We want to add coverage statistics to the trusty-ut-ctrl tool, which is
a vendor binary. Thus we need a vendor variant of libtrusty_coverage.
Merges system libtrusty_test and vendor libtrusty into a single
vendor_available library so that we can add vendor_available to
libtrusty_coverage and make it accessible from vendor tools.
Bug: 175221942
Test: make libtrusty_coverage
Change-Id: I68cc8f1c1580bda8591dbe744e9751474811576d
Adds the ability to retrieve and save program counter information from
the trusty coverage record data. PC information is saved to a .sancov
file, parseable by the LLVM sancov tool. Sancov can then symbolize and
display this coverage information for consumption by humans.
Adds a sancov dump to the libtrusty_coverage_test for testing.
Bug: 175221942
Test: atest libtrusty_coverage_test
Test: Retrieve sancov file and manually symbolize with sancov
Change-Id: I342ea2ca9abb87986b2904ff69415544ee6070fc
Simplifies development flow because libtrusty_test.so doesn't need to be
pushed with the fuzzer.
Bug: 171750250
Test: m trusty_gatekeeper_fuzzer && adb sync data && \
adb shell /data/fuzz/arm64/trusty_gatekeeper_fuzzer/trusty_gatekeeper_fuzzer
Change-Id: I7c83b5784ede4881dcd9c2dd33c97bf49fcde6ff
Change-Id: Iba60f03000bfca15b00e484ef3a168604c65554a
Add ExtraCounters to Confirmationui fuzzer so that the fuzzer can
grab the coverage information of the Confirmationui TA.
Bug: 174402999
Bug: 171750250
Test: /data/fuzz/arm64/trusty_confirmationui_fuzzer/trusty_confirmationui_fuzzer
Change-Id: I2e287281e7c8100f0d48413fbe0ff99d397a74c1
* changes:
trusty: provide coverage to gatekeeper fuzzer
trusty: fuzz: Example TA fuzzer
trusty: fuzz: Helper lib for libFuzzer extra counters
trusty: coverage: Coverage client library
Note: We need to add Confirmationui TA into
TRUSTY_BUILTIN_USER_TASKS to run the fuzzer.
Bug: 174402999
Bug: 171750250
Test: /data/fuzz/arm64/trusty_confirmationui_fuzzer/trusty_confirmationui_fuzzer
Change-Id: I22769782ded05eeedeb111f7537b5ba76e98ce73
Used by tests on the system side of the Treble boundary, e.g. fuzzing
Test: m libtrusty libtrusty_test
Change-Id: I56a15c80eb7c4b9e51f8e59a7cd1abdfc35d8d5a
Make the trusty-ut-ctrl as binary such that we can put it into
factory image, put it into PRODECT_PACKAGES_DEBUG fro the device.mk
Bug: 152901318
Test: Trusty storage tests
Change-Id: I8229113e7649c25d0a712b2b0964f23c9d41cf26
Adds an Abort() function to the fuzzer utils library that grabs and
prints the relevant trusty kernel logs before exiting the fuzzer.
Test: /data/fuzz/arm64/trusty_gatekeeper_fuzzer/trusty_gatekeeper_fuzzer
Change-Id: I7741c7e5e0ffdc402e3d3dd9a7e5856e2a640dd2
Remove WrappedPrivateKey and select wrapped vs plaintext key command
based on format instead.
Bug: 154033394
Test: send wrapped test key. Not yet accepted by trusty
Change-Id: I3b0a29be78f2a8e84ebd990713f66788256d8e3f
Remove the --key option part to disable the initial setting of rpmb key
on the mock rpmb device.
The RPMB provisioning scheme will program the RPMB key into the mock
rpmb device.
Bug: 152901318
Test: Trusty storage tests
Change-Id: I03b9cfbbd10e2e5364405319a57e2ecc4ee0f48e
Add ".check_key_programmed = true." for RPMB_REQ_DATA_READ such that
we can check whether the rpmb key has been programmed before executing
RPMB_REQ_DATA_READ command.
"JEDEC STANDARD Universal Flash Storage (UFS) Version 3.0" specifies
that data access before the key has been programmed should return
“Authentication Key not yet programmed” (0007h)..
Bug: 152901318
Test: Trusty storage tests
Change-Id: I4759fbce5f37234090a22a1d9dc3b38072f6ecaf
* Supports sending memfds in addition to data from an iovec
* Also add a basic test called send-fd
Bug: 117221195
Test: Run send-fd with corresponding Trusty application.
Change-Id: I562d2ff744938c868323a016659ca1332f6a576b
The mock RPMB can get out of sync with TD storage blocks in the event of
panic or crash. Making this O_SYNC will prevent this from happening.
Bug: 160723681
Test: None
Change-Id: Ia16dfc88ceae56e4e9724a42ac0db492c0e707a4
The in_cdb.length (ALLOCATION_LENGTH) must be set in order to send
SECURITY PROTOCOL IN command.
Bug: 143636526
Test: Trusty storage tests
Change-Id: Ie4252e9b19c05825c895ec07f8c9684ae456f6c9
The newer way of specifying the interface is using <fqname> and it also
has the handy side-effect of not causing conflicts when we add the
strongbox implementation to devices.
Test: make # check $OUT for the correct manifest
Change-Id: If8333814723261c4f3de375861ee19a6d922d55f
Library based HALs have been deprecated for several years now, and
Keymaster 2 based testing is woefully out of date compared to running
VTS against the modern 3.0 and 4.0 implementations.
Purging these modules and their resulting dependencies will make it
easier for the central system/keymaster repository to move forwards.
Test: mm
Bug: 150239636
Change-Id: Ic2ddbe685a50e65f9db25f682ad33105195efa8a
This implementation does not provide any security guaranties.
* The input method (NotSoSecureInput) runs a crypto protocols that is
sufficiently secure IFF the end point is implemented on a trustworthy
secure input device. But since the endpoint is currently in the HAL
service itself this implementation is not secure.
* This implementation provides most of the functionality, but not the
secure UI infrastructure required to run Android Protected
Confirmation.
Bug: 146078942
Test: VtsHalConfirmationUIV1_0TargetTest
Change-Id: I14717b5fa4ef15db960cdd506b8c6fe5369aec8d
