Merge "Add ExcessPathInfo (hardware/interfaces)" into tm-dev
diff --git a/audio/aidl/OWNERS b/audio/aidl/OWNERS
new file mode 100644
index 0000000..f9a2d6b
--- /dev/null
+++ b/audio/aidl/OWNERS
@@ -0,0 +1,3 @@
+# Bug component: 48436
+elaurent@google.com
+mnaganov@google.com
diff --git a/audio/common/5.0/Android.bp b/audio/common/5.0/Android.bp
index c4f3d4c..fd8e85f 100644
--- a/audio/common/5.0/Android.bp
+++ b/audio/common/5.0/Android.bp
@@ -20,4 +20,8 @@
],
gen_java: true,
gen_java_constants: true,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.bluetooth",
+ ],
}
diff --git a/automotive/vehicle/aidl/android/hardware/automotive/vehicle/IVehicle.aidl b/automotive/vehicle/aidl/android/hardware/automotive/vehicle/IVehicle.aidl
index a947963..dc9b876 100644
--- a/automotive/vehicle/aidl/android/hardware/automotive/vehicle/IVehicle.aidl
+++ b/automotive/vehicle/aidl/android/hardware/automotive/vehicle/IVehicle.aidl
@@ -165,6 +165,11 @@
* a property set failure message sent from the vehicle bus.
* @param options List of options to subscribe. SubscribeOption contains
* information such as property Id, area Id, sample rate, etc.
+ * For continuous properties, sample rate must be provided. If sample
+ * rate is less than {@link VehiclePropConfig#minSampleRate}, the sample
+ * rate would be minSampleRate. If sample rate is larger than
+ * {@link VehiclePropValue#maxSampleRate}, the sample rate would be
+ * maxSampleRate.
* @param maxSharedMemoryFileCount The maximum number of shared memory files
* allocated for in VHAL for this subscription. When a memory file is
* handled back to the client, it cannot be used by VHAL to deliver
diff --git a/automotive/vehicle/aidl/impl/vhal/src/DefaultVehicleHal.cpp b/automotive/vehicle/aidl/impl/vhal/src/DefaultVehicleHal.cpp
index 886f897..76736d7 100644
--- a/automotive/vehicle/aidl/impl/vhal/src/DefaultVehicleHal.cpp
+++ b/automotive/vehicle/aidl/impl/vhal/src/DefaultVehicleHal.cpp
@@ -78,6 +78,16 @@
return str;
}
+float getDefaultSampleRate(float sampleRate, float minSampleRate, float maxSampleRate) {
+ if (sampleRate < minSampleRate) {
+ return minSampleRate;
+ }
+ if (sampleRate > maxSampleRate) {
+ return maxSampleRate;
+ }
+ return sampleRate;
+}
+
} // namespace
std::shared_ptr<SubscriptionClient> DefaultVehicleHal::SubscriptionClients::maybeAddClient(
@@ -617,9 +627,10 @@
float minSampleRate = config.minSampleRate;
float maxSampleRate = config.maxSampleRate;
if (sampleRate < minSampleRate || sampleRate > maxSampleRate) {
- return StatusError(StatusCode::INVALID_ARG)
- << StringPrintf("sample rate: %f out of range, must be within %f and %f",
- sampleRate, minSampleRate, maxSampleRate);
+ float defaultRate = getDefaultSampleRate(sampleRate, minSampleRate, maxSampleRate);
+ ALOGW("sample rate: %f out of range, must be within %f and %f, set to %f",
+ sampleRate, minSampleRate, maxSampleRate, defaultRate);
+ sampleRate = defaultRate;
}
if (!SubscriptionManager::checkSampleRate(sampleRate)) {
return StatusError(StatusCode::INVALID_ARG)
@@ -673,6 +684,8 @@
}
if (config.changeMode == VehiclePropertyChangeMode::CONTINUOUS) {
+ optionCopy.sampleRate = getDefaultSampleRate(
+ optionCopy.sampleRate, config.minSampleRate, config.maxSampleRate);
continuousSubscriptions.push_back(std::move(optionCopy));
} else {
onChangeSubscriptions.push_back(std::move(optionCopy));
diff --git a/automotive/vehicle/aidl/impl/vhal/test/DefaultVehicleHalTest.cpp b/automotive/vehicle/aidl/impl/vhal/test/DefaultVehicleHalTest.cpp
index 6f8eb1d..49f5b7e 100644
--- a/automotive/vehicle/aidl/impl/vhal/test/DefaultVehicleHalTest.cpp
+++ b/automotive/vehicle/aidl/impl/vhal/test/DefaultVehicleHalTest.cpp
@@ -197,14 +197,6 @@
},
},
{
- .name = "sample_rate_out_of_range",
- .option =
- {
- .propId = GLOBAL_CONTINUOUS_PROP,
- .sampleRate = 1000.0,
- },
- },
- {
.name = "static_property",
.option =
{
@@ -1360,6 +1352,51 @@
EXPECT_EQ(countClients(), static_cast<size_t>(1));
}
+TEST_F(DefaultVehicleHalTest, testSubscribeGlobalContinuousRateOutOfRange) {
+ VehiclePropValue testValue{
+ .prop = GLOBAL_CONTINUOUS_PROP,
+ .value.int32Values = {0},
+ };
+ // Set responses for all the hardware getValues requests.
+ getHardware()->setGetValueResponder(
+ [](std::shared_ptr<const IVehicleHardware::GetValuesCallback> callback,
+ const std::vector<GetValueRequest>& requests) {
+ std::vector<GetValueResult> results;
+ for (auto& request : requests) {
+ VehiclePropValue prop = request.prop;
+ prop.value.int32Values = {0};
+ results.push_back({
+ .requestId = request.requestId,
+ .status = StatusCode::OK,
+ .prop = prop,
+ });
+ }
+ (*callback)(results);
+ return StatusCode::OK;
+ });
+
+ // The maxSampleRate is 100, so the sample rate should be the default max 100.
+ std::vector<SubscribeOptions> options = {
+ {
+ .propId = GLOBAL_CONTINUOUS_PROP,
+ .sampleRate = 1000.0,
+ },
+ };
+
+ auto status = getClient()->subscribe(getCallbackClient(), options, 0);
+
+ ASSERT_TRUE(status.isOk()) << "subscribe failed: " << status.getMessage();
+
+ // Sleep for 1s, which should generate ~100 events.
