summaryrefslogtreecommitdiff
path: root/gatekeeperd
AgeCommit message (Collapse)Author
2015-08-21update bundled rc files to their contents from rootdir/init.rcTom Cherry
Bug 23186545 Change-Id: Ieb03ba89db2dee0365ae346295207ddfd29bd2b7
2015-08-06am dec7201e: am fe1b4627: am 19f223f3: Merge "[gatekeeperd] Check parent ↵Andres Morales
profile for SID lookups" into mnc-dev * commit 'dec7201e59f7eec1dae5ca5b3c6fae11d3e22242': [gatekeeperd] Check parent profile for SID lookups
2015-08-05[gatekeeperd] Check parent profile for SID lookupsAndres Morales
Bug: 22257554 Change-Id: I1a363729b449a2bc8594b48dada719fd79da7036
2015-07-10[gatekeeperd] fix other unaligned mem accessAndres Morales
Initially tested with the wrong (mnc) toolchain which just hid the error entirely. Now tested with master toolchain so this should be the last instance. Bug: 22367550 Change-Id: I0e785918b1a9f4a8af80dc96b794737fcfd12367
2015-07-10am 07f0aef8: am a5c8358a: am 787c3764: Merge "[gatekeeperd] fix use of ↵Andres Morales
uninitialized memory" into mnc-dev * commit '07f0aef8b98aea677e2f97589a6866903ed540ef': [gatekeeperd] fix use of uninitialized memory
2015-07-10am beb4fa62: am b8fb72e0: am 0b0435ea: [gatekeeperd] fix file descriptor leakAndres Morales
* commit 'beb4fa627b8da911a2d61d5e51b8df6af6c76c74': [gatekeeperd] fix file descriptor leak
2015-07-10Merge "[gatekeeperd] fix use of uninitialized memory" into mnc-devAndres Morales
2015-07-10[gatekeeperd] fix file descriptor leakAndres Morales
Bug: 22403703 Change-Id: I65da3b3b3f85db035d79277344beb5460cb025f2
2015-07-09[gatekeeperd] copy uid to local before passing to u_mapAndres Morales
The compiler will issue the unaligned access instuctions when reading from a packed struct. Since 'find' takes a reference, if we pass the field directly it is removed from its packed context and may be unreadable. Read the field out directly from the packed struct and pass in aligned to u_map to fix. Bug: 22367550 Change-Id: Ia3b639c7518154ff5a2b7c233b752e154eab9aad
2015-07-08[gatekeeperd] fix use of uninitialized memoryAndres Morales
Bug: 22319772 Change-Id: I3cb83389f11e54867aca132de48a3f6407b7eaf3
2015-06-25am d3b8b72e: am 9a53bb0f: Merge "[gatekeeperd] fix issue with SW->HW ↵Andres Morales
upgrades" into mnc-dev * commit 'd3b8b72ec9cbaf202053f0281c33a8da432222ca': [gatekeeperd] fix issue with SW->HW upgrades
2015-06-25Merge "[gatekeeperd] fix issue with SW->HW upgrades" into mnc-devAndres Morales
2015-06-24[gatekeeperd] fix issue with SW->HW upgradesAndres Morales
If the handle version is 0, there's no hardware_backed flag meaning hardware backed handles will be attempted against the soft impl. Ensure we don't try to read from hardware_backed unless the version is > 0. Bug: 21090356 Change-Id: I65f009c55538ea3c20eb486b580eb11ce93934fc
2015-06-24Merge "Add missing include. Clang build fix." into mnc-devDan Albert
2015-06-24am 7f270fa8: am 3c2086da: [gatekeeperd] clear state and mark on cold bootAndres Morales
* commit '7f270fa8a18c86b8d5451dfcd8936c79115440ef': [gatekeeperd] clear state and mark on cold boot
2015-06-24[gatekeeperd] clear state and mark on cold bootAndres Morales
required to initialize state by certain HAL impls Bug: 22011857 Change-Id: Ibb01a799da983e1a930aae946c331b23f571861d
2015-06-23am 343d7082: am b2856ddb: Merge "[gatekeeperd] invalidate stale password ↵Andres Morales
cache" into mnc-dev * commit '343d708234636d505653d4ed1c9104463db76bab': [gatekeeperd] invalidate stale password cache
