Merge "Add test in VTS MapperV4 for YCbCr_P010"
diff --git a/audio/common/all-versions/default/service/service.cpp b/audio/common/all-versions/default/service/service.cpp
index bbc14ad..898c22d 100644
--- a/audio/common/all-versions/default/service/service.cpp
+++ b/audio/common/all-versions/default/service/service.cpp
@@ -16,6 +16,7 @@
#define LOG_TAG "audiohalservice"
+#include <signal.h>
#include <string>
#include <vector>
@@ -45,6 +46,8 @@
}
int main(int /* argc */, char* /* argv */ []) {
+ signal(SIGPIPE, SIG_IGN);
+
::android::ProcessState::initWithDriver("/dev/vndbinder");
// start a threadpool for vndbinder interactions
::android::ProcessState::self()->startThreadPool();
diff --git a/automotive/vehicle/2.0/vts/functional/VtsHalAutomotiveVehicleV2_0TargetTest.cpp b/automotive/vehicle/2.0/vts/functional/VtsHalAutomotiveVehicleV2_0TargetTest.cpp
index 4ac0aa5..8adec84 100644
--- a/automotive/vehicle/2.0/vts/functional/VtsHalAutomotiveVehicleV2_0TargetTest.cpp
+++ b/automotive/vehicle/2.0/vts/functional/VtsHalAutomotiveVehicleV2_0TargetTest.cpp
@@ -18,6 +18,7 @@
#include <android/hardware/automotive/vehicle/2.0/IVehicle.h>
#include <utils/Log.h>
+#include <unordered_set>
#include <gtest/gtest.h>
#include <hidl/GtestPrinter.h>
@@ -184,20 +185,34 @@
TEST_P(VehicleHalHidlTest, setProp) {
ALOGD("VehicleHalHidlTest::setProp");
hidl_vec<VehiclePropConfig> propConfigs;
+ // skip hvac related properties
+ std::unordered_set<int32_t> hvacProps = {(int)VehicleProperty::HVAC_DEFROSTER,
+ (int)VehicleProperty::HVAC_AC_ON,
+ (int)VehicleProperty::HVAC_MAX_AC_ON,
+ (int)VehicleProperty::HVAC_MAX_DEFROST_ON,
+ (int)VehicleProperty::HVAC_RECIRC_ON,
+ (int)VehicleProperty::HVAC_DUAL_ON,
+ (int)VehicleProperty::HVAC_AUTO_ON,
+ (int)VehicleProperty::HVAC_POWER_ON,
+ (int)VehicleProperty::HVAC_AUTO_RECIRC_ON,
+ (int)VehicleProperty::HVAC_ELECTRIC_DEFROSTER_ON};
mVehicle->getAllPropConfigs(
[&propConfigs](const hidl_vec<VehiclePropConfig>& cfgs) { propConfigs = cfgs; });
for (const VehiclePropConfig& cfg : propConfigs) {
// test on boolean and writable property
- if (cfg.access == VehiclePropertyAccess::READ_WRITE && isBooleanGlobalProp(cfg.prop)) {
+ if (cfg.access == VehiclePropertyAccess::READ_WRITE && isBooleanGlobalProp(cfg.prop) &&
+ !hvacProps.count(cfg.prop)) {
invokeGet(cfg.prop, 0);
int setValue = mActualValue.value.int32Values[0] == 1 ? 0 : 1;
VehiclePropValue propToSet = mActualValue;
propToSet.value.int32Values[0] = setValue;
- ASSERT_EQ(StatusCode::OK, mVehicle->set(propToSet));
+ ASSERT_EQ(StatusCode::OK, mVehicle->set(propToSet))
+ << "Invalid status code for setting property: " << cfg.prop;
// check set success
invokeGet(cfg.prop, 0);
ASSERT_EQ(StatusCode::OK, mActualStatusCode);
- ASSERT_EQ(setValue, mActualValue.value.int32Values[0]);
+ ASSERT_EQ(setValue, mActualValue.value.int32Values[0])
+ << "Failed to set value for property: " << cfg.prop;
}
}
}
diff --git a/biometrics/face/1.0/default/android.hardware.biometrics.face@1.0-service.rc b/biometrics/face/1.0/default/android.hardware.biometrics.face@1.0-service.rc
index 6c7362f..3fb827d 100644
--- a/biometrics/face/1.0/default/android.hardware.biometrics.face@1.0-service.rc
+++ b/biometrics/face/1.0/default/android.hardware.biometrics.face@1.0-service.rc
@@ -5,6 +5,6 @@
class late_start
user system
group system
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
capabilities SYS_NICE
rlimit rtprio 10 10
diff --git a/biometrics/fingerprint/2.1/default/android.hardware.biometrics.fingerprint@2.1-service.rc b/biometrics/fingerprint/2.1/default/android.hardware.biometrics.fingerprint@2.1-service.rc
index 1667677..e7e8d30 100644
--- a/biometrics/fingerprint/2.1/default/android.hardware.biometrics.fingerprint@2.1-service.rc
+++ b/biometrics/fingerprint/2.1/default/android.hardware.biometrics.fingerprint@2.1-service.rc
@@ -5,4 +5,4 @@
class late_start
user system
group system input uhid
- writepid /dev/cpuset/system-background/tasks
+ task_profiles ServiceCapacityLow
diff --git a/biometrics/fingerprint/2.2/default/Android.bp b/biometrics/fingerprint/2.2/default/Android.bp
index f4fb57f..2d262f0 100644
--- a/biometrics/fingerprint/2.2/default/Android.bp
+++ b/biometrics/fingerprint/2.2/default/Android.bp
@@ -25,6 +25,7 @@
"libhidlbase",
"libhardware",
"libutils",
+ "android.hardware.biometrics.fingerprint@2.1",
"android.hardware.biometrics.fingerprint@2.2",
],
diff --git a/cas/1.0/default/android.hardware.cas@1.0-service-lazy.rc b/cas/1.0/default/android.hardware.cas@1.0-service-lazy.rc
index 443549a..622ee8f 100644
--- a/cas/1.0/default/android.hardware.cas@1.0-service-lazy.rc
+++ b/cas/1.0/default/android.hardware.cas@1.0-service-lazy.rc
@@ -6,4 +6,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/cas/1.0/default/android.hardware.cas@1.0-service.rc b/cas/1.0/default/android.hardware.cas@1.0-service.rc
index 74f2f96..5df4825 100644
--- a/cas/1.0/default/android.hardware.cas@1.0-service.rc
+++ b/cas/1.0/default/android.hardware.cas@1.0-service.rc
@@ -3,4 +3,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/cas/1.1/default/android.hardware.cas@1.1-service-lazy.rc b/cas/1.1/default/android.hardware.cas@1.1-service-lazy.rc
index 73c505d..0721dc3 100644
--- a/cas/1.1/default/android.hardware.cas@1.1-service-lazy.rc
+++ b/cas/1.1/default/android.hardware.cas@1.1-service-lazy.rc
@@ -7,4 +7,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/cas/1.1/default/android.hardware.cas@1.1-service.rc b/cas/1.1/default/android.hardware.cas@1.1-service.rc
index 4081fe1..132d943 100644
--- a/cas/1.1/default/android.hardware.cas@1.1-service.rc
+++ b/cas/1.1/default/android.hardware.cas@1.1-service.rc
@@ -3,4 +3,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/cas/1.2/default/android.hardware.cas@1.2-service-lazy.rc b/cas/1.2/default/android.hardware.cas@1.2-service-lazy.rc
index 1c75100..d91fdce 100644
--- a/cas/1.2/default/android.hardware.cas@1.2-service-lazy.rc
+++ b/cas/1.2/default/android.hardware.cas@1.2-service-lazy.rc
@@ -8,4 +8,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/cas/1.2/default/android.hardware.cas@1.2-service.rc b/cas/1.2/default/android.hardware.cas@1.2-service.rc
index d1c853e..b22971a 100644
--- a/cas/1.2/default/android.hardware.cas@1.2-service.rc
+++ b/cas/1.2/default/android.hardware.cas@1.2-service.rc
@@ -3,4 +3,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/current.txt b/current.txt
index bf41e27..c4d8888 100644
--- a/current.txt
+++ b/current.txt
@@ -772,7 +772,7 @@
e042522daa4b5f7fd4a0a19bcdadb93c79a1b04c09ef2c9813a3a8941032f3f5 android.hardware.contexthub@1.0::IContexthub
c2f64133b83ede65c9939ef97ab5bd867b73faf3dba0e7e69f77c3c43d9e487e android.hardware.contexthub@1.0::IContexthubCallback
bda492ec4021d13869de72bd6f8c15c5837b78d6136b8d538efec5320573a5ec android.hardware.gnss@1.0::IGnssMeasurementCallback
-6a271e493907e8ba20912e42771bd0d99ae45431a851d5675ef9496d02510a34 android.hardware.gnss@1.1::IGnssMeasurementCallback
+7ae2025662e30e690a3ffa1c65cc972c6297a68638174055c33cbf3d2e4bbddc android.hardware.gnss@1.1::IGnssMeasurementCallback
11e9e1a1fd0c9b3d9648750d4b10dc2a839d3a6688904c3fc49500a4e7ca75b0 android.hardware.gnss@2.1::IGnssMeasurementCallback
2c331a9605f3a08d9c1e0a36169ca57758bc43c11a78ef3f3730509885e52c15 android.hardware.graphics.composer@2.4::IComposerClient
3da3ce039247872d95c6bd48621dbfdfa1c2d2a91a90f257862f87ee2bc46300 android.hardware.health@2.1::types
diff --git a/drm/1.0/default/android.hardware.drm@1.0-service-lazy.rc b/drm/1.0/default/android.hardware.drm@1.0-service-lazy.rc
index 4b32f7f..e5ae5cd 100644
--- a/drm/1.0/default/android.hardware.drm@1.0-service-lazy.rc
+++ b/drm/1.0/default/android.hardware.drm@1.0-service-lazy.rc
@@ -7,4 +7,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/drm/1.0/default/android.hardware.drm@1.0-service.rc b/drm/1.0/default/android.hardware.drm@1.0-service.rc
index 790eded..2aba187 100644
--- a/drm/1.0/default/android.hardware.drm@1.0-service.rc
+++ b/drm/1.0/default/android.hardware.drm@1.0-service.rc
@@ -5,4 +5,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
+ task_profiles ProcessCapacityHigh
diff --git a/gnss/1.1/IGnssMeasurementCallback.hal b/gnss/1.1/IGnssMeasurementCallback.hal
index 36841ee..f94c67a 100644
--- a/gnss/1.1/IGnssMeasurementCallback.hal
+++ b/gnss/1.1/IGnssMeasurementCallback.hal
@@ -24,13 +24,38 @@
* Flags indicating the Accumulated Delta Range's states.
*
* See the table below for a detailed interpretation of each state. This is
- * a continuation of the table from 1.1/IGnssMeasurementCallback.hal.
+ * a continuation of the table from 1.0/IGnssMeasurementCallback.hal.