+ std::this_thread::sleep_for(std::chrono::seconds(1));
+
+ size_t eventCount = getCallback()->countOnPropertyEventResults();
+ ASSERT_GE(eventCount, 50u) << "expect at least 50 events to be generated";
+ ASSERT_LE(eventCount, 150u) << "expect no more than 150 events to be generated";
+
+ EXPECT_EQ(countClients(), static_cast<size_t>(1));
+}
+
TEST_F(DefaultVehicleHalTest, testSubscribeAreaContinuous) {
// Set responses for all the hardware getValues requests.
getHardware()->setGetValueResponder(
diff --git a/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.cpp b/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.cpp
index 5e3e03c..0e46357 100644
--- a/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.cpp
+++ b/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.cpp
@@ -82,6 +82,11 @@
return pop(mOnPropertyEventResults);
}
+size_t MockVehicleCallback::countOnPropertyEventResults() {
+ std::scoped_lock<std::mutex> lockGuard(mLock);
+ return mOnPropertyEventResults.size();
+}
+
} // namespace vehicle
} // namespace automotive
} // namespace hardware
diff --git a/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.h b/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.h
index 03bfd5b..0faaa1f 100644
--- a/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.h
+++ b/automotive/vehicle/aidl/impl/vhal/test/MockVehicleCallback.h
@@ -62,6 +62,7 @@
nextSetValueResults();
std::optional<aidl::android::hardware::automotive::vehicle::VehiclePropValues>
nextOnPropertyEventResults();
+ size_t countOnPropertyEventResults();
private:
std::mutex mLock;
diff --git a/biometrics/face/aidl/android/hardware/biometrics/face/IFace.aidl b/biometrics/face/aidl/android/hardware/biometrics/face/IFace.aidl
index 4d7e59e..65c589f 100644
--- a/biometrics/face/aidl/android/hardware/biometrics/face/IFace.aidl
+++ b/biometrics/face/aidl/android/hardware/biometrics/face/IFace.aidl
@@ -46,6 +46,10 @@
* vold_prepare_subdirs.cpp). Implementations may store additional user-specific data, such as
* embeddings or templates, in StrongBox.
*
+ * During create session it is expected that the HAL will call linkToDeath with the callee's
+ * binder token. The recommended implementation is to close this session if the callee dies,
+ * to prevent subsequent createSession calls from failing.
+ *
* @param sensorId The sensorId for which this session is being created.
* @param userId The userId for which this session is being created.
* @param cb A callback to notify the framework about the session's events.
diff --git a/bluetooth/1.0/Android.bp b/bluetooth/1.0/Android.bp
index 8d023c0..20775dd 100644
--- a/bluetooth/1.0/Android.bp
+++ b/bluetooth/1.0/Android.bp
@@ -21,4 +21,8 @@
"android.hidl.base@1.0",
],
gen_java: true,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.bluetooth",
+ ],
}
diff --git a/bluetooth/1.1/Android.bp b/bluetooth/1.1/Android.bp
index 4feb28b..4ac2009 100644
--- a/bluetooth/1.1/Android.bp
+++ b/bluetooth/1.1/Android.bp
@@ -21,4 +21,8 @@
"android.hidl.base@1.0",
],
gen_java: true,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.bluetooth",
+ ],
}
diff --git a/bluetooth/a2dp/1.0/Android.bp b/bluetooth/a2dp/1.0/Android.bp
index 7f39d4f..20776dc 100644
--- a/bluetooth/a2dp/1.0/Android.bp
+++ b/bluetooth/a2dp/1.0/Android.bp
@@ -21,4 +21,8 @@
"android.hidl.base@1.0",
],
gen_java: false,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.bluetooth",
+ ],
}
diff --git a/bluetooth/audio/2.0/Android.bp b/bluetooth/audio/2.0/Android.bp
index dd39f9f..e4d48c1 100644
--- a/bluetooth/audio/2.0/Android.bp
+++ b/bluetooth/audio/2.0/Android.bp
@@ -24,4 +24,8 @@
"android.hidl.safe_union@1.0",
],
gen_java: false,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.bluetooth",
+ ],
}
diff --git a/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp b/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp
index 37ac967..cdee520 100644
--- a/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp
+++ b/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp
@@ -431,7 +431,9 @@
std::shared_ptr<PortStatusCallbacks> callback = observer.second;
LOG(INFO) << __func__
<< " - allowed=" << (allowed ? " allowed" : " disallowed");
- callback->low_latency_mode_allowed_cb_(cookie, allowed);
+ if (callback->low_latency_mode_allowed_cb_ != nullptr) {
+ callback->low_latency_mode_allowed_cb_(cookie, allowed);
+ }
}
}
diff --git a/broadcastradio/2.0/default/Android.bp b/broadcastradio/2.0/default/Android.bp
index 870c944..38eeb15 100644
--- a/broadcastradio/2.0/default/Android.bp
+++ b/broadcastradio/2.0/default/Android.bp
@@ -25,6 +25,9 @@
cc_binary {
name: "android.hardware.broadcastradio@2.0-service",
+ vintf_fragments: [
+ "android.hardware.broadcastradio@2.0-service.xml",
+ ],
init_rc: ["android.hardware.broadcastradio@2.0-service.rc"],
vendor: true,
relative_install_path: "hw",
@@ -41,7 +44,7 @@
"TunerSession.cpp",
"VirtualProgram.cpp",
"VirtualRadio.cpp",
- "service.cpp"
+ "service.cpp",
],
static_libs: [
"android.hardware.broadcastradio@common-utils-2x-lib",
diff --git a/broadcastradio/2.0/default/android.hardware.broadcastradio@2.0-service.xml b/broadcastradio/2.0/default/android.hardware.broadcastradio@2.0-service.xml
new file mode 100644
index 0000000..97f2e4d
--- /dev/null
+++ b/broadcastradio/2.0/default/android.hardware.broadcastradio@2.0-service.xml
@@ -0,0 +1,12 @@
+<manifest version="1.0" type="device">
+ <hal format="hidl">
+ <name>android.hardware.broadcastradio</name>
+ <transport>hwbinder</transport>
+ <version>2.0</version>
+ <interface>
+ <name>IBroadcastRadio</name>
+ <instance>amfm</instance>
+ <instance>dab</instance>
+ </interface>
+ </hal>
+</manifest>
diff --git a/camera/metadata/3.8/types.hal b/camera/metadata/3.8/types.hal
index 0683987..8cc6646 100644
--- a/camera/metadata/3.8/types.hal
+++ b/camera/metadata/3.8/types.hal
@@ -194,7 +194,7 @@
/** android.scaler.availableStreamUseCases enumeration values
* @see ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES
*/
-enum CameraMetadataEnumAndroidScalerAvailableStreamUseCases : uint32_t {
+enum CameraMetadataEnumAndroidScalerAvailableStreamUseCases : int64_t {
