keymaster|gatekeeper: come back to GP 1.1 compatibility
Keymaster/Gatekeeper TA source code has been updated to be compliant with GP 1.3
However we discovered a regression on Android 14, after a reboot the device is stuck and doesn't boot to UI with the following errors in logcat:
I/LockSettingsService: Unwrapping synthetic password for unsecured user 0
...
E/SyntheticPasswordCrypto: Failed to decrypt
E/SyntheticPasswordCrypto: javax.crypto.AEADBadTagException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT
E/SyntheticPasswordCrypto: at java.lang.reflect.Constructor.newInstance0(Native Method)
E/SyntheticPasswordCrypto: at java.lang.reflect.Constructor.newInstance(Constructor.java:343)
E/SyntheticPasswordCrypto: at com.android.org.conscrypt.OpenSSLAeadCipher.throwAEADBadTagExceptionIfAvailable(OpenSSLAeadCipher.java:320)
E/SyntheticPasswordCrypto: at com.android.org.conscrypt.OpenSSLAeadCipher.doFinalInternal(OpenSSLAeadCipher.java:371)
E/SyntheticPasswordCrypto: at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:374)
E/SyntheticPasswordCrypto: at javax.crypto.Cipher.doFinal(Cipher.java:2074)
E/SyntheticPasswordCrypto: at com.android.server.locksettings.SyntheticPasswordCrypto.decrypt(SyntheticPasswordCrypto.java:74)
E/SyntheticPasswordCrypto: at com.android.server.locksettings.SyntheticPasswordCrypto.decrypt(SyntheticPasswordCrypto.java:120)
E/SyntheticPasswordCrypto: at com.android.server.locksettings.SyntheticPasswordCrypto.decryptBlob(SyntheticPasswordCrypto.java:179)
E/SyntheticPasswordCrypto: at com.android.server.locksettings.SyntheticPasswordManager.decryptSpBlob(SyntheticPasswordManager.java:1895)
E/SyntheticPasswordCrypto: at com.android.server.locksettings.SyntheticPasswordManager.unwrapSyntheticPasswordBlob(SyntheticPasswordManager.java:1641)
E/SyntheticPasswordCrypto: at com.android.server.locksettings.SyntheticPasswordManager.unlockLskfBasedProtector(SyntheticPasswordManager.java:1492)
E/SyntheticPasswordCrypto: at com.android.server.locksettings.LockSettingsService.unlockUserKeyIfUnsecured(LockSettingsService.java:2176)
E/SyntheticPasswordCrypto: at com.android.internal.widget.LockPatternUtils.unlockUserKeyIfUnsecured(LockPatternUtils.java:1987)
E/SyntheticPasswordCrypto: at com.android.server.am.UserController.maybeUnlockUser(UserController.java:1999)
E/SyntheticPasswordCrypto: at com.android.server.am.UserController.maybeUnlockUser(UserController.java:1971)
E/SyntheticPasswordCrypto: at com.android.server.am.UserController.finishUserBoot(UserController.java:634)
E/SyntheticPasswordCrypto: at com.android.server.am.UserController.onBootComplete(UserController.java:2745)
E/SyntheticPasswordCrypto: at com.android.server.am.ActivityManagerService.finishBooting(ActivityManagerService.java:5223)
E/SyntheticPasswordCrypto: at com.android.server.am.ActivityManagerService.bootAnimationComplete(ActivityManagerService.java:5325)
E/SyntheticPasswordCrypto: at com.android.server.wm.WindowManagerService.performEnableScreen(WindowManagerService.java:3811)
E/SyntheticPasswordCrypto: at com.android.server.wm.WindowManagerService.-$$Nest$mperformEnableScreen(WindowManagerService.java:0)
E/SyntheticPasswordCrypto: at com.android.server.wm.WindowManagerService$H.handleMessage(WindowManagerService.java:5699)
E/SyntheticPasswordCrypto: at android.os.Handler.dispatchMessage(Handler.java:107)
E/SyntheticPasswordCrypto: at android.os.Looper.loopOnce(Looper.java:232)
E/SyntheticPasswordCrypto: at android.os.Looper.loop(Looper.java:317)
E/SyntheticPasswordCrypto: at android.os.HandlerThread.run(HandlerThread.java:85)
E/SyntheticPasswordCrypto: at com.android.server.ServiceThread.run(ServiceThread.java:46)
E/SyntheticPasswordManager: Fail to decrypt SP for user 0
W/system_server: Long monitor contention with owner android.display (9096) at void com.android.server.am.ActivityManagerService.finishBooting()(ActivityManagerService.java:5241) waiters=0 in void com.android.server.am.BroadcastQueueModernImpl.updateRunningList() for 313ms
E/AndroidRuntime: *** FATAL EXCEPTION IN SYSTEM PROCESS: android.display
E/AndroidRuntime: java.lang.NullPointerException: Attempt to invoke virtual method 'byte[] com.android.server.locksettings.SyntheticPasswordManager$SyntheticPassword.deriveGkPassword()' on a null object reference
E/AndroidRuntime: at com.android.server.locksettings.SyntheticPasswordManager.verifyChallenge(SyntheticPasswordManager.java:1678)
E/AndroidRuntime: at com.android.server.locksettings.SyntheticPasswordManager.unlockLskfBasedProtector(SyntheticPasswordManager.java:1496)
E/AndroidRuntime: at com.android.server.locksettings.LockSettingsService.unlockUserKeyIfUnsecured(LockSettingsService.java:2176)