*
* +---------------------+-------------------+-----------------------------+
* | ADR_STATE | Time of relevance | Interpretation |
* +---------------------+-------------------+-----------------------------+
* | HALF_CYCLE_RESOLVED | ADR(t) | Half cycle ambiguity is |
* | | | resolved at time t. |
+ * | | | |
+ * | | | For signals that have |
+ * | | | databits, the carrier phase |
+ * | | | tracking loops typically |
+ * | | | use a costas loop |
+ * | | | discriminator. This type of |
+ * | | | tracking loop introduces a |
+ * | | | half-cycle ambiguity that |
+ * | | | is resolved by searching |
+ * | | | through the received data |
+ * | | | for known patterns of |
+ * | | | databits (e.g. GPS uses the |
+ * | | | TLM word) which then |
+ * | | | determines the polarity of |
+ * | | | the incoming data and |
+ * | | | resolves the half-cycle |
+ * | | | ambiguity. |
+ * | | | |
+ * | | | Before the half-cycle |
+ * | | | ambiguity has been resolved |
+ * | | | it is possible that the |
+ * | | | ADR_STATE_VALID flag is |
+ * | | | set, but the ADR_STATE_ |
+ * | | | HALF_CYCLE_RESOLVED flag is |
+ * | | | not set. |
* +---------------------+-------------------+-----------------------------+
*/
enum GnssAccumulatedDeltaRangeState
diff --git a/gnss/aidl/android/hardware/gnss/GnssMeasurement.aidl b/gnss/aidl/android/hardware/gnss/GnssMeasurement.aidl
index 58f29c5..efecddd 100644
--- a/gnss/aidl/android/hardware/gnss/GnssMeasurement.aidl
+++ b/gnss/aidl/android/hardware/gnss/GnssMeasurement.aidl
@@ -438,6 +438,31 @@
* +---------------------+-------------------+-----------------------------+
* | HALF_CYCLE_RESOLVED | ADR(t) | Half cycle ambiguity is |
* | | | resolved at time t. |
+ * | | | |
+ * | | | For signals that have |
+ * | | | databits, the carrier phase |
+ * | | | tracking loops typically |
+ * | | | use a costas loop |
+ * | | | discriminator. This type of |
+ * | | | tracking loop introduces a |
+ * | | | half-cycle ambiguity that |
+ * | | | is resolved by searching |
+ * | | | through the received data |
+ * | | | for known patterns of |
+ * | | | databits (e.g. GPS uses the |
+ * | | | TLM word) which then |
+ * | | | determines the polarity of |
+ * | | | the incoming data and |
+ * | | | resolves the half-cycle |
+ * | | | ambiguity. |
+ * | | | |
+ * | | | Before the half-cycle |
+ * | | | ambiguity has been resolved |
+ * | | | it is possible that the |
+ * | | | ADR_STATE_VALID flag is |
+ * | | | set, but the ADR_STATE_ |
+ * | | | HALF_CYCLE_RESOLVED flag is |
+ * | | | not set. |
* +---------------------+-------------------+-----------------------------+
*/
const int ADR_STATE_UNKNOWN = 0;
diff --git a/graphics/composer/2.1/default/android.hardware.graphics.composer@2.1-service.rc b/graphics/composer/2.1/default/android.hardware.graphics.composer@2.1-service.rc
index cbd589a..c8fccdc 100644
--- a/graphics/composer/2.1/default/android.hardware.graphics.composer@2.1-service.rc
+++ b/graphics/composer/2.1/default/android.hardware.graphics.composer@2.1-service.rc
@@ -5,4 +5,4 @@
group graphics drmrpc
capabilities SYS_NICE
onrestart restart surfaceflinger
- writepid /dev/cpuset/system-background/tasks
+ task_profiles ServiceCapacityLow
diff --git a/graphics/composer/2.1/utils/vts/ComposerVts.cpp b/graphics/composer/2.1/utils/vts/ComposerVts.cpp
index 4b6b7c8..55aaf12 100644
--- a/graphics/composer/2.1/utils/vts/ComposerVts.cpp
+++ b/graphics/composer/2.1/utils/vts/ComposerVts.cpp
@@ -308,6 +308,12 @@
writer->reset();
}
+NativeHandleWrapper::~NativeHandleWrapper() {
+ if (mHandle) {
+ mGralloc.freeBuffer(mHandle);
+ }
+}
+
Gralloc::Gralloc() {
[this] {
ASSERT_NO_FATAL_FAILURE(mGralloc4 = std::make_shared<Gralloc4>("default", "default",
@@ -324,9 +330,10 @@
}();
}
-const native_handle_t* Gralloc::allocate(uint32_t width, uint32_t height, uint32_t layerCount,
- PixelFormat format, uint64_t usage, bool import,
- uint32_t* outStride) {
+const NativeHandleWrapper Gralloc::allocate(uint32_t width, uint32_t height, uint32_t layerCount,
+ PixelFormat format, uint64_t usage, bool import,
+ uint32_t* outStride) {
+ const native_handle_t* handle;
if (mGralloc4) {
IMapper4::BufferDescriptorInfo info{};
info.width = width;
@@ -334,7 +341,7 @@
info.layerCount = layerCount;
info.format = static_cast<android::hardware::graphics::common::V1_2::PixelFormat>(format);
info.usage = usage;
- return mGralloc4->allocate(info, import, outStride);
+ handle = mGralloc4->allocate(info, import, outStride);
} else if (mGralloc3) {
IMapper3::BufferDescriptorInfo info{};
info.width = width;
@@ -342,7 +349,7 @@
info.layerCount = layerCount;
info.format = static_cast<android::hardware::graphics::common::V1_2::PixelFormat>(format);
info.usage = usage;
- return mGralloc3->allocate(info, import, outStride);
+ handle = mGralloc3->allocate(info, import, outStride);
} else {
IMapper2::BufferDescriptorInfo info{};
info.width = width;
@@ -350,8 +357,9 @@
info.layerCount = layerCount;
info.format = format;
info.usage = usage;
- return mGralloc2->allocate(info, import, outStride);
+ handle = mGralloc2->allocate(info, import, outStride);
}
+ return NativeHandleWrapper(*this, handle);
}
void* Gralloc::lock(const native_handle_t* bufferHandle, uint64_t cpuUsage,
diff --git a/graphics/composer/2.1/utils/vts/include/composer-vts/2.1/ComposerVts.h b/graphics/composer/2.1/utils/vts/include/composer-vts/2.1/ComposerVts.h
index 63aa713..2949823 100644
--- a/graphics/composer/2.1/utils/vts/include/composer-vts/2.1/ComposerVts.h
+++ b/graphics/composer/2.1/utils/vts/include/composer-vts/2.1/ComposerVts.h
@@ -136,13 +136,30 @@
int32_t height;
};
+class Gralloc;
+
+// RAII wrapper around native_handle_t*
+class NativeHandleWrapper {
+ public:
+ NativeHandleWrapper(Gralloc& gralloc, const native_handle_t* handle)
+ : mGralloc(gralloc), mHandle(handle) {}
+
+ ~NativeHandleWrapper();
+
+ const native_handle_t* get() { return mHandle; }
+
+ private:
+ Gralloc& mGralloc;
+ const native_handle_t* mHandle;
+};
+
class Gralloc {
public:
explicit Gralloc();
- const native_handle_t* allocate(uint32_t width, uint32_t height, uint32_t layerCount,
- PixelFormat format, uint64_t usage, bool import = true,
- uint32_t* outStride = nullptr);
+ const NativeHandleWrapper allocate(uint32_t width, uint32_t height, uint32_t layerCount,
+ PixelFormat format, uint64_t usage, bool import = true,
+ uint32_t* outStride = nullptr);
void* lock(const native_handle_t* bufferHandle, uint64_t cpuUsage,
const AccessRegion& accessRegionRect, int acquireFence);
diff --git a/graphics/composer/2.1/vts/functional/VtsHalGraphicsComposerV2_1TargetTest.cpp b/graphics/composer/2.1/vts/functional/VtsHalGraphicsComposerV2_1TargetTest.cpp
index f0250c0..4822678 100644
--- a/graphics/composer/2.1/vts/functional/VtsHalGraphicsComposerV2_1TargetTest.cpp
+++ b/graphics/composer/2.1/vts/functional/VtsHalGraphicsComposerV2_1TargetTest.cpp
@@ -666,7 +666,7 @@
ASSERT_NO_FATAL_FAILURE(GraphicsComposerHidlTest::TearDown());
}
- const native_handle_t* allocate() {
+ NativeHandleWrapper allocate() {
uint64_t usage =
static_cast<uint64_t>(BufferUsage::CPU_WRITE_OFTEN | BufferUsage::CPU_READ_OFTEN |
BufferUsage::COMPOSER_OVERLAY);
@@ -727,11 +727,11 @@
display = mComposerClient->createVirtualDisplay(64, 64, PixelFormat::IMPLEMENTATION_DEFINED,
kBufferSlotCount, &format));
- const native_handle_t* handle;
- ASSERT_NO_FATAL_FAILURE(handle = allocate());
+ std::unique_ptr<NativeHandleWrapper> handle;
+ ASSERT_NO_FATAL_FAILURE(handle.reset(new NativeHandleWrapper(allocate())));
mWriter->selectDisplay(display);
- mWriter->setOutputBuffer(0, handle, -1);
+ mWriter->setOutputBuffer(0, handle->get(), -1);
execute();
}
@@ -783,7 +783,7 @@
mComposerClient->setColorMode(mPrimaryDisplay, ColorMode::NATIVE);
auto handle = allocate();
- ASSERT_NE(nullptr, handle);
+ ASSERT_NE(nullptr, handle.get());
IComposerClient::Rect displayFrame{0, 0, mDisplayWidth, mDisplayHeight};
@@ -800,7 +800,7 @@
mWriter->setLayerZOrder(10);
mWriter->setLayerBlendMode(IComposerClient::BlendMode::NONE);
mWriter->setLayerSurfaceDamage(std::vector<IComposerClient::Rect>(1, displayFrame));
- mWriter->setLayerBuffer(0, handle, -1);
+ mWriter->setLayerBuffer(0, handle.get(), -1);
mWriter->setLayerDataspace(Dataspace::UNKNOWN);
mWriter->validateDisplay();
@@ -817,8 +817,8 @@
mWriter->selectLayer(layer);
auto handle2 = allocate();
- ASSERT_NE(nullptr, handle2);
- mWriter->setLayerBuffer(0, handle2, -1);
+ ASSERT_NE(nullptr, handle2.get());
+ mWriter->setLayerBuffer(0, handle2.get(), -1);
mWriter->setLayerSurfaceDamage(std::vector<IComposerClient::Rect>(1, {0, 0, 10, 10}));
mWriter->presentDisplay();
execute();
@@ -833,12 +833,12 @@
mComposerClient->createLayer(mPrimaryDisplay, kBufferSlotCount));
auto handle = allocate();
- ASSERT_NE(nullptr, handle);
+ ASSERT_NE(nullptr, handle.get());
IComposerClient::Rect displayFrame{0, 0, mDisplayWidth, mDisplayHeight};
mWriter->selectDisplay(mPrimaryDisplay);
mWriter->selectLayer(layer);
- mWriter->setLayerBuffer(0, handle, -1);
+ mWriter->setLayerBuffer(0, handle.get(), -1);
mWriter->setLayerCompositionType(IComposerClient::Composition::CURSOR);
mWriter->setLayerDisplayFrame(displayFrame);
mWriter->setLayerPlaneAlpha(1);
@@ -871,7 +871,7 @@
*/
TEST_P(GraphicsComposerHidlCommandTest, SET_LAYER_BUFFER) {
auto handle = allocate();
- ASSERT_NE(nullptr, handle);
+ ASSERT_NE(nullptr, handle.get());
Layer layer;
ASSERT_NO_FATAL_FAILURE(layer =
@@ -879,7 +879,7 @@
mWriter->selectDisplay(mPrimaryDisplay);
mWriter->selectLayer(layer);
- mWriter->setLayerBuffer(0, handle, -1);
+ mWriter->setLayerBuffer(0, handle.get(), -1);
execute();
}
@@ -1003,7 +1003,7 @@
}
auto handle = allocate();
- ASSERT_NE(nullptr, handle);
+ ASSERT_NE(nullptr, handle.get());
Layer layer;
ASSERT_NO_FATAL_FAILURE(layer =
@@ -1011,7 +1011,7 @@
mWriter->selectDisplay(mPrimaryDisplay);
mWriter->selectLayer(layer);
- mWriter->setLayerSidebandStream(handle);
+ mWriter->setLayerSidebandStream(handle.get());
execute();
}
diff --git a/graphics/composer/2.2/default/android.hardware.graphics.composer@2.2-service.rc b/graphics/composer/2.2/default/android.hardware.graphics.composer@2.2-service.rc
index efe6dad..7714119 100644
--- a/graphics/composer/2.2/default/android.hardware.graphics.composer@2.2-service.rc
+++ b/graphics/composer/2.2/default/android.hardware.graphics.composer@2.2-service.rc
@@ -4,4 +4,4 @@
group graphics drmrpc
capabilities SYS_NICE
onrestart restart surfaceflinger
- writepid /dev/cpuset/system-background/tasks
+ task_profiles ServiceCapacityLow
diff --git a/graphics/composer/2.2/utils/vts/ReadbackVts.cpp b/graphics/composer/2.2/utils/vts/ReadbackVts.cpp
index 19f5e8c..30596fc 100644
--- a/graphics/composer/2.2/utils/vts/ReadbackVts.cpp
+++ b/graphics/composer/2.2/utils/vts/ReadbackVts.cpp
@@ -208,22 +208,13 @@
mAccessRegion.height = height;
}
-ReadbackBuffer::~ReadbackBuffer() {
- if (mBufferHandle != nullptr) {
- mGralloc->freeBuffer(mBufferHandle);
- }
-}
-
void ReadbackBuffer::setReadbackBuffer() {
- if (mBufferHandle != nullptr) {
- mGralloc->freeBuffer(mBufferHandle);
- mBufferHandle = nullptr;
- }
- mBufferHandle = mGralloc->allocate(mWidth, mHeight, mLayerCount, mFormat, mUsage,
- /*import*/ true, &mStride);
- ASSERT_NE(false, mGralloc->validateBufferSize(mBufferHandle, mWidth, mHeight, mLayerCount,
- mFormat, mUsage, mStride));
- ASSERT_NO_FATAL_FAILURE(mComposerClient->setReadbackBuffer(mDisplay, mBufferHandle, -1));
+ mBufferHandle.reset(new Gralloc::NativeHandleWrapper(
+ mGralloc->allocate(mWidth, mHeight, mLayerCount, mFormat, mUsage,
+ /*import*/ true, &mStride)));
+ ASSERT_NE(false, mGralloc->validateBufferSize(mBufferHandle->get(), mWidth, mHeight,
+ mLayerCount, mFormat, mUsage, mStride));
+ ASSERT_NO_FATAL_FAILURE(mComposerClient->setReadbackBuffer(mDisplay, mBufferHandle->get(), -1));
}
void ReadbackBuffer::checkReadbackBuffer(std::vector<IComposerClient::Color> expectedColors) {
@@ -231,11 +222,11 @@
int32_t fenceHandle;
ASSERT_NO_FATAL_FAILURE(mComposerClient->getReadbackBufferFence(mDisplay, &fenceHandle));
- void* bufData = mGralloc->lock(mBufferHandle, mUsage, mAccessRegion, fenceHandle);
+ void* bufData = mGralloc->lock(mBufferHandle->get(), mUsage, mAccessRegion, fenceHandle);
ASSERT_TRUE(mPixelFormat == PixelFormat::RGB_888 || mPixelFormat == PixelFormat::RGBA_8888);
