Commit graph

453 commits

Author SHA1 Message Date
Tri Vo
ed1f13f62b trusty: IRPC supportedNumKeysInCsr support
Bug: 254137722
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ic76c27b8c65274f76adca6b83614eac73964ea20
2022-11-17 17:15:21 -08:00
Seth Moore
8fbbf06f0c Add dependency on split out RKP HAL
Bug: 254112961
Test: vts_treble_vintf_vendor_test
Merged-In: I9dcb9b94b0e22466cd42592f4921eec3e4fcb13d
Change-Id: I9dcb9b94b0e22466cd42592f4921eec3e4fcb13d
2022-11-09 10:54:51 -08:00
Christopher Ferris
9d8576d701 Merge "Modify the mmc data structure." 2022-11-03 01:20:03 +00:00
Steven Moreland
b41a7e382f Merge "Adding fuzzer for trusty-confirmationui service." 2022-11-01 17:04:47 +00:00
Rajesh Nyamagoud
4092a77774 Replaced -1 with EXIT_FAILURE and validated confirmationui service
status after registering it with `CHECK_EQ` macro.

Bug: b/205760172
Test: atest VtsHalConfirmationUITargetTest
Change-Id: I00f5a09ca525e3abb63a5d1f404fb6f3daed9442
2022-10-24 19:25:35 +00:00
Rajesh Nyamagoud
ec4df1d547 Adding fuzzer for trusty-confirmationui service.
Bug: b/205760172
Test: Run android.hardware.confirmationui-service.trusty_fuzzer, confirmation UI test using CTS Verifier and atest VtsHalConfirmationUITargetTest
Change-Id: If0e97c9ae5f89fbbfa994c12ece53d3996e17a33
2022-10-24 19:22:07 +00:00
Tri Vo
7014fa9fa3 Merge "Changes to adapt confirmationui AIDL spec." 2022-10-20 16:51:56 +00:00
Tri Vo
a693071690 Merge "Trusty IRemotelyProvisionedComponent v3 HAL implementation" 2022-10-20 02:43:12 +00:00
Tri Vo
ce223a5c6f Trusty IRemotelyProvisionedComponent v3 HAL implementation
Bug: 235265072
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: If0ea94710d0d0e18020a0a4b9c05ef915bbf61fa
2022-10-13 13:40:38 -07:00
Rajesh Nyamagoud
9f22d4f8cf Changes to adapt confirmationui AIDL spec.
Replaced HIDL spec implementation with AIDL spec in confirmationui
module.

Ignore-AOSP-First: Dependent on internal change.
Bug: b/205760172
Test: Run confirmation UI test using CTS Verifier, atest VtsHalConfirmationUITargetTest
Change-Id: I49b9cb6d93fa35fd611003f7545d2ce4976eec7c
2022-10-13 15:17:34 +00:00
Tri Vo
ad4ecd962c Merge "Implement getHardwareInfo() in Trusty KM TA" 2022-10-12 22:53:43 +00:00
Tri Vo
025b7f3cd8 Implement getHardwareInfo() in Trusty KM TA
Bug: 253109915
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I579d563759a3af97100da95dab6a99ca52d0b384
2022-10-12 10:35:49 -07:00
Christopher Ferris
4fb3712462 Modify the mmc data structure.
The new 6.0 kernel headers changed all variable length
structures from [0] to []. This causes a clang warning to
trigger, so rewrite the mmc data structures using a union
to avoid having a variable sized array in the middle of the
structure.

Test: Builds.
Change-Id: Ib1ac92c4f76af386d934f51a3c73cb8914e97624
2022-10-10 15:26:10 -07:00
Thurston Dang
8ae1c1db42 storageproxyd: Add STORAGE_FILE_GET_MAX_SIZE API on Android side
This is the Android-side companion change to go/oag/2241573,
adding the interface for STORAGE_FILE_GET_MAX_SIZE (implementation
sold separately).

Bug: 247003431
Test: None
Change-Id: Ie834c91a085b2e4a668e0d9d22ec0f6b1e4e6c1c
2022-10-06 00:12:00 +00:00
Inseob Kim
ed673496c2 Explicitly install RemoteProvisioner for keymint
This is effectively a no-op change; both packages are installed.
However, removing required and moving it to PRODUCT_PACKAGES cuts the
dependency from vendor modules to system-ext modules. This is needed for
vendor-only build test.

Test: build and see both packages are installed
Change-Id: I6620020a1eccfab08594c9be3b298611bd237f1d
2022-09-16 20:54:03 +09:00
Stephen Crane
54020821f6 trusty: Increase size of ACVP shared memory
The boringssl ACVP config has grown, so we need to increase the size of
our memory allocation that we share with the Trusty test TA.

Test: acvptool -wrapper trusty_acvp_modulewrapper -regcap
Bug: None
Change-Id: Ia90f4972d0d2ac420b09110f5647355a44175267
2022-08-22 19:43:54 -07:00
Per Larsen
db9a554a2f trusty/apploader: Handle APPLOADER_ERR_NOT_ENCRYPTED
Add a specific error message to the Android CLI tool for the case
where the apploader rejected an attempt to load an application
which requested encryption of its ELF image via its manifest while
containing an unencrypted ELF image.

Bug: 241824652
Change-Id: Ib2a3c881015700492b8166be38c41753bf51b3b2
2022-08-20 23:20:46 -07:00
Per Larsen
c5253819f8 trusty/apploader: Add missing doc for enum value
Document the APPLOADER_ERR_POLICY_VIOLATION value in enum
apploader_error.

Bug: 208968719
Change-Id: Ia9b17f4ea705d13567b2ba74f2dcd6df5a0c7d73
2022-08-20 23:20:46 -07:00
Treehugger Robot
67d70ffe03 Merge "storageproxy: Report fsync failures with a distinct error code" 2022-08-03 17:16:48 +00:00
Treehugger Robot
eb9780feb6 Merge "storageproxy: Support POST_COMMIT sync for all commands" 2022-08-02 23:52:38 +00:00
Stephen Crane
1c75d1e3a7 storageproxy: Report fsync failures with a distinct error code
Fsync failures are special because they may indicate a failure of an
operation before the current operation. Report these cases as a new,
distinct error.

