Google Git
Sign in
android / trusty / app / gatekeeper / 8d60f0f76fd9d2587a9547013283affb002732a2^! / .
commit8d60f0f76fd9d2587a9547013283affb002732a2[log] [tgz]
authorMarco Nelissen <marcone@google.com>Mon Feb 08 11:02:35 2021 -0800
committerMarco Nelissen <marcone@google.com>Tue Feb 16 15:41:02 2021 -0800
tree42feb67522ce000a6b06ae8c0f7de402c76be713
parent23b9ae35d8d944823b5a3ce0b99efc566f43139e [diff]
Allow setting gatekeeper storage port at build time

Default to STORAGE_CLIENT_TD_PORT which is what was used so far, but
allow overriding by setting the GATEKEEPER_STORAGE_PORT variable.

Bug: 160731903
Test: build, run
Change-Id: I2ff5ba068874fabe316c429aeae7027f83964fff

diff --git a/rules.mk b/rules.mk
index 324a858..608c7a6 100644
--- a/rules.mk
+++ b/rules.mk

@@ -43,6 +43,15 @@
 # TODO(ncbray): remove the VLA and turn the warning back on.
 MODULE_COMPILEFLAGS := -Wno-vla
 
+
+# This should be set to an appropriate storage service port.
+# For example, if a device implements factory reset protection using gatekeeper,
+# it should be set to STORAGE_CLIENT_TDP_PORT or STORAGE_CLIENT_TP_PORT.
+GATEKEEPER_STORAGE_PORT ?= STORAGE_CLIENT_TD_PORT
+
+MODULE_DEFINES += \
+        GATEKEEPER_STORAGE_PORT=$(GATEKEEPER_STORAGE_PORT) \
+
 include $(LOCAL_DIR)/$(IPC)/rules.mk
 
 include make/module.mk

diff --git a/trusty_gatekeeper.cpp b/trusty_gatekeeper.cpp
index 99c466e..a24974d 100644
--- a/trusty_gatekeeper.cpp
+++ b/trusty_gatekeeper.cpp

@@ -212,7 +212,7 @@
                                               secure_id_t user_id,
                                               failure_record_t* record) {
     storage_session_t session;
-    int rc = storage_open_session(&session, STORAGE_CLIENT_TD_PORT);
+    int rc = storage_open_session(&session, GATEKEEPER_STORAGE_PORT);
     if (rc < 0) {
         TLOGE("Error: [%d] opening storage session\n", rc);
         return false;
@@ -279,7 +279,7 @@
 bool TrustyGateKeeper::WriteSecureFailureRecord(uint32_t uid,
                                                 failure_record_t* record) {
     storage_session_t session;
-    int rc = storage_open_session(&session, STORAGE_CLIENT_TD_PORT);
+    int rc = storage_open_session(&session, GATEKEEPER_STORAGE_PORT);
     if (rc < 0) {
         TLOGE("Error: [%d] failed to open storage session\n", rc);
         return false;
@@ -400,7 +400,7 @@
     }
 
     storage_session_t session;
-    int rc = storage_open_session(&session, STORAGE_CLIENT_TD_PORT);
+    int rc = storage_open_session(&session, GATEKEEPER_STORAGE_PORT);
     if (rc < 0) {
         TLOGE("Error: [%d] opening storage session\n", rc);
         return ERROR_UNKNOWN;
@@ -426,7 +426,7 @@
 gatekeeper_error_t TrustyGateKeeper::RemoveAllUsers() {
 
     storage_session_t session;
-    int rc = storage_open_session(&session, STORAGE_CLIENT_TD_PORT);
+    int rc = storage_open_session(&session, GATEKEEPER_STORAGE_PORT);
     if (rc < 0) {
         TLOGE("Error: [%d] opening storage session\n", rc);
         return ERROR_UNKNOWN;