Merge "Add more info on control key param" into rvc-dev am: c0e9ca7987
Change-Id: Ic31890f442ab8f0572fbf505f573f5160a749503
diff --git a/boot/1.1/default/boot_control/Android.bp b/boot/1.1/default/boot_control/Android.bp
new file mode 100644
index 0000000..b2e68df
--- /dev/null
+++ b/boot/1.1/default/boot_control/Android.bp
@@ -0,0 +1,61 @@
+//
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_defaults {
+ name: "libboot_control_defaults",
+ vendor: true,
+ recovery_available: true,
+ relative_install_path: "hw",
+
+ cflags: [
+ "-D_FILE_OFFSET_BITS=64",
+ "-Werror",
+ "-Wall",
+ "-Wextra",
+ ],
+
+ shared_libs: [
+ "android.hardware.boot@1.1",
+ "libbase",
+ "liblog",
+ ],
+ static_libs: [
+ "libbootloader_message_vendor",
+ "libfstab",
+ ],
+}
+
+cc_library_static {
+ name: "libboot_control",
+ defaults: ["libboot_control_defaults"],
+ export_include_dirs: ["include"],
+
+ srcs: ["libboot_control.cpp"],
+}
+
+cc_library_shared {
+ name: "bootctrl.default",
+ defaults: ["libboot_control_defaults"],
+
+ srcs: ["legacy_boot_control.cpp"],
+
+ static_libs: [
+ "libboot_control",
+ ],
+ shared_libs: [
+ "libhardware",
+ ],
+}
diff --git a/boot/1.1/default/boot_control/include/libboot_control/libboot_control.h b/boot/1.1/default/boot_control/include/libboot_control/libboot_control.h
new file mode 100644
index 0000000..5468658
--- /dev/null
+++ b/boot/1.1/default/boot_control/include/libboot_control/libboot_control.h
@@ -0,0 +1,89 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#pragma once
+
+#include <string>
+
+#include <android/hardware/boot/1.1/IBootControl.h>
+
+namespace android {
+namespace bootable {
+
+// Helper library to implement the IBootControl HAL using the misc partition.
+class BootControl {
+ using MergeStatus = ::android::hardware::boot::V1_1::MergeStatus;
+
+ public:
+ bool Init();
+ unsigned int GetNumberSlots();
+ unsigned int GetCurrentSlot();
+ bool MarkBootSuccessful();
+ bool SetActiveBootSlot(unsigned int slot);
+ bool SetSlotAsUnbootable(unsigned int slot);
+ bool SetSlotBootable(unsigned int slot);
+ bool IsSlotBootable(unsigned int slot);
+ const char* GetSuffix(unsigned int slot);
+ bool IsSlotMarkedSuccessful(unsigned int slot);
+ bool SetSnapshotMergeStatus(MergeStatus status);
+ MergeStatus GetSnapshotMergeStatus();
+
+ bool IsValidSlot(unsigned int slot);
+
+ const std::string& misc_device() const {
+ return misc_device_;
+ }
+
+ private:
+ // Whether this object was initialized with data from the bootloader message
+ // that doesn't change until next reboot.
+ bool initialized_ = false;
+
+ // The path to the misc_device as reported in the fstab.
+ std::string misc_device_;
+
+ // The number of slots present on the device.
+ unsigned int num_slots_ = 0;
+
+ // The slot where we are running from.
+ unsigned int current_slot_ = 0;
+};
+
+// Helper functions to write the Virtual A/B merge status message. These are
+// separate because BootControl uses bootloader_control_ab in vendor space,
+// whereas the Virtual A/B merge status is in system space. A HAL might not
+// use bootloader_control_ab, but may want to use the AOSP method of maintaining
+// the merge status.
+
+// If the Virtual A/B message has not yet been initialized, then initialize it.
+// This should be called when the BootControl HAL first loads.
+//
+// If the Virtual A/B message in misc was already initialized, true is returned.
+// If initialization was attempted, but failed, false is returned, and the HAL
+// should fail to load.
+bool InitMiscVirtualAbMessageIfNeeded();
+
+// Save the current merge status as well as the current slot.
+bool SetMiscVirtualAbMergeStatus(unsigned int current_slot,
+ android::hardware::boot::V1_1::MergeStatus status);
+
+// Return the current merge status. If the saved status is SNAPSHOTTED but the
+// slot hasn't changed, the status returned will be NONE.
+bool GetMiscVirtualAbMergeStatus(unsigned int current_slot,
+ android::hardware::boot::V1_1::MergeStatus* status);
+
+} // namespace bootable
+} // namespace android
diff --git a/boot/1.1/default/boot_control/include/private/boot_control_definition.h b/boot/1.1/default/boot_control/include/private/boot_control_definition.h
new file mode 100644
index 0000000..8f02111
--- /dev/null
+++ b/boot/1.1/default/boot_control/include/private/boot_control_definition.h
@@ -0,0 +1,111 @@
+/*
+ * Copyright (C) 2019 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+/**
+ * The A/B-specific bootloader message structure (4-KiB).
+ *
+ * We separate A/B boot control metadata from the regular bootloader
+ * message struct and keep it here. Everything that's A/B-specific
+ * stays after struct bootloader_message, which belongs to the vendor
+ * space of /misc partition. Also, the A/B-specific contents should be
+ * managed by the A/B-bootloader or boot control HAL.
+ *
+ * The slot_suffix field is used for A/B implementations where the
+ * bootloader does not set the androidboot.ro.boot.slot_suffix kernel
+ * commandline parameter. This is used by fs_mgr to mount /system and
+ * other partitions with the slotselect flag set in fstab. A/B
+ * implementations are free to use all 32 bytes and may store private
+ * data past the first NUL-byte in this field. It is encouraged, but
+ * not mandatory, to use 'struct bootloader_control' described below.
+ *
+ * The update_channel field is used to store the Omaha update channel
+ * if update_engine is compiled with Omaha support.
+ */
+struct bootloader_message_ab {
+ struct bootloader_message message;
+ char slot_suffix[32];
+ char update_channel[128];
+
+ // Round up the entire struct to 4096-byte.
+ char reserved[1888];
+};
+
+/**
+ * Be cautious about the struct size change, in case we put anything post
+ * bootloader_message_ab struct (b/29159185).
+ */
+#if (__STDC_VERSION__ >= 201112L) || defined(__cplusplus)
+static_assert(sizeof(struct bootloader_message_ab) == 4096,
+ "struct bootloader_message_ab size changes");
+#endif
+
+#define BOOT_CTRL_MAGIC 0x42414342 /* Bootloader Control AB */
+#define BOOT_CTRL_VERSION 1
+
+struct slot_metadata {
+ // Slot priority with 15 meaning highest priority, 1 lowest
+ // priority and 0 the slot is unbootable.
+ uint8_t priority : 4;
+ // Number of times left attempting to boot this slot.
+ uint8_t tries_remaining : 3;
+ // 1 if this slot has booted successfully, 0 otherwise.
+ uint8_t successful_boot : 1;
+ // 1 if this slot is corrupted from a dm-verity corruption, 0
+ // otherwise.
+ uint8_t verity_corrupted : 1;
+ // Reserved for further use.
+ uint8_t reserved : 7;
+} __attribute__((packed));
+
+/* Bootloader Control AB
+ *
+ * This struct can be used to manage A/B metadata. It is designed to
+ * be put in the 'slot_suffix' field of the 'bootloader_message'
+ * structure described above. It is encouraged to use the
+ * 'bootloader_control' structure to store the A/B metadata, but not
+ * mandatory.
+ */
+struct bootloader_control {
+ // NUL terminated active slot suffix.
+ char slot_suffix[4];
+ // Bootloader Control AB magic number (see BOOT_CTRL_MAGIC).
+ uint32_t magic;
+ // Version of struct being used (see BOOT_CTRL_VERSION).
+ uint8_t version;
+ // Number of slots being managed.
+ uint8_t nb_slot : 3;
+ // Number of times left attempting to boot recovery.
+ uint8_t recovery_tries_remaining : 3;
+ // Status of any pending snapshot merge of dynamic partitions.
+ uint8_t merge_status : 3;
+ // Ensure 4-bytes alignment for slot_info field.
+ uint8_t reserved0[1];
+ // Per-slot information. Up to 4 slots.
+ struct slot_metadata slot_info[4];
+ // Reserved for further use.
+ uint8_t reserved1[8];
+ // CRC32 of all 28 bytes preceding this field (little endian
+ // format).
+ uint32_t crc32_le;
+} __attribute__((packed));
+
+#if (__STDC_VERSION__ >= 201112L) || defined(__cplusplus)
+static_assert(sizeof(struct bootloader_control) ==
+ sizeof(((struct bootloader_message_ab *)0)->slot_suffix),
+ "struct bootloader_control has wrong size");
+#endif
+
diff --git a/boot/1.1/default/boot_control/legacy_boot_control.cpp b/boot/1.1/default/boot_control/legacy_boot_control.cpp
new file mode 100644
index 0000000..73d3a58
--- /dev/null
+++ b/boot/1.1/default/boot_control/legacy_boot_control.cpp
@@ -0,0 +1,115 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <string>
+
+#include <hardware/boot_control.h>
+#include <hardware/hardware.h>
+
+#include <libboot_control/libboot_control.h>
+
+using android::bootable::BootControl;
+
+struct boot_control_private_t {
+ // The base struct needs to be first in the list.
