Commit graph

162 commits

Author SHA1 Message Date
Tri Vo
b47dbe7eb0 trusty: Reformat libtrusty
Test: m libtrusty
Change-Id: I5eb8413e7581603879de5abcb6de7b1b6d3484c0
2020-11-17 19:55:59 -08:00
Stephen Crane
5e3a3ce011 trusty: fuzz: dump trusty kernel logs on crash
Adds an Abort() function to the fuzzer utils library that grabs and
prints the relevant trusty kernel logs before exiting the fuzzer.

Test: /data/fuzz/arm64/trusty_gatekeeper_fuzzer/trusty_gatekeeper_fuzzer
Change-Id: I7741c7e5e0ffdc402e3d3dd9a7e5856e2a640dd2
2020-11-02 10:16:44 -08:00
Stephen Crane
6c0fb906f6 trusty: Add corpus for gatekeeper fuzzer
Test: /data/fuzz/arm64/trusty_gatekeeper_fuzzer/trusty_gatekeeper_fuzzer
Change-Id: I30bb2844972df952d853f0809e2eb8d5b5a1dd9c
2020-11-02 09:58:54 -08:00
Tri Vo
10ffc3417d trusty: Fuzzer for Gatekeeper TA
Test: /data/fuzz/arm64/trusty_gatekeeper_fuzzer/trusty_gatekeeper_fuzzer
Change-Id: If55b93b1a15c5bd9a1148ff54a859635a6e7290c
2020-10-29 18:02:01 -07:00
Tri Vo
e8823ffcb4 trusty: fuzz: Helper library
Test: /data/fuzz/arm64/trusty_gatekeeper_fuzzer/trusty_gatekeeper_fuzzer
Change-Id: Ife058ca25417e6bee4bf593b10a4e7e4000f9f2f
2020-10-29 18:01:59 -07:00
Wenhao Wang
323353413f Merge "rpmb_dev: Switch to RPMB provisioning scheme" 2020-10-10 05:06:56 +00:00
Arve Hjønnevåg
3e7c3504a3 Merge "trusty: keymaster: set_attestation_key: Change wrapped key" 2020-10-06 23:31:38 +00:00
Wenhao Wang
a560b76faa Merge "rpmb_dev: Fix RPMB_REQ_DATA_READ command" 2020-10-03 05:11:27 +00:00
Arve Hjønnevåg
fe090a4686 trusty: keymaster: set_attestation_key: Change wrapped key
Remove WrappedPrivateKey and select wrapped vs plaintext key command
based on format instead.

Bug: 154033394
Test: send wrapped test key. Not yet accepted by trusty
Change-Id: I3b0a29be78f2a8e84ebd990713f66788256d8e3f
2020-10-02 16:55:16 -07:00
Wenhao Wang
62855c3985 rpmb_dev: Switch to RPMB provisioning scheme
Remove the --key option part to disable the initial setting of rpmb key
on the mock rpmb device.
The RPMB provisioning scheme will program the RPMB key into the mock
rpmb device.

Bug: 152901318
Test: Trusty storage tests
Change-Id: I03b9cfbbd10e2e5364405319a57e2ecc4ee0f48e
2020-10-02 12:39:30 -07:00
Wenhao Wang
975491be09 rpmb_dev: Fix RPMB_REQ_DATA_READ command
Add ".check_key_programmed = true." for RPMB_REQ_DATA_READ such that
we can check whether the rpmb key has been programmed before executing
RPMB_REQ_DATA_READ command.

"JEDEC STANDARD Universal Flash Storage (UFS) Version 3.0" specifies
that data access before the key has been programmed should return
“Authentication Key not yet programmed” (0007h)..

Bug: 152901318
Test: Trusty storage tests
Change-Id: I4759fbce5f37234090a22a1d9dc3b38072f6ecaf
2020-10-02 12:32:30 -07:00
Arve Hjønnevåg
0c32a253df trusty: keymaster: Add set_attestation_key
Add tool to provision keymaster attestation keys.