ReadbackHelper::compareColorBuffers(expectedColors, bufData, mStride, mWidth, mHeight,
mPixelFormat);
- int32_t unlockFence = mGralloc->unlock(mBufferHandle);
+ int32_t unlockFence = mGralloc->unlock(mBufferHandle->get());
if (unlockFence != -1) {
sync_wait(unlockFence, -1);
close(unlockFence);
@@ -281,23 +272,17 @@
setSourceCrop({0, 0, (float)width, (float)height});
}
-TestBufferLayer::~TestBufferLayer() {
- if (mBufferHandle != nullptr) {
- mGralloc->freeBuffer(mBufferHandle);
- }
-}
-
void TestBufferLayer::write(const std::shared_ptr<CommandWriterBase>& writer) {
TestLayer::write(writer);
writer->setLayerCompositionType(mComposition);
writer->setLayerVisibleRegion(std::vector<IComposerClient::Rect>(1, mDisplayFrame));
- if (mBufferHandle != nullptr) writer->setLayerBuffer(0, mBufferHandle, mFillFence);
+ if (mBufferHandle != nullptr) writer->setLayerBuffer(0, mBufferHandle->get(), mFillFence);
}
LayerSettings TestBufferLayer::toRenderEngineLayerSettings() {
LayerSettings layerSettings = TestLayer::toRenderEngineLayerSettings();
layerSettings.source.buffer.buffer = std::make_shared<renderengine::ExternalTexture>(
- new GraphicBuffer(mBufferHandle, GraphicBuffer::CLONE_HANDLE, mWidth, mHeight,
+ new GraphicBuffer(mBufferHandle->get(), GraphicBuffer::CLONE_HANDLE, mWidth, mHeight,
static_cast<int32_t>(mFormat), 1, mUsage, mStride),
mRenderEngine.getInternalRenderEngine(),
renderengine::ExternalTexture::Usage::READABLE);
@@ -318,10 +303,10 @@
}
void TestBufferLayer::fillBuffer(std::vector<IComposerClient::Color> expectedColors) {
- void* bufData = mGralloc->lock(mBufferHandle, mUsage, mAccessRegion, -1);
+ void* bufData = mGralloc->lock(mBufferHandle->get(), mUsage, mAccessRegion, -1);
ASSERT_NO_FATAL_FAILURE(
ReadbackHelper::fillBuffer(mWidth, mHeight, mStride, bufData, mFormat, expectedColors));
- mFillFence = mGralloc->unlock(mBufferHandle);
+ mFillFence = mGralloc->unlock(mBufferHandle->get());
if (mFillFence != -1) {
sync_wait(mFillFence, -1);
close(mFillFence);
@@ -329,16 +314,13 @@
}
void TestBufferLayer::setBuffer(std::vector<IComposerClient::Color> colors) {
- if (mBufferHandle != nullptr) {
- mGralloc->freeBuffer(mBufferHandle);
- mBufferHandle = nullptr;
- }
- mBufferHandle = mGralloc->allocate(mWidth, mHeight, mLayerCount, mFormat, mUsage,
- /*import*/ true, &mStride);
- ASSERT_NE(nullptr, mBufferHandle);
+ mBufferHandle.reset(new Gralloc::NativeHandleWrapper(
+ mGralloc->allocate(mWidth, mHeight, mLayerCount, mFormat, mUsage,
+ /*import*/ true, &mStride)));
+ ASSERT_NE(nullptr, mBufferHandle->get());
ASSERT_NO_FATAL_FAILURE(fillBuffer(colors));
- ASSERT_NE(false, mGralloc->validateBufferSize(mBufferHandle, mWidth, mHeight, mLayerCount,
- mFormat, mUsage, mStride));
+ ASSERT_NE(false, mGralloc->validateBufferSize(mBufferHandle->get(), mWidth, mHeight,
+ mLayerCount, mFormat, mUsage, mStride));
}
void TestBufferLayer::setDataspace(Dataspace dataspace,
diff --git a/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ComposerVts.h b/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ComposerVts.h
index 6bc2732..d3bba17 100644
--- a/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ComposerVts.h
+++ b/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ComposerVts.h
@@ -93,10 +93,12 @@
class Gralloc : public V2_1::vts::Gralloc {
public:
+ using NativeHandleWrapper = V2_1::vts::NativeHandleWrapper;
+
Gralloc();
- const native_handle_t* allocate(uint32_t width, uint32_t height, uint32_t layerCount,
- PixelFormat format, uint64_t usage, bool import = true,
- uint32_t* outStride = nullptr) {
+ const NativeHandleWrapper allocate(uint32_t width, uint32_t height, uint32_t layerCount,
+ PixelFormat format, uint64_t usage, bool import = true,
+ uint32_t* outStride = nullptr) {
return V2_1::vts::Gralloc::allocate(
width, height, layerCount,
static_cast<android::hardware::graphics::common::V1_0::PixelFormat>(format), usage,
diff --git a/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ReadbackVts.h b/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ReadbackVts.h
index b24e3b6..58efde9 100644
--- a/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ReadbackVts.h
+++ b/graphics/composer/2.2/utils/vts/include/composer-vts/2.2/ReadbackVts.h
@@ -25,6 +25,8 @@
#include <mapper-vts/2.1/MapperVts.h>
#include <renderengine/RenderEngine.h>
+#include <memory>
+
namespace android {
namespace hardware {
namespace graphics {
@@ -116,8 +118,6 @@
PixelFormat format,
IComposerClient::Composition composition = IComposerClient::Composition::DEVICE);
- ~TestBufferLayer();
-
void write(const std::shared_ptr<CommandWriterBase>& writer) override;
LayerSettings toRenderEngineLayerSettings() override;
@@ -143,7 +143,7 @@
std::shared_ptr<Gralloc> mGralloc;
TestRenderEngine& mRenderEngine;
int32_t mFillFence;
- const native_handle_t* mBufferHandle = nullptr;
+ std::unique_ptr<Gralloc::NativeHandleWrapper> mBufferHandle;
};
class ReadbackHelper {
@@ -182,7 +182,6 @@
ReadbackBuffer(Display display, const std::shared_ptr<ComposerClient>& client,
const std::shared_ptr<Gralloc>& gralloc, uint32_t width, uint32_t height,
PixelFormat pixelFormat, Dataspace dataspace);
- ~ReadbackBuffer();
void setReadbackBuffer();
@@ -196,7 +195,7 @@
uint64_t mUsage;
AccessRegion mAccessRegion;
uint32_t mStride;
- const native_handle_t* mBufferHandle = nullptr;
+ std::unique_ptr<Gralloc::NativeHandleWrapper> mBufferHandle = nullptr;
PixelFormat mPixelFormat;
Dataspace mDataspace;
Display mDisplay;
diff --git a/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2ReadbackTest.cpp b/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2ReadbackTest.cpp
index 8d52173..7a1568b 100644
--- a/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2ReadbackTest.cpp
+++ b/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2ReadbackTest.cpp
@@ -39,15 +39,13 @@
namespace vts {
namespace {
-using android::GraphicBuffer;
using android::Rect;
-using android::hardware::hidl_handle;
using common::V1_1::BufferUsage;
using common::V1_1::Dataspace;
using common::V1_1::PixelFormat;
-using mapper::V2_1::IMapper;
using V2_1::Config;
using V2_1::Display;
+using V2_1::vts::NativeHandleWrapper;
using V2_1::vts::TestCommandReader;
using vts::Gralloc;
@@ -355,9 +353,9 @@
// This following buffer call should have no effect
uint64_t usage =
static_cast<uint64_t>(BufferUsage::CPU_READ_OFTEN | BufferUsage::CPU_WRITE_OFTEN);
- const native_handle_t* bufferHandle =
+ NativeHandleWrapper bufferHandle =
mGralloc->allocate(mDisplayWidth, mDisplayHeight, 1, PixelFormat::RGBA_8888, usage);
- mWriter->setLayerBuffer(0, bufferHandle, -1);
+ mWriter->setLayerBuffer(0, bufferHandle.get(), -1);
// expected color for each pixel
std::vector<IComposerClient::Color> expectedColors(mDisplayWidth * mDisplayHeight);
@@ -465,24 +463,24 @@
// create client target buffer
uint32_t clientStride;
- const native_handle_t* clientBufferHandle =
+ NativeHandleWrapper clientBufferHandle =
mGralloc->allocate(layer->mWidth, layer->mHeight, layer->mLayerCount,
clientFormat, clientUsage, /*import*/ true, &clientStride);
- ASSERT_NE(nullptr, clientBufferHandle);
+ ASSERT_NE(nullptr, clientBufferHandle.get());
void* clientBufData =
- mGralloc->lock(clientBufferHandle, clientUsage, layer->mAccessRegion, -1);
+ mGralloc->lock(clientBufferHandle.get(), clientUsage, layer->mAccessRegion, -1);
ASSERT_NO_FATAL_FAILURE(ReadbackHelper::fillBuffer(layer->mWidth, layer->mHeight,
clientStride, clientBufData,
clientFormat, expectedColors));
- int clientFence = mGralloc->unlock(clientBufferHandle);
+ int clientFence = mGralloc->unlock(clientBufferHandle.get());
if (clientFence != -1) {
sync_wait(clientFence, -1);
close(clientFence);
}
- mWriter->setClientTarget(0, clientBufferHandle, clientFence, clientDataspace,
+ mWriter->setClientTarget(0, clientBufferHandle.get(), clientFence, clientDataspace,
std::vector<IComposerClient::Rect>(1, damage));
layer->setToClientComposition(mWriter);
@@ -593,12 +591,12 @@
// create client target buffer
ASSERT_EQ(1, mReader->mCompositionChanges[0].second);
uint32_t clientStride;
- const native_handle_t* clientBufferHandle =
+ NativeHandleWrapper clientBufferHandle =
mGralloc->allocate(mDisplayWidth, mDisplayHeight, clientLayer->mLayerCount,
clientFormat, clientUsage, /*import*/ true, &clientStride);
- ASSERT_NE(nullptr, clientBufferHandle);
+ ASSERT_NE(nullptr, clientBufferHandle.get());
- void* clientBufData = mGralloc->lock(clientBufferHandle, clientUsage,
+ void* clientBufData = mGralloc->lock(clientBufferHandle.get(), clientUsage,
{0, 0, mDisplayWidth, mDisplayHeight}, -1);
std::vector<IComposerClient::Color> clientColors(mDisplayWidth * mDisplayHeight);
@@ -606,13 +604,13 @@
ASSERT_NO_FATAL_FAILURE(ReadbackHelper::fillBuffer(mDisplayWidth, mDisplayHeight,
clientStride, clientBufData,
clientFormat, clientColors));
- int clientFence = mGralloc->unlock(clientBufferHandle);
+ int clientFence = mGralloc->unlock(clientBufferHandle.get());
if (clientFence != -1) {
sync_wait(clientFence, -1);
close(clientFence);
}
- mWriter->setClientTarget(0, clientBufferHandle, clientFence, clientDataspace,
+ mWriter->setClientTarget(0, clientBufferHandle.get(), clientFence, clientDataspace,
std::vector<IComposerClient::Rect>(1, clientFrame));
clientLayer->setToClientComposition(mWriter);
mWriter->validateDisplay();
diff --git a/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2TargetTest.cpp b/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2TargetTest.cpp
index 31ec885..7e25a2e 100644
--- a/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2TargetTest.cpp
+++ b/graphics/composer/2.2/vts/functional/VtsHalGraphicsComposerV2_2TargetTest.cpp
@@ -36,13 +36,11 @@
namespace {
using common::V1_0::BufferUsage;
-using common::V1_0::ColorTransform;
-using common::V1_0::Transform;
using common::V1_1::ColorMode;
using common::V1_1::Dataspace;
using common::V1_1::PixelFormat;
using common::V1_1::RenderIntent;
-using mapper::V2_0::IMapper;
+using V2_1::vts::NativeHandleWrapper;
class GraphicsComposerHidlTest : public ::testing::TestWithParam<std::string> {
protected:
@@ -154,7 +152,7 @@
ASSERT_NO_FATAL_FAILURE(GraphicsComposerHidlTest::TearDown());
}
- const native_handle_t* allocate() {
+ NativeHandleWrapper allocate() {
uint64_t usage =
static_cast<uint64_t>(BufferUsage::CPU_WRITE_OFTEN | BufferUsage::CPU_READ_OFTEN);
return mGralloc->allocate(/*width*/ 64, /*height*/ 64, /*layerCount*/ 1,
@@ -440,12 +438,12 @@
static_cast<uint64_t>(BufferUsage::COMPOSER_OVERLAY | BufferUsage::CPU_READ_OFTEN);
std::unique_ptr<Gralloc> gralloc;
- const native_handle_t* buffer;
+ std::unique_ptr<NativeHandleWrapper> buffer;
ASSERT_NO_FATAL_FAILURE(gralloc = std::make_unique<Gralloc>());
- ASSERT_NO_FATAL_FAILURE(buffer = gralloc->allocate(mDisplayWidth, mDisplayHeight, 1,
- mReadbackPixelFormat, usage));
+ ASSERT_NO_FATAL_FAILURE(buffer.reset(new NativeHandleWrapper(
+ gralloc->allocate(mDisplayWidth, mDisplayHeight, 1, mReadbackPixelFormat, usage))));
- mComposerClient->setReadbackBuffer(mPrimaryDisplay, buffer, -1);
+ mComposerClient->setReadbackBuffer(mPrimaryDisplay, buffer->get(), -1);
}
/**
@@ -463,12 +461,13 @@
static_cast<uint64_t>(BufferUsage::COMPOSER_OVERLAY | BufferUsage::CPU_READ_OFTEN);
std::unique_ptr<Gralloc> gralloc;
- const native_handle_t* buffer;
+ std::unique_ptr<NativeHandleWrapper> buffer;
ASSERT_NO_FATAL_FAILURE(gralloc = std::make_unique<Gralloc>());
- ASSERT_NO_FATAL_FAILURE(buffer = gralloc->allocate(mDisplayWidth, mDisplayHeight, 1,
- mReadbackPixelFormat, usage));
+ ASSERT_NO_FATAL_FAILURE(buffer.reset(new NativeHandleWrapper(
+ gralloc->allocate(mDisplayWidth, mDisplayHeight, 1, mReadbackPixelFormat, usage))));
- Error error = mComposerClient->getRaw()->setReadbackBuffer(mInvalidDisplayId, buffer, nullptr);
+ Error error =
+ mComposerClient->getRaw()->setReadbackBuffer(mInvalidDisplayId, buffer->get(), nullptr);
ASSERT_EQ(Error::BAD_DISPLAY, error);
}
diff --git a/graphics/composer/2.3/default/android.hardware.graphics.composer@2.3-service.rc b/graphics/composer/2.3/default/android.hardware.graphics.composer@2.3-service.rc
index 81ce890..d3835a4 100644
--- a/graphics/composer/2.3/default/android.hardware.graphics.composer@2.3-service.rc
+++ b/graphics/composer/2.3/default/android.hardware.graphics.composer@2.3-service.rc
