Commit graph

122 commits

Author SHA1 Message Date
Tri Vo
025b7f3cd8 Implement getHardwareInfo() in Trusty KM TA
Bug: 253109915
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I579d563759a3af97100da95dab6a99ca52d0b384
2022-10-12 10:35:49 -07:00
Inseob Kim
ed673496c2 Explicitly install RemoteProvisioner for keymint
This is effectively a no-op change; both packages are installed.
However, removing required and moving it to PRODUCT_PACKAGES cuts the
dependency from vendor modules to system-ext modules. This is needed for
vendor-only build test.

Test: build and see both packages are installed
Change-Id: I6620020a1eccfab08594c9be3b298611bd237f1d
2022-09-16 20:54:03 +09:00
Shawn Willden
396bc3f964 Implement GetRootOfTrust
Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: I8485360f253ca20f008c5df5090e79c1781fbb4f
2022-06-07 13:19:23 -06:00
David Drysdale
37a8ac1d45 KeyMint HAL: pass auth token on updateAad
Bug: 230716629
Test: CtsVerifier with aosp/2077898 included
Change-Id: I2ba275718ef7ce6cc701ac2eb4a122639d7a4351
2022-05-18 11:12:01 +01:00
Florian Mayer
78bf3beb49 Promote tests to HWASan presubmit.
Change-Id: I55711f80c4ea870a78e7971fe133f096dac9ef1a
2022-05-03 19:40:36 +00:00
Anis Assi
5f43e61fef Adding trong@google.com as fuzzer owner for trusty fuzzers
Bug: 221891733
Change-Id: I41895ffbd6d65f9f3de90088c5f0b9ba2f3210d4
2022-04-18 20:42:10 +00:00
Florian Mayer
14deb086bf Add keymint to hwasan-postsubmit
Test: Run tests under HWASan.
Bug: 193568145
Change-Id: Ica324e3eb495bc3c95ae9f892c744a3204d2d072
2022-03-18 23:01:32 +00:00
Tri Vo
7aeb43ecfc trusty: set_attestation_key: Provision device IDs
Bug: 221128605
Test: /vendor/bin/trusty_keymaster_set_attestation_key /vendor/etc/keymaster_soft_attestation_keys.xml
Change-Id: Iabe2162a7d50f16c966f16ca2eda5a7651779848
2022-03-17 17:49:35 -07:00
David Drysdale
b99ace4af1 Merge "Include correct authorization_set.h header" 2022-03-01 10:31:26 +00:00
Treehugger Robot
8e4b2bfd5b Merge "Update to KeyMint & iRPC v2" 2022-02-28 21:46:00 +00:00
Shawn Willden
0485712141 Update to KeyMint & iRPC v2
Bug: 221390931
Test: run vts -m vts_treble_vintf_vendor_test
Change-Id: I1749439700f78433d31b52067edb32a031cc8777
2022-02-28 09:35:43 -07:00
Tri Vo
96686aaf60 Merge "Bumping the HAL client version." 2022-02-25 18:03:20 +00:00
Shawn Willden
0f89bc1270 Provide alternate SE RoT provisioning path.
On some devices it is infeasible to provision the KeyMint RoT bits in
the Android Bootloader.  This provides an alternate path to provision
them from the TEE during early boot.

Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: Ibae9050b9a102dad3710f9495d3dfa43fa1d1b3f
Merged-In: Ibae9050b9a102dad3710f9495d3dfa43fa1d1b3f
2022-02-22 23:51:15 -07:00
David Drysdale
74f763961a Include correct authorization_set.h header
Bug: 206470603
Test: TreeHugger
Change-Id: I748660d45a539c9e2c2e13605d1d4f61b1b2fb5e
2022-02-23 06:27:16 +00:00
Max Bires
b6179f25be Bumping the HAL client version.
This CL bumps the reported version for Trusty's
IRemotelyProvisionedComponent HAL interface for KeyMint. It also adds
the uniqueId field added to the RpcHardwareInfo in version 2.

Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I336ec7cd12ca2ea3b836601ebe0ca400524b8ca4
2022-02-15 02:24:04 +00:00
David Drysdale
37514bb907 Report Trusty KeyMint as KmVersion::KEYMINT_2
Bug: 194358913
Test: TreeHugger, VtsAidlKeyMintTargetTest
Change-Id: Ic5e321c739a66a384907539a339511e5418e9c6a
2021-12-15 12:02:06 +00:00
David Drysdale
c5b7d179c2 Depend on KeyMint HAL via default
This allows for easier bumping of the KeyMint version level.

At the moment this change should have no effect: the same dependency
is used, just reached via a default rather than explicitly.

However, when the KeyMint version increases in the near future, using
this default should mean that no change is needed here: the default
definition will change to -V2 and this will be referenced here.

Test: TreeHugger
Change-Id: Ic250e5b91ee2b48cd7a05783ce21af16ae330ed1
2021-12-02 08:16:25 +00:00
David Drysdale
fcf3fc08e4 KeyMint: don't mix Binder and std shared pointers
Bug: 203871378
Test: VtsAidlKeyMintTargetTest, TreeHugger
Change-Id: I8671342939af2bbdef643be9ce81b0bb9e7ae1a9
2021-10-28 15:39:34 +01:00
Marco Nelissen
3e923cd527 Fix 32-bit build
Bug: None
Test: build
Change-Id: Id1a9c2bd4526750eca9b85896d0e90eed58b8f51
2021-10-20 10:11:52 -07:00
Marco Nelissen
08fec49a3b Log if keymaster IPC takes too long
Bug: None
Test: run with very low timeout and verify it logs
Change-Id: I2818683f65c2191518373609c6171c056de55a9a
2021-10-20 07:51:05 -07:00
Jim Blackler
fc6e3d3de9 Revert "Delete KM1"
Revert "Delete KM1"

Revert "Delete KM1"

Revert "Delete KM1"

Revert "Delete KM1"

Revert "Delete KM1"

Revert submission 1844016-delkm1

Reason for revert: b/202675261
Reverted Changes:
Iba996962b:Delete KM1
Ia4c5359cd:Delete KM1
Iee6ec9816:Delete KM1
I6058e4d86:Delete KM1
I8abb9c570:Delete KM1
I9c4dc5c9e:Delete KM1

Change-Id: Ic347b5f9d5e9c372f0ddb05feeeb05abe43d5873
2021-10-11 13:38:59 +00:00
Shawn Willden
37ea3972a7 Delete KM1
Test: Build
Change-Id: Ia4c5359cdf7dfd0ae6569d21ed427fbaa2f2e169
2021-10-07 20:25:26 -06:00
Max Bires
b688b38666 Make RemoteProvisioner required for KeyMint cc_bin
This change adds the RPK apk back into the image for Trusty Keymint
devices, though the functionality will still be disabled by the
server check-in for now.

Ignore-AOSP-First: Will be CP'ed to AOSP
Bug: 194509629
Test: atest RemoteProvisionerUnitTests
Change-Id: Ic20ca119bd9c0614f7559b24ad60718c813a0cca
2021-08-26 00:31:44 -07:00
Janis Danisevskis
5b4b52126e Handle long responses by keymint IPC.
The KeyMint TA may send responses that are longer thant the 8K buffer
that the KeyMint HAL holds. This patch introduces
trusty_keymaster_call_2 which can grow the receive buffer on demand.

Bug: 195622501
Test: VTS and CTS test for regression testing.
Change-Id: Ia06e590e547e649ca81cda9a71851f334970788f
Merged-In: Ia06e590e547e649ca81cda9a71851f334970788f
2021-08-12 19:21:11 +00:00
Jiyong Park
1486987d34 Remove ndk_platform backend. Use the ndk backend.
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same 'ndk' backend.

Bug: 161456198
Test: m
Change-Id: I7e60ee840fd64f9e36bafa8baea19daab9c15cea
2021-07-27 12:19:00 +09:00
David Drysdale
e7697d7101 TrustyKeyMint: support boot, vendor patchlevels
- Invoke TrustyKeymaster::ConfigureVendorPatchlevel() from
   remote keymint Initialize(), using vendor patchlevel retrieved
   from property.
 - Add TrustyKeymaster::ConfigureVendorPatchlevel() method to
   send the CONFIGURE_VENDOR_PATCHLEVEL message.
 - Add message type values for
   CONFIGURE_{VENDOR,BOOT}_PATCHLEVEL messages.