Bug: 154033394
Test: keys from soft_attestation_cert then VtsHalKeymasterV4_0TargetTest

Change-Id: Ic96e9a8676991b3126bbae99118a1f23ee0744a5
2020-09-10 16:43:20 -07:00
Matthew Maurer
0b9a329303 Merge "Add support for tipc_send()" 2020-08-03 19:35:55 +00:00
Matthew Maurer
e251fa32fd Add support for tipc_send()
* Supports sending memfds in addition to data from an iovec
* Also add a basic test called send-fd

Bug: 117221195
Test: Run send-fd with corresponding Trusty application.
Change-Id: I562d2ff744938c868323a016659ca1332f6a576b
2020-08-03 09:30:37 -07:00
Jeff Sharkey
7b21637782 Update language to comply with Android's inclusive language guidance
See https://source.android.com/setup/contribute/respectful-code for reference

Bug: 161896447
Change-Id: Iafcccbdbdf3ff1078e87000e2ce560ff09b43f68
2020-07-31 16:36:06 -06:00
Treehugger Robot
71db317340 Merge "Use more inclusive language for #inclusivefixit" 2020-07-28 12:03:43 +00:00
Hongguang Chen
a41111070c Use more inclusive language for #inclusivefixit
Updating language to comply with Android’s inclusive language guidance.

See https://source.android.com/setup/contribute/respectful-code for reference.

Bug: 161896447
Test: make
Change-Id: I85a9f48fbab79b3b68f00c0af68750c616d815f8
2020-07-27 22:54:22 +00:00
Hongguang Chen
714adb834a Use more inclusive language for #inclusivefixit
Updating language to comply with Android’s inclusive language guidance.

See https://source.android.com/setup/contribute/respectful-code for reference.

Bug: 161896447
Test: make
Change-Id: I6f1668d1f7925393c72db6ae282003a9ecc723b7
2020-07-27 15:52:32 -07:00
Tri Vo
4e94e5bcfa trusty: spi: Add SPI proxy daemon
Bug: 118762930
Test: /data/nativetest64/trusty-ut-ctrl/trusty-ut-ctrl \
-D /dev/trusty-ipc-dev0 com.android.trusty.swspi.test

Change-Id: I6589009b2570f1101fed73197997d31a454887eb
2020-07-22 11:19:02 -07:00
Matthew Maurer
8f62566566 trusty: rpmb_dev: Prevent desync between rpmb_dev and storageproxyd
The mock RPMB can get out of sync with TD storage blocks in the event of
panic or crash. Making this O_SYNC will prevent this from happening.

Bug: 160723681
Test: None
Change-Id: Ia16dfc88ceae56e4e9724a42ac0db492c0e707a4
2020-07-10 22:09:01 +00:00
Wenhao Wang
469e388e47 trusty:storageproxyd: Fix in_cdb.length setting on send_ufs_rpmb_req
The in_cdb.length (ALLOCATION_LENGTH) must be set in order to send
SECURITY PROTOCOL IN command.

Bug: 143636526
Test: Trusty storage tests
Change-Id: Ie4252e9b19c05825c895ec07f8c9684ae456f6c9
2020-06-12 15:30:08 -07:00
Kenny Root
15351dcf60 Use <fqname> to avoid conflicts
The newer way of specifying the interface is using <fqname> and it also
has the handy side-effect of not causing conflicts when we add the
strongbox implementation to devices.

Test: make # check $OUT for the correct manifest
Change-Id: If8333814723261c4f3de375861ee19a6d922d55f
2020-04-14 14:37:24 -07:00
Matthew Maurer
1010727a48 trusty: keymaster: Remove legacy support
Library based HALs have been deprecated for several years now, and
Keymaster 2 based testing is woefully out of date compared to running
VTS against the modern 3.0 and 4.0 implementations.

Purging these modules and their resulting dependencies will make it
easier for the central system/keymaster repository to move forwards.

Test: mm
Bug: 150239636
Change-Id: Ic2ddbe685a50e65f9db25f682ad33105195efa8a
2020-02-26 00:43:23 +00:00
Treehugger Robot
a78d0cb735 Merge "First working version of the confirmationui HAL service" 2020-01-21 16:40:03 +00:00
Janis Danisevskis
8fe0cfb098 First working version of the confirmationui HAL service
This implementation does not provide any security guaranties.
 * The input method (NotSoSecureInput) runs a crypto protocols that is
   sufficiently secure IFF the end point is implemented on a trustworthy
   secure input device. But since the endpoint is currently in the HAL
   service itself this implementation is not secure.
 * This implementation provides most of the functionality, but not the
   secure UI infrastructure required to run Android Protected
   Confirmation.

