Implementation of the KeyMint HAL service based on the Rust reference
implementation.
This CL adds the code and associated metadata, but does not included it
into the overall build.
Bug: 197891150
Bug: 225036046
Test: VtsAidlKeyMintTargetTest
Change-Id: I9d95b9d8be645b6299a06d40973b38b66dcf3c07
Make it easier to diagnose service failures.
Bug: 213617178
Change-Id: I27135cb32b6a98b2fe24ab2324dffbf5b591fdd5
Signed-off-by: Bart Van Assche <bvanassche@google.com>
* Intentional crash test code with null/free/escape warnings.
Test: make tidy-system-core-debuggerd_subset
Change-Id: Ib1255c17a374729c82aa246c6a59156dbc4e1b77
From the Google C++ style guide: "Objects with static storage duration
are forbidden unless they are trivially destructible." Hence this CL.
Bug: 213617178
Change-Id: I4c9a51618ee1eb14ed439295a5fc0101b940a63d
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Simplify PollIn() by converting a single-element array into a scalar. No
functionality is changed.
Change-Id: I3ef36b9c0daafeed3a92f90c7a7c4fe0654dd586
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Since I have to go around the tree modifying code when updating
kernel headers, it seems to make sense to get on this list.
Test: NA
Change-Id: I714b1cbacd336deef1d0e37576d2ab500832eb1a
EXPECT_NONFATAL_FAILURE(statement, ...) expands to
do {
... statement ...
} while (::testing::internal::AlwaysFalse());
Clang analyzer cannot see into AlwaysFalse(),
and gives a false warning assuming that the
do loop can be done twice.
Use a unique_ptr::reset to call delete,
because reset can be called multiple times..
Bug: 259999410
Test: make tidy-system-core-fastboot_subset
Change-Id: Ie536f76635dd55f4e47b80eed6498fd1193b88ee
Current period of this is 3 sec and it is used when Perfetto profiling is running on Android. Without Perfetto profiling, it doesn't affect the system at all. However, 3 sec doesn't provide enough granularity to understand F2FS I/O behaviors. To make F2FS I/O profiling ftrace effective, set the ftrace period to 1 sec.
Test: check f2fs iostat_period_ms sysfs node value
Change-Id: I2d418795613dfbd1aea6c4f13c9a39af3deb1c4d
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Part of the change to support 2nd IMEI attestation.
Bug: 244732345
Test: atest keystore2_test android.keystore.cts.DeviceOwnerKeyManagementTest
Change-Id: I59544e1e8019869cadeb7b46800c9b519048934c
Remove LLNDK libraries from system required libs as those libraries will
be appended to the configuration from the build.
Bug: 251782700
Test: Cuttlefish build and boot succeeded
Change-Id: I81d508a5e15a9dd1919935f07569271609738710
Skip the test if /dev/console does not exist. Fix the console service
security label. Fix the getsid() test.
Bug: 260104465
Test: atest 'CtsInitTestCases:init#StartConsole' on a P2023 development board
Change-Id: If2533a3f205f922a9b04a748cb558a09c5925986
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Revert commit 14f9c15e05 ("init: Add more diagnostics for signalfd
hangs") because:
* That commit was intented to help with root-causing b/223076262.
* The root cause of b/223076262 has been fixed (not blocking SIGCHLD
in all threads in the init process).
Test: Treehugger
Change-Id: I586663ec0588e74a9d58512f7f31155398cf4f52
Signed-off-by: Bart Van Assche <bvanassche@google.com>
These TEST_MAPPING definitions ensure that the VTS tests for the
respective HAL services will be executed upon any changes committed to
the HAL services.
Test: hopefully this is the test
Change-Id: Icfaf3621f2c7b9608deb998ba4b5cfd6621a7310
Disabling profiles is no longer supported. Most of the profile support
has been active even when this property was false, and it won't be
supported in the ART Service.
Test: atest -a propertyinfoserializer_tests
Bug: 254434433
Change-Id: I49272b0976f71fcd2e18d04a5b6cc3548a5f9d3f
This includes memory header for shared_ptr and unique_ptr templates.
Fixes the following errors:
RefBase.h:803:1: error: ‘shared_ptr’ does not name a type
RefBase.h:810:1: error: ‘unique_ptr’ does not name a type
Change-Id: I6a7a67333c9ef05250c5a3c6199d7fac288f946b
Adds a system vendor property (ro.vendor.trusty.storage.fs_ready) to
indicate when backing storage on the Android filesystem (e.g. /data) is
ready for use. Before this property is set, the Trusty storage proxy may
restart causing connections in Trusty to the storage service to be
disconnected. All Trusty operations that may require storage and can
wait until the device filesystems are ready should wait on this
property.
Bug: 258018785
Test: manual
Change-Id: I9b1408b72df34a0d0cbcc1b99e9617f15bc47558
Export ro.force.debuggable property so that the user can check image
compatibility prior to running fastboot flash.
For example, if is-force-debuggable is yes, then the "system" and
"vendor" build fingerprint must match.
Bug: 191649082
Test: fastboot getvar is-force-debuggable
Change-Id: I772d98253f58ba208d5803e18b589ff693deebd0
If device doesn't enable AVB altogether, then it might not have a vbmeta
partition at all. In this case, we shall ignore disable-verity errors.
We still disable verity unconditionally to keep the logic simple, but we
ignore any disable-verity error if AVB is not enabled in the first
place.
Bug: 241688845
Test: adb-remount-test on emulator
Test: Test remount on yukawa
Change-Id: Ifc763b3f0ca6989550c139a8c3a2308c9c2a7c3e
Multiple tests in CtsInitTestCases, e.g. RebootTest#StopServicesSIGKILL,
can trigger the following race condition:
* A service is started. This involves calling fork() and also to call
RunService() in the child process. RunService() calls setpgid().
* Service::Stop() is called and calls KillProcessGroup().
KillProcessGroup() calls kill(-pgid, SIGKILL) before the child process
has called setpgid(). pgid is the process ID of the child process. The
kill() call fails because setpgid() has not yet been called.
Fix this race condition by adding a setpgid() call in the parent process
and by waiting from the parent until the child has called setsid() if a
console is attached.
Bug: 213617178
Change-Id: Ieb9e6908df725447e3695ed66bb8bd30e4e38aa9
Signed-off-by: Bart Van Assche <bvanassche@google.com>
