Merge "Effect AIDL: skip volume checking" into main
diff --git a/audio/aidl/aidl_api/android.hardware.audio.effect/current/android/hardware/audio/effect/Spatializer.aidl b/audio/aidl/aidl_api/android.hardware.audio.effect/current/android/hardware/audio/effect/Spatializer.aidl
index 9f97de0..98ecee0 100644
--- a/audio/aidl/aidl_api/android.hardware.audio.effect/current/android/hardware/audio/effect/Spatializer.aidl
+++ b/audio/aidl/aidl_api/android.hardware.audio.effect/current/android/hardware/audio/effect/Spatializer.aidl
@@ -35,12 +35,13 @@
@VintfStability
union Spatializer {
android.hardware.audio.effect.VendorExtension vendor;
- android.media.audio.common.Spatialization.Level spatializationLevel;
- android.media.audio.common.HeadTracking.Mode headTrackingMode;
android.media.audio.common.AudioChannelLayout[] supportedChannelLayout;
+ android.media.audio.common.Spatialization.Level spatializationLevel;
android.media.audio.common.Spatialization.Mode spatializationMode;
- float[6] headToStage;
- const int HEAD_TO_STAGE_VEC_SIZE = 6;
+ int headTrackingSensorId;
+ android.media.audio.common.HeadTracking.Mode headTrackingMode;
+ android.media.audio.common.HeadTracking.ConnectionMode headTrackingConnectionMode;
+ android.media.audio.common.HeadTracking.SensorData headTrackingSensorData;
@VintfStability
union Id {
android.hardware.audio.effect.VendorExtension vendorExtensionTag;
diff --git a/audio/aidl/android/hardware/audio/effect/Spatializer.aidl b/audio/aidl/android/hardware/audio/effect/Spatializer.aidl
index 4edb2e8..6ebe0d5 100644
--- a/audio/aidl/android/hardware/audio/effect/Spatializer.aidl
+++ b/audio/aidl/android/hardware/audio/effect/Spatializer.aidl
@@ -52,29 +52,37 @@
VendorExtension vendor;
/**
- * Level of spatialization.
- */
- Spatialization.Level spatializationLevel;
-
- /**
- * Head tracking mode for spatialization.
- */
- HeadTracking.Mode headTrackingMode;
-
- /**
* List of supported input channel layouts.
*/
AudioChannelLayout[] supportedChannelLayout;
/**
+ * Level of spatialization.
+ */
+ Spatialization.Level spatializationLevel;
+
+ /**
* Spatialization mode, Binaural or Transaural for example.
*/
Spatialization.Mode spatializationMode;
/**
- * Vector representing of the head-to-stage pose with six floats: first three are a translation
- * vector, and the last three are a rotation vector.
+ * Head tracking sensor ID.
*/
- const int HEAD_TO_STAGE_VEC_SIZE = 6;
- float[HEAD_TO_STAGE_VEC_SIZE] headToStage;
+ int headTrackingSensorId;
+
+ /**
+ * Head tracking mode for spatialization.
+ */
+ HeadTracking.Mode headTrackingMode;
+
+ /**
+ * Head tracking sensor connection mode for spatialization.
+ */
+ HeadTracking.ConnectionMode headTrackingConnectionMode;
+
+ /**
+ * Headtracking sensor data.
+ */
+ HeadTracking.SensorData headTrackingSensorData;
}
diff --git a/automotive/vehicle/2.0/default/common/include/vhal_v2_0/RecurrentTimer.h b/automotive/vehicle/2.0/default/common/include/vhal_v2_0/RecurrentTimer.h
index 0ed8742..0f5987e 100644
--- a/automotive/vehicle/2.0/default/common/include/vhal_v2_0/RecurrentTimer.h
+++ b/automotive/vehicle/2.0/default/common/include/vhal_v2_0/RecurrentTimer.h
@@ -122,21 +122,29 @@
}
std::unique_lock<std::mutex> g(mLock);
+ // mStopRequested might be set to true after we enter the loop. Must check inside
+ // the lock to make sure the value will not change before we start the wait.
+ if (mStopRequested) {
+ return;
+ }
mCond.wait_until(g, nextEventTime); // nextEventTime can be nanoseconds::max()
}
}
void stop() {
- mStopRequested = true;
{
std::lock_guard<std::mutex> g(mLock);
mCookieToEventsMap.clear();
+ // Even though this is atomic, this must be set inside the lock to make sure we will
+ // not change this after we check mStopRequested, but before we start the wait.
+ mStopRequested = true;
}
mCond.notify_one();
if (mTimerThread.joinable()) {
mTimerThread.join();
}
}
+
private:
mutable std::mutex mLock;
std::thread mTimerThread;
diff --git a/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.cpp b/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.cpp
index 8a085e5..4d0995d 100644
--- a/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.cpp
+++ b/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.cpp
@@ -76,30 +76,20 @@
using ::android::hardware::automotive::vehicle::V2_0::vms::VmsLayerOffering;
using ::android::hardware::automotive::vehicle::V2_0::vms::VmsOffers;
-constexpr const char kCarMake[] = "Default Car";
-constexpr VehicleProperty kVehicleProp[] = {VehicleProperty::INVALID,
- VehicleProperty::HVAC_FAN_SPEED,
- VehicleProperty::INFO_MAKE,
- VehicleProperty::DISPLAY_BRIGHTNESS,
- VehicleProperty::INFO_FUEL_CAPACITY,
- VehicleProperty::HVAC_SEAT_TEMPERATURE};
-constexpr DiagnosticIntegerSensorIndex kDiagnosticIntIndex[] = {
- DiagnosticIntegerSensorIndex::FUEL_SYSTEM_STATUS,
- DiagnosticIntegerSensorIndex::MALFUNCTION_INDICATOR_LIGHT_ON,
- DiagnosticIntegerSensorIndex::NUM_OXYGEN_SENSORS_PRESENT,
- DiagnosticIntegerSensorIndex::FUEL_TYPE};
-constexpr DiagnosticFloatSensorIndex kDiagnosticFloatIndex[] = {
- DiagnosticFloatSensorIndex::CALCULATED_ENGINE_LOAD,
- DiagnosticFloatSensorIndex::SHORT_TERM_FUEL_TRIM_BANK1,
- DiagnosticFloatSensorIndex::LONG_TERM_FUEL_TRIM_BANK1,
- DiagnosticFloatSensorIndex::THROTTLE_POSITION};
-constexpr size_t kVehiclePropArrayLength = std::size(kVehicleProp);
-constexpr size_t kIntSensorArrayLength = std::size(kDiagnosticIntIndex);
-constexpr size_t kFloatSensorArrayLength = std::size(kDiagnosticFloatIndex);
-constexpr VmsMessageType kAvailabilityMessageType[] = {VmsMessageType::AVAILABILITY_CHANGE,
- VmsMessageType::AVAILABILITY_RESPONSE};
-constexpr VmsMessageType kSubscriptionMessageType[] = {VmsMessageType::SUBSCRIPTIONS_CHANGE,
- VmsMessageType::SUBSCRIPTIONS_RESPONSE};
+std::string kCarMake;
+constexpr int32_t kMaxCaseMessage = 8;
+constexpr int32_t kMaxRuns = 20;
+constexpr int32_t kMaxSize = 1000;
+constexpr int32_t kMinSize = 0;
+constexpr int32_t kMaxFileSize = 100;
+float kFloatValue;
+std::vector<int32_t> kVec32;
+std::vector<int64_t> kVec64;
+std::vector<uint8_t> kVec8;
+std::vector<float> kVecFloat;
+static const std::vector<std::string> kSampleDtcs = {"P0070",
+ "P0102"
+ "P0123"};
MockedVehicleHal::VehiclePropValuePtr MockedVehicleHal::get(
const VehiclePropValue& requestedPropValue, StatusCode* outStatus) {
@@ -113,23 +103,23 @@
switch (property) {
case VehicleProperty::INFO_MAKE:
- pValue = getValuePool()->obtainString(kCarMake);
+ pValue = getValuePool()->obtainString(kCarMake.c_str());
break;
case VehicleProperty::INFO_FUEL_CAPACITY:
if (mFuelCapacityAttemptsLeft-- > 0) {
*outStatus = StatusCode::TRY_AGAIN;
} else {
- pValue = getValuePool()->obtainFloat(42.42);
+ pValue = getValuePool()->obtainFloat(kFloatValue);
}
break;
default:
if (requestedPropValue.prop == kCustomComplexProperty) {
pValue = getValuePool()->obtainComplex();
- pValue->value.int32Values = hidl_vec<int32_t>{10, 20};
- pValue->value.int64Values = hidl_vec<int64_t>{30, 40};
- pValue->value.floatValues = hidl_vec<float_t>{1.1, 2.2};
- pValue->value.bytes = hidl_vec<uint8_t>{1, 2, 3};
- pValue->value.stringValue = kCarMake;
+ pValue->value.int32Values = hidl_vec<int32_t>{kVec32};
+ pValue->value.int64Values = hidl_vec<int64_t>{kVec64};
+ pValue->value.floatValues = hidl_vec<float_t>{kVecFloat};
+ pValue->value.bytes = hidl_vec<uint8_t>{kVec8};
+ pValue->value.stringValue = kCarMake.c_str();
break;
}
auto key = makeKey(toInt(property), areaId);
@@ -145,28 +135,72 @@
return pValue;
}
+void VehicleHalManagerFuzzer::initValue() {
+ kCarMake = mFuzzedDataProvider->ConsumeRandomLengthString(kMaxFileSize);
+ kFloatValue = mFuzzedDataProvider->ConsumeFloatingPoint<float>();
+ fillParameter<int32_t>(mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize),
+ kVec32);
+ fillParameter<int64_t>(mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize),
+ kVec64);
+ fillParameter<uint8_t>(mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize),
+ kVec8);
+ size_t size = mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize);
+ for (size_t i = 0; i < size; ++i) {
+ kVecFloat.push_back(mFuzzedDataProvider->ConsumeFloatingPoint<float>());
+ }
+}
+
void VehicleHalManagerFuzzer::process(const uint8_t* data, size_t size) {
mFuzzedDataProvider = new FuzzedDataProvider(data, size);
- invokeDebug();
- invokePropConfigs();
- invokeSubscribe();
- invokeSetAndGetValues();
- invokeObd2SensorStore();
- invokeVmsUtils();
- invokeVehiclePropStore();
- invokeWatchDogClient();
+ initValue();
+ /* Limited while loop runs to prevent timeouts caused
+ * by repeated calls to high-execution-time APIs.
+ */
+ size_t maxRuns = mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxRuns);
+ size_t itr = 0;
+ while (mFuzzedDataProvider->remaining_bytes() && ++itr <= maxRuns) {
+ auto invokeVehicleHalManagerFuzzer =
+ mFuzzedDataProvider->PickValueInArray<const std::function<void()>>({
+ [&]() { invokeDebug(); },
+ [&]() { invokePropConfigs(); },
+ [&]() { invokeSubscribe(); },
+ [&]() { invokeSetAndGetValues(); },
+ [&]() { invokeObd2SensorStore(); },
+ [&]() { invokeVmsUtils(); },
+ [&]() { invokeVehiclePropStore(); },
+ [&]() { invokeWatchDogClient(); },
+ });
+ invokeVehicleHalManagerFuzzer();
+ }
}
void VehicleHalManagerFuzzer::invokeDebug() {
- hidl_string debugOption = mFuzzedDataProvider->PickValueInArray(
- {"--help", "--list", "--get", "--set", "", "invalid"});
hidl_handle fd = {};
native_handle_t* rawHandle = native_handle_create(/*numFds=*/1, /*numInts=*/0);
fd.setTo(native_handle_clone(rawHandle), /*shouldOwn=*/true);
+ int32_t size = mFuzzedDataProvider->ConsumeIntegralInRange<int32_t>(kMinSize, kMaxFileSize);
+ hidl_vec<hidl_string> options(size);
- mManager->debug(fd, {});
- mManager->debug(fd, {debugOption});
+ for (int32_t idx = 0; idx < size; ++idx) {
+ if (idx == 0 && mFuzzedDataProvider->ConsumeBool()) {
+ options[idx] = mFuzzedDataProvider->PickValueInArray(
+ {"--help", "--list", "--get", "--set", "", "invalid"});
+ } else if (idx == 2 && mFuzzedDataProvider->ConsumeBool()) {
+ options[idx] =
+ mFuzzedDataProvider->PickValueInArray({"-i", "-i64", "-f", "-s", "-b", "-a"});
+ } else if (mFuzzedDataProvider->ConsumeBool()) {
+ options[idx] = mFuzzedDataProvider->ConsumeRandomLengthString(kMaxSize);
+ } else {
+ options[idx] = std::to_string(mFuzzedDataProvider->ConsumeIntegral<int32_t>());
+ }
+ }
+
+ if (mFuzzedDataProvider->ConsumeBool()) {
+ mManager->debug(fd, {});
+ } else {
+ mManager->debug(fd, options);
+ }
native_handle_delete(rawHandle);
}
@@ -175,178 +209,245 @@
int32_t vehicleProp2 = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
hidl_vec<int32_t> properties = {vehicleProp1, vehicleProp2};
+ auto invokePropConfigsAPI = mFuzzedDataProvider->PickValueInArray<const std::function<void()>>({
+ [&]() {
+ mManager->getPropConfigs(
+ properties, []([[maybe_unused]] StatusCode status,
+ [[maybe_unused]] const hidl_vec<VehiclePropConfig>& c) {});
+ },
+ [&]() {
+ mManager->getPropConfigs(
+ {mFuzzedDataProvider->ConsumeIntegral<int32_t>()},
+ []([[maybe_unused]] StatusCode status,
+ [[maybe_unused]] const hidl_vec<VehiclePropConfig>& c) {});
+ },
+ [&]() {
+ mManager->getAllPropConfigs(
+ []([[maybe_unused]] const hidl_vec<VehiclePropConfig>& propConfigs) {});
+ },
- mManager->getPropConfigs(properties,
- []([[maybe_unused]] StatusCode status,
- [[maybe_unused]] const hidl_vec<VehiclePropConfig>& c) {});
-
- mManager->getPropConfigs({toInt(kVehicleProp[abs(vehicleProp1) % kVehiclePropArrayLength])},
- []([[maybe_unused]] StatusCode status,
- [[maybe_unused]] const hidl_vec<VehiclePropConfig>& c) {});
-
- mManager->getAllPropConfigs(
- []([[maybe_unused]] const hidl_vec<VehiclePropConfig>& propConfigs) {});
+ });
+ invokePropConfigsAPI();
}
void VehicleHalManagerFuzzer::invokeSubscribe() {
- int32_t vehicleProp1 = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
int32_t vehicleProp2 = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
int32_t vehicleProp3 = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
- const auto prop1 = toInt(kVehicleProp[abs(vehicleProp1) % kVehiclePropArrayLength]);
sp<MockedVehicleCallback> cb = new MockedVehicleCallback();
+ VehiclePropertyType type =
+ static_cast<VehiclePropertyType>(mFuzzedDataProvider->ConsumeIntegral<int32_t>());
- hidl_vec<SubscribeOptions> options = {
- SubscribeOptions{.propId = prop1, .flags = SubscribeFlags::EVENTS_FROM_CAR}};
+ auto invokeSubscribeAPI = mFuzzedDataProvider->PickValueInArray<const std::function<void()>>({
+ [&]() {
+ size_t size =
+ mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize);
+ hidl_vec<SubscribeOptions> options(size);
+ for (size_t idx = 0; idx < size; ++idx) {
+ options[idx] = {SubscribeOptions{
+ .propId = mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ .flags = static_cast<SubscribeFlags>(
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>())}};
+ }
+ mManager->subscribe(cb, options);
+ },
+ [&]() {
+ auto unsubscribedValue = mObjectPool->obtain(type);
+ if (!unsubscribedValue) {
+ return;
+ }
+ unsubscribedValue->prop = vehicleProp2;
+ unsubscribedValue->value.int32Values[0] = INT32_MAX;
+ mHal->sendPropEvent(std::move(unsubscribedValue));
+ cb->waitForExpectedEvents(mFuzzedDataProvider->ConsumeIntegral<size_t>());
+ },
+ [&]() {
+ const auto prop1 = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+ mManager->unsubscribe(cb, prop1);
+ },
+ [&]() {
+ mHal->sendHalError(StatusCode::TRY_AGAIN, vehicleProp3,
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>() /*areaId=*/);
+ },
- mManager->subscribe(cb, options);
-
- auto unsubscribedValue = mObjectPool->obtain(VehiclePropertyType::INT32);
- unsubscribedValue->prop = toInt(kVehicleProp[abs(vehicleProp2) % kVehiclePropArrayLength]);
-
- mHal->sendPropEvent(std::move(unsubscribedValue));
- cb->getReceivedEvents();
- cb->waitForExpectedEvents(0);
-
- auto subscribedValue = mObjectPool->obtain(VehiclePropertyType::INT32);
- subscribedValue->prop = toInt(kVehicleProp[abs(vehicleProp2) % kVehiclePropArrayLength]);
- subscribedValue->value.int32Values[0] = INT32_MAX;
-
- cb->reset();
- VehiclePropValue actualValue(*subscribedValue.get());
- mHal->sendPropEvent(std::move(subscribedValue));
- cb->waitForExpectedEvents(1);
- mManager->unsubscribe(cb, prop1);
-
- sp<MockedVehicleCallback> cb2 = new MockedVehicleCallback();
-
- hidl_vec<SubscribeOptions> options2 = {
- SubscribeOptions{
- .propId = toInt(kVehicleProp[abs(vehicleProp3) % kVehiclePropArrayLength]),
- .flags = SubscribeFlags::EVENTS_FROM_CAR},
- };
-
- mManager->subscribe(cb2, options2);
-
- mHal->sendHalError(StatusCode::TRY_AGAIN,
- toInt(kVehicleProp[abs(vehicleProp3) % kVehiclePropArrayLength]),
- /*areaId=*/0);
+ });
+ invokeSubscribeAPI();
}
void VehicleHalManagerFuzzer::invokeSetAndGetValues() {
- uint32_t vehicleProp1 =
- mFuzzedDataProvider->ConsumeIntegralInRange<uint32_t>(0, kVehiclePropArrayLength - 1);
- uint32_t vehicleProp2 =
- mFuzzedDataProvider->ConsumeIntegralInRange<uint32_t>(0, kVehiclePropArrayLength - 1);
- uint32_t vehicleProp3 =
- mFuzzedDataProvider->ConsumeIntegralInRange<uint32_t>(0, kVehiclePropArrayLength - 1);
-
- invokeGet(kCustomComplexProperty, 0);
- invokeGet(toInt(kVehicleProp[vehicleProp2]), 0);
- invokeGet(toInt(kVehicleProp[vehicleProp1]), 0);
-
- auto expectedValue = mObjectPool->obtainInt32(mFuzzedDataProvider->ConsumeIntegral<int32_t>());
- mObjectPool->obtainInt64(mFuzzedDataProvider->ConsumeIntegral<int64_t>());
- mObjectPool->obtainFloat(mFuzzedDataProvider->ConsumeFloatingPoint<float>());
- mObjectPool->obtainBoolean(mFuzzedDataProvider->ConsumeBool());
- expectedValue->prop = toInt(kVehicleProp[vehicleProp2]);
- expectedValue->areaId = 0;
-
- mManager->set(*expectedValue.get());
- invokeGet(toInt(kVehicleProp[vehicleProp2]), 0);
- expectedValue->prop = toInt(kVehicleProp[vehicleProp3]);
- mManager->set(*expectedValue.get());
- expectedValue->prop = toInt(VehicleProperty::INVALID);
- mManager->set(*expectedValue.get());
+ auto invokeSetAndGetAPI = mFuzzedDataProvider->PickValueInArray<const std::function<void()>>({
+ [&]() {
+ invokeGet(mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>());