Test: pending device availability
Change-Id: Ie42345112b08ef9c669535cef2de60ea77da15b4
2021-07-21 16:26:32 +01:00
Max Bires
a9362a4e60 Splitting out Trusty IPC into a library.
This allows the relevant IPC code to be included in the provisioner tool
easily as it's shuffled over into a non-AOSP component due to
chip specific requirements in provisioning Device IDs.

Bug: 178796950
Test: Stuff builds
Merged-In: I57482e89035e8648544f87291ec14c6aece09bd0
Change-Id: I57482e89035e8648544f87291ec14c6aece09bd0
2021-07-15 16:17:59 +01:00
Max Bires
95b5b04872 Client side implementation of Trusty IRPC HAL
This change includes the code necessary to communicate to the
IRemotelyProvisionedComponent backend implementation running in Trusty.
It also makes the relevant changes to the manifest XML file to add the
IRemotelyProvisionedComponent HAL.

Bug: 192228022
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I32c30ce2dc44e95ff91574ce405f10e3b5dc9699
Merged-In: I32c30ce2dc44e95ff91574ce405f10e3b5dc9699
2021-07-08 03:00:51 +00:00
Janis Danisevskis
b24f12226a Forward HAT and ConfirmationToken to TA on finish.
The Trusty KeyMint HAL did not forward auth tokens and confirmation
tokens to the TA. This broke all per-op-bound key operations.

Test: CtsVerifier biometrics tests.
Bug: 192201272
Merged-In: Ifb2b08514acab78ff3d4fec4bc928260820d4ce0
Change-Id: Ifb2b08514acab78ff3d4fec4bc928260820d4ce0
2021-07-01 15:17:32 -07:00
Shawn Willden
fed81d8e41 Add TrustyKeyMintDevice
Bug: 177729159
Test: Not testable until more CLs land
Merged-In: Iea4e70bb5b4ce051492f2e42d2e0d219d088388e
Change-Id: Iea4e70bb5b4ce051492f2e42d2e0d219d088388e
2021-06-18 07:11:36 -06:00
Tri Vo
123c038e1a trusty: Fuzz keymaster TA using generic TIPC fuzzer
Bug: 171750250
Test: trusty_keymaster_fuzzer
Change-Id: I94a1cc28276d198f698906212a8a5d15ac07ae1e
2021-02-27 14:09:06 -08:00
Tri Vo
e3cdd2945a Merge "trusty: Add keymaster fuzzer corpus" 2021-02-25 23:18:08 +00:00
Stephen Crane
885295f070 trusty: Add keymaster fuzzer corpus
Add an initial corpus for the keymaster fuzzer derived from running the
keystore2 unittests.

