Merge "Specify version for aidl_interface explicitly"
diff --git a/PREUPLOAD.cfg b/PREUPLOAD.cfg
index 6740bb5..2116e21 100644
--- a/PREUPLOAD.cfg
+++ b/PREUPLOAD.cfg
@@ -4,6 +4,7 @@
[Builtin Hooks]
bpfmt = true
clang_format = true
+aidl_format = true
[Hook Scripts]
aosp_hook_confirmationui = ${REPO_ROOT}/frameworks/base/tools/aosp/aosp_sha.sh ${PREUPLOAD_COMMIT} confirmationui
diff --git a/audio/6.0/config/api/current.txt b/audio/6.0/config/api/current.txt
index 6b49e5e..f5d4798 100644
--- a/audio/6.0/config/api/current.txt
+++ b/audio/6.0/config/api/current.txt
@@ -133,6 +133,7 @@
enum_constant public static final audio.policy.configuration.V6_0.AudioFormat AUDIO_FORMAT_LDAC;
enum_constant public static final audio.policy.configuration.V6_0.AudioFormat AUDIO_FORMAT_LHDC;
enum_constant public static final audio.policy.configuration.V6_0.AudioFormat AUDIO_FORMAT_LHDC_LL;
+ enum_constant public static final audio.policy.configuration.V6_0.AudioFormat AUDIO_FORMAT_MAT;
enum_constant public static final audio.policy.configuration.V6_0.AudioFormat AUDIO_FORMAT_MAT_1_0;
enum_constant public static final audio.policy.configuration.V6_0.AudioFormat AUDIO_FORMAT_MAT_2_0;
enum_constant public static final audio.policy.configuration.V6_0.AudioFormat AUDIO_FORMAT_MAT_2_1;
diff --git a/audio/6.0/config/audio_policy_configuration.xsd b/audio/6.0/config/audio_policy_configuration.xsd
index 341c6b3..ead1cc2 100644
--- a/audio/6.0/config/audio_policy_configuration.xsd
+++ b/audio/6.0/config/audio_policy_configuration.xsd
@@ -363,6 +363,7 @@
<xs:enumeration value="AUDIO_FORMAT_AC4"/>
<xs:enumeration value="AUDIO_FORMAT_LDAC"/>
<xs:enumeration value="AUDIO_FORMAT_E_AC3_JOC"/>
+ <xs:enumeration value="AUDIO_FORMAT_MAT"/>
<xs:enumeration value="AUDIO_FORMAT_MAT_1_0"/>
<xs:enumeration value="AUDIO_FORMAT_MAT_2_0"/>
<xs:enumeration value="AUDIO_FORMAT_MAT_2_1"/>
diff --git a/audio/core/all-versions/default/StreamOut.cpp b/audio/core/all-versions/default/StreamOut.cpp
index ffd3b6b..21d439c 100644
--- a/audio/core/all-versions/default/StreamOut.cpp
+++ b/audio/core/all-versions/default/StreamOut.cpp
@@ -658,32 +658,65 @@
#if MAJOR_VERSION >= 6
Return<void> StreamOut::getDualMonoMode(getDualMonoMode_cb _hidl_cb) {
- _hidl_cb(Result::NOT_SUPPORTED, DualMonoMode::OFF);
+ audio_dual_mono_mode_t mode = AUDIO_DUAL_MONO_MODE_OFF;
+ Result retval = mStream->get_dual_mono_mode != nullptr
+ ? Stream::analyzeStatus("get_dual_mono_mode",
+ mStream->get_dual_mono_mode(mStream, &mode))
+ : Result::NOT_SUPPORTED;
+ _hidl_cb(retval, DualMonoMode(mode));
return Void();
}
-Return<Result> StreamOut::setDualMonoMode(DualMonoMode /*mode*/) {
- return Result::NOT_SUPPORTED;
+Return<Result> StreamOut::setDualMonoMode(DualMonoMode mode) {
+ return mStream->set_dual_mono_mode != nullptr
+ ? Stream::analyzeStatus(
+ "set_dual_mono_mode",
+ mStream->set_dual_mono_mode(mStream,
+ static_cast<audio_dual_mono_mode_t>(mode)))
+ : Result::NOT_SUPPORTED;
}
Return<void> StreamOut::getAudioDescriptionMixLevel(getAudioDescriptionMixLevel_cb _hidl_cb) {
- _hidl_cb(Result::NOT_SUPPORTED, -std::numeric_limits<float>::infinity());
+ float leveldB = -std::numeric_limits<float>::infinity();
+ Result retval = mStream->get_audio_description_mix_level != nullptr
+ ? Stream::analyzeStatus(
+ "get_audio_description_mix_level",
+ mStream->get_audio_description_mix_level(mStream, &leveldB))
+ : Result::NOT_SUPPORTED;
+ _hidl_cb(retval, leveldB);
return Void();
}
-Return<Result> StreamOut::setAudioDescriptionMixLevel(float /*leveldB*/) {
- return Result::NOT_SUPPORTED;
+Return<Result> StreamOut::setAudioDescriptionMixLevel(float leveldB) {
+ return mStream->set_audio_description_mix_level != nullptr
+ ? Stream::analyzeStatus(
+ "set_audio_description_mix_level",
+ mStream->set_audio_description_mix_level(mStream, leveldB))
+ : Result::NOT_SUPPORTED;
}
Return<void> StreamOut::getPlaybackRateParameters(getPlaybackRateParameters_cb _hidl_cb) {
- _hidl_cb(Result::NOT_SUPPORTED,
- // Same as AUDIO_PLAYBACK_RATE_INITIALIZER
- PlaybackRate{1.0f, 1.0f, TimestretchMode::DEFAULT, TimestretchFallbackMode::FAIL});
+ audio_playback_rate_t rate = AUDIO_PLAYBACK_RATE_INITIALIZER;
+ Result retval =
+ mStream->get_playback_rate_parameters != nullptr
+ ? Stream::analyzeStatus("get_playback_rate_parameters",
+ mStream->get_playback_rate_parameters(mStream, &rate))
+ : Result::NOT_SUPPORTED;
+ _hidl_cb(retval,
+ PlaybackRate{rate.mSpeed, rate.mPitch, static_cast<TimestretchMode>(rate.mStretchMode),
+ static_cast<TimestretchFallbackMode>(rate.mFallbackMode)});
return Void();
}
-Return<Result> StreamOut::setPlaybackRateParameters(const PlaybackRate& /*playbackRate*/) {
- return Result::NOT_SUPPORTED;
+Return<Result> StreamOut::setPlaybackRateParameters(const PlaybackRate& playbackRate) {
+ audio_playback_rate_t rate = {
+ playbackRate.speed, playbackRate.pitch,
