blob: 27e58917ff5e91ae1e2402cde5243d2aa185024a [file] [log] [blame]
/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <errno.h>
#include <getopt.h>
#include <stdbool.h>
#include <stdint.h>
#include <string.h>
#include <stdlib.h>
#include <sys/capability.h>
#include <sys/prctl.h>
#include <sys/stat.h>
#include <unistd.h>
#include <private/android_filesystem_config.h>
#include "ipc.h"
#include "log.h"
#include "rpmb.h"
#include "storage.h"
#define REQ_BUFFER_SIZE 4096
static uint8_t req_buffer[REQ_BUFFER_SIZE + 1];
static const char *ss_data_root;
static const char *trusty_devname;
static const char *rpmb_devname;
static const char *ss_srv_name = STORAGE_DISK_PROXY_PORT;
static const char *_sopts = "hp:d:r:";
static const struct option _lopts[] = {
{"help", no_argument, NULL, 'h'},
{"trusty_dev", required_argument, NULL, 'd'},
{"data_path", required_argument, NULL, 'p'},
{"rpmb_dev", required_argument, NULL, 'r'},
{0, 0, 0, 0}
};
static void show_usage_and_exit(int code)
{
ALOGE("usage: storageproxyd -d <trusty_dev> -p <data_path> -r <rpmb_dev>\n");
exit(code);
}
static int drop_privs(void)
{
struct __user_cap_header_struct capheader;
struct __user_cap_data_struct capdata[2];
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) {
return -1;
}
/*
* ensure we're running as the system user
*/
if (setgid(AID_SYSTEM) != 0) {
return -1;
}
if (setuid(AID_SYSTEM) != 0) {
return -1;
}
/*
* drop all capabilities except SYS_RAWIO
*/
memset(&capheader, 0, sizeof(capheader));
memset(&capdata, 0, sizeof(capdata));
capheader.version = _LINUX_CAPABILITY_VERSION_3;
capheader.pid = 0;
capdata[CAP_TO_INDEX(CAP_SYS_RAWIO)].permitted = CAP_TO_MASK(CAP_SYS_RAWIO);
capdata[CAP_TO_INDEX(CAP_SYS_RAWIO)].effective = CAP_TO_MASK(CAP_SYS_RAWIO);
if (capset(&capheader, &capdata[0]) < 0) {
return -1;
}
/* no-execute for user, no access for group and other */
umask(S_IXUSR | S_IRWXG | S_IRWXO);
return 0;
}
static int handle_req(struct storage_msg *msg, const void *req, size_t req_len)
{
int rc;
if ((msg->flags & STORAGE_MSG_FLAG_POST_COMMIT) &&
(msg->cmd != STORAGE_RPMB_SEND)) {
/*
* handling post commit messages on non rpmb commands are not
* implemented as there is no use case for this yet.
*/
ALOGE("cmd 0x%x: post commit option is not implemented\n", msg->cmd);
msg->result = STORAGE_ERR_UNIMPLEMENTED;
return ipc_respond(msg, NULL, 0);
}
if (msg->flags & STORAGE_MSG_FLAG_PRE_COMMIT) {
rc = storage_sync_checkpoint();
if (rc < 0) {
msg->result = STORAGE_ERR_GENERIC;
return ipc_respond(msg, NULL, 0);
}
}
switch (msg->cmd) {
case STORAGE_FILE_DELETE:
rc = storage_file_delete(msg, req, req_len);
break;
case STORAGE_FILE_OPEN:
rc = storage_file_open(msg, req, req_len);
break;
case STORAGE_FILE_CLOSE:
rc = storage_file_close(msg, req, req_len);
break;
case STORAGE_FILE_WRITE:
rc = storage_file_write(msg, req, req_len);
break;
case STORAGE_FILE_READ:
rc = storage_file_read(msg, req, req_len);
break;
case STORAGE_FILE_GET_SIZE:
rc = storage_file_get_size(msg, req, req_len);
break;
case STORAGE_FILE_SET_SIZE:
rc = storage_file_set_size(msg, req, req_len);
break;
case STORAGE_RPMB_SEND:
rc = rpmb_send(msg, req, req_len);
break;
default:
ALOGE("unhandled command 0x%x\n", msg->cmd);
msg->result = STORAGE_ERR_UNIMPLEMENTED;
rc = 1;
}
if (rc > 0) {
/* still need to send response */
rc = ipc_respond(msg, NULL, 0);
}
return rc;
}
static int proxy_loop(void)
{
ssize_t rc;
struct storage_msg msg;
/* enter main message handling loop */
while (true) {
/* get incoming message */
rc = ipc_get_msg(&msg, req_buffer, REQ_BUFFER_SIZE);
if (rc < 0)
return rc;
/* handle request */
req_buffer[rc] = 0; /* force zero termination */
rc = handle_req(&msg, req_buffer, rc);
if (rc)
return rc;
}
return 0;
}
static void parse_args(int argc, char *argv[])
{
int opt;
int oidx = 0;
while ((opt = getopt_long(argc, argv, _sopts, _lopts, &oidx)) != -1) {
switch (opt) {
case 'd':
trusty_devname = strdup(optarg);
break;
case 'p':
ss_data_root = strdup(optarg);
break;
case 'r':
rpmb_devname = strdup(optarg);
break;
default:
ALOGE("unrecognized option (%c):\n", opt);
show_usage_and_exit(EXIT_FAILURE);
}
}
if (ss_data_root == NULL ||
trusty_devname == NULL ||
rpmb_devname == NULL) {
ALOGE("missing required argument(s)\n");
show_usage_and_exit(EXIT_FAILURE);
}
ALOGI("starting storageproxyd\n");
ALOGI("storage data root: %s\n", ss_data_root);
ALOGI("trusty dev: %s\n", trusty_devname);
ALOGI("rpmb dev: %s\n", rpmb_devname);
}
int main(int argc, char *argv[])
{
int rc;
/* drop privileges */
if (drop_privs() < 0)
return EXIT_FAILURE;
/* parse arguments */
parse_args(argc, argv);
/* initialize secure storage directory */
rc = storage_init(ss_data_root);
if (rc < 0)
return EXIT_FAILURE;
/* open rpmb device */
rc = rpmb_open(rpmb_devname);
if (rc < 0)
return EXIT_FAILURE;
/* connect to Trusty secure storage server */
rc = ipc_connect(trusty_devname, ss_srv_name);
if (rc < 0)
return EXIT_FAILURE;
/* enter main loop */
rc = proxy_loop();
ALOGE("exiting proxy loop with status (%d)\n", rc);
ipc_disconnect();
rpmb_close();
return (rc < 0) ? EXIT_FAILURE : EXIT_SUCCESS;
}