Test: Cause fsync failure and check error response
Bug: 239105007
Change-Id: Ie9d4a1949586e90006256c975786e21ced655e66
2022-08-02 10:59:30 -07:00
Stephen Crane
57770a5318 storageproxy: Support POST_COMMIT sync for all commands
Previously we did not support STORAGE_MSG_FLAG_POST_COMMIT for anything
but RPMB operations (in which case it was a no-op). We need to support
this flag in order to store a superblock in non-secure storage, as we
need that write to commit atomically wrt all other writes.

Test: com.android.storage-unittest.nsp
Bug: 228793975
Change-Id: Ia453c1916970e0b65a91e42f18b920ac4e1f01db
2022-08-02 10:59:30 -07:00
Treehugger Robot
f662134ff6 Merge "Update OWNERS" 2022-08-01 19:53:10 +00:00
Tri Vo
7104ffee7e Update OWNERS
Change-Id: I5ab0364d0e6d19c92c1e11f72fced067b1026ba5
2022-08-01 11:45:25 -07:00
Tri Vo
a6ac1d6b3f Merge "trusty: metrics: Drain events before each test" 2022-07-29 23:17:59 +00:00
Tri Vo
4b38ffab15 trusty: metrics: Drain events before each test
Also add tighter checks to make sure we didn't drop events.

Bug: 240617890
Test: libtrusty_metrics_test
Change-Id: I0029d91ad0ff67eb97913b2316efca627b118616
2022-07-28 17:09:00 -07:00
Treehugger Robot
4304cbd8db Merge "trusty-binder: Add AIDL files for trusty-binder tests" 2022-07-26 15:19:56 +00:00
David Anekstein
c6768f7aad trusty-binder: Add AIDL files for trusty-binder tests
Bug: 224644083
Change-Id: I4818bfee421996dbf313c96d3ab53d9d0429f0c4
2022-07-21 15:34:43 -04:00
Tri Vo
846da873b4 storageproxyd: Remove setuid, setgid, and capset
These operations require excessive SELinux and UNIX permissions.

Instead of dropping privileges after starting we will start
storageproxyd as "system" user.

Bug: 205904330
Test: com.android.storage-unittest.td
Change-Id: I0b2503a746c52474c8cc2e1f7a2fbe17c98d6d8b
2022-07-15 10:34:05 -07:00
Treehugger Robot
7e25d3e8fa Merge "Implement GetRootOfTrust" 2022-06-07 22:43:20 +00:00
Shawn Willden
396bc3f964 Implement GetRootOfTrust
Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: I8485360f253ca20f008c5df5090e79c1781fbb4f
2022-06-07 13:19:23 -06:00
Daniel Angell
6c2d812508 Increase num_retries to reduce likelihood of test flake
Flakiness was observed in this build:
https://android-build.googleplex.com/builds/pending/P35853772/qemu_generic_arm32_gicv3_test_debug/latest/view/logs/build_error.log

But most other builds do not have this issue.

Bug: 234788755
Change-Id: I4cf7d05a56eb678164bf0006bfb190442d6d4e03
2022-06-06 21:25:17 +00:00
David Drysdale
ad226c11a9 Merge "Make crate vendor_available" 2022-06-06 06:49:13 +00:00
Stephen Crane
08d8557718 [trusty] Bump number of ACVP arguments to match boringssl
Boringssl added a new argument to the ACVP modulewrapper, so we need to
sync this change to the Trusty modulewrapper.

Test: m trusty_acvp_modulewrapper
Bug: 233873228
Change-Id: Ia79705d9fe32a07afc09cf8e0231db300073b504
2022-05-25 12:18:47 -07:00
David Drysdale
9ee82396c4 Make crate vendor_available
Bug: 195310053
Test: build, TreeHugger
Change-Id: I466a7cf609a3c945a56d3f3fac99cbc04cb4dc9b
2022-05-25 13:58:11 +01:00
David Drysdale
37a8ac1d45 KeyMint HAL: pass auth token on updateAad
Bug: 230716629
Test: CtsVerifier with aosp/2077898 included
Change-Id: I2ba275718ef7ce6cc701ac2eb4a122639d7a4351
2022-05-18 11:12:01 +01:00
Florian Mayer
78bf3beb49 Promote tests to HWASan presubmit.
Change-Id: I55711f80c4ea870a78e7971fe133f096dac9ef1a
2022-05-03 19:40:36 +00:00
Anis Assi
5f43e61fef Adding trong@google.com as fuzzer owner for trusty fuzzers
Bug: 221891733
Change-Id: I41895ffbd6d65f9f3de90088c5f0b9ba2f3210d4
2022-04-18 20:42:10 +00:00
Thurston Dang
b37b47df01 Merge "[trusty][apploader] Handle APPLOADER_ERR_POLICY_VIOLATION" 2022-04-12 19:21:05 +00:00
David LeGare
dc2d792adc [libtrusty-rs] Add recv variant that uses Vec<u8>
* Add new `recv` method that takes a `Vec<u8>` and automatically
  allocates extra buffer space and retries the read call if the buffer
  does not have enough capacity.
* Rename the existing `recv` method to `recv_no_alloc`, and update docs
  to clarify the behaviors of both methods.
* Add tests for the new `recv` method and update existing tests to use
  `recv_no_alloc` instead.

Test: tipc-test-rs -m 1024 -t echo
Bug: 226659377
Change-Id: Ic437b617751e865da119fe0c4ef8aa456a63bf3c
2022-04-06 22:40:05 +00:00
David LeGare
23dedb660e Setup tests for libtrusty-rs
Test logic is based on the tests in the original tipc-test C binary,
but adapted to use the Rust unit test infrastructure to make running
tests easier.

Test: Ran the tests
Bug: 226659377
Change-Id: I998013b2f8b304299acb09d58beb49330747802a
2022-04-06 21:11:04 +00:00
Thurston Dang
45dbdd1ef0 [trusty][apploader] Handle APPLOADER_ERR_POLICY_VIOLATION
Add a specific error message to the Android CLI tool for the
case where the policy engine (http://go/aog/2051516) disallows
loading.

