tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Create secretkeeper HAL APEX" into main am: 577cc0ac9b

Browse source 
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2851666

Change-Id: I3a6eb43ac52ae53c4abfd2a074cc3ea1c8fdcfb2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Jooyung Han 2023-12-06 02:01:04 +00:00 committed by Automerger Merge Worker
commit d9e6e8b531
4 changed files with 41 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
security/secretkeeper/default/Android.bp
View file

@ -22,8 +22,8 @@ rust_binary {
name: "android.hardware.security.secretkeeper-service.nonsecure",
relative_install_path: "hw",
vendor: true,
init_rc: ["secretkeeper.rc"],
vintf_fragments: ["secretkeeper.xml"],
installable: false, // install APEX
prefer_rlib: true,
rustlibs: [
"android.hardware.security.secretkeeper-V1-rust",
"libandroid_logger",
@ -35,3 +35,34 @@ rust_binary {
"src/main.rs",
],
}
prebuilt_etc {
name: "secretkeeper.rc",
src: "secretkeeper.rc",
installable: false,
}
prebuilt_etc {
name: "secretkeeper.xml",
src: "secretkeeper.xml",
sub_dir: "vintf",
installable: false,
}
apex {
name: "com.android.hardware.security.secretkeeper",
manifest: "apex_manifest.json",
file_contexts: "apex_file_contexts",
key: "com.android.hardware.key",
certificate: ":com.android.hardware.certificate",
vendor: true,
updatable: false,
binaries: [
"android.hardware.security.secretkeeper-service.nonsecure",
],
prebuilts: [
"secretkeeper.rc",
"secretkeeper.xml",
],
}

3
security/secretkeeper/default/apex_file_contexts Normal file
View file

@ -0,0 +1,3 @@
(/.*)? u:object_r:vendor_file:s0
/etc(/.*)? u:object_r:vendor_configs_file:s0
/bin/hw/android\.hardware\.security\.secretkeeper-service\.nonsecure u:object_r:hal_secretkeeper_default_exec:s0

4
security/secretkeeper/default/apex_manifest.json Normal file
View file

@ -0,0 +1,4 @@
{
"name": "com.android.hardware.security.secretkeeper",
"version": 1
}

2
security/secretkeeper/default/secretkeeper.rc
View file

@ -1,4 +1,4 @@
service vendor.secretkeeper /vendor/bin/hw/android.hardware.security.secretkeeper-service.nonsecure
service vendor.secretkeeper /apex/com.android.hardware.security.secretkeeper/bin/hw/android.hardware.security.secretkeeper-service.nonsecure
interface aidl android.hardware.security.secretkeeper.ISecretkeeper/nonsecure
class hal
user nobody