2015-06-23[gatekeeperd] invalidate stale password cacheAndres Morales
password may change offline, invalidate the cache if it is stale Bug: 22019187 Change-Id: I2aaae978c8bd4629a0f93df3778d8679ae9b53d5
2015-06-22am 1e8a4588: am 835d96ea: [gatekeeperd] handle upgrades from software ↵Andres Morales
version to HAL * commit '1e8a4588346bfaf1bb8f2c909e95669e29bd0d6e': [gatekeeperd] handle upgrades from software version to HAL
2015-06-22[gatekeeperd] handle upgrades from software version to HALAndres Morales
Certain devices, like Shamu, are currently running an interim software-only gatekeeper. When the HAL for those devices is merged, we need to handle upgrading to the HAL smoothly. Bug: 21090356 Change-Id: I5352bc547a43671a08249eae532e8b3ce6b90087
2015-06-22am b58866fb: am c7ab1e81: [gatekeeperd] add fast path for SW password ↵Andres Morales
verification * commit 'b58866fbec93d6469f578c668a037738eefe5759': [gatekeeperd] add fast path for SW password verification
2015-06-22[gatekeeperd] add fast path for SW password verificationAndres Morales
Bug: 21445004 Change-Id: I5e36ddbefaf1fa8de8623858fd785ac8fb651a4f
2015-06-10Add missing include. Clang build fix.Dan Albert
Change-Id: I74bed4f27e34c6bbf904058c14e124d8f5d35d82
2015-06-09Add missing arpa/inet.h include for ntohl.Dan Albert
Clang build fix. Not sure why this is happening with gcc. Change-Id: Ic3e192e31ba8d1d78dab83a6af13e82d261e5938
2015-06-04Merge "[gatekeeperd] track gk failure record changes" into mnc-devAndres Morales
2015-06-03[gatekeeperd] track gk failure record changesAndres Morales
Bug:21118563 Change-Id: Ia726dc4db6ec5c6a1e8e08a689ec82568ff1e5aa
2015-06-02[gatekeeperd] verify a password after enrolling successfullyAndres Morales
Bug: 20918106 Change-Id: Ia3cb6d1375d9ee2a6e543ee97d37b7c4f0459447
2015-05-27[gatekeeperd] return brute-force throttling informationAndres Morales
Bug: 21118563 Change-Id: I13c6a44f61668be8b4c1fde8c84dcfebab84517c
2015-05-14Move SoftGateKeeper into gatekeeperdAndres Morales
Allows for easy determination of whether there's a hardware module in place. Permits tighter coupling of software implementation with upper-level stack. Bug:21090356 Change-Id: I275b57cd976c233c43c476c5869c5a4b29fbc175
2015-04-17Make clear SID delete the fileAndres Morales
This allows us to recover in situations where we manage to clear the SID in GateKeeper but fail to remove the password in LockSettingsService. Change-Id: Ib64ead137632f9615745a414c90a9b66b847134f
2015-04-16Implement clear SID APIAndres Morales
Change-Id: I4ada55674edff32d3e39d460070e03abbf847359
2015-04-16Implement SID APIAndres Morales
Change-Id: Id11632a6b4b9cab6f08f97026dd65fdf49a46491
2015-04-13Use proper NO_ERROR checking KS return valueAndres Morales
It's a bit weird that KS defines NO_ERROR outside a namespace like the Android binder lib, but assigns it the value 1 instead of 0. Change-Id: I5aedfd495f2f3bdff7eb1b4ba0f75d335dfe12d9
2015-04-11Update verify API to return auth token blobAndres Morales
Change-Id: I853e61815458b54fb3b2f29e12a147b3b9aa3788
2015-04-10Add challenge to verify callAndres Morales
required for enrolling secondary auth form factors Change-Id: Ia3e1d47f988bca1bb1a0e713c000886e60b4e839
2015-04-08GateKeeper proxy serviceAndres Morales
Until we have SELinux support for gating access to individual TEE services, we will proxy TEE requests to GateKeeper via this daemon. Change-Id: Ifa316b75f75bff79bdae613a112c8c3c2e7189a8