Test: Load a signed app that violates the policy
Bug: 208968719
Change-Id: I2aaa218ab3a7297ea62448de49baa0bfd6b1ee52
2022-04-05 20:25:57 +00:00
David LeGare
fd343ee2ea Add libtrusty-rs
Test: manual using tipc-test-rs
Bug: 226659377
Change-Id: I4afc24e5a602e7ca85d5c7088fecc211b71bfc66
2022-04-04 19:12:15 +00:00
Florian Mayer
14deb086bf Add keymint to hwasan-postsubmit
Test: Run tests under HWASan.
Bug: 193568145
Change-Id: Ica324e3eb495bc3c95ae9f892c744a3204d2d072
2022-03-18 23:01:32 +00:00
Tri Vo
5ba7cba78f Merge "trusty: set_attestation_key: Provision device IDs" 2022-03-18 18:14:18 +00:00
Tri Vo
7aeb43ecfc trusty: set_attestation_key: Provision device IDs
Bug: 221128605
Test: /vendor/bin/trusty_keymaster_set_attestation_key /vendor/etc/keymaster_soft_attestation_keys.xml
Change-Id: Iabe2162a7d50f16c966f16ca2eda5a7651779848
2022-03-17 17:49:35 -07:00
Tri Vo
83b58f93a2 trusty: Update TIPC UAPI header
TRUSTY_SEND_SECURE operation was added to Trusty Linux driver by
aosp/1930989.

Bug: 224563842
Test: m libtrusty
Change-Id: Ic922ec177a8d35dba351415ab429216a1931a64d
2022-03-14 16:30:12 -07:00
David Drysdale
b99ace4af1 Merge "Include correct authorization_set.h header" 2022-03-01 10:31:26 +00:00
Treehugger Robot
8e4b2bfd5b Merge "Update to KeyMint & iRPC v2" 2022-02-28 21:46:00 +00:00
Shawn Willden
0485712141 Update to KeyMint & iRPC v2
Bug: 221390931
Test: run vts -m vts_treble_vintf_vendor_test
Change-Id: I1749439700f78433d31b52067edb32a031cc8777
2022-02-28 09:35:43 -07:00
Tri Vo
96686aaf60 Merge "Bumping the HAL client version." 2022-02-25 18:03:20 +00:00
Treehugger Robot
df62d41eeb Merge "Provide alternate SE RoT provisioning path." 2022-02-23 18:13:01 +00:00
Tri Vo
7da30bd9f8 Merge "trusty: Convert Trusty driver tests to python_test" 2022-02-23 17:58:06 +00:00
Shawn Willden
0f89bc1270 Provide alternate SE RoT provisioning path.
On some devices it is infeasible to provision the KeyMint RoT bits in
the Android Bootloader.  This provides an alternate path to provision
them from the TEE during early boot.

Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: Ibae9050b9a102dad3710f9495d3dfa43fa1d1b3f
Merged-In: Ibae9050b9a102dad3710f9495d3dfa43fa1d1b3f
2022-02-22 23:51:15 -07:00
David Drysdale
74f763961a Include correct authorization_set.h header
Bug: 206470603
Test: TreeHugger
Change-Id: I748660d45a539c9e2c2e13605d1d4f61b1b2fb5e
2022-02-23 06:27:16 +00:00
Tri Vo
ccc11f4969 trusty: Convert Trusty driver tests to python_test
Original tests are implemented as shell scripts here:
https://android.googlesource.com/trusty/vendor/google/aosp/+/refs/heads/master/scripts/test-map#100

Bug: 219992178
Test: trusty_driver_test
Change-Id: I8a55cb660bb0cb27bb4ef32aaa0658d0c17c36e3
2022-02-22 17:40:29 -08:00
Max Bires
b6179f25be Bumping the HAL client version.
This CL bumps the reported version for Trusty's
IRemotelyProvisionedComponent HAL interface for KeyMint. It also adds
the uniqueId field added to the RpcHardwareInfo in version 2.

Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I336ec7cd12ca2ea3b836601ebe0ca400524b8ca4
2022-02-15 02:24:04 +00:00
Stephen Crane
d160497c59 storageproxyd: Sync parent dir when creating a file
Switches to syncing the parent directory immediately when creating a new
file rather than lazily waiting for a sync request. Because we only
create a new file when the userdata partition is cleared, this operation
doesn't need to be fast in the normal case. This avoids needing to track
the parent directory for each file for lazy syncing later, since storage
backing files may be in a subdirectory of the root.

Test: m storageproxyd, boot using new service binary
Bug: None
Change-Id: Ibcafae7da493864515c099bd81d48c95b0e5d8c3
2022-01-21 14:42:01 -08:00
Stephen Crane
6f890b474b storageproxyd: Use alternate data path if in DSU state
Adds a check for a DSU mode boot in storageproxyd. Changes path handling
so that storageproxyd will not allow opening a file in the root data
path in DSU mode. Instead, storageproxyd creates an "alternate/"
directory in the data directory and the TA must use this directory to
store its backing file.

Re-landing reverted change: Iad68872dc6915f64eaf26cd3c92c04d9071ef169

Test: Boot into DSU and inspect logs for "Cannot open root data file"
Test: Test that TD writes in DSU mode don't corrupt host image storage
when using a compatible storage TA that supports alternate data mode.
Bug: 203719297

Change-Id: I1d07e7c3d15dc1beba2d340181d1b11a7988f869
2022-01-21 14:41:17 -08:00
David Li
0a4e111bc6 Merge "Revert "storageproxyd: Use alternate data path if in DSU state"" 2022-01-21 07:59:42 +00:00
Stephen Crane
97b8c1d697 Revert "storageproxyd: Use alternate data path if in DSU state"
This reverts commit 7c5658b5fd.

Reason for revert: selinux test errors in some branches

Bug: 215630608
Change-Id: I2a9c9d914b6c1d1248b4f11bd69484ae6b0ba8d1
2022-01-21 06:54:43 +00:00
Treehugger Robot
3ecaae4fdf Merge "storageproxyd: Use alternate data path if in DSU state" 2022-01-20 19:10:40 +00:00
David Drysdale
37514bb907 Report Trusty KeyMint as KmVersion::KEYMINT_2
Bug: 194358913
Test: TreeHugger, VtsAidlKeyMintTargetTest
Change-Id: Ic5e321c739a66a384907539a339511e5418e9c6a
2021-12-15 12:02:06 +00:00
Stephen Crane
7c5658b5fd storageproxyd: Use alternate data path if in DSU state
Adds a check for a DSU mode boot in storageproxyd. Changes path handling
so that storageproxyd will not allow opening a file in the root data
path in DSU mode. Instead, storageproxyd creates an "alternate/"
directory in the data directory and the TA must use this directory to
store its backing file.

Test: Boot into DSU and inspect logs for "Cannot open root data file"
Test: Test that TD writes in DSU mode don't corrupt host image storage
when using a compatible storage TA that supports alternate data mode.

