Merge "Fix more AIDL warnings in Radio HAL and lock it up" into main
diff --git a/audio/aidl/Android.bp b/audio/aidl/Android.bp
index 4902497..7b6109a 100644
--- a/audio/aidl/Android.bp
+++ b/audio/aidl/Android.bp
@@ -228,6 +228,13 @@
],
}
+rust_defaults {
+ name: "latest_android_hardware_audio_core_rust",
+ rustlibs: [
+ latest_android_hardware_audio_core + "-rust",
+ ],
+}
+
// Used for the standalone sounddose HAL
aidl_interface {
name: "android.hardware.audio.core.sounddose",
diff --git a/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
index da8b513..6ff66e7 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
@@ -125,9 +125,9 @@
* straightforward translation of the KeyMint tag/value parameter lists to ASN.1.
*
* KeyDescription ::= SEQUENCE {
- * attestationVersion INTEGER, # Value 300
+ * attestationVersion INTEGER, # Value 400
* attestationSecurityLevel SecurityLevel, # See below
- * keyMintVersion INTEGER, # Value 300
+ * keyMintVersion INTEGER, # Value 400
* keymintSecurityLevel SecurityLevel, # See below
* attestationChallenge OCTET_STRING, # Tag::ATTESTATION_CHALLENGE from attestParams
* uniqueId OCTET_STRING, # Empty unless key has Tag::INCLUDE_UNIQUE_ID
@@ -158,6 +158,17 @@
* Failed (3),
* }
*
+ * # Modules contains version info about APEX modules that have been updated after the last OTA.
+ * # Note that the Modules information is DER-encoded before being hashed, which requires a
+ * # specific ordering (lexicographic by encoded value) for the constituent Module entries. This
+ * # ensures that the ordering of Module entries is predictable and that the resulting SHA-256
+ * # hash value is identical for the same set of modules.
+ * Modules ::= SET OF Module
+ * Module ::= SEQUENCE {
+ * packageName OCTET_STRING,
+ * version INTEGER, # As determined at boot time
+ * }
+ *
* -- Note that the AuthorizationList SEQUENCE is also used in IKeyMintDevice::importWrappedKey
* -- as a way of describing the authorizations associated with a key that is being securely
* -- imported. As such, it includes the ability to describe tags that are only relevant for
@@ -210,6 +221,7 @@
* bootPatchLevel [719] EXPLICIT INTEGER OPTIONAL,
* deviceUniqueAttestation [720] EXPLICIT NULL OPTIONAL,
* attestationIdSecondImei [723] EXPLICIT OCTET_STRING OPTIONAL,
+ * moduleHash [724] EXPLICIT OCTET_STRING OPTIONAL, -- SHA-256 hash of DER-encoded `Modules`
* }
*/
Certificate[] certificateChain;
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/IStorageSession.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IStorageSession.aidl
index 1b70a0e..dc1e6a8 100644
--- a/staging/security/see/storage/aidl/android/hardware/security/see/storage/IStorageSession.aidl
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IStorageSession.aidl
@@ -44,6 +44,21 @@
void commitChanges();
/**
+ * If an A/B update is in progress, stages any pending changes made through this session to be
+ * committed when the A/B update completes successfully. If the update fails, the changes will
+ * be discarded.
+ *
+ * If no A/B update is in progess, behaves identically to `commitChanges`.
+ *
+ * After this call returns successfully, the session will no longer have pending changes. Files
+ * may then still be modified through this session to create another commit.
+ *
+ * May return service-specific errors:
+ * - ERR_BAD_TRANSACTION
+ */
+ void stageChangesForCommitOnAbUpdateComplete();
+
+ /**
* Abandons any pending changes made through this session.
*
* The session can then be reused to make new changes.