@@ -4,4 +4,4 @@
group graphics drmrpc
capabilities SYS_NICE
onrestart restart surfaceflinger
- writepid /dev/cpuset/system-background/tasks
+ task_profiles ServiceCapacityLow
diff --git a/graphics/composer/2.3/vts/functional/VtsHalGraphicsComposerV2_3TargetTest.cpp b/graphics/composer/2.3/vts/functional/VtsHalGraphicsComposerV2_3TargetTest.cpp
index 8b42654..54ba79d 100644
--- a/graphics/composer/2.3/vts/functional/VtsHalGraphicsComposerV2_3TargetTest.cpp
+++ b/graphics/composer/2.3/vts/functional/VtsHalGraphicsComposerV2_3TargetTest.cpp
@@ -38,12 +38,10 @@
namespace vts {
namespace {
-using common::V1_0::BufferUsage;
using common::V1_1::RenderIntent;
using common::V1_2::ColorMode;
using common::V1_2::Dataspace;
using common::V1_2::PixelFormat;
-using mapper::V2_0::IMapper;
using V2_2::vts::Gralloc;
class GraphicsComposerHidlTest : public ::testing::TestWithParam<std::string> {
@@ -140,12 +138,6 @@
ASSERT_NO_FATAL_FAILURE(GraphicsComposerHidlTest::TearDown());
}
- const native_handle_t* allocate() {
- return mGralloc->allocate(
- 64, 64, 1, static_cast<common::V1_1::PixelFormat>(PixelFormat::RGBA_8888),
- static_cast<uint64_t>(BufferUsage::CPU_WRITE_OFTEN | BufferUsage::CPU_READ_OFTEN));
- }
-
void execute() { mComposerClient->execute(mReader.get(), mWriter.get()); }
std::unique_ptr<CommandWriterBase> mWriter;
diff --git a/graphics/composer/2.4/default/android.hardware.graphics.composer@2.4-service.rc b/graphics/composer/2.4/default/android.hardware.graphics.composer@2.4-service.rc
index a296b0a..d82dcd9 100644
--- a/graphics/composer/2.4/default/android.hardware.graphics.composer@2.4-service.rc
+++ b/graphics/composer/2.4/default/android.hardware.graphics.composer@2.4-service.rc
@@ -4,4 +4,4 @@
group graphics drmrpc
capabilities SYS_NICE
onrestart restart surfaceflinger
- writepid /dev/cpuset/system-background/tasks
+ task_profiles ServiceCapacityLow
diff --git a/graphics/composer/2.4/vts/functional/VtsHalGraphicsComposerV2_4TargetTest.cpp b/graphics/composer/2.4/vts/functional/VtsHalGraphicsComposerV2_4TargetTest.cpp
index 2f0429c..5aceda7 100644
--- a/graphics/composer/2.4/vts/functional/VtsHalGraphicsComposerV2_4TargetTest.cpp
+++ b/graphics/composer/2.4/vts/functional/VtsHalGraphicsComposerV2_4TargetTest.cpp
@@ -52,8 +52,8 @@
using common::V1_2::ColorMode;
using common::V1_2::Dataspace;
using common::V1_2::PixelFormat;
-using mapper::V2_0::IMapper;
using V2_1::Layer;
+using V2_1::vts::NativeHandleWrapper;
using V2_2::Transform;
using V2_2::vts::Gralloc;
@@ -159,7 +159,7 @@
void execute() { mComposerClient->execute(mReader.get(), mWriter.get()); }
- const native_handle_t* allocate(int32_t width, int32_t height) {
+ NativeHandleWrapper allocate(int32_t width, int32_t height) {
return mGralloc->allocate(
width, height, /*layerCount*/ 1,
static_cast<common::V1_1::PixelFormat>(PixelFormat::RGBA_8888),
@@ -493,46 +493,53 @@
IComposerClient::FRect displayCrop = display.getCrop();
int32_t displayWidth = static_cast<int32_t>(std::ceilf(displayCrop.right - displayCrop.left));
int32_t displayHeight = static_cast<int32_t>(std::ceilf(displayCrop.bottom - displayCrop.top));
- auto handle = allocate(displayWidth, displayHeight);
- ASSERT_NE(nullptr, handle);
-
Layer layer;
ASSERT_NO_FATAL_FAILURE(layer = mComposerClient->createLayer(display.get(), kBufferSlotCount));
- mWriter->selectLayer(layer);
- mWriter->setLayerCompositionType(IComposerClient::Composition::DEVICE);
- mWriter->setLayerDisplayFrame(display.getFrameRect());
- mWriter->setLayerPlaneAlpha(1);
- mWriter->setLayerSourceCrop(display.getCrop());
- mWriter->setLayerTransform(static_cast<Transform>(0));
- mWriter->setLayerVisibleRegion(std::vector<IComposerClient::Rect>(1, display.getFrameRect()));
- mWriter->setLayerZOrder(10);
- mWriter->setLayerBlendMode(IComposerClient::BlendMode::NONE);
- mWriter->setLayerSurfaceDamage(std::vector<IComposerClient::Rect>(1, display.getFrameRect()));
- mWriter->setLayerBuffer(0, handle, -1);
- mWriter->setLayerDataspace(Dataspace::UNKNOWN);
- mWriter->validateDisplay();
- execute();
- ASSERT_EQ(0, mReader->mErrors.size());
- mReader->mCompositionChanges.clear();
+ {
+ auto handle = allocate(displayWidth, displayHeight);
+ ASSERT_NE(nullptr, handle.get());
- mWriter->presentDisplay();
- execute();
- ASSERT_EQ(0, mReader->mErrors.size());
+ mWriter->selectLayer(layer);
+ mWriter->setLayerCompositionType(IComposerClient::Composition::DEVICE);
+ mWriter->setLayerDisplayFrame(display.getFrameRect());
+ mWriter->setLayerPlaneAlpha(1);
+ mWriter->setLayerSourceCrop(display.getCrop());
+ mWriter->setLayerTransform(static_cast<Transform>(0));
+ mWriter->setLayerVisibleRegion(
+ std::vector<IComposerClient::Rect>(1, display.getFrameRect()));
+ mWriter->setLayerZOrder(10);
+ mWriter->setLayerBlendMode(IComposerClient::BlendMode::NONE);
+ mWriter->setLayerSurfaceDamage(
+ std::vector<IComposerClient::Rect>(1, display.getFrameRect()));
+ mWriter->setLayerBuffer(0, handle.get(), -1);
+ mWriter->setLayerDataspace(Dataspace::UNKNOWN);
- mWriter->selectLayer(layer);
- auto handle2 = allocate(displayWidth, displayHeight);
- ASSERT_NE(nullptr, handle2);
+ mWriter->validateDisplay();
+ execute();
+ ASSERT_EQ(0, mReader->mErrors.size());
+ mReader->mCompositionChanges.clear();
- mWriter->setLayerBuffer(0, handle2, -1);
- mWriter->setLayerSurfaceDamage(std::vector<IComposerClient::Rect>(1, {0, 0, 10, 10}));
- mWriter->validateDisplay();
- execute();
- ASSERT_EQ(0, mReader->mErrors.size());
- mReader->mCompositionChanges.clear();
+ mWriter->presentDisplay();
+ execute();
+ ASSERT_EQ(0, mReader->mErrors.size());
+ }
- mWriter->presentDisplay();
- execute();
+ {
+ auto handle = allocate(displayWidth, displayHeight);
+ ASSERT_NE(nullptr, handle.get());
+
+ mWriter->selectLayer(layer);
+ mWriter->setLayerBuffer(0, handle.get(), -1);
+ mWriter->setLayerSurfaceDamage(std::vector<IComposerClient::Rect>(1, {0, 0, 10, 10}));
+ mWriter->validateDisplay();
+ execute();
+ ASSERT_EQ(0, mReader->mErrors.size());
+ mReader->mCompositionChanges.clear();
+
+ mWriter->presentDisplay();
+ execute();
+ }
ASSERT_NO_FATAL_FAILURE(mComposerClient->destroyLayer(display.get(), layer));
}
diff --git a/neuralnetworks/utils/README.md b/neuralnetworks/utils/README.md
index 87b3f9f..ffad6ee 100644
--- a/neuralnetworks/utils/README.md
+++ b/neuralnetworks/utils/README.md
@@ -44,7 +44,7 @@
EXPECT_EQ(versionedBefore, versionedAfter);
```
-The `convert` functions operate only on types that used in a HIDL method call directly. The
+The `convert` functions operate only on types that are used in a HIDL method call directly. The
`unvalidatedConvert` functions operate on types that are either used in a HIDL method call directly
(i.e., not as a nested class) or used in a subsequent version of the NN HAL. Prefer using `convert`
over `unvalidatedConvert`.
diff --git a/security/keymint/aidl/Android.bp b/security/keymint/aidl/Android.bp
index 694ce6a..cd45a62 100644
--- a/security/keymint/aidl/Android.bp
+++ b/security/keymint/aidl/Android.bp
@@ -30,6 +30,10 @@
},
rust: {
enabled: true,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.compos",
+ ],
},
},
versions: ["1"],
diff --git a/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
index 3ea14a1..32d69cd 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
@@ -37,10 +37,13 @@
* ? "board" : tstr,
* ? "vb_state" : "green" / "yellow" / "orange", // Taken from the AVB values
* ? "bootloader_state" : "locked" / "unlocked", // Taken from the AVB values
+ * ? "vbmeta_digest": bstr, // Taken from the AVB values
* ? "os_version" : tstr, // Same as android.os.Build.VERSION.release
* ? "system_patch_level" : uint, // YYYYMMDD
* ? "boot_patch_level" : uint, // YYYYMMDD
* ? "vendor_patch_level" : uint, // YYYYMMDD
+ * "version" : 1, // The CDDL schema version.
+ * "security_level" : "tee" / "strongbox"
* }
*/
byte[] deviceInfo;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index 5b0b303..88b2a26 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -233,8 +233,6 @@
* indistinguishable from random. Thus, if the entropy from any source is good, the output
* must be good.
*
- * TODO(seleneh) specify what mixing functions and cprng we allow.
- *
* @param data Bytes to be mixed into the CRNG seed. The caller must not provide more than 2
* KiB of data per invocation.
*
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
index 04d91d0..a29fb08 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
@@ -33,8 +33,8 @@
*
* The root of trust for secure provisioning is something called the "Boot Certificate Chain", or
* BCC. The BCC is a chain of public key certificates, represented as COSE_Sign1 objects containing
- * COSE_Key representations of the public keys. The "root" of the BCC is a self-signed certificate
- * for a device-unique public key, denoted DK_pub. All public keys in the BCC are device-unique. The
+ * COSE_Key representations of the public keys. The "root" of the BCC is
+ * a device-unique public key, denoted DK_pub. All public keys in the BCC are device-unique. The
* public key from each certificate in the chain is used to sign the next certificate in the
* chain. The final, "leaf" certificate contains a public key, denoted KM_pub, whose corresponding
* private key, denoted KM_priv, is available for use by the IRemotelyProvisionedComponent.
@@ -58,12 +58,8 @@
* (given the necessary input), but no stage can compute the secret of any preceding stage. Updating
* the firmware or configuration of any stage changes the key pair of that stage, and of all
* subsequent stages, and no attacker who compromised the previous version of the updated firmware
- * can know or predict the post-update key pairs.
- *
- * The first BCC certificate is special because its contained public key, DK_pub, will never change,
- * making it a permanent, device-unique identifier. Although the remaining keys in the BCC are also
- * device-unique, they are not necessarily permanent, since they can change when the device software
- * is updated.
+ * can know or predict the post-update key pairs. It is recommended and expected that the BCC is
+ * constructed using the Open Profile for DICE.
*
* When the provisioning server receives a message signed by KM_priv and containing a BCC that
* chains from DK_pub to KM_pub, it can be certain that (barring vulnerabilities in some boot
@@ -78,7 +74,7 @@
* While a proper BCC, as described above, reflects the complete boot sequence from boot ROM to the
* secure area image of the IRemotelyProvisionedComponent, it's also possible to use a "degenerate"
* BCC which consists only of a single, self-signed certificate containing the public key of a
- * hardware-bound key pair. This is an appropriate solution for devices which haven't implemented
+ * hardware-bound key pair. This is an appopriate solution for devices which haven't implemented
* everything necessary to produce a proper BCC, but can derive a unique key pair in the secure
* area. In this degenerate case, DK_pub is the same as KM_pub.
*
@@ -141,7 +137,7 @@
* privateKeyHandle, that the contained public key is for remote certification.
*
* @return data representing a handle to the private key. The format is implementation-defined,
- * but note that specific services may define a required format.
+ * but note that specific services may define a required format. KeyMint does.
*/
byte[] generateEcdsaP256KeyPair(in boolean testMode, out MacedPublicKey macedPublicKey);
@@ -162,65 +158,90 @@
* If testMode is false, the keysToCertify array must not contain any keys flagged as
* test keys. Otherwise, the method must return STATUS_TEST_KEY_IN_PRODUCTION_REQUEST.
*
- * @param in endpointEncryptionKey contains an X25519 public key which will be used to encrypt
+ * @param in endpointEncryptionKey contains an X22519 public key which will be used to encrypt
* the BCC. For flexibility, this is represented as a certificate chain, represented as a
* CBOR array of COSE_Sign1 objects, ordered from root to leaf. The leaf contains the
* X25519 encryption key, each other element is an Ed25519 key signing the next in the
- * chain. The root is self-signed.
+ * chain. The root is self-signed. An implementor may also choose to use P256 as an
+ * alternative curve for signing and encryption instead of Curve 25519.