Bug: 203719297
Change-Id: Iad68872dc6915f64eaf26cd3c92c04d9071ef169
2021-12-14 15:24:40 -08:00
David Drysdale
c5b7d179c2 Depend on KeyMint HAL via default
This allows for easier bumping of the KeyMint version level.

At the moment this change should have no effect: the same dependency
is used, just reached via a default rather than explicitly.

However, when the KeyMint version increases in the near future, using
this default should mean that no change is needed here: the default
definition will change to -V2 and this will be referenced here.

Test: TreeHugger
Change-Id: Ic250e5b91ee2b48cd7a05783ce21af16ae330ed1
2021-12-02 08:16:25 +00:00
Armelle Laine
904cae37ce Merge "trusty: update default_applicable_licenses "Android-Apache-2.0"" 2021-11-30 23:41:46 +00:00
Armelle Laine
c2cc120d60 trusty: update default_applicable_licenses "Android-Apache-2.0"
rpmb_dev is a rpmb device stub used in emulation
as well as platform early bringup so we don't expect
any open source developer to be impacted by the migration
from MIT to Apache 2.0.
Note that with such a migration to Apache 2.0, recipients
won't receive lesser permissions, they just have updated
requirements for which license text to share along with the code.

Bug: 191508826
Test: None
Signed-off-by: Armelle Laine <armellel@google.com>
Change-Id: I0ae2bc66901344f8f9227e929a98946e52c50355
2021-11-29 19:53:54 +00:00
Treehugger Robot
1d02ce9ad4 Merge "Configure Trusty KeyMint devices to use attest_keys." 2021-11-22 18:21:09 +00:00
Shawn Willden
b440e0c077 Configure Trusty KeyMint devices to use attest_keys.
Change-Id: If86133e7648b601a4a61ea5614e6971a2bb8d264
Bug: 197096139
Test: Manual
2021-11-22 16:52:30 +00:00
David Drysdale
fcf3fc08e4 KeyMint: don't mix Binder and std shared pointers
Bug: 203871378
Test: VtsAidlKeyMintTargetTest, TreeHugger
Change-Id: I8671342939af2bbdef643be9ce81b0bb9e7ae1a9
2021-10-28 15:39:34 +01:00
Marco Nelissen
3e923cd527 Fix 32-bit build
Bug: None
Test: build
Change-Id: Id1a9c2bd4526750eca9b85896d0e90eed58b8f51
2021-10-20 10:11:52 -07:00
Marco Nelissen
08fec49a3b Log if keymaster IPC takes too long
Bug: None
Test: run with very low timeout and verify it logs
Change-Id: I2818683f65c2191518373609c6171c056de55a9a
2021-10-20 07:51:05 -07:00
Thurston Dang
7e8dab775b storageproxyd: discard writes when checkpointing, if necessary
If a checkpointing operation is in progress, discard any write operations
that are flagged as STORAGE_MSG_FLAG_PRE_COMMIT_CHECKPOINT. In tandem
with trusty-side changes that set the flag appropriately, this avoids
the awkward case where the checkpoint is rolled back, which potentially
leads to inconsistency between the data and the superblock.

Based on Stephen's CL/1845477 "Add helper to check checkpoint state of
mounts".

Test: m storageproxyd
Bug: 194313068
Change-Id: Ib6a432db1bc1b034f803b743b0d7322e3f31d814
2021-10-12 03:47:24 +00:00
Armelle Laine
a3359bb3c9 Merge "storageproxyd: Retry RPMB request on UNIT ATTENTION" 2021-10-04 17:32:51 +00:00
Max Bires
9eb326c9c0 Merge "Make RemoteProvisioner required for KeyMint cc_bin" 2021-09-29 19:26:40 +00:00
Stephen Crane
a9085181af storageproxyd: Retry RPMB request on UNIT ATTENTION
Attempts a retry of the intial write or read when an RPMB command
triggers a UNIT ATTENTION condition. This causes the UA status to be
reset and hopefully result in a successful command. This runs the risk
of retrying a successful write, but we wouldn't have been able to get
the RPMB response after that write anyway due to the UA condition.

Test: m storageproxyd
Bug: 200037389
Change-Id: Ib970e779365bb396756c114684c7f6e56a737ab1
2021-09-29 10:28:43 -07:00
Marco Nelissen
0aae5be54f tipc_test: allow connecting to arbitrary services
Add an option to specify a service name. Currently only the "connect"
test supports this, and will try to connect to the named service
instead of the echo and datasink services.
Also fix the built-in help text, as it was missing the "burst" option,
and didn't mention that the "connect" test connects to both the echo
and datasink services.

Bug: 200034376
Test: run

Change-Id: I3903f94c16320f8e07ac4bfb69e3bb45329138c0
2021-09-24 20:14:24 +00:00
Tri Vo
6aaac7cad9 Merge "storageproxyd: Fix inverted conditional in error checking" 2021-09-24 19:05:05 +00:00
Stephen Crane
bdb2eba4a4 storageproxyd: Fix inverted conditional in error checking
check_scci_sense (now renamed unexpected_scsi_sense) was supposed to
return false iff the sense data was valid and did not contain an error.
This return value was inverted. Invert the return values and rename the
function to clarify its role.

Test: m storageproxyd
Bug: 195544379
Change-Id: I3b84188aabe58345a83d2fd57bb8103e730cf365
2021-09-24 10:20:58 -07:00
Marco Nelissen
92cd8891ff trusty_apploader: log to stderr
Print an error message to stderr on connection failure, so that the
command doesn't exit silently in case of the common user error of
forgetting to run it as root.

Bug: None
Test: Run as regular user, see "permission denied" message.
Change-Id: Ia213dedccab27e6152b5eb969fbee06d82d3d4ff
2021-09-21 15:51:58 -07:00
Marco Nelissen
7637d25ae0 re-tab and clang-format tipc_test
tipc_test.c used a mix of tabs and spaces for indentation and other
things that clang-format doesn't like, so retab and format it.

Bug: None
Test: build
Change-Id: I9b3a64bae54697d43e7fb39fe7d6e1dabe0be380
2021-09-20 17:10:05 -07:00
Stephen Crane
38003165b2 [storageproxyd] Dump binary buffers to log instead of stderr
Rewrites the buffer logging to print to the Android log instead of
stderr. The storageproxyd service is started by init and stderr is not
logged anywhere. Because we want to log sense data errors under normal
operation, we need to log to logcat instead of stderr.