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT = 0x0,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW = 0x1,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_STILL_CAPTURE = 0x2,
diff --git a/camera/metadata/aidl/aidl_api/android.hardware.camera.metadata/current/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl b/camera/metadata/aidl/aidl_api/android.hardware.camera.metadata/current/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl
index 0ed55a3..bfa4f1a 100644
--- a/camera/metadata/aidl/aidl_api/android.hardware.camera.metadata/current/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl
+++ b/camera/metadata/aidl/aidl_api/android.hardware.camera.metadata/current/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl
@@ -36,7 +36,7 @@
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.camera.metadata;
-@Backing(type="int") @VintfStability
+@Backing(type="long") @VintfStability
enum ScalerAvailableStreamUseCases {
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT = 0,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW = 1,
diff --git a/camera/metadata/aidl/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl b/camera/metadata/aidl/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl
index 19ebab5..1b80032 100644
--- a/camera/metadata/aidl/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl
+++ b/camera/metadata/aidl/android/hardware/camera/metadata/ScalerAvailableStreamUseCases.aidl
@@ -27,7 +27,7 @@
* @see ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES
*/
@VintfStability
-@Backing(type="int")
+@Backing(type="long")
enum ScalerAvailableStreamUseCases {
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT = 0x0,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW = 0x1,
diff --git a/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp b/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp
index ab867cd..f89c71d 100644
--- a/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp
+++ b/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp
@@ -222,7 +222,7 @@
HIDDEN_SECURE_CAMERA
};
-const static std::vector<int32_t> kMandatoryUseCases = {
+const static std::vector<int64_t> kMandatoryUseCases = {
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_STILL_CAPTURE,
@@ -6995,16 +6995,16 @@
ASSERT_NE(0u, outputPreviewStreams.size());
// Combine valid and invalid stream use cases
- std::vector<int32_t> useCases(kMandatoryUseCases);
+ std::vector<int64_t> useCases(kMandatoryUseCases);
useCases.push_back(ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_CALL + 1);
- std::vector<int32_t> supportedUseCases;
+ std::vector<int64_t> supportedUseCases;
camera_metadata_ro_entry entry;
auto retcode = find_camera_metadata_ro_entry(staticMeta,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES, &entry);
if ((0 == retcode) && (entry.count > 0)) {
- supportedUseCases.insert(supportedUseCases.end(), entry.data.i32,
- entry.data.i32 + entry.count);
+ supportedUseCases.insert(supportedUseCases.end(), entry.data.i64,
+ entry.data.i64 + entry.count);
} else {
supportedUseCases.push_back(ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT);
}
@@ -7038,7 +7038,7 @@
});
ASSERT_TRUE(ret.isOk());
- for (int32_t useCase : useCases) {
+ for (int64_t useCase : useCases) {
bool useCaseSupported = std::find(supportedUseCases.begin(),
supportedUseCases.end(), useCase) != supportedUseCases.end();
@@ -9488,19 +9488,19 @@
if ((0 == retcode) && (entry.count > 0)) {
supportMandatoryUseCases = true;
for (size_t i = 0; i < kMandatoryUseCases.size(); i++) {
- if (std::find(entry.data.i32, entry.data.i32 + entry.count, kMandatoryUseCases[i])
- == entry.data.i32 + entry.count) {
+ if (std::find(entry.data.i64, entry.data.i64 + entry.count, kMandatoryUseCases[i])
+ == entry.data.i64 + entry.count) {
supportMandatoryUseCases = false;
break;
}
}
bool supportDefaultUseCase = false;
for (size_t i = 0; i < entry.count; i++) {
- if (entry.data.i32[i] == ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT) {
+ if (entry.data.i64[i] == ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT) {
supportDefaultUseCase = true;
}
- ASSERT_TRUE(entry.data.i32[i] <= ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_CALL ||
- entry.data.i32[i] >= ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VENDOR_START);
+ ASSERT_TRUE(entry.data.i64[i] <= ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_CALL ||
+ entry.data.i64[i] >= ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VENDOR_START);
}
ASSERT_TRUE(supportDefaultUseCase);
}
diff --git a/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp b/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp
index 463f5d1..af83578 100644
--- a/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp
+++ b/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp
@@ -50,7 +50,7 @@
const int64_t kEmptyFlushTimeoutMSec = 200;
-const static std::vector<int32_t> kMandatoryUseCases = {
+const static std::vector<int64_t> kMandatoryUseCases = {
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_STILL_CAPTURE,
@@ -2981,10 +2981,10 @@
ASSERT_NE(0u, outputPreviewStreams.size());
// Combine valid and invalid stream use cases
- std::vector<int32_t> useCases(kMandatoryUseCases);
+ std::vector<int64_t> useCases(kMandatoryUseCases);
useCases.push_back(ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_CALL + 1);
- std::vector<int32_t> supportedUseCases;
+ std::vector<int64_t> supportedUseCases;
camera_metadata_ro_entry entry;
auto retcode = find_camera_metadata_ro_entry(
staticMeta, ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES, &entry);
@@ -3020,7 +3020,7 @@
ASSERT_TRUE(ret.isOk());
config.sessionParams = req;
- for (int32_t useCase : useCases) {
+ for (int64_t useCase : useCases) {
bool useCaseSupported = std::find(supportedUseCases.begin(), supportedUseCases.end(),
useCase) != supportedUseCases.end();
diff --git a/camera/provider/aidl/vts/camera_aidl_test.cpp b/camera/provider/aidl/vts/camera_aidl_test.cpp
index ee0c691..fd83e37 100644
--- a/camera/provider/aidl/vts/camera_aidl_test.cpp