+ boot_control_module_t base;
+
+ BootControl impl;
+};
+
+namespace {
+
+void BootControl_init(boot_control_module_t* module) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ impl.Init();
+}
+
+unsigned int BootControl_getNumberSlots(boot_control_module_t* module) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.GetNumberSlots();
+}
+
+unsigned int BootControl_getCurrentSlot(boot_control_module_t* module) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.GetCurrentSlot();
+}
+
+int BootControl_markBootSuccessful(boot_control_module_t* module) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.MarkBootSuccessful() ? 0 : -1;
+}
+
+int BootControl_setActiveBootSlot(boot_control_module_t* module, unsigned int slot) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.SetActiveBootSlot(slot) ? 0 : -1;
+}
+
+int BootControl_setSlotAsUnbootable(struct boot_control_module* module, unsigned int slot) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.SetSlotAsUnbootable(slot) ? 0 : -1;
+}
+
+int BootControl_isSlotBootable(struct boot_control_module* module, unsigned int slot) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.IsSlotBootable(slot) ? 0 : -1;
+}
+
+int BootControl_isSlotMarkedSuccessful(struct boot_control_module* module, unsigned int slot) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.IsSlotMarkedSuccessful(slot) ? 0 : -1;
+}
+
+const char* BootControl_getSuffix(boot_control_module_t* module, unsigned int slot) {
+ auto& impl = reinterpret_cast<boot_control_private_t*>(module)->impl;
+ return impl.GetSuffix(slot);
+}
+
+static int BootControl_open(const hw_module_t* module __unused, const char* id __unused,
+ hw_device_t** device __unused) {
+ /* Nothing to do currently. */
+ return 0;
+}
+
+struct hw_module_methods_t BootControl_methods = {
+ .open = BootControl_open,
+};
+
+} // namespace
+
+boot_control_private_t HAL_MODULE_INFO_SYM = {
+ .base =
+ {
+ .common =
+ {
+ .tag = HARDWARE_MODULE_TAG,
+ .module_api_version = BOOT_CONTROL_MODULE_API_VERSION_0_1,
+ .hal_api_version = HARDWARE_HAL_API_VERSION,
+ .id = BOOT_CONTROL_HARDWARE_MODULE_ID,
+ .name = "AOSP reference bootctrl HAL",
+ .author = "The Android Open Source Project",
+ .methods = &BootControl_methods,
+ },
+ .init = BootControl_init,
+ .getNumberSlots = BootControl_getNumberSlots,
+ .getCurrentSlot = BootControl_getCurrentSlot,
+ .markBootSuccessful = BootControl_markBootSuccessful,
+ .setActiveBootSlot = BootControl_setActiveBootSlot,
+ .setSlotAsUnbootable = BootControl_setSlotAsUnbootable,
+ .isSlotBootable = BootControl_isSlotBootable,
+ .getSuffix = BootControl_getSuffix,
+ .isSlotMarkedSuccessful = BootControl_isSlotMarkedSuccessful,
+ },
+};
diff --git a/boot/1.1/default/boot_control/libboot_control.cpp b/boot/1.1/default/boot_control/libboot_control.cpp
new file mode 100644
index 0000000..2c6ccaf
--- /dev/null
+++ b/boot/1.1/default/boot_control/libboot_control.cpp
@@ -0,0 +1,425 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <libboot_control/libboot_control.h>
+
+#include <endian.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <string.h>
+
+#include <string>
+
+#include <android-base/file.h>
+#include <android-base/logging.h>
+#include <android-base/properties.h>
+#include <android-base/stringprintf.h>
+#include <android-base/unique_fd.h>
+#include <bootloader_message/bootloader_message.h>
+
+#include "private/boot_control_definition.h"
+
+namespace android {
+namespace bootable {
+
+using ::android::hardware::boot::V1_1::MergeStatus;
+
+// The number of boot attempts that should be made from a new slot before
+// rolling back to the previous slot.
+constexpr unsigned int kDefaultBootAttempts = 7;
+static_assert(kDefaultBootAttempts < 8, "tries_remaining field only has 3 bits");
+
+constexpr unsigned int kMaxNumSlots =
+ sizeof(bootloader_control::slot_info) / sizeof(bootloader_control::slot_info[0]);
+constexpr const char* kSlotSuffixes[kMaxNumSlots] = { "_a", "_b", "_c", "_d" };
+constexpr off_t kBootloaderControlOffset = offsetof(bootloader_message_ab, slot_suffix);
+
+static uint32_t CRC32(const uint8_t* buf, size_t size) {
+ static uint32_t crc_table[256];
+
+ // Compute the CRC-32 table only once.
+ if (!crc_table[1]) {
+ for (uint32_t i = 0; i < 256; ++i) {
+ uint32_t crc = i;
+ for (uint32_t j = 0; j < 8; ++j) {
+ uint32_t mask = -(crc & 1);
+ crc = (crc >> 1) ^ (0xEDB88320 & mask);
+ }
+ crc_table[i] = crc;
+ }
+ }
+
+ uint32_t ret = -1;
+ for (size_t i = 0; i < size; ++i) {
+ ret = (ret >> 8) ^ crc_table[(ret ^ buf[i]) & 0xFF];
+ }
+
+ return ~ret;
+}
+
+// Return the little-endian representation of the CRC-32 of the first fields
+// in |boot_ctrl| up to the crc32_le field.
+uint32_t BootloaderControlLECRC(const bootloader_control* boot_ctrl) {
+ return htole32(
+ CRC32(reinterpret_cast<const uint8_t*>(boot_ctrl), offsetof(bootloader_control, crc32_le)));
+}
+
+bool LoadBootloaderControl(const std::string& misc_device, bootloader_control* buffer) {
+ android::base::unique_fd fd(open(misc_device.c_str(), O_RDONLY));
+ if (fd.get() == -1) {
+ PLOG(ERROR) << "failed to open " << misc_device;
+ return false;
+ }
+ if (lseek(fd, kBootloaderControlOffset, SEEK_SET) != kBootloaderControlOffset) {
+ PLOG(ERROR) << "failed to lseek " << misc_device;
+ return false;
+ }
+ if (!android::base::ReadFully(fd.get(), buffer, sizeof(bootloader_control))) {
+ PLOG(ERROR) << "failed to read " << misc_device;
+ return false;
+ }
+ return true;
+}
+
+bool UpdateAndSaveBootloaderControl(const std::string& misc_device, bootloader_control* buffer) {
+ buffer->crc32_le = BootloaderControlLECRC(buffer);
+ android::base::unique_fd fd(open(misc_device.c_str(), O_WRONLY | O_SYNC));
+ if (fd.get() == -1) {
+ PLOG(ERROR) << "failed to open " << misc_device;
+ return false;
+ }
+ if (lseek(fd.get(), kBootloaderControlOffset, SEEK_SET) != kBootloaderControlOffset) {
+ PLOG(ERROR) << "failed to lseek " << misc_device;
+ return false;
+ }
+ if (!android::base::WriteFully(fd.get(), buffer, sizeof(bootloader_control))) {
+ PLOG(ERROR) << "failed to write " << misc_device;
+ return false;
+ }
+ return true;
+}
+
+void InitDefaultBootloaderControl(BootControl* control, bootloader_control* boot_ctrl) {
+ memset(boot_ctrl, 0, sizeof(*boot_ctrl));
+
+ unsigned int current_slot = control->GetCurrentSlot();
+ if (current_slot < kMaxNumSlots) {
+ strlcpy(boot_ctrl->slot_suffix, kSlotSuffixes[current_slot], sizeof(boot_ctrl->slot_suffix));
+ }
+ boot_ctrl->magic = BOOT_CTRL_MAGIC;
+ boot_ctrl->version = BOOT_CTRL_VERSION;
+
+ // Figure out the number of slots by checking if the partitions exist,
+ // otherwise assume the maximum supported by the header.
+ boot_ctrl->nb_slot = kMaxNumSlots;
+ std::string base_path = control->misc_device();
+ size_t last_path_sep = base_path.rfind('/');
+ if (last_path_sep != std::string::npos) {
+ // We test the existence of the "boot" partition on each possible slot,
+ // which is a partition required by Android Bootloader Requirements.
+ base_path = base_path.substr(0, last_path_sep + 1) + "boot";
+ int last_existing_slot = -1;
+ int first_missing_slot = -1;
+ for (unsigned int slot = 0; slot < kMaxNumSlots; ++slot) {
+ std::string partition_path = base_path + kSlotSuffixes[slot];
+ struct stat part_stat;
+ int err = stat(partition_path.c_str(), &part_stat);
+ if (!err) {
+ last_existing_slot = slot;
+ LOG(INFO) << "Found slot: " << kSlotSuffixes[slot];
+ } else if (err < 0 && errno == ENOENT && first_missing_slot == -1) {
+ first_missing_slot = slot;
+ }
+ }
+ // We only declare that we found the actual number of slots if we found all
+ // the boot partitions up to the number of slots, and no boot partition
+ // after that. Not finding any of the boot partitions implies a problem so
+ // we just leave the number of slots in the maximum value.
