In order to provide a more descriptive name, and to be consistent
with HIDL, the stable AIDL package names are switching from
vintf-rebootescrow format to the package format
(android.hardware.rebootescrow).
Bug: N/A
Test: all build time
Change-Id: Ibb116e76761b751515d95ee8e515a6f7b97bb8d0
Applies to the default implementation and VTS tests. The AIDL is still
managed by API review council.
Test: No functional change
Change-Id: Icb2d9182c1b3376d6b46b467388785e7180db1e9
Stripe together the encodings from each of the 16 codewords, so that
if a 512-byte DRAM line is knocked out, it affects 256 bits from each
codeword rather than 4096 bits from a single encoded codeword.
Rather than using std::bitset, we directly set and read bits in
the std::vector<uint8_t>, because the striping means that copying it
will now cost not4k in allocation but 64k.
Decode directly to a word, without using list decoding. It seems
we don't need list decoding for the error rates that matter here,
and we never completed the implementation of it anyway.
Declare and test only the full interface, now that it doesn't decompose
quite so neatly.
Bug: 63928581
Test: atest HadamardTest
Change-Id: If022d3f4a8d6fccdf68119d4666f83ce5005bccb
A default implementation of the RebootEscrow HAL which relies on RAM
retention to keep a key around during a reboot to apply an OTA. This
should work on devices that use a "warm reboot" and most likely will
work on devices that use a "cold reboot" as well.
DRAM will retain information for several seconds depending on the
temperature and other factors. This is enough to survive a reboot. With
the Hadamard code used in this change for error recovery, many errors
can be recovered.
Bug: 63928581
Test: make
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: Ib8db7888d64fee8d827d7c06892b9a1f2af87add
Add the utility functions to encode & decode 32 bytes keys. The
hadamard encoding will expand a 2 bytes word to 2^15 bits. And thus the
32 byte key will expand to 64KiB in space. The encoded value is more
robust and we will be able to recover the key even if there is some
corruption.
Test: unittest pass
Change-Id: Iae8a28a8c7c1699f8641f9250f0eccde5c2ff138
This adds a HAL interface for escrowing a key over reboot during an OTA
that will unlock the Synthetic Password when the OTA has completed
successfully.
Bug: 63928581
Test: make
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: I8485f3821157e67b6651f4fe425e46cb4499c710