*
* EekChain = [ + SignedSignatureKey, SignedEek ]
*
* SignedSignatureKey = [ // COSE_Sign1
* protected: bstr .cbor {
- * 1 : -8, // Algorithm : EdDSA
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
- * unprotected: { },
- * payload: bstr .cbor SignatureKey,
- * signature: bstr PureEd25519(.cbor SignatureKeySignatureInput)
+ * unprotected: {},
+ * payload: bstr .cbor SignatureKeyEd25519 /
+ * bstr .cbor SignatureKeyP256,
+ * signature: bstr PureEd25519(.cbor SignatureKeySignatureInput) /
+ * bstr ECDSA(.cbor SignatureKeySignatureInput)
* ]
*
- * SignatureKey = { // COSE_Key
+ * SignatureKeyEd25519 = { // COSE_Key
* 1 : 1, // Key type : Octet Key Pair
- * 3 : -8, // Algorithm : EdDSA
+ * 3 : AlgorithmEdDSA, // Algorithm
* -1 : 6, // Curve : Ed25519
* -2 : bstr // Ed25519 public key
* }
*
+ * SignatureKeyP256 = {
+ * 1 : 2, // Key type : EC2
+ * 3 : AlgorithmES256, // Algorithm
+ * -1 : 1, // Curve: P256
+ * -2 : bstr, // X coordinate
+ * -3 : bstr // Y coordinate
+ * }
+ *
* SignatureKeySignatureInput = [
* context: "Signature1",
* body_protected: bstr .cbor {
- * 1 : -8, // Algorithm : EdDSA
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
* external_aad: bstr .size 0,
- * payload: bstr .cbor SignatureKey
+ * payload: bstr .cbor SignatureKeyEd25519 /
+ * bstr .cbor SignatureKeyP256
* ]
*
* SignedEek = [ // COSE_Sign1
* protected: bstr .cbor {
- * 1 : -8, // Algorithm : EdDSA
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
- * unprotected: { },
- * payload: bstr .cbor Eek,
- * signature: bstr PureEd25519(.cbor EekSignatureInput)
+ * unprotected: {},
+ * payload: bstr .cbor EekX25519 / .cbor EekP256,
+ * signature: bstr PureEd25519(.cbor EekSignatureInput) /
+ * bstr ECDSA(.cbor EekSignatureInput)
* ]
*
- * Eek = { // COSE_Key
- * 1 : 1, // Key type : Octet Key Pair
- * 2 : bstr // KID : EEK ID
- * 3 : -25, // Algorithm : ECDH-ES + HKDF-256
- * -1 : 4, // Curve : X25519
- * -2 : bstr // X25519 public key
+ * EekX25519 = { // COSE_Key
+ * 1 : 1, // Key type : Octet Key Pair
+ * 2 : bstr // KID : EEK ID
+ * 3 : -25, // Algorithm : ECDH-ES + HKDF-256
+ * -1 : 4, // Curve : X25519
+ * -2 : bstr // Ed25519 public key
+ * }
+ *
+ * EekP256 = { // COSE_Key
+ * 1 : 2, // Key type : EC2
+ * 2 : bstr // KID : EEK ID
+ * 3 : -25, // Algorithm : ECDH-ES + HKDF-256
+ * -1 : 1, // Curve : P256
+ * -2 : bstr // Sender X coordinate
+ * -3 : bstr // Sender Y coordinate
* }
*
* EekSignatureInput = [
* context: "Signature1",
* body_protected: bstr .cbor {
- * 1 : -8, // Algorithm : EdDSA
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
* external_aad: bstr .size 0,
- * payload: bstr .cbor Eek
+ * payload: bstr .cbor EekX25519 / .cbor EekP256
* ]
*
+ * AlgorithmES256 = -7
+ * AlgorithmEdDSA = -8
+ *
* If the contents of endpointEncryptionKey do not match the SignedEek structure above,
* the method must return STATUS_INVALID_EEK.
*
@@ -228,7 +249,7 @@
* in the chain, which implies that it must not attempt to validate the signature.
*
* If testMode is false, the method must validate the chain signatures, and must verify
- * that the public key in the root certificate is in its pre-configured set of
+ * that the public key in the root certifictate is in its pre-configured set of
* authorized EEK root keys. If the public key is not in the database, or if signature
* verification fails, the method must return STATUS_INVALID_EEK.
*
@@ -236,8 +257,13 @@
* by the secure area. See the description of the 'signature' output parameter for
* details.
*
- * @param out keysToSignMac contains the MAC of KeysToSign in the CertificateRequest
- * structure. Specifically, it contains:
+ * @param out DeviceInfo contains the VerifiedDeviceInfo portion of the DeviceInfo array in
+ * CertificateRequest. The structure is described within the DeviceInfo.aidl file.
+ *
+ * @param out ProtectedData contains the encrypted BCC and the ephemeral MAC key used to
+ * authenticate the keysToSign (see keysToSignMac output argument).
+ *
+ * @return The of KeysToSign in the CertificateRequest structure. Specifically, it contains:
*
* HMAC-256(EK_mac, .cbor KeysToMacStructure)
*
@@ -248,11 +274,11 @@
* protected : bstr .cbor {
* 1 : 5, // Algorithm : HMAC-256
* },
- * unprotected : { },
+ * unprotected : {},
* // Payload is PublicKeys from keysToSign argument, in provided order.
* payload: bstr .cbor [ * PublicKey ],
* tag: bstr
- * ]
+ * ]
*
* KeysToMacStructure = [
* context : "MAC0",
@@ -261,9 +287,6 @@
* // Payload is PublicKeys from keysToSign argument, in provided order.
* payload : bstr .cbor [ * PublicKey ]
* ]
- *
- * @param out ProtectedData contains the encrypted BCC and the ephemeral MAC key used to
- * authenticate the keysToSign (see keysToSignMac output argument).
*/
byte[] generateCertificateRequest(in boolean testMode, in MacedPublicKey[] keysToSign,
in byte[] endpointEncryptionCertChain, in byte[] challenge, out DeviceInfo deviceInfo,
diff --git a/security/keymint/aidl/android/hardware/security/keymint/KeyCharacteristics.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyCharacteristics.aidl
index 25fdee3..f0df048 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/KeyCharacteristics.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/KeyCharacteristics.aidl
@@ -32,6 +32,17 @@
*/
@VintfStability
parcelable KeyCharacteristics {
+ /**
+ * The security level enforcing this collection of key properties.
+ */
SecurityLevel securityLevel = SecurityLevel.SOFTWARE;
+
+ /**
+ * `authorizations` is a list of key properties that are enforced at this security level.
+ * A key can have different properties enforced by components of different security levels.
+ * For example, some properties are provided by the operating system, which has a
+ * different security level to the IKeyMintDevice.
+ * See the `keyCharacteristics` field in `KeyCreationResult` for more details.
+ */
KeyParameter[] authorizations;
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/KeyMintHardwareInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyMintHardwareInfo.aidl
index 8da7578..b82dee6 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/KeyMintHardwareInfo.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/KeyMintHardwareInfo.aidl
@@ -29,7 +29,6 @@
* Implementation version of the keymint hardware. The version number is implementation
* defined, and not necessarily globally meaningful. The version is used to distinguish
* between different versions of a given implementation.
- * TODO(seleneh) add the version related info to the code.
*/
int versionNumber;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/PaddingMode.aidl b/security/keymint/aidl/android/hardware/security/keymint/PaddingMode.aidl
index fbb373b..e71a9c9 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/PaddingMode.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/PaddingMode.aidl
@@ -17,8 +17,6 @@
package android.hardware.security.keymint;
/**
- * TODO(seleneh) update the description.
- *
* Padding modes that may be applied to plaintext for encryption operations. This list includes
* padding modes for both symmetric and asymmetric algorithms. Note that implementations should not
* provide all possible combinations of algorithm and padding, only the
diff --git a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
index 5199062..31dbb28 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
@@ -40,11 +40,7 @@
* 1 : -25 // Algorithm : ECDH-ES + HKDF-256
* },
* unprotected : {
- * -1 : { // COSE_Key
- * 1 : 1, // Key type : Octet Key Pair
- * -1 : 4, // Curve : X25519
- * -2 : bstr // Sender X25519 public key
- * }
+ * -1 : PubKeyX25519 / PubKeyEcdhP256 // Of the sender
* 4 : bstr, // KID : EEK ID
* },
* ciphertext : nil
@@ -67,7 +63,7 @@
* other : bstr // EEK pubkey
* ],
* SuppPubInfo : [
- * 128, // Output key length
+ * 256, // Output key length
* protected : bstr .size 0
* ]
* ]
@@ -75,34 +71,51 @@
* ProtectedDataPayload [
* SignedMac,
* Bcc,
+ * ? AdditionalDKSignatures,
+ * ]
+ * AdditionalDKSignatures = {
+ * + SignerName => DKCertChain
+ * }
+ *
+ * SignerName = tstr
+ *
+ * DKCertChain = [
+ * 2* Certificate // Root -> Leaf. Root is the vendor
+ * // self-signed cert, leaf contains DK_pub
* ]
*
- * SignedMac = [ // COSE_Sign1
- * bstr .cbor { // Protected params
- * 1 : -8, // Algorithm : EdDSA
+ * Certificate = COSE_Sign1 of a public key
+ *
+ * SignedMac = [ // COSE_Sign1
+ * bstr .cbor { // Protected params
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
- * { }, // Unprotected params
+ * {}, // Unprotected params
* bstr .size 32, // MAC key
- * bstr PureEd25519(DK_priv, .cbor SignedMac_structure)
+ * bstr PureEd25519(KM_priv, .cbor SignedMac_structure) /
+ * ECDSA(KM_priv, bstr .cbor SignedMac_structure)
* ]
*
* SignedMac_structure = [
* "Signature1",
- * bstr .cbor { // Protected params
- * 1 : -8, // Algorithm : EdDSA
+ * bstr .cbor { // Protected params
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
* bstr .cbor SignedMacAad
- * bstr .size 32 // MAC key
+ * bstr .size 32 // MAC key
* ]
*
* SignedMacAad = [
* challenge : bstr,
- * DeviceInfo
+ * VerifiedDeviceInfo,
+ * tag: bstr // This is the tag from COSE_Mac0 of
+ * // KeysToCertify, to tie the key set to
+ * // the signature.
* ]
*
* Bcc = [
- * PubKey, // DK_pub
- * + BccEntry, // Root -> leaf (KM_pub)
+ * PubKeyEd25519 / PubKeyECDSA256, // DK_pub
+ * + BccEntry, // Root -> leaf (KM_pub)
* ]
*
* BccPayload = { // CWT
@@ -120,44 +133,38 @@
* ? -4670549 : bstr, // Authority Hash
* ? -4670550 : bstr, // Authority Descriptor
* ? -4670551 : bstr, // Mode
- * -4670552 : bstr .cbor PubKey // Subject Public Key
+ * -4670552 : bstr .cbor PubKeyEd25519 /
+ * bstr .cbor PubKeyECDSA256 // Subject Public Key
* -4670553 : bstr // Key Usage
* }
*
- * BccEntry = [ // COSE_Sign1
- * protected: bstr .cbor {
- * 1 : -8, // Algorithm : EdDSA
+ * BccEntry = [ // COSE_Sign1 (untagged)
+ * protected : bstr .cbor {
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
- * unprotected: { },
+ * unprotected: {},
* payload: bstr .cbor BccPayload,
- * // First entry in the chain is signed by DK_pub, the others are each signed by their
- * // immediate predecessor. See RFC 8032 for signature representation.
- * signature: bstr .cbor PureEd25519(SigningKey, bstr .cbor BccEntryInput)
+ * signature: bstr .cbor PureEd25519(SigningKey, bstr .cbor BccEntryInput) /
+ * bstr .cbor ECDSA(SigningKey, bstr .cbor BccEntryInput)
+ * // See RFC 8032 for details of how to encode the signature value for Ed25519.
* ]
*
- * PubKey = { // COSE_Key
- * 1 : 1, // Key type : octet key pair
- * 3 : -8, // Algorithm : EdDSA
- * 4 : 2, // Ops: Verify
- * -1 : 6, // Curve : Ed25519
- * -2 : bstr // X coordinate, little-endian
- * }
- *
* BccEntryInput = [
* context: "Signature1",
* protected: bstr .cbor {
- * 1 : -8, // Algorithm : EdDSA
+ * 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
* },
* external_aad: bstr .size 0,
* payload: bstr .cbor BccPayload
* ]
*
- * DeviceInfo = {
+ * VerifiedDeviceInfo = {
* ? "brand" : tstr,
* ? "manufacturer" : tstr,
* ? "product" : tstr,
* ? "model" : tstr,
* ? "board" : tstr,
+ * ? "device" : tstr,
* ? "vb_state" : "green" / "yellow" / "orange",
* ? "bootloader_state" : "locked" / "unlocked",
* ? "os_version" : tstr,
@@ -165,6 +172,39 @@
* ? "boot_patch_level" : uint, // YYYYMMDD
* ? "vendor_patch_level" : uint, // YYYYMMDD
* }
+ *
+ * PubKeyX25519 = { // COSE_Key
+ * 1 : 1, // Key type : Octet Key Pair
+ * -1 : 4, // Curve : X25519
+ * -2 : bstr // Sender X25519 public key
+ * }
+ *
+ * PubKeyEd25519 = { // COSE_Key
+ * 1 : 1, // Key type : octet key pair
+ * 3 : AlgorithmEdDSA, // Algorithm : EdDSA
+ * 4 : 2, // Ops: Verify
+ * -1 : 6, // Curve : Ed25519
+ * -2 : bstr // X coordinate, little-endian
+ * }
+ *
+ * PubKeyEcdhP256 = { // COSE_Key
+ * 1 : 2, // Key type : EC2
+ * -1 : 1, // Curve : P256
+ * -2 : bstr // Sender X coordinate
+ * -3 : bstr // Sender Y coordinate
+ * }
+ *
+ * PubKeyECDSA256 = { // COSE_Key
+ * 1 : 2, // Key type : EC2
+ * 3 : AlgorithmES256, // Algorithm : ECDSA w/ SHA-256
+ * 4 : 2, // Ops: Verify
+ * -1 : 1, // Curve: P256
+ * -2 : bstr, // X coordinate
+ * -3 : bstr // Y coordinate
+ * }
+ *
+ * AlgorithmES256 = -7
+ * AlgorithmEdDSA = -8
*/
byte[] protectedData;
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index 861084e..972ce2e 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
@@ -268,10 +268,6 @@
USAGE_EXPIRE_DATETIME = TagType.DATE | 402,
/**
- * TODO(seleneh) this tag need to be deleted.
- *
- * TODO(seleneh) this tag need to be deleted.
- *
* Tag::MIN_SECONDS_BETWEEN_OPS specifies the minimum amount of time that elapses between
* allowed operations using a key. This can be used to rate-limit uses of keys in contexts
* where unlimited use may enable brute force attacks.