+++ b/camera/provider/aidl/vts/camera_aidl_test.cpp
@@ -120,7 +120,7 @@
return true;
}
-const std::vector<int32_t> kMandatoryUseCases = {
+const std::vector<int64_t> kMandatoryUseCases = {
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_PREVIEW,
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_STILL_CAPTURE,
@@ -328,19 +328,19 @@
if ((0 == retcode) && (entry.count > 0)) {
supportMandatoryUseCases = true;
for (size_t i = 0; i < kMandatoryUseCases.size(); i++) {
- if (std::find(entry.data.i32, entry.data.i32 + entry.count, kMandatoryUseCases[i]) ==
- entry.data.i32 + entry.count) {
+ if (std::find(entry.data.i64, entry.data.i64 + entry.count, kMandatoryUseCases[i]) ==
+ entry.data.i64 + entry.count) {
supportMandatoryUseCases = false;
break;
}
}
bool supportDefaultUseCase = false;
for (size_t i = 0; i < entry.count; i++) {
- if (entry.data.i32[i] == ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT) {
+ if (entry.data.i64[i] == ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_DEFAULT) {
supportDefaultUseCase = true;
}
- ASSERT_TRUE(entry.data.i32[i] <= ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_CALL ||
- entry.data.i32[i] >=
+ ASSERT_TRUE(entry.data.i64[i] <= ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VIDEO_CALL ||
+ entry.data.i64[i] >=
ANDROID_SCALER_AVAILABLE_STREAM_USE_CASES_VENDOR_START);
}
ASSERT_TRUE(supportDefaultUseCase);
diff --git a/graphics/bufferqueue/1.0/Android.bp b/graphics/bufferqueue/1.0/Android.bp
index c3d38d0..11559b2 100644
--- a/graphics/bufferqueue/1.0/Android.bp
+++ b/graphics/bufferqueue/1.0/Android.bp
@@ -27,6 +27,7 @@
gen_java: true,
apex_available: [
"//apex_available:platform",
+ "com.android.bluetooth",
"com.android.media",
"com.android.media.swcodec",
],
diff --git a/graphics/bufferqueue/2.0/Android.bp b/graphics/bufferqueue/2.0/Android.bp
index 33d9104..552daff 100644
--- a/graphics/bufferqueue/2.0/Android.bp
+++ b/graphics/bufferqueue/2.0/Android.bp
@@ -29,6 +29,7 @@
gen_java: true,
apex_available: [
"//apex_available:platform",
+ "com.android.bluetooth",
"com.android.media",
"com.android.media.swcodec",
],
diff --git a/graphics/common/1.0/Android.bp b/graphics/common/1.0/Android.bp
index ac158d9..19c51cd 100644
--- a/graphics/common/1.0/Android.bp
+++ b/graphics/common/1.0/Android.bp
@@ -23,6 +23,7 @@
gen_java_constants: true,
apex_available: [
"//apex_available:platform",
+ "com.android.bluetooth",
"com.android.media.swcodec",
"test_com.android.media.swcodec",
],
diff --git a/graphics/common/1.1/Android.bp b/graphics/common/1.1/Android.bp
index e45d6dd..0f1b5bf 100644
--- a/graphics/common/1.1/Android.bp
+++ b/graphics/common/1.1/Android.bp
@@ -26,6 +26,7 @@
gen_java_constants: true,
apex_available: [
"//apex_available:platform",
+ "com.android.bluetooth",
"com.android.media.swcodec",
"test_com.android.media.swcodec",
],
diff --git a/graphics/common/1.2/Android.bp b/graphics/common/1.2/Android.bp
index c23085d..ce3350d 100644
--- a/graphics/common/1.2/Android.bp
+++ b/graphics/common/1.2/Android.bp
@@ -27,6 +27,7 @@
gen_java_constants: true,
apex_available: [
"//apex_available:platform",
+ "com.android.bluetooth",
"com.android.media.swcodec",
"test_com.android.media.swcodec",
],
diff --git a/keymaster/3.0/vts/OWNERS b/keymaster/3.0/vts/OWNERS
index 376c12b..846bb84 100644
--- a/keymaster/3.0/vts/OWNERS
+++ b/keymaster/3.0/vts/OWNERS
@@ -1,3 +1,4 @@
+drysdale@google.com
jdanis@google.com
swillden@google.com
yim@google.com
diff --git a/keymaster/4.0/vts/OWNERS b/keymaster/4.0/vts/OWNERS
index abfb2e0..0d6fa6c 100644
--- a/keymaster/4.0/vts/OWNERS
+++ b/keymaster/4.0/vts/OWNERS
@@ -1,3 +1,4 @@
+drysdale@google.com
jbires@google.com
jdanis@google.com
swillden@google.com
diff --git a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
index 5c3576e..315a4bd 100644
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
@@ -445,12 +445,15 @@
void KeymasterHidlTest::CheckAesIncrementalEncryptOperation(BlockMode block_mode,
int message_size) {
- ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .AesEncryptionKey(128)
- .BlockMode(block_mode)
- .Padding(PaddingMode::NONE)
- .Authorization(TAG_MIN_MAC_LENGTH, 128)));
+ auto builder = AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AesEncryptionKey(128)
+ .BlockMode(block_mode)
+ .Padding(PaddingMode::NONE);
+ if (block_mode == BlockMode::GCM) {
+ builder.Authorization(TAG_MIN_MAC_LENGTH, 128);
+ }
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(builder));
for (int increment = 1; increment <= message_size; ++increment) {
string message(message_size, 'a');
diff --git a/keymaster/4.1/vts/OWNERS b/keymaster/4.1/vts/OWNERS
index 2b2ad2a..24ed042 100644
--- a/keymaster/4.1/vts/OWNERS
+++ b/keymaster/4.1/vts/OWNERS
@@ -1,3 +1,4 @@
+drysdale@google.com
jbires@google.com
jdanis@google.com
swillden@google.com
diff --git a/security/dice/aidl/default/Android.bp b/security/dice/aidl/default/Android.bp
new file mode 100644
index 0000000..b67a44a
--- /dev/null
+++ b/security/dice/aidl/default/Android.bp
@@ -0,0 +1,30 @@
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+rust_binary {
+ name: "android.hardware.security.dice-service.non-secure-software",
+ srcs: ["service.rs"],
+ relative_install_path: "hw",
+ vendor: true,
+ rustlibs: [
+ "android.hardware.security.dice-V1-rust",
+ "libdiced_open_dice_cbor",
+ "libdiced_sample_inputs",
+ "libdiced_vendor",
+ "libandroid_logger",
+ "libanyhow",
+ "libbinder_rs",
+ "liblog_rust",
+ "libserde",
+ ],
+ init_rc: ["android.hardware.security.dice-service.non-secure-software.rc"],
+ vintf_fragments: [
+ "android.hardware.security.dice-service.non-secure-software.xml",
+ ],
+}
diff --git a/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.rc b/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.rc
new file mode 100644
index 0000000..28e43c3
--- /dev/null
+++ b/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.rc
@@ -0,0 +1,9 @@
+service vendor.dice /vendor/bin/hw/android.hardware.security.dice-service.non-secure-software
+ class early_hal
+ user nobody
+ # The diced HAL cannot be allowed to restart. When it crashes for any reason.