Test: Define RPMB_DEBUG, build for qemu-trusty, run, inspect logcat
Bug: 195544379
Change-Id: Iecc0d4680420bb92c94be628789093888a2f1941
2021-09-15 14:17:38 -07:00
Tri Vo
11ffd99154 Merge "Revert^2 "Activate KeyMint."" 2021-09-13 23:31:49 +00:00
Shawn Willden
9863dd3c10 Revert^2 "Activate KeyMint."
81cdd3f3da

Bug: 177729159
Test: VtsAidlKeyMintTargetTest & CtsKeystoreTestCases
Change-Id: I85d9e57fe83627992ddaa705946893a4b9890001
Merged-In: I85d9e57fe83627992ddaa705946893a4b9890001
2021-09-09 14:27:41 -07:00
Treehugger Robot
4fd0ff9756 Merge changes I928ddebc,Iade322a2
* changes:
  storageproxyd: Add logging of failed RPMB transactions
  storageproxyd: Add file handle param to debug buffer print
2021-09-08 20:01:31 +00:00
Stephen Crane
310d805d96 storageproxyd: Add logging of failed RPMB transactions
Adds parsing and logging of SCSI errors from SG_IO calls for RPMB. Does
not alter behavior of the RPMB proxy in response to these errors.

Test: m storageproxyd
Bug: 195544379
Change-Id: I928ddebcb65aa6c305d3dcab7c64bd19d11a50fa
2021-09-07 19:54:16 -07:00
Stephen Crane
dd3f7b867d storageproxyd: Add file handle param to debug buffer print
Adds a file handle parameter to the debug print_buf function to allow
printing to either stdout or stderr.

Test: m storageproxyd
Bug: 195544379
Change-Id: Iade322a21312a676b3599bddafdfc43b599617ea
2021-09-07 19:53:04 -07:00
Max Bires
b688b38666 Make RemoteProvisioner required for KeyMint cc_bin
This change adds the RPK apk back into the image for Trusty Keymint
devices, though the functionality will still be disabled by the
server check-in for now.

Ignore-AOSP-First: Will be CP'ed to AOSP
Bug: 194509629
Test: atest RemoteProvisionerUnitTests
Change-Id: Ic20ca119bd9c0614f7559b24ad60718c813a0cca
2021-08-26 00:31:44 -07:00
Janis Danisevskis
5b4b52126e Handle long responses by keymint IPC.
The KeyMint TA may send responses that are longer thant the 8K buffer
that the KeyMint HAL holds. This patch introduces
trusty_keymaster_call_2 which can grow the receive buffer on demand.

Bug: 195622501
Test: VTS and CTS test for regression testing.
Change-Id: Ia06e590e547e649ca81cda9a71851f334970788f
Merged-In: Ia06e590e547e649ca81cda9a71851f334970788f
2021-08-12 19:21:11 +00:00
Tri Vo
2b52180603 Merge "trusty: storage: Allow starting without /data mounted" 2021-08-06 05:29:45 +00:00
Tri Vo
91e475068d trusty: storage: Allow starting without /data mounted
Bug: 187105270
Test: m
Change-Id: I3735e0752a6e502536000bd3102abda30cbd58fe
2021-08-02 15:02:11 -07:00
Jiyong Park
1486987d34 Remove ndk_platform backend. Use the ndk backend.
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same 'ndk' backend.

Bug: 161456198
Test: m
Change-Id: I7e60ee840fd64f9e36bafa8baea19daab9c15cea
2021-07-27 12:19:00 +09:00
Armelle Laine
d6ddc20d83 Merge "[trusty-base] Update Trusty Keymint properties" 2021-07-23 14:43:12 +00:00
David Drysdale
267adbd4f1 Merge "TrustyKeyMint: support boot, vendor patchlevels" 2021-07-22 06:32:32 +00:00
David Drysdale
e7697d7101 TrustyKeyMint: support boot, vendor patchlevels
- Invoke TrustyKeymaster::ConfigureVendorPatchlevel() from
   remote keymint Initialize(), using vendor patchlevel retrieved
   from property.
 - Add TrustyKeymaster::ConfigureVendorPatchlevel() method to
   send the CONFIGURE_VENDOR_PATCHLEVEL message.
 - Add message type values for
   CONFIGURE_{VENDOR,BOOT}_PATCHLEVEL messages.

Test: pending device availability
Change-Id: Ie42345112b08ef9c669535cef2de60ea77da15b4
2021-07-21 16:26:32 +01:00
Armelle Laine
bd1dbe2bb5 [trusty-base] Update Trusty Keymint properties
Support legacy 3DES algorithm
(property parity with software implementation)

Bug: 193715461
Change-Id: Id2c45b94b2b3375972dd53fa65186007eda35970
Test: atest VtsAidlKeyMintTargetTest
Signed-off-by: Armelle Laine <armellel@google.com>
2021-07-19 16:14:20 +00:00
David Drysdale
a2aba786fe Merge "Splitting out Trusty IPC into a library." 2021-07-19 09:16:47 +00:00
Wenhao Wang
6e0a762290 trusty:storageproxyd: Add wakelock to the UFS commands
We add a wakelock to the sequence of UFS commands so that
the sequence will not be disrrupted when devices get suspended.

Bug: 193456223
Test: Trusty storage tests
Change-Id: Ib90f8b284017cf261d2a2aea940834a42c21de02
2021-07-15 22:34:58 -07:00
Wenhao Wang
09b493b143 trusty:storageproxyd: Fix return paths on errors
The function send_ufs_rpmb_req is missing return paths on errors.
This patch fixes it so that any UFS command failure will return
error code to the function caller.

Bug: 193855098
Test: Trusty storage tests
Change-Id: I391ecff9ed3f892b7c3adae0ceeb18930791326f
2021-07-15 22:24:11 -07:00
Max Bires
a9362a4e60 Splitting out Trusty IPC into a library.
This allows the relevant IPC code to be included in the provisioner tool
easily as it's shuffled over into a non-AOSP component due to
chip specific requirements in provisioning Device IDs.