+ static_cast<audio_timestretch_stretch_mode_t>(playbackRate.timestretchMode),
+ static_cast<audio_timestretch_fallback_mode_t>(playbackRate.fallbackMode)};
+ return mStream->set_playback_rate_parameters != nullptr
+ ? Stream::analyzeStatus("set_playback_rate_parameters",
+ mStream->set_playback_rate_parameters(mStream, &rate))
+ : Result::NOT_SUPPORTED;
}
Return<Result> StreamOut::setEventCallback(const sp<IStreamOutEventCallback>& callback) {
diff --git a/compatibility_matrices/compatibility_matrix.current.xml b/compatibility_matrices/compatibility_matrix.current.xml
index 66417c2..5a6f168 100644
--- a/compatibility_matrices/compatibility_matrix.current.xml
+++ b/compatibility_matrices/compatibility_matrix.current.xml
@@ -507,7 +507,7 @@
</hal>
<hal format="hidl" optional="true">
<name>android.hardware.tetheroffload.control</name>
- <version>1.0</version>
+ <version>1.1</version>
<interface>
<name>IOffloadControl</name>
<instance>default</instance>
diff --git a/drm/1.0/default/Android.bp b/drm/1.0/default/Android.bp
index 93b3278..d5063fb 100644
--- a/drm/1.0/default/Android.bp
+++ b/drm/1.0/default/Android.bp
@@ -46,7 +46,7 @@
android_hardware_drm_1_0_multilib {
name: "android.hardware.drm@1.0-multilib-lib",
- compile_multilib: "32",
+ compile_multilib: "prefer32",
soong_config_variables: {
TARGET_ENABLE_MEDIADRM_64: {
compile_multilib: "both",
@@ -56,7 +56,7 @@
android_hardware_drm_1_0_multilib {
name: "android.hardware.drm@1.0-multilib-exe",
- compile_multilib: "32",
+ compile_multilib: "prefer32",
soong_config_variables: {
TARGET_ENABLE_MEDIADRM_64: {
compile_multilib: "first",
diff --git a/radio/1.6/IRadio.hal b/radio/1.6/IRadio.hal
index 3dc80b9..a398e7d 100644
--- a/radio/1.6/IRadio.hal
+++ b/radio/1.6/IRadio.hal
@@ -117,6 +117,9 @@
* @param pduSessionId The pdu session id to be used for this data call. A value of 0 means
* no pdu session id was attached to this call.
* Reference: 3GPP TS 24.007 section 11.2.3.1b
+ * @param sliceInfo SliceInfo to be used for the data connection when a handover occurs from
+ * EPDG to 5G. It is valid only when accessNetwork is AccessNetwork:NGRAN. If the slice
+ * passed from EPDG is rejected, then the data failure cause must be DataCallFailCause:SLICE_REJECTED.
*
* Response function is IRadioResponse.setupDataCallResponse_1_6()
*
@@ -125,7 +128,7 @@
oneway setupDataCall_1_6(int32_t serial, AccessNetwork accessNetwork,
DataProfileInfo dataProfileInfo, bool roamingAllowed,
DataRequestReason reason, vec<LinkAddress> addresses, vec<string> dnses,
- int32_t pduSessionId);
+ int32_t pduSessionId, OptionalSliceInfo sliceInfo);
/**
* Send an SMS message
diff --git a/radio/1.6/types.hal b/radio/1.6/types.hal
index 6dd8315..8e1033b 100644
--- a/radio/1.6/types.hal
+++ b/radio/1.6/types.hal
@@ -356,6 +356,12 @@
* Reference: 3GPP TS 24.007 section 11.2.3.1b
*/
int32_t pduSessionId;
+
+ /**
+ * Slice used for this data call. It is valid only when this data call is on
+ * AccessNetwork:NGRAN.
+ */
+ OptionalSliceInfo sliceInfo;
};
/**
@@ -804,3 +810,80 @@
BAND_53 = 53,
BAND_96 = 96,
};
+
+/**
+ * This safe_union represents an optional slice info
+ */
+safe_union OptionalSliceInfo {
+ Monostate noinit;
+ SliceInfo value;
+};
+
+/**
+ * This struct represents a S-NSSAI as defined in 3GPP TS 24.501.
+ */
+struct SliceInfo {
+ /**
+ * The type of service provided by the slice.
+ *
+ * see: 3GPP TS 24.501 Section 9.11.2.8.
+ */
+ SliceServiceType sst;
+
+ /**
+ * Slice differentiator is the identifier of a slice that has
+ * SliceServiceType as SST. A value of -1 indicates that there is
+ * no corresponding SliceInfo of the HPLMN.
+ *
+ * see: 3GPP TS 24.501 Section 9.11.2.8.
+ */
+ int32_t sliceDifferentiator;
+
+ /**
+ * This SST corresponds to a SliceInfo (S-NSSAI) of the HPLMN; the SST is
+ * mapped to this value.
+ *
+ * see: 3GPP TS 24.501 Section 9.11.2.8.
+ */
+ SliceServiceType mappedHplmnSst;
+
+ /**
+ * Present only if both sliceDifferentiator and mappedHplmnSst are also
+ * present. This SD corresponds to a SliceInfo (S-NSSAI) of the HPLMN;
+ * sliceDifferentiator is mapped to this value. A value of -1 indicates that
+ * there is no corresponding SliceInfo of the HPLMN.
+ *
+ * see: 3GPP TS 24.501 Section 9.11.2.8.
+ */
+ int32_t mappedHplmnSD;
+};
+
+/**
+ * Slice/Service Type as defined in 3GPP TS 23.501.
+ */
+enum SliceServiceType : uint8_t {
+ /* Not specified */
+ NONE = 0,
+
+ /* Slice suitable for the handling of 5G enhanced Mobile Broadband */
+ EMBB = 1,
+
+ /**
+ * Slice suitable for the handling of ultra-reliable low latency
+ * communications
+ */
+ URLLC = 2,
+
+ /* Slice suitable for the handling of massive IoT */
+ MIOT = 3,
+};
+
+/**
+ * Expose more setup data call failures.
+ */
+enum DataCallFailCause : @1.4::DataCallFailCause {
+ /**
+ * Data call fail due to the slice not being allowed for the data call.