+ # it loses security critical state. The only remedy is to restart the device.
+ # This may be implementation depended. It is safe to restart the HAL if the
+ # state change during a call to "demote" is is preserved.
+ # see android/hardware/security/dice/IDiceDevice.aidl for details on "demote".
+ oneshot
diff --git a/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.xml b/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.xml
new file mode 100644
index 0000000..94ef243
--- /dev/null
+++ b/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.xml
@@ -0,0 +1,6 @@
+<manifest version="1.0" type="device">
+ <hal format="aidl">
+ <name>android.hardware.security.dice</name>
+ <fqname>IDiceDevice/default</fqname>
+ </hal>
+</manifest>
\ No newline at end of file
diff --git a/security/dice/aidl/default/service.rs b/security/dice/aidl/default/service.rs
new file mode 100644
index 0000000..eebf333
--- /dev/null
+++ b/security/dice/aidl/default/service.rs
@@ -0,0 +1,107 @@
+// Copyright 2021, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Main entry point for the android.hardware.security.dice service.
+
+use anyhow::Result;
+use diced::{
+ dice,
+ hal_node::{DiceArtifacts, DiceDevice, ResidentHal, UpdatableDiceArtifacts},
+};
+use diced_sample_inputs::make_sample_bcc_and_cdis;
+use serde::{Deserialize, Serialize};
+use std::convert::TryInto;
+use std::panic;
+use std::sync::Arc;
+
+static DICE_HAL_SERVICE_NAME: &str = "android.hardware.security.dice.IDiceDevice/default";
+
+#[derive(Debug, Serialize, Deserialize, Clone)]
+struct InsecureSerializableArtifacts {
+ cdi_attest: [u8; dice::CDI_SIZE],
+ cdi_seal: [u8; dice::CDI_SIZE],
+ bcc: Vec<u8>,
+}
+
+impl DiceArtifacts for InsecureSerializableArtifacts {
+ fn cdi_attest(&self) -> &[u8; dice::CDI_SIZE] {
+ &self.cdi_attest
+ }
+ fn cdi_seal(&self) -> &[u8; dice::CDI_SIZE] {
+ &self.cdi_seal
+ }
+ fn bcc(&self) -> Vec<u8> {
+ self.bcc.clone()
+ }
+}
+
+impl UpdatableDiceArtifacts for InsecureSerializableArtifacts {
+ fn with_artifacts<F, T>(&self, f: F) -> Result<T>
+ where
+ F: FnOnce(&dyn DiceArtifacts) -> Result<T>,
+ {
+ f(self)
+ }
+ fn update(self, new_artifacts: &impl DiceArtifacts) -> Result<Self> {
+ Ok(Self {
+ cdi_attest: *new_artifacts.cdi_attest(),
+ cdi_seal: *new_artifacts.cdi_seal(),
+ bcc: new_artifacts.bcc(),
+ })
+ }
+}
+
+fn main() {
+ android_logger::init_once(
+ android_logger::Config::default()
+ .with_tag("android.hardware.security.dice")
+ .with_min_level(log::Level::Debug),
+ );
+ // Redirect panic messages to logcat.
+ panic::set_hook(Box::new(|panic_info| {
+ log::error!("{}", panic_info);
+ }));
+
+ // Saying hi.
+ log::info!("android.hardware.security.dice is starting.");
+
+ let (cdi_attest, cdi_seal, bcc) =
+ make_sample_bcc_and_cdis().expect("Failed to construct sample dice chain.");
+
+ let hal_impl = Arc::new(
+ unsafe {
+ // Safety: ResidentHal cannot be used in multi threaded processes.
+ // This service does not start a thread pool. The main thread is the only thread
+ // joining the thread pool, thereby keeping the process single threaded.
+ ResidentHal::new(InsecureSerializableArtifacts {
+ cdi_attest: cdi_attest[..]
+ .try_into()
+ .expect("Failed to convert cdi_attest to array reference."),
+ cdi_seal: cdi_seal[..]