+ },
+ [&]() { mObjectPool->obtainInt64(mFuzzedDataProvider->ConsumeIntegral<int64_t>()); },
+ [&]() { mObjectPool->obtainFloat(mFuzzedDataProvider->ConsumeFloatingPoint<float>()); },
+ [&]() { mObjectPool->obtainBoolean(mFuzzedDataProvider->ConsumeBool()); },
+ [&]() {
+ int32_t vehicleProp2 = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+ auto expectedValue =
+ mObjectPool->obtainInt32(mFuzzedDataProvider->ConsumeIntegral<int32_t>());
+ expectedValue->prop = vehicleProp2;
+ expectedValue->areaId = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+ mManager->set(*expectedValue.get());
+ },
+ });
+ invokeSetAndGetAPI();
}
void VehicleHalManagerFuzzer::invokeObd2SensorStore() {
- uint32_t diagnosticIntIndex =
- mFuzzedDataProvider->ConsumeIntegralInRange<uint32_t>(0, kIntSensorArrayLength - 1);
- int32_t diagnosticIntValue = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
- uint32_t diagnosticFloatIndex =
- mFuzzedDataProvider->ConsumeIntegralInRange<uint32_t>(0, kFloatSensorArrayLength - 1);
- float diagnosticFloatValue = mFuzzedDataProvider->ConsumeFloatingPoint<float>();
+ size_t diagnosticInt = mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize);
+ size_t diagnosticFloat =
+ mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize);
std::unique_ptr<Obd2SensorStore> sensorStore(
- new Obd2SensorStore(kIntSensorArrayLength, kFloatSensorArrayLength));
- if (sensorStore) {
- sensorStore->setIntegerSensor(kDiagnosticIntIndex[diagnosticIntIndex], diagnosticIntValue);
- sensorStore->setFloatSensor(kDiagnosticFloatIndex[diagnosticFloatIndex],
- diagnosticFloatValue);
- sensorStore->getIntegerSensors();
- sensorStore->getFloatSensors();
- sensorStore->getSensorsBitmask();
- static std::vector<std::string> sampleDtcs = {"P0070",
- "P0102"
- "P0123"};
- for (auto&& dtc : sampleDtcs) {
- auto freezeFrame = createVehiclePropValue(VehiclePropertyType::MIXED, 0);
- sensorStore->fillPropValue(dtc, freezeFrame.get());
- freezeFrame->prop = static_cast<int>(VehicleProperty::OBD2_FREEZE_FRAME);
- }
+ new Obd2SensorStore(diagnosticInt, diagnosticFloat));
+
+ if (!sensorStore.get()) {
+ return;
}
+
+ auto invokeObd2SensorStoreAPI =
+ mFuzzedDataProvider->PickValueInArray<const std::function<void()>>({
+ [&]() {
+ int32_t diagnosticIntValue =
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+ int32_t diagnosticIntIndex =
+ mFuzzedDataProvider->ConsumeIntegralInRange<int32_t>(
+ kMinSize,
+ toInt(DiagnosticIntegerSensorIndex::LAST_SYSTEM_INDEX) +
+ diagnosticInt);
+ sensorStore->setIntegerSensor(
+ static_cast<DiagnosticIntegerSensorIndex>(diagnosticIntIndex),
+ diagnosticIntValue);
+ },
+ [&]() {
+ float diagnosticFloatValue =
+ mFuzzedDataProvider->ConsumeFloatingPoint<float>();
+ int32_t diagnosticFloatIndex =
+ mFuzzedDataProvider->ConsumeIntegralInRange<int32_t>(
+ kMinSize,
+ toInt(DiagnosticFloatSensorIndex::LAST_SYSTEM_INDEX) +
+ diagnosticFloat);
+ sensorStore->setFloatSensor(
+ static_cast<DiagnosticFloatSensorIndex>(diagnosticFloatIndex),
+ diagnosticFloatValue);
+ },
+ [&]() { sensorStore->getIntegerSensors(); },
+ [&]() { sensorStore->getFloatSensors(); },
+ [&]() { sensorStore->getSensorsBitmask(); },
+ [&]() {
+ for (auto&& dtc : kSampleDtcs) {
+ VehiclePropertyType type = static_cast<VehiclePropertyType>(
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>());
+ auto freezeFrame = createVehiclePropValue(
+ type, mFuzzedDataProvider->ConsumeIntegralInRange<int32_t>(
+ kMinSize, kMaxSize));
+ if (!freezeFrame.get()) {
+ return;
+ }
+ freezeFrame->prop = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+ sensorStore->fillPropValue(dtc, freezeFrame.get());
+ }
+ },
+ });
+ invokeObd2SensorStoreAPI();
}
void VehicleHalManagerFuzzer::invokeVmsUtils() {
- bool availabilityMsgType = mFuzzedDataProvider->ConsumeBool();
- bool subscriptionMsgType = mFuzzedDataProvider->ConsumeBool();
+ std::unique_ptr<VehiclePropValue> message;
int32_t intValue = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+ VmsLayer layer(mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>());
+ VmsOffers offers = {
+ intValue,
+ {VmsLayerOffering(VmsLayer(mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>()))}};
+ const VmsLayerAndPublisher layer_and_publisher(
+ VmsLayer(mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>()),
+ intValue);
- VmsLayer layer(1, 0, 2);
- auto message = createSubscribeMessage(layer);
+ switch (mFuzzedDataProvider->ConsumeIntegralInRange<int32_t>(kMinSize, kMaxCaseMessage)) {
+ case 0: {
+ message = createSubscribeMessage(layer);
+ break;
+ }
+ case 1: {
+ message = createUnsubscribeMessage(layer);
+ break;
+ }
+ case 2: {
+ message = createSubscriptionsRequest();
+ break;
+ }
+ case 3: {
+ message = createOfferingMessage(offers);
+ break;
+ }
+ case 4: {
+ message = createAvailabilityRequest();
+ break;
+ }
+ case 5: {
+ std::string pub_bytes;
+ if (mFuzzedDataProvider->ConsumeBool()) {
+ pub_bytes = "pub_id";
+ } else {
+ pub_bytes = mFuzzedDataProvider->ConsumeRandomLengthString(kMaxFileSize);
+ }
+ message = createPublisherIdRequest(pub_bytes);
+ break;
+ }
+ case 6: {
+ std::string bytes = "placeholder";
+ if (mFuzzedDataProvider->ConsumeBool()) {
+ bytes = "placeholder";
+ } else {
+ bytes = mFuzzedDataProvider->ConsumeRandomLengthString(kMaxFileSize);
+ }
+ message = createDataMessageWithLayerPublisherInfo(layer_and_publisher, bytes);
+ break;
+ }
+ case 7: {
+ message = createBaseVmsMessage(
+ mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize));
+ break;
+ }
+ case 8: {
+ message = createStartSessionMessage(intValue, intValue + 1);
+ break;
+ }
+ }
+
isValidVmsMessage(*message);
- message = createUnsubscribeMessage(layer);
-
- VmsOffers offers = {intValue, {VmsLayerOffering(VmsLayer(1, 0, 2))}};
- message = createOfferingMessage(offers);
- std::vector<VmsLayer> dependencies = {VmsLayer(2, 0, 2), VmsLayer(3, 0, 3)};
- std::vector<VmsLayerOffering> offering = {VmsLayerOffering(layer, dependencies)};
- offers = {intValue, offering};
- message = createOfferingMessage(offers);
-
- message = createAvailabilityRequest();
- message = createSubscriptionsRequest();
-
- std::string bytes = "placeholder";
- const VmsLayerAndPublisher layer_and_publisher(VmsLayer(2, 0, 1), intValue);
- message = createDataMessageWithLayerPublisherInfo(layer_and_publisher, bytes);
- parseData(*message);
- createSubscribeToPublisherMessage(layer_and_publisher);
- createUnsubscribeToPublisherMessage(layer_and_publisher);
-
- std::string pub_bytes = "pub_id";
- message = createPublisherIdRequest(pub_bytes);
- message = createBaseVmsMessage(2);
message->value.int32Values =
- hidl_vec<int32_t>{toInt(VmsMessageType::PUBLISHER_ID_RESPONSE), intValue};
- parsePublisherIdResponse(*message);
+ hidl_vec<int32_t>{mFuzzedDataProvider->ConsumeIntegral<int32_t>(), intValue};
- message->value.int32Values =
- hidl_vec<int32_t>{toInt(kSubscriptionMessageType[subscriptionMsgType]), intValue};
- getSequenceNumberForSubscriptionsState(*message);
-
- message->value.int32Values = hidl_vec<int32_t>{toInt(kSubscriptionMessageType[0]), intValue};
- isSequenceNumberNewer(*message, intValue + 1);
- invokeGetSubscribedLayers(kSubscriptionMessageType[subscriptionMsgType]);
-
- message->value.int32Values =
- hidl_vec<int32_t>{toInt(kAvailabilityMessageType[availabilityMsgType]), 0};
- hasServiceNewlyStarted(*message);
- message = createStartSessionMessage(intValue, intValue + 1);
- parseMessageType(*message);
-
- message->value.int32Values =
- hidl_vec<int32_t>{toInt(kAvailabilityMessageType[availabilityMsgType]), intValue};
- isAvailabilitySequenceNumberNewer(*message, intValue + 1);
-
- message->value.int32Values =
- hidl_vec<int32_t>{toInt(kAvailabilityMessageType[availabilityMsgType]), intValue};
- getSequenceNumberForAvailabilityState(*message);
- message = createBaseVmsMessage(3);
- int new_service_id;
- message->value.int32Values = hidl_vec<int32_t>{toInt(VmsMessageType::START_SESSION), 0, -1};
- parseStartSessionMessage(*message, -1, 0, &new_service_id);
+ auto invokeVmsUtilsAPI = mFuzzedDataProvider->PickValueInArray<const std::function<void()>>({
+ [&]() { parseData(*message); },
+ [&]() { createSubscribeToPublisherMessage(layer_and_publisher); },
+ [&]() { createUnsubscribeToPublisherMessage(layer_and_publisher); },
+ [&]() { parsePublisherIdResponse(*message); },
+ [&]() { getSequenceNumberForSubscriptionsState(*message); },
+ [&]() { isSequenceNumberNewer(*message, intValue + 1); },
+ [&]() {
+ invokeGetSubscribedLayers(
+ (VmsMessageType)mFuzzedDataProvider->ConsumeIntegral<int32_t>());
+ },
+ [&]() { hasServiceNewlyStarted(*message); },
+ [&]() { parseMessageType(*message); },
+ [&]() { isAvailabilitySequenceNumberNewer(*message, intValue + 1); },
+ [&]() { getSequenceNumberForAvailabilityState(*message); },
+ [&]() {
+ int32_t new_service_id;
+ parseStartSessionMessage(*message, -1, 0, &new_service_id);
+ },
+ });
+ invokeVmsUtilsAPI();
}
void VehicleHalManagerFuzzer::invokeGet(int32_t property, int32_t areaId) {
@@ -367,27 +468,31 @@
mActualStatusCode = refStatus;
}
-void VehicleHalManagerFuzzer::invokeGetSubscribedLayers(VmsMessageType type) {
- VmsOffers offers = {123,
- {VmsLayerOffering(VmsLayer(1, 0, 1), {VmsLayer(4, 1, 1)}),
- VmsLayerOffering(VmsLayer(2, 0, 1))}};
- auto message = createBaseVmsMessage(16);
- message->value.int32Values = hidl_vec<int32_t>{toInt(type),
- 1234, // sequence number
- 2, // number of layers
- 1, // number of associated layers
- 1, // layer 1
- 0, 1,
- 4, // layer 2
- 1, 1,
- 2, // associated layer
- 0, 1,
- 2, // number of publisher IDs
- 111, // publisher IDs
- 123};
- isValidVmsMessage(*message);
- getSubscribedLayers(*message, offers);
- getAvailableLayers(*message);
+void VehicleHalManagerFuzzer::invokeGetSubscribedLayers(VmsMessageType /*type*/) {
+ int32_t intValue = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+ VmsOffers offers = {
+ intValue,
+ {VmsLayerOffering(VmsLayer(mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>()))}};
+ auto message = createBaseVmsMessage(
+ mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxFileSize));
+ std::vector<int32_t> v;
+ size_t size = mFuzzedDataProvider->ConsumeIntegralInRange<size_t>(kMinSize, kMaxSize);
+ for (size_t i = 0; i < size; i++) {
+ v.push_back(mFuzzedDataProvider->ConsumeIntegralInRange<int32_t>(kMinSize, kMaxSize));
+ }
+
+ message->value.int32Values = hidl_vec<int32_t>(v);
+ if (!isValidVmsMessage(*message)) {
+ return;
+ }
+
+ if (mFuzzedDataProvider->ConsumeBool()) {
+ getSubscribedLayers(*message, offers);
+ } else {
+ getAvailableLayers(*message);
+ }
}
void VehicleHalManagerFuzzer::invokeVehiclePropStore() {
@@ -398,33 +503,49 @@
.prop = vehicleProp,
.access = VehiclePropertyAccess::READ,
.changeMode = VehiclePropertyChangeMode::STATIC,
- .areaConfigs = {VehicleAreaConfig{.areaId = (0)}},
+ .areaConfigs = {VehicleAreaConfig{
+ .areaId = (mFuzzedDataProvider->ConsumeIntegral<int32_t>())}},
};
- store->registerProperty(config);
VehiclePropValue propValue{};
propValue.prop = vehicleProp;
- propValue.areaId = 0;
- store->writeValue(propValue, shouldWriteStatus);
- store->readAllValues();
- store->getAllConfigs();
- store->getConfigOrNull(vehicleProp);
- store->readValuesForProperty(vehicleProp);
- store->readValueOrNull(propValue);
- store->readValueOrNull(propValue.prop, propValue.areaId, 0);
- store->removeValuesForProperty(vehicleProp);
- store->removeValue(propValue);
- store->getConfigOrDie(vehicleProp);
+ propValue.areaId = mFuzzedDataProvider->ConsumeIntegral<int32_t>();
+
+ auto invokeVehiclePropStoreAPI =
+ mFuzzedDataProvider->PickValueInArray<const std::function<void()>>({
+ [&]() { store->registerProperty(config); },
+ [&]() { store->writeValue(propValue, shouldWriteStatus); },
+ [&]() { store->readAllValues(); },
+ [&]() { store->getAllConfigs(); },
+ [&]() { store->getConfigOrNull(vehicleProp); },
+ [&]() { store->readValuesForProperty(vehicleProp); },
+ [&]() { store->readValueOrNull(propValue); },
+ [&]() {
+ store->readValueOrNull(propValue.prop, propValue.areaId,
+ mFuzzedDataProvider->ConsumeIntegralInRange<int64_t>(
+ kMinSize, kMaxFileSize));
+ },
+ [&]() { store->removeValuesForProperty(vehicleProp); },
+ [&]() { store->removeValue(propValue); },
+ [&]() {
+ if (store->getConfigOrNull(vehicleProp)) {
+ store->getConfigOrDie(vehicleProp);
+ }
+ },
+ });
+ invokeVehiclePropStoreAPI();
}
void VehicleHalManagerFuzzer::invokeWatchDogClient() {
- auto service = new VehicleHalManager(mHal.get());
sp<Looper> looper(Looper::prepare(/*opts=*/mFuzzedDataProvider->ConsumeBool()));
- if (auto watchdogClient = ndk::SharedRefBase::make<WatchdogClient>(looper, service);
+ if (auto watchdogClient = ndk::SharedRefBase::make<WatchdogClient>(looper, mManager.get());
watchdogClient->initialize()) {
- watchdogClient->checkIfAlive(-1, TimeoutLength::TIMEOUT_NORMAL);
+ if (mFuzzedDataProvider->ConsumeBool()) {
+ watchdogClient->checkIfAlive(
+ mFuzzedDataProvider->ConsumeIntegral<int32_t>(),
+ (TimeoutLength)mFuzzedDataProvider->ConsumeIntegral<int32_t>());
+ }
watchdogClient->prepareProcessTermination();
}
- delete service;
}
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
diff --git a/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.h b/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.h
index e9335d3..26ac11e 100644
--- a/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.h
+++ b/automotive/vehicle/2.0/default/tests/fuzzer/VehicleManager_fuzzer.h
@@ -98,6 +98,13 @@
}
void process(const uint8_t* data, size_t size);
+ template <typename T>
+ void fillParameter(size_t size, std::vector<T>& data) {
+ for (size_t i = 0; i < size; ++i) {
+ data.push_back(mFuzzedDataProvider->ConsumeIntegral<T>());
+ }
+ }
+
private:
FuzzedDataProvider* mFuzzedDataProvider = nullptr;
VehiclePropValue mActualValue = VehiclePropValue{};
@@ -108,6 +115,7 @@
std::unique_ptr<VehicleHalManager> mManager;
void invokeDebug();
+ void initValue();
void invokePropConfigs();
void invokeSubscribe();
void invokeSetAndGetValues();
diff --git a/biometrics/common/aidl/aidl_api/android.hardware.biometrics.common/current/android/hardware/biometrics/common/FoldState.aidl b/biometrics/common/aidl/aidl_api/android.hardware.biometrics.common/current/android/hardware/biometrics/common/FoldState.aidl
new file mode 100644
index 0000000..06baf00
--- /dev/null
+++ b/biometrics/common/aidl/aidl_api/android.hardware.biometrics.common/current/android/hardware/biometrics/common/FoldState.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.biometrics.common;
+/* @hide */
+@Backing(type="int") @VintfStability
+enum FoldState {
+ UNKNOWN,
+ HALF_OPENED,
+ FULLY_OPENED,
+ FULLY_CLOSED,
+}
diff --git a/biometrics/common/aidl/aidl_api/android.hardware.biometrics.common/current/android/hardware/biometrics/common/OperationContext.aidl b/biometrics/common/aidl/aidl_api/android.hardware.biometrics.common/current/android/hardware/biometrics/common/OperationContext.aidl
index 378017e..42c305a 100644
--- a/biometrics/common/aidl/aidl_api/android.hardware.biometrics.common/current/android/hardware/biometrics/common/OperationContext.aidl
+++ b/biometrics/common/aidl/aidl_api/android.hardware.biometrics.common/current/android/hardware/biometrics/common/OperationContext.aidl
@@ -45,4 +45,5 @@
android.hardware.biometrics.common.WakeReason wakeReason = android.hardware.biometrics.common.WakeReason.UNKNOWN;
android.hardware.biometrics.common.DisplayState displayState = android.hardware.biometrics.common.DisplayState.UNKNOWN;
@nullable android.hardware.biometrics.common.AuthenticateReason authenticateReason;
+ android.hardware.biometrics.common.FoldState foldState = android.hardware.biometrics.common.FoldState.UNKNOWN;
}
diff --git a/biometrics/common/aidl/android/hardware/biometrics/common/FoldState.aidl b/biometrics/common/aidl/android/hardware/biometrics/common/FoldState.aidl
new file mode 100644
index 0000000..03e606a
--- /dev/null
+++ b/biometrics/common/aidl/android/hardware/biometrics/common/FoldState.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.biometrics.common;
+
+/**
+ * Fold/Unfold state during an operation.
