the new layer (Keymaster2PassthroughContext) will call the related function
operation, however, currently it’s null so it will have null pointer reference
issue and we need to provide them in the keymater legacy HAL.
Bug: 113084196
Change-Id: Id1b0df47c03d341aedc7a0634cb101966143641c
This allows the IPC functionality to be used by multiple HAL
implementations
Test: trusty_keymaster_tipc & keystore.trusty compile
Bug: 110153632
Change-Id: I78f273db6f59a417319058113e15e422ece73290
Added three new directories:
- include: contains ipc and legacy header files
- ipc: contains common keymaster IPC code that can be shared between HALS
- legacy: contains the old style HAL implementation
Test: trusty_keymaster_tipc & keystore.trusty compile
Bug:110153632
Change-Id: I2fdaa9d3d0421a0e359c05807ab5f0a12c5d3996
Trusty implementations are provided by vendors. This patch moves
the AOSP reference implementations to the vendor partition.
Bug: 63085384
Test: Build gordon_peak which adopts trusty as the TEE and confirm
that libtrusty and gateway.trusty are moved to /vendor.
Test: Build marlin which does not adopt trusty as the TEE and confirm
that this patch has no effect on the build result.
Test: mmm BOARD_VNDK_VERSION=current system/core/trusty
Change-Id: I7f6d897b86c69d06923a18d28154760e006dd193
Without this there is the possibility of message version mismatch
between the secure side and the non-secure side.
Bug: 63746689
Test: cts passes
Change-Id: I242974eb86dd86ba0f657e7ab3af4ac14c08bb5c
The CL is not complete and will cause build break when BOARD_VNDK_VERSION is set.
This reverts commit 7d81b4e081.
Change-Id: If9632fb7ee8147c39f1ad0860ddc3bed62ba89db
AttestKeyResponse may be larger than 4K (always less than 8K) when
attesting an RSA key. This change allows the non-secure side to read a
response that may be larger than 4K by adding an additional bit
indicating the end of a response. If a message command has the
KEYMASTER_STOP_BIT set, then the non-secure side knows that the response
has been fully read.
Test: android.keystore.cts.KeyAttestationTest#testRsaAttestation passes
with production attestation key and chain, when AttestKeyResponse is
larger than 4K.
Tested with other CTS tests when keymaster messages are smaller
than 4K, still passes.
Manual test to verify that a tipc error due to large message size is
handled correctly.
Bug: 63335726
Change-Id: I8776ba7ca70da893648e15cfa770784ab31a2cb0
Trusty implementations are provided by vendors. This patch moves
the AOSP reference implementations to the vendor partition.
Bug: 63085384
Test: build gordon_peak which adopts trusty as the TEE and confirm
that libtrusty and gateway.trusty are moved to /vendor.
Test: build marlin which does not adopt trusty as the TEE and confirm
that this patch has no effect on the build result.
Change-Id: I9a5440071386b929058207fdef560ed2d7223ba3