Test: adb shell "cd /data/fuzz/arm64/trusty_keymaster_fuzzer/ && ./trusty_keymaster_fuzzer corpus"
Bug: 175918322
Change-Id: I839bb9bacee1800cf2da25aedbb4ce3eccf16cba
2021-02-24 15:34:35 -08:00
Bob Badour
d69ad69a93 [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  bootstat/Android.bp
  cli-test/Android.bp
  code_coverage/Android.bp
  cpio/Android.bp
  debuggerd/crasher/Android.bp
  debuggerd/proto/Android.bp
  diagnose_usb/Android.bp
  fs_mgr/libdm/Android.bp
  fs_mgr/libfiemap/Android.bp
  fs_mgr/liblp/Android.bp
  fs_mgr/libsnapshot/Android.bp
  fs_mgr/libstorage_literals/Android.bp
  fs_mgr/libvbmeta/Android.bp
  fs_mgr/tests/Android.bp
  fs_mgr/tools/Android.bp
  gatekeeperd/Android.bp
  healthd/Android.bp
  healthd/testdata/Android.bp
  init/Android.bp
  init/Android.mk
  init/sysprop/Android.bp
  init/test_kill_services/Android.bp
  init/test_service/Android.bp
  libappfuse/Android.bp
  libasyncio/Android.bp
  libbinderwrapper/Android.bp
  libcrypto_utils/Android.bp
  libcrypto_utils/tests/Android.bp
  libdiskconfig/Android.bp
  libgrallocusage/Android.bp
  libkeyutils/mini_keyctl/Android.bp
  libmodprobe/Android.bp
  libnetutils/Android.bp
  libpackagelistparser/Android.bp
  libprocessgroup/Android.bp
  libprocessgroup/cgrouprc/Android.bp
  libprocessgroup/cgrouprc_format/Android.bp
  libprocessgroup/profiles/Android.bp
  libprocessgroup/setup/Android.bp
  libqtaguid/Android.bp
  libsparse/Android.bp
  libstats/push_compat/Android.bp
  libsuspend/Android.bp
  libsync/Android.bp
  libsystem/Android.bp
  libsysutils/Android.bp
  libusbhost/Android.bp
  libutils/Android.bp
  libvndksupport/Android.bp
  libvndksupport/tests/Android.bp
  llkd/Android.bp
  llkd/tests/Android.bp
  property_service/libpropertyinfoparser/Android.bp
  property_service/libpropertyinfoserializer/Android.bp
  property_service/property_info_checker/Android.bp
  qemu_pipe/Android.bp
  reboot/Android.bp
  rootdir/Android.bp
  rootdir/Android.mk
  rootdir/avb/Android.bp
  rootdir/avb/Android.mk
  run-as/Android.bp
  sdcard/Android.bp
  set-verity-state/Android.bp
  shell_and_utilities/Android.bp
  storaged/Android.bp
  toolbox/Android.bp
  trusty/apploader/Android.bp
  trusty/confirmationui/Android.bp
  trusty/confirmationui/fuzz/Android.bp
  trusty/coverage/Android.bp
  trusty/fuzz/Android.bp
  trusty/fuzz/test/Android.bp
  trusty/gatekeeper/Android.bp
  trusty/gatekeeper/fuzz/Android.bp
  trusty/keymaster/Android.bp
  trusty/keymaster/fuzz/Android.bp
  trusty/libtrusty/Android.bp
  trusty/libtrusty/tipc-test/Android.bp
  trusty/secure_dpu/Android.bp
  trusty/storage/interface/Android.bp
  trusty/storage/lib/Android.bp
  trusty/storage/proxy/Android.bp
  trusty/storage/tests/Android.bp
  trusty/utils/spiproxyd/Android.bp
  trusty/utils/trusty-ut-ctrl/Android.bp
  usbd/Android.bp
  watchdogd/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  debuggerd/Android.bp
  fastboot/Android.bp
  libkeyutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT
to:
  libcutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
  fs_mgr/Android.bp
  fs_mgr/libfs_avb/Android.bp
  trusty/Android.bp
  trusty/utils/rpmb_dev/Android.bp

Added SPDX-license-identifier-BSD
to:
  fastboot/fuzzy_fastboot/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: Id740a7d2884556081fdb68876584b25eb95e1bef
2021-02-19 12:59:05 -08:00
Elliott Hughes
c3a206ccda Revert "[LSC] Add LOCAL_LICENSE_KINDS to system/core"
This reverts commit 187b7d1950.

Reason for revert: system/core is multiple projects, not one.