+ *
+ * @hide
+ */
+@VintfStability
+@Backing(type="int")
+enum FoldState {
+ /** The fold state is unknown. */
+ UNKNOWN,
+
+ /** The fold state is half opened. */
+ HALF_OPENED,
+
+ /** The fold state is fully opened. */
+ FULLY_OPENED,
+
+ /** The fold state is fully closed. */
+ FULLY_CLOSED,
+}
diff --git a/biometrics/common/aidl/android/hardware/biometrics/common/OperationContext.aidl b/biometrics/common/aidl/android/hardware/biometrics/common/OperationContext.aidl
index f4191d7..584057d 100644
--- a/biometrics/common/aidl/android/hardware/biometrics/common/OperationContext.aidl
+++ b/biometrics/common/aidl/android/hardware/biometrics/common/OperationContext.aidl
@@ -18,6 +18,7 @@
import android.hardware.biometrics.common.AuthenticateReason;
import android.hardware.biometrics.common.DisplayState;
+import android.hardware.biometrics.common.FoldState;
import android.hardware.biometrics.common.OperationReason;
import android.hardware.biometrics.common.WakeReason;
@@ -71,4 +72,7 @@
* framework may choose to omit the reason at any time based on the device's policy.
*/
@nullable AuthenticateReason authenticateReason;
+
+ /** The current fold/unfold state. */
+ FoldState foldState = FoldState.UNKNOWN;
}
diff --git a/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp b/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp
index 0bcafa3..c283148 100644
--- a/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp
+++ b/bluetooth/audio/utils/aidl_session/BluetoothAudioSession.cpp
@@ -439,6 +439,9 @@
}
void BluetoothAudioSession::ReportLowLatencyModeAllowedChanged(bool allowed) {
+ if (session_type_ != SessionType::A2DP_HARDWARE_OFFLOAD_ENCODING_DATAPATH) {
+ return;
+ }
std::lock_guard<std::recursive_mutex> guard(mutex_);
low_latency_allowed_ = allowed;
// TODO(b/294498919): Remove this after there is API to update latency mode
@@ -588,15 +591,32 @@
<< " has NO session";
return std::vector<LatencyMode>();
}
- if (low_latency_allowed_) return latency_modes_;
- std::vector<LatencyMode> modes;
- for (LatencyMode mode : latency_modes_) {
- if (mode == LatencyMode::LOW_LATENCY)
- // ignore those low latency mode if Bluetooth stack doesn't allow
- continue;
- modes.push_back(mode);
+
+ std::vector<LatencyMode> supported_latency_modes;
+ if (session_type_ ==
+ SessionType::LE_AUDIO_HARDWARE_OFFLOAD_ENCODING_DATAPATH) {
+ for (LatencyMode mode : latency_modes_) {
+ if (mode == LatencyMode::LOW_LATENCY) {
+ // LOW_LATENCY is not supported for LE_HARDWARE_OFFLOAD_ENC sessions
+ continue;
+ }
+ supported_latency_modes.push_back(mode);
+ }
+ } else {
+ for (LatencyMode mode : latency_modes_) {
+ if (!low_latency_allowed_ && mode == LatencyMode::LOW_LATENCY) {
+ // ignore LOW_LATENCY mode if Bluetooth stack doesn't allow
+ continue;
+ }
+ if (mode == LatencyMode::DYNAMIC_SPATIAL_AUDIO_SOFTWARE ||
+ mode == LatencyMode::DYNAMIC_SPATIAL_AUDIO_HARDWARE) {
+ // DSA_SW and DSA_HW only supported for LE_HARDWARE_OFFLOAD_ENC sessions
+ continue;
+ }
+ supported_latency_modes.push_back(mode);
+ }
}
- return modes;
+ return supported_latency_modes;
}
void BluetoothAudioSession::SetLatencyMode(const LatencyMode& latency_mode) {
diff --git a/broadcastradio/aidl/default/BroadcastRadio.cpp b/broadcastradio/aidl/default/BroadcastRadio.cpp
index 54186b0..63073d7 100644
--- a/broadcastradio/aidl/default/BroadcastRadio.cpp
+++ b/broadcastradio/aidl/default/BroadcastRadio.cpp
@@ -329,7 +329,7 @@
std::optional<AmFmBandRange> range = getAmFmRangeLocked();
if (!range) {
LOG(ERROR) << __func__ << ": can't find current band or tune operation is in process";
- ScopedAStatus::fromServiceSpecificErrorWithMessage(
+ return ScopedAStatus::fromServiceSpecificErrorWithMessage(
resultToInt(Result::INTERNAL_ERROR),
"can't find current band or tune operation is in process");
}
diff --git a/compatibility_matrices/compatibility_matrix.9.xml b/compatibility_matrices/compatibility_matrix.9.xml
index 2fee340..2a8b772 100644
--- a/compatibility_matrices/compatibility_matrix.9.xml
+++ b/compatibility_matrices/compatibility_matrix.9.xml
@@ -85,6 +85,14 @@
</interface>
</hal>
<hal format="aidl" optional="true">
+ <name>android.hardware.macsec</name>
+ <version>1</version>
+ <interface>
+ <name>IMacsecPskPlugin</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
+ <hal format="aidl" optional="true">
<name>android.hardware.automotive.occupant_awareness</name>
<version>1</version>
<interface>
@@ -648,7 +656,7 @@
</hal>
<hal format="aidl" optional="true" updatable-via-apex="true">
<name>android.hardware.wifi</name>
- <version>1</version>
+ <version>1-2</version>
<interface>
<name>IWifi</name>
<instance>default</instance>
diff --git a/macsec/OWNERS b/macsec/OWNERS
new file mode 100644
index 0000000..6934f86
--- /dev/null
+++ b/macsec/OWNERS
@@ -0,0 +1 @@
+keithmok@google.com
diff --git a/macsec/aidl/Android.bp b/macsec/aidl/Android.bp
new file mode 100644
index 0000000..5e47999
--- /dev/null
+++ b/macsec/aidl/Android.bp
@@ -0,0 +1,40 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+aidl_interface {
+ name: "android.hardware.macsec",
+ vendor_available: true,
+ srcs: ["android/hardware/macsec/*.aidl"],
+ stability: "vintf",
+ host_supported: true,
+ backend: {
+ java: {
+ enabled: false,
+ },
+ rust: {
+ enabled: false,
+ },
+ },
+}
diff --git a/macsec/aidl/aidl_api/android.hardware.macsec/current/android/hardware/macsec/IMacsecPskPlugin.aidl b/macsec/aidl/aidl_api/android.hardware.macsec/current/android/hardware/macsec/IMacsecPskPlugin.aidl
new file mode 100644
index 0000000..6a93919
--- /dev/null
+++ b/macsec/aidl/aidl_api/android.hardware.macsec/current/android/hardware/macsec/IMacsecPskPlugin.aidl
@@ -0,0 +1,80 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.macsec;
+
+/**
+ * MACSEC (IEEE 802.1AE) pre-shared key plugin for wpa_supplicant
+ *
+ * The goal of this service is to provide function for using the MACSEC CAK
+ *
+ */
+@VintfStability
+interface IMacsecPskPlugin {
+ /**
+ * For xTS test only inject a key to verify implementation correctness, not called in production
+ *
+ * @param keyId is key id to add
+ * @param Connectivity Association Keys (CAK) to set
+ * @param Connectivity Association Key Name (CKN) to set
+ *
+ */
+ void addTestKey(in byte[] keyId, in byte[] CAK, in byte[] CKN);
+
+ /**
+ * Use ICV key do AES CMAC
+ * same as ieee802_1x_icv_aes_cmac in wpa_supplicant
+ *
+ * @param keyId is key id to be used for AES CMAC
+ * @param data, a data pointer to the buffer for calculate the ICV
+ *
+ * @return Integrity check value (ICV).
+ */
+ byte[] calcIcv(in byte[] keyId, in byte[] data);
+
+ /**
+ * KDF with CAK key to generate Secure Association Key (SAK)
+ * same as ieee802_1x_sak_aes_cmac in wpa_supplicant
+ *
+ * @param keyId is key id to be used for KDF
+ * @param data is key seed (random number)
+ * @param sakLength generated SAK length (16 or 32)
+ *
+ * @return Secure Association Key (SAK).
+ */
+ byte[] generateSak(in byte[] keyId, in byte[] data, in int sakLength);
+
+ /**
+ * Encrypt using KEK key, this is same as aes_wrap with kek.key in wpa_supplicant
+ * which used to wrap a SAK key
+ *
+ * @param keyId is key id to be used for encryption
+ * @param sak is the SAK key (16 or 32 bytes) to be wrapped.
+ *
+ * @return wrapped data using Key Encrypting Key (KEK).
+ */
+ byte[] wrapSak(in byte[] keyId, in byte[] sak);
+
+ /**
+ * Decrypt using KEK key, this is same as aes_unwrap with kek.key in wpa_supplicant
+ * which used to unwrap a SAK key
+ *
+ * @param keyId is key id to be used for decryption
+ * @param sak is wrapped SAK key.
+ *
+ * @return unwrapped data using KEK key.
+ */
+ byte[] unwrapSak(in byte[] keyId, in byte[] sak);
+}
diff --git a/macsec/aidl/android/hardware/macsec/IMacsecPskPlugin.aidl b/macsec/aidl/android/hardware/macsec/IMacsecPskPlugin.aidl
new file mode 100644
index 0000000..a98cfa6
--- /dev/null
+++ b/macsec/aidl/android/hardware/macsec/IMacsecPskPlugin.aidl
@@ -0,0 +1,91 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.macsec;
+
+/**
+ * MACSEC (IEEE 802.1AE) pre-shared key plugin for wpa_supplicant
+ *
+ * The goal of this service is to provide function for using the MACSEC CAK
+ *
+ */
+@VintfStability
+interface IMacsecPskPlugin {
+ /**
+ * For xTS test only inject a key to verify implementation correctness, not called in production
+ *
+ * @param keyId is key id to add
+ * @param Connectivity Association Keys (CAK) to set
+ * @param Connectivity Association Key Name (CKN) to set
+ * @throws EX_ILLEGAL_ARGUMENT If CAK size is not 16 or 32 or keyID size not equals to CAK size
+ */
+ void addTestKey(in byte[] keyId, in byte[] CAK, in byte[] CKN);
+
+ /**
+ * Use ICV key do AES CMAC
+ * same as ieee802_1x_icv_aes_cmac in wpa_supplicant
+ *
+ * @param keyId is key id to be used for AES CMAC
+ * @param data, a data pointer to the buffer for calculate the ICV
+ *
+ * @return Integrity check value (ICV).
+ * @throws EX_ILLEGAL_ARGUMENT If keyId does not exist
+ */
+ byte[] calcIcv(in byte[] keyId, in byte[] data);
+
+ /**
+ * KDF with CAK key to generate Secure Association Key (SAK)
+ * same as ieee802_1x_sak_aes_cmac in wpa_supplicant
+ *
+ * @param keyId is key id to be used for KDF
+ * @param data is key seed (random number)
+ * @param sakLength generated SAK length (16 or 32)
+ *
+ * @return Secure Association Key (SAK).
+ * @throws EX_ILLEGAL_ARGUMENT In the following cases:
+ * - If keyId does not exist
+ * - sakLength != 16 or 32
+ * - data length < sakLength
+ */
+ byte[] generateSak(in byte[] keyId, in byte[] data, in int sakLength);
+
+ /**
+ * Encrypt using KEK key, this is same as aes_wrap with kek.key in wpa_supplicant
+ * which used to wrap a SAK key
+ *
+ * @param keyId is key id to be used for encryption
+ * @param sak is the SAK key (16 or 32 bytes) to be wrapped.
+ *
+ * @return wrapped data using Key Encrypting Key (KEK).
+ * @throws EX_ILLEGAL_ARGUMENT In the following cases:
+ * - If keyId does not exist
+ * - sak size eqauls to 0 or not multiples of 8
+ */
+ byte[] wrapSak(in byte[] keyId, in byte[] sak);
+
+ /**
+ * Decrypt using KEK key, this is same as aes_unwrap with kek.key in wpa_supplicant
+ * which used to unwrap a SAK key
+ *
+ * @param keyId is key id to be used for decryption
+ * @param sak is wrapped SAK key.
+ *
+ * @return unwrapped data using KEK key.