+ */
+ SLICE_REJECTED = 0x8CC,
+};
diff --git a/radio/1.6/vts/functional/radio_hidl_hal_api.cpp b/radio/1.6/vts/functional/radio_hidl_hal_api.cpp
index 47babed..8b87292 100644
--- a/radio/1.6/vts/functional/radio_hidl_hal_api.cpp
+++ b/radio/1.6/vts/functional/radio_hidl_hal_api.cpp
@@ -56,8 +56,12 @@
::android::hardware::radio::V1_2::DataRequestReason reason =
::android::hardware::radio::V1_2::DataRequestReason::NORMAL;
- Return<void> res = radio_v1_6->setupDataCall_1_6(serial, accessNetwork, dataProfileInfo,
- roamingAllowed, reason, addresses, dnses, -1);
+ ::android::hardware::radio::V1_6::OptionalSliceInfo optionalSliceInfo;
+ memset(&optionalSliceInfo, 0, sizeof(optionalSliceInfo));
+
+ Return<void> res =
+ radio_v1_6->setupDataCall_1_6(serial, accessNetwork, dataProfileInfo, roamingAllowed,
+ reason, addresses, dnses, -1, optionalSliceInfo);
ASSERT_OK(res);
EXPECT_EQ(std::cv_status::no_timeout, wait());
diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl
index ce12fed..a6be6b1 100644
--- a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl
@@ -42,6 +42,7 @@
USAGE_EXPIRE_DATETIME = 1610613138,
MIN_SECONDS_BETWEEN_OPS = 805306771,
MAX_USES_PER_BOOT = 805306772,
+ USAGE_COUNT_LIMIT = 805306773,
USER_ID = 805306869,
USER_SECURE_ID = -1610612234,
NO_AUTH_REQUIRED = 1879048695,
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index f92bf00..bc07235 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
@@ -333,6 +333,35 @@
MAX_USES_PER_BOOT = (3 << 28) /* TagType:UINT */ | 404,
/**
+ * Tag::USAGE_COUNT_LIMIT specifies the number of times that a key may be used. This can be
+ * used to limit the use of a key.
+ *
+ * The value is a 32-bit integer representing the current number of attempts left.
+ *
+ * When initializing a limited use key, the value of this tag represents the maximum usage
+ * limit for that key. After the key usage is exhausted, the key blob should be invalidated by
+ * finish() call. Any subsequent attempts to use the key must result in a failure with
+ * ErrorCode::INVALID_KEY_BLOB returned by IKeyMintDevice.
+ *
+ * At this point, if the caller specifies count > 1, it is not expected that any TEE will be
+ * able to enforce this feature in the hardware due to limited resources of secure
+ * storage. In this case, the tag with the value of maximum usage must be added to the key
+ * characteristics with SecurityLevel::SOFTWARE by the IKeyMintDevice.
+ *
+ * On the other hand, if the caller specifies count = 1, some TEEs may have the ability
+ * to enforce this feature in the hardware with its secure storage. If the IKeyMintDevice
+ * implementation can enforce this feature, the tag with value = 1 must be added to the key
+ * characteristics with the SecurityLevel of the IKeyMintDevice. If the IKeyMintDevice can't
+ * enforce this feature even when the count = 1, the tag must be added to the key
+ * characteristics with the SecurityLevel::SOFTWARE.
+ *
+ * When the key is attested, this tag with the same value must also be added to the attestation
+ * record. This tag must have the same SecurityLevel as the tag that is added to the key
+ * characteristics.
+ */
+ USAGE_COUNT_LIMIT = (3 << 28) | 405, /* TagType:UINT */
+
+ /**
* Tag::USER_ID specifies the ID of the Android user that is permitted to use the key.
*
* Must not be hardware-enforced.
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 5989cde..c876440 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -562,7 +562,7 @@
}
/*
- * NewKeyGenerationTest.Rsa
+ * NewKeyGenerationTest.RsaWithAttestation
*
* Verifies that keymint can generate all required RSA key sizes, and that the resulting keys
* have correct characteristics.
@@ -607,6 +607,45 @@
}
/*
+ * NewKeyGenerationTest.LimitedUsageRsa
+ *
+ * Verifies that KeyMint can generate all required RSA key sizes with limited usage, and that the
+ * resulting keys have correct characteristics.
+ */
+TEST_P(NewKeyGenerationTest, LimitedUsageRsa) {
+ for (auto key_size : ValidKeySizes(Algorithm::RSA)) {
+ vector<uint8_t> key_blob;
+ vector<KeyCharacteristics> key_characteristics;
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+ .RsaSigningKey(key_size, 65537)
+ .Digest(Digest::NONE)
+ .Padding(PaddingMode::NONE)
+ .Authorization(TAG_USAGE_COUNT_LIMIT, 1),
+ &key_blob, &key_characteristics));
+
+ ASSERT_GT(key_blob.size(), 0U);
+ CheckBaseParams(key_characteristics);
+
+ AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
+
+ EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::RSA));
+ EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
+ << "Key size " << key_size << "missing";
+ EXPECT_TRUE(crypto_params.Contains(TAG_RSA_PUBLIC_EXPONENT, 65537U));
+
+ // Check the usage count limit tag appears in the authorizations.
+ AuthorizationSet auths;
+ for (auto& entry : key_characteristics) {
+ auths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ EXPECT_TRUE(auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
+ << "key usage count limit " << 1U << " missing";
+
+ CheckedDeleteKey(&key_blob);
+ }
+}
+
+/*
* NewKeyGenerationTest.NoInvalidRsaSizes
*
* Verifies that keymint cannot generate any RSA key sizes that are designated as invalid.
@@ -666,6 +705,43 @@
}
/*
+ * NewKeyGenerationTest.LimitedUsageEcdsa
+ *
+ * Verifies that KeyMint can generate all required EC key sizes with limited usage, and that the
+ * resulting keys have correct characteristics.
+ */
+TEST_P(NewKeyGenerationTest, LimitedUsageEcdsa) {
+ for (auto key_size : ValidKeySizes(Algorithm::EC)) {
+ vector<uint8_t> key_blob;
+ vector<KeyCharacteristics> key_characteristics;
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+ .EcdsaSigningKey(key_size)
+ .Digest(Digest::NONE)
+ .Authorization(TAG_USAGE_COUNT_LIMIT, 1),
+ &key_blob, &key_characteristics));
+
+ ASSERT_GT(key_blob.size(), 0U);
+ CheckBaseParams(key_characteristics);
+
+ AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
+
+ EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
+ EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
+ << "Key size " << key_size << "missing";
+
+ // Check the usage count limit tag appears in the authorizations.
