The HAL has been updated to V2, but the trusty prebuilt implementation
does not yet have that code. Update trusty secretkeeper build to use V1
specifically instead of latest until the prebuilt has those changes.
Bug: 372223451
Test: TH
Change-Id: Ic2e9b578b50685d71b5597d8d34ac7ee36b6ddc9
- Declare v4 HAL.
- Declare version 400 in Package Manager (when unfrozen).
- Link to current (V4 when unfrozen) versions of support libraries.
- Add `setAdditionalAttestationInfo()` method to HAL service.
- Add `SetAdditionalAttestationInfo()` method to implementation, using
the common message types.
- Add Trusty-specific message code for the
`SET_ADDITIONAL_ATTESTATION_INFO` message exchange.
Test: VtsAidlKeyMintTargetTest (new test fails until TA updated too)
Bug: 369375199
Change-Id: I4699aea3ab8a0723a5c2bc1493f7bbb69cdfd6df
As per comment in aosp/3342288
Bug: 368502791
Test: launch_cvd --secure_hals=guest_keymint_trusty_insecure
Test: atest VtsAidlSharedSecretTargetTest
Change-Id: I71b6266fbd480c0ebe2a7946adadd88f38afb3e7
This allows us to regroup Widevine VM under the same trusty
group.
Bug: 368502791
Test: launch_cvd --secure_hals=guest_keymint_trusty_insecure
Test: atest VtsAidlSharedSecretTargetTest
Change-Id: Ica76a896e99f70a64af229bda68622a2ce0dea1f
The KeyMint HAL has been updated to v4, but frozen builds (e.g. 25Q1)
remain on the previous version. The core AIDL version is handled
automatically, but we also have a package manager flag whose value
is (100 * HAL-version). Use `RELEASE_AIDL_USE_UNFROZEN` to switch
between `required` configs for that.
Test: TreeHugger
Bug: 377808462
Bug: 378026324
Change-Id: Id042bee2a81e8563e1029ea7bb43452715e3edee
The binary implements V3 of the KeyMint HAL, so the feature version
should match.
Bug: 369375199
Bug: 378384123
Test: treehugger
Change-Id: Ib26ac73cf6593d9a50f7a019129c6e5e237ae2cd
To organize it under trusty and distinguish it from
Widevine VM.
Bug: 368502791
Test: launch_cvd --secure_hals=guest_keymint_trusty_insecure
Test: atest VtsAidlSharedSecretTargetTest
Change-Id: I48e43b9709e59b1cb9e1ba9113d5ef894469f485
libkeymint depends on the latest version of the HAL, which will soon be
bumped to v4. Since this implementation won't immediately be upgraded,
and this dependency seems unused, remove it.
Bug: 369375199
Test: Treehugger
Change-Id: I5e952595bb4d4d8a283b286b5054576394788f16
The D flag requires an argument so it should be followed by a colon
in sopts. Adding the missing colon is necessary to prevent a segfault.
Test: path/to/tipc-test -D VSOCK:200:1
Bug None
Change-Id: I78119b7e42aba5d30b62d88ff5d94c01dbc2eb64
When using vsock in stream mode (or any other stream mode connection)
message boundaries are not preserved, so the original messages can get
both split and merged. The TEST_MESSAGE and TEST_TEXT messages don't
have a length field which makes it imposible to support every possible
message that can be sent over a channel that preserves message
boundaries. Since the current message header types don't contain any
printable character, we assume any of these characters in a message
payload means that two messages got merged, so we split them back up.
Additionally, if we receive a message that does not start with a valid
message header, we assume it is a continuation of the previous message.
Test: trusty-ut-ctrl -D VSOCK:2:1 com.android.libctest ^Z fg
Bug: 298705967
Change-Id: I0e470a23664268f86e4defd824c47be3479c8f25
matching the naming convention for a system service property
Bug: 309007107
Test: launch_cvd --noresume --console=true \
--extra_kernel_cmdline='androidboot.selinux=permissive' \
--secure_hals=guest_keymint_trusty_insecure
Change-Id: I7c31f36dcac49d60469de44ce75c9b46a333786e
If the ro.hardware.trusty_ipc_dev.gatekeeper (respectively .keymint) property is set, pass it as the device name to the gatekeeper (respectively keymint) HALs.
Test: "setprop ro.hardware.trusty_ipc_dev VSOCK:2048:1" and restart HALs
Change-Id: I0947e532ac70ce1821cec49897f21ca10e1af03e
The new binary sets non-secure RoT for keymint. The non-secure
version will be used on cuttlefish.
Bug: 355194622
Test: CF is gets booted with KeyMint TA in VM
Change-Id: Iff202c6d4bb70dabeb866b4f3fbc18c006bb219e
Building rpmb_dev as a host tool in soong makes it easy to package for
acloud, rather than building it in the Trusty build system and uploading
that to the remote instance.
Test: m
Bug: 354771029
Change-Id: I3b7f623238957ae3b25524d424025fd08f805657
Add support for connecting to a vsock port that multiplexes trusty
services. The first vsock packet contains the tipc port name. To enable
this mode, pass "VSOCK:<cid>:<port>" as the device name string (where
<cid> and <port> is replaced with the cid and port numbers you want to
connect to).
Test: manual - ran storageproxyd and storage test with new option
Bug: 298705967
Change-Id: I9b75244ca38b7eb69ed7fc19b27aa309d0f7ed13
Background:
* -f = Allows mapping files in the format `-f file:backing_file`. This
can be used for mapping secure storage files like `0` and `persist/0`
to block devices. Storageproxyd will handle creating the appropriate
symlinks in the root datapath
* -m = Allows specifying the the max size constraint for file backed storages.
The constraint is chosen by giving a file, this allows for passing a
block device for which a max file size can be queried. File based
storages will be constrained to that size as well.
Bug: 324989972
Test: File sizes are restricted as specified, and mappings are created
Change-Id: I8ff550afafbd372288daa9e27c4db3451948b25d
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
