Commit graph

17 commits

Author SHA1 Message Date
Jiyong Park
640d9b8df4 Update the current API dump
All aidl_interface modules should by default considered as stable, in
case it is used across system and vendor partitions, or across modules.
Like other API surfaces, we need to have a dump for the current
(yet-to-be-released) version and update it when there is an API change.
This is done via .

Then the owner of the interface can freeze the current version as a
numbered version via .

This change shal be rejected only when the owner is certain that the
interface is not used across the updatable boundaries.

Bug: 152655547
Test: m
Change-Id: If899eb8ea77a20b0c097c61abe5bdab64cd6f487
2020-03-30 14:59:58 +09:00
Paul Crowley
f06684acab Use a constant-time MAX function
Bug: 146520538
Test: atest HadamardTest
Change-Id: Ife1012c14d697141e6ee0c583dc32eaacdb72b73
Merged-In: Ife1012c14d697141e6ee0c583dc32eaacdb72b73
(cherry picked from commit b0d2062abe)
2020-03-13 15:22:23 +00:00
Kenny Root
08018dd925 rebootescrow: eliminate copy during read
Instead of reading into a std::string, read directly into the std::vector of bytes
This saves a copy and reduces memory overhead slightly.

Test: atest VtsHalRebootEscrowTargetTest
Bug: 148177693
Change-Id: I4dfe552f21394fb0891858b34a481b489dc3c684
2020-02-01 11:29:28 -08:00
Kenny Root
7e6f5f97c2 rebootescrow: use property to find device
To allow vendors to have different names for their devices, read the
device name from a system property.

Test: atest VtsHalRebootEscrowTargetTest
Bug: 146400078
Change-Id: I93f37e14139532ab192795dcad27c586545a1bc4
2020-01-28 10:14:04 -08:00
Kenny Root
21e45434ef Resume-on-Reboot: use uevent to chown
We now allow this device to change names to accomodate other board
types that use pmem. Setting this in the HAL .rc file now causes
SELinux errors on those platforms.

Switch to using the ueventd.rc method to avoid this SELinux problem.

Bug: 63928581
Bug: 146400078
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: If5b83c087810f52fef4039748e9015a5f95f2f2a
2020-01-27 08:58:22 -08:00
Kenny Root
2d5d12860c rebootescrow: skip testing unsupported devices
This HAL is optional, so we should skip devices that do not have it implemented
instead of failing the test.

Bug: 143695053
Bug: 63928581
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: Idaabdbe621cca0b8896377cef6f561b106ea252c
2020-01-21 12:10:23 -08:00
Steven Moreland
f53015c836 Merge changes from topics "vintf-rebootescrow", "vintf-vibrator"
* changes:
  vibrator: use package as name
  rebootescrow: use package as name
2020-01-07 02:19:06 +00:00
Steven Moreland
82cd11cc94 rebootescrow: use package as name
In order to provide a more descriptive name, and to be consistent
with HIDL, the stable AIDL package names are switching from
vintf-rebootescrow format to the package format
(android.hardware.rebootescrow).

Bug: N/A
Test: all build time
Change-Id: Ibb116e76761b751515d95ee8e515a6f7b97bb8d0
2020-01-06 13:21:52 -08:00
TreeHugger Robot
8c7062f56d Merge "Add owners file for rebootescrow" 2020-01-06 19:47:52 +00:00
Kenny Root
e85edb9067 Add owners file for rebootescrow
Applies to the default implementation and VTS tests. The AIDL is still
managed by API review council.

Test: No functional change
Change-Id: Icb2d9182c1b3376d6b46b467388785e7180db1e9
2020-01-06 10:41:53 -08:00
Paul Crowley
0080bde5fa Speed up encoding
Bug: 63928581
Test: atest HadamardTest
Change-Id: I1e37a9559892288f76e69fe81a746b77e2bf7495
2019-12-23 21:40:18 -08:00
Paul Crowley
53c005ff34 Shuffle the encoding to prevent systematic errors
Bug: 63928581
Test: atest HadamardTest
Change-Id: Ide8ead4bf5efa629c631df52249cbb322265cc8c
2019-12-23 12:16:31 -08:00
Paul Crowley
b6ed52a194 Merge "Transpose the encoding matrix" 2019-12-21 17:42:45 +00:00
Paul Crowley
c675b182b3 Transpose the encoding matrix
Stripe together the encodings from each of the 16 codewords, so that
if a 512-byte DRAM line is knocked out, it affects 256 bits from each
codeword rather than 4096 bits from a single encoded codeword.

Rather than using std::bitset, we directly set and read bits in
the std::vector<uint8_t>, because the striping means that copying it
will now cost not4k in allocation but 64k.

Decode directly to a word, without using list decoding. It seems
we don't need list decoding for the error rates that matter here,
and we never completed the implementation of it anyway.

Declare and test only the full interface, now that it doesn't decompose
quite so neatly.

Bug: 63928581
Test: atest HadamardTest
Change-Id: If022d3f4a8d6fccdf68119d4666f83ce5005bccb
2019-12-20 12:03:21 -08:00
Kenny Root
d0c4f2bb40 Resume on Reboot default implementation
A default implementation of the RebootEscrow HAL which relies on RAM
retention to keep a key around during a reboot to apply an OTA. This
should work on devices that use a "warm reboot" and most likely will
work on devices that use a "cold reboot" as well.

DRAM will retain information for several seconds depending on the
temperature and other factors. This is enough to survive a reboot. With
the Hadamard code used in this change for error recovery, many errors
can be recovered.

Bug: 63928581
Test: make
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: Ib8db7888d64fee8d827d7c06892b9a1f2af87add
2019-12-19 09:59:40 -08:00
Tianjie Xu
a0a12cfcf2 Add hadamard utilities to encode keys
Add the utility functions to encode & decode 32 bytes keys. The
hadamard encoding will expand a 2 bytes word to 2^15 bits. And thus the
32 byte key will expand to 64KiB in space. The encoded value is more
robust and we will be able to recover the key even if there is some
corruption.

Test: unittest pass
Change-Id: Iae8a28a8c7c1699f8641f9250f0eccde5c2ff138
2019-12-18 22:45:54 -08:00
Kenny Root
4fba44c159 HAL for Resume on Reboot
This adds a HAL interface for escrowing a key over reboot during an OTA
that will unlock the Synthetic Password when the OTA has completed
successfully.

Bug: 63928581
Test: make
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: I8485f3821157e67b6651f4fe425e46cb4499c710
2019-12-16 18:55:29 -08:00