+ AuthorizationSet auths;
+ for (auto& entry : key_characteristics) {
+ auths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ EXPECT_TRUE(auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
+ << "key usage count limit " << 1U << " missing";
+
+ CheckedDeleteKey(&key_blob);
+ }
+}
+
+/*
* NewKeyGenerationTest.EcdsaDefaultSize
*
* Verifies that failing to specify a key size for EC key generation returns
@@ -780,6 +856,44 @@
}
/*
+ * NewKeyGenerationTest.LimitedUsageHmac
+ *
+ * Verifies that KeyMint supports all required digests with limited usage Hmac, and that the
+ * resulting keys have correct characteristics.
+ */
+TEST_P(NewKeyGenerationTest, LimitedUsageHmac) {
+ for (auto digest : ValidDigests(false /* withNone */, true /* withMD5 */)) {
+ vector<uint8_t> key_blob;
+ vector<KeyCharacteristics> key_characteristics;
+ constexpr size_t key_size = 128;
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+ .HmacKey(key_size)
+ .Digest(digest)
+ .Authorization(TAG_MIN_MAC_LENGTH, 128)
+ .Authorization(TAG_USAGE_COUNT_LIMIT, 1),
+ &key_blob, &key_characteristics));
+
+ ASSERT_GT(key_blob.size(), 0U);
+ CheckBaseParams(key_characteristics);
+
+ AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
+ EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::HMAC));
+ EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
+ << "Key size " << key_size << "missing";
+
+ // Check the usage count limit tag appears in the authorizations.
+ AuthorizationSet auths;
+ for (auto& entry : key_characteristics) {
+ auths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ EXPECT_TRUE(auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
+ << "key usage count limit " << 1U << " missing";
+
+ CheckedDeleteKey(&key_blob);
+ }
+}
+
+/*
* NewKeyGenerationTest.HmacCheckKeySizes
*
* Verifies that keymint supports all key sizes, and rejects all invalid key sizes.
@@ -4153,7 +4267,7 @@
}
/*
- * MaxOperationsTest.TestLimitAes
+ * MaxOperationsTest.TestLimitRsa
*
* Verifies that the max uses per boot tag works correctly with RSA keys.
*/
@@ -4180,6 +4294,100 @@
INSTANTIATE_KEYMINT_AIDL_TEST(MaxOperationsTest);
+typedef KeyMintAidlTestBase UsageCountLimitTest;
+
+/*
+ * UsageCountLimitTest.TestLimitAes
+ *
+ * Verifies that the usage count limit tag works correctly with AES keys.
+ */
+TEST_P(UsageCountLimitTest, TestLimitAes) {
+ if (SecLevel() == SecurityLevel::STRONGBOX) return;
+
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AesEncryptionKey(128)
+ .EcbMode()
+ .Padding(PaddingMode::NONE)
+ .Authorization(TAG_USAGE_COUNT_LIMIT, 1)));
+
+ // Check the usage count limit tag appears in the authorizations.
+ AuthorizationSet auths;
+ for (auto& entry : key_characteristics_) {
+ auths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ EXPECT_TRUE(auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
+ << "key usage count limit " << 1U << " missing";
+
+ string message = "1234567890123456";
+ auto params = AuthorizationSetBuilder().EcbMode().Padding(PaddingMode::NONE);
+
+ // First usage of AES key should work.
+ EncryptMessage(message, params);
+
+ AuthorizationSet hardware_auths;
+ for (auto& entry : key_characteristics_) {
+ if (entry.securityLevel != SecurityLevel::SOFTWARE) {
+ auths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ }
+ if (hardware_auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U)) {
+ // Usage count limit tag is enforced by hardware. After using the key, the key blob
+ // must be invalidated from secure storage (such as RPMB partition).
+ EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::ENCRYPT, params));
+ } else {
+ // Usage count limit tag is enforced by software, keymint does nothing.
+ EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params));
+ }
+}
+
+/*
+ * UsageCountLimitTest.TestLimitRsa
+ *
+ * Verifies that the usage count limit tag works correctly with RSA keys.
+ */
+TEST_P(UsageCountLimitTest, TestLimitRsa) {
+ if (SecLevel() == SecurityLevel::STRONGBOX) return;
+
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .RsaSigningKey(1024, 65537)
+ .NoDigestOrPadding()
+ .Authorization(TAG_USAGE_COUNT_LIMIT, 1)));
+
+ // Check the usage count limit tag appears in the authorizations.
+ AuthorizationSet auths;
+ for (auto& entry : key_characteristics_) {
+ auths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ EXPECT_TRUE(auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U))
+ << "key usage count limit " << 1U << " missing";
+
+ string message = "1234567890123456";
+ auto params = AuthorizationSetBuilder().NoDigestOrPadding();
+
+ // First usage of RSA key should work.
+ SignMessage(message, params);
+
+ AuthorizationSet hardware_auths;
+ for (auto& entry : key_characteristics_) {
+ if (entry.securityLevel != SecurityLevel::SOFTWARE) {
+ auths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ }
+
+ if (hardware_auths.Contains(TAG_USAGE_COUNT_LIMIT, 1U)) {
+ // Usage count limit tag is enforced by hardware. After using the key, the key blob
+ // must be invalidated from secure storage (such as RPMB partition).
+ EXPECT_EQ(ErrorCode::INVALID_KEY_BLOB, Begin(KeyPurpose::SIGN, params));
+ } else {
+ // Usage count limit tag is enforced by software, keymint does nothing.
+ EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::SIGN, params));
+ }
+}
+
+INSTANTIATE_KEYMINT_AIDL_TEST(UsageCountLimitTest);
+
typedef KeyMintAidlTestBase AddEntropyTest;
/*
diff --git a/security/keymint/support/include/keymint_support/keymint_tags.h b/security/keymint/support/include/keymint_support/keymint_tags.h
index 76aecb7..8d2fe28 100644
--- a/security/keymint/support/include/keymint_support/keymint_tags.h
+++ b/security/keymint/support/include/keymint_support/keymint_tags.h
@@ -119,6 +119,7 @@
DECLARE_TYPED_TAG(TRUSTED_USER_PRESENCE_REQUIRED);
DECLARE_TYPED_TAG(UNIQUE_ID);
DECLARE_TYPED_TAG(UNLOCKED_DEVICE_REQUIRED);
+DECLARE_TYPED_TAG(USAGE_COUNT_LIMIT);
DECLARE_TYPED_TAG(USAGE_EXPIRE_DATETIME);
DECLARE_TYPED_TAG(USER_AUTH_TYPE);
DECLARE_TYPED_TAG(USER_ID);
@@ -135,15 +136,15 @@
TAG_INVALID_t, TAG_KEY_SIZE_t, TAG_MAC_LENGTH_t, TAG_CALLER_NONCE_t, TAG_MIN_MAC_LENGTH_t,
TAG_RSA_PUBLIC_EXPONENT_t, TAG_INCLUDE_UNIQUE_ID_t, TAG_ACTIVE_DATETIME_t,
TAG_ORIGINATION_EXPIRE_DATETIME_t, TAG_USAGE_EXPIRE_DATETIME_t,
- TAG_MIN_SECONDS_BETWEEN_OPS_t, TAG_MAX_USES_PER_BOOT_t, TAG_USER_ID_t, TAG_USER_SECURE_ID_t,
- TAG_NO_AUTH_REQUIRED_t, TAG_AUTH_TIMEOUT_t, TAG_ALLOW_WHILE_ON_BODY_t,
- TAG_UNLOCKED_DEVICE_REQUIRED_t, TAG_APPLICATION_ID_t, TAG_APPLICATION_DATA_t,
- TAG_CREATION_DATETIME_t, TAG_ROLLBACK_RESISTANCE_t, TAG_HARDWARE_TYPE_t,
- TAG_ROOT_OF_TRUST_t, TAG_ASSOCIATED_DATA_t, TAG_NONCE_t, TAG_BOOTLOADER_ONLY_t,
- TAG_OS_VERSION_t, TAG_OS_PATCHLEVEL_t, TAG_UNIQUE_ID_t, TAG_ATTESTATION_CHALLENGE_t,
- TAG_ATTESTATION_APPLICATION_ID_t, TAG_ATTESTATION_ID_BRAND_t, TAG_ATTESTATION_ID_DEVICE_t,
- TAG_ATTESTATION_ID_PRODUCT_t, TAG_ATTESTATION_ID_MANUFACTURER_t, TAG_ATTESTATION_ID_MODEL_t,
- TAG_ATTESTATION_ID_SERIAL_t, TAG_ATTESTATION_ID_IMEI_t, TAG_ATTESTATION_ID_MEID_t,
+ TAG_MIN_SECONDS_BETWEEN_OPS_t, TAG_MAX_USES_PER_BOOT_t, TAG_USAGE_COUNT_LIMIT_t,
+ TAG_USER_ID_t, TAG_USER_SECURE_ID_t, TAG_NO_AUTH_REQUIRED_t, TAG_AUTH_TIMEOUT_t,
+ TAG_ALLOW_WHILE_ON_BODY_t, TAG_UNLOCKED_DEVICE_REQUIRED_t, TAG_APPLICATION_ID_t,
+ TAG_APPLICATION_DATA_t, TAG_CREATION_DATETIME_t, TAG_ROLLBACK_RESISTANCE_t,
+ TAG_HARDWARE_TYPE_t, TAG_ROOT_OF_TRUST_t, TAG_ASSOCIATED_DATA_t, TAG_NONCE_t,
+ TAG_BOOTLOADER_ONLY_t, TAG_OS_VERSION_t, TAG_OS_PATCHLEVEL_t, TAG_UNIQUE_ID_t,
+ TAG_ATTESTATION_CHALLENGE_t, TAG_ATTESTATION_APPLICATION_ID_t, TAG_ATTESTATION_ID_BRAND_t,
+ TAG_ATTESTATION_ID_DEVICE_t, TAG_ATTESTATION_ID_PRODUCT_t,
+ TAG_ATTESTATION_ID_MANUFACTURER_t, TAG_ATTESTATION_ID_MODEL_t,
TAG_RESET_SINCE_ID_ROTATION_t, TAG_PURPOSE_t, TAG_ALGORITHM_t, TAG_BLOCK_MODE_t,
TAG_DIGEST_t, TAG_PADDING_t, TAG_ORIGIN_t, TAG_USER_AUTH_TYPE_t, TAG_EC_CURVE_t,
TAG_BOOT_PATCHLEVEL_t, TAG_VENDOR_PATCHLEVEL_t, TAG_TRUSTED_CONFIRMATION_REQUIRED_t,
diff --git a/security/secureclock/aidl/OWNERS b/security/secureclock/aidl/OWNERS
new file mode 100644
index 0000000..a93b171
--- /dev/null
+++ b/security/secureclock/aidl/OWNERS
@@ -0,0 +1,4 @@
+jbires@google.com
+jdanis@google.com
+seleneh@google.com
+swillden@google.com
diff --git a/security/sharedsecret/aidl/OWNERS b/security/sharedsecret/aidl/OWNERS
new file mode 100644
index 0000000..a93b171
--- /dev/null
+++ b/security/sharedsecret/aidl/OWNERS
@@ -0,0 +1,4 @@
+jbires@google.com
+jdanis@google.com
+seleneh@google.com
+swillden@google.com
diff --git a/tetheroffload/control/1.0/vts/functional/Android.bp b/tetheroffload/control/1.0/vts/functional/Android.bp
index c397df4..ddf3826 100644
--- a/tetheroffload/control/1.0/vts/functional/Android.bp
+++ b/tetheroffload/control/1.0/vts/functional/Android.bp
@@ -30,3 +30,17 @@
"vts",
],
}
+
+cc_test_library {
+ name: "VtsHalTetheroffloadControlV1_0TargetTest-lib",
+ defaults: ["VtsHalTargetTestDefaults"],
+ export_include_dirs: ["include"],
+ static_libs: [
+ "android.hardware.tetheroffload.config@1.0",
+ "android.hardware.tetheroffload.control@1.0",
+ ],
+ srcs: [
+ "OffloadControlTestBase.cpp",
+ "OffloadControlTestUtils.cpp",
+ ],
+}
diff --git a/tetheroffload/control/1.0/vts/functional/OffloadControlTestBase.cpp b/tetheroffload/control/1.0/vts/functional/OffloadControlTestBase.cpp
index bd0dad7..e392e96 100644
--- a/tetheroffload/control/1.0/vts/functional/OffloadControlTestBase.cpp
+++ b/tetheroffload/control/1.0/vts/functional/OffloadControlTestBase.cpp
@@ -53,29 +53,6 @@
ASSERT_TRUE(ret.isOk());
}
-void OffloadControlTestBase::prepareControlHal() {
- control = createControl(std::get<1>(GetParam()));
- ASSERT_NE(nullptr, control.get()) << "Could not get HIDL instance";
-
- control_cb = new TetheringOffloadCallback();
- ASSERT_NE(nullptr, control_cb.get()) << "Could not get get offload callback";
-}
-
-void OffloadControlTestBase::initOffload(const bool expected_result) {
- auto init_cb = [&](bool success, std::string errMsg) {
- std::string msg = StringPrintf("Unexpectedly %s to init offload: %s",
- success ? "succeeded" : "failed", errMsg.c_str());
- ASSERT_EQ(expected_result, success) << msg;
- };
- const Return<void> ret = control->initOffload(control_cb, init_cb);
- ASSERT_TRUE(ret.isOk());
-}
-
-void OffloadControlTestBase::setupControlHal() {
- prepareControlHal();
- initOffload(true);
-}
-
void OffloadControlTestBase::stopOffload(const ExpectBoolean value) {
auto cb = [&](bool success, const hidl_string& errMsg) {
switch (value) {
diff --git a/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestBase.h b/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestBase.h
index 004019a..994c808 100644
--- a/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestBase.h
+++ b/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestBase.h
@@ -36,7 +36,6 @@
using android::hardware::Return;
using android::hardware::Void;
using android::hardware::tetheroffload::config::V1_0::IOffloadConfig;
-using android::hardware::tetheroffload::control::V1_0::IOffloadControl;
using android::hardware::tetheroffload::control::V1_0::ITetheringOffloadCallback;
using android::hardware::tetheroffload::control::V1_0::NatTimeoutUpdate;
using android::hardware::tetheroffload::control::V1_0::OffloadCallbackEvent;
@@ -64,17 +63,21 @@
// Called once in setup stage to retrieve correct version of
// IOffloadControl object.
