From dc3efcadddcbc2a85e6ec19b49282ceb759c322a Mon Sep 17 00:00:00 2001 From: Colin Cross Date: Thu, 17 Jun 2010 21:00:47 -0700 Subject: [PATCH] Don't chdir into the keystore directory If the keystore daemon chdir's into /data/misc/keystore, /data can never be unmounted. During bringup, it's helpful if we can umount /data and reformat it. Change-Id: Id5b93ee8a54846fd07e6e0e57bfd0a6fabf603ee --- cmds/keystore/keystore.c | 57 +++++++++++++++++++++++++++------------- 1 file changed, 39 insertions(+), 18 deletions(-) diff --git a/cmds/keystore/keystore.c b/cmds/keystore/keystore.c index 60cc521b0..294122df1 100644 --- a/cmds/keystore/keystore.c +++ b/cmds/keystore/keystore.c @@ -149,6 +149,7 @@ static void send_message(uint8_t *message, int length) * are always set to zero in this implementation. */ static int the_entropy = -1; +static const char *the_storage; static struct __attribute__((packed)) { uint32_t reserved; @@ -165,6 +166,8 @@ static int8_t encrypt_blob(char *name, AES_KEY *aes_key) uint8_t vector[AES_BLOCK_SIZE]; int length; int fd; + char tmp_path[PATH_MAX]; + char path[PATH_MAX]; if (read(the_entropy, vector, AES_BLOCK_SIZE) != AES_BLOCK_SIZE) { return SYSTEM_ERROR; @@ -183,17 +186,29 @@ static int8_t encrypt_blob(char *name, AES_KEY *aes_key) blob.reserved = 0; length += blob.encrypted - (uint8_t *)&blob; - fd = open(".tmp", O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR); + if (snprintf(tmp_path, PATH_MAX, "%s/.tmp", the_storage) >= PATH_MAX || + snprintf(path, PATH_MAX, "%s/%s", the_storage, name) >= PATH_MAX) { + return SYSTEM_ERROR; + } + + fd = open(tmp_path, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR); length -= write(fd, &blob, length); close(fd); - return (length || rename(".tmp", name)) ? SYSTEM_ERROR : NO_ERROR; + + return (length || rename(tmp_path, path)) ? SYSTEM_ERROR : NO_ERROR; } static int8_t decrypt_blob(char *name, AES_KEY *aes_key) { - int fd = open(name, O_RDONLY); + int fd; int length; + char path[PATH_MAX]; + if (snprintf(path, PATH_MAX, "%s/%s", the_storage, name) >= PATH_MAX) { + return SYSTEM_ERROR; + } + + fd = open(path, O_RDONLY); if (fd == -1) { return (errno == ENOENT) ? KEY_NOT_FOUND : SYSTEM_ERROR; } @@ -273,18 +288,24 @@ static int8_t insert() static int8_t delete() { - char name[NAME_MAX]; - int n = sprintf(name, "%u_", uid); - encode_key(&name[n], params[0].value, params[0].length); - return (unlink(name) && errno != ENOENT) ? SYSTEM_ERROR : NO_ERROR; + char path[PATH_MAX]; + int n = snprintf(path, PATH_MAX, "%s/%u_", the_storage, uid); + if (n >= PATH_MAX) { + return SYSTEM_ERROR; + } + encode_key(&path[n], params[0].value, params[0].length); + return (unlink(path) && errno != ENOENT) ? SYSTEM_ERROR : NO_ERROR; } static int8_t exist() { - char name[NAME_MAX]; - int n = sprintf(name, "%u_", uid); - encode_key(&name[n], params[0].value, params[0].length); - if (access(name, R_OK) == -1) { + char path[PATH_MAX]; + int n = snprintf(path, PATH_MAX, "%s/%u_", the_storage, uid); + if (n >= PATH_MAX) { + return SYSTEM_ERROR; + } + encode_key(&path[n], params[0].value, params[0].length); + if (access(path, R_OK) == -1) { return (errno != ENOENT) ? SYSTEM_ERROR : KEY_NOT_FOUND; } return NO_ERROR; @@ -292,7 +313,7 @@ static int8_t exist() static int8_t saw() { - DIR *dir = opendir("."); + DIR *dir = opendir(the_storage); struct dirent *file; char name[NAME_MAX]; int n; @@ -316,8 +337,9 @@ static int8_t saw() static int8_t reset() { - DIR *dir = opendir("."); + DIR *dir = opendir(the_storage); struct dirent *file; + char path[PATH_MAX]; memset(&encryption_key, 0, sizeof(encryption_key)); memset(&decryption_key, 0, sizeof(decryption_key)); @@ -328,7 +350,9 @@ static int8_t reset() return SYSTEM_ERROR; } while ((file = readdir(dir)) != NULL) { - unlink(file->d_name); + if (snprintf(path, PATH_MAX, "%s/%s", the_storage, file->d_name) < PATH_MAX) { + unlink(path); + } } closedir(dir); return NO_ERROR; @@ -493,10 +517,7 @@ int main(int argc, char **argv) LOGE("A directory must be specified!"); return 1; } - if (chdir(argv[1]) == -1) { - LOGE("chdir: %s: %s", argv[1], strerror(errno)); - return 1; - } + the_storage = argv[1]; if ((the_entropy = open(RANDOM_DEVICE, O_RDONLY)) == -1) { LOGE("open: %s: %s", RANDOM_DEVICE, strerror(errno)); return 1;