+ if ((last_existing_slot != -1 && last_existing_slot + 1 == first_missing_slot) ||
+ (first_missing_slot == -1 && last_existing_slot + 1 == kMaxNumSlots)) {
+ boot_ctrl->nb_slot = last_existing_slot + 1;
+ LOG(INFO) << "Found a system with " << last_existing_slot + 1 << " slots.";
+ }
+ }
+
+ for (unsigned int slot = 0; slot < kMaxNumSlots; ++slot) {
+ slot_metadata entry = {};
+
+ if (slot < boot_ctrl->nb_slot) {
+ entry.priority = 7;
+ entry.tries_remaining = kDefaultBootAttempts;
+ entry.successful_boot = 0;
+ } else {
+ entry.priority = 0; // Unbootable
+ }
+
+ // When the boot_control stored on disk is invalid, we assume that the
+ // current slot is successful. The bootloader should repair this situation
+ // before booting and write a valid boot_control slot, so if we reach this
+ // stage it means that the misc partition was corrupted since boot.
+ if (current_slot == slot) {
+ entry.successful_boot = 1;
+ }
+
+ boot_ctrl->slot_info[slot] = entry;
+ }
+ boot_ctrl->recovery_tries_remaining = 0;
+
+ boot_ctrl->crc32_le = BootloaderControlLECRC(boot_ctrl);
+}
+
+// Return the index of the slot suffix passed or -1 if not a valid slot suffix.
+int SlotSuffixToIndex(const char* suffix) {
+ for (unsigned int slot = 0; slot < kMaxNumSlots; ++slot) {
+ if (!strcmp(kSlotSuffixes[slot], suffix)) return slot;
+ }
+ return -1;
+}
+
+// Initialize the boot_control_private struct with the information from
+// the bootloader_message buffer stored in |boot_ctrl|. Returns whether the
+// initialization succeeded.
+bool BootControl::Init() {
+ if (initialized_) return true;
+
+ // Initialize the current_slot from the read-only property. If the property
+ // was not set (from either the command line or the device tree), we can later
+ // initialize it from the bootloader_control struct.
+ std::string suffix_prop = android::base::GetProperty("ro.boot.slot_suffix", "");
+ if (suffix_prop.empty()) {
+ LOG(ERROR) << "Slot suffix property is not set";
+ return false;
+ }
+ current_slot_ = SlotSuffixToIndex(suffix_prop.c_str());
+
+ std::string err;
+ std::string device = get_bootloader_message_blk_device(&err);
+ if (device.empty()) {
+ LOG(ERROR) << "Could not find bootloader message block device: " << err;
+ return false;
+ }
+
+ bootloader_control boot_ctrl;
+ if (!LoadBootloaderControl(device.c_str(), &boot_ctrl)) {
+ LOG(ERROR) << "Failed to load bootloader control block";
+ return false;
+ }
+
+ // Note that since there isn't a module unload function this memory is leaked.
+ // We use `device` below sometimes, so it's not moved out of here.
+ misc_device_ = device;
+ initialized_ = true;
+
+ // Validate the loaded data, otherwise we will destroy it and re-initialize it
+ // with the current information.
+ uint32_t computed_crc32 = BootloaderControlLECRC(&boot_ctrl);
+ if (boot_ctrl.crc32_le != computed_crc32) {
+ LOG(WARNING) << "Invalid boot control found, expected CRC-32 0x" << std::hex << computed_crc32
+ << " but found 0x" << std::hex << boot_ctrl.crc32_le << ". Re-initializing.";
+ InitDefaultBootloaderControl(this, &boot_ctrl);
+ UpdateAndSaveBootloaderControl(device.c_str(), &boot_ctrl);
+ }
+
+ if (!InitMiscVirtualAbMessageIfNeeded()) {
+ return false;
+ }
+
+ num_slots_ = boot_ctrl.nb_slot;
+ return true;
+}
+
+unsigned int BootControl::GetNumberSlots() {
+ return num_slots_;
+}
+
+unsigned int BootControl::GetCurrentSlot() {
+ return current_slot_;
+}
+
+bool BootControl::MarkBootSuccessful() {
+ bootloader_control bootctrl;
+ if (!LoadBootloaderControl(misc_device_, &bootctrl)) return false;
+
+ bootctrl.slot_info[current_slot_].successful_boot = 1;
+ // tries_remaining == 0 means that the slot is not bootable anymore, make
+ // sure we mark the current slot as bootable if it succeeds in the last
+ // attempt.
+ bootctrl.slot_info[current_slot_].tries_remaining = 1;
+ return UpdateAndSaveBootloaderControl(misc_device_, &bootctrl);
+}
+
+bool BootControl::SetActiveBootSlot(unsigned int slot) {
+ if (slot >= kMaxNumSlots || slot >= num_slots_) {
+ // Invalid slot number.
+ return false;
+ }
+
+ bootloader_control bootctrl;
+ if (!LoadBootloaderControl(misc_device_, &bootctrl)) return false;
+
+ // Set every other slot with a lower priority than the new "active" slot.
+ const unsigned int kActivePriority = 15;
+ const unsigned int kActiveTries = 6;
+ for (unsigned int i = 0; i < num_slots_; ++i) {
+ if (i != slot) {
+ if (bootctrl.slot_info[i].priority >= kActivePriority)
+ bootctrl.slot_info[i].priority = kActivePriority - 1;
+ }
+ }
+
+ // Note that setting a slot as active doesn't change the successful bit.
+ // The successful bit will only be changed by setSlotAsUnbootable().
+ bootctrl.slot_info[slot].priority = kActivePriority;
+ bootctrl.slot_info[slot].tries_remaining = kActiveTries;
+
+ // Setting the current slot as active is a way to revert the operation that
+ // set *another* slot as active at the end of an updater. This is commonly
+ // used to cancel the pending update. We should only reset the verity_corrpted
+ // bit when attempting a new slot, otherwise the verity bit on the current
+ // slot would be flip.
+ if (slot != current_slot_) bootctrl.slot_info[slot].verity_corrupted = 0;
+
+ return UpdateAndSaveBootloaderControl(misc_device_, &bootctrl);
+}
+
+bool BootControl::SetSlotAsUnbootable(unsigned int slot) {
+ if (slot >= kMaxNumSlots || slot >= num_slots_) {
+ // Invalid slot number.
+ return false;
+ }
+
+ bootloader_control bootctrl;
+ if (!LoadBootloaderControl(misc_device_, &bootctrl)) return false;
+
+ // The only way to mark a slot as unbootable, regardless of the priority is to
+ // set the tries_remaining to 0.
+ bootctrl.slot_info[slot].successful_boot = 0;
+ bootctrl.slot_info[slot].tries_remaining = 0;
+ return UpdateAndSaveBootloaderControl(misc_device_, &bootctrl);
+}
+
+bool BootControl::IsSlotBootable(unsigned int slot) {
+ if (slot >= kMaxNumSlots || slot >= num_slots_) {
+ // Invalid slot number.
+ return false;
+ }
+
+ bootloader_control bootctrl;
+ if (!LoadBootloaderControl(misc_device_, &bootctrl)) return false;
+
+ return bootctrl.slot_info[slot].tries_remaining != 0;
+}
+
+bool BootControl::IsSlotMarkedSuccessful(unsigned int slot) {
+ if (slot >= kMaxNumSlots || slot >= num_slots_) {
+ // Invalid slot number.
+ return false;
+ }
+
+ bootloader_control bootctrl;
+ if (!LoadBootloaderControl(misc_device_, &bootctrl)) return false;
+
+ return bootctrl.slot_info[slot].successful_boot && bootctrl.slot_info[slot].tries_remaining;
+}
+
+bool BootControl::IsValidSlot(unsigned int slot) {
+ return slot < kMaxNumSlots && slot < num_slots_;
+}
+
+bool BootControl::SetSnapshotMergeStatus(MergeStatus status) {
+ return SetMiscVirtualAbMergeStatus(current_slot_, status);
+}
+
+MergeStatus BootControl::GetSnapshotMergeStatus() {
+ MergeStatus status;
+ if (!GetMiscVirtualAbMergeStatus(current_slot_, &status)) {
+ return MergeStatus::UNKNOWN;
+ }
+ return status;
+}
+
+const char* BootControl::GetSuffix(unsigned int slot) {
+ if (slot >= kMaxNumSlots || slot >= num_slots_) {
+ return nullptr;
+ }
+ return kSlotSuffixes[slot];
+}
+
+bool InitMiscVirtualAbMessageIfNeeded() {
+ std::string err;
+ misc_virtual_ab_message message;
+ if (!ReadMiscVirtualAbMessage(&message, &err)) {
+ LOG(ERROR) << "Could not read merge status: " << err;
+ return false;
+ }
+
+ if (message.version == MISC_VIRTUAL_AB_MESSAGE_VERSION &&
+ message.magic == MISC_VIRTUAL_AB_MAGIC_HEADER) {
+ // Already initialized.