- virtual sp<IOffloadControl> createControl(const std::string& serviceName) = 0;
+ virtual sp<android::hardware::tetheroffload::control::V1_0::IOffloadControl> createControl(
+ const std::string& serviceName) = 0;
// The IOffloadConfig HAL is tested more thoroughly elsewhere. Here the
// class just setup everything correctly and verify basic readiness.
void setupConfigHal();
- void prepareControlHal();
+ virtual void prepareControlHal() = 0;
- void initOffload(const bool expected_result);
+ virtual void initOffload(const bool expected_result) = 0;
- void setupControlHal();
+ void setupControlHal() {
+ prepareControlHal();
+ initOffload(true);
+ };
void stopOffload(const ExpectBoolean value);
@@ -100,6 +103,6 @@
};
sp<IOffloadConfig> config;
- sp<IOffloadControl> control;
+ sp<android::hardware::tetheroffload::control::V1_0::IOffloadControl> control;
sp<TetheringOffloadCallback> control_cb;
};
\ No newline at end of file
diff --git a/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestV1_0.h b/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestV1_0.h
index 7492f8a..9189d71 100644
--- a/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestV1_0.h
+++ b/tetheroffload/control/1.0/vts/functional/include/OffloadControlTestV1_0.h
@@ -26,8 +26,28 @@
prepareControlHal();
}
- virtual sp<IOffloadControl> createControl(const std::string& serviceName) override {
- return IOffloadControl::getService(serviceName);
+ virtual sp<android::hardware::tetheroffload::control::V1_0::IOffloadControl> createControl(
+ const std::string& serviceName) override {
+ return android::hardware::tetheroffload::control::V1_0::IOffloadControl::getService(
+ serviceName);
+ }
+
+ virtual void prepareControlHal() override {
+ control = createControl(std::get<1>(GetParam()));
+ ASSERT_NE(nullptr, control.get()) << "Could not get HIDL instance";
+
+ control_cb = new TetheringOffloadCallback();
+ ASSERT_NE(nullptr, control_cb.get()) << "Could not get get offload callback";
+ }
+
+ virtual void initOffload(const bool expected_result) override {
+ auto init_cb = [&](bool success, std::string errMsg) {
+ std::string msg = StringPrintf("Unexpectedly %s to init offload: %s",
+ success ? "succeeded" : "failed", errMsg.c_str());
+ ASSERT_EQ(expected_result, success) << msg;
+ };
+ const Return<void> ret = control->initOffload(control_cb, init_cb);
+ ASSERT_TRUE(ret.isOk());
}
};
diff --git a/tetheroffload/control/1.1/Android.bp b/tetheroffload/control/1.1/Android.bp
new file mode 100644
index 0000000..18c8ea9
--- /dev/null
+++ b/tetheroffload/control/1.1/Android.bp
@@ -0,0 +1,16 @@
+// This file is autogenerated by hidl-gen -Landroidbp.
+
+hidl_interface {
+ name: "android.hardware.tetheroffload.control@1.1",
+ root: "android.hardware",
+ srcs: [
+ "types.hal",
+ "IOffloadControl.hal",
+ "ITetheringOffloadCallback.hal",
+ ],
+ interfaces: [
+ "android.hardware.tetheroffload.control@1.0",
+ "android.hidl.base@1.0",
+ ],
+ gen_java: true,
+}
diff --git a/tetheroffload/control/1.1/IOffloadControl.hal b/tetheroffload/control/1.1/IOffloadControl.hal
new file mode 100644
index 0000000..eb5b8a1
--- /dev/null
+++ b/tetheroffload/control/1.1/IOffloadControl.hal
@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.tetheroffload.control@1.1;
+
+import @1.0::IOffloadControl;
+
+/**
+ * Interface used to control the lifecycle of tethering offload. Note that callbacks of 1.1 HAL
+ * can be registered with the existing callback registration methods from 1.0 HAL.
+ */
+interface IOffloadControl extends @1.0::IOffloadControl {
+ /**
+ * Instruct hardware to send callbacks after certain number of bytes have been transferred in
+ * either direction on this upstream interface.
+ *
+ * The specified quota bytes must be applied to all traffic on the given upstream interface.
+ * This includes hardware forwarded traffic, software forwarded traffic, and AP-originated
+ * traffic. IPv4 and IPv6 traffic both count towards the same quota. IP headers are included
+ * in the byte count quota, but, link-layer headers are not.
+ *
+ * This API may only be called while offload is occurring on this upstream. The hardware
+ * management process MUST NOT store the values when offload is not started and applies once
+ * offload is started. This is because the quota values would likely become stale over
+ * time and would not reflect any new traffic that has occurred.