+ * @throws EX_ILLEGAL_ARGUMENT In the following cases:
+ * - If keyId does not exist
+ * - sak size <= 8 or not multiples of 8
+ */
+ byte[] unwrapSak(in byte[] keyId, in byte[] sak);
+}
diff --git a/macsec/aidl/default/Android.bp b/macsec/aidl/default/Android.bp
new file mode 100644
index 0000000..7c7346f
--- /dev/null
+++ b/macsec/aidl/default/Android.bp
@@ -0,0 +1,64 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+cc_binary {
+ name: "android.hardware.macsec-service",
+ init_rc: ["android.hardware.macsec.rc"],
+ vendor: true,
+ relative_install_path: "hw",
+ srcs: [
+ "MacsecPskPlugin.cpp",
+ "service.cpp",
+ ],
+ shared_libs: [
+ "android.hardware.macsec-V1-ndk",
+ "libcrypto",
+ "libbase",
+ "libbinder_ndk",
+ ],
+ vintf_fragments: ["android.hardware.macsec.xml"],
+}
+
+cc_fuzz {
+ name: "android.hardware.macsec@V1-default-service.aidl_fuzzer",
+ vendor: true,
+ srcs: [
+ "MacsecPskPlugin.cpp",
+ "fuzzer/fuzzer.cpp",
+ ],
+ shared_libs: [
+ "android.hardware.macsec-V1-ndk",
+ "libcrypto",
+ "liblog",
+ ],
+ defaults: [
+ "service_fuzzer_defaults",
+ ],
+ fuzz_config: {
+ cc: [
+ "keithmok@google.com",
+ ],
+ },
+}
diff --git a/macsec/aidl/default/MacsecPskPlugin.cpp b/macsec/aidl/default/MacsecPskPlugin.cpp
new file mode 100644
index 0000000..82d2545
--- /dev/null
+++ b/macsec/aidl/default/MacsecPskPlugin.cpp
@@ -0,0 +1,308 @@
+/*
+ * Copyright 2023, The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "MacsecPskPlugin.h"
+#include <openssl/cipher.h>
+#include <openssl/mem.h>
+
+#include <android-base/format.h>
+#include <android-base/logging.h>
+
+namespace aidl::android::hardware::macsec {
+
+constexpr auto ok = &ndk::ScopedAStatus::ok;
+
+// vendor should hide the key in TEE/TA
+// CAK key can be either 16 / 32 bytes
+const std::vector<uint8_t> CAK_ID_1 = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
+const std::vector<uint8_t> CAK_KEY_1 = {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF};
+std::vector<uint8_t> CKN_1 = {0x31, 0x32, 0x33, 0x34}; // maximum 16 bytes
+
+const std::vector<uint8_t> CAK_ID_2 = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
+const std::vector<uint8_t> CAK_KEY_2 = {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF};
+std::vector<uint8_t> CKN_2 = {0x35, 0x36, 0x37, 0x38}; // maximum 16 bytes
+
+static ndk::ScopedAStatus resultToStatus(binder_exception_t res, const std::string& msg = "") {
+ if (msg.empty()) {
+ return ndk::ScopedAStatus::fromExceptionCode(res);
+ }
+ return ndk::ScopedAStatus::fromExceptionCodeWithMessage(res, msg.c_str());
+}
+
+static int omac1_aes(CMAC_CTX* ctx, const uint8_t* data, size_t data_len,
+ uint8_t* mac /* 16 bytes */) {
+ size_t outlen;
+
+ // Just reuse same key in ctx
+ if (!CMAC_Reset(ctx)) {
+ return -1;
+ }
+
+ if (!CMAC_Update(ctx, data, data_len)) {
+ return -1;
+ }
+
+ if (!CMAC_Final(ctx, mac, &outlen) || outlen != 16) {
+ return -1;
+ }
+ return 0;
+}
+
+static void put_be16(uint8_t* addr, uint16_t value) {
+ *addr++ = value >> 8;
+ *addr = value & 0xff;
+}
+
+/* IEEE Std 802.1X-2010, 6.2.1 KDF */
+static int aes_kdf(CMAC_CTX* ctx, const char* label, const uint8_t* context, int ctx_bits,
+ int ret_bits, uint8_t* ret) {
+ const int h = 128;
+ const int r = 8;
+ int i, n;
+ int lab_len, ctx_len, ret_len, buf_len;
+ uint8_t* buf;
+
+ lab_len = strlen(label);
+ ctx_len = (ctx_bits + 7) / 8;
+ ret_len = ((ret_bits & 0xffff) + 7) / 8;
+ buf_len = lab_len + ctx_len + 4;
+
+ memset(ret, 0, ret_len);
+
+ n = (ret_bits + h - 1) / h;
+ if (n > ((0x1 << r) - 1)) return -1;
+
+ buf = (uint8_t*)calloc(1, buf_len);
+ if (buf == NULL) return -1;
+
+ memcpy(buf + 1, label, lab_len);
+ memcpy(buf + lab_len + 2, context, ctx_len);
+ put_be16(&buf[buf_len - 2], ret_bits);
+
+ for (i = 0; i < n; i++) {
+ int res;
+
+ buf[0] = (uint8_t)(i + 1);
+ res = omac1_aes(ctx, buf, buf_len, ret);
+ if (res) {
+ free(buf);
+ return -1;
+ }
+ ret = ret + h / 8;
+ }
+ free(buf);
+ return 0;
+}
+
+MacsecPskPlugin::MacsecPskPlugin() {
+ // always make sure ckn is 16 bytes, zero padded
+ CKN_1.resize(16);
+ CKN_2.resize(16);
+
+ addTestKey(CAK_ID_1, CAK_KEY_1, CKN_1);
+ addTestKey(CAK_ID_2, CAK_KEY_2, CKN_2);
+}
+
+MacsecPskPlugin::~MacsecPskPlugin() {
+ for (auto s : mKeys) {
+ OPENSSL_cleanse(&s.kekEncCtx, sizeof(AES_KEY));
+ OPENSSL_cleanse(&s.kekDecCtx, sizeof(AES_KEY));
+ CMAC_CTX_free(s.ickCtx);
+ CMAC_CTX_free(s.cakCtx);
+ }
+}
+
+ndk::ScopedAStatus MacsecPskPlugin::addTestKey(const std::vector<uint8_t>& keyId,
+ const std::vector<uint8_t>& CAK,
+ const std::vector<uint8_t>& CKN) {
+ if (CAK.size() != 16 && CAK.size() != 32) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "CAK length must be 16 or 32 bytes");
+ }
+
+ if (keyId.size() != CAK.size()) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "Key ID must be same as CAK length");
+ }
+
+ std::vector<uint8_t> ckn;
+ ckn = CKN;
+ ckn.resize(16); // make sure it is always zero padded with maximum length of
+ // 16 bytes
+
+ AES_KEY kekEncCtx;
+ AES_KEY kekDecCtx;
+ CMAC_CTX* ickCtx;
+ CMAC_CTX* cakCtx;
+
+ // Create the CAK openssl context
+ cakCtx = CMAC_CTX_new();
+
+ CMAC_Init(cakCtx, CAK.data(), CAK.size(),
+ CAK.size() == 16 ? EVP_aes_128_cbc() : EVP_aes_256_cbc(), NULL);
+
+ // derive KEK from CAK (ieee802_1x_kek_aes_cmac)
+ std::vector<uint8_t> kek;
+ kek.resize(CAK.size());
+
+ aes_kdf(cakCtx, "IEEE8021 KEK", (const uint8_t*)ckn.data(), ckn.size() * 8, 8 * kek.size(),
+ kek.data());
+
+ AES_set_encrypt_key(kek.data(), kek.size() << 3, &kekEncCtx);
+ AES_set_decrypt_key(kek.data(), kek.size() << 3, &kekDecCtx);
+
+ // derive ICK from CAK (ieee802_1x_ick_aes_cmac)
+ std::vector<uint8_t> ick;
+ ick.resize(CAK.size());
+
+ aes_kdf(cakCtx, "IEEE8021 ICK", (const uint8_t*)CKN.data(), CKN.size() * 8, 8 * ick.size(),
+ ick.data());
+
+ ickCtx = CMAC_CTX_new();
+
+ CMAC_Init(ickCtx, ick.data(), ick.size(),
+ ick.size() == 16 ? EVP_aes_128_cbc() : EVP_aes_256_cbc(), NULL);
+
+ mKeys.push_back({keyId, kekEncCtx, kekDecCtx, ickCtx, cakCtx});
+
+ return ok();
+}
+
+ndk::ScopedAStatus MacsecPskPlugin::calcIcv(const std::vector<uint8_t>& keyId,
+ const std::vector<uint8_t>& data,
+ std::vector<uint8_t>* out) {
+ CMAC_CTX* ctx = NULL;
+
+ for (auto s : mKeys) {
+ if (s.keyId == keyId) {
+ ctx = s.ickCtx;
+ break;
+ }
+ }
+
+ if (ctx == NULL) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "Key not exist");
+ }
+
+ out->resize(16);
+ if (omac1_aes(ctx, data.data(), data.size(), out->data()) != 0) {
+ return resultToStatus(EX_SERVICE_SPECIFIC, "Internal error");
+ }
+
+ return ok();
+}
+
+ndk::ScopedAStatus MacsecPskPlugin::generateSak(const std::vector<uint8_t>& keyId,
+ const std::vector<uint8_t>& data,
+ const int sakLength, std::vector<uint8_t>* out) {
+ CMAC_CTX* ctx = NULL;
+
+ if ((sakLength != 16) && (sakLength != 32)) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "Invalid SAK length");
+ }
+
+ if (data.size() < sakLength) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "Invalid data length");
+ }
+
+ for (auto s : mKeys) {
+ if (s.keyId == keyId) {
+ ctx = s.cakCtx;
+ break;
+ }
+ }
+
+ if (ctx == NULL) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "Key not exist");
+ }
+
+ out->resize(sakLength);
+
+ if (aes_kdf(ctx, "IEEE8021 SAK", data.data(), data.size() * 8, out->size() * 8, out->data()) !=
+ 0) {
+ return resultToStatus(EX_SERVICE_SPECIFIC, "Internal error");
+ }
+
+ return ok();
+}
+
+ndk::ScopedAStatus MacsecPskPlugin::wrapSak(const std::vector<uint8_t>& keyId,
+ const std::vector<uint8_t>& sak,
+ std::vector<uint8_t>* out) {
+ if (sak.size() == 0 || sak.size() % 8 != 0) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT,
+ "SAK length not multiple of 8 or greater than 0");
+ }
+
+ AES_KEY* ctx = NULL;
+
+ for (auto s : mKeys) {
+ if (s.keyId == keyId) {
+ ctx = &s.kekEncCtx;
+ break;
+ }
+ }
+
+ if (ctx == NULL) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "Key not exist");
+ }
+
+ out->resize(sak.size() + 8);
+
+ if (AES_wrap_key(ctx, NULL, out->data(), sak.data(), sak.size()) > 0) {
+ return ok();
+ }
+
+ return resultToStatus(EX_SERVICE_SPECIFIC, "Internal error");
+}
+
+ndk::ScopedAStatus MacsecPskPlugin::unwrapSak(const std::vector<uint8_t>& keyId,
+ const std::vector<uint8_t>& sak,
+ std::vector<uint8_t>* out) {
+ if (sak.size() <= 8 || sak.size() % 8 != 0) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT,
+ "SAK length not multiple of 8 or greater than 0");
+ }
+
+ AES_KEY* ctx = NULL;
+
+ for (auto s : mKeys) {
+ if (s.keyId == keyId) {
+ ctx = &s.kekDecCtx;
+ break;
+ }
+ }
+
+ if (ctx == NULL) {
+ return resultToStatus(EX_ILLEGAL_ARGUMENT, "Key not exist");
+ }
+
+ out->resize(sak.size() - 8);
+
+ if (AES_unwrap_key(ctx, NULL, out->data(), sak.data(), sak.size()) > 0) {
+ return ok();
+ }
+
+ return resultToStatus(EX_SERVICE_SPECIFIC, "Internal error");
+}
+
+} // namespace aidl::android::hardware::macsec
diff --git a/macsec/aidl/default/MacsecPskPlugin.h b/macsec/aidl/default/MacsecPskPlugin.h
new file mode 100644
index 0000000..0b056e3
--- /dev/null
+++ b/macsec/aidl/default/MacsecPskPlugin.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2023, The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <aidl/android/hardware/macsec/BnMacsecPskPlugin.h>
+
+#include <openssl/aes.h>
+#include <openssl/cmac.h>
+
+namespace aidl::android::hardware::macsec {
+
+struct keys {
+ std::vector<uint8_t> keyId;
+ AES_KEY kekEncCtx;
+ AES_KEY kekDecCtx;
+ CMAC_CTX* ickCtx;
+ CMAC_CTX* cakCtx;
+};
+
+class MacsecPskPlugin : public BnMacsecPskPlugin {
+ public:
+ MacsecPskPlugin();
+ ~MacsecPskPlugin();
+ ndk::ScopedAStatus addTestKey(const std::vector<uint8_t>& keyId,
+ const std::vector<uint8_t>& CAK,
+ const std::vector<uint8_t>& CKN) override;
+ ndk::ScopedAStatus calcIcv(const std::vector<uint8_t>& keyId, const std::vector<uint8_t>& data,
+ std::vector<uint8_t>* out) override;
+
+ ndk::ScopedAStatus generateSak(const std::vector<uint8_t>& keyId,
+ const std::vector<uint8_t>& data, const int sakLength,
+ std::vector<uint8_t>* out);
+
+ ndk::ScopedAStatus wrapSak(const std::vector<uint8_t>& keyId, const std::vector<uint8_t>& sak,
+ std::vector<uint8_t>* out) override;
+
+ ndk::ScopedAStatus unwrapSak(const std::vector<uint8_t>& keyId, const std::vector<uint8_t>& sak,
+ std::vector<uint8_t>* out) override;
+
+ private:
+ std::vector<struct keys> mKeys;
+};
+} // namespace aidl::android::hardware::macsec
diff --git a/macsec/aidl/default/android.hardware.macsec.rc b/macsec/aidl/default/android.hardware.macsec.rc
new file mode 100644
index 0000000..0ff0e53
--- /dev/null
+++ b/macsec/aidl/default/android.hardware.macsec.rc
@@ -0,0 +1,3 @@
+service android.hardware.macsec /vendor/bin/hw/android.hardware.macsec-service
+ class early_hal
+ user nobody
diff --git a/macsec/aidl/default/android.hardware.macsec.xml b/macsec/aidl/default/android.hardware.macsec.xml
new file mode 100644
index 0000000..9cf9e5a
--- /dev/null
+++ b/macsec/aidl/default/android.hardware.macsec.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Copyright (C) 2023 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<manifest version="1.0" type="device">
+ <hal format="aidl">
+ <name>android.hardware.macsec</name>
+ <version>1</version>
+ <interface>
+ <name>IMacsecPskPlugin</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
+</manifest>
diff --git a/macsec/aidl/default/fuzzer/fuzzer.cpp b/macsec/aidl/default/fuzzer/fuzzer.cpp
new file mode 100644
index 0000000..d912a67
--- /dev/null
+++ b/macsec/aidl/default/fuzzer/fuzzer.cpp
@@ -0,0 +1,27 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <fuzzbinder/libbinder_ndk_driver.h>
+#include <fuzzer/FuzzedDataProvider.h>
+#include "MacsecPskPlugin.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ std::shared_ptr<aidl::android::hardware::macsec::MacsecPskPlugin> service =
+ ndk::SharedRefBase::make<aidl::android::hardware::macsec::MacsecPskPlugin>();
+ android::fuzzService(service->asBinder().get(), FuzzedDataProvider(data, size));
+
+ return 0;
+}
diff --git a/macsec/aidl/default/service.cpp b/macsec/aidl/default/service.cpp
new file mode 100644
index 0000000..faf3a09
--- /dev/null
+++ b/macsec/aidl/default/service.cpp
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2023, The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "MacsecPskPlugin.h"
+
+#include <android-base/logging.h>
+#include <android/binder_manager.h>
+#include <android/binder_process.h>
+
+namespace android::hardware::macsec {
+
+using namespace std::string_literals;
+using ::aidl::android::hardware::macsec::MacsecPskPlugin;
+
+extern "C" int main() {
+ base::SetDefaultTag("MacsecPskPlugin");
+ base::SetMinimumLogSeverity(base::VERBOSE);
+
+ LOG(VERBOSE) << "Starting up...";
+ auto service = ndk::SharedRefBase::make<MacsecPskPlugin>();
+ const auto instance = MacsecPskPlugin::descriptor + "/default"s;
+ const auto status = AServiceManager_addService(service->asBinder().get(), instance.c_str());
+ CHECK_EQ(status, STATUS_OK) << "Failed to add service " << instance;
+ LOG(VERBOSE) << "Started successfully!";
+
+ ABinderProcess_joinThreadPool();
+ LOG(FATAL) << "MacsecPskPlugin exited unexpectedly!";
+ return EXIT_FAILURE;
+}
+} // namespace android::hardware::macsec
diff --git a/macsec/aidl/vts/functional/Android.bp b/macsec/aidl/vts/functional/Android.bp
new file mode 100644
index 0000000..0c8f43d
--- /dev/null
+++ b/macsec/aidl/vts/functional/Android.bp
@@ -0,0 +1,48 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+cc_test {
+ name: "VtsHalMacsecPskPluginV1Test",
+ defaults: [
+ "VtsHalTargetTestDefaults",
+ "use_libaidlvintf_gtest_helper_static",
+ ],
+ cpp_std: "experimental",
+ srcs: [
+ "MacsecAidlTest.cpp",
+ ],
+ shared_libs: [
+ "libbase",
+ "libbinder_ndk",
+ ],
+ static_libs: [
+ "android.hardware.macsec-V1-ndk",
+ "libgmock",
+ ],
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
+}
diff --git a/macsec/aidl/vts/functional/MacsecAidlTest.cpp b/macsec/aidl/vts/functional/MacsecAidlTest.cpp
new file mode 100644
index 0000000..e94c049
--- /dev/null
+++ b/macsec/aidl/vts/functional/MacsecAidlTest.cpp
@@ -0,0 +1,142 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <aidl/Gtest.h>
+#include <aidl/Vintf.h>
+#include <aidl/android/hardware/macsec/IMacsecPskPlugin.h>
+#include <android-base/logging.h>
+#include <android/binder_manager.h>
+#include <gtest/gtest.h>
+
+#include <chrono>
+#include <thread>
+
+using aidl::android::hardware::macsec::IMacsecPskPlugin;
+using namespace std::chrono_literals;
+using namespace std::string_literals;
+
+const std::vector<uint8_t> CAK_ID_1 = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01};
+const std::vector<uint8_t> CAK_KEY_1 = {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF};
+const std::vector<uint8_t> CKN_1 = {0x31, 0x32, 0x33, 0x34}; // maximum 16 bytes
+const std::vector<uint8_t> SAK_DATA_1 = {0x31, 0x32, 0x33, 0x34, 0x11, 0x12, 0x12, 0x14,
+ 0x31, 0x32, 0x33, 0x34, 0x11, 0x12, 0x12, 0x14};
+const std::vector<uint8_t> SAK_1 = {0x13, 0xD9, 0xEE, 0x5B, 0x26, 0x8B, 0x44, 0xFB,
+ 0x37, 0x63, 0x3D, 0x41, 0xC8, 0xE7, 0x0D, 0x93};
+const std::vector<uint8_t> WRAPPED_SAK_1 = {0x3B, 0x39, 0xAB, 0x4C, 0xD8, 0xDA, 0x2E, 0xC5,
+ 0xD1, 0x38, 0x6A, 0x13, 0x9D, 0xE3, 0x78, 0xD9,
+ 0x93, 0xD2, 0xA0, 0x70, 0x88, 0xCB, 0xF5, 0xEC};
+const std::vector<uint8_t> DATA_1 = {0x31, 0x32, 0x33, 0x34, 0x31, 0x32, 0x34, 0x29,
+ 0x51, 0x52, 0x53, 0x54, 0x51, 0x35, 0x54, 0x59};
+const std::vector<uint8_t> ICV_1 = {0xDF, 0x54, 0xFF, 0xCD, 0xE0, 0xA9, 0x78, 0x10,
+ 0x6B, 0x7B, 0xD2, 0xBF, 0xEF, 0xD9, 0x0C, 0x81};
+
+const std::vector<uint8_t> CAK_ID_2 = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x02};
+const std::vector<uint8_t> CAK_KEY_2 = {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF};
+const std::vector<uint8_t> CKN_2 = {0x35, 0x36, 0x37, 0x38}; // maximum 16 bytes
+const std::vector<uint8_t> SAK_DATA_2 = {0x31, 0x32, 0x33, 0x34, 0x31, 0x32, 0x33, 0x34,
+ 0x31, 0x32, 0x33, 0x34, 0x31, 0x32, 0x33, 0x34,
+ 0x31, 0x32, 0x33, 0x34, 0x31, 0x32, 0x33, 0x34,
+ 0x31, 0x32, 0x33, 0x34, 0x31, 0x32, 0x33, 0x34};
+const std::vector<uint8_t> SAK_2 = {0x39, 0x09, 0x36, 0x60, 0x18, 0x07, 0x2B, 0x5D,
+ 0xF0, 0x81, 0x81, 0x45, 0xCD, 0x71, 0xC6, 0xBA,
+ 0x1D, 0x2B, 0x87, 0xC4, 0xEF, 0x79, 0x68, 0x82,