+ return true;
+ }
+
+ message = {};
+ message.version = MISC_VIRTUAL_AB_MESSAGE_VERSION;
+ message.magic = MISC_VIRTUAL_AB_MAGIC_HEADER;
+ if (!WriteMiscVirtualAbMessage(message, &err)) {
+ LOG(ERROR) << "Could not write merge status: " << err;
+ return false;
+ }
+ return true;
+}
+
+bool SetMiscVirtualAbMergeStatus(unsigned int current_slot,
+ android::hardware::boot::V1_1::MergeStatus status) {
+ std::string err;
+ misc_virtual_ab_message message;
+
+ if (!ReadMiscVirtualAbMessage(&message, &err)) {
+ LOG(ERROR) << "Could not read merge status: " << err;
+ return false;
+ }
+
+ message.merge_status = static_cast<uint8_t>(status);
+ message.source_slot = current_slot;
+ if (!WriteMiscVirtualAbMessage(message, &err)) {
+ LOG(ERROR) << "Could not write merge status: " << err;
+ return false;
+ }
+ return true;
+}
+
+bool GetMiscVirtualAbMergeStatus(unsigned int current_slot,
+ android::hardware::boot::V1_1::MergeStatus* status) {
+ std::string err;
+ misc_virtual_ab_message message;
+
+ if (!ReadMiscVirtualAbMessage(&message, &err)) {
+ LOG(ERROR) << "Could not read merge status: " << err;
+ return false;
+ }
+
+ // If the slot reverted after having created a snapshot, then the snapshot will
+ // be thrown away at boot. Thus we don't count this as being in a snapshotted
+ // state.
+ *status = static_cast<MergeStatus>(message.merge_status);
+ if (*status == MergeStatus::SNAPSHOTTED && current_slot == message.source_slot) {
+ *status = MergeStatus::NONE;
+ }
+ return true;
+}
+
+} // namespace bootable
+} // namespace android
diff --git a/drm/1.0/vts/functional/Android.bp b/drm/1.0/vts/functional/Android.bp
index 235bfb4..02d4f41 100644
--- a/drm/1.0/vts/functional/Android.bp
+++ b/drm/1.0/vts/functional/Android.bp
@@ -24,7 +24,7 @@
"vendor_modules.cpp",
],
static_libs: [
- "android.hardware.drm@1.0-helper",
+ "android.hardware.drm@1.0-helper",
],
export_include_dirs: ["include"],
}
@@ -84,6 +84,20 @@
"libcrypto_static",
"libdrmvtshelper",
],
+ arch: {
+ arm: {
+ data: [":libvtswidevine-arm-prebuilts"],
+ },
+ arm64: {
+ data: [":libvtswidevine-arm64-prebuilts"],
+ },
+ x86: {
+ data: [":libvtswidevine-x86-prebuilts"],
+ },
+ x86_64: {
+ data: [":libvtswidevine-x86_64-prebuilts"],
+ },
+ },
test_suites: [
"general-tests",
"vts-core",
diff --git a/drm/1.0/vts/functional/AndroidTest.xml b/drm/1.0/vts/functional/AndroidTest.xml
new file mode 100644
index 0000000..92ea7e4
--- /dev/null
+++ b/drm/1.0/vts/functional/AndroidTest.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2020 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration description="Runs VtsHalDrmV1_0TargetTest.">
+ <option name="test-suite-tag" value="apct" />
+ <option name="test-suite-tag" value="apct-native" />
+
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="cleanup" value="true" />
+ <option name="push-file" key="VtsHalDrmV1_0TargetTest" value="/data/local/tmp/VtsHalDrmV1_0TargetTest" />
+ <option name="push-file" key="libvtswidevine64.so" value="/data/local/tmp/64/lib/libvtswidevine.so" />
+ <option name="push-file" key="libvtswidevine32.so" value="/data/local/tmp/32/lib/libvtswidevine.so" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.GTest" >
+ <option name="native-test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="VtsHalDrmV1_0TargetTest" />
+ </test>
+</configuration>
diff --git a/drm/1.1/vts/functional/Android.bp b/drm/1.1/vts/functional/Android.bp
index e08d760..c31aee0 100644
--- a/drm/1.1/vts/functional/Android.bp
+++ b/drm/1.1/vts/functional/Android.bp
@@ -60,11 +60,25 @@
"drm_hal_test_main.cpp",
],
whole_static_libs: [
- "android.hardware.drm@1.1-vts"
+ "android.hardware.drm@1.1-vts",
],
shared_libs: [
"android.hardware.drm@1.1",
],
+ arch: {
+ arm: {
+ data: [":libvtswidevine-arm-prebuilts"],
+ },
+ arm64: {
+ data: [":libvtswidevine-arm64-prebuilts"],
+ },
+ x86: {
+ data: [":libvtswidevine-x86-prebuilts"],
+ },
+ x86_64: {
+ data: [":libvtswidevine-x86_64-prebuilts"],
+ },
+ },
test_suites: [
"general-tests",
"vts-core",
diff --git a/drm/1.1/vts/functional/AndroidTest.xml b/drm/1.1/vts/functional/AndroidTest.xml
new file mode 100644
index 0000000..65c45ac
--- /dev/null
+++ b/drm/1.1/vts/functional/AndroidTest.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2020 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration description="Runs VtsHalDrmV1_1TargetTest.">
+ <option name="test-suite-tag" value="apct" />
+ <option name="test-suite-tag" value="apct-native" />
+
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="cleanup" value="true" />
+ <option name="push-file" key="VtsHalDrmV1_1TargetTest" value="/data/local/tmp/VtsHalDrmV1_1TargetTest" />
+ <option name="push-file" key="libvtswidevine64.so" value="/data/local/tmp/64/lib/libvtswidevine.so" />
+ <option name="push-file" key="libvtswidevine32.so" value="/data/local/tmp/32/lib/libvtswidevine.so" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.GTest" >
+ <option name="native-test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="VtsHalDrmV1_1TargetTest" />
+ </test>
+</configuration>
diff --git a/drm/1.2/vts/functional/Android.bp b/drm/1.2/vts/functional/Android.bp
index ecc7d6c..0972784 100644
--- a/drm/1.2/vts/functional/Android.bp
+++ b/drm/1.2/vts/functional/Android.bp
@@ -70,6 +70,20 @@
"libcrypto_static",
"libdrmvtshelper",
],
+ arch: {
+ arm: {
+ data: [":libvtswidevine-arm-prebuilts"],
+ },
+ arm64: {
+ data: [":libvtswidevine-arm64-prebuilts"],
+ },
+ x86: {
+ data: [":libvtswidevine-x86-prebuilts"],
+ },
+ x86_64: {
+ data: [":libvtswidevine-x86_64-prebuilts"],
+ },
+ },
test_suites: [
"general-tests",
"vts-core",
diff --git a/drm/1.2/vts/functional/AndroidTest.xml b/drm/1.2/vts/functional/AndroidTest.xml
new file mode 100644
index 0000000..5da38ae
--- /dev/null
+++ b/drm/1.2/vts/functional/AndroidTest.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2020 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration description="Runs VtsHalDrmV1_2TargetTest.">
+ <option name="test-suite-tag" value="apct" />
+ <option name="test-suite-tag" value="apct-native" />
+
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="cleanup" value="true" />
+ <option name="push-file" key="VtsHalDrmV1_2TargetTest" value="/data/local/tmp/VtsHalDrmV1_2TargetTest" />
+ <option name="push-file" key="libvtswidevine64.so" value="/data/local/tmp/64/lib/libvtswidevine.so" />
+ <option name="push-file" key="libvtswidevine32.so" value="/data/local/tmp/32/lib/libvtswidevine.so" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.GTest" >
+ <option name="native-test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="VtsHalDrmV1_2TargetTest" />
+ </test>
+</configuration>
diff --git a/dumpstate/1.1/vts/functional/VtsHalDumpstateV1_1TargetTest.cpp b/dumpstate/1.1/vts/functional/VtsHalDumpstateV1_1TargetTest.cpp
index cbdd87b..1bef663 100644
--- a/dumpstate/1.1/vts/functional/VtsHalDumpstateV1_1TargetTest.cpp
+++ b/dumpstate/1.1/vts/functional/VtsHalDumpstateV1_1TargetTest.cpp
@@ -20,6 +20,7 @@
#include <unistd.h>
#include <functional>
+#include <tuple>
#include <vector>
#include <android/hardware/dumpstate/1.1/IDumpstateDevice.h>
@@ -27,6 +28,7 @@
#include <cutils/native_handle.h>
#include <gtest/gtest.h>
#include <hidl/GtestPrinter.h>
+#include <hidl/HidlSupport.h>
#include <hidl/ServiceManagement.h>
#include <log/log.h>
@@ -39,13 +41,18 @@
using ::android::hardware::dumpstate::V1_1::IDumpstateDevice;
using ::android::hardware::dumpstate::V1_1::toString;
-class DumpstateHidl1_1Test : public ::testing::TestWithParam<std::string> {
+// Base class common to all dumpstate HAL v1.1 tests.