E/AndroidRuntime: at com.android.internal.widget.LockPatternUtils.unlockUserKeyIfUnsecured(LockPatternUtils.java:1987)
E/AndroidRuntime: at com.android.server.am.UserController.maybeUnlockUser(UserController.java:1999)
E/AndroidRuntime: at com.android.server.am.UserController.maybeUnlockUser(UserController.java:1971)
E/AndroidRuntime: at com.android.server.am.UserController.finishUserBoot(UserController.java:634)
E/AndroidRuntime: at com.android.server.am.UserController.onBootComplete(UserController.java:2745)
E/AndroidRuntime: at com.android.server.am.ActivityManagerService.finishBooting(ActivityManagerService.java:5223)
E/AndroidRuntime: at com.android.server.am.ActivityManagerService.bootAnimationComplete(ActivityManagerService.java:5325)
E/AndroidRuntime: at com.android.server.wm.WindowManagerService.performEnableScreen(WindowManagerService.java:3811)
E/AndroidRuntime: at com.android.server.wm.WindowManagerService.-$$Nest$mperformEnableScreen(WindowManagerService.java:0)
E/AndroidRuntime: at com.android.server.wm.WindowManagerService$H.handleMessage(WindowManagerService.java:5699)
E/AndroidRuntime: at android.os.Handler.dispatchMessage(Handler.java:107)
E/AndroidRuntime: at android.os.Looper.loopOnce(Looper.java:232)
E/AndroidRuntime: at android.os.Looper.loop(Looper.java:317)
E/AndroidRuntime: at android.os.HandlerThread.run(HandlerThread.java:85)
E/AndroidRuntime: at com.android.server.ServiceThread.run(ServiceThread.java:46)Indeed OP-TEE failed to execute this operation: (AES GCM verification)
D/TA: __GP11_TA_InvokeCommandEntryPoint:1877 KM_FINISH_OPERATION
D/TA: TA_finish:1687 TA_finish 1687
D/TA: TA_deserialize_op_handle:439 TA_deserialize_op_handle 439
D/TA: TA_deserialize_blob_akms:54 TA_deserialize_blob_akms 54
D/TA: TA_deserialize_auth_set:229 TA_deserialize_auth_set 229
D/TA: TA_deserialize_auth_set:252 indirect_data_size:0
D/TA: TA_deserialize_auth_set:260 indirect_base:0x1
D/TA: TA_deserialize_auth_set:279 elem cnt:0
D/TA: TA_deserialize_auth_set:289 elem serialized size:0
D/TA: TA_deserialize_auth_set:291 param_set->length:0
D/TA: TA_deserialize_blob_akms:54 TA_deserialize_blob_akms 54
F/TC:? 0 trace_syscall:147 syscall #13 (syscall_get_time)
D/TA: TA_decrypt:221 TA_decrypt 221
D/TA: TA_execute:157 TA_execute 157 size = 344
D/TA: TA_open_secret_key:36 TA_open_secret_key 36
D/TA: TA_open_secret_key:38 Use existing masterKey
F/TC:? 0 trace_syscall:147 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #27 (syscall_cryp_obj_alloc)
F/TC:? 0 trace_syscall:147 syscall #15 (syscall_cryp_state_alloc)
F/TC:? 0 trace_syscall:147 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:147 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:147 syscall #29 (syscall_cryp_obj_reset)
F/TC:? 0 trace_syscall:147 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:147 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:147 syscall #31 (syscall_cryp_obj_copy)
F/TC:? 0 trace_syscall:147 syscall #34 (syscall_authenc_init)
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #38 (syscall_authenc_dec_final)
F/TC:? 0 trace_syscall:147 syscall #17 (syscall_cryp_state_free)
D/TA: TA_populate_key_attrs:534 padding = 4 *type = 0xa0000010
D/TA: TA_populate_key_attrs:539 AES attrs_count = 1 algorithm = 32
D/TA: TA_populate_key_attrs:565 *key_size = 256 attrs_count = 1 padding = 8
D/TA: TA_populate_key_attrs:570 i = 0 padding = 12 tag = 3221225472
D/TA: TA_populate_key_attrs:588 i = 0 padding = 20 attr_size = 32
D/TA: TA_populate_key_attrs:604 i = 0 padding = 52 attr_size = 32
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #27 (syscall_cryp_obj_alloc)
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:147 syscall #30 (syscall_cryp_obj_populate)
D/TA: TA_deserialize_param_set:336 TA_deserialize_param_set 336
D/TA: TA_deserialize_param_set:357 params->length:11
D/TA: TA_add_origin:451 TA_add_origin 451
D/TA: TA_restore_key:752 populate attrs is finished with err 0
D/TA: TA_possibe_size:176 TA_possibe_size 176
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #8 (syscall_check_access_rights)
F/TC:? 0 trace_syscall:147 syscall #38 (syscall_authenc_dec_final)
E/TA: TA_aes_finish:320 AES GCM verification failed, res=0
F/TC:? 0 trace_syscall:147 syscall #17 (syscall_cryp_state_free)
F/TC:? 0 trace_syscall:147 syscall #24 (syscall_cryp_obj_get_info)
F/TC:? 0 trace_syscall:147 syscall #28 (syscall_cryp_obj_close)
D/TA: TA_free_params:25 TA_free_params 25
D/TA: TA_free_params:25 TA_free_params 25
D/TA: TA_free_params:25 TA_free_params 25
D/TA: TA_serialize_rsp_err:479 res: -30We don't know yet the exact root cause, in the meantime let's go back to GP 1.1 compatibility.
Fixes: ef624ed2 ("keymaster: ta: use correct types for TEE_Asymmetric*")
Fixes: 1bb210de ("km: ta: update TEE_ObjectInfo to GP 1.3")