+ 0x28, 0xD0, 0x25, 0x86, 0xD3, 0x63, 0xFF, 0x89};
+const std::vector<uint8_t> WRAPPED_SAK_2 = {
+ 0x2f, 0x6a, 0x22, 0x29, 0x68, 0x0e, 0x6e, 0x35, 0x91, 0x64, 0x05, 0x4a, 0x31, 0x8d,
+ 0x35, 0xea, 0x95, 0x85, 0x40, 0xc6, 0xea, 0x55, 0xe5, 0xc5, 0x68, 0x40, 0xae, 0x4d,
+ 0x6f, 0xeb, 0x73, 0xcd, 0x4e, 0x2a, 0x43, 0xb1, 0xda, 0x49, 0x4f, 0x0a};
+const std::vector<uint8_t> DATA_2 = {0x71, 0x82, 0x13, 0x24, 0x31, 0x82, 0xA4, 0x2F,
+ 0x51, 0x52, 0x53, 0x44, 0x21, 0x35, 0x54, 0x59};
+const std::vector<uint8_t> ICV_2 = {0x8D, 0xF1, 0x1D, 0x6E, 0xAC, 0x62, 0xC1, 0x2A,
+ 0xE8, 0xF8, 0x4E, 0xB1, 0x00, 0x45, 0x9A, 0xAD};
+
+class MacsecAidlTest : public ::testing::TestWithParam<std::string> {
+ public:
+ virtual void SetUp() override {
+ android::base::SetDefaultTag("MACSEC_HAL_VTS");
+ android::base::SetMinimumLogSeverity(android::base::VERBOSE);
+ const auto instance = IMacsecPskPlugin::descriptor + "/default"s;
+ mMacsecPskPluginService = IMacsecPskPlugin::fromBinder(
+ ndk::SpAIBinder(AServiceManager_waitForService(instance.c_str())));
+
+ ASSERT_NE(mMacsecPskPluginService, nullptr);
+ auto aidlStatus = mMacsecPskPluginService->addTestKey(CAK_ID_1, CAK_KEY_1, CKN_1);
+ ASSERT_TRUE(aidlStatus.isOk());
+ aidlStatus = mMacsecPskPluginService->addTestKey(CAK_ID_2, CAK_KEY_2, CKN_2);
+ ASSERT_TRUE(aidlStatus.isOk());
+ }
+ virtual void TearDown() override {}
+
+ std::shared_ptr<IMacsecPskPlugin> mMacsecPskPluginService;
+};
+
+TEST_P(MacsecAidlTest, calcIcv) {
+ std::vector<uint8_t> out;
+ auto aidlStatus = mMacsecPskPluginService->calcIcv(CAK_ID_1, DATA_1, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "calcIcv KEY 1 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, ICV_1);
+
+ aidlStatus = mMacsecPskPluginService->calcIcv(CAK_ID_2, DATA_2, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "calcIcv KEY 2 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, ICV_2);
+}
+
+TEST_P(MacsecAidlTest, generateSak) {
+ std::vector<uint8_t> out;
+ auto aidlStatus = mMacsecPskPluginService->generateSak(CAK_ID_1, SAK_DATA_1, 16, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "generateSak KEY 1 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, SAK_1);
+
+ aidlStatus = mMacsecPskPluginService->generateSak(CAK_ID_2, SAK_DATA_2, 32, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "generateSak KEY 2 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, SAK_2);
+}
+
+TEST_P(MacsecAidlTest, wrapSak) {
+ std::vector<uint8_t> out;
+ auto aidlStatus = mMacsecPskPluginService->wrapSak(CAK_ID_1, SAK_1, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "wrapSak KEY 1 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, WRAPPED_SAK_1);
+
+ aidlStatus = mMacsecPskPluginService->wrapSak(CAK_ID_2, SAK_2, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "wrapSak KEY 2 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, WRAPPED_SAK_2);
+}
+
+TEST_P(MacsecAidlTest, unwrapSak) {
+ std::vector<uint8_t> out;
+ auto aidlStatus = mMacsecPskPluginService->unwrapSak(CAK_ID_1, WRAPPED_SAK_1, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "unwrapSak KEY 1 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, SAK_1);
+
+ aidlStatus = mMacsecPskPluginService->unwrapSak(CAK_ID_2, WRAPPED_SAK_2, &out);
+ ASSERT_TRUE(aidlStatus.isOk()) << "unwrapSak KEY 2 failed: " << aidlStatus.getMessage();
+ EXPECT_EQ(out, SAK_2);
+}
+
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(MacsecAidlTest);
+INSTANTIATE_TEST_SUITE_P(
+ PerInstance, MacsecAidlTest,
+ testing::ValuesIn(android::getAidlHalInstanceNames(IMacsecPskPlugin::descriptor)),
+ android::PrintInstanceNameToString);
diff --git a/macsec/aidl/vts/functional/OWNERS b/macsec/aidl/vts/functional/OWNERS
new file mode 100644
index 0000000..5009a88
--- /dev/null
+++ b/macsec/aidl/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 533426
+keithmok@google.com
diff --git a/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/WorkDuration.aidl b/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/WorkDuration.aidl
index 45013dd..e86cd40 100644
--- a/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/WorkDuration.aidl
+++ b/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/WorkDuration.aidl
@@ -36,7 +36,4 @@
parcelable WorkDuration {
long timeStampNanos;
long durationNanos;
- long workPeriodStartTimestampNanos;
- long cpuDurationNanos;
- long gpuDurationNanos;
}
diff --git a/power/aidl/android/hardware/power/WorkDuration.aidl b/power/aidl/android/hardware/power/WorkDuration.aidl
index fcd638b..a06a058 100644
--- a/power/aidl/android/hardware/power/WorkDuration.aidl
+++ b/power/aidl/android/hardware/power/WorkDuration.aidl
@@ -23,30 +23,8 @@
* sample was measured.
*/
long timeStampNanos;
-
/**
- * Total work duration in nanoseconds.
+ * Work duration in nanoseconds.
*/
long durationNanos;
-
- /**
- * Timestamp in nanoseconds based on CLOCK_MONOTONIC when the work starts.
- * The work period start timestamp could be zero if the call is from
- * the legacy SDK/NDK reportActualWorkDuration API.
- */
- long workPeriodStartTimestampNanos;
-
- /**
- * CPU work duration in nanoseconds.
- * The CPU work duration could be the same as the total work duration if
- * the call is from the legacy SDK/NDK reportActualWorkDuration API.
- */
- long cpuDurationNanos;
-
- /**
- * GPU work duration in nanoseconds.
- * The GPU work duration could be zero if the call is from the legacy
- * SDK/NDK reportActualWorkDuration API.
- */
- long gpuDurationNanos;
}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSession.aidl b/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSession.aidl
index 45c8002..2150fbe 100644
--- a/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSession.aidl
+++ b/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSession.aidl
@@ -42,4 +42,6 @@
oneway void stopDtmf();
oneway void sendHeaderExtension(in List<android.hardware.radio.ims.media.RtpHeaderExtension> extensions);
oneway void setMediaQualityThreshold(in android.hardware.radio.ims.media.MediaQualityThreshold threshold);
+ oneway void requestRtpReceptionStats(in int intervalMs);
+ oneway void adjustDelay(in int delayMs);
}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl b/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl
index 5ec9c18..87474ef 100644
--- a/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl
+++ b/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl
@@ -42,4 +42,5 @@
oneway void triggerAnbrQuery(in android.hardware.radio.ims.media.RtpConfig config);
oneway void onDtmfReceived(char dtmfDigit, int durationMs);
oneway void onCallQualityChanged(in android.hardware.radio.ims.media.CallQuality callQuality);
+ oneway void notifyRtpReceptionStats(in android.hardware.radio.ims.media.RtpReceptionStats stats);
}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/RtpReceptionStats.aidl b/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/RtpReceptionStats.aidl
new file mode 100644
index 0000000..82b798b
--- /dev/null
+++ b/radio/aidl/aidl_api/android.hardware.radio.ims.media/current/android/hardware/radio/ims/media/RtpReceptionStats.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.radio.ims.media;
+@VintfStability
+parcelable RtpReceptionStats {
+ int rtpTimestamp;
+ int rtpSequenceNumber;
+ int timeDurationMs;
+ int jitterBufferMs;
+ int roundTripTimeMs;
+}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.ims/current/android/hardware/radio/ims/SuggestedAction.aidl b/radio/aidl/aidl_api/android.hardware.radio.ims/current/android/hardware/radio/ims/SuggestedAction.aidl
index 120e7e8..6dbf09d 100644
--- a/radio/aidl/aidl_api/android.hardware.radio.ims/current/android/hardware/radio/ims/SuggestedAction.aidl
+++ b/radio/aidl/aidl_api/android.hardware.radio.ims/current/android/hardware/radio/ims/SuggestedAction.aidl
@@ -38,4 +38,6 @@
NONE,
TRIGGER_PLMN_BLOCK,
TRIGGER_PLMN_BLOCK_WITH_TIMEOUT,
+ TRIGGER_RAT_BLOCK,
+ TRIGGER_CLEAR_RAT_BLOCK,
}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/ConnectionEvent.aidl b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/ConnectionEvent.aidl
new file mode 100644
index 0000000..3161322
--- /dev/null
+++ b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/ConnectionEvent.aidl
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.radio.network;
+/* @hide */
+@Backing(type="int") @JavaDerive(toString=true) @VintfStability
+enum ConnectionEvent {
+ CS_SERVICE_GSM = 0,
+ SIGNALLING_GSM = 1,
+ PS_SERVICE_GPRS = 2,
+ SIGNALLING_GPRS = 3,
+ PS_SERVICE_3G = 4,
+ SIGNALLING_3G = 5,
+ NAS_SIGNALLING_LTE = 6,
+ AS_SIGNALLING_LTE = 7,
+ VOLTE_SIP = 8,
+ VOLTE_RTP = 9,
+ NAS_SIGNALLING_5G = 10,
+ AS_SIGNALLING_5G = 11,
+ VONR_SIP = 12,
+ VONR_RTP = 13,
+}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetwork.aidl b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetwork.aidl
index 35badb7..8af617f 100644
--- a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetwork.aidl
+++ b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetwork.aidl
@@ -84,4 +84,6 @@
oneway void setN1ModeEnabled(in int serial, boolean enable);
oneway void isCellularIdentifierTransparencyEnabled(in int serial);
oneway void setCellularIdentifierTransparencyEnabled(in int serial, in boolean enabled);
+ oneway void setSecurityAlgorithmsUpdatedEnabled(in int serial, boolean enable);
+ oneway void isSecurityAlgorithmsUpdatedEnabled(in int serial);
}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkIndication.aidl b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkIndication.aidl
index 77729f3..8eea14f 100644
--- a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkIndication.aidl
+++ b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkIndication.aidl
@@ -51,4 +51,5 @@
oneway void voiceRadioTechChanged(in android.hardware.radio.RadioIndicationType type, in android.hardware.radio.RadioTechnology rat);
oneway void emergencyNetworkScanResult(in android.hardware.radio.RadioIndicationType type, in android.hardware.radio.network.EmergencyRegResult result);
oneway void cellularIdentifierDisclosed(in android.hardware.radio.RadioIndicationType type, in android.hardware.radio.network.CellularIdentifierDisclosure disclosure);
+ oneway void securityAlgorithmsUpdated(in android.hardware.radio.RadioIndicationType type, in android.hardware.radio.network.SecurityAlgorithmUpdate securityAlgorithmUpdate);
}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkResponse.aidl b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkResponse.aidl
index 91502d0..e7f2918 100644
--- a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkResponse.aidl
+++ b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/IRadioNetworkResponse.aidl
@@ -83,4 +83,6 @@
oneway void setN1ModeEnabledResponse(in android.hardware.radio.RadioResponseInfo info);
oneway void isCellularIdentifierTransparencyEnabledResponse(in android.hardware.radio.RadioResponseInfo info, boolean isEnabled);
oneway void setCellularIdentifierTransparencyEnabledResponse(in android.hardware.radio.RadioResponseInfo info);
+ oneway void setSecurityAlgorithmsUpdatedEnabledResponse(in android.hardware.radio.RadioResponseInfo info);
+ oneway void isSecurityAlgorithmsUpdatedEnabledResponse(in android.hardware.radio.RadioResponseInfo info, in boolean isEnabled);
}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/SecurityAlgorithm.aidl b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/SecurityAlgorithm.aidl
new file mode 100644
index 0000000..97ce004
--- /dev/null
+++ b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/SecurityAlgorithm.aidl
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.radio.network;
+/* @hide */
+@Backing(type="int") @JavaDerive(toString=true) @VintfStability
+enum SecurityAlgorithm {
+ A50 = 0,
+ A51 = 1,
+ A52 = 2,
+ A53 = 3,
+ A54 = 4,
+ GEA0 = 14,
+ GEA1 = 15,
+ GEA2 = 16,
+ GEA3 = 17,
+ GEA4 = 18,
+ GEA5 = 19,
+ UEA0 = 29,
+ UEA1 = 30,
+ UEA2 = 31,
+ EEA0 = 41,
+ EEA1 = 42,
+ EEA2 = 43,
+ EEA3 = 44,
+ EEA4_ZUC = 45,
+ NEA0 = 55,
+ NEA1 = 56,
+ NEA2 = 57,
+ NEA3 = 58,
+ SIP_NULL = 68,
+ AES_GCM = 69,
+ AES_GMAC = 70,
+ AES_CBC = 71,
+ DES_EDE3_CBC = 72,
+ AES_EDE3_CBC = 73,
+ HMAC_SHA1_96 = 74,
+ HMAC_SHA1_96_null = 75,
+ HMAC_MD5_96 = 76,
+ HMAC_MD5_96_null = 77,
+ SRTP_AES_COUNTER = 87,
+ SRTP_AES_F8 = 88,
+ SRTP_HMAC_SHA1 = 89,
+ ENCR_AES_GCM_16 = 99,
+ ENCR_AES_CBC = 100,
+ AUTH_HMAC_SHA2_256_128 = 101,
+ UNKNOWN = 113,
+ OTHER = 114,
+ ORYX = 124,
+}
diff --git a/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/SecurityAlgorithmUpdate.aidl b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/SecurityAlgorithmUpdate.aidl
new file mode 100644
index 0000000..73ad180
--- /dev/null
+++ b/radio/aidl/aidl_api/android.hardware.radio.network/current/android/hardware/radio/network/SecurityAlgorithmUpdate.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.radio.network;
+/* @hide */
+@JavaDerive(toString=true) @VintfStability
+parcelable SecurityAlgorithmUpdate {
+ android.hardware.radio.network.ConnectionEvent connectionEvent;
+ android.hardware.radio.network.SecurityAlgorithm encryption;
+ android.hardware.radio.network.SecurityAlgorithm integrity;
+ boolean isUnprotectedEmergency;
+}
diff --git a/radio/aidl/android/hardware/radio/ims/SuggestedAction.aidl b/radio/aidl/android/hardware/radio/ims/SuggestedAction.aidl
index 443042d..f0e28fc 100644
--- a/radio/aidl/android/hardware/radio/ims/SuggestedAction.aidl
+++ b/radio/aidl/android/hardware/radio/ims/SuggestedAction.aidl
@@ -35,4 +35,18 @@
* management timer value as per the carrier requirements.
*/
TRIGGER_PLMN_BLOCK_WITH_TIMEOUT,
+ /**
+ * Indicates that the IMS registration on current RAT failed multiple times.
+ * The radio shall block the current RAT and search for other available RATs in the
+ * background. If no other RAT is available that meets the carrier requirements, the
+ * radio may remain on the current RAT for internet service. The radio clears all
+ * RATs marked as unavailable if {@link IRadioIms#updateImsRegistrationInfo()} API
+ * with REGISTERED state is invoked.
+ */
+ TRIGGER_RAT_BLOCK,
+ /**
+ * Indicates that the radio clears all RATs marked as unavailable and tries to find
+ * an available RAT that meets the carrier requirements.
+ */
+ TRIGGER_CLEAR_RAT_BLOCK,
}
diff --git a/radio/aidl/android/hardware/radio/ims/media/IImsMediaSession.aidl b/radio/aidl/android/hardware/radio/ims/media/IImsMediaSession.aidl
index 7e03da6..0fe6740 100644
--- a/radio/aidl/android/hardware/radio/ims/media/IImsMediaSession.aidl
+++ b/radio/aidl/android/hardware/radio/ims/media/IImsMediaSession.aidl
@@ -94,4 +94,26 @@
* This is available when android.hardware.telephony.ims is defined.
*/
void setMediaQualityThreshold(in MediaQualityThreshold threshold);
+
+ /**
+ * Queries the current RTP reception statistics of the RTP stream. It will trigger the
+ IImsMediaSessionListener#notifyRtpReceptionStats(RtpReceptionStats).
+ *
+ * @param intervalMs The interval of the time in milliseconds of the RTP reception
+ * notification. When it is zero, the report is disabled.
+ *
+ * This is available when android.hardware.telephony.ims is defined.
+ */
+ void requestRtpReceptionStats(in int intervalMs);
+
+ /**
+ * Adjust the delay in the jitter buffer to synchronize the audio with the time of video
+ * frames
+ *
+ * @param delayMs The delay to apply to the jitter buffer. If it is positive, the jitter
+ * buffer increases the delay, if it is negative, the jitter buffer decreases the delay.
+ *
+ * This is available when android.hardware.telephony.ims is defined.
+ */
+ void adjustDelay(in int delayMs);
}
diff --git a/radio/aidl/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl b/radio/aidl/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl
index 442c018..d3d0b26 100644
--- a/radio/aidl/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl
+++ b/radio/aidl/android/hardware/radio/ims/media/IImsMediaSessionListener.aidl
@@ -21,6 +21,7 @@
import android.hardware.radio.ims.media.RtpConfig;
import android.hardware.radio.ims.media.RtpError;
import android.hardware.radio.ims.media.RtpHeaderExtension;
+import android.hardware.radio.ims.media.RtpReceptionStats;
/**
* Interface declaring listener functions for unsolicited IMS media notifications per session.
