diff options
author | David Drysdale <drysdale@google.com> | 2022-01-24 08:23:12 +0000 |
---|---|---|
committer | David Drysdale <drysdale@google.com> | 2022-06-01 15:12:00 +0000 |
commit | 6488068929ee53119a2ed3ca3baa4c6c9e70ed5e (patch) | |
tree | dfa0c1a65878e897f9fc05d92d16b886c2648e4c | |
parent | 7d500dafe15bb3ac948c8e26fda4df0486f85238 (diff) | |
download | keymaster-6488068929ee53119a2ed3ca3baa4c6c9e70ed5e.tar.gz |
Use new (std::nothrow) throughout
If code uses "normal" `new`, the compiler is allowed to assume that
`nullptr` is never returned, even if built with -fno-exceptions.
Use `new (std::nothrow)` throughout so that `nullptr` gets returned
and can (in some cases) be handled.
Bug: 215451239
Test: VtsAidlKeyMintTargetTest
Change-Id: If7206b738f0fa0427866d022359aa16257889a9e
-rw-r--r-- | ipc/keymaster_ipc.cpp | 12 | ||||
-rw-r--r-- | secure_storage_manager.cpp | 23 | ||||
-rw-r--r-- | trusty_keymaster.cpp | 3 | ||||
-rw-r--r-- | trusty_keymaster_context.cpp | 24 | ||||
-rw-r--r-- | trusty_logger.h | 2 |
5 files changed, 34 insertions, 30 deletions
diff --git a/ipc/keymaster_ipc.cpp b/ipc/keymaster_ipc.cpp index 1b3070a..0d4051b 100644 --- a/ipc/keymaster_ipc.cpp +++ b/ipc/keymaster_ipc.cpp @@ -179,7 +179,7 @@ static long serialize_response(Response& rsp, uint32_t* out_size) { *out_size = rsp.SerializedSize(); - out->reset(new uint8_t[*out_size]); + out->reset(new (std::nothrow) uint8_t[*out_size]); if (out->get() == NULL) { *out_size = 0; return ERR_NO_MEMORY; @@ -294,7 +294,7 @@ static long get_auth_token_key(keymaster::UniquePtr<uint8_t[]>* key_buf, return ERR_NOT_ENOUGH_BUFFER; } - key_buf->reset(new uint8_t[key.key_material_size]); + key_buf->reset(new (std::nothrow) uint8_t[key.key_material_size]); if (key_buf->get() == NULL) { return ERR_NO_MEMORY; } @@ -640,7 +640,7 @@ static keymaster_chan_ctx* keymaster_ctx_open(handle_t chan, return NULL; } - keymaster_chan_ctx* ctx = new keymaster_chan_ctx; + keymaster_chan_ctx* ctx = new (std::nothrow) keymaster_chan_ctx; if (ctx == NULL) { return ctx; } @@ -676,7 +676,8 @@ static long handle_msg(keymaster_chan_ctx* ctx) { } // allocate msg_buf, with one extra byte for null-terminator - keymaster::UniquePtr<uint8_t[]> msg_buf(new uint8_t[msg_inf.len + 1]); + keymaster::UniquePtr<uint8_t[]> msg_buf(new (std::nothrow) + uint8_t[msg_inf.len + 1]); msg_buf[msg_inf.len] = 0; /* read msg content */ @@ -867,7 +868,8 @@ int main(void) { long rc; uevent_t event; - device = new TrustyKeymaster(new TrustyKeymasterContext, 16); + device = new (std::nothrow) + TrustyKeymaster(new (std::nothrow) TrustyKeymasterContext, 16); TrustyLogger::initialize(); diff --git a/secure_storage_manager.cpp b/secure_storage_manager.cpp index dcfdc77..5403831 100644 --- a/secure_storage_manager.cpp +++ b/secure_storage_manager.cpp @@ -254,7 +254,8 @@ keymaster_error_t SecureStorageManager::ReadCertChainFromStorage( return KM_ERROR_OK; } - cert_chain->entries = new keymaster_blob_t[cert_chain_length]; + cert_chain->entries = + new (std::nothrow) keymaster_blob_t[cert_chain_length]; if (cert_chain->entries == nullptr) { return KM_ERROR_MEMORY_ALLOCATION_FAILED; } @@ -264,7 +265,7 @@ keymaster_error_t SecureStorageManager::ReadCertChainFromStorage( for (size_t i = 0; i < cert_chain_length; i++) { uint32_t content_size = attestation_key->certs[i].content.size; cert_chain->entries[i].data_length = content_size; - uint8_t* buffer = new uint8_t[content_size]; + uint8_t* buffer = new (std::nothrow) uint8_t[content_size]; if (buffer == nullptr) { return KM_ERROR_MEMORY_ALLOCATION_FAILED; } @@ -312,7 +313,7 @@ keymaster_error_t SecureStorageManager::ReadAtapCertChainFromStorage( for (size_t i = 0; i < cert_chain_length; i++) { uint32_t content_size = attestation_key->certs[i].content.size; cert_chain->entries[i].data_length = content_size; - uint8_t* buffer = new uint8_t[content_size]; + uint8_t* buffer = new (std::nothrow) uint8_t[content_size]; if (buffer == nullptr) { return KM_ERROR_MEMORY_ALLOCATION_FAILED; } @@ -346,7 +347,7 @@ keymaster_error_t SecureStorageManager::WriteAtapKeyAndCertsToStorage( return KM_ERROR_INVALID_ARGUMENT; } UniquePtr<AttestationKey> attestation_key( - new AttestationKey(AttestationKey_init_zero)); + new (std::nothrow) AttestationKey(AttestationKey_init_zero)); attestation_key->has_key = true; attestation_key->key.size = key_size; memcpy(attestation_key->key.bytes, key, key_size); @@ -386,8 +387,8 @@ keymaster_error_t SecureStorageManager::DeleteKey(AttestationKeySlot key_slot, keymaster_error_t SecureStorageManager::ReadKeymasterAttributes( KeymasterAttributes** km_attributes_p) { - UniquePtr<KeymasterAttributes> km_attributes( - new KeymasterAttributes(KeymasterAttributes_init_zero)); + UniquePtr<KeymasterAttributes> km_attributes(new ( + std::nothrow) KeymasterAttributes(KeymasterAttributes_init_zero)); if (!km_attributes.get()) { return KM_ERROR_MEMORY_ALLOCATION_FAILED; } @@ -517,7 +518,7 @@ keymaster_error_t SecureStorageManager::ReadProductId( keymaster_error_t SecureStorageManager::SetAttestationIds( const SetAttestationIdsRequest& request) { AttestationIds* attestation_ids_p = - new AttestationIds(AttestationIds_init_zero); + new (std::nothrow) AttestationIds(AttestationIds_init_zero); UniquePtr<AttestationIds> attestation_ids(attestation_ids_p); if (request.brand.buffer_size() > kAttestationIdLengthMax) { LOG_E("Error: Brand ID too large: %d", request.brand.buffer_size()); @@ -671,7 +672,7 @@ keymaster_error_t SecureStorageManager::ReadAttestationKey( GetKeySlotStr(key_slot)); UniquePtr<AttestationKey> attestation_key( - new AttestationKey(AttestationKey_init_zero)); + new (std::nothrow) AttestationKey(AttestationKey_init_zero)); if (!attestation_key.get()) { return KM_ERROR_MEMORY_ALLOCATION_FAILED; } @@ -830,7 +831,7 @@ keymaster_error_t SecureStorageManager::TranslateLegacyFormat() { for (size_t i = 0; i < sizeof(key_slots) / sizeof(int); i++) { AttestationKeySlot key_slot = key_slots[i]; UniquePtr<AttestationKey> attestation_key( - new AttestationKey(AttestationKey_init_zero)); + new (std::nothrow) AttestationKey(AttestationKey_init_zero)); snprintf(key_file, kStorageIdLengthMax, "%s.