@@ -289,6 +285,8 @@
* fails because the table is full, KeyMint returns ErrorCode::TOO_MANY_OPERATIONS.
*
* Must be hardware-enforced.
+ *
+ * TODO(b/191458710): find out if this tag is still supported.
*/
MIN_SECONDS_BETWEEN_OPS = TagType.UINT | 403,
@@ -876,6 +874,7 @@
STORAGE_KEY = TagType.BOOL | 722,
/**
+ * OBSOLETE: Do not use. See IKeyMintOperation.updateAad instead.
* TODO: Delete when keystore1 is deleted.
*/
ASSOCIATED_DATA = TagType.BYTES | 1000,
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 44b8274..5359b3b 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -62,6 +62,9 @@
namespace {
+// Invalid value for a patchlevel (which is of form YYYYMMDD).
+const uint32_t kInvalidPatchlevel = 99998877;
+
// Overhead for PKCS#1 v1.5 signature padding of undigested messages. Digested messages have
// additional overhead, for the digest algorithmIdentifier required by PKCS#1.
const size_t kPkcs1UndigestedSignaturePaddingOverhead = 11;
@@ -126,10 +129,9 @@
// Attestations don't contain everything in key authorization lists, so we need to filter the key
// lists to produce the lists that we expect to match the attestations.
auto kTagsToFilter = {
- Tag::CREATION_DATETIME,
- Tag::EC_CURVE,
- Tag::HARDWARE_TYPE,
- Tag::INCLUDE_UNIQUE_ID,
+ Tag::CREATION_DATETIME,
+ Tag::HARDWARE_TYPE,
+ Tag::INCLUDE_UNIQUE_ID,
};
AuthorizationSet filtered_tags(const AuthorizationSet& set) {
@@ -163,6 +165,28 @@
bool KeyMintAidlTestBase::arm_deleteAllKeys = false;
bool KeyMintAidlTestBase::dump_Attestations = false;
+uint32_t KeyMintAidlTestBase::boot_patch_level(
+ const vector<KeyCharacteristics>& key_characteristics) {
+ // The boot patchlevel is not available as a property, but should be present
+ // in the key characteristics of any created key.
+ AuthorizationSet allAuths;
+ for (auto& entry : key_characteristics) {
+ allAuths.push_back(AuthorizationSet(entry.authorizations));
+ }
+ auto patchlevel = allAuths.GetTagValue(TAG_BOOT_PATCHLEVEL);
+ if (patchlevel.has_value()) {
+ return patchlevel.value();
+ } else {
+ // No boot patchlevel is available. Return a value that won't match anything
+ // and so will trigger test failures.
+ return kInvalidPatchlevel;
+ }
+}
+
+uint32_t KeyMintAidlTestBase::boot_patch_level() {
+ return boot_patch_level(key_characteristics_);
+}
+
ErrorCode KeyMintAidlTestBase::GetReturnErrorCode(const Status& result) {
if (result.isOk()) return ErrorCode::OK;
@@ -998,16 +1022,7 @@
}
break;
case Algorithm::EC:
- switch (SecLevel()) {
- case SecurityLevel::SOFTWARE:
- case SecurityLevel::TRUSTED_ENVIRONMENT:
- return {224, 256, 384, 521};
- case SecurityLevel::STRONGBOX:
- return {256};
- default:
- ADD_FAILURE() << "Invalid security level " << uint32_t(SecLevel());
- break;
- }
+ ADD_FAILURE() << "EC keys must be specified by curve not size";
break;
case Algorithm::AES:
return {128, 256};
@@ -1123,9 +1138,11 @@
}
vector<EcCurve> KeyMintAidlTestBase::InvalidCurves() {
- if (SecLevel() == SecurityLevel::TRUSTED_ENVIRONMENT) return {};
- CHECK(SecLevel() == SecurityLevel::STRONGBOX);
- return {EcCurve::P_224, EcCurve::P_384, EcCurve::P_521};
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ return {EcCurve::P_224, EcCurve::P_384, EcCurve::P_521};
+ } else {
+ return {};
+ }
}
vector<Digest> KeyMintAidlTestBase::ValidDigests(bool withNone, bool withMD5) {
@@ -1293,9 +1310,9 @@
AuthorizationSet att_sw_enforced;
AuthorizationSet att_hw_enforced;
uint32_t att_attestation_version;
- uint32_t att_keymaster_version;
+ uint32_t att_keymint_version;
SecurityLevel att_attestation_security_level;
- SecurityLevel att_keymaster_security_level;
+ SecurityLevel att_keymint_security_level;
vector<uint8_t> att_challenge;
vector<uint8_t> att_unique_id;
vector<uint8_t> att_app_id;
@@ -1304,8 +1321,8 @@
attest_rec->length, //
&att_attestation_version, //
&att_attestation_security_level, //
- &att_keymaster_version, //
- &att_keymaster_security_level, //
+ &att_keymint_version, //
+ &att_keymint_security_level, //
&att_challenge, //
&att_sw_enforced, //
&att_hw_enforced, //
@@ -1324,14 +1341,14 @@
expected_sw_enforced.push_back(TAG_ATTESTATION_APPLICATION_ID, appId);
}
- EXPECT_EQ(att_keymaster_version, 100U);
- EXPECT_EQ(security_level, att_keymaster_security_level);
+ EXPECT_EQ(att_keymint_version, 100U);
+ EXPECT_EQ(security_level, att_keymint_security_level);
EXPECT_EQ(security_level, att_attestation_security_level);
char property_value[PROPERTY_VALUE_MAX] = {};
// TODO(b/136282179): When running under VTS-on-GSI the TEE-backed
- // keymaster implementation will report YYYYMM dates instead of YYYYMMDD
+ // keymint implementation will report YYYYMM dates instead of YYYYMMDD
// for the BOOT_PATCH_LEVEL.
if (avb_verification_enabled()) {
for (int i = 0; i < att_hw_enforced.size(); i++) {
@@ -1370,13 +1387,6 @@
EXPECT_TRUE(expected_hw_enforced.Contains(TAG_NO_AUTH_REQUIRED));
}
- // Alternatively this checks the opposite - a false boolean tag (one that isn't provided in
- // the authorization list during key generation) isn't being attested to in the certificate.
- EXPECT_FALSE(expected_sw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));
- EXPECT_FALSE(att_sw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));
- EXPECT_FALSE(expected_hw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));
- EXPECT_FALSE(att_hw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));
-
if (att_hw_enforced.Contains(TAG_ALGORITHM, Algorithm::EC)) {
// For ECDSA keys, either an EC_CURVE or a KEY_SIZE can be specified, but one must be.
EXPECT_TRUE(att_hw_enforced.Contains(TAG_EC_CURVE) ||
@@ -1442,9 +1452,7 @@
att_sw_enforced.Sort();
expected_sw_enforced.Sort();
- auto a = filtered_tags(expected_sw_enforced);
- auto b = filtered_tags(att_sw_enforced);
- EXPECT_EQ(a, b);
+ EXPECT_EQ(filtered_tags(expected_sw_enforced), filtered_tags(att_sw_enforced));
att_hw_enforced.Sort();
expected_hw_enforced.Sort();
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
index 82f192a..d592d36 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
@@ -76,6 +76,8 @@
uint32_t os_version() { return os_version_; }
uint32_t os_patch_level() { return os_patch_level_; }
uint32_t vendor_patch_level() { return vendor_patch_level_; }
+ uint32_t boot_patch_level(const vector<KeyCharacteristics>& key_characteristics);
+ uint32_t boot_patch_level();
ErrorCode GetReturnErrorCode(const Status& result);
@@ -253,7 +255,7 @@
/* ECDSA */
KeyData ecdsaKeyData;
AuthorizationSetBuilder ecdsaBuilder = AuthorizationSetBuilder()
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Authorization(tagToTest)
.Digest(Digest::SHA_2_256)
.Authorization(TAG_NO_AUTH_REQUIRED)
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 295be1a..d41d270 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -18,6 +18,8 @@
#include <cutils/log.h>
#include <signal.h>
+
+#include <algorithm>
#include <iostream>
#include <openssl/ec.h>
@@ -1362,11 +1364,11 @@
* have correct characteristics.
*/
TEST_P(NewKeyGenerationTest, Ecdsa) {
- for (auto key_size : ValidKeySizes(Algorithm::EC)) {
+ for (auto curve : ValidCurves()) {
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(key_size)
+ .EcdsaSigningKey(curve)
.Digest(Digest::NONE)
.SetDefaultValidity(),
&key_blob, &key_characteristics));
@@ -1377,8 +1379,7 @@
AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
- EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
- << "Key size " << key_size << "missing";
+ EXPECT_TRUE(crypto_params.Contains(TAG_EC_CURVE, curve)) << "Curve " << curve << "missing";
CheckedDeleteKey(&key_blob);
}
@@ -1400,13 +1401,13 @@
uint64_t serial_int = 0xFFFFFFFFFFFFFFFF;
vector<uint8_t> serial_blob(build_serial_blob(serial_int));
- for (auto key_size : ValidKeySizes(Algorithm::EC)) {
+ for (auto curve : ValidCurves()) {
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
ASSERT_EQ(ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(key_size)
+ .EcdsaSigningKey(curve)
.Digest(Digest::NONE)
.AttestationChallenge(challenge)
.AttestationApplicationId(app_id)
@@ -1421,8 +1422,7 @@
AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
- EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
- << "Key size " << key_size << "missing";
+ EXPECT_TRUE(crypto_params.Contains(TAG_EC_CURVE, curve)) << "Curve " << curve << "missing";
EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_));
ASSERT_GT(cert_chain_.size(), 0);
@@ -1439,6 +1439,170 @@
}
/*
+ * NewKeyGenerationTest.EcdsaAttestationTags
+ *
+ * Verifies that creation of an attested ECDSA key includes various tags in the
+ * attestation extension.
+ */
+TEST_P(NewKeyGenerationTest, EcdsaAttestationTags) {
+ auto challenge = "hello";
+ auto app_id = "foo";
+ auto subject = "cert subj 2";
+ vector<uint8_t> subject_der(make_name_from_str(subject));
+ uint64_t serial_int = 0x1010;
+ vector<uint8_t> serial_blob(build_serial_blob(serial_int));
+ const AuthorizationSetBuilder base_builder =
+ AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(EcCurve::P_256)
+ .Digest(Digest::NONE)
+ .AttestationChallenge(challenge)
+ .AttestationApplicationId(app_id)
+ .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
+ .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
+ .SetDefaultValidity();
+
+ // Various tags that map to fields in the attestation extension ASN.1 schema.
+ auto extra_tags = AuthorizationSetBuilder()
+ .Authorization(TAG_ROLLBACK_RESISTANCE)
+ .Authorization(TAG_EARLY_BOOT_ONLY)
+ .Authorization(TAG_ACTIVE_DATETIME, 1619621648000)
+ .Authorization(TAG_ORIGINATION_EXPIRE_DATETIME, 1619621648000)
+ .Authorization(TAG_USAGE_EXPIRE_DATETIME, 1619621999000)
+ .Authorization(TAG_USAGE_COUNT_LIMIT, 42)
+ .Authorization(TAG_AUTH_TIMEOUT, 100000)
+ .Authorization(TAG_ALLOW_WHILE_ON_BODY)
+ .Authorization(TAG_TRUSTED_USER_PRESENCE_REQUIRED)
+ .Authorization(TAG_TRUSTED_CONFIRMATION_REQUIRED)
+ .Authorization(TAG_UNLOCKED_DEVICE_REQUIRED)
+ .Authorization(TAG_CREATION_DATETIME, 1619621648000);
+ for (const KeyParameter& tag : extra_tags) {
+ SCOPED_TRACE(testing::Message() << "tag-" << tag);
+ vector<uint8_t> key_blob;
+ vector<KeyCharacteristics> key_characteristics;
+ AuthorizationSetBuilder builder = base_builder;
+ builder.push_back(tag);
+ auto result = GenerateKey(builder, &key_blob, &key_characteristics);
+ if (result == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE &&
+ tag.tag == TAG_ROLLBACK_RESISTANCE) {
+ continue;
+ }
+ if (result == ErrorCode::UNSUPPORTED_TAG &&
+ (tag.tag == TAG_ALLOW_WHILE_ON_BODY || tag.tag == TAG_TRUSTED_USER_PRESENCE_REQUIRED)) {
+ // Optional tag not supported by this KeyMint implementation.
+ continue;
+ }
+ ASSERT_EQ(result, ErrorCode::OK);
+ ASSERT_GT(key_blob.size(), 0U);
+
+ EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_));
+ ASSERT_GT(cert_chain_.size(), 0);
+ verify_subject_and_serial(cert_chain_[0], serial_int, subject, /* self_signed = */ false);
+
+ AuthorizationSet hw_enforced = HwEnforcedAuthorizations(key_characteristics);
+ AuthorizationSet sw_enforced = SwEnforcedAuthorizations(key_characteristics);
+ if (tag.tag != TAG_ATTESTATION_APPLICATION_ID) {
+ // Expect to find most of the extra tags in the key characteristics
+ // of the generated key (but not for ATTESTATION_APPLICATION_ID).
+ EXPECT_TRUE(hw_enforced.Contains(tag.tag) || sw_enforced.Contains(tag.tag))
+ << tag << " not in hw:" << hw_enforced << " nor sw:" << sw_enforced;
+ }
+
+ // Verifying the attestation record will check for the specific tag because
+ // it's included in the authorizations.
+ EXPECT_TRUE(verify_attestation_record(challenge, app_id, sw_enforced, hw_enforced,
+ SecLevel(), cert_chain_[0].encodedCertificate));
+
+ CheckedDeleteKey(&key_blob);
+ }
+
+ // Device attestation IDs should be rejected for normal attestation requests; these fields
+ // are only used for device unique attestation.