+template <typename T>
+class DumpstateHidl1_1TestBase : public ::testing::TestWithParam<T> {
protected:
virtual void SetUp() override { GetService(); }
+ virtual std::string GetInstanceName() = 0;
+
void GetService() {
- dumpstate = IDumpstateDevice::getService(GetParam());
- ASSERT_NE(dumpstate, nullptr) << "Could not get HIDL instance";
+ const std::string instance_name = GetInstanceName();
+ dumpstate = IDumpstateDevice::getService(instance_name);
+ ASSERT_NE(dumpstate, nullptr) << "Could not get HIDL instance " << instance_name;
}
void ToggleVerboseLogging(bool enable) {
@@ -78,77 +85,76 @@
sp<IDumpstateDevice> dumpstate;
};
-#define TEST_FOR_DUMPSTATE_MODE(name, body, mode) \
- TEST_P(DumpstateHidl1_1Test, name##_##mode) { body(DumpstateMode::mode); }
+// Tests that don't need to iterate every single DumpstateMode value for dumpstateBoard_1_1.
+class DumpstateHidl1_1GeneralTest : public DumpstateHidl1_1TestBase<std::string> {
+ protected:
+ virtual std::string GetInstanceName() override { return GetParam(); }
+};
-// We use a macro to define individual test cases instead of hidl_enum_range<> because some HAL
-// implementations are lazy and may call exit() at the end of dumpstateBoard(), which would cause
-// DEAD_OBJECT errors after the first iteration. Separate cases re-get the service each time as part
-// of SetUp(), and also provide better separation of concerns when specific modes are problematic.
-#define TEST_FOR_ALL_DUMPSTATE_MODES(name, body) \
- TEST_FOR_DUMPSTATE_MODE(name, body, FULL); \
- TEST_FOR_DUMPSTATE_MODE(name, body, INTERACTIVE); \
- TEST_FOR_DUMPSTATE_MODE(name, body, REMOTE); \
- TEST_FOR_DUMPSTATE_MODE(name, body, WEAR); \
- TEST_FOR_DUMPSTATE_MODE(name, body, CONNECTIVITY); \
- TEST_FOR_DUMPSTATE_MODE(name, body, WIFI); \
- TEST_FOR_DUMPSTATE_MODE(name, body, DEFAULT); \
- TEST_FOR_DUMPSTATE_MODE(name, body, PROTO);
+// Tests that iterate every single DumpstateMode value for dumpstateBoard_1_1.
+class DumpstateHidl1_1PerModeTest
+ : public DumpstateHidl1_1TestBase<std::tuple<std::string, DumpstateMode>> {
+ protected:
+ virtual std::string GetInstanceName() override { return std::get<0>(GetParam()); }
+
+ DumpstateMode GetMode() { return std::get<1>(GetParam()); }
+
+ // Will only execute additional_assertions when status == expected.
+ void AssertStatusForMode(const Return<DumpstateStatus>& status, const DumpstateStatus expected,
+ std::function<void()> additional_assertions = nullptr) {
+ ASSERT_TRUE(status.isOk())
+ << "Status should be ok and return a more specific DumpstateStatus: "
+ << status.description();
+ if (GetMode() == DumpstateMode::DEFAULT) {
+ ASSERT_EQ(expected, status)
+ << "Required mode (DumpstateMode::" << toString(GetMode())
+ << "): status should be DumpstateStatus::" << toString(expected)
+ << ", but got DumpstateStatus::" << toString(status);
+ } else {
+ // The rest of the modes are optional to support, but they MUST return either the
+ // expected value or UNSUPPORTED_MODE.
+ ASSERT_TRUE(status == expected || status == DumpstateStatus::UNSUPPORTED_MODE)
+ << "Optional mode (DumpstateMode::" << toString(GetMode())
+ << "): status should be DumpstateStatus::" << toString(expected)
+ << " or DumpstateStatus::UNSUPPORTED_MODE, but got DumpstateStatus::"
+ << toString(status);
+ }
+ if (status == expected && additional_assertions != nullptr) {
+ additional_assertions();
+ }
+ }
+};
constexpr uint64_t kDefaultTimeoutMillis = 30 * 1000; // 30 seconds
-// Will only execute additional_assertions when status == expected.
-void AssertStatusForMode(const DumpstateMode mode, const Return<DumpstateStatus>& status,
- const DumpstateStatus expected,
- std::function<void()> additional_assertions = nullptr) {
- ASSERT_TRUE(status.isOk()) << "Status should be ok and return a more specific DumpstateStatus: "
- << status.description();
- if (mode == DumpstateMode::DEFAULT) {
- ASSERT_EQ(expected, status) << "Required mode (DumpstateMode::" << toString(mode)
- << "): status should be DumpstateStatus::" << toString(expected)
- << ", but got DumpstateStatus::" << toString(status);
- } else {
- // The rest of the modes are optional to support, but they MUST return either the expected
- // value or UNSUPPORTED_MODE.
- ASSERT_TRUE(status == expected || status == DumpstateStatus::UNSUPPORTED_MODE)
- << "Optional mode (DumpstateMode::" << toString(mode)
- << "): status should be DumpstateStatus::" << toString(expected)
- << " or DumpstateStatus::UNSUPPORTED_MODE, but got DumpstateStatus::"
- << toString(status);
- }
- if (status == expected && additional_assertions != nullptr) {
- additional_assertions();
- }
-}
-
// Negative test: make sure dumpstateBoard() doesn't crash when passed a null pointer.
-TEST_FOR_ALL_DUMPSTATE_MODES(TestNullHandle, [this](DumpstateMode mode) {
+TEST_P(DumpstateHidl1_1PerModeTest, TestNullHandle) {
EnableVerboseLogging();
Return<DumpstateStatus> status =
- dumpstate->dumpstateBoard_1_1(nullptr, mode, kDefaultTimeoutMillis);
+ dumpstate->dumpstateBoard_1_1(nullptr, GetMode(), kDefaultTimeoutMillis);
- AssertStatusForMode(mode, status, DumpstateStatus::ILLEGAL_ARGUMENT);
-});
+ AssertStatusForMode(status, DumpstateStatus::ILLEGAL_ARGUMENT);
+}
// Negative test: make sure dumpstateBoard() ignores a handle with no FD.
-TEST_FOR_ALL_DUMPSTATE_MODES(TestHandleWithNoFd, [this](DumpstateMode mode) {
+TEST_P(DumpstateHidl1_1PerModeTest, TestHandleWithNoFd) {
EnableVerboseLogging();
native_handle_t* handle = native_handle_create(0, 0);
ASSERT_NE(handle, nullptr) << "Could not create native_handle";
Return<DumpstateStatus> status =
- dumpstate->dumpstateBoard_1_1(handle, mode, kDefaultTimeoutMillis);
+ dumpstate->dumpstateBoard_1_1(handle, GetMode(), kDefaultTimeoutMillis);
- AssertStatusForMode(mode, status, DumpstateStatus::ILLEGAL_ARGUMENT);
+ AssertStatusForMode(status, DumpstateStatus::ILLEGAL_ARGUMENT);
native_handle_close(handle);
native_handle_delete(handle);
-});
+}
// Positive test: make sure dumpstateBoard() writes something to the FD.
-TEST_FOR_ALL_DUMPSTATE_MODES(TestOk, [this](DumpstateMode mode) {
+TEST_P(DumpstateHidl1_1PerModeTest, TestOk) {
EnableVerboseLogging();
// Index 0 corresponds to the read end of the pipe; 1 to the write end.
@@ -160,9 +166,9 @@
handle->data[0] = fds[1];
Return<DumpstateStatus> status =
- dumpstate->dumpstateBoard_1_1(handle, mode, kDefaultTimeoutMillis);
+ dumpstate->dumpstateBoard_1_1(handle, GetMode(), kDefaultTimeoutMillis);
- AssertStatusForMode(mode, status, DumpstateStatus::OK, [&fds]() {
+ AssertStatusForMode(status, DumpstateStatus::OK, [&fds]() {
// Check that at least one byte was written.
char buff;
ASSERT_EQ(1, read(fds[0], &buff, 1)) << "Dumped nothing";
@@ -170,10 +176,10 @@
native_handle_close(handle);
native_handle_delete(handle);
-});
+}
// Positive test: make sure dumpstateBoard() doesn't crash with two FDs.
-TEST_FOR_ALL_DUMPSTATE_MODES(TestHandleWithTwoFds, [this](DumpstateMode mode) {
+TEST_P(DumpstateHidl1_1PerModeTest, TestHandleWithTwoFds) {
EnableVerboseLogging();
int fds1[2];
@@ -187,9 +193,9 @@
handle->data[1] = fds2[1];
Return<DumpstateStatus> status =
- dumpstate->dumpstateBoard_1_1(handle, mode, kDefaultTimeoutMillis);
+ dumpstate->dumpstateBoard_1_1(handle, GetMode(), kDefaultTimeoutMillis);
- AssertStatusForMode(mode, status, DumpstateStatus::OK, [&fds1, &fds2]() {
+ AssertStatusForMode(status, DumpstateStatus::OK, [&fds1, &fds2]() {
// Check that at least one byte was written to one of the FDs.
char buff;
size_t read1 = read(fds1[0], &buff, 1);
@@ -200,10 +206,10 @@
native_handle_close(handle);
native_handle_delete(handle);
-});
+}
// Make sure dumpstateBoard_1_1 actually validates its arguments.