Bug: 178796950
Test: Stuff builds
Merged-In: I57482e89035e8648544f87291ec14c6aece09bd0
Change-Id: I57482e89035e8648544f87291ec14c6aece09bd0
2021-07-15 16:17:59 +01:00
Seth Moore
8fe5602099 Merge "Client side implementation of Trusty IRPC HAL" 2021-07-14 16:35:37 +00:00
Tri Vo
f9cfeac49e trusty: Increase timeout for ConfirmationUI fuzzer
Bug: 192923547
Test: trusty_confirmationui_msg_fuzzer
Change-Id: I72755b0a35bbc3f2540672ca53acd14b1add38cb
2021-07-12 16:34:01 -07:00
Max Bires
95b5b04872 Client side implementation of Trusty IRPC HAL
This change includes the code necessary to communicate to the
IRemotelyProvisionedComponent backend implementation running in Trusty.
It also makes the relevant changes to the manifest XML file to add the
IRemotelyProvisionedComponent HAL.

Bug: 192228022
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I32c30ce2dc44e95ff91574ce405f10e3b5dc9699
Merged-In: I32c30ce2dc44e95ff91574ce405f10e3b5dc9699
2021-07-08 03:00:51 +00:00
Janis Danisevskis
b24f12226a Forward HAT and ConfirmationToken to TA on finish.
The Trusty KeyMint HAL did not forward auth tokens and confirmation
tokens to the TA. This broke all per-op-bound key operations.

Test: CtsVerifier biometrics tests.
Bug: 192201272
Merged-In: Ifb2b08514acab78ff3d4fec4bc928260820d4ce0
Change-Id: Ifb2b08514acab78ff3d4fec4bc928260820d4ce0
2021-07-01 15:17:32 -07:00
Treehugger Robot
d669e6291c Merge "trusty: Increase maximum number of coverage counters" 2021-06-25 18:50:30 +00:00
Tri Vo
8ad386576f trusty: Increase maximum number of coverage counters
Confirmation UI TA has 52585 counters.

Bug: 171750250
Test: trusty_confirmationui_tipc_fuzzer
Change-Id: Iecb7c88c41c67ce4ab22c56b9e34ad5370b4018d
2021-06-24 22:23:21 -07:00
Shawn Willden
fed81d8e41 Add TrustyKeyMintDevice
Bug: 177729159
Test: Not testable until more CLs land
Merged-In: Iea4e70bb5b4ce051492f2e42d2e0d219d088388e
Change-Id: Iea4e70bb5b4ce051492f2e42d2e0d219d088388e
2021-06-18 07:11:36 -06:00
Andrei Homescu
4b5afea93b trusty: apploader: Handle invalid version error
Bug: 115426059
Test: m
Change-Id: Ia7a850cceb1f60e77959cff9726e348d8356c26b
2021-05-10 22:19:08 -07:00
Tri Vo
e23e85bee5 Merge "trusty: Helper library for metrics" 2021-05-04 14:17:05 +00:00
Tri Vo
a8919a2e82 trusty: Helper library for metrics
Bug: 182489121
Test: libtrusty_metrics_test
Change-Id: I7fc45ea3319185a8ac55889e56bd484d4774e928
2021-05-03 17:15:30 -07:00
Stephen Crane
e54e8d4ebf Trusty: Move tipc fuzzer connection to end of iteration
We detect a TA crash by not being able to reconnect to its channel. We
were previously connecting to the TA at the beginning of each fuzz
iteration, but this results in only detecting a crash on the following
iteration. By moving this connection to the end of the fuzz iteration,
we can detect a crash corresponding to the correct fuzz iteration and
libFuzzer will produce the correct crashing input.

Test: /data/fuzz/arm64/trusty_keymaster_fuzzer/trusty_keymaster_fuzzer
Bug: 185407818
Change-Id: I6808c72611fcabab5b314218f8b588dd7d944188
2021-04-15 01:02:50 +00:00
Treehugger Robot
817f8971ac Merge "trusty: apploader: Log errors to logcat" 2021-04-01 05:30:25 +00:00
Tri Vo
413ab28953 trusty: apploader: Log errors to logcat
Otherwise, these error logs don't end up in bugreports, making it very
difficult to debug.

When using locally, users will have to check logcat instead of stderr.

Bug: 183919392
Bug: 115420908
Test: m
Change-Id: I3b829347971d05968b851e11ce784829d12ef098
2021-03-31 13:27:57 -07:00
Hridya Valsaraju
b3ebe7cd10 Add legacy-align parameter to DmabufHeapAlloc()
The parameter is intended to make the API backwards compatible with
legacy ION devices. It will be ignored for devices that support DMA-BUF
heaps.

Test: build
Bug: 154310076
Change-Id: Ic5b49269283caa7d05d9468f8ed7f02e1b3c1f1e
Merged-In: Ic5b49269283caa7d05d9468f8ed7f02e1b3c1f1e
2021-03-23 16:51:40 -07:00
Bob Badour
576104304d [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  libstats/pull_lazy/Android.bp
  libstats/socket_lazy/Android.bp
  trusty/utils/acvp/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I33005150521238b61d1a8c923749b17d36bba693
2021-03-17 12:59:19 -07:00
Wenhao Wang
b0f77dfe3b Merge "Trusty: Add BoringSSL modulewrapper for ACVP" 2021-03-17 18:54:36 +00:00
Tri Vo
9905ad2cad trusty: fuzz: Poke the port of lazy-loaded TAs to load them.
We need to do this to make sure that target TA is connected to coverage
service.

Bug: 171750250
Test: trusty_test_fuzzer
Change-Id: I207b8c674a0c5630dd6baf966d3dfb243a855be0
2021-03-15 23:31:00 -07:00
Kris Alder
5e8ee3102e enable fuzzing trusty targets automatically
The non-test fuzz targets should run automatically in Haiku.

None of these should be built for Host, and all but the
trusty_test_fuzzer should be built for Target.

Test: built locally (make haiku) and checked that non-test trusty fuzz
targets are included as expected.

Change-Id: Ic67b1e1ddea8ed61b83deef66acdeb0891489195
2021-03-11 15:07:01 +00:00
Tri Vo
5ff073e832 trusty: Fuzzer for ConfirmationUI messages
ConfirmationUI messages are a higher-level abstraction than TIPC
messages (which is what TIPC fuzzer fuzzes).

