Don't chdir into the keystore directory

If the keystore daemon chdir's into /data/misc/keystore, /data can never be unmounted. During bringup, it's helpful if we can umount /data and reformat it. Change-Id: Id5b93ee8a54846fd07e6e0e57bfd0a6fabf603ee
author: Colin Cross <ccross@android.com> 2010-06-17 21:00:47 -0700
committer: Colin Cross <ccross@android.com> 2010-06-17 22:50:10 -0700
commit: 831c6cc7c1cfcf1271c75dc960948ab6ce720b67 (patch)
tree: 1b41b8371facff87788a36ad981262670ad58713 /cmds/keystore
parent: 53f2bb549ed756d3f6a6c0baad4c65cf51e56981 (diff)
download: frameworks_base-831c6cc7c1cfcf1271c75dc960948ab6ce720b67.zip
frameworks_base-831c6cc7c1cfcf1271c75dc960948ab6ce720b67.tar.gz
frameworks_base-831c6cc7c1cfcf1271c75dc960948ab6ce720b67.tar.bz2
1 files changed, 39 insertions, 18 deletions
diff --git a/cmds/keystore/keystore.c b/cmds/keystore/keystore.c
index 60cc521..294122d 100644
--- a/cmds/keystore/keystore.c
+++ b/cmds/keystore/keystore.c
@@ -149,6 +149,7 @@ static void send_message(uint8_t *message, int length)
  * are always set to zero in this implementation. */
 
 static int the_entropy = -1;
+static const char *the_storage;
 
 static struct __attribute__((packed)) {
     uint32_t reserved;
@@ -165,6 +166,8 @@ static int8_t encrypt_blob(char *name, AES_KEY *aes_key)
     uint8_t vector[AES_BLOCK_SIZE];
     int length;
     int fd;
+    char tmp_path[PATH_MAX];
+    char path[PATH_MAX];
 
     if (read(the_entropy, vector, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) {
         return SYSTEM_ERROR;
@@ -183,17 +186,29 @@ static int8_t encrypt_blob(char *name, AES_KEY *aes_key)
     blob.reserved = 0;
     length += blob.encrypted - (uint8_t *)&blob;
 
-    fd = open(".tmp", O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR);
+    if (snprintf(tmp_path, PATH_MAX, "%s/.tmp", the_storage) >= PATH_MAX ||
+        snprintf(path, PATH_MAX, "%s/%s", the_storage, name) >= PATH_MAX) {
+        return SYSTEM_ERROR;
+    }
+
+    fd = open(tmp_path, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR);
     length -= write(fd, &blob, length);
     close(fd);
-    return (length || rename(".tmp", name)) ? SYSTEM_ERROR : NO_ERROR;
+
+    return (length || rename(tmp_path, path)) ? SYSTEM_ERROR : NO_ERROR;
 }
 
 static int8_t decrypt_blob(char *name, AES_KEY *aes_key)
 {
-    int fd = open(name, O_RDONLY);
+    int fd;
     int length;
+    char path[PATH_MAX];
 
+    if (snprintf(path, PATH_MAX, "%s/%s", the_storage, name) >= PATH_MAX) {
+        return SYSTEM_ERROR;
+    }
+
+    fd = open(path, O_RDONLY);
     if (fd == -1) {
         return (errno == ENOENT) ? KEY_NOT_FOUND : SYSTEM_ERROR;
     }
@@ -273,18 +288,24 @@ static int8_t insert()
 
 static int8_t delete()
 {
-    char name[NAME_MAX];
-    int n = sprintf(name, "%u_", uid);
-    encode_key(&name[n], params[0].value, params[0].length);
-    return (unlink(name) && errno != ENOENT) ? SYSTEM_ERROR : NO_ERROR;
+    char path[PATH_MAX];
+    int n = snprintf(path, PATH_MAX, "%s/%u_", the_storage, uid);
+    if (n >= PATH_MAX) {
+        return SYSTEM_ERROR;
+    }
+    encode_key(&path[n], params[0].value, params[0].length);
+    return (unlink(path) && errno != ENOENT) ? SYSTEM_ERROR : NO_ERROR;
 }
 
 static int8_t exist()
 {
-    char name[NAME_MAX];
-    int n = sprintf(name, "%u_", uid);
-    encode_key(&name[n], params[0].value, params[0].length);
-    if (access(name, R_OK) == -1) {
+    char path[PATH_MAX];
+    int n = snprintf(path, PATH_MAX, "%s/%u_", the_storage, uid);
+    if (n >= PATH_MAX) {
+        return SYSTEM_ERROR;
+    }
+    encode_key(&path[n], params[0].value, params[0].length);
+    if (access(path, R_OK) == -1) {
         return (errno != ENOENT) ? SYSTEM_ERROR : KEY_NOT_FOUND;
     }
     return NO_ERROR;
@@ -292,7 +313,7 @@ static int8_t exist()
 
 static int8_t saw()
 {
-    DIR *dir = opendir(".");
+    DIR *dir = opendir(the_storage);
     struct dirent *file;
     char name[NAME_MAX];
     int n;
@@ -316,8 +337,9 @@ static int8_t saw()
 
 static int8_t reset()
 {
-    DIR *dir = opendir(".");
+    DIR *dir = opendir(the_storage);
     struct dirent *file;
+    char path[PATH_MAX];
 
     memset(&encryption_key, 0, sizeof(encryption_key));
     memset(&decryption_key, 0, sizeof(decryption_key));
@@ -328,7 +350,9 @@ static int8_t reset()
         return SYSTEM_ERROR;
     }
     while ((file = readdir(dir)) != NULL) {
-        unlink(file->d_name);
+        if (snprintf(path, PATH_MAX, "%s/%s", the_storage, file->d_name) < PATH_MAX) {
+            unlink(path);
+        }
     }
     closedir(dir);
     return NO_ERROR;
@@ -493,10 +517,7 @@ int main(int argc, char **argv)
         LOGE("A directory must be specified!");
         return 1;
     }
-    if (chdir(argv[1]) == -1) {
-        LOGE("chdir: %s: %s", argv[1], strerror(errno));
-        return 1;
-    }
+    the_storage = argv[1];
     if ((the_entropy = open(RANDOM_DEVICE, O_RDONLY)) == -1) {
         LOGE("open: %s: %s", RANDOM_DEVICE, strerror(errno));
         return 1;
author	Colin Cross <ccross@android.com>	2010-06-17 21:00:47 -0700
committer	Colin Cross <ccross@android.com>	2010-06-17 22:50:10 -0700
commit	831c6cc7c1cfcf1271c75dc960948ab6ce720b67 (patch)
tree	1b41b8371facff87788a36ad981262670ad58713 /cmds/keystore
parent	53f2bb549ed756d3f6a6c0baad4c65cf51e56981 (diff)
download	frameworks_base-831c6cc7c1cfcf1271c75dc960948ab6ce720b67.zip frameworks_base-831c6cc7c1cfcf1271c75dc960948ab6ce720b67.tar.gz frameworks_base-831c6cc7c1cfcf1271c75dc960948ab6ce720b67.tar.bz2