Merge "cf host: Introduce cvd_update_security_algorithm host tool" into main

8 files changed, 252 insertions, 6 deletions

diff --git a/build/Android.bp b/build/Android.bp
index eac6cdd79..fb57c2f26 100644
--- a/build/Android.bp
+++ b/build/Android.bp
@@ -146,6 +146,7 @@ cvd_host_tools = [
     "cvd_send_id_disclosure",
     "cvd_send_sms",
     "cvd_update_location",
+    "cvd_update_security_algorithm",
     "cvd_import_locations",
     "simg2img",
     "socket_vsock_proxy",
diff --git a/host/commands/cvd_update_security_algorithm/Android.bp b/host/commands/cvd_update_security_algorithm/Android.bp
new file mode 100644
index 000000000..650e5898c
--- /dev/null
+++ b/host/commands/cvd_update_security_algorithm/Android.bp
@@ -0,0 +1,61 @@
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_defaults {
+    name: "cvd_update_security_algorithm_defaults",
+    shared_libs: [
+        "libbase",
+        "libcuttlefish_fs",
+        "liblog",
+        "libcuttlefish_utils",
+        "libjsoncpp",
+    ],
+    defaults: ["cuttlefish_buildhost_only"],
+}
+
+cc_library {
+    name: "libcvd_update_security_algorithm_builder",
+    srcs: [
+        "update_security_algorithm_command_builder.cc",
+    ],
+    defaults: ["cvd_update_security_algorithm_defaults"],
+}
+
+cc_binary {
+    name: "cvd_update_security_algorithm",
+    static_libs: [
+        "libcuttlefish_host_config",
+        "libgflags",
+    ],
+    srcs: [
+        "main.cc",
+        "update_security_algorithm_command_builder.cc",
+    ],
+    defaults: ["cvd_update_security_algorithm_defaults"],
+}
+
+cc_test_host {
+    name: "cvd_update_security_algorithm_test",
+    srcs: [
+        "unittest/update_security_algorithm_command_builder_test.cc",
+    ],
+    shared_libs: [
+        "libcvd_update_security_algorithm_builder",
+    ],
+    defaults: ["cuttlefish_host", "cvd_update_security_algorithm_defaults"],
+}
diff --git a/host/commands/cvd_update_security_algorithm/main.cc b/host/commands/cvd_update_security_algorithm/main.cc
new file mode 100644
index 000000000..7fdb9a3f7
--- /dev/null
+++ b/host/commands/cvd_update_security_algorithm/main.cc
@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <string>
+
+#include <android-base/logging.h>
+#include <gflags/gflags.h>
+
+#include "common/libs/fs/shared_buf.h"
+#include "common/libs/fs/shared_fd.h"
+#include "host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.h"
+#include "host/libs/config/cuttlefish_config.h"
+
+DEFINE_int32(instance_num, cuttlefish::GetInstance(),
+             "Which instance to read the configs from");
+DEFINE_int32(modem_num, 0, "Which modem to send command to");
+DEFINE_int32(connection_event, 0,
+             "The tyoe if connection event. See "
+             "android.hardware.radio.network.ConnectionEvent");
+DEFINE_int32(encryption, 0,
+             "The encryption algorithm being used. See "
+             "android.hardware.radio.network.SecurityAlgorithm");
+DEFINE_int32(integrity, 0,
+             "The integrity algorithm being used. See "
+             "android.hardware.radio.network.SecurityAlgorithm");
+DEFINE_bool(is_unprotected_emergency, false,
+            "Whether the connection event is associated with an unprotected"
+            "emergency session");
+
+namespace cuttlefish {
+namespace {
+
+void UpdateSecurityAlgorithm(SharedFD fd) {
+  std::string command = fmt::format(
+      "REM{}{}", FLAGS_modem_num,
+      GetATCommand(FLAGS_connection_event, FLAGS_encryption, FLAGS_integrity,
+                   FLAGS_is_unprotected_emergency));
+
+  LOG(DEBUG) << "Attempting to send command: " << command;
+
+  long written = WriteAll(fd, command);
+  if (written != command.size()) {
+    LOG(FATAL) << "Failed to write data to shared fd. Tried to write "
+               << command.size() << " bytes, but only wrote " << written
+               << " bytes.";
+  }
+}
+
+int UpdateSecurityAlgorithmMain(int argc, char **argv) {
+  ::android::base::InitLogging(argv, android::base::StderrLogger);
+  google::ParseCommandLineFlags(&argc, &argv, true);
+
+  auto config = CuttlefishConfig::Get();
+  if (!config) {
+    LOG(FATAL) << "Failed to obtain config object";
+  }
+
+  auto cf_config = config->ForInstance(FLAGS_instance_num);
+  std::string socket_name =
+      fmt::format("modem_simulator{}", cf_config.modem_simulator_host_id());
+
+  LOG(INFO) << "Connecting over local socket: " << socket_name;
+  SharedFD modem_simulator_fd =
+      cuttlefish::SharedFD::SocketLocalClient(socket_name, true, SOCK_STREAM);
+
+  UpdateSecurityAlgorithm(modem_simulator_fd);
+
+  return 0;
+}
+
+}  // namespace
+}  // namespace cuttlefish
+
+int main(int argc, char **argv) {
+  return cuttlefish::UpdateSecurityAlgorithmMain(argc, argv);
+}
diff --git a/host/commands/cvd_update_security_algorithm/unittest/update_security_algorithm_command_builder_test.cc b/host/commands/cvd_update_security_algorithm/unittest/update_security_algorithm_command_builder_test.cc
new file mode 100644
index 000000000..9a776a212
--- /dev/null
+++ b/host/commands/cvd_update_security_algorithm/unittest/update_security_algorithm_command_builder_test.cc
@@ -0,0 +1,23 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.h"
+
+#include <gtest/gtest.h>
+
+TEST(CommandBuilderTest, GetATCommand) {
+  std::string serialized = cuttlefish::GetATCommand(1, 2, 3, false);
+  ASSERT_EQ("AT+UPDATESECURITYALGORITHM:1,2,3,0\r", serialized);
+}
diff --git a/host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.cc b/host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.cc
new file mode 100644
index 000000000..2afe85320
--- /dev/null
+++ b/host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.cc
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.h"
+
+#include <string>
+
+#include <fmt/format.h>
+
+namespace cuttlefish {
+
+std::string GetATCommand(int32_t connection_event, int32_t encryption,
+                         int32_t integrity, bool is_unprotected_emergency) {
+  return fmt::format("AT+UPDATESECURITYALGORITHM:{},{},{},{:d}\r",
+                     connection_event, encryption, integrity,
+                     is_unprotected_emergency);
+}
+}  // namespace cuttlefish
diff --git a/host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.h b/host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.h
new file mode 100644
index 000000000..14c8e9ae2
--- /dev/null
+++ b/host/commands/cvd_update_security_algorithm/update_security_algorithm_command_builder.h
@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <string>
+
+namespace cuttlefish {
+
+/**
+ * Constructs the AT command that updates the security algorithm that is
+ * reported by the cuttlefish RIL. The handler of the AT command will trigger
+ * unsolicited calls to
+ * aidl::android::hardware::radio::network::IRadioNetworkIndication::securityAlgorithmsUpdated.
+ */
+std::string GetATCommand(int32_t connection_event, int32_t encryption,
+                         int32_t integrity, bool is_unprotected_emergency);
+
+}  // namespace cuttlefish
diff --git a/host/commands/modem_simulator/network_service.cpp b/host/commands/modem_simulator/network_service.cpp
index 4ba631013..d0c868921 100644
--- a/host/commands/modem_simulator/network_service.cpp
+++ b/host/commands/modem_simulator/network_service.cpp
@@ -110,7 +110,13 @@ std::vector<CommandHandler> NetworkService::InitializeCommandHandlers() {
                      }),
       CommandHandler("+REMOTEIDDISCLOSURE",
                      [this](const Client& client, std::string& cmd) {
-                       this->HandleIdentifierDisclosure(client, cmd);
+                       (void)client;
+                       this->HandleIdentifierDisclosure(cmd);
+                     }),
+      CommandHandler("+UPDATESECURITYALGORITHM",
+                     [this](const Client& client, std::string& cmd) {
+                       (void)client;
+                       this->HandleSecurityAlgorithmUpdate(cmd);
                      }),
   };
   return (command_handlers);
@@ -1249,13 +1255,16 @@ void NetworkService::HandleReceiveRemoteSignal(const Client& client,
   OnSignalStrengthChanged();
 }
 