-TEST_P(DumpstateHidl1_1Test, TestInvalidModeArgument_Negative) {
+TEST_P(DumpstateHidl1_1GeneralTest, TestInvalidModeArgument_Negative) {
EnableVerboseLogging();
int fds[2];
@@ -225,7 +231,7 @@
native_handle_delete(handle);
}
-TEST_P(DumpstateHidl1_1Test, TestInvalidModeArgument_Undefined) {
+TEST_P(DumpstateHidl1_1GeneralTest, TestInvalidModeArgument_Undefined) {
EnableVerboseLogging();
int fds[2];
@@ -248,7 +254,7 @@
}
// Positive test: make sure dumpstateBoard() from 1.0 doesn't fail.
-TEST_P(DumpstateHidl1_1Test, Test1_0MethodOk) {
+TEST_P(DumpstateHidl1_1GeneralTest, Test1_0MethodOk) {
EnableVerboseLogging();
int fds[2];
@@ -272,7 +278,7 @@
// Make sure disabling verbose logging behaves correctly. Some info is still allowed to be emitted,
// but it can't have privacy/storage/battery impacts.
-TEST_FOR_ALL_DUMPSTATE_MODES(TestVerboseLoggingDisabled, [this](DumpstateMode mode) {
+TEST_P(DumpstateHidl1_1PerModeTest, TestDeviceLoggingDisabled) {
DisableVerboseLogging();
// Index 0 corresponds to the read end of the pipe; 1 to the write end.
@@ -284,31 +290,31 @@
handle->data[0] = fds[1];
Return<DumpstateStatus> status =
- dumpstate->dumpstateBoard_1_1(handle, mode, kDefaultTimeoutMillis);
+ dumpstate->dumpstateBoard_1_1(handle, GetMode(), kDefaultTimeoutMillis);
// We don't include additional assertions here about the file passed in. If verbose logging is
// disabled, the OEM may choose to include nothing at all, but it is allowed to include some
// essential information based on the mode as long as it isn't private user information.
- AssertStatusForMode(mode, status, DumpstateStatus::OK);
+ AssertStatusForMode(status, DumpstateStatus::OK);
native_handle_close(handle);
native_handle_delete(handle);
-});
+}
// Double-enable is perfectly valid, but the second call shouldn't do anything.
-TEST_P(DumpstateHidl1_1Test, TestRepeatedEnable) {
+TEST_P(DumpstateHidl1_1GeneralTest, TestRepeatedEnable) {
EnableVerboseLogging();
EnableVerboseLogging();
}
// Double-disable is perfectly valid, but the second call shouldn't do anything.
-TEST_P(DumpstateHidl1_1Test, TestRepeatedDisable) {
+TEST_P(DumpstateHidl1_1GeneralTest, TestRepeatedDisable) {
DisableVerboseLogging();
DisableVerboseLogging();
}
// Toggling in short order is perfectly valid.
-TEST_P(DumpstateHidl1_1Test, TestRepeatedToggle) {
+TEST_P(DumpstateHidl1_1GeneralTest, TestRepeatedToggle) {
EnableVerboseLogging();
DisableVerboseLogging();
EnableVerboseLogging();
@@ -316,8 +322,23 @@
}
INSTANTIATE_TEST_SUITE_P(
- PerInstance, DumpstateHidl1_1Test,
+ PerInstance, DumpstateHidl1_1GeneralTest,
testing::ValuesIn(android::hardware::getAllHalInstanceNames(IDumpstateDevice::descriptor)),
android::hardware::PrintInstanceNameToString);
+// Includes the mode's name as part of the description string.
+static inline std::string PrintInstanceNameToStringWithMode(
+ const testing::TestParamInfo<std::tuple<std::string, DumpstateMode>>& info) {
+ return android::hardware::PrintInstanceNameToString(
+ testing::TestParamInfo(std::get<0>(info.param), info.index)) +
+ "_" + toString(std::get<1>(info.param));
+}
+
+INSTANTIATE_TEST_SUITE_P(
+ PerInstanceAndMode, DumpstateHidl1_1PerModeTest,
+ testing::Combine(testing::ValuesIn(android::hardware::getAllHalInstanceNames(
+ IDumpstateDevice::descriptor)),
+ testing::ValuesIn(android::hardware::hidl_enum_range<DumpstateMode>())),
+ PrintInstanceNameToStringWithMode);
+
} // namespace
diff --git a/identity/aidl/default/WritableIdentityCredential.cpp b/identity/aidl/default/WritableIdentityCredential.cpp
index ba2062d..89f7f35 100644
--- a/identity/aidl/default/WritableIdentityCredential.cpp
+++ b/identity/aidl/default/WritableIdentityCredential.cpp
@@ -16,6 +16,9 @@
#define LOG_TAG "WritableIdentityCredential"
+#include "WritableIdentityCredential.h"
+#include "IdentityCredentialStore.h"
+
#include <android/hardware/identity/support/IdentityCredentialSupport.h>
#include <android-base/logging.h>
@@ -23,6 +26,8 @@
#include <cppbor/cppbor.h>
#include <cppbor/cppbor_parse.h>
+#include <utility>
+
#include "IdentityCredentialStore.h"
#include "Util.h"
#include "WritableIdentityCredential.h"
@@ -33,26 +38,6 @@
using namespace ::android::hardware::identity;
bool WritableIdentityCredential::initialize() {
- optional<vector<uint8_t>> keyPair = support::createEcKeyPair();
- if (!keyPair) {
- LOG(ERROR) << "Error creating credentialKey";
- return false;
- }
-
- optional<vector<uint8_t>> pubKey = support::ecKeyPairGetPublicKey(keyPair.value());
- if (!pubKey) {
- LOG(ERROR) << "Error getting public part of credentialKey";
- return false;
- }
- credentialPubKey_ = pubKey.value();
-
- optional<vector<uint8_t>> privKey = support::ecKeyPairGetPrivateKey(keyPair.value());
- if (!privKey) {
- LOG(ERROR) << "Error getting private part of credentialKey";
- return false;
- }
- credentialPrivKey_ = privKey.value();
-
optional<vector<uint8_t>> random = support::getRandom(16);
if (!random) {
LOG(ERROR) << "Error creating storageKey";
@@ -63,88 +48,54 @@
return true;
}
-// TODO: use |attestationApplicationId| and |attestationChallenge| and also
-// ensure the returned certificate chain satisfy the requirements listed in
-// the docs for IWritableIdentityCredential::getAttestationCertificate()
-//
+// This function generates the attestation certificate using the passed in
+// |attestationApplicationId| and |attestationChallenge|. It will generate an
+// attestation certificate with current time and expires one year from now. The
+// certificate shall contain all values as specified in hal.
ndk::ScopedAStatus WritableIdentityCredential::getAttestationCertificate(
- const vector<int8_t>& /*attestationApplicationId*/,
- const vector<int8_t>& /*attestationChallenge*/, vector<Certificate>* outCertificateChain) {
- // For now, we dynamically generate an attestion key on each and every
- // request and use that to sign CredentialKey. In a real implementation this
- // would look very differently.
- optional<vector<uint8_t>> attestationKeyPair = support::createEcKeyPair();
- if (!attestationKeyPair) {
- return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
- IIdentityCredentialStore::STATUS_FAILED, "Error creating attestationKey"));
- }
-
- optional<vector<uint8_t>> attestationPubKey =
- support::ecKeyPairGetPublicKey(attestationKeyPair.value());
- if (!attestationPubKey) {
+ const vector<int8_t>& attestationApplicationId, //
+ const vector<int8_t>& attestationChallenge, //
+ vector<Certificate>* outCertificateChain) {
+ if (!credentialPrivKey_.empty() || !credentialPubKey_.empty() || !certificateChain_.empty()) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_FAILED,
- "Error getting public part of attestationKey"));
+ "Error attestation certificate previously generated"));
}
- optional<vector<uint8_t>> attestationPrivKey =
- support::ecKeyPairGetPrivateKey(attestationKeyPair.value());
- if (!attestationPrivKey) {
+ vector<uint8_t> challenge(attestationChallenge.begin(), attestationChallenge.end());
+ vector<uint8_t> appId(attestationApplicationId.begin(), attestationApplicationId.end());
+
+ optional<std::pair<vector<uint8_t>, vector<vector<uint8_t>>>> keyAttestationPair =
+ support::createEcKeyPairAndAttestation(challenge, appId);
+ if (!keyAttestationPair) {
+ LOG(ERROR) << "Error creating credentialKey and attestation";
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_FAILED,
- "Error getting private part of attestationKey"));
+ "Error creating credentialKey and attestation"));
}
- string serialDecimal;
- string issuer;
- string subject;
- time_t validityNotBefore = time(nullptr);
- time_t validityNotAfter = validityNotBefore + 365 * 24 * 3600;
+ vector<uint8_t> keyPair = keyAttestationPair.value().first;
+ certificateChain_ = keyAttestationPair.value().second;
- // First create a certificate for |credentialPubKey| which is signed by
- // |attestationPrivKey|.