%s", kLegacyAttestKeyPrefix, GetKeySlotStr(key_slot)); err = LegacySecureStorageRead(key_file, attestation_key->key.bytes, @@ -880,8 +881,8 @@ keymaster_error_t SecureStorageManager::TranslateLegacyFormat() { } } - UniquePtr<KeymasterAttributes> km_attributes( - new KeymasterAttributes(KeymasterAttributes_init_zero)); + UniquePtr<KeymasterAttributes> km_attributes(new ( + std::nothrow) KeymasterAttributes(KeymasterAttributes_init_zero)); uint32_t product_id_size; err = LegacySecureStorageRead(kLegacyProductIdFileName, km_attributes->product_id.bytes, diff --git a/trusty_keymaster.cpp b/trusty_keymaster.cpp index ef56c51..7f181a8 100644 --- a/trusty_keymaster.cpp +++ b/trusty_keymaster.cpp @@ -139,7 +139,8 @@ void TrustyKeymaster::SetWrappedAttestationKey( */ size_t unwrapped_buf_size = request.key_data.buffer_size(); size_t unwrapped_key_size; - std::unique_ptr<uint8_t[]> unwrapped_key(new uint8_t[unwrapped_buf_size]); + std::unique_ptr<uint8_t[]> unwrapped_key( + new (std::nothrow) uint8_t[unwrapped_buf_size]); if (!unwrapped_key) { response->error = KM_ERROR_MEMORY_ALLOCATION_FAILED; return; diff --git a/trusty_keymaster_context.cpp b/trusty_keymaster_context.cpp index fb4ec4d..c5ecd19 100644 --- a/trusty_keymaster_context.cpp +++ b/trusty_keymaster_context.cpp @@ -102,19 +102,19 @@ TrustyKeymasterContext::TrustyKeymasterContext() rng_initialized_(false), calls_since_reseed_(0) { LOG_D("Creating TrustyKeymaster", 0); - rsa_factory_.reset( - new RsaKeyFactory(*this /* blob_maker */, *this /* context */)); - tdes_factory_.reset(new TripleDesKeyFactory(*this /* blob_maker */, - *this /* random_source */)); - ec_factory_.reset( - new EcKeyFactory(*this /* blob_maker */, *this /* context */)); - aes_factory_.reset(new TrustyAesKeyFactory(*this /* blob_maker */, - *this /* random_source */)); - hmac_factory_.reset(new HmacKeyFactory(*this /* blob_maker */, - *this /* random_source */)); + rsa_factory_.reset(new (std::nothrow) RsaKeyFactory(*this /* blob_maker */, + *this /* context */)); + tdes_factory_.reset(new (std::nothrow) TripleDesKeyFactory( + *this /* blob_maker */, *this /* random_source */)); + ec_factory_.reset(new (std::nothrow) EcKeyFactory(*this /* blob_maker */, + *this /* context */)); + aes_factory_.reset(new (std::nothrow) TrustyAesKeyFactory( + *this /* blob_maker */, *this /* random_source */)); + hmac_factory_.reset(new (std::nothrow) HmacKeyFactory( + *this /* blob_maker */, *this /* random_source */)); boot_params_.verified_boot_key.Reinitialize("Unbound", 7); trusty_remote_provisioning_context_.reset( - new TrustyRemoteProvisioningContext()); + new (std::nothrow) TrustyRemoteProvisioningContext()); } const KeyFactory* TrustyKeymasterContext::GetKeyFactory( @@ -772,7 +772,7 @@ bool TrustyKeymasterContext::ShouldReseedRng() const { } bool TrustyKeymasterContext::ReseedRng() { - UniquePtr<uint8_t[]> rand_seed(new uint8_t[kRngReseedSize]); + UniquePtr<uint8_t[]> rand_seed(new (std::nothrow) uint8_t[kRngReseedSize]); memset(rand_seed.get(), 0, kRngReseedSize); if (trusty_rng_hw_rand(rand_seed.get(), kRngReseedSize) != 0) { LOG_E("Failed to get bytes from HW RNG", 0); diff --git a/trusty_logger.h b/trusty_logger.h index 0f9777f..458f127 100644 --- a/trusty_logger.h +++ b/trusty_logger.h @@ -27,7 +27,7 @@ namespace keymaster { class TrustyLogger : public Logger { public: - static void initialize() { set_instance(new TrustyLogger); } + static void initialize() { set_instance(new (std::nothrow) TrustyLogger); } virtual int log_msg(LogLevel level, const char* fmt, va_list args) const { if (level < KEYMASTER_LOG_LEVEL) { |