-void NetworkService::HandleIdentifierDisclosure(const Client& client,
-                                                std::string& command) {
-  (void)client;
+void NetworkService::HandleIdentifierDisclosure(const std::string& command) {
   LOG(INFO) << "Handling disclosure event: " << command;
   SendUnsolicitedCommand(command.substr(2));
 }
 
+void NetworkService::HandleSecurityAlgorithmUpdate(const std::string& command) {
+  LOG(INFO) << "Handling security algorithm update event: " << command;
+  SendUnsolicitedCommand(command.substr(2));
+}
+
 void NetworkService::OnSignalStrengthChanged() {
   SendUnsolicitedCommand(BuildCSQCommandResponse(GetCurrentSignalStrength()));
 }
diff --git a/host/commands/modem_simulator/network_service.h b/host/commands/modem_simulator/network_service.h
index f95fcebfc..7fc69dfb4 100644
--- a/host/commands/modem_simulator/network_service.h
+++ b/host/commands/modem_simulator/network_service.h
@@ -308,8 +308,8 @@ class NetworkService : public ModemService, public std::enable_shared_from_this<
 
   KeepSignalStrengthChangingLoop keep_signal_strength_changing_loop_;
 
-  void HandleIdentifierDisclosure(const Client& client,
-                                  std::string& basicString);
+  void HandleIdentifierDisclosure(const std::string& command);
+  void HandleSecurityAlgorithmUpdate(const std::string& command);
 };
 
 }  // namespace cuttlefish