+ .try_into()
+ .expect("Failed to convert cdi_seal to array reference."),
+ bcc,
+ })
+ }
+ .expect("Failed to create ResidentHal implementation."),
+ );
+
+ let hal = DiceDevice::new_as_binder(hal_impl).expect("Failed to construct hal service.");
+
+ binder::add_service(DICE_HAL_SERVICE_NAME, hal.as_binder())
+ .expect("Failed to register IDiceDevice Service");
+
+ log::info!("Joining thread pool now.");
+ binder::ProcessState::join_thread_pool();
+}
diff --git a/security/dice/aidl/vts/functional/Android.bp b/security/dice/aidl/vts/functional/Android.bp
new file mode 100644
index 0000000..f5bc949
--- /dev/null
+++ b/security/dice/aidl/vts/functional/Android.bp
@@ -0,0 +1,54 @@
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+rust_test {
+ name: "VtsAidlDiceTargetTest",
+ srcs: [
+ "dice_test.rs",
+ ],
+ require_root: true,
+ auto_gen_config: true,
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
+
+ rustlibs: [
+ "android.hardware.security.dice-V1-rust",
+ "libanyhow",
+ "libbinder_rs",
+ "libdiced_open_dice_cbor",
+ "libdiced_sample_inputs",
+ "libdiced_utils",
+ "libkeystore2_vintf_rust",
+ ],
+}
+
+rust_test {
+ name: "VtsAidlDiceDemoteTargetTest",
+ srcs: [
+ "dice_demote_test.rs",
+ ],
+
+ test_config: "VtsAidlDiceDemoteTargetTest.xml",
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
+
+ rustlibs: [
+ "android.hardware.security.dice-V1-rust",
+ "libanyhow",
+ "libbinder_rs",
+ "libdiced_open_dice_cbor",
+ "libdiced_sample_inputs",
+ "libdiced_utils",
+ "libkeystore2_vintf_rust",
+ ],
+}
diff --git a/security/dice/aidl/vts/functional/VtsAidlDiceDemoteTargetTest.xml b/security/dice/aidl/vts/functional/VtsAidlDiceDemoteTargetTest.xml
new file mode 100644
index 0000000..2991580
--- /dev/null
+++ b/security/dice/aidl/vts/functional/VtsAidlDiceDemoteTargetTest.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2019 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<configuration description="Config to run VtsAidlDiceDemoteTargetTest device tests.">
+
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer">
+ </target_preparer>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="cleanup" value="true" />
+ <option name="push" value="VtsAidlDiceDemoteTargetTest->/data/local/tmp/VtsAidlDiceDemoteTargetTest" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.rust.RustBinaryTest" >
+ <option name="test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="VtsAidlDiceDemoteTargetTest" />
+ </test>
+ <target_preparer class="com.android.tradefed.targetprep.RebootTargetPreparer" />
+
+</configuration>
\ No newline at end of file
diff --git a/security/dice/aidl/vts/functional/dice_demote_test.rs b/security/dice/aidl/vts/functional/dice_demote_test.rs
new file mode 100644
index 0000000..02ff2a4
--- /dev/null
+++ b/security/dice/aidl/vts/functional/dice_demote_test.rs
@@ -0,0 +1,67 @@
+// Copyright 2021, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use diced_open_dice_cbor as dice;
+use diced_sample_inputs;
+use diced_utils;
+use std::convert::TryInto;
+
+mod utils;
+use utils::with_connection;
+
+// This test calls derive with an empty argument vector, then demotes the HAL using
+// a set of three input values, and then calls derive with empty argument vector again.
+// It then performs the same three derivation steps on the result of the former and compares
+// the result to the result of the latter.
+#[test]
+fn demote_test() {
+ with_connection(|device| {
+ let input_values = diced_sample_inputs::get_input_values_vector();
+ let former = device.derive(&[]).expect("Trying to call derive.");
+ device
+ .demote(&input_values)
+ .expect("Trying to call demote with input values.");
+
+ let latter = device
+ .derive(&[])
+ .expect("Trying to call derive after demote.");
+
+ let artifacts = diced_utils::ResidentArtifacts::new(
+ former.cdiAttest[..].try_into().unwrap(),
+ former.cdiSeal[..].try_into().unwrap(),
+ &former.bcc.data,
+ )
+ .unwrap();
+
+ let input_values: Vec<diced_utils::InputValues> = input_values
+ .iter()
+ .map(|v| v.into())
+ .collect();
+
+ let artifacts = artifacts
+ .execute_steps(input_values.iter().map(|v| v as &dyn dice::InputValues))
+ .unwrap();
+ let (cdi_attest, cdi_seal, bcc) = artifacts.into_tuple();
+ let from_former = diced_utils::make_bcc_handover(
+ cdi_attest[..].try_into().unwrap(),
+ cdi_seal[..].try_into().unwrap(),
+ &bcc,
+ )
+ .unwrap();
+ // TODO b/204938506 when we have a parser/verifier, check equivalence rather
+ // than bit by bit equality.
+ assert_eq!(latter, from_former);
+ Ok(())
+ })
+}
diff --git a/security/dice/aidl/vts/functional/dice_test.rs b/security/dice/aidl/vts/functional/dice_test.rs
new file mode 100644
index 0000000..574b634
--- /dev/null
+++ b/security/dice/aidl/vts/functional/dice_test.rs
@@ -0,0 +1,82 @@
+// Copyright 2021, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use diced_open_dice_cbor as dice;
+use diced_sample_inputs;
+use diced_utils;
+use std::convert::{TryInto, Into};
+
+mod utils;
+use utils::with_connection;
+
+static TEST_MESSAGE: &[u8] = &[
+ // "My test message!"
+ 0x4d, 0x79, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x21,
+ 0x0a,
+];
+
+// This test calls derive with an empty argument vector and with a set of three input values.
+// It then performs the same three derivation steps on the result of the former and compares
+// the result to the result of the latter.
+#[test]
+fn equivalence_test() {
+ with_connection(|device| {
+ let input_values = diced_sample_inputs::get_input_values_vector();
+ let former = device.derive(&[]).expect("Trying to call derive.");
+ let latter = device
+ .derive(&input_values)
+ .expect("Trying to call derive with input values.");
+ let artifacts = diced_utils::ResidentArtifacts::new(
+ former.cdiAttest[..].try_into().unwrap(),
+ former.cdiSeal[..].try_into().unwrap(),
+ &former.bcc.data,
+ )
+ .unwrap();
+
+ let input_values: Vec<diced_utils::InputValues> = input_values
+ .iter()
+ .map(|v| v.into())
+ .collect();
+
+ let artifacts = artifacts
+ .execute_steps(input_values.iter().map(|v| v as &dyn dice::InputValues))
+ .unwrap();
+ let (cdi_attest, cdi_seal, bcc) = artifacts.into_tuple();
+ let from_former = diced_utils::make_bcc_handover(
+ cdi_attest[..].try_into().unwrap(),
+ cdi_seal[..].try_into().unwrap(),
+ &bcc,
+ )
+ .unwrap();
+ // TODO b/204938506 when we have a parser/verifier, check equivalence rather
+ // than bit by bit equality.