Change-Id: I790ea41741f8cd9b8b6db2f59a49e71fb0958fd6
2021-02-16 20:01:20 +00:00
Bob Badour
187b7d1950 [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  bootstat/Android.bp
  cli-test/Android.bp
  code_coverage/Android.bp
  cpio/Android.bp
  debuggerd/crasher/Android.bp
  debuggerd/proto/Android.bp
  diagnose_usb/Android.bp
  fs_mgr/libdm/Android.bp
  fs_mgr/libfiemap/Android.bp
  fs_mgr/liblp/Android.bp
  fs_mgr/libsnapshot/Android.bp
  fs_mgr/libstorage_literals/Android.bp
  fs_mgr/libvbmeta/Android.bp
  fs_mgr/tests/Android.bp
  fs_mgr/tools/Android.bp
  gatekeeperd/Android.bp
  healthd/Android.bp
  healthd/testdata/Android.bp
  init/Android.bp
  init/Android.mk
  init/sysprop/Android.bp
  init/test_kill_services/Android.bp
  init/test_service/Android.bp
  libappfuse/Android.bp
  libasyncio/Android.bp
  libbinderwrapper/Android.bp
  libcrypto_utils/Android.bp
  libcrypto_utils/tests/Android.bp
  libdiskconfig/Android.bp
  libgrallocusage/Android.bp
  libkeyutils/mini_keyctl/Android.bp
  libmodprobe/Android.bp
  libnetutils/Android.bp
  libpackagelistparser/Android.bp
  libprocessgroup/Android.bp
  libprocessgroup/cgrouprc/Android.bp
  libprocessgroup/cgrouprc_format/Android.bp
  libprocessgroup/profiles/Android.bp
  libprocessgroup/setup/Android.bp
  libqtaguid/Android.bp
  libsparse/Android.bp
  libstats/push_compat/Android.bp
  libsuspend/Android.bp
  libsync/Android.bp
  libsystem/Android.bp
  libsysutils/Android.bp
  libusbhost/Android.bp
  libutils/Android.bp
  libvndksupport/Android.bp
  libvndksupport/tests/Android.bp
  llkd/Android.bp
  llkd/tests/Android.bp
  property_service/libpropertyinfoparser/Android.bp
  property_service/libpropertyinfoserializer/Android.bp
  property_service/property_info_checker/Android.bp
  qemu_pipe/Android.bp
  reboot/Android.bp
  rootdir/Android.bp
  rootdir/Android.mk
  rootdir/avb/Android.bp
  rootdir/avb/Android.mk
  run-as/Android.bp
  sdcard/Android.bp
  set-verity-state/Android.bp
  shell_and_utilities/Android.bp
  storaged/Android.bp
  toolbox/Android.bp
  trusty/apploader/Android.bp
  trusty/confirmationui/Android.bp
  trusty/confirmationui/fuzz/Android.bp
  trusty/coverage/Android.bp
  trusty/fuzz/Android.bp
  trusty/fuzz/test/Android.bp
  trusty/gatekeeper/Android.bp
  trusty/gatekeeper/fuzz/Android.bp
  trusty/keymaster/Android.bp
  trusty/keymaster/fuzz/Android.bp
  trusty/libtrusty/Android.bp
  trusty/libtrusty/tipc-test/Android.bp
  trusty/secure_dpu/Android.bp
  trusty/storage/interface/Android.bp
  trusty/storage/lib/Android.bp
  trusty/storage/proxy/Android.bp
  trusty/storage/tests/Android.bp
  trusty/utils/spiproxyd/Android.bp
  trusty/utils/trusty-ut-ctrl/Android.bp
  usbd/Android.bp
  watchdogd/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  debuggerd/Android.bp
  fastboot/Android.bp
  libkeyutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT
to:
  Android.bp
  libcutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
  fs_mgr/Android.bp
  fs_mgr/libfs_avb/Android.bp
  trusty/utils/rpmb_dev/Android.bp

Added SPDX-license-identifier-BSD
to:
  fastboot/fuzzy_fastboot/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I5bd81adb5cdcf2b4dd4141b204eb430ff526af8f
2021-02-16 04:10:03 -08:00
Shawn Willden
657f71cd26 Add attestation key to generate/import messages
Bug: 171845787
Test: Build
Change-Id: I59bd25dc8998668f0ea2053f3e647bf6cc58885a
2021-01-28 11:56:14 -07:00
Matthew Maurer
c4abbe6427 trusty: keymaster-hal: Reconnect on failed VERSION
Trusty Keymaster will currently disconnect the client on an invalid
message. This includes the newly introduced GET_VERSION2 message.

While in the future we could change this behavior, this is a backcompat
path and so we can't assume a changed Trusty. Reconnect on failed
GET_VERSION2 before attempting version negotiation.

Bug: 177843218
Test: Set PIN on device using older Trusty
Change-Id: Ie60e4aaafa43e375797e6288b97834cac42413f4
2021-01-20 13:21:37 -08:00
Tri Vo
2c56d833c5 trusty: fuzz: Explicit errors instead of asserts
Bug: 171750250
Test: m \
      trusty_test_fuzzer \
      trusty_gatekeeper_fuzzer \
      trusty_keymaster_fuzzer \
      trusty_confirmationui_fuzzer
Change-Id: Ib22cf72b2db7b991e716c0116ca57d3f77459ada
2021-01-14 21:25:07 -08:00
Stephen Crane
f7b8a597f1 trusty: Add simple fuzzer for keymaster TA
Adds a simple libfuzzer-based coverage guided fuzzer for keymaster.
Current coverage is low, so we'll need to improve this with an initial
corpus or a more sophisticated protocol aware fuzzer.