Bug: 146078942
Test: VtsHalConfirmationUIV1_0TargetTest
Change-Id: I14717b5fa4ef15db960cdd506b8c6fe5369aec8d
2020-01-17 16:34:48 -08:00
Steven Moreland
e40e4270e8 remove deprecated bp 'subdirs'
noticed some, so thought I would remove them everywhere here

Bug: N/A
Test: N/A
Change-Id: I2978673b158d6c253914ea22f7f0129e446a5f91
2020-01-14 12:18:40 -08:00
Wenhao Wang
d363769dcf Merge "trusty:storageproxyd: Add ufs to parse_dev_type" 2020-01-04 00:10:57 +00:00
Wenhao Wang
3bf07c27de trusty:storageproxyd: Add ufs to parse_dev_type
Modify parse_dev_type function to accept new dev_type argument "ufs".

Bug: 143636526
Test: Trusty storage tests
Change-Id: I9524fd4cb9619b5ce1f4f46e87f1890f84f4d2f3
2020-01-03 13:47:57 -08:00
Matthew Maurer
17785fd185 trusty: storageproxyd: Fix rebase of UFS support
The UFS support got rebased on top of the RPMB socket support
improperly. As a result, RPMB socket support was broken due to an
unconditional rmpb_fd = rc which would set the rpmb_fd to be connect()'s
error code in the case of an RPMB socket.

Bug: 146903427
Test: Boot Trusty+Android with the rpmb_dev mock, check for liveness
Change-Id: Ib1220dc49392f1a10369eed7716e44680bd83a66
2019-12-26 15:03:45 -08:00
Wenhao Wang
ce2f1a4761 Add storageproxyd UFS support
This CL enables storageproxyd to run on UFS device.
The proxy prepares and sends SECURITY PROTOCOL IN/OUT commands to UFS
device.

Bug: 143636526
Test: Trusty storage tests
Change-Id: Ibe16578c12b978c9a95deccfb1873081e8d0e994
2019-12-20 15:44:51 -08:00
Matthew Maurer
503ea0e231 Add support for mocked RPMB
When developing, it may be preferable to operate on a device which does
not have a real RPMB storage, or which is unprovisioned. This CL allows
the rpmb_dev program to act as a daemon serving a fixed key, and for
storageproxyd to speak to rpmb_dev's socket rather than an actual rpmb
device or a virtual rpmb device.

Test: Trusty Gatekeeper VTS
Change-Id: I19b2b143fffb8e68e4a028d00eaf5cd1928e12f6
2019-11-27 14:41:16 -08:00
Treehugger Robot
8578a8a8ec Merge "trusty-ut-ctrl: link statically to libtrusty" 2019-10-31 23:03:54 +00:00
Matthew Maurer
d35f685a7c Update OWNERS based on Trusty team membership
Change-Id: Iafad614b6568e53209752b1c45f0f0209c95684b
2019-10-31 13:32:20 -07:00
Tri Vo
8b1e934555 trusty-ut-ctrl: link statically to libtrusty
Removes the need to push libtrusty.so to run trusty-ut-ctrl binary.

Test: m trusty-ut-ctrl
Change-Id: I19c2957d3eb1dc165e13f2ce5560fe31ea9a2469
2019-10-28 14:54:06 -07:00
Matthew Maurer
dfad089dad Merge "Provide VINTF for Trusty Keymaster" 2019-09-10 19:09:04 +00:00
Matthew Maurer
c649ca538d Provide VINTF for Trusty Keymaster
This makes it easier to add or remove the Trusty keymaster service from
a device by providing a manifest fragment to add whenever it is enabled.

Test: Keymaster VTS, Keystore CTS (sans attestation)
Change-Id: Ib0f5fd7c016c0c18d77c9d2623c89f3b35ba7ad7
2019-09-09 23:23:45 +00:00
Matthew Maurer
3d1023e50d Inject auth token into tags
The reference keymaster at system/keymaster still expects to receive its
auth tokens in the tags, rather than as a separate parameter. This
change injects the separate parameter passed to the KM4 HAL as a legacy
tag in the request.

Longer term, system/keymaster should support a separate authToken
parameter, and it should be serialized and sent to Trusty separately.

Test: Keymaster VTS + Keystore CTS (sans attestation)
Change-Id: Ie69cbd358504bb7612f7d55158509043cdad4e4e
2019-09-09 16:00:36 -07:00
Steven Moreland
a4eaf64de8 Remove libhwbinder/libhidltransport deps
Since these were combined into libhidlbase.

Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I0bdffced6af52695c0ef98c9dd659348e56f7aa6
2019-09-05 14:17:42 -07:00
Janis Danisevskis
7daa66aa07 Replace legacy trusty gatekeeper HAL with HIDLized version
This patch replaces the legacy libhardware based gatekeeper HAL with a
true HIDL based implementation.

Test: Workes with trusty gatekeeper
Change-Id: I072b0c3fc74523400132aacd34e2f2cac9cf261b
Merged-In: I072b0c3fc74523400132aacd34e2f2cac9cf261b
2019-06-23 11:11:09 -07:00
Matthew Maurer
b321b410ff Trusty Keymaster@4.0
Adds support for proxying V4.0 commands to Trusty and makes 4.0 the
default when including trusty-base.mk.

Bug: 128851722
Test: Keymaster VTS 4.0 + Trusty
Change-Id: I2e2220963996fcb88d6953ee1a58af1b947b857d
2019-05-16 14:19:50 -07:00
Matthew Maurer
b0a8c9520b Enable Trusty Gatekeeper@1.0
Previously we only installed the gatekeeper.trusty.so library, which is
insufficient to actually start Gatekeeper. We now also install the -impl
and -service wrappers.

Bug: 127700127
Test: Gatekeeper 1.0 VTS with Trusty running
Change-Id: Idd8d6a4e1e409c2a712dddfd92d5f9cf6b16b50c
2019-03-19 11:18:38 -07:00
Matthew Maurer
57ba8c58fc Add support for RPMB over VirtIO Serial
In order to test Trusty gatekeeper automatically, the storage proxy
needs to be active inside the emulator. This patch allows storageproxyd
to speak a length-framed RPMB to an external RPMB daemon.

For a concrete example of a daemon speaking this protocol, see rpmb_dev
in the Trusty tree.

Bug: 124277696
Test: Launch storageproxyd with -t virt, use Trusty test infra
Change-Id: I391d4768976f0eb1f3b8df58eefd58fc3a9409cd
2019-03-05 17:25:57 -08:00
Matthew Maurer
30ff1f4177 Clang-format before updating storage proxy
These files were previously not clang-format clean. I am submitting the
clang-format cleanup in its own CL to avoid mixing up the code I'm
adding/adjusting with old code which needed to be reformatted.

Bug: 124277696
Test: m
Change-Id: I8a57ca97925a16bee10b15d2013a5dcf87b0ed15
2019-02-21 15:52:11 -08:00
Treehugger Robot
52ca777e57 Merge "trusty: Avoid unnecessary use of static libtrusty" 2019-01-18 21:54:39 +00:00
Matthew Maurer
178c56a1ba trusty: Avoid unnecessary use of static libtrusty
Test: manual
Change-Id: I9e57118b6cc8c24d9ec7a5c34413c196bbba5b51
2019-01-04 12:04:47 -08:00
Michael Ryleev
129fadf051 trusty: Add trusty unittest control utility
It is designed to connect to user specified port and
implements unittest logging protocol supported by
typical unittest ap running on Trusty side.

Test: manual
Change-Id: I6e37ccee9b9e4dde563ef0e4f531b42091cc2bd8
2019-01-04 11:54:26 -08:00
Chih-Hung Hsieh
747eb149d0 Add noexcept to move constructors and assignment operators.
Bug: 116614593
Test: build with WITH_TIDY=1
Change-Id: I5a7461386946ca623ab509609092aa0ac8418b80
2018-10-05 16:43:47 +00:00
Michael Ryleev
bfccad2474 trusty: keymaster3: Modify TrustyKeymaster3Device::update method
Modify TrustyKeymaster3Device::update method to handle the case when
amount of input data received exceeds a maximum amount supported by
underlying transport. In such case, only send an portion of data that
fits and allow higher levels to take care of the rest.

This is not an ideal fix as it is not very efficient for large sets
of data but at least it should work in more cases.

Test: android.keystore.cts
Change-Id: Id7360d0da3b87493193d480fc0c78c65dc1fc51f
2018-09-18 16:12:24 -07:00
Treehugger Robot
d361839b30 Merge "add the impementation of delete_key, delete_all_key for Legacy HAL" 2018-09-11 22:40:31 +00:00
Roberto Pereira
1b4ab72459 trusty: keymaster: remove unnecessary group from trusty KM3 HAL service
Test: VtsHalKeymasterV3_0TargetTest
Change-Id: Ib943a9aa5a0cab27913173a68932db651e991907
2018-09-10 19:19:44 +00:00