+ *
+ * This API replaces {@link @1.0::IOffloadControl::setDataLimit}, the framework would always
+ * calls this API if 1.1 HAL is supported. Otherwise, calls the other one. Thus, no
+ * interaction between the two APIs need to be addressed. However, the hardware implementation
+ * still needs to keep functionality of both in case of shipping with older framework that
+ * doesn't support 1.1 HAL.
+ *
+ * The specified quota bytes MUST replace any previous quotas set by
+ * {@code setDataWarningAndLimit} specified on the same interface. It may be interpreted as
+ * "tell me when either <warningBytes> or <limitBytes> bytes have been transferred
+ * (in either direction), and stop offload when <limitBytes> bytes have been transferred,
+ * starting now and counting from zero on <upstream>."
+ *
+ * Once the {@code warningBytes} is reached, the callback registered in initOffload must be
+ * called with {@code OFFLOAD_WARNING_REACHED} to indicate this event. Once the event fires
+ * for this upstream, no further {@code OFFLOAD_WARNING_REACHED} event will be fired for this
+ * upstream unless this method is called again with the same interface. Note that there is
+ * no need to call initOffload again to resume offload if stopOffload was not called by the
+ * client.
+ *
+ * Similarly, Once the {@code limitBytes} is reached, the callback registered in initOffload
+ * must be called with {@code OFFLOAD_STOPPED_LIMIT_REACHED} to indicate this event. Once
+ * the event fires for this upstream, no further {@code OFFLOAD_STOPPED_LIMIT_REACHED}
+ * event will be fired for this upstream unless this method is called again with the same
+ * interface. However, unlike {@code warningBytes}, when {@code limitBytes} is reached,
+ * all offload must be stopped. If offload is desired again, the hardware management
+ * process must be completely reprogrammed by calling setUpstreamParameters and
+ * addDownstream again.
+ *
+ * Note that when one of the quota bytes is reached, the other one is still considered valid
+ * unless this method is called again with the same interface.
+ *
+ * @param upstream Upstream interface name that quota must apply to.
+ * @param warningBytes The quota of warning, defined as the number of bytes, starting from
+ * zero and counting from now.
+ * @param limitBytes The quota of limit, defined as the number of bytes, starting from zero
+ * and counting from now.
+ *
+ * @return success true if quota is applied, false otherwise
+ * @return errMsg a human readable string if error has occurred.
+ */
+ setDataWarningAndLimit(string upstream, uint64_t warningBytes, uint64_t limitBytes)
+ generates (bool success, string errMsg);
+};
diff --git a/tetheroffload/control/1.1/ITetheringOffloadCallback.hal b/tetheroffload/control/1.1/ITetheringOffloadCallback.hal
new file mode 100644
index 0000000..7a7d56d
--- /dev/null
+++ b/tetheroffload/control/1.1/ITetheringOffloadCallback.hal
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.tetheroffload.control@1.1;
+
+import @1.0::ITetheringOffloadCallback;
+import OffloadCallbackEvent;
+
+/**
+ * Callback providing information about status of hardware management process
+ * as well as providing a way to keep offloaded connections from timing out.
+ */
+interface ITetheringOffloadCallback extends @1.0::ITetheringOffloadCallback {
+ /**
+ * Called when an asynchronous event is generated by the hardware
+ * management process. Events which are common for 1.0 and 1.1 HAL
+ * MUST be fired on both 1.0 and 1.1 callback.
+ */
+ oneway onEvent_1_1(OffloadCallbackEvent event);
+};
diff --git a/tetheroffload/control/1.1/types.hal b/tetheroffload/control/1.1/types.hal
new file mode 100644
index 0000000..30e6af3
--- /dev/null
+++ b/tetheroffload/control/1.1/types.hal
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.tetheroffload.control@1.1;
+
+import @1.0::OffloadCallbackEvent;
+
+enum OffloadCallbackEvent : @1.0::OffloadCallbackEvent {
+ /**
+ * This event is fired when the quota, applied in setDataWarning, has expired. It is
+ * recommended that the client query for statistics immediately after receiving this event.
+ * Note that hardware acceleration must not be stopped upon receiving this event.
+ */
+ OFFLOAD_WARNING_REACHED = 6,
+};
diff --git a/tetheroffload/control/1.1/vts/functional/Android.bp b/tetheroffload/control/1.1/vts/functional/Android.bp
new file mode 100644
index 0000000..ab29350
--- /dev/null
+++ b/tetheroffload/control/1.1/vts/functional/Android.bp
@@ -0,0 +1,30 @@
+// Copyright (C) 2020 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+cc_test {
+ name: "VtsHalTetheroffloadControlV1_1TargetTest",
+ defaults: ["VtsHalTargetTestDefaults"],
+ srcs: ["VtsHalTetheroffloadControlV1_1TargetTest.cpp"],
+ local_include_dirs: ["include"],
+ static_libs: [
+ "android.hardware.tetheroffload.config@1.0",
+ "android.hardware.tetheroffload.control@1.0",
+ "android.hardware.tetheroffload.control@1.1",
+ "VtsHalTetheroffloadControlV1_0TargetTest-lib",
+ ],
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
+}
diff --git a/tetheroffload/control/1.1/vts/functional/VtsHalTetheroffloadControlV1_1TargetTest.cpp b/tetheroffload/control/1.1/vts/functional/VtsHalTetheroffloadControlV1_1TargetTest.cpp
new file mode 100644
index 0000000..b8c9e53
--- /dev/null
+++ b/tetheroffload/control/1.1/vts/functional/VtsHalTetheroffloadControlV1_1TargetTest.cpp
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <OffloadControlTestV1_1.h>
+#include <gtest/gtest.h>
+#include <hidl/GtestPrinter.h>
+#include <hidl/ServiceManagement.h>
+
+using android::hardware::tetheroffload::control::V1_1::IOffloadControl;
+
+const hidl_string TEST_IFACE("rmnet_data0");
+
+// Check that calling setDataWarningAndLimit() without first having called initOffload() returns
+// false.
+TEST_P(OffloadControlTestV1_1_HalNotStarted, SetDataWarningAndLimitWithoutInitReturnsFalse) {
+ const Return<void> ret = getControlV1_1()->setDataWarningAndLimit(TEST_IFACE, 5000ULL, 5000ULL,
+ ASSERT_FALSE_CALLBACK);
+ EXPECT_TRUE(ret.isOk());
+}
+
+/*
+ * Tests for IOffloadControl::setDataWarningAndLimit().