+ auto invalid_tags = AuthorizationSetBuilder()
+ .Authorization(TAG_ATTESTATION_ID_BRAND, "brand")
+ .Authorization(TAG_ATTESTATION_ID_DEVICE, "device")
+ .Authorization(TAG_ATTESTATION_ID_PRODUCT, "product")
+ .Authorization(TAG_ATTESTATION_ID_SERIAL, "serial")
+ .Authorization(TAG_ATTESTATION_ID_IMEI, "imei")
+ .Authorization(TAG_ATTESTATION_ID_MEID, "meid")
+ .Authorization(TAG_ATTESTATION_ID_MANUFACTURER, "manufacturer")
+ .Authorization(TAG_ATTESTATION_ID_MODEL, "model");
+ for (const KeyParameter& tag : invalid_tags) {
+ SCOPED_TRACE(testing::Message() << "tag-" << tag);
+ vector<uint8_t> key_blob;
+ vector<KeyCharacteristics> key_characteristics;
+ AuthorizationSetBuilder builder =
+ AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(EcCurve::P_256)
+ .Digest(Digest::NONE)
+ .AttestationChallenge(challenge)
+ .AttestationApplicationId(app_id)
+ .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
+ .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
+ .SetDefaultValidity();
+ builder.push_back(tag);
+ ASSERT_EQ(ErrorCode::CANNOT_ATTEST_IDS,
+ GenerateKey(builder, &key_blob, &key_characteristics));
+ }
+}
+
+/*
+ * NewKeyGenerationTest.EcdsaAttestationTagNoApplicationId
+ *
+ * Verifies that creation of an attested ECDSA key does not include APPLICATION_ID.
+ */
+TEST_P(NewKeyGenerationTest, EcdsaAttestationTagNoApplicationId) {
+ auto challenge = "hello";
+ auto attest_app_id = "foo";
+ auto subject = "cert subj 2";
+ vector<uint8_t> subject_der(make_name_from_str(subject));
+ uint64_t serial_int = 0x1010;
+ vector<uint8_t> serial_blob(build_serial_blob(serial_int));
+
+ // Earlier versions of the attestation extension schema included a slot:
+ // applicationId [601] EXPLICIT OCTET_STRING OPTIONAL,
+ // This should never have been included, and should never be filled in.
+ // Generate an attested key that include APPLICATION_ID and APPLICATION_DATA,
+ // to confirm that this field never makes it into the attestation extension.
+ vector<uint8_t> key_blob;
+ vector<KeyCharacteristics> key_characteristics;
+ auto result = GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(EcCurve::P_256)
+ .Digest(Digest::NONE)
+ .AttestationChallenge(challenge)
+ .AttestationApplicationId(attest_app_id)
+ .Authorization(TAG_APPLICATION_ID, "client_id")
+ .Authorization(TAG_APPLICATION_DATA, "appdata")
+ .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
+ .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
+ .SetDefaultValidity(),
+ &key_blob, &key_characteristics);
+ ASSERT_EQ(result, ErrorCode::OK);
+ ASSERT_GT(key_blob.size(), 0U);
+
+ EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_));
+ ASSERT_GT(cert_chain_.size(), 0);
+ verify_subject_and_serial(cert_chain_[0], serial_int, subject, /* self_signed = */ false);
+
+ AuthorizationSet hw_enforced = HwEnforcedAuthorizations(key_characteristics);
+ AuthorizationSet sw_enforced = SwEnforcedAuthorizations(key_characteristics);
+ EXPECT_TRUE(verify_attestation_record(challenge, attest_app_id, sw_enforced, hw_enforced,
+ SecLevel(), cert_chain_[0].encodedCertificate));
+
+ // Check that the app id is not in the cert.
+ string app_id = "clientid";
+ std::vector<uint8_t> needle(reinterpret_cast<const uint8_t*>(app_id.data()),
+ reinterpret_cast<const uint8_t*>(app_id.data()) + app_id.size());
+ ASSERT_EQ(std::search(cert_chain_[0].encodedCertificate.begin(),
+ cert_chain_[0].encodedCertificate.end(), needle.begin(), needle.end()),
+ cert_chain_[0].encodedCertificate.end());
+
+ CheckedDeleteKey(&key_blob);
+}
+
+/*
* NewKeyGenerationTest.EcdsaSelfSignAttestation
*
* Verifies that if no challenge is provided to an Ecdsa key generation, then
@@ -1451,12 +1615,12 @@
uint64_t serial_int = 0x123456FFF1234;
vector<uint8_t> serial_blob(build_serial_blob(serial_int));
- for (auto key_size : ValidKeySizes(Algorithm::EC)) {
+ for (auto curve : ValidCurves()) {
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
ASSERT_EQ(ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(key_size)
+ .EcdsaSigningKey(curve)
.Digest(Digest::NONE)
.Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
.Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
@@ -1469,8 +1633,7 @@
AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
- EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
- << "Key size " << key_size << "missing";
+ EXPECT_TRUE(crypto_params.Contains(TAG_EC_CURVE, curve)) << "Curve " << curve << "missing";
EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_));
verify_subject_and_serial(cert_chain_[0], serial_int, subject, false);
@@ -1512,11 +1675,11 @@
TEST_P(NewKeyGenerationTest, EcdsaIgnoreAppId) {
auto app_id = "foo";
- for (auto key_size : ValidKeySizes(Algorithm::EC)) {
+ for (auto curve : ValidCurves()) {
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(key_size)
+ .EcdsaSigningKey(curve)
.Digest(Digest::NONE)
.AttestationApplicationId(app_id)
.SetDefaultValidity(),
@@ -1529,8 +1692,7 @@
AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
- EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
- << "Key size " << key_size << "missing";
+ EXPECT_TRUE(crypto_params.Contains(TAG_EC_CURVE, curve)) << "Curve " << curve << "missing";
EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_));
ASSERT_EQ(cert_chain_.size(), 1);
@@ -1552,7 +1714,6 @@
*/
TEST_P(NewKeyGenerationTest, AttestationApplicationIDLengthProperlyEncoded) {
auto challenge = "hello";
- auto key_size = 256;
std::vector<uint32_t> app_id_lengths{143, 258};
for (uint32_t length : app_id_lengths) {
@@ -1561,7 +1722,7 @@
vector<KeyCharacteristics> key_characteristics;
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(key_size)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::NONE)
.AttestationChallenge(challenge)
.AttestationApplicationId(app_id)
@@ -1574,8 +1735,7 @@
AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
- EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
- << "Key size " << key_size << "missing";
+ EXPECT_TRUE(crypto_params.Contains(TAG_EC_CURVE, EcCurve::P_256)) << "Curve P256 missing";
EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_));
ASSERT_GT(cert_chain_.size(), 0);
@@ -1597,11 +1757,11 @@
* resulting keys have correct characteristics.
*/
TEST_P(NewKeyGenerationTest, LimitedUsageEcdsa) {
- for (auto key_size : ValidKeySizes(Algorithm::EC)) {
+ for (auto curve : ValidCurves()) {
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(key_size)
+ .EcdsaSigningKey(curve)
.Digest(Digest::NONE)
.Authorization(TAG_USAGE_COUNT_LIMIT, 1)
.SetDefaultValidity(),
@@ -1614,8 +1774,7 @@
AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
- EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size))
- << "Key size " << key_size << "missing";
+ EXPECT_TRUE(crypto_params.Contains(TAG_EC_CURVE, curve)) << "Curve " << curve << "missing";
// Check the usage count limit tag appears in the authorizations.
AuthorizationSet auths;
@@ -1632,7 +1791,7 @@
/*
* NewKeyGenerationTest.EcdsaDefaultSize
*
- * Verifies that failing to specify a key size for EC key generation returns
+ * Verifies that failing to specify a curve for EC key generation returns
* UNSUPPORTED_KEY_SIZE.
*/
TEST_P(NewKeyGenerationTest, EcdsaDefaultSize) {
@@ -1651,20 +1810,23 @@
* UNSUPPORTED_KEY_SIZE.
*/
TEST_P(NewKeyGenerationTest, EcdsaInvalidSize) {
- for (auto key_size : InvalidKeySizes(Algorithm::EC)) {
+ for (auto curve : InvalidCurves()) {
vector<uint8_t> key_blob;
vector<KeyCharacteristics> key_characteristics;
ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE, GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(key_size)
+ .EcdsaSigningKey(curve)
.Digest(Digest::NONE)
.SetDefaultValidity(),
&key_blob, &key_characteristics));
}
- ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE, GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(190)
- .Digest(Digest::NONE)
- .SetDefaultValidity()));
+ ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
+ GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_ALGORITHM, Algorithm::EC)
+ .Authorization(TAG_KEY_SIZE, 190)
+ .SigningKey()
+ .Digest(Digest::NONE)
+ .SetDefaultValidity()));
}
/*
@@ -1676,29 +1838,13 @@
TEST_P(NewKeyGenerationTest, EcdsaMismatchKeySize) {
if (SecLevel() == SecurityLevel::STRONGBOX) return;
- ASSERT_EQ(ErrorCode::INVALID_ARGUMENT,
- GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(224)
- .Authorization(TAG_EC_CURVE, EcCurve::P_256)
- .Digest(Digest::NONE)
- .SetDefaultValidity()));
-}
-
-/*
- * NewKeyGenerationTest.EcdsaAllValidSizes
- *
- * Verifies that keymint supports all required EC key sizes.
- */
-TEST_P(NewKeyGenerationTest, EcdsaAllValidSizes) {
- auto valid_sizes = ValidKeySizes(Algorithm::EC);
- for (size_t size : valid_sizes) {
- EXPECT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(size)
- .Digest(Digest::NONE)
- .SetDefaultValidity()))
- << "Failed to generate size: " << size;
- CheckedDeleteKey();
- }
+ auto result = GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_KEY_SIZE, 224)
+ .Authorization(TAG_EC_CURVE, EcCurve::P_256)
+ .Digest(Digest::NONE)
+ .SetDefaultValidity());
+ ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT ||
+ result == ErrorCode::UNSUPPORTED_ALGORITHM);
}
/*
@@ -2471,31 +2617,6 @@
}
/*
- * SigningOperationsTest.EcdsaAllSizesAndHashes
- *
- * Verifies that ECDSA operations succeed with all possible key sizes and hashes.
- */
-TEST_P(SigningOperationsTest, EcdsaAllSizesAndHashes) {
- for (auto key_size : ValidKeySizes(Algorithm::EC)) {
- for (auto digest : ValidDigests(false /* withNone */, false /* withMD5 */)) {
- ErrorCode error = GenerateKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(key_size)
- .Digest(digest)
- .SetDefaultValidity());
- EXPECT_EQ(ErrorCode::OK, error) << "Failed to generate ECDSA key with size " << key_size
- << " and digest " << digest;
- if (error != ErrorCode::OK) continue;
-
- string message(1024, 'a');
- if (digest == Digest::NONE) message.resize(key_size / 8);
- SignMessage(message, AuthorizationSetBuilder().Digest(digest));
- CheckedDeleteKey();
- }
- }
-}
-
-/*
* SigningOperationsTest.EcdsaAllDigestsAndCurves
*
* Verifies ECDSA signature/verification for all digests and curves.
@@ -2560,7 +2681,7 @@
TEST_P(SigningOperationsTest, EcdsaNoDigestHugeData) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::NONE)
.SetDefaultValidity()));
string message(1 * 1024, 'a');
@@ -2575,7 +2696,7 @@
TEST_P(SigningOperationsTest, EcUseRequiresCorrectAppIdAppData) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::NONE)
.Authorization(TAG_APPLICATION_ID, "clientid")
.Authorization(TAG_APPLICATION_DATA, "appdata")
@@ -2612,7 +2733,7 @@
TEST_P(SigningOperationsTest, EcdsaIncompatibleDigest) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::NONE)
.Digest(Digest::SHA1)
.SetDefaultValidity()));
@@ -3000,13 +3121,12 @@
TEST_P(ImportKeyTest, EcdsaSuccess) {
ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::SHA_2_256)
.SetDefaultValidity(),
KeyFormat::PKCS8, ec_256_key));
CheckCryptoParam(TAG_ALGORITHM, Algorithm::EC);
- CheckCryptoParam(TAG_KEY_SIZE, 256U);
CheckCryptoParam(TAG_DIGEST, Digest::SHA_2_256);
CheckCryptoParam(TAG_EC_CURVE, EcCurve::P_256);
@@ -3027,13 +3147,12 @@
TEST_P(ImportKeyTest, EcdsaP256RFC5915Success) {
ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::SHA_2_256)
.SetDefaultValidity(),
KeyFormat::PKCS8, ec_256_key_rfc5915));
CheckCryptoParam(TAG_ALGORITHM, Algorithm::EC);
- CheckCryptoParam(TAG_KEY_SIZE, 256U);
CheckCryptoParam(TAG_DIGEST, Digest::SHA_2_256);
CheckCryptoParam(TAG_EC_CURVE, EcCurve::P_256);
@@ -3053,13 +3172,12 @@
TEST_P(ImportKeyTest, EcdsaP256SEC1Success) {
ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::SHA_2_256)
.SetDefaultValidity(),
KeyFormat::PKCS8, ec_256_key_sec1));
CheckCryptoParam(TAG_ALGORITHM, Algorithm::EC);
- CheckCryptoParam(TAG_KEY_SIZE, 256U);
CheckCryptoParam(TAG_DIGEST, Digest::SHA_2_256);
CheckCryptoParam(TAG_EC_CURVE, EcCurve::P_256);
@@ -3080,13 +3198,12 @@
if (SecLevel() == SecurityLevel::STRONGBOX) return;
ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(521)
+ .EcdsaSigningKey(EcCurve::P_521)
.Digest(Digest::SHA_2_256)
.SetDefaultValidity(),
KeyFormat::PKCS8, ec_521_key));
CheckCryptoParam(TAG_ALGORITHM, Algorithm::EC);
- CheckCryptoParam(TAG_KEY_SIZE, 521U);
CheckCryptoParam(TAG_DIGEST, Digest::SHA_2_256);
CheckCryptoParam(TAG_EC_CURVE, EcCurve::P_521);
CheckOrigin();
@@ -3098,21 +3215,6 @@
}
/*
- * ImportKeyTest.EcdsaSizeMismatch
- *
- * Verifies that importing an ECDSA key pair with a size that doesn't match the key fails in the
- * correct way.