+ assert_eq!(latter, from_former);
+ Ok(())
+ })
+}
+
+#[test]
+fn sign_and_verify() {
+ with_connection(|device| {
+ let _signature = device
+ .sign(&[], TEST_MESSAGE)
+ .expect("Trying to call sign.");
+
+ let _bcc = device
+ .getAttestationChain(&[])
+ .expect("Trying to call getAttestationChain.");
+ // TODO b/204938506 check the signature with the bcc when the verifier is available.
+ Ok(())
+ })
+}
diff --git a/security/dice/aidl/vts/functional/utils.rs b/security/dice/aidl/vts/functional/utils.rs
new file mode 100644
index 0000000..4e6708e
--- /dev/null
+++ b/security/dice/aidl/vts/functional/utils.rs
@@ -0,0 +1,53 @@
+// Copyright 2021, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use android_hardware_security_dice::aidl::android::hardware::security::dice::IDiceDevice::IDiceDevice;
+use anyhow::Result;
+use binder::Strong;
+use keystore2_vintf::get_aidl_instances;
+use std::sync::Arc;
+
+static DICE_DEVICE_SERVICE_NAME: &str = &"android.hardware.security.dice";
+static DICE_DEVICE_INTERFACE_NAME: &str = &"IDiceDevice";
+
+/// This function iterates through all announced IDiceDevice services and runs the given test
+/// closure against connections to each of them. It also modifies the panic hook to indicate
+/// on which instance the test failed in case the test closure panics.
+pub fn with_connection<R, F>(test: F)
+where
+ F: Fn(&Strong<dyn IDiceDevice>) -> Result<R>,
+{
+ let instances = get_aidl_instances(DICE_DEVICE_SERVICE_NAME, 1, DICE_DEVICE_INTERFACE_NAME);
+ let panic_hook = Arc::new(std::panic::take_hook());
+ for i in instances.into_iter() {
+ let panic_hook_clone = panic_hook.clone();
+ let instance_clone = i.clone();
+ std::panic::set_hook(Box::new(move |v| {
+ println!("While testing instance: \"{}\"", instance_clone);
+ panic_hook_clone(v)
+ }));
+ let connection: Strong<dyn IDiceDevice> = binder::get_interface(&format!(
+ "{}.{}/{}",
+ DICE_DEVICE_SERVICE_NAME, DICE_DEVICE_INTERFACE_NAME, i
+ ))
+ .unwrap();
+ test(&connection).unwrap();
+ drop(std::panic::take_hook());
+ }
+ // Cannot call unwrap here because the panic hook is not Debug.
+ std::panic::set_hook(match Arc::try_unwrap(panic_hook) {
+ Ok(hook) => hook,
+ _ => panic!("Failed to unwrap and reset previous panic hook."),
+ })
+}
diff --git a/security/keymint/aidl/default/android.hardware.hardware_keystore.xml b/security/keymint/aidl/default/android.hardware.hardware_keystore.xml
index e5a9345..2ebf1fe 100644
--- a/security/keymint/aidl/default/android.hardware.hardware_keystore.xml
+++ b/security/keymint/aidl/default/android.hardware.hardware_keystore.xml
@@ -14,5 +14,5 @@
limitations under the License.
-->
<permissions>
- <feature name="android.hardware.hardware_keystore" version="100" />
+ <feature name="android.hardware.hardware_keystore" version="200" />
</permissions>
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index c17a0b8..c174c02 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -667,12 +667,15 @@
void KeyMintAidlTestBase::CheckAesIncrementalEncryptOperation(BlockMode block_mode,
int message_size) {
- ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .AesEncryptionKey(128)
- .BlockMode(block_mode)
- .Padding(PaddingMode::NONE)
- .Authorization(TAG_MIN_MAC_LENGTH, 128)));
+ auto builder = AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AesEncryptionKey(128)
+ .BlockMode(block_mode)
+ .Padding(PaddingMode::NONE);
+ if (block_mode == BlockMode::GCM) {
+ builder.Authorization(TAG_MIN_MAC_LENGTH, 128);
+ }
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(builder));
for (int increment = 1; increment <= message_size; ++increment) {
string message(message_size, 'a');
diff --git a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
index 2e90e78..4341aa1 100644
--- a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -363,7 +363,7 @@
void generateTestEekChain(size_t eekLength) {
auto chain = generateEekChain(rpcHardwareInfo.supportedEekCurve, eekLength, eekId_);
- EXPECT_TRUE(chain) << chain.message();
+ ASSERT_TRUE(chain) << chain.message();
if (chain) testEekChain_ = chain.moveValue();
testEekLength_ = eekLength;
}
@@ -669,7 +669,9 @@
TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_testMode) {
bool testMode = true;
generateKeys(testMode, 1 /* numKeys */);
- MacedPublicKey keyWithCorruptMac = corrupt_maced_key(keysToSign_[0]).moveValue();
+ auto result = corrupt_maced_key(keysToSign_[0]);
+ ASSERT_TRUE(result) << result.moveMessage();
+ MacedPublicKey keyWithCorruptMac = result.moveValue();
bytevec keysToSignMac;
DeviceInfo deviceInfo;
@@ -688,7 +690,9 @@
TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_prodMode) {
bool testMode = false;
generateKeys(testMode, 1 /* numKeys */);
- MacedPublicKey keyWithCorruptMac = corrupt_maced_key(keysToSign_[0]).moveValue();
+ auto result = corrupt_maced_key(keysToSign_[0]);
+ ASSERT_TRUE(result) << result.moveMessage();
+ MacedPublicKey keyWithCorruptMac = result.moveValue();
bytevec keysToSignMac;
DeviceInfo deviceInfo;
diff --git a/security/keymint/support/include/remote_prov/remote_prov_utils.h b/security/keymint/support/include/remote_prov/remote_prov_utils.h
index 1d3abe5..f3b8608 100644
--- a/security/keymint/support/include/remote_prov/remote_prov_utils.h
+++ b/security/keymint/support/include/remote_prov/remote_prov_utils.h
@@ -124,17 +124,19 @@
};
/**
- * Take a given certificate request and output a JSON blob containing both the
- * build fingerprint and certificate request. This data may be serialized, then
- * later uploaded to the remote provisioning service. The input csr is not
- * validated, only encoded.
+ * Take a given instance name and certificate request, then output a JSON blob
+ * containing the name, build fingerprint and certificate request. This data may
+ * be serialized, then later uploaded to the remote provisioning service. The
+ * input csr is not validated, only encoded.