Bug: 174402999
Test: trusty_confirmationui_msg_fuzzer
Change-Id: I1e1e2c7070b87b78d6236993330df65202840ce6
2021-03-02 12:21:49 -08:00
Tri Vo
fcfa3cd9b5 trusty: Use a simple TIPC fuzzer for ConfirmationUI
Bug: 174402999
Test: trusty_confirmationui_tipc_fuzzer
Change-Id: I9c86a12cba75a2b5ae78621373aa39f299abfe0a
2021-03-02 12:20:10 -08:00
Tri Vo
5c1d2e1dff trusty: Apploader fuzzer
Bug: 181630912
Test: trusty_apploader_tipc_fuzzer
Test: trusty_apploader_app_fuzzer
Change-Id: I1cc2329ca2a4e983f6ded45810d4c34e1433c5b0
2021-03-01 23:29:03 -08:00
Tri Vo
123c038e1a trusty: Fuzz keymaster TA using generic TIPC fuzzer
Bug: 171750250
Test: trusty_keymaster_fuzzer
Change-Id: I94a1cc28276d198f698906212a8a5d15ac07ae1e
2021-02-27 14:09:06 -08:00
Tri Vo
e4a80fe066 trusty: Fuzz gatekeeper TA using generic TIPC fuzzer
Bug: 171750250
Test: trusty_gatekeeper_fuzzer
Change-Id: Ib3f40e7d2c01cdd2ca8df35f4b84234ddf7dbe50
2021-02-26 20:24:58 -08:00
Tri Vo
f41fee5879 trusty: Generic parameterizable TIPC fuzzer
Bug: 171750250
Test: trusty_test_fuzzer
Change-Id: I57c4aacc6725689d16dd88db2faa8ead59bcc49a
2021-02-26 19:14:47 -08:00
Tri Vo
3c8a004a8d trusty: coverage: Add UUID helpers
Function to parse string was borrowed from Trusty.

Bug: 171750250
Test: trusty_test_fuzzer
Change-Id: I8430579f142db2c174874aff373bce6bb868de31
2021-02-26 19:14:47 -08:00
Treehugger Robot
1d9764209f Merge "trusty: Export ConfirmationUI helper classes" 2021-02-26 22:31:59 +00:00
Tri Vo
e3cdd2945a Merge "trusty: Add keymaster fuzzer corpus" 2021-02-25 23:18:08 +00:00
Tri Vo
ec1d6caec3 Merge "trusty: Increase maximum number of coverage counters" 2021-02-25 06:22:39 +00:00
Arve Hjønnevåg
06ac3e24fe Merge "trusty: Fix apploader short option" 2021-02-25 04:32:52 +00:00
Stephen Crane
0ecf0530db trusty: Increase maximum number of coverage counters
The keymaster TA has 30841 distinct coverage counters, so 0x4000 counter
slots is not enough to handle this TA. Increase maximum number of
coverage counters to 0x8000.

Test: adb shell trusty_keymaster_fuzzer
Bug: 175918322
Change-Id: I879d18538edb4933a4205c8f73b7939ddbf69e37
2021-02-24 15:37:10 -08:00
Stephen Crane
885295f070 trusty: Add keymaster fuzzer corpus
Add an initial corpus for the keymaster fuzzer derived from running the
keystore2 unittests.

Test: adb shell "cd /data/fuzz/arm64/trusty_keymaster_fuzzer/ && ./trusty_keymaster_fuzzer corpus"
Bug: 175918322
Change-Id: I839bb9bacee1800cf2da25aedbb4ce3eccf16cba
2021-02-24 15:34:35 -08:00
Tri Vo
7280acc996 Merge "trusty: fuzz: Link to libtrusty dynamically" 2021-02-23 20:35:01 +00:00
Tri Vo
abd86f8f98 trusty: Export ConfirmationUI helper classes
And fix namespaces.

Bug: 174402999
Test: m
Change-Id: I54dcc92d8c153d0fa2b10b2679a9a871699de8b1
2021-02-23 11:31:35 -08:00
Tri Vo
cb89889af3 trusty: fuzz: Link to libtrusty dynamically
libtrusty can be depended on by multiple thing in a fuzzer's
dependencies tree. It's no longer convenient to link to statically.

Leave tests statically linked. Test infra doesn't seem to handle shared
test libs correctly.

Bug: 171750250
Test: trusty_test_fuzzer libtrusty_coverage_test
Change-Id: Ic7d003151e43fb5bab63354fd42ea9667332743f
2021-02-23 10:23:37 -08:00
Tri Vo
3e9dbccde6 Merge "Update OWNERS based on Trusty team membership" 2021-02-23 05:56:19 +00:00
Tri Vo
eefaf0bb3a Update OWNERS based on Trusty team membership
Change-Id: I2a940f57b3f5da67e12d4f89f9980036d47be321
2021-02-22 14:51:14 -08:00
Greg Kaiser
3e02a60412 trusty: Remove redundant check
This repeats a check in the lines immediately before it.

Test: TreeHugger
Change-Id: I47ac9f359018b87bc283657eddb75ad3d175244e
2021-02-21 10:31:40 -08:00
Stephen Crane
4778579283 Trusty: Add BoringSSL modulewrapper for ACVP
In order to validate the BoringSSL implementation in Trusty using ACVP,
we need a modulewrapper tool that forwards requests to Trusty and back
to the ACVP tool. Adds this tool, which interfaces with the Trusty ACVP
testing service.