@@ -37,6 +38,8 @@
* RtpError :INTERNAL_ERR
* RtpError :NO_MEMORY
* RtpError :NO_RESOURCES
+ *
+ * This is available when android.hardware.telephony.ims is defined.
*/
void onModifySessionResponse(in RtpConfig config, RtpError error);
@@ -49,6 +52,8 @@
* packets from the most recently added config.
*
* @param config The remote config where the media is received
+ *
+ * This is available when android.hardware.telephony.ims is defined.
*/
void onFirstMediaPacketReceived(in RtpConfig config);
@@ -56,6 +61,8 @@
* RTP header extension received from the other party
*
* @param extensions content of the received RTP header extension
+ *
+ * This is available when android.hardware.telephony.ims is defined.
*/
void onHeaderExtensionReceived(in List<RtpHeaderExtension> extensions);
@@ -64,6 +71,8 @@
* {@link MediaQualityThreshold} set by {@link IImsMediaSession#setMediaQualityThreshold()}.
*
* @param quality The object of MediaQualityStatus with the rtp and the rtcp statistics.
+ *
+ * This is available when android.hardware.telephony.ims is defined.
*/
void notifyMediaQualityStatus(in MediaQualityStatus quality);
@@ -73,6 +82,8 @@
* See 3GPP TS 26.114.
*
* @param config containing desired bitrate and direction
+ *
+ * This is available when android.hardware.telephony.ims is defined.
*/
void triggerAnbrQuery(in RtpConfig config);
@@ -81,6 +92,8 @@
*
* @param dtmfDigit single char having one of 12 values: 0-9, *, #
* @param durationMs The duration to play the tone in milliseconds unit
+ *
+ * This is available when android.hardware.telephony.ims is defined.
*/
void onDtmfReceived(char dtmfDigit, int durationMs);
@@ -88,6 +101,18 @@
* Notifies when a change to call quality has occurred
*
* @param CallQuality The call quality statistics of ongoing call since last report
+ *
+ * This is available when android.hardware.telephony.ims is defined.
*/
void onCallQualityChanged(in CallQuality callQuality);
+
+ /**
+ * Notifies the RTP reception statistics periodically after
+ * IImsMediaSession#requestRtpReceptionStats(intervalMs) is invoked.
+ *
+ * @param stats The RTP reception statistics
+ *
+ * This is available when android.hardware.telephony.ims is defined.
+ */
+ void notifyRtpReceptionStats(in RtpReceptionStats stats);
}
diff --git a/radio/aidl/android/hardware/radio/ims/media/RtpReceptionStats.aidl b/radio/aidl/android/hardware/radio/ims/media/RtpReceptionStats.aidl
new file mode 100644
index 0000000..1239d13
--- /dev/null
+++ b/radio/aidl/android/hardware/radio/ims/media/RtpReceptionStats.aidl
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.radio.ims.media;
+
+@VintfStability
+parcelable RtpReceptionStats {
+ /** The timestamp of the latest RTP packet received */
+ int rtpTimestamp;
+ /** The sequence number of latest RTP packet received */
+ int rtpSequenceNumber;
+ /** The system clock time in millisecond of latest RTP packet received */
+ int timeDurationMs;
+ /** The jitter buffer size in millisecond when latest RTP packet received */
+ int jitterBufferMs;
+ /** The round trip time delay in millisecond when latest RTP packet received */
+ int roundTripTimeMs;
+}
diff --git a/radio/aidl/android/hardware/radio/network/ConnectionEvent.aidl b/radio/aidl/android/hardware/radio/network/ConnectionEvent.aidl
new file mode 100644
index 0000000..639ba89
--- /dev/null
+++ b/radio/aidl/android/hardware/radio/network/ConnectionEvent.aidl
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.radio.network;
+
+/**
+ * See IRadioNetwork.securityAlgorithmsUpdated for more details.
+ *
+ * @hide
+ */
+@VintfStability
+@Backing(type="int")
+@JavaDerive(toString=true)
+enum ConnectionEvent {
+ // 2G GSM
+ CS_SERVICE_GSM = 0,
+ SIGNALLING_GSM = 1,
+
+ // 2G GPRS packet services
+ PS_SERVICE_GPRS = 2,
+ SIGNALLING_GPRS = 3,
+
+ // 3G packet services
+ PS_SERVICE_3G = 4,
+ SIGNALLING_3G = 5,
+
+ // 4G LTE packet services
+ NAS_SIGNALLING_LTE = 6,
+ AS_SIGNALLING_LTE = 7,
+
+ // VoLTE
+ VOLTE_SIP = 8,
+ VOLTE_RTP = 9,
+
+ // 5G packet services
+ NAS_SIGNALLING_5G = 10,
+ AS_SIGNALLING_5G = 11,
+
+ // VoNR
+ VONR_SIP = 12,
+ VONR_RTP = 13,
+}
diff --git a/radio/aidl/android/hardware/radio/network/IRadioNetwork.aidl b/radio/aidl/android/hardware/radio/network/IRadioNetwork.aidl
index 2d6166c..32890ec 100644
--- a/radio/aidl/android/hardware/radio/network/IRadioNetwork.aidl
+++ b/radio/aidl/android/hardware/radio/network/IRadioNetwork.aidl
@@ -655,6 +655,8 @@
* @param serial Serial number of request
*
* Response callback is IRadioNetworkResponse.isCellularIdentifierTransparencyEnabledResponse
+ *
+ * This is available when android.hardware.telephony.access is defined.
*/
void isCellularIdentifierTransparencyEnabled(in int serial);
@@ -683,6 +685,36 @@
* clear
*
* Response function is IRadioNetworkResponse.setCellularIdentifierTransparencyEnabledResponse
+ *
+ * This is available when android.hardware.telephony.access is defined.
*/
void setCellularIdentifierTransparencyEnabled(in int serial, in boolean enabled);
+
+ /**
+ * Enables or disables security algorithm update reports via indication API
+ * {@link IRadioNetworkIndication.securityAlgorithmsUpdated()}.
+ *
+ * Note: The default value shall be enabled.
+ *
+ * @param serial Serial number of request.
+ * @param enable {@code true} to enable security algorithm update reports, {@code false} to
+ * disable.
+ *
+ * Response function is IRadioNetworkResponse.setSecurityAlgorithmsUpdatedEnabledResponse()
+ *
+ * This is available when android.hardware.telephony.access is defined.
+ */
+ void setSecurityAlgorithmsUpdatedEnabled(in int serial, boolean enable);
+
+ /**
+ * Checks whether security algorithm update reports are enabled via indication API
+ * {@link IRadioNetworkIndication.securityAlgorithmsUpdated()}.
+ *
+ * @param serial Serial number of request.
+ *
+ * Response function is IRadioNetworkResponse.isSecurityAlgorithmsUpdatedEnabledResponse()
+ *
+ * This is available when android.hardware.telephony.access is defined.
+ */
+ void isSecurityAlgorithmsUpdatedEnabled(in int serial);
}
diff --git a/radio/aidl/android/hardware/radio/network/IRadioNetworkIndication.aidl b/radio/aidl/android/hardware/radio/network/IRadioNetworkIndication.aidl
index d7b5b3b..9c2502d 100644
--- a/radio/aidl/android/hardware/radio/network/IRadioNetworkIndication.aidl
+++ b/radio/aidl/android/hardware/radio/network/IRadioNetworkIndication.aidl
@@ -27,6 +27,7 @@
import android.hardware.radio.network.NetworkScanResult;
import android.hardware.radio.network.PhoneRestrictedState;
import android.hardware.radio.network.PhysicalChannelConfig;
+import android.hardware.radio.network.SecurityAlgorithmUpdate;
import android.hardware.radio.network.SignalStrength;
import android.hardware.radio.network.SuppSvcNotification;
@@ -209,16 +210,16 @@
* A non-exhaustive list of when this method should be called follows:
*
* - If a device attempts an IMSI attach to the network.
- * - If a device includes an IMSI in the IDENTITY_RESPONSE message on the NAS and a security context
- * has not yet been established.
+ * - If a device includes an IMSI in the IDENTITY_RESPONSE message on the NAS and a security
+ * context has not yet been established.
* - If a device includes an IMSI in a DETACH_REQUEST message sent on the NAS and the message is
* sent before a security context has been established.
- * - If a device includes an IMSI in a TRACKING_AREA_UPDATE message sent on the NAS and the message
- * is sent before a security context has been established.
+ * - If a device includes an IMSI in a TRACKING_AREA_UPDATE message sent on the NAS and the
+ * message is sent before a security context has been established.
* - If a device uses a 2G network to send a LOCATION_UPDATE_REQUEST message on the NAS that
* includes an IMSI or IMEI.
- * - If a device uses a 2G network to send a AUTHENTICATION_AND_CIPHERING_RESPONSE message on the
- * NAS and the message includes an IMEISV.
+ * - If a device uses a 2G network to send a AUTHENTICATION_AND_CIPHERING_RESPONSE message on
+ * the NAS and the message includes an IMEISV.
*
* @param type Type of radio indication
* @param disclosure A CellularIdentifierDisclosure as specified by
@@ -227,4 +228,24 @@
*/
void cellularIdentifierDisclosed(
in RadioIndicationType type, in CellularIdentifierDisclosure disclosure);
+
+ /*
+ * Indicates that a new ciphering or integrity algorithm was used for a particular voice,
+ * signaling, or data connection attempt for a given PLMN and/or access network. Due to
+ * power concerns, once a connection type has been reported on, follow-up reports about that
+ * connection type are only generated if there is any change to the previously reported
+ * encryption or integrity. Thus the AP is only to be notified when there is new information.
+ * List is reset upon rebooting thus info about initial connections is always passed to the
+ * AP after a reboot. List is also reset if the SIM is changed or if there has been a change
+ * in the access network.
+ *
+ * Note: a change only in cell ID should not trigger an update, as the design is intended to
+ * be agnostic to dual connectivity ("secondary serving cells").
+ *
+ * @param type Type of radio indication
+ * @param securityAlgorithmUpdate SecurityAlgorithmUpdate encapsulates details of security
+ * algorithm updates
+ */
+ void securityAlgorithmsUpdated(
+ in RadioIndicationType type, in SecurityAlgorithmUpdate securityAlgorithmUpdate);
}
diff --git a/radio/aidl/android/hardware/radio/network/IRadioNetworkResponse.aidl b/radio/aidl/android/hardware/radio/network/IRadioNetworkResponse.aidl
index e665dbd..d9eea03 100644
--- a/radio/aidl/android/hardware/radio/network/IRadioNetworkResponse.aidl
+++ b/radio/aidl/android/hardware/radio/network/IRadioNetworkResponse.aidl
@@ -752,6 +752,8 @@
* @param isEnabled Indicates whether cellular identifier transparency is enabled or not.
*
* Valid errors returned:
+ * RadioError:REQUEST_NOT_SUPPORTED when android.hardware.telephony.radio.access is not
+ * defined
* RadioError:NONE
* RadioError:RADIO_NOT_AVAILABLE
* RadioError:INTERNAL_ERR
@@ -765,10 +767,43 @@
* @param info Response info struct containing response type, serial no. and error.
*
* Valid errors returned:
+ * RadioError:REQUEST_NOT_SUPPORTED when android.hardware.telephony.radio.access is not
+ * defined
* RadioError:NONE
* RadioError:RADIO_NOT_AVAILABLE
* RadioError:INTERNAL_ERR
* RadioError:INVALID_STATE
*/
void setCellularIdentifierTransparencyEnabledResponse(in RadioResponseInfo info);
+
+ /**
+ * Response of setSecurityAlgorithmsUpdatedEnabled.
+ *
+ * @param info Response info struct containing response type, serial no. and error.
+ *
+ * Valid errors returned:
+ * RadioError:REQUEST_NOT_SUPPORTED when android.hardware.telephony.radio.access is not
+ * defined
+ * RadioError:NONE
+ * RadioError:RADIO_NOT_AVAILABLE
+ * RadioError:INTERNAL_ERR
+ * RadioError:INVALID_STATE
+ */
+ void setSecurityAlgorithmsUpdatedEnabledResponse(in RadioResponseInfo info);
+
+ /**
+ * Response of isSecurityAlgorithmsUpdatedEnabled.
+ *
+ * @param info Response info struct containing response type, serial no. and error.
+ * @param isEnabled Indicates whether cellular ciphering transparency is enabled or not.
+ *
+ * Valid errors returned:
+ * RadioError:REQUEST_NOT_SUPPORTED when android.hardware.telephony.radio.access is not
+ * defined
+ * RadioError:NONE
+ * RadioError:RADIO_NOT_AVAILABLE
+ * RadioError:INTERNAL_ERR
+ */
+ void isSecurityAlgorithmsUpdatedEnabledResponse(
+ in RadioResponseInfo info, in boolean isEnabled);
}
diff --git a/radio/aidl/android/hardware/radio/network/SecurityAlgorithm.aidl b/radio/aidl/android/hardware/radio/network/SecurityAlgorithm.aidl
new file mode 100644
index 0000000..6d2c018
--- /dev/null
+++ b/radio/aidl/android/hardware/radio/network/SecurityAlgorithm.aidl
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.radio.network;
+
+/**
+ * See IRadioNetwork.securityAlgorithmsUpdated for more details.
+ *
+ * @hide
+ */
+@VintfStability
+@Backing(type="int")
+@JavaDerive(toString=true)
+enum SecurityAlgorithm {
+ // GSM CS services (3GPP TS 43.020)
+ A50 = 0,
+ A51 = 1,
+ A52 = 2,
+ A53 = 3,
+ A54 = 4,
+
+ // GPRS PS services (3GPP TS 43.020)
+ // These also refer to the respective integrity counterparts.
+ // E.g. GEA1 = GIA1
+ GEA0 = 14,
+ GEA1 = 15,
+ GEA2 = 16,
+ GEA3 = 17,
+ GEA4 = 18,
+ GEA5 = 19,
+
+ // 3G PS/CS services (3GPP TS 33.102)
+ UEA0 = 29,
+ UEA1 = 30,
+ UEA2 = 31,
+
+ // 4G PS services & 5G NSA (3GPP TS 33.401)
+ EEA0 = 41,
+ EEA1 = 42,
+ EEA2 = 43,
+ EEA3 = 44,
+ EEA4_ZUC = 45,
+
+ // 5G PS services (3GPP TS 33.401 for 5G NSA and 3GPP TS 33.501 for 5G SA)
+ NEA0 = 55,
+ NEA1 = 56,
+ NEA2 = 57,
+ NEA3 = 58,
+
+ // SIP layer security (See 3GPP TS 33.203)
+ SIP_NULL = 68,
+ AES_GCM = 69,
+ AES_GMAC = 70,
+ AES_CBC = 71,
+ DES_EDE3_CBC = 72,
+ AES_EDE3_CBC = 73,
+ HMAC_SHA1_96 = 74,
+ HMAC_SHA1_96_null = 75,
+ HMAC_MD5_96 = 76,
+ HMAC_MD5_96_null = 77,
+
+ // RTP (see 3GPP TS 33.328)
+ SRTP_AES_COUNTER = 87,
+ SRTP_AES_F8 = 88,
+ SRTP_HMAC_SHA1 = 89,
+
+ // ePDG (3GPP TS 33.402)
+ ENCR_AES_GCM_16 = 99,
+ ENCR_AES_CBC = 100,
+ AUTH_HMAC_SHA2_256_128 = 101,
+
+ /** Unknown */
+ UNKNOWN = 113,
+ OTHER = 114,
+
+ /** For proprietary algorithms */
+ ORYX = 124,
+}
diff --git a/radio/aidl/android/hardware/radio/network/SecurityAlgorithmUpdate.aidl b/radio/aidl/android/hardware/radio/network/SecurityAlgorithmUpdate.aidl
new file mode 100644
index 0000000..e945d3b
--- /dev/null
+++ b/radio/aidl/android/hardware/radio/network/SecurityAlgorithmUpdate.aidl
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.radio.network;
+
+import android.hardware.radio.network.ConnectionEvent;
+import android.hardware.radio.network.SecurityAlgorithm;
+
+/**
+ * A single occurrence capturing a notable change to previously reported
+ * cryptography algorithms for a given network and network event.