+ */
+
+// Test that setDataWarningAndLimit() for an empty interface name fails.
+TEST_P(OffloadControlTestV1_1_HalStarted, SetDataWarningAndLimitEmptyUpstreamIfaceFails) {
+ const Return<void> ret = getControlV1_1()->setDataWarningAndLimit(
+ hidl_string(""), 12345ULL, 67890ULL, ASSERT_FALSE_CALLBACK);
+ EXPECT_TRUE(ret.isOk());
+}
+
+// TEST_IFACE is presumed to exist on the device and be up. No packets
+// are ever actually caused to be forwarded.
+TEST_P(OffloadControlTestV1_1_HalStarted, SetDataWarningAndLimitNonZeroOk) {
+ const Return<void> ret = getControlV1_1()->setDataWarningAndLimit(TEST_IFACE, 4000ULL, 5000ULL,
+ ASSERT_TRUE_CALLBACK);
+ EXPECT_TRUE(ret.isOk());
+}
+
+// TEST_IFACE is presumed to exist on the device and be up. No packets
+// are ever actually caused to be forwarded.
+TEST_P(OffloadControlTestV1_1_HalStarted, SetDataWarningAndLimitZeroOk) {
+ const Return<void> ret =
+ getControlV1_1()->setDataWarningAndLimit(TEST_IFACE, 0ULL, 0ULL, ASSERT_TRUE_CALLBACK);
+ EXPECT_TRUE(ret.isOk());
+}
+
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(OffloadControlTestV1_1_HalNotStarted);
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(OffloadControlTestV1_1_HalStarted);
+
+INSTANTIATE_TEST_CASE_P(
+ PerInstance, OffloadControlTestV1_1_HalNotStarted,
+ testing::Combine(testing::ValuesIn(android::hardware::getAllHalInstanceNames(
+ IOffloadConfig::descriptor)),
+ testing::ValuesIn(android::hardware::getAllHalInstanceNames(
+ IOffloadControl::descriptor))),
+ android::hardware::PrintInstanceTupleNameToString<>);
+
+INSTANTIATE_TEST_CASE_P(
+ PerInstance, OffloadControlTestV1_1_HalStarted,
+ testing::Combine(testing::ValuesIn(android::hardware::getAllHalInstanceNames(
+ IOffloadConfig::descriptor)),
+ testing::ValuesIn(android::hardware::getAllHalInstanceNames(
+ IOffloadControl::descriptor))),
+ android::hardware::PrintInstanceTupleNameToString<>);
diff --git a/tetheroffload/control/1.1/vts/functional/include/OffloadControlTestV1_1.h b/tetheroffload/control/1.1/vts/functional/include/OffloadControlTestV1_1.h
new file mode 100644
index 0000000..a3bc1b4
--- /dev/null
+++ b/tetheroffload/control/1.1/vts/functional/include/OffloadControlTestV1_1.h
@@ -0,0 +1,99 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <OffloadControlTestV1_0.h>
+#include <android/hardware/tetheroffload/control/1.1/IOffloadControl.h>
+#include <android/hardware/tetheroffload/control/1.1/ITetheringOffloadCallback.h>
+#include <gtest/gtest.h>
+
+constexpr char kCallbackOnEvent_1_1[] = "onEvent_1_1";
+
+class TetheringOffloadCallbackArgsV1_1 {
+ public:
+ android::hardware::tetheroffload::control::V1_1::OffloadCallbackEvent last_event;
+};
+
+class OffloadControlTestV1_1_HalNotStarted : public OffloadControlTestV1_0_HalNotStarted {
+ public:
+ virtual sp<android::hardware::tetheroffload::control::V1_0::IOffloadControl> createControl(
+ const std::string& serviceName) override {
+ return android::hardware::tetheroffload::control::V1_1::IOffloadControl::getService(
+ serviceName);
+ };
+
+ void prepareControlHal() override {
+ control = createControl(std::get<1>(GetParam()));
+ ASSERT_NE(nullptr, control.get()) << "Could not get HIDL instance";
+
+ control_cb_1_1 = new TetheringOffloadCallbackV1_1();
+ ASSERT_NE(nullptr, control_cb_1_1.get()) << "Could not get offload callback";
+ };
+
+ void initOffload(const bool expected_result) override {
+ auto init_cb = [&](bool success, std::string errMsg) {
+ std::string msg = StringPrintf("Unexpectedly %s to init offload: %s",
+ success ? "succeeded" : "failed", errMsg.c_str());
+ ASSERT_EQ(expected_result, success) << msg;
+ };
+ auto control = getControlV1_1();
+ ASSERT_NE(control, nullptr);
+ const Return<void> ret = control->initOffload(control_cb_1_1, init_cb);
+ ASSERT_TRUE(ret.isOk());
+ };
+
+ sp<android::hardware::tetheroffload::control::V1_1::IOffloadControl> getControlV1_1() {
+ // The cast is safe since only devices with V1.1+ HAL will be enumerated and pass in to the
+ // test.
+ return android::hardware::tetheroffload::control::V1_1::IOffloadControl::castFrom(control)
+ .withDefault(nullptr);
+ };
+
+ // Callback class for both new events.
+ class TetheringOffloadCallbackV1_1
+ : public testing::VtsHalHidlTargetCallbackBase<TetheringOffloadCallbackArgsV1_1>,
+ public android::hardware::tetheroffload::control::V1_1::ITetheringOffloadCallback {
+ public:
+ Return<void> onEvent_1_1(
+ android::hardware::tetheroffload::control::V1_1::OffloadCallbackEvent event)
+ override {
+ const TetheringOffloadCallbackArgsV1_1 args{.last_event = event};
+ NotifyFromCallback(kCallbackOnEvent_1_1, args);
+ return Void();
+ };
+
+ Return<void> onEvent([[maybe_unused]] OffloadCallbackEvent event) override {
+ // Tested only in IOffloadControl 1.0.
+ return Void();
+ };
+
+ Return<void> updateTimeout([[maybe_unused]] const NatTimeoutUpdate& params) override {
+ // Tested only in IOffloadControl 1.0.
+ return Void();
+ };
+ };
+
+ sp<TetheringOffloadCallbackV1_1> control_cb_1_1;
+};
+
+class OffloadControlTestV1_1_HalStarted : public OffloadControlTestV1_1_HalNotStarted {
+ public:
+ virtual void SetUp() override {
+ setupConfigHal();
+ setupControlHal();
+ }
+};
\ No newline at end of file