Merge "Explicit init .rc user."
diff --git a/compatibility_matrices/compatibility_matrix.8.xml b/compatibility_matrices/compatibility_matrix.8.xml
index f5a1b20..93beb92 100644
--- a/compatibility_matrices/compatibility_matrix.8.xml
+++ b/compatibility_matrices/compatibility_matrix.8.xml
@@ -1,5 +1,5 @@
<compatibility-matrix version="1.0" type="framework" level="8">
- <hal format="hidl" optional="false">
+ <hal format="hidl" optional="true">
<name>android.hardware.audio</name>
<version>6.0</version>
<version>7.0-1</version>
@@ -347,7 +347,7 @@
<instance>default</instance>
</interface>
</hal>
- <hal format="aidl" optional="false">
+ <hal format="aidl" optional="true">
<name>android.hardware.health</name>
<version>1-2</version>
<interface>
@@ -485,7 +485,7 @@
<instance>default</instance>
</interface>
</hal>
- <hal format="aidl" optional="false">
+ <hal format="aidl" optional="true">
<name>android.hardware.power</name>
<version>2-3</version>
<interface>
diff --git a/radio/aidl/vts/radio_data_test.cpp b/radio/aidl/vts/radio_data_test.cpp
index 1cc6a36..aa6ac88 100644
--- a/radio/aidl/vts/radio_data_test.cpp
+++ b/radio/aidl/vts/radio_data_test.cpp
@@ -233,14 +233,10 @@
EXPECT_EQ(std::cv_status::no_timeout, wait());
EXPECT_EQ(RadioResponseType::SOLICITED, radioRsp_data->rspInfo.type);
EXPECT_EQ(serial, radioRsp_data->rspInfo.serial);
- if (getRadioHalCapabilities()) {
- ASSERT_TRUE(CheckAnyOfErrors(radioRsp_data->rspInfo.error,
- {RadioError::REQUEST_NOT_SUPPORTED}));
- } else {
- ASSERT_TRUE(CheckAnyOfErrors(radioRsp_data->rspInfo.error,
- {RadioError::NONE, RadioError::RADIO_NOT_AVAILABLE,
- RadioError::INTERNAL_ERR, RadioError::MODEM_ERR}));
- }
+ ASSERT_TRUE(CheckAnyOfErrors(radioRsp_data->rspInfo.error,
+ {RadioError::NONE, RadioError::RADIO_NOT_AVAILABLE,
+ RadioError::INTERNAL_ERR, RadioError::MODEM_ERR,
+ RadioError::REQUEST_NOT_SUPPORTED}));
}
/*
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 8ffc179..e759123 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -1019,12 +1019,8 @@
.Authorization(TAG_ATTESTATION_ID_MANUFACTURER, "malformed-manufacturer")
.Authorization(TAG_ATTESTATION_ID_MODEL, "malicious-model");
- // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation.
- if (SecLevel() != SecurityLevel::STRONGBOX) {
- if (isSecondImeiIdAttestationRequired()) {
- attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI,
- "invalid-second-imei");
- }
+ if (isSecondImeiIdAttestationRequired()) {
+ attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-second-imei");
}
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
@@ -1061,11 +1057,6 @@
GTEST_SKIP() << "Test not applicable under GSI";
}
- // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- GTEST_SKIP() << "Test not applicable for SecurityLevel::STRONGBOX";
- }
-
// Skip the test if there is no second IMEI exists.
string second_imei = get_imei(1);
if (second_imei.empty() || second_imei.compare("null") == 0) {
@@ -1144,11 +1135,6 @@
GTEST_SKIP() << "Test not applicable under GSI";
}
- // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- GTEST_SKIP() << "Test not applicable for SecurityLevel::STRONGBOX";
- }
-
// Skip the test if there is no first IMEI exists.
string imei = get_imei(0);
if (imei.empty() || imei.compare("null") == 0) {
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 63b2e73..e99149b 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -3118,9 +3118,6 @@
* presented.
