
+    rc = handle_prot_prot_id(shm_handle, 0);
+    if (rc < 0) {
+        TLOGE("Shared memory prot Id invalid, rc=%d.\n", rc);
+        return rc;
+    }
+#endif
     void* shm_base = mmap(0, shm_len, PROT_READ | PROT_WRITE, 0, shm_handle, 0);
     if (shm_base == MAP_FAILED) {
         TLOGE("Failed to mmap() handle\n");
author	Mike McTernan <mikemcternan@google.com>	2024-02-16 03:35:12 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2024-02-16 03:35:12 +0000
commit	9266fc5594992c07437d3f9af2ff94661aabb988 (patch)
tree	92efd6302246b34cbe81e2126a53a445693880d5
parent	4d594ac72d9d2a2bec0f6990a9179d1e7548ebf8 (diff)
parent	c7d8c1cc2249269f43ac1a95c216c33cae08451e (diff)
download	confirmationui-9266fc5594992c07437d3f9af2ff94661aabb988.tar.gz