- //
- serialDecimal = "0"; // TODO: set serial to |attestationChallenge|
- issuer = "Android Open Source Project";
- subject = "Android IdentityCredential CredentialKey";
- optional<vector<uint8_t>> credentialPubKeyCertificate = support::ecPublicKeyGenerateCertificate(
- credentialPubKey_, attestationPrivKey.value(), serialDecimal, issuer, subject,
- validityNotBefore, validityNotAfter);
- if (!credentialPubKeyCertificate) {
+ optional<vector<uint8_t>> pubKey = support::ecKeyPairGetPublicKey(keyPair);
+ if (!pubKey) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_FAILED,
- "Error creating certificate for credentialPubKey"));
+ "Error getting public part of credentialKey"));
}
+ credentialPubKey_ = pubKey.value();
- // This is followed by a certificate for |attestationPubKey| self-signed by
- // |attestationPrivKey|.
- serialDecimal = "0"; // TODO: set serial
- issuer = "Android Open Source Project";
- subject = "Android IdentityCredential AttestationKey";
- optional<vector<uint8_t>> attestationKeyCertificate = support::ecPublicKeyGenerateCertificate(
- attestationPubKey.value(), attestationPrivKey.value(), serialDecimal, issuer, subject,
- validityNotBefore, validityNotAfter);
- if (!attestationKeyCertificate) {
+ optional<vector<uint8_t>> privKey = support::ecKeyPairGetPrivateKey(keyPair);
+ if (!privKey) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_FAILED,
- "Error creating certificate for attestationPubKey"));
+ "Error getting private part of credentialKey"));
}
+ credentialPrivKey_ = privKey.value();
- // Concatenate the certificates to form the chain.
- vector<uint8_t> certificateChain;
- certificateChain.insert(certificateChain.end(), credentialPubKeyCertificate.value().begin(),
- credentialPubKeyCertificate.value().end());
- certificateChain.insert(certificateChain.end(), attestationKeyCertificate.value().begin(),
- attestationKeyCertificate.value().end());
-
- optional<vector<vector<uint8_t>>> splitCertChain =
- support::certificateChainSplit(certificateChain);
- if (!splitCertChain) {
- return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
- IIdentityCredentialStore::STATUS_FAILED, "Error splitting certificate chain"));
- }
+ // convert from vector<vector<uint8_t>>> to vector<Certificate>*
*outCertificateChain = vector<Certificate>();
- for (const vector<uint8_t>& cert : splitCertChain.value()) {
+ for (const vector<uint8_t>& cert : certificateChain_) {
Certificate c = Certificate();
c.encodedCertificate = byteStringToSigned(cert);
outCertificateChain->push_back(std::move(c));
diff --git a/identity/aidl/default/WritableIdentityCredential.h b/identity/aidl/default/WritableIdentityCredential.h
index b380f89..b182862 100644
--- a/identity/aidl/default/WritableIdentityCredential.h
+++ b/identity/aidl/default/WritableIdentityCredential.h
@@ -64,10 +64,13 @@
string docType_;
bool testCredential_;
- // These are set in initialize().
+ // This is set in initialize().
vector<uint8_t> storageKey_;
+
+ // These are set in getAttestationCertificate().
vector<uint8_t> credentialPrivKey_;
vector<uint8_t> credentialPubKey_;
+ vector<vector<uint8_t>> certificateChain_;
// These fields are initialized during startPersonalization()
size_t numAccessControlProfileRemaining_;
diff --git a/identity/support/Android.bp b/identity/support/Android.bp
index 7b4546b..2b6c695 100644
--- a/identity/support/Android.bp
+++ b/identity/support/Android.bp
@@ -23,10 +23,14 @@
"include",
],
shared_libs: [
+ "android.hardware.keymaster@4.0",
"libcrypto",
"libbase",
"libhidlbase",
"libhardware",
+ "libkeymaster_portable",
+ "libsoft_attestation_cert",
+ "libpuresoftkeymasterdevice",
],
static_libs: [
"libcppbor",
diff --git a/identity/support/include/android/hardware/identity/support/IdentityCredentialSupport.h b/identity/support/include/android/hardware/identity/support/IdentityCredentialSupport.h
index 4533ad9..507e914 100644
--- a/identity/support/include/android/hardware/identity/support/IdentityCredentialSupport.h
+++ b/identity/support/include/android/hardware/identity/support/IdentityCredentialSupport.h
@@ -21,6 +21,7 @@
#include <optional>
#include <string>
#include <tuple>
+#include <utility>
#include <vector>
namespace android {
@@ -106,6 +107,17 @@
// ---------------------------------------------------------------------------
// EC crypto functionality / abstraction (only supports P-256).
// ---------------------------------------------------------------------------
+// Creates an 256-bit EC key using the NID_X9_62_prime256v1 curve, returns the
+// PKCS#8 encoded key-pair. Also generates an attestation
+// certificate using the |challenge| and |applicationId|, and returns the generated
+// certificate in X.509 certificate chain format.
+//
+// The attestation time fields used will be the current time, and expires in one year.
+//
+// The first parameter of the return value is the keyPair generated, second return in
+// the pair is the attestation certificate generated.
+optional<std::pair<vector<uint8_t>, vector<vector<uint8_t>>>> createEcKeyPairAndAttestation(
+ const vector<uint8_t>& challenge, const vector<uint8_t>& applicationId);
// Creates an 256-bit EC key using the NID_X9_62_prime256v1 curve, returns the
// PKCS#8 encoded key-pair.
diff --git a/identity/support/src/IdentityCredentialSupport.cpp b/identity/support/src/IdentityCredentialSupport.cpp
index e2828bf..bf6a5c3 100644
--- a/identity/support/src/IdentityCredentialSupport.cpp
+++ b/identity/support/src/IdentityCredentialSupport.cpp
@@ -47,6 +47,13 @@
#include <cppbor.h>
#include <cppbor_parse.h>
+#include <android/hardware/keymaster/4.0/types.h>
+#include <keymaster/authorization_set.h>
+#include <keymaster/contexts/pure_soft_keymaster_context.h>
+#include <keymaster/contexts/soft_attestation_cert.h>
+#include <keymaster/keymaster_tags.h>
+#include <keymaster/km_openssl/attestation_utils.h>
+
namespace android {
namespace hardware {
namespace identity {
@@ -816,6 +823,138 @@
return hmac;
}
+// Generates the attestation certificate with the parameters passed in. Note
+// that the passed in |activeTimeMilliSeconds| |expireTimeMilliSeconds| are in
+// milli seconds since epoch. We are setting them to milliseconds due to
+// requirement in AuthorizationSet KM_DATE fields. The certificate created is
+// actually in seconds.
+optional<vector<vector<uint8_t>>> createAttestation(const EVP_PKEY* key,
+ const vector<uint8_t>& applicationId,
+ const vector<uint8_t>& challenge,
+ uint64_t activeTimeMilliSeconds,
+ uint64_t expireTimeMilliSeconds) {
+ ::keymaster::AuthorizationSet auth_set(
+ ::keymaster::AuthorizationSetBuilder()
+ .Authorization(::keymaster::TAG_ATTESTATION_CHALLENGE, challenge.data(),
+ challenge.size())
+ .Authorization(::keymaster::TAG_ACTIVE_DATETIME, activeTimeMilliSeconds)
+ // Even though identity attestation hal said the application
+ // id should be in software enforced authentication set,
+ // keymaster portable lib expect the input in this
+ // parameter because the software enforced in input to keymaster
+ // refers to the key software enforced properties. And this
+ // parameter refers to properties of the attestation which
+ // includes app id.
+ .Authorization(::keymaster::TAG_ATTESTATION_APPLICATION_ID,
+ applicationId.data(), applicationId.size())
+ .Authorization(::keymaster::TAG_USAGE_EXPIRE_DATETIME, expireTimeMilliSeconds));
+
+ // Unique id and device id is not applicable for identity credential attestation,
+ // so we don't need to set those or application id.
+ ::keymaster::AuthorizationSet swEnforced(::keymaster::AuthorizationSetBuilder().Authorization(
+ ::keymaster::TAG_CREATION_DATETIME, activeTimeMilliSeconds));
+
+ ::keymaster::AuthorizationSet hwEnforced(
+ ::keymaster::AuthorizationSetBuilder()
+ .Authorization(::keymaster::TAG_PURPOSE, KM_PURPOSE_SIGN)
+ .Authorization(::keymaster::TAG_KEY_SIZE, 256)
+ .Authorization(::keymaster::TAG_ALGORITHM, KM_ALGORITHM_EC)
+ .Authorization(::keymaster::TAG_NO_AUTH_REQUIRED)
+ .Authorization(::keymaster::TAG_DIGEST, KM_DIGEST_SHA_2_256)
+ .Authorization(::keymaster::TAG_EC_CURVE, KM_EC_CURVE_P_256)
+ .Authorization(::keymaster::TAG_IDENTITY_CREDENTIAL_KEY));
+
+ const keymaster_cert_chain_t* attestation_chain =
+ ::keymaster::getAttestationChain(KM_ALGORITHM_EC, nullptr);
+
+ if (attestation_chain == nullptr) {
+ LOG(ERROR) << "Error getting attestation chain";
+ return {};
+ }
+
+ const keymaster_key_blob_t* attestation_signing_key =
+ ::keymaster::getAttestationKey(KM_ALGORITHM_EC, nullptr);
+ if (attestation_signing_key == nullptr) {
+ LOG(ERROR) << "Error getting attestation key";
+ return {};
+ }
+
+ keymaster_error_t error;
+ ::keymaster::CertChainPtr cert_chain_out;
+ ::keymaster::PureSoftKeymasterContext context;
+
+ // set identity version to 10 per hal requirements specified in IWriteableCredential.hal
+ // For now, the identity version in the attestation is set in the keymaster
+ // version field in the portable keymaster lib, which is a bit misleading.