*/
TEST_P(SigningOperationsTest, NoUserConfirmation) {
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- GTEST_SKIP() << "Test not applicable to StrongBox device";
- }
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.RsaSigningKey(1024, 65537)
.Digest(Digest::NONE)
@@ -7825,10 +7822,6 @@
* in hardware.
*/
TEST_P(UsageCountLimitTest, TestSingleUseKeyAndRollbackResistance) {
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- GTEST_SKIP() << "Test not applicable to StrongBox device";
- }
-
auto error = GenerateKey(AuthorizationSetBuilder()
.RsaSigningKey(2048, 65537)
.Digest(Digest::NONE)
diff --git a/security/rkp/CHANGELOG.md b/security/rkp/CHANGELOG.md
index f425284..6593ab2 100644
--- a/security/rkp/CHANGELOG.md
+++ b/security/rkp/CHANGELOG.md
@@ -42,6 +42,7 @@
`AuthenticatedRequest<T>` object representing the top level data required to authenticate
the data provided in the payload, `T`.
* The new CSR format supports P-384 signing keys and SHA-384 hashes in the DICE chain.
+ * The component version can now be either an int or a string.
* RpcHardwareInfo
* `supportedNumKeysInCsr` added to report the maximum number of keys supported in a CSR.
* `supportedEekCurve` is no longer used, due to the removal of the EEK from the scheme.
diff --git a/security/rkp/README.md b/security/rkp/README.md
index 9090ac5..01c90a8 100644
--- a/security/rkp/README.md
+++ b/security/rkp/README.md
@@ -302,7 +302,7 @@
| ----------------- | ------ | ---------- | ----------------------------------|
| Component name | -70002 | tstr | Name of firmware component / boot |
: : : : stage :
-| Component version | -70003 | int | Version of firmware component / |
+| Component version | -70003 | int / tstr | Version of firmware component / |
: : : : boot stage :
| Resettable | -70004 | null | If present, key changes on factory|
: : : : reset :
diff --git a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
index 7960c7f..f714f1a 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
+++ b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
@@ -421,7 +421,7 @@
* ? -4670547 : bstr, ; Configuration Hash
* -4670548 : bstr .cbor { ; Configuration Descriptor
* ? -70002 : tstr, ; Component name
- * ? -70003 : int, ; Firmware version
+ * ? -70003 : int / tstr, ; Component version
* ? -70004 : null, ; Resettable
* },
* -4670549 : bstr, ; Authority Hash
diff --git a/uwb/aidl/aidl_api/android.hardware.uwb.fira_android/current/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl b/uwb/aidl/aidl_api/android.hardware.uwb.fira_android/current/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl
index 0cc01c5..25d704e 100644
--- a/uwb/aidl/aidl_api/android.hardware.uwb.fira_android/current/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl
+++ b/uwb/aidl/aidl_api/android.hardware.uwb.fira_android/current/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl
@@ -44,6 +44,7 @@
CCC_SUPPORTED_PULSE_SHAPE_COMBOS = 166,
CCC_SUPPORTED_RAN_MULTIPLIER = 167,
CCC_SUPPORTED_MAX_RANGING_SESSION_NUMBER = 168,
+ CCC_SUPPORTED_MIN_UWB_INITIATION_TIME_MS = 169,
SUPPORTED_AOA_RESULT_REQ_ANTENNA_INTERLEAVING = 227,
SUPPORTED_MIN_RANGING_INTERVAL_MS = 228,
SUPPORTED_RANGE_DATA_NTF_CONFIG = 229,
diff --git a/uwb/aidl/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl b/uwb/aidl/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl
index 891b6f0..22b7bfe 100644
--- a/uwb/aidl/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl
+++ b/uwb/aidl/android/hardware/uwb/fira_android/UwbVendorCapabilityTlvTypes.aidl
@@ -144,6 +144,11 @@
*/
CCC_SUPPORTED_MAX_RANGING_SESSION_NUMBER = 0xA8,
+ /**
+ * Int value to indicate the smallest supported CCC uwb initiation time in ms
+ */
+ CCC_SUPPORTED_MIN_UWB_INITIATION_TIME_MS = 0xA9,
+
/*********************************************
* FIRA specific
********************************************/