All aidl_interface modules should by default considered as stable, in
case it is used across system and vendor partitions, or across modules.
Like other API surfaces, we need to have a dump for the current
(yet-to-be-released) version and update it when there is an API change.
This is done via .
Then the owner of the interface can freeze the current version as a
numbered version via .
This change shal be rejected only when the owner is certain that the
interface is not used across the updatable boundaries.
Bug: 152655547
Test: m
Change-Id: If899eb8ea77a20b0c097c61abe5bdab64cd6f487
Instead of reading into a std::string, read directly into the std::vector of bytes
This saves a copy and reduces memory overhead slightly.
Test: atest VtsHalRebootEscrowTargetTest
Bug: 148177693
Change-Id: I4dfe552f21394fb0891858b34a481b489dc3c684
To allow vendors to have different names for their devices, read the
device name from a system property.
Test: atest VtsHalRebootEscrowTargetTest
Bug: 146400078
Change-Id: I93f37e14139532ab192795dcad27c586545a1bc4
We now allow this device to change names to accomodate other board
types that use pmem. Setting this in the HAL .rc file now causes
SELinux errors on those platforms.
Switch to using the ueventd.rc method to avoid this SELinux problem.
Bug: 63928581
Bug: 146400078
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: If5b83c087810f52fef4039748e9015a5f95f2f2a
This HAL is optional, so we should skip devices that do not have it implemented
instead of failing the test.
Bug: 143695053
Bug: 63928581
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: Idaabdbe621cca0b8896377cef6f561b106ea252c
In order to provide a more descriptive name, and to be consistent
with HIDL, the stable AIDL package names are switching from
vintf-rebootescrow format to the package format
(android.hardware.rebootescrow).
Bug: N/A
Test: all build time
Change-Id: Ibb116e76761b751515d95ee8e515a6f7b97bb8d0
Applies to the default implementation and VTS tests. The AIDL is still
managed by API review council.
Test: No functional change
Change-Id: Icb2d9182c1b3376d6b46b467388785e7180db1e9
Stripe together the encodings from each of the 16 codewords, so that
if a 512-byte DRAM line is knocked out, it affects 256 bits from each
codeword rather than 4096 bits from a single encoded codeword.
Rather than using std::bitset, we directly set and read bits in
the std::vector<uint8_t>, because the striping means that copying it
will now cost not4k in allocation but 64k.
Decode directly to a word, without using list decoding. It seems
we don't need list decoding for the error rates that matter here,
and we never completed the implementation of it anyway.
Declare and test only the full interface, now that it doesn't decompose
quite so neatly.
Bug: 63928581
Test: atest HadamardTest
Change-Id: If022d3f4a8d6fccdf68119d4666f83ce5005bccb
A default implementation of the RebootEscrow HAL which relies on RAM
retention to keep a key around during a reboot to apply an OTA. This
should work on devices that use a "warm reboot" and most likely will
work on devices that use a "cold reboot" as well.
DRAM will retain information for several seconds depending on the
temperature and other factors. This is enough to survive a reboot. With
the Hadamard code used in this change for error recovery, many errors
can be recovered.
Bug: 63928581
Test: make
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: Ib8db7888d64fee8d827d7c06892b9a1f2af87add
Add the utility functions to encode & decode 32 bytes keys. The
hadamard encoding will expand a 2 bytes word to 2^15 bits. And thus the
32 byte key will expand to 64KiB in space. The encoded value is more
robust and we will be able to recover the key even if there is some
corruption.
Test: unittest pass
Change-Id: Iae8a28a8c7c1699f8641f9250f0eccde5c2ff138
This adds a HAL interface for escrowing a key over reboot during an OTA
that will unlock the Synthetic Password when the OTA has completed
successfully.
Bug: 63928581
Test: make
Test: atest VtsHalRebootEscrowTargetTest
Change-Id: I8485f3821157e67b6651f4fe425e46cb4499c710