*
* Output format:
* {
* "build_fingerprint": <string>
* "csr": <base64 CBOR CSR>
+ * "name": <string>
* }
*/
-JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr);
+JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name,
+ const cppbor::Array& csr);
} // namespace aidl::android::hardware::security::keymint::remote_prov
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 0776282..0dbea5b 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -225,7 +225,7 @@
bytevec prev_priv_key;
for (size_t i = 0; i < length - 1; ++i) {
auto keyPair = generateKeyPair(supportedEekCurve, false);
- if (!keyPair) keyPair.moveMessage();
+ if (!keyPair) return keyPair.moveMessage();
auto [pub_key, priv_key] = keyPair.moveValue();
// The first signing key is self-signed.
@@ -242,7 +242,7 @@
prev_priv_key = priv_key;
}
auto keyPair = generateKeyPair(supportedEekCurve, true);
- if (!keyPair) keyPair.moveMessage();
+ if (!keyPair) return keyPair.moveMessage();
auto [pub_key, priv_key] = keyPair.moveValue();
auto coseKey = constructCoseKey(supportedEekCurve, eekId, pub_key);
@@ -408,7 +408,7 @@
return result;
}
-JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) {
+JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, const cppbor::Array& csr) {
const std::string kFingerprintProp = "ro.build.fingerprint";
if (!::android::base::WaitForPropertyCreation(kFingerprintProp)) {
@@ -432,6 +432,7 @@
}
Json::Value json(Json::objectValue);
+ json["name"] = instance_name;
json["build_fingerprint"] = ::android::base::GetProperty(kFingerprintProp, /*default=*/"");
json["csr"] = base64.data(); // Boring writes a NUL-terminated c-string
diff --git a/security/keymint/support/remote_prov_utils_test.cpp b/security/keymint/support/remote_prov_utils_test.cpp
index e1c4467..0250cd6 100644
--- a/security/keymint/support/remote_prov_utils_test.cpp
+++ b/security/keymint/support/remote_prov_utils_test.cpp
@@ -185,13 +185,13 @@
cppbor::Array array;
array.add(1);
- auto [json, error] = jsonEncodeCsrWithBuild(array);
+ auto [json, error] = jsonEncodeCsrWithBuild(std::string("test"), array);
ASSERT_TRUE(error.empty()) << error;
std::string expected = R"({"build_fingerprint":")" +
::android::base::GetProperty("ro.build.fingerprint", /*default=*/"") +
- R"(","csr":"gQE="})";
+ R"(","csr":"gQE=","name":"test"})";
ASSERT_EQ(json, expected);
}
diff --git a/sensors/aidl/default/multihal/ConvertUtils.cpp b/sensors/aidl/default/multihal/ConvertUtils.cpp
index 7751fd2..9b2d8fe 100644
--- a/sensors/aidl/default/multihal/ConvertUtils.cpp
+++ b/sensors/aidl/default/multihal/ConvertUtils.cpp
@@ -173,7 +173,7 @@
}
default:
ALOGE("Invalid sensor additioanl info tag: %d",
- additionalInfo.payload.getTag());
+ static_cast<int32_t>(additionalInfo.payload.getTag()));
break;
}
break;
diff --git a/vibrator/aidl/Android.bp b/vibrator/aidl/Android.bp
index 22219b0..d4d5857 100644
--- a/vibrator/aidl/Android.bp
+++ b/vibrator/aidl/Android.bp
@@ -10,6 +10,7 @@
aidl_interface {
name: "android.hardware.vibrator",
vendor_available: true,
+ host_supported: true,
srcs: [
"android/hardware/vibrator/*.aidl",
],
diff --git a/vibrator/aidl/default/Android.bp b/vibrator/aidl/default/Android.bp
index 2e12dfb..acdbdcd 100644
--- a/vibrator/aidl/default/Android.bp
+++ b/vibrator/aidl/default/Android.bp
@@ -9,7 +9,8 @@
cc_library_static {
name: "libvibratorexampleimpl",
- vendor: true,
+ vendor_available: true,
+ host_supported: true,
shared_libs: [
"libbase",
"libbinder_ndk",
@@ -24,6 +25,11 @@
":__subpackages__",
"//hardware/interfaces/tests/extension/vibrator:__subpackages__",
],
+ target: {
+ darwin: {
+ enabled: false,
+ },
+ },
}
filegroup {
@@ -47,3 +53,40 @@
],
srcs: ["main.cpp"],
}
+
+cc_fuzz {
+ name: "android.hardware.vibrator-service.example_fuzzer",
+ host_supported: true,
+ static_libs: [
+ "android.hardware.vibrator-V2-ndk",
+ "libbase",
+ "libbinder_random_parcel",
+ "libcutils",
+ "liblog",
+ "libutils",
+ "libvibratorexampleimpl",
+ ],
+ target: {
+ android: {
+ shared_libs: [
+ "libbinder_ndk",
+ "libbinder",
+ ],
+ },
+ host: {
+ static_libs: [
+ "libbinder_ndk",
+ "libbinder",
+ ],
+ },
+ darwin: {
+ enabled: false,
+ },
+ },
+ srcs: ["fuzzer.cpp"],
+ fuzz_config: {
+ cc: [
+ "smoreland@google.com",
+ ],
+ },
+}
diff --git a/vibrator/aidl/default/fuzzer.cpp b/vibrator/aidl/default/fuzzer.cpp
new file mode 100644
index 0000000..7d52209
--- /dev/null
+++ b/vibrator/aidl/default/fuzzer.cpp
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <fuzzbinder/libbinder_ndk_driver.h>
+#include <fuzzer/FuzzedDataProvider.h>
+#include <vibrator-impl/Vibrator.h>
+#include <vibrator-impl/VibratorManager.h>
+
+using aidl::android::hardware::vibrator::Vibrator;
+using aidl::android::hardware::vibrator::VibratorManager;
+using android::fuzzService;
+using ndk::SharedRefBase;
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ auto managedVib = SharedRefBase::make<Vibrator>();
+ auto vibManager = SharedRefBase::make<VibratorManager>(std::move(managedVib));
+
+ fuzzService(vibManager->asBinder().get(), FuzzedDataProvider(data, size));
+
+ return 0;
+}