- */
-TEST_P(ImportKeyTest, EcdsaSizeMismatch) {
- ASSERT_EQ(ErrorCode::IMPORT_PARAMETER_MISMATCH,
- ImportKey(AuthorizationSetBuilder()
- .EcdsaSigningKey(224 /* Doesn't match key */)
- .Digest(Digest::NONE)
- .SetDefaultValidity(),
- KeyFormat::PKCS8, ec_256_key));
-}
-
-/*
* ImportKeyTest.EcdsaCurveMismatch
*
* Verifies that importing an ECDSA key pair with a curve that doesn't match the key fails in
@@ -3975,7 +4077,7 @@
TEST_P(EncryptionOperationsTest, EcdsaEncrypt) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::NONE)
.SetDefaultValidity()));
auto params = AuthorizationSetBuilder().Digest(Digest::NONE);
@@ -6418,7 +6520,7 @@
ASSERT_EQ(ErrorCode::EARLY_BOOT_ENDED, ImportKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.Authorization(TAG_EARLY_BOOT_ONLY)
- .EcdsaSigningKey(256)
+ .EcdsaSigningKey(EcCurve::P_256)
.Digest(Digest::SHA_2_256)
.SetDefaultValidity(),
KeyFormat::PKCS8, ec_256_key));
diff --git a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
index a177317..78f8f08 100644
--- a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -335,8 +335,7 @@
ASSERT_TRUE(deviceInfoMap->asMap());
auto& signingKey = bccContents->back().pubKey;
- auto macKey = verifyAndParseCoseSign1(/* ignore_signature = */ false, signedMac->asArray(),
- signingKey,
+ auto macKey = verifyAndParseCoseSign1(signedMac->asArray(), signingKey,
cppbor::Array() // SignedMacAad
.add(challenge_)
.add(std::move(deviceInfoMap))
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index da10eb2..33f1ed3 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -78,7 +78,7 @@
return EekChain{eekChain.encode(), pub_key, priv_key};
}
-ErrMsgOr<bytevec> verifyAndParseCoseSign1Cwt(bool ignoreSignature, const cppbor::Array* coseSign1,
+ErrMsgOr<bytevec> verifyAndParseCoseSign1Cwt(const cppbor::Array* coseSign1,
const bytevec& signingCoseKey, const bytevec& aad) {
if (!coseSign1 || coseSign1->size() != kCoseSign1EntryCount) {
return "Invalid COSE_Sign1";
@@ -115,27 +115,22 @@
auto serializedKey = parsedPayload->asMap()->get(-4670552)->clone();
if (!serializedKey || !serializedKey->asBstr()) return "Could not find key entry";
- if (!ignoreSignature) {
- bool selfSigned = signingCoseKey.empty();
- auto key = CoseKey::parseEd25519(selfSigned ? serializedKey->asBstr()->value()
- : signingCoseKey);
- if (!key) return "Bad signing key: " + key.moveMessage();
+ bool selfSigned = signingCoseKey.empty();
+ auto key =
+ CoseKey::parseEd25519(selfSigned ? serializedKey->asBstr()->value() : signingCoseKey);
+ if (!key) return "Bad signing key: " + key.moveMessage();
- bytevec signatureInput = cppbor::Array()
- .add("Signature1")
- .add(*protectedParams)
- .add(aad)
- .add(*payload)
- .encode();
+ bytevec signatureInput =
+ cppbor::Array().add("Signature1").add(*protectedParams).add(aad).add(*payload).encode();
- if (!ED25519_verify(signatureInput.data(), signatureInput.size(), signature->value().data(),
- key->getBstrValue(CoseKey::PUBKEY_X)->data())) {
- return "Signature verification failed";
- }
+ if (!ED25519_verify(signatureInput.data(), signatureInput.size(), signature->value().data(),
+ key->getBstrValue(CoseKey::PUBKEY_X)->data())) {
+ return "Signature verification failed";
}
return serializedKey->asBstr()->value();
}
+
ErrMsgOr<std::vector<BccEntryData>> validateBcc(const cppbor::Array* bcc) {
if (!bcc || bcc->size() == 0) return "Invalid BCC";
@@ -148,8 +143,7 @@
if (!entry || entry->size() != kCoseSign1EntryCount) {
return "Invalid BCC entry " + std::to_string(i) + ": " + prettyPrint(entry);
}
- auto payload = verifyAndParseCoseSign1Cwt(false /* ignoreSignature */, entry,
- std::move(prevKey), bytevec{} /* AAD */);
+ auto payload = verifyAndParseCoseSign1Cwt(entry, std::move(prevKey), bytevec{} /* AAD */);
if (!payload) {
return "Failed to verify entry " + std::to_string(i) + ": " + payload.moveMessage();
}
diff --git a/security/secureclock/aidl/Android.bp b/security/secureclock/aidl/Android.bp
index b70dda9..5235dd5 100644
--- a/security/secureclock/aidl/Android.bp
+++ b/security/secureclock/aidl/Android.bp
@@ -26,6 +26,10 @@
},
rust: {
enabled: true,
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.compos",
+ ],
},
},
versions: ["1"],
diff --git a/sensors/1.0/vts/functional/VtsHalSensorsV1_0TargetTest.cpp b/sensors/1.0/vts/functional/VtsHalSensorsV1_0TargetTest.cpp
index 1f579ba..d46cf5a 100644
--- a/sensors/1.0/vts/functional/VtsHalSensorsV1_0TargetTest.cpp
+++ b/sensors/1.0/vts/functional/VtsHalSensorsV1_0TargetTest.cpp
@@ -24,7 +24,9 @@
#include <log/log.h>
#include <utils/SystemClock.h>
+#include <algorithm>
#include <cinttypes>
+#include <unordered_map>
#include <vector>
using ::android::hardware::Return;
@@ -149,6 +151,7 @@
TEST_P(SensorsHidlTest, SensorListValid) {
S()->getSensorsList([&](const auto& list) {
const size_t count = list.size();
+ std::unordered_map<int32_t, std::vector<std::string>> sensorTypeNameMap;
for (size_t i = 0; i < count; ++i) {
const auto& s = list[i];
SCOPED_TRACE(::testing::Message()
@@ -167,6 +170,14 @@
EXPECT_FALSE(s.name.empty());
EXPECT_FALSE(s.vendor.empty());
+ // Make sure that sensors of the same type have a unique name.
+ std::vector<std::string>& v = sensorTypeNameMap[static_cast<int32_t>(s.type)];
+ bool isUniqueName = std::find(v.begin(), v.end(), s.name) == v.end();
+ EXPECT_TRUE(isUniqueName) << "Duplicate sensor Name: " << s.name;
+ if (isUniqueName) {
+ v.push_back(s.name);
+ }
+
// Test power > 0, maxRange > 0
EXPECT_LE(0, s.power);
EXPECT_LT(0, s.maxRange);
diff --git a/sensors/2.0/multihal/android.hardware.sensors@2.0-service-multihal.rc b/sensors/2.0/multihal/android.hardware.sensors@2.0-service-multihal.rc
index 0b3d4c2..8867a1a 100644
--- a/sensors/2.0/multihal/android.hardware.sensors@2.0-service-multihal.rc
+++ b/sensors/2.0/multihal/android.hardware.sensors@2.0-service-multihal.rc
@@ -2,6 +2,6 @@
class hal
user system
group system wakelock context_hub
- writepid /dev/cpuset/system-background/tasks
+ task_profiles ServiceCapacityLow
capabilities BLOCK_SUSPEND
rlimit rtprio 10 10
diff --git a/sensors/2.1/multihal/android.hardware.sensors@2.1-service-multihal.rc b/sensors/2.1/multihal/android.hardware.sensors@2.1-service-multihal.rc
index fc99ee7..f47e060 100644
--- a/sensors/2.1/multihal/android.hardware.sensors@2.1-service-multihal.rc
+++ b/sensors/2.1/multihal/android.hardware.sensors@2.1-service-multihal.rc
@@ -2,6 +2,6 @@
class hal
user system
group system wakelock context_hub
- writepid /dev/cpuset/system-background/tasks
+ task_profiles ServiceCapacityLow
capabilities BLOCK_SUSPEND
rlimit rtprio 10 10
diff --git a/sensors/common/vts/2_X/VtsHalSensorsV2_XTargetTest.h b/sensors/common/vts/2_X/VtsHalSensorsV2_XTargetTest.h
index 47a8cc0..ea5dc70 100644
--- a/sensors/common/vts/2_X/VtsHalSensorsV2_XTargetTest.h
+++ b/sensors/common/vts/2_X/VtsHalSensorsV2_XTargetTest.h
@@ -26,10 +26,12 @@
#include <log/log.h>
#include <utils/SystemClock.h>
+#include <algorithm>
#include <cinttypes>
#include <condition_variable>
#include <cstring>
#include <map>
+#include <unordered_map>
#include <vector>
/**
@@ -373,6 +375,7 @@
TEST_P(SensorsHidlTest, SensorListValid) {
getSensors()->getSensorsList([&](const auto& list) {
const size_t count = list.size();
+ std::unordered_map<int32_t, std::vector<std::string>> sensorTypeNameMap;
for (size_t i = 0; i < count; ++i) {
const auto& s = list[i];
SCOPED_TRACE(::testing::Message()
@@ -393,6 +396,14 @@
EXPECT_FALSE(s.name.empty());
EXPECT_FALSE(s.vendor.empty());
+ // Make sure that sensors of the same type have a unique name.
+ std::vector<std::string>& v = sensorTypeNameMap[static_cast<int32_t>(s.type)];
+ bool isUniqueName = std::find(v.begin(), v.end(), s.name) == v.end();
+ EXPECT_TRUE(isUniqueName) << "Duplicate sensor Name: " << s.name;
+ if (isUniqueName) {
+ v.push_back(s.name);
+ }
+
// Test power > 0, maxRange > 0
EXPECT_LE(0, s.power);
EXPECT_LT(0, s.maxRange);
diff --git a/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service-lazy.rc b/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service-lazy.rc
index ad72fae..ed62cee 100644
--- a/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service-lazy.rc
+++ b/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service-lazy.rc
@@ -6,4 +6,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
\ No newline at end of file
+ task_profiles ProcessCapacityHigh
diff --git a/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service.rc b/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service.rc
index 6d59ed7..5d5b943 100644
--- a/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service.rc
+++ b/tv/tuner/1.0/default/android.hardware.tv.tuner@1.0-service.rc
@@ -3,4 +3,4 @@
user media
group mediadrm drmrpc
ioprio rt 4
- writepid /dev/cpuset/foreground/tasks
\ No newline at end of file
+ task_profiles ProcessCapacityHigh
diff --git a/vibrator/aidl/default/Vibrator.cpp b/vibrator/aidl/default/Vibrator.cpp
index c6682b3..5755ce5 100644
--- a/vibrator/aidl/default/Vibrator.cpp
+++ b/vibrator/aidl/default/Vibrator.cpp
@@ -138,6 +138,11 @@
ndk::ScopedAStatus Vibrator::getPrimitiveDuration(CompositePrimitive primitive,
int32_t* durationMs) {
+ std::vector<CompositePrimitive> supported;
+ getSupportedPrimitives(&supported);
+ if (std::find(supported.begin(), supported.end(), primitive) == supported.end()) {
+ return ndk::ScopedAStatus::fromExceptionCode(EX_UNSUPPORTED_OPERATION);
+ }
if (primitive != CompositePrimitive::NOOP) {
*durationMs = 100;
} else {
diff --git a/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp b/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
index 4d49a12..c56bd9a 100644
--- a/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
+++ b/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
@@ -309,8 +309,8 @@
for (EffectStrength strength : kEffectStrengths) {
int32_t lengthMs;
Status status = vibrator->perform(effect, strength, nullptr /*callback*/, &lengthMs);
- EXPECT_EQ(status.exceptionCode(), Status::EX_UNSUPPORTED_OPERATION)
- << toString(effect) << " " << toString(strength);
+ EXPECT_TRUE(isUnknownOrUnsupported(status))
+ << status << toString(effect) << " " << toString(strength);
}
}
for (Effect effect : kEffects) {
@@ -686,7 +686,7 @@
ASSERT_NE(durationMs, 0);
EXPECT_EQ(status.exceptionCode(), Status::EX_NONE);
} else {
- EXPECT_EQ(status.exceptionCode(), Status::EX_UNSUPPORTED_OPERATION);
+ EXPECT_TRUE(isUnknownOrUnsupported(status)) << status;
}
}
diff --git a/wifi/1.5/default/wifi_chip.cpp b/wifi/1.5/default/wifi_chip.cpp
index 961f9da..6fa9601 100644
--- a/wifi/1.5/default/wifi_chip.cpp
+++ b/wifi/1.5/default/wifi_chip.cpp
@@ -1059,7 +1059,8 @@
// Requires to remove one of the instance in bridge mode
for (auto const& it : br_ifaces_ap_instances_) {
if (it.first == ifname) {
- for (auto const& iface : it.second) {
+ std::vector<std::string> ap_instances = it.second;
+ for (auto const& iface : ap_instances) {
if (iface == ifInstanceName) {
if (!iface_util_->removeIfaceFromBridge(it.first, iface)) {
LOG(ERROR)
@@ -1075,13 +1076,20 @@
<< " " << legacyErrorToString(legacy_status);
return createWifiStatusFromLegacyError(legacy_status);
}
+ ap_instances.erase(
+ std::remove(ap_instances.begin(), ap_instances.end(),
+ ifInstanceName),
+ ap_instances.end());
+ br_ifaces_ap_instances_[ifname] = ap_instances;
+ break;
}
}
break;
}
}
- br_ifaces_ap_instances_.erase(ifInstanceName);
iface->removeInstance(ifInstanceName);
+ setActiveWlanIfaceNameProperty(getFirstActiveWlanIfaceName());
+
return createWifiStatus(WifiStatusCode::SUCCESS);
}