+ *
+ * @hide
+ */
+@JavaDerive(toString=true)
+@VintfStability
+parcelable SecurityAlgorithmUpdate {
+ /**
+ * Type of connection event which is being reported on
+ */
+ ConnectionEvent connectionEvent;
+ /**
+ * Encryption algorithm which was used
+ */
+ SecurityAlgorithm encryption;
+ /**
+ * Integrity algorithm which was used
+ */
+ SecurityAlgorithm integrity;
+ /**
+ * Whether or not this connection event is associated with an
+ * unauthenticated / unencrypted emergency session
+ */
+ boolean isUnprotectedEmergency;
+}
diff --git a/radio/aidl/compat/libradiocompat/ims/media/RadioImsMediaSession.cpp b/radio/aidl/compat/libradiocompat/ims/media/RadioImsMediaSession.cpp
index ae86914..d509300 100644
--- a/radio/aidl/compat/libradiocompat/ims/media/RadioImsMediaSession.cpp
+++ b/radio/aidl/compat/libradiocompat/ims/media/RadioImsMediaSession.cpp
@@ -60,5 +60,12 @@
LOG(ERROR) << " setMediaQualityThreshold is unsupported by HIDL HALs";
return ok();
}
-
+ScopedAStatus RadioImsMediaSession::requestRtpReceptionStats(int32_t /*in_intervalMs*/) {
+ LOG(ERROR) << " requestRtpReceptionStats is unsupported by HIDL HALs";
+ return ok();
+}
+ScopedAStatus RadioImsMediaSession::adjustDelay(int32_t /*in_delayMs*/) {
+ LOG(ERROR) << " adjustDelay is unsupported by HIDL HALs";
+ return ok();
+}
} // namespace android::hardware::radio::compat
diff --git a/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioImsMediaSession.h b/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioImsMediaSession.h
index 00f21fc..715fc77 100644
--- a/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioImsMediaSession.h
+++ b/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioImsMediaSession.h
@@ -38,6 +38,8 @@
::ndk::ScopedAStatus setMediaQualityThreshold(
const ::aidl::android::hardware::radio::ims::media::MediaQualityThreshold& in_threshold)
override;
+ ::ndk::ScopedAStatus requestRtpReceptionStats(int32_t in_intervalMs) override;
+ ::ndk::ScopedAStatus adjustDelay(int32_t in_delayMs) override;
protected:
public:
diff --git a/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioNetwork.h b/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioNetwork.h
index 312b615..56724ae 100644
--- a/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioNetwork.h
+++ b/radio/aidl/compat/libradiocompat/include/libradiocompat/RadioNetwork.h
@@ -111,6 +111,9 @@
::ndk::ScopedAStatus setCellularIdentifierTransparencyEnabled(int32_t serial,
bool enabled) override;
+ ::ndk::ScopedAStatus setSecurityAlgorithmsUpdatedEnabled(int32_t serial, bool enabled) override;
+ ::ndk::ScopedAStatus isSecurityAlgorithmsUpdatedEnabled(int32_t serial) override;
+
protected:
std::shared_ptr<::aidl::android::hardware::radio::network::IRadioNetworkResponse> respond();
diff --git a/radio/aidl/compat/libradiocompat/network/RadioNetwork.cpp b/radio/aidl/compat/libradiocompat/network/RadioNetwork.cpp
index f5a1838..1e43789 100644
--- a/radio/aidl/compat/libradiocompat/network/RadioNetwork.cpp
+++ b/radio/aidl/compat/libradiocompat/network/RadioNetwork.cpp
@@ -387,4 +387,19 @@
respond()->setCellularIdentifierTransparencyEnabledResponse(notSupported(serial));
return ok();
}
+
+ScopedAStatus RadioNetwork::isSecurityAlgorithmsUpdatedEnabled(int32_t serial) {
+ LOG_CALL << serial;
+ LOG(ERROR) << " isSecurityAlgorithmsUpdatedEnabled is unsupported by HIDL HALs";
+ respond()->isSecurityAlgorithmsUpdatedEnabledResponse(notSupported(serial), false);
+ return ok();
+}
+
+ScopedAStatus RadioNetwork::setSecurityAlgorithmsUpdatedEnabled(int32_t serial, bool /*enable*/) {
+ LOG_CALL << serial;
+ LOG(ERROR) << " setSecurityAlgorithmsUpdatedEnabled is unsupported by HIDL HALs";
+ respond()->setSecurityAlgorithmsUpdatedEnabledResponse(notSupported(serial));
+ return ok();
+}
+
} // namespace android::hardware::radio::compat
diff --git a/radio/aidl/vts/radio_imsmedia_session_listener.cpp b/radio/aidl/vts/radio_imsmedia_session_listener.cpp
index 986cab2..638a0e4 100644
--- a/radio/aidl/vts/radio_imsmedia_session_listener.cpp
+++ b/radio/aidl/vts/radio_imsmedia_session_listener.cpp
@@ -49,3 +49,7 @@
const CallQuality& /*in_callQuality*/) {
return ndk::ScopedAStatus::ok();
}
+ndk::ScopedAStatus ImsMediaSessionListener::notifyRtpReceptionStats(
+ const RtpReceptionStats& /*in_stats*/) {
+ return ndk::ScopedAStatus::ok();
+}
diff --git a/radio/aidl/vts/radio_imsmedia_test.cpp b/radio/aidl/vts/radio_imsmedia_test.cpp
index 425f6b4..e479e64 100644
--- a/radio/aidl/vts/radio_imsmedia_test.cpp
+++ b/radio/aidl/vts/radio_imsmedia_test.cpp
@@ -260,6 +260,59 @@
return result;
}
+TEST_P(RadioImsMediaTest, testAvSyncOperation) {
+ int32_t sessionId = 1;
+ RtpConfig modifyRtpConfig;
+ int32_t receptionInterval = 1000;
+ int32_t delay = 200;
+
+ modifyRtpConfig.direction = static_cast<int32_t>(MediaDirection::RTP_TX) |
+ static_cast<int32_t>(MediaDirection::RTP_RX) |
+ static_cast<int32_t>(MediaDirection::RTCP_TX) |
+ static_cast<int32_t>(MediaDirection::RTCP_RX);
+ modifyRtpConfig.remoteAddress.ipAddress = "122.22.22.33";
+ modifyRtpConfig.remoteAddress.portNumber = 1234;
+
+ if (!deviceSupportsFeature(FEATURE_TELEPHONY_IMS)) {
+ ALOGI("Skipping setListener because ims is not supported in device");
+ return;
+ } else {
+ ALOGI("Running setListener because ims is supported in device");
+ }
+
+ ndk::ScopedAStatus res = radio_imsmedia->setListener(radio_imsmedialistener);
+ ASSERT_OK(res);
+
+ serial = SERIAL_OPEN_SESSION;
+ res = triggerOpenSession(sessionId);
+ ASSERT_OK(res);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ EXPECT_EQ(sessionId, radio_imsmedialistener->mSessionId);
+ ASSERT_NE(nullptr, radio_imsmedialistener->mSession);
+
+ radio_imsmediasession = radio_imsmedialistener->mSession;
+ radio_imsmediasession->setListener(radio_imsmediasessionlistener);
+ ASSERT_OK(res);
+
+ serial = SERIAL_MODIFY_SESSION;
+ res = radio_imsmediasession->modifySession(modifyRtpConfig);
+ ASSERT_OK(res);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ EXPECT_EQ(modifyRtpConfig, radio_imsmediasessionlistener->mConfig);
+ verifyError(radio_imsmediasessionlistener->mError);
+
+ res = radio_imsmediasession->requestRtpReceptionStats(receptionInterval);
+ ASSERT_OK(res);
+
+ res = radio_imsmediasession->adjustDelay(delay);
+ ASSERT_OK(res);
+
+ serial = SERIAL_CLOSE_SESSION;
+ res = radio_imsmedia->closeSession(sessionId);
+ ASSERT_OK(res);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+}
+
void RadioImsMediaTest::verifyError(RtpError error) {
switch (error) {
case RtpError::NONE:
diff --git a/radio/aidl/vts/radio_imsmedia_utils.h b/radio/aidl/vts/radio_imsmedia_utils.h
index 87f1b00..407ba95 100644
--- a/radio/aidl/vts/radio_imsmedia_utils.h
+++ b/radio/aidl/vts/radio_imsmedia_utils.h
@@ -76,6 +76,7 @@
virtual ndk::ScopedAStatus onDtmfReceived(char16_t in_dtmfDigit,
int32_t in_durationMs) override;
virtual ndk::ScopedAStatus onCallQualityChanged(const CallQuality& in_callQuality) override;
+ virtual ndk::ScopedAStatus notifyRtpReceptionStats(const RtpReceptionStats& in_stats) override;
};
/* The main test class for Radio AIDL ImsMedia. */
diff --git a/radio/aidl/vts/radio_network_indication.cpp b/radio/aidl/vts/radio_network_indication.cpp
index aa14af7..9614783 100644
--- a/radio/aidl/vts/radio_network_indication.cpp
+++ b/radio/aidl/vts/radio_network_indication.cpp
@@ -103,3 +103,8 @@
const CellularIdentifierDisclosure& /*disclosures*/) {
return ndk::ScopedAStatus::ok();
}
+
+ndk::ScopedAStatus RadioNetworkIndication::securityAlgorithmsUpdated(
+ RadioIndicationType /*type*/, const SecurityAlgorithmUpdate& /*securityAlgorithmUpdate*/) {
+ return ndk::ScopedAStatus::ok();
+}
diff --git a/radio/aidl/vts/radio_network_response.cpp b/radio/aidl/vts/radio_network_response.cpp
index 8c04591..4d452d0 100644
--- a/radio/aidl/vts/radio_network_response.cpp
+++ b/radio/aidl/vts/radio_network_response.cpp
@@ -335,3 +335,18 @@
parent_network.notify(info.serial);
return ndk::ScopedAStatus::ok();
}
+
+ndk::ScopedAStatus RadioNetworkResponse::setSecurityAlgorithmsUpdatedEnabledResponse(
+ const RadioResponseInfo& info) {
+ rspInfo = info;
+ parent_network.notify(info.serial);
+ return ndk::ScopedAStatus::ok();
+}
+
+ndk::ScopedAStatus RadioNetworkResponse::isSecurityAlgorithmsUpdatedEnabledResponse(
+ const RadioResponseInfo& info, bool enabled) {
+ rspInfo = info;
+ this->isSecurityAlgorithmsUpdatedEnabled = enabled;
+ parent_network.notify(info.serial);
+ return ndk::ScopedAStatus::ok();
+}
diff --git a/radio/aidl/vts/radio_network_test.cpp b/radio/aidl/vts/radio_network_test.cpp
index 4fbfa6d..c893553 100644
--- a/radio/aidl/vts/radio_network_test.cpp
+++ b/radio/aidl/vts/radio_network_test.cpp
@@ -2488,3 +2488,86 @@
EXPECT_EQ(RadioResponseType::SOLICITED, radioRsp_network->rspInfo.type);
EXPECT_EQ(serial, radioRsp_network->rspInfo.serial);
}
+
+/*
+ * Test IRadioNetwork.setSecurityAlgorithmsUpdatedEnabled for the response returned.
+ */
+TEST_P(RadioNetworkTest, setSecurityAlgorithmsUpdatedEnabled) {
+ int32_t aidl_version;
+ ndk::ScopedAStatus aidl_status = radio_network->getInterfaceVersion(&aidl_version);
+ ASSERT_OK(aidl_status);
+ if (aidl_version < 3) {
+ ALOGI("Skipped the test since"
+ " setSecurityAlgorithmsUpdatedEnabled is not supported on version < 3");
+ GTEST_SKIP();
+ }
+
+ // Get current value
+ serial = GetRandomSerialNumber();
+ radio_network->isSecurityAlgorithmsUpdatedEnabled(serial);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ bool originalSecuritySetting = radioRsp_network->isSecurityAlgorithmsUpdatedEnabled;
+
+ // We want to test flipping the value, so we are going to set it to the opposite of what
+ // the existing setting is. The test for isSecurityAlgorithmsUpdatedEnabled should check
+ // for the right default value.
+ bool valueToSet = !originalSecuritySetting;
+ serial = GetRandomSerialNumber();
+ radio_network->setSecurityAlgorithmsUpdatedEnabled(serial, valueToSet);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ EXPECT_EQ(RadioResponseType::SOLICITED, radioRsp_network->rspInfo.type);
+ EXPECT_EQ(serial, radioRsp_network->rspInfo.serial);
+
+ ASSERT_TRUE(CheckAnyOfErrors(
+ radioRsp_network->rspInfo.error,
+ {RadioError::NONE, RadioError::RADIO_NOT_AVAILABLE, RadioError::MODEM_ERR}));
+
+ // Assert the value has changed
+ serial = GetRandomSerialNumber();
+ ndk::ScopedAStatus res = radio_network->isSecurityAlgorithmsUpdatedEnabled(serial);
+
+ ASSERT_OK(res);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ EXPECT_EQ(RadioResponseType::SOLICITED, radioRsp_network->rspInfo.type);
+ EXPECT_EQ(serial, radioRsp_network->rspInfo.serial);
+ ASSERT_TRUE(CheckAnyOfErrors(
+ radioRsp_network->rspInfo.error,
+ {RadioError::NONE, RadioError::RADIO_NOT_AVAILABLE, RadioError::MODEM_ERR}));
+ EXPECT_EQ(valueToSet, radioRsp_network->isSecurityAlgorithmsUpdatedEnabled);
+
+ // Reset original state
+ radio_network->setSecurityAlgorithmsUpdatedEnabled(serial, originalSecuritySetting);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ EXPECT_EQ(RadioResponseType::SOLICITED, radioRsp_network->rspInfo.type);
+ EXPECT_EQ(serial, radioRsp_network->rspInfo.serial);
+}
+
+/**
+ * Test IRadioNetwork.isSecurityAlgorithmsUpdatedEnabled for the response returned.
+ */
+TEST_P(RadioNetworkTest, isSecurityAlgorithmsUpdatedEnabled) {
+ int32_t aidl_version;
+ ndk::ScopedAStatus aidl_status = radio_network->getInterfaceVersion(&aidl_version);
+ ASSERT_OK(aidl_status);
+ if (aidl_version < 3) {
+ ALOGI("Skipped the test since"
+ " isSecurityAlgorithmsUpdatedEnabled is not supported on version < 3");
+ GTEST_SKIP();
+ }
+
+ serial = GetRandomSerialNumber();
+
+ ndk::ScopedAStatus res = radio_network->isSecurityAlgorithmsUpdatedEnabled(serial);
+ ASSERT_OK(res);
+
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ EXPECT_EQ(RadioResponseType::SOLICITED, radioRsp_network->rspInfo.type);
+ EXPECT_EQ(serial, radioRsp_network->rspInfo.serial);
+
+ ASSERT_TRUE(CheckAnyOfErrors(
+ radioRsp_network->rspInfo.error,
+ {RadioError::NONE, RadioError::RADIO_NOT_AVAILABLE, RadioError::MODEM_ERR}));
+
+ // the default value should be true if we have not called the setter
+ EXPECT_TRUE(radioRsp_network->isSecurityAlgorithmsUpdatedEnabled);
+}
diff --git a/radio/aidl/vts/radio_network_utils.h b/radio/aidl/vts/radio_network_utils.h
index 5cd4245..470ee73 100644
--- a/radio/aidl/vts/radio_network_utils.h
+++ b/radio/aidl/vts/radio_network_utils.h
@@ -47,6 +47,7 @@
UsageSetting usageSetting;
std::vector<RadioAccessSpecifier> specifiers;
bool isCellularIdentifierTransparencyEnabled;
+ bool isSecurityAlgorithmsUpdatedEnabled;
virtual ndk::ScopedAStatus acknowledgeRequest(int32_t serial) override;
@@ -176,6 +177,12 @@
virtual ndk::ScopedAStatus isCellularIdentifierTransparencyEnabledResponse(
const RadioResponseInfo& info, bool /*enabled*/) override;
+
+ virtual ndk::ScopedAStatus isSecurityAlgorithmsUpdatedEnabledResponse(
+ const RadioResponseInfo& info, bool isEnabled) override;
+
+ virtual ndk::ScopedAStatus setSecurityAlgorithmsUpdatedEnabledResponse(
+ const RadioResponseInfo& info) override;
};
/* Callback class for radio network indication */
@@ -236,6 +243,10 @@
virtual ndk::ScopedAStatus cellularIdentifierDisclosed(
RadioIndicationType type, const CellularIdentifierDisclosure& disclosures) override;
+
+ virtual ndk::ScopedAStatus securityAlgorithmsUpdated(
+ RadioIndicationType type,
+ const SecurityAlgorithmUpdate& securityAlgorithmUpdate) override;
};
// The main test class for Radio AIDL Network.
diff --git a/security/authgraph/aidl/android/hardware/security/authgraph/Arc.cddl b/security/authgraph/aidl/android/hardware/security/authgraph/Arc.cddl
index 4c1b965..0bc39d6 100644
--- a/security/authgraph/aidl/android/hardware/security/authgraph/Arc.cddl
+++ b/security/authgraph/aidl/android/hardware/security/authgraph/Arc.cddl
@@ -28,19 +28,19 @@
? -70003 : int, ; Timestamp in milliseconds since some starting point (generally
; the most recent device boot) which all of the applications within
; the secure domain must agree upon
- ? -70004 : bstr .size 16, ; Nonce used in key exchange methods
+ ? -70004 : bstr .size 16, ; Nonce (a cryptographic random number of 16 bytes) used in key
+ ; exchange methods
? -70005 : PayloadType, ; Payload type, if needed to disambiguate, when processing an arc
? -70006 : int, ; Version of the payload structure (if applicable)
? -70007 : int, ; Sequence number (if needed to prevent replay attacks)
? -70008 : Direction ; Direction of the encryption key (i.e. whether it is used to
; encrypt incoming messages or outgoing messages)
? -70009 : bool, ; "authentication_completed" - this is used during authenticated
- ; key exchange indicate whether signature verification is done
- ? -70010 : bstr .size 32 ; "session_id" computed during key exchange protocol
+ ; key exchange to indicate whether signature verification is done
+ ? -70010 : bstr .size 32 ; "session_id" computed during the key exchange protocol
}
-; Permissions indicate what an arc can be used with. Permissions are added to an arc during the
-; `create()` primitive operation and are propagated during `mint` and `snap` primitive operations.
+; Permissions indicate what an arc can be used with.
Permission = &(
-4770552 : IdentityEncoded, ; "source_id" - in the operations performed by a source, the
; source adds its own identity to the permissions of an arc.
@@ -54,12 +54,10 @@
; biometrics.
)
-; Limitations indicate what restrictions are applied on the usage of an arc. Permissions are added
-; to an arc during the `create` primitive operation and are propagated during `snap` primitive
-; operation.
+; Limitations indicate what restrictions are applied on the usage of an arc.
Limitation = &(
- -4770554 : bstr, ; "challenge" - is added to an arc that transfers an auth key to a channel
- ; key, in order to ensure the freshness of the authentication.
+ -4770554 : bstr, ; "challenge" - is added to an arc that encrypts an auth key from a
+ ; channel key, in order to ensure the freshness of the authentication.
; A challenge is issued by a sink (e.g. Keymint TA, Biometric TAs).
)
@@ -83,7 +81,7 @@
; Any other payload formats should also be defined here
)
-SecretKey = &( ; One of the payload types of an Arc is a secret key
+SecretKey = &(
SymmetricKey,
ECPrivateKey, ; Private key of a key pair generated for key exchange
)
diff --git a/security/authgraph/aidl/android/hardware/security/authgraph/IAuthGraphKeyExchange.aidl b/security/authgraph/aidl/android/hardware/security/authgraph/IAuthGraphKeyExchange.aidl
index 6ceb09c..a3fb959 100644
--- a/security/authgraph/aidl/android/hardware/security/authgraph/IAuthGraphKeyExchange.aidl
+++ b/security/authgraph/aidl/android/hardware/security/authgraph/IAuthGraphKeyExchange.aidl
@@ -41,8 +41,8 @@
interface IAuthGraphKeyExchange {
/**
* This method is invoked on P1 (source).