Test: make trusty_acvp_modulewrapper
Test: adb shell "acvptool -wrapper trusty_acvp_modulewrapper -json vectors/ACVP-AES-CBC"
Bug: 173805789
Change-Id: I3028e44c00f8e315dfd94ea34c004bbd25fab788
2021-02-19 17:27:46 -08:00
Bob Badour
d69ad69a93 [LSC] Add LOCAL_LICENSE_KINDS to system/core
Added SPDX-license-identifier-Apache-2.0 to:
  bootstat/Android.bp
  cli-test/Android.bp
  code_coverage/Android.bp
  cpio/Android.bp
  debuggerd/crasher/Android.bp
  debuggerd/proto/Android.bp
  diagnose_usb/Android.bp
  fs_mgr/libdm/Android.bp
  fs_mgr/libfiemap/Android.bp
  fs_mgr/liblp/Android.bp
  fs_mgr/libsnapshot/Android.bp
  fs_mgr/libstorage_literals/Android.bp
  fs_mgr/libvbmeta/Android.bp
  fs_mgr/tests/Android.bp
  fs_mgr/tools/Android.bp
  gatekeeperd/Android.bp
  healthd/Android.bp
  healthd/testdata/Android.bp
  init/Android.bp
  init/Android.mk
  init/sysprop/Android.bp
  init/test_kill_services/Android.bp
  init/test_service/Android.bp
  libappfuse/Android.bp
  libasyncio/Android.bp
  libbinderwrapper/Android.bp
  libcrypto_utils/Android.bp
  libcrypto_utils/tests/Android.bp
  libdiskconfig/Android.bp
  libgrallocusage/Android.bp
  libkeyutils/mini_keyctl/Android.bp
  libmodprobe/Android.bp
  libnetutils/Android.bp
  libpackagelistparser/Android.bp
  libprocessgroup/Android.bp
  libprocessgroup/cgrouprc/Android.bp
  libprocessgroup/cgrouprc_format/Android.bp
  libprocessgroup/profiles/Android.bp
  libprocessgroup/setup/Android.bp
  libqtaguid/Android.bp
  libsparse/Android.bp
  libstats/push_compat/Android.bp
  libsuspend/Android.bp
  libsync/Android.bp
  libsystem/Android.bp
  libsysutils/Android.bp
  libusbhost/Android.bp
  libutils/Android.bp
  libvndksupport/Android.bp
  libvndksupport/tests/Android.bp
  llkd/Android.bp
  llkd/tests/Android.bp
  property_service/libpropertyinfoparser/Android.bp
  property_service/libpropertyinfoserializer/Android.bp
  property_service/property_info_checker/Android.bp
  qemu_pipe/Android.bp
  reboot/Android.bp
  rootdir/Android.bp
  rootdir/Android.mk
  rootdir/avb/Android.bp
  rootdir/avb/Android.mk
  run-as/Android.bp
  sdcard/Android.bp
  set-verity-state/Android.bp
  shell_and_utilities/Android.bp
  storaged/Android.bp
  toolbox/Android.bp
  trusty/apploader/Android.bp
  trusty/confirmationui/Android.bp
  trusty/confirmationui/fuzz/Android.bp
  trusty/coverage/Android.bp
  trusty/fuzz/Android.bp
  trusty/fuzz/test/Android.bp
  trusty/gatekeeper/Android.bp
  trusty/gatekeeper/fuzz/Android.bp
  trusty/keymaster/Android.bp
  trusty/keymaster/fuzz/Android.bp
  trusty/libtrusty/Android.bp
  trusty/libtrusty/tipc-test/Android.bp
  trusty/secure_dpu/Android.bp
  trusty/storage/interface/Android.bp
  trusty/storage/lib/Android.bp
  trusty/storage/proxy/Android.bp
  trusty/storage/tests/Android.bp
  trusty/utils/spiproxyd/Android.bp
  trusty/utils/trusty-ut-ctrl/Android.bp
  usbd/Android.bp
  watchdogd/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  debuggerd/Android.bp
  fastboot/Android.bp
  libkeyutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
    SPDX-license-identifier-MIT
to:
  libcutils/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
  fs_mgr/Android.bp
  fs_mgr/libfs_avb/Android.bp
  trusty/Android.bp
  trusty/utils/rpmb_dev/Android.bp

Added SPDX-license-identifier-BSD
to:
  fastboot/fuzzy_fastboot/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: Id740a7d2884556081fdb68876584b25eb95e1bef
2021-02-19 12:59:05 -08:00
Tri Vo
19b62a5182 trusty: ConfirmationUI HAL<->TA IPC using shared memory
Bug: 148421469
Test: VtsHalConfirmationUIV1_0TargetTest
Change-Id: I686150b64da3d3e95618f29e396990660f2054ba
2021-02-17 11:10:14 -08:00
Tri Vo
83e66f792e Merge changes I9e4cbf11,I41cde13a
* changes:
  trusty: Allow fuzzing without coverage
  trusty: Fix up error messages
2021-02-11 22:39:29 +00:00
Andrei Homescu
909beaeae3 trusty: Fix apploader short option
Fix a typo in one of the short command line options
for the Trusty application loader. The typo caused
the tool to incorrectly accept the -s short option
and ignore it, but not accept the -D option which
is the short version of --dev.

Bug: 115420908
Test: m
Change-Id: I9d03f8dd20adedbd820621ae8f9b4d13137041ed
2021-02-11 12:55:00 -08:00
Tri Vo
19eccb4f51 trusty: Allow fuzzing without coverage
Bug: 171750250
Test: m
Change-Id: I9e4cbf11fd223092f9ad800b35d0502c27f71e8f
2021-02-10 16:46:24 -08:00
Tri Vo
ce812a22ca trusty: Fix up error messages
Bug: 171750250
Test: m
Change-Id: I41cde13a891da36c85df6a451b2d051c18365797
2021-02-10 13:31:24 -08:00
Arve Hjønnevåg
7b204ac4ca Merge "trusty: Android part of dynamic app loader" 2021-02-02 01:39:56 +00:00
Andrei Homescu
08d66c5036 trusty: Android part of dynamic app loader
Implement the Android tool that uploads Trusty application package files
to the Trusty app loader.

Bug: 115420908
Test: trusty_apploader boot-start-srv.app
Change-Id: Ie21b8cad749fd565579483944a8b71e861d3a51a
2021-02-01 14:00:35 -08:00
Marco Nelissen
003bf066b2 Merge "Send DeleteUsers/DeleteAllUsers to Trusty" 2021-01-30 22:55:43 +00:00
Shawn Willden
657f71cd26 Add attestation key to generate/import messages
Bug: 171845787
Test: Build
Change-Id: I59bd25dc8998668f0ea2053f3e647bf6cc58885a
2021-01-28 11:56:14 -07:00
Marco Nelissen
53dc3c99b7 Send DeleteUsers/DeleteAllUsers to Trusty
Actually route the DeleteUsers/DeleteAllUsers calls to Trusty,
instead of immediately returning ERROR_NOT_IMPLEMENTED.

Bug: 160731903
Test: "atest VtsHalGatekeeperV1_0TargetTest"
      manual testing with added instrumentation
Change-Id: I11fdaa0812fdfbc9b926611b15d84513ab13b18e
2021-01-25 17:55:19 -08:00
ichihlu
9ee8a75e6b Secure DPU: add folder for common headers
The header SecureDPU.h is moved out from the device specific folder as
it can be shared for different devices.

Bug: 176508588
Test: Pass TUI VTS test on the emulator.
Change-Id: I7695b49c4f7a247b570ced61145471efef3d0a3d
2021-01-22 06:31:37 +00:00