+ uint identity_version = 10;
+ error = generate_attestation_from_EVP(key, swEnforced, hwEnforced, auth_set, context,
+ identity_version, *attestation_chain,
+ *attestation_signing_key, &cert_chain_out);
+
+ if (KM_ERROR_OK != error || !cert_chain_out) {
+ LOG(ERROR) << "Error generate attestation from EVP key" << error;
+ return {};
+ }
+
+ // translate certificate format from keymaster_cert_chain_t to vector<uint8_t>.
+ vector<vector<uint8_t>> attestationCertificate;
+ for (int i = 0; i < cert_chain_out->entry_count; i++) {
+ attestationCertificate.insert(
+ attestationCertificate.end(),
+ vector<uint8_t>(
+ cert_chain_out->entries[i].data,
+ cert_chain_out->entries[i].data + cert_chain_out->entries[i].data_length));
+ }
+
+ return attestationCertificate;
+}
+
+optional<std::pair<vector<uint8_t>, vector<vector<uint8_t>>>> createEcKeyPairAndAttestation(
+ const vector<uint8_t>& challenge, const vector<uint8_t>& applicationId) {
+ auto ec_key = ::keymaster::EC_KEY_Ptr(EC_KEY_new());
+ auto pkey = ::keymaster::EVP_PKEY_Ptr(EVP_PKEY_new());
+ auto group = ::keymaster::EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+
+ if (ec_key.get() == nullptr || pkey.get() == nullptr) {
+ LOG(ERROR) << "Memory allocation failed";
+ return {};
+ }
+
+ if (EC_KEY_set_group(ec_key.get(), group.get()) != 1 ||
+ EC_KEY_generate_key(ec_key.get()) != 1 || EC_KEY_check_key(ec_key.get()) < 0) {
+ LOG(ERROR) << "Error generating key";
+ return {};
+ }
+
+ if (EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get()) != 1) {
+ LOG(ERROR) << "Error getting private key";
+ return {};
+ }
+
+ uint64_t now = time(nullptr);
+ uint64_t secondsInOneYear = 365 * 24 * 60 * 60;
+ uint64_t expireTimeMs = (now + secondsInOneYear) * 1000;
+
+ optional<vector<vector<uint8_t>>> attestationCert =
+ createAttestation(pkey.get(), applicationId, challenge, now * 1000, expireTimeMs);
+ if (!attestationCert) {
+ LOG(ERROR) << "Error create attestation from key and challenge";
+ return {};
+ }
+
+ int size = i2d_PrivateKey(pkey.get(), nullptr);
+ if (size == 0) {
+ LOG(ERROR) << "Error generating public key encoding";
+ return {};
+ }
+
+ vector<uint8_t> keyPair(size);
+ unsigned char* p = keyPair.data();
+ i2d_PrivateKey(pkey.get(), &p);
+
+ return make_pair(keyPair, attestationCert.value());
+}
+
optional<vector<uint8_t>> createEcKeyPair() {
auto ec_key = EC_KEY_Ptr(EC_KEY_new());
auto pkey = EVP_PKEY_Ptr(EVP_PKEY_new());
diff --git a/keymaster/4.1/support/include/keymasterV4_1/keymaster_tags.h b/keymaster/4.1/support/include/keymasterV4_1/keymaster_tags.h
index 6c186f6..40eb142 100644
--- a/keymaster/4.1/support/include/keymasterV4_1/keymaster_tags.h
+++ b/keymaster/4.1/support/include/keymasterV4_1/keymaster_tags.h
@@ -101,6 +101,7 @@
DECLARE_KM_4_1_TYPED_TAG(EARLY_BOOT_ONLY);
DECLARE_KM_4_1_TYPED_TAG(DEVICE_UNIQUE_ATTESTATION);
DECLARE_KM_4_1_TYPED_TAG(STORAGE_KEY);
+DECLARE_KM_4_1_TYPED_TAG(IDENTITY_CREDENTIAL_KEY);
} // namespace android::hardware::keymaster::V4_1
diff --git a/sensors/2.0/multihal/Android.bp b/sensors/2.0/multihal/Android.bp
index 24c475c..b7fa15a 100644
--- a/sensors/2.0/multihal/Android.bp
+++ b/sensors/2.0/multihal/Android.bp
@@ -92,3 +92,18 @@
"android.hardware.sensors@2.0-ScopedWakelock",
],
}
+
+cc_test_library {
+ name: "android.hardware.sensors@2.0-ScopedWakelock.testlib",
+ defaults: [
+ "hidl_defaults",
+ "android.hardware.sensors@2.0-multihal-defaults",
+ ],
+ srcs: [
+ "ScopedWakelock.cpp",
+ ],
+ vendor_available: true,
+ export_header_lib_headers: [
+ "android.hardware.sensors@2.0-multihal.header",
+ ],
+}
diff --git a/sensors/2.0/multihal/tests/Android.bp b/sensors/2.0/multihal/tests/Android.bp
index a9feaf7..472f3f3 100644
--- a/sensors/2.0/multihal/tests/Android.bp
+++ b/sensors/2.0/multihal/tests/Android.bp
@@ -80,11 +80,11 @@
static_libs: [
"android.hardware.sensors@2.0-HalProxy",
"android.hardware.sensors@2.0-fakesubhal-unittest",
+ "android.hardware.sensors@2.0-ScopedWakelock.testlib",
],
shared_libs: [
"android.hardware.sensors@1.0",
"android.hardware.sensors@2.0",
- "android.hardware.sensors@2.0-ScopedWakelock",
"libbase",
"libcutils",
"libfmq",
diff --git a/sensors/2.0/multihal/tests/HalProxy_test.cpp b/sensors/2.0/multihal/tests/HalProxy_test.cpp
index 1fd35d1..4633a75 100644
--- a/sensors/2.0/multihal/tests/HalProxy_test.cpp
+++ b/sensors/2.0/multihal/tests/HalProxy_test.cpp
@@ -724,6 +724,45 @@
EXPECT_EQ(eventOut.sensorHandle, (subhal2Index << 24) | sensorHandleToPost);
}
+TEST(HalProxyTest, FillAndDrainPendingQueueTest) {
+ constexpr size_t kQueueSize = 5;
+ // TODO: Make this constant linked to same limit in HalProxy.h
+ constexpr size_t kMaxPendingQueueSize = 100000;
+ AllSensorsSubHal subhal;
+ std::vector<ISensorsSubHal*> subHals{&subhal};
+
+ std::unique_ptr<EventMessageQueue> eventQueue = makeEventFMQ(kQueueSize);
+ std::unique_ptr<WakeupMessageQueue> wakeLockQueue = makeWakelockFMQ(kQueueSize);
+ ::android::sp<ISensorsCallback> callback = new SensorsCallback();
+ EventFlag* eventQueueFlag;
+ EventFlag::createEventFlag(eventQueue->getEventFlagWord(), &eventQueueFlag);
+ HalProxy proxy(subHals);
+ proxy.initialize(*eventQueue->getDesc(), *wakeLockQueue->getDesc(), callback);
+
+ // Fill pending queue
+ std::vector<Event> events = makeMultipleAccelerometerEvents(kQueueSize);
+ subhal.postEvents(events, false);
+ events = makeMultipleAccelerometerEvents(kMaxPendingQueueSize);
+ subhal.postEvents(events, false);
+
+ // Drain pending queue
+ for (int i = 0; i < kMaxPendingQueueSize + kQueueSize; i += kQueueSize) {
+ ASSERT_TRUE(readEventsOutOfQueue(kQueueSize, eventQueue, eventQueueFlag));
+ }
+
+ // Put one event on pending queue
+ events = makeMultipleAccelerometerEvents(kQueueSize);
+ subhal.postEvents(events, false);
+ events = {makeAccelerometerEvent()};
+ subhal.postEvents(events, false);
+
+ // Read out to make room for one event on pending queue to write to FMQ
+ ASSERT_TRUE(readEventsOutOfQueue(kQueueSize, eventQueue, eventQueueFlag));
+
+ // Should be able to read that last event off queue
+ EXPECT_TRUE(readEventsOutOfQueue(1, eventQueue, eventQueueFlag));
+}
+
// Helper implementations follow
void testSensorsListFromProxyAndSubHal(const std::vector<SensorInfo>& proxySensorsList,
const std::vector<SensorInfo>& subHalSensorsList) {