Pass "no fixup base dirs" flag to the XInclude processor
to avoid modifications of the top-level elements from
included XML files as a result of "fixup."
Added tests to ensure that all relevant XInclude scenarios
work.
Bug: 192619060
Test: atest -host android.hardware.audio.common.test.utility_tests
Change-Id: Id595c9fd30be378d76387ee55a8937e0bf28d1cd
Merged-In: Id595c9fd30be378d76387ee55a8937e0bf28d1cd
Fix the device-unique attestation chain specification: The chain should
have two or three certificates.
In case of two certificates, the device-unique key should be used for
the self-signed root.
In case of three certificates, the device-unique key should be certified
by another key (ideally shared by all StrongBox instances from the same
manufacturer, to ease validation).
Adjust the device-unique attestation tests to accept two or three
certificates in the chain.
Additionally, the current StrongBox KeyMint implementation can not yet
generate fully-valid chains (with matching subjects and issuers), so
relax that check.
Bug: 191361618
Test: m VtsAidlKeyMintTargetTest
Change-Id: I6e6bca33ebb4af67cac8e41a39e9c305d0f1345f
There are two tags that cannot be currently removed but should be
removed in KeyMint V2. Mark them as deprecated and point to the bug
for deletion.
Bug: 183737811
Test: That it compiles.
Change-Id: I80ccaedeb777fdb249a8cb021db6628da32d6029
Get two test BCCs, then ensure that no repeated keys are found.
Bug: 192687735
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I48f86e7dfa9ab4bc6303a8d1b64ac7ca6ac76bbf
Merged-In: I48f86e7dfa9ab4bc6303a8d1b64ac7ca6ac76bbf
We need both the build fingerprint as well as the CSR when uploading
data to the APFE provisioning server. Add a utility function to format
the output as a JSON blob so that it may be easily collected in the
factory in a serialized data format, then later uploaded.
Test: libkeymint_remote_prov_support_test
Test: VtsAidlKeyMintTargetTest
Test: VtsHalRemotelyProvisionedComponentTargetTest
Bug: 191301285
Change-Id: I751c5461876d83251869539f1a395ba13cb5cf84
* changes:
CEC: Add event handler to default HdmiCec
CEC: Add implementation of setCallback method to default HdmiCec
CEC: Add implementation of addLogicalAddress method to default HdmiCec
CEC: Add implementation of getCecVersion method to default HdmiCec
CEC: Add implementation of isConnected method to default HdmiCec
CEC: Add implementation of getVendorId method to default HdmiCec
CEC: Add implementation of getPortInfo method to default HdmiCec
CEC: Add implementation of clearLogicalAddress method to default HdmiCec
CEC: Add implementation of getPhysicalAddress method to default HdmiCec
CEC: Add implementation of SendMessage method to default HdmiCec
CEC: Initialise the HAL based on default implementation
Fix Memtrack GRAPHICS type definition to also inculde
GPU-mapped DMA-BUF memory.
Clarify SMAPS_UNACCOUTNED should also include memory
mapped with VM_PFNMAP set.
Bug: 192384999
Test: N/A
Change-Id: I5370efa731bc6307e4fe9b454796361e9a1ac5eb
Data and model numbers were switched in the AIDL implementation of
canonical Device.
Bug: 190757709
Test: neuralnetworks_utils_hal_aidl_test
Change-Id: I0d95b2d436994ffc877a4e02eb31f449b983e61e
Merged-In: I0d95b2d436994ffc877a4e02eb31f449b983e61e
(cherry picked from commit 3fd4ec4706)
- Make clear that CERTIFICATE_NOT_{BEFORE,AFTER} must be specified for
generating/importing asymmetric keys.
- Fix enforcement level of Tag::UNLOCKED_DEVICE_REQUIRED.
- Fix reference to exportKey() for Tag::STORAGE_KEY to mention
convertStorageKeyToEphemeral instead.
- Mark Tag::CONFIRMATION_TOKEN as deprecated.
Test: none, comment change
Bug: 188672564
Change-Id: I68727b024f6b6743403941763aefca64e3eb091a
Include a unit test to verify the GEEK cert chain is valid.
Test: libkeymint_remote_prov_support_test
Bug: 191301285
Change-Id: Icf9cfa165fbccb24b36b03ff3ce729a7e9c44cfd
Merged-In: Icf9cfa165fbccb24b36b03ff3ce729a7e9c44cfd
This functionality will be used for the factory tooling, so we should
test it. Additionally, some new functionality will soon be added, and
it also needs to be tested.
Test: libkeymint_remote_prov_support_test
Bug: 191301285
Change-Id: I6a8798fc4b09fff1e829185a4b9e471921e5d2a9
Merged-In: I6a8798fc4b09fff1e829185a4b9e471921e5d2a9
It's possible that corrupted ciphertext decrypts just fine. e.g. the
output ends with "0x01".
However, the chances of this happening are relatively low
(roughly 1/256). Corrupt the ciphertext up to 8 times, ensuring that
the likelihood of multiple successful decryptions is so miniscule that
it's effectively impossible.
Test: Ran *PaddingCorrupted tests 50000 times
Change-Id: If40ecd7817819921c020ea9b86ada18c4c77ea55
When WAKEUP is set to false, HAL does not wake up the system
upon receiving <Image View On> or <Text View On> messages.
Bug: 185434120
Test: manual
Change-Id: Iaf98020decc887f04b02da480adc70b76189b66d
Per defined by compatibility matrixes, the tetheroffload
1.0 hardware is optional. But the tests failed if there
is no tetheroffload 1.0 hardware.
This is a regression during refactoring of the tests.
Test: atest VtsHalTetheroffloadControlV1_0TargetTest
Bug: 176057664
Change-Id: If54151beb3355b049b3f892f45c079cd5170d146
This will prevent the interface from being updated with aidl-freeze-api.
As the interface is for testing purpose, we really don't need to keep
the latest ToT version and the latest stable version to be the same.
Exempt that by adding the owner field to the interface.
Bug: 188713899
Bug: 190577319
Test: m
Change-Id: I9a670f763c8f31f7c847f8ba8d4706efa075285e
(cherry picked from commit ad0bed60e9)
Merged-In: I9a670f763c8f31f7c847f8ba8d4706efa075285e
writepid command usage to join a cgroup has been deprecated in favor
of a more flexible approach using task_profiles. This way cgroup path
is not hardcoded and cgroup changes can be easily made. Replace
writepid with task_profiles command to migrate between cgroups.
Bug: 191283136
Test: build and boot
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I249ecc45a001a69d73b06b77154f9b6e5f9964d9
This flag is never used anywhere, so just remove it. When used, it would
bypass signature checks. This is something we generally don't want to
do, even in testing. So remove the flag so there's no temptation to use
it.
Bug: 190942528
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I0433c1eedc08e9a5a5ad71347154867dba61689e
Merged-In: I0433c1eedc08e9a5a5ad71347154867dba61689e
Also add a new libeic_test binary which has a regression test for this
vulnerability.
Bug: 190757775
Test: atest libeic_test
Test: atest VtsHalIdentityTargetTest
Test: atest CtsIdentityTestCases
Merged-In: I8344655c59930d6bf1baa4e0f8d0f60e4fc9e48d
Change-Id: I8344655c59930d6bf1baa4e0f8d0f60e4fc9e48d