Bug: 175918322
Test: make trusty_keymaster_fuzzer
Test: adb shell /data/fuzz/arm64/trusty_keymaster_fuzzer/trusty_keymaster_fuzzer
Change-Id: Iad1713e1a73cc5a6a3ec742cc433d1337aca9bc3
2021-01-13 16:21:49 -08:00
Shawn Willden
9323f4113b Revert^2 "Revise KeymasterMessage versioning system"
24d46bd512

Change-Id: I4edcfdada8321ff181db70002a2661b821f6b33f
Bug: 176867651
Merged-In: Idefcdd64afa7977f6dc2c4299e69cc5065dcc20d
2021-01-06 19:54:24 +00:00
Bonian Chen
24d46bd512 Revert "Revise KeymasterMessage versioning system"
Revert "Revise KeymasterMessage versioning system"

Revert "Revise KeymasterMessage versioning system"

Revert "Add new message versioning protocol"

Revert submission 1533821-new_km_versioning

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_master&target=adt3-userdebug&lkgb=7064747&lkbb=7064769&fkbb=7064769, bug 176867651
Reverted Changes:
I040fe7f62:Revise KeymasterMessage versioning system
Ibea104c39:Revise KeymasterMessage versioning system
Ibea104c39:Revise KeymasterMessage versioning system
I425fb45fc:Add new message versioning protocol

Change-Id: I1569334c59cb62be6aae4a42ce999f40c7a472de
BUG: 176867651
2021-01-06 06:42:21 +00:00
Shawn Willden
db089205aa Revise KeymasterMessage versioning system
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: Ibea104c39942c6c88523688306a030f40e9b150f
2020-12-22 20:33:13 -07:00
Shawn Willden
4f45dc3a7e Update message versionioning system
Bug: 171845787
Test: Build
Change-Id: Ie769113070a8a755a268f65e36384fe333c798b6
2020-12-13 10:56:50 -07:00
Arve Hjønnevåg
fe090a4686 trusty: keymaster: set_attestation_key: Change wrapped key
Remove WrappedPrivateKey and select wrapped vs plaintext key command
based on format instead.

Bug: 154033394
Test: send wrapped test key. Not yet accepted by trusty
Change-Id: I3b0a29be78f2a8e84ebd990713f66788256d8e3f
2020-10-02 16:55:16 -07:00
Arve Hjønnevåg
0c32a253df trusty: keymaster: Add set_attestation_key
Add tool to provision keymaster attestation keys.

Bug: 154033394
Test: keys from soft_attestation_cert then VtsHalKeymasterV4_0TargetTest

Change-Id: Ic96e9a8676991b3126bbae99118a1f23ee0744a5
2020-09-10 16:43:20 -07:00
Hongguang Chen
a41111070c Use more inclusive language for #inclusivefixit
Updating language to comply with Android’s inclusive language guidance.

See https://source.android.com/setup/contribute/respectful-code for reference.

Bug: 161896447
Test: make
Change-Id: I85a9f48fbab79b3b68f00c0af68750c616d815f8
2020-07-27 22:54:22 +00:00
Kenny Root
15351dcf60 Use <fqname> to avoid conflicts
The newer way of specifying the interface is using <fqname> and it also
has the handy side-effect of not causing conflicts when we add the
strongbox implementation to devices.

Test: make # check $OUT for the correct manifest
Change-Id: If8333814723261c4f3de375861ee19a6d922d55f
2020-04-14 14:37:24 -07:00
Matthew Maurer
1010727a48 trusty: keymaster: Remove legacy support
Library based HALs have been deprecated for several years now, and
Keymaster 2 based testing is woefully out of date compared to running
VTS against the modern 3.0 and 4.0 implementations.

Purging these modules and their resulting dependencies will make it
easier for the central system/keymaster repository to move forwards.

Test: mm
Bug: 150239636
Change-Id: Ic2ddbe685a50e65f9db25f682ad33105195efa8a
2020-02-26 00:43:23 +00:00
Matthew Maurer
dfad089dad Merge "Provide VINTF for Trusty Keymaster" 2019-09-10 19:09:04 +00:00