- * Create an ephermeral EC key pair on NIST curve P-256 and a nonce (of 16 bytes) for
- * key exchange.
+ * Create an ephermeral EC key pair on NIST curve P-256 and a nonce (a cryptographic random
+ * number of 16 bytes) for key exchange.
*
* @return SessionInitiationInfo including the `Key` containing the public key of the created
* key pair and an arc from the per-boot key to the private key, the nonce, the persistent
@@ -52,8 +52,8 @@
* `SessionInitiationInfo` serves two purposes:
* i. A mapping to correlate `create` and `finish` calls to P1 in a particular instance of the
* key exchange protocol.
- * ii.A way to minimize the in-memory storage (P1 can include the nonce in the protected headers
- * of the arc).
+ * ii.A way to minimize the in-memory storage of P1 allocated for key exchange (P1 can include
+ * the nonce in the protected headers of the arc).
* However, P1 should maintain some form of in-memory record to be able to verify that the input
* `Key` sent to `finish` is from an unfinished instance of a key exchange protocol, to prevent
* any replay attacks in `finish`.
@@ -66,9 +66,9 @@
* 0. If either `peerPubKey`, `peerId`, `peerNonce` is not in the expected format, return
* errors: INVALID_PEER_KE_KEY, INVALID_IDENTITY, INVALID_PEER_NONCE respectively.
* 1. Create an ephemeral EC key pair on NIST curve P-256.
- * 2. Create a nonce (of 16 bytes).
- * 3. Compute the diffie-hellman shared secret: Z.
- * 4. Compute a salt = bstr .cbor [
+ * 2. Create a nonce (a cryptographic random number of 16 bytes).
+ * 3. Compute the Diffie-Hellman shared secret: Z.
+ * 4. Compute a salt_input = bstr .cbor [
* source_version: int, ; from input `peerVersion`
* sink_pub_key: bstr .cbor PlainPubKey, ; from step #1
* source_pub_key: bstr .cbor PlainPubKey, ; from input `peerPubKey`
@@ -77,7 +77,8 @@
* sink_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from own identity
* source_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from input `peerId`
* ]
- * 5. Extract a cryptographic secret S from Z, using the salt from #4 above.
+ * 5. Extract a cryptographic secret S from Z, using the SHA256 digest of the salt_input
+ * as the salt.
* 6. Derive two symmetric encryption keys of 256 bits with:
* i. b"KE_ENCRYPTION_KEY_SOURCE_TO_SINK" as context for the key used to encrypt incoming
* messages
@@ -96,28 +97,29 @@
* part of the party's identity.
*
* @param peerPubKey - the public key of the key pair created by the peer (P1) for key exchange
+ * in `create`
*
* @param peerId - the persistent identity of the peer
*
- * @param peerNonce - nonce created by the peer
+ * @param peerNonce - nonce created by the peer in `create`
*
* @param peerVersion - an integer representing the latest protocol version (i.e. AIDL version)
* supported by the peer
*
- * @return KeInitResult including the `Key` containing the public key of the created key pair,
- * the nonce, the persistent identity, two shared key arcs from step #7, session id, signature
- * over the session id and the negotiated protocol version. The negotiated protocol version
- * should be less than or equal to the peer's version.
+ * @return KeInitResult including the `Key` containing the public key of the key pair created in
+ * step #1, the nonce from step #2, the persistent identity of P2, two shared key arcs
+ * from step #7, session id from step #10, signature over the session id from step #11 and the
+ * negotiated protocol version. The negotiated protocol version should be less than or equal to
+ * the `peerVersion`.
*
- * Note: The two shared key arcs in the return type: `KeInitResult` serves two purposes:
+ * Note: The two shared key arcs in the return type: `KeInitResult` serve two purposes:
* i. A mapping to correlate `init` and `authenticationComplete` calls to P2 in a particular
* instance of the key exchange protocol.
* ii.A way to minimize the in-memory storage of P2 allocated for key exchange.
* However, P2 should maintain some in-memory record to be able to verify that the input
- * `sharedkeys` sent to `authenticationComplete` and to any subsequent AuthGraph protocol
- * methods are valid shared keys agreed with the party identified by `peerId`, to prevent
- * any replay attacks in `authenticationComplete` and in any subsequent AuthGraph protocol
- * methods which use the shared keys to encrypt the secret messages.
+ * `sharedkeys` sent to `authenticationComplete` are from an unfinished instance of a key
+ * exchange protocol carried out with the party identified by `peerId`, to prevent any replay
+ * attacks in `authenticationComplete`.
*/
KeInitResult init(
in PubKey peerPubKey, in Identity peerId, in byte[] peerNonce, in int peerVersion);
@@ -133,8 +135,8 @@
* exchange protocol, return error: INVALID_KE_KEY. Similarly, if the public key or the
* arc containing the private key in `ownKey` is invalid, return INVALID_PUB_KEY_IN_KEY
* and INVALID_PRIV_KEY_ARC_IN_KEY respectively.
- * 1. Compute the diffie-hellman shared secret: Z.
- * 2. Compute a salt = bstr .cbor [
+ * 1. Compute the Diffie-Hellman shared secret: Z.
+ * 2. Compute a salt_input = bstr .cbor [
* source_version: int, ; the protocol version used in `create`
* sink_pub_key: bstr .cbor PlainPubKey, ; from input `peerPubKey`
* source_pub_key: bstr .cbor PlainPubKey, ; from the output of `create`
@@ -143,7 +145,8 @@
* sink_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from input `peerId`
* source_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from own identity
* ]
- * 3. Extract a cryptographic secret S from Z, using the salt from #2 above.
+ * 3. Extract a cryptographic secret S from Z, using the SHA256 digest of the salt_input
+ * as the salt.
* 4. Derive two symmetric encryption keys of 256 bits with:
* i. b"KE_ENCRYPTION_KEY_SOURCE_TO_SINK" as context for the key used to encrypt outgoing
* messages
@@ -164,25 +167,26 @@
* part of the party's identity.
*
* @param peerPubKey - the public key of the key pair created by the peer (P2) for key exchange
+ * in `init`
*
* @param peerId - the persistent identity of the peer
*
* @param peerSignature - the signature created by the peer over the session id computed by the
- * peer
+ * peer in `init`
*
- * @param peerNonce - nonce created by the peer
+ * @param peerNonce - nonce created by the peer in `init`
*
* @param peerVersion - an integer representing the protocol version (i.e. AIDL version)
* negotiated with the peer
*
- * @param ownKey - the key created by P1 (source) in `create()` for key exchange
+ * @param ownKey - the key created by P1 (source) in `create` for key exchange
*
- * @return SessionInfo including the two shared key arcs from step #9, session id and the
- * signature over the session id.
+ * @return SessionInfo including the two shared key arcs from step #9, session id from step #7
+ * and the signature over the session id from step #10.
*
- * Note: The two shared key arcs in the return type: `SessionInfo` serves two purposes:
+ * Note: The two shared key arcs in the return type: `SessionInfo` serve two purposes:
* i. A mapping to correlate the key exchange protocol taken place with a particular peer and
- * subsequent AuthGraph protocols execued with the same peer.
+ * subsequent AuthGraph protocols executed with the same peer.
* ii.A way to minimize the in-memory storage for shared keys.
* However, P1 should maintain some in-memory record to be able to verify that the shared key
* arcs sent to any subsequent AuthGraph protocol methods are valid shared keys agreed with the
@@ -196,21 +200,33 @@
* This method is invoked on P2 (sink).
* Perform the following steps:
* 0. If input `sharedKeys` is invalid (i.e. they cannot be decrypted with P2's per-boot key
- * or they are not in P2's in-memory records as valid shared keys agreed with the party
- * identified by `peerId`), return error: INVALID_SHARED_KEY_ARCS.
+ * or they are not in P2's in-memory records for unfinished instances of a key exchange
+ * protocol carried out with the party identified by the identity included in the
+ * `source_id` protected header of the shared key arcs),
+ * return error: INVALID_SHARED_KEY_ARCS.
* 1. Verify that both shared key arcs have the same session id and peer identity.
- * 2. Verify the peer's signature over the session id attached to the shared key arcs'
- * headers. If successful, proceed, otherwise, return error: INVALID_SIGNATURE.
- * 3. Mark authentication_complete = true in the shared key arcs' headers
+ * 2. Verify the `peerSignature` over the session id included in the `session_id` protected
+ * header of the shared key arcs.
+ * If successful, proceed, otherwise, return error: INVALID_SIGNATURE.
+ * 3. Mark authentication_complete = true in the shared key arcs' headers.
*
* @param peerSignature - the signature created by the peer over the session id computed by the
- * peer
+ * peer in `finish`
*
* @param sharedKeys - two shared key arcs created by P2 in `init`. P2 obtains from the arcs'
* protected headers, the session id and the peer's identity to verify the
* peer's signature over the session id.
*
* @return Arc[] - an array of two updated shared key arcs
+ *
+ * Note: The two returned shared key arcs serve two purposes:
+ * i. A mapping to correlate the key exchange protocol taken place with a particular peer and
+ * subsequent AuthGraph protocols executed with the same peer.
+ * ii.A way to minimize the in-memory storage for shared keys.
+ * However, P2 should maintain some in-memory record to be able to verify that the shared key
+ * arcs sent to any subsequent AuthGraph protocol methods are valid shared keys agreed with the
+ * party identified by the identity included in the `source_id` protected header of the shared
+ * key arcs, to prevent any replay attacks.
*/
Arc[2] authenticationComplete(in SessionIdSignature peerSignature, in Arc[2] sharedKeys);
}
diff --git a/security/authgraph/aidl/android/hardware/security/authgraph/SessionInfo.aidl b/security/authgraph/aidl/android/hardware/security/authgraph/SessionInfo.aidl
index ef49a1a..82b8c17 100644
--- a/security/authgraph/aidl/android/hardware/security/authgraph/SessionInfo.aidl
+++ b/security/authgraph/aidl/android/hardware/security/authgraph/SessionInfo.aidl
@@ -26,8 +26,8 @@
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable SessionInfo {
/**
- * The arcs that encrypt the two derived symmetric encryption keys (for two-way communication)
- * from the party's per-boot key.
+ * The arcs that encrypt the two derived symmetric encryption keys (for two-way communication).
+ * The encryption key is the party's per-boot key.
*/
Arc[2] sharedKeys;
diff --git a/security/authgraph/aidl/android/hardware/security/authgraph/SessionInitiationInfo.aidl b/security/authgraph/aidl/android/hardware/security/authgraph/SessionInitiationInfo.aidl
index c630d91..8179ac2 100644
--- a/security/authgraph/aidl/android/hardware/security/authgraph/SessionInitiationInfo.aidl
+++ b/security/authgraph/aidl/android/hardware/security/authgraph/SessionInitiationInfo.aidl
@@ -27,20 +27,22 @@
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable SessionInitiationInfo {
/**
- * An ephemeral EC key created for the ECDH process.
+ * An ephemeral EC key created for the Elliptic-curve Diffie-Hellman (ECDH) process.
*/
Key key;
/**
- * The identity of the party who created the Diffie-Hellman key exchange key.
+ * The identity of the party who creates this `SessionInitiationInfo`.
*/
Identity identity;
/**
- * Nonce value specific to this session. The nonce serves three purposes:
+ * Nonce (a cryptographic random number of 16 bytes) specific to this session.
+ * The nonce serves three purposes:
* 1. freshness of key exchange
* 2. creating a session id (a publicly known value related to the exchanged keys)
- * 3. usage as salt into the HKDF-EXTRACT function during key derivation from the shared DH key
+ * 3. usage as salt into the HKDF-EXTRACT function during key derivation from the Diffie-Hellman
+ * shared secret
*/
byte[] nonce;
diff --git a/security/authgraph/aidl/vts/functional/lib.rs b/security/authgraph/aidl/vts/functional/lib.rs
index 7b9b2b9..da3fa1c 100644
--- a/security/authgraph/aidl/vts/functional/lib.rs
+++ b/security/authgraph/aidl/vts/functional/lib.rs
@@ -24,22 +24,19 @@
PlainPubKey::PlainPubKey, PubKey::PubKey, SessionIdSignature::SessionIdSignature,
};
use authgraph_boringssl as boring;
-use authgraph_core::keyexchange as ke;
-use authgraph_core::{arc, key, traits};
-use authgraph_nonsecure::StdClock;
+use authgraph_core::{error::Error as AgError, keyexchange as ke};
use coset::CborSerializable;
pub mod sink;
pub mod source;
-/// Return a collection of AuthGraph trait implementations suitable for testing.
-pub fn test_impls() -> traits::TraitImpl {
- // Note that the local implementation is using a clock with a potentially different epoch than
- // the implementation under test.
- boring::trait_impls(
+/// Return an AuthGraphParticipant suitable for testing.
+pub fn test_ag_participant() -> Result<ke::AuthGraphParticipant, AgError> {
+ Ok(ke::AuthGraphParticipant::new(
+ boring::crypto_trait_impls(),
Box::<boring::test_device::AgDevice>::default(),
- Some(Box::new(StdClock::default())),
- )
+ ke::MAX_OPENED_SESSIONS,
+ )?)
}
fn build_plain_pub_key(pub_key: &Option<Vec<u8>>) -> PubKey {
@@ -56,14 +53,6 @@
}
}
-fn verification_key_from_identity(impls: &traits::TraitImpl, identity: &[u8]) -> key::EcVerifyKey {
- let identity = key::Identity::from_slice(identity).expect("invalid identity CBOR");
- impls
- .device
- .process_peer_cert_chain(&identity.cert_chain, &*impls.ecdsa)
- .expect("failed to extract signing key")
-}
-
fn vec_to_identity(data: &[u8]) -> Identity {
Identity {
identity: data.to_vec(),
@@ -75,26 +64,3 @@
signature: data.to_vec(),
}
}
-
-/// Decrypt a pair of AES-256 keys encrypted with the AuthGraph PBK.
-pub fn decipher_aes_keys(imp: &traits::TraitImpl, arc: &[Vec<u8>; 2]) -> [key::AesKey; 2] {
- [
- decipher_aes_key(imp, &arc[0]),
- decipher_aes_key(imp, &arc[1]),
- ]
-}
-
-/// Decrypt an AES-256 key encrypted with the AuthGraph PBK.
-pub fn decipher_aes_key(imp: &traits::TraitImpl, arc: &[u8]) -> key::AesKey {
- let pbk = imp.device.get_per_boot_key().expect("no PBK available");
- let arc::ArcContent {
- payload,
- protected_headers: _,
- unprotected_headers: _,
- } = arc::decipher_arc(&pbk, arc, &*imp.aes_gcm).expect("failed to decrypt arc");
- assert_eq!(payload.0.len(), 32);
- let mut key = key::AesKey([0; 32]);
- key.0.copy_from_slice(&payload.0);
- assert_ne!(key.0, [0; 32], "agreed AES-256 key should be non-zero");
- key
-}
diff --git a/security/authgraph/aidl/vts/functional/role_test.rs b/security/authgraph/aidl/vts/functional/role_test.rs
index e95361a..71a2fae 100644
--- a/security/authgraph/aidl/vts/functional/role_test.rs
+++ b/security/authgraph/aidl/vts/functional/role_test.rs
@@ -48,31 +48,31 @@
#[test]
fn test_nonsecure_source_mainline() {
- let mut impls = vts::test_impls();
- vts::source::test_mainline(&mut impls, require_nonsecure!());
+ let mut sink = vts::test_ag_participant().expect("failed to create a local sink");
+ vts::source::test_mainline(&mut sink, require_nonsecure!());
}
#[test]
fn test_nonsecure_source_corrupt_sig() {
- let mut impls = vts::test_impls();
- vts::source::test_corrupt_sig(&mut impls, require_nonsecure!());
+ let mut sink = vts::test_ag_participant().expect("failed to create a local sink");
+ vts::source::test_corrupt_sig(&mut sink, require_nonsecure!());
}
#[test]
fn test_nonsecure_source_corrupt_keys() {
- let mut impls = vts::test_impls();
- vts::source::test_corrupt_key(&mut impls, require_nonsecure!());
+ let mut sink = vts::test_ag_participant().expect("failed to create a local sink");
+ vts::source::test_corrupt_key(&mut sink, require_nonsecure!());
}
#[test]
fn test_nonsecure_sink_mainline() {
- let mut impls = vts::test_impls();
- vts::sink::test_mainline(&mut impls, require_nonsecure!());
+ let mut source = vts::test_ag_participant().expect("failed to create a local source");
+ vts::sink::test_mainline(&mut source, require_nonsecure!());
}
#[test]
fn test_nonsecure_sink_corrupt_sig() {
- let mut impls = vts::test_impls();
- vts::sink::test_corrupt_sig(&mut impls, require_nonsecure!());
+ let mut source = vts::test_ag_participant().expect("failed to create a local source");
+ vts::sink::test_corrupt_sig(&mut source, require_nonsecure!());
}
#[test]
fn test_nonsecure_sink_corrupt_keys() {
- let mut impls = vts::test_impls();
- vts::sink::test_corrupt_keys(&mut impls, require_nonsecure!());
+ let mut source = vts::test_ag_participant().expect("failed to create a local source");
+ vts::sink::test_corrupt_keys(&mut source, require_nonsecure!());
}
diff --git a/security/authgraph/aidl/vts/functional/sink.rs b/security/authgraph/aidl/vts/functional/sink.rs
index 5c81593..bb357b8 100644
--- a/security/authgraph/aidl/vts/functional/sink.rs
+++ b/security/authgraph/aidl/vts/functional/sink.rs
@@ -16,23 +16,28 @@
//! VTS tests for sinks
use super::*;
-use authgraph_core::traits;
+use authgraph_core::{key, keyexchange as ke};
/// Run AuthGraph tests against the provided sink, using a local test source implementation.
-pub fn test(impls: &mut traits::TraitImpl, sink: binder::Strong<dyn IAuthGraphKeyExchange>) {
- test_mainline(impls, sink.clone());
- test_corrupt_sig(impls, sink.clone());
- test_corrupt_keys(impls, sink);
+pub fn test(
+ local_source: &mut ke::AuthGraphParticipant,
+ sink: binder::Strong<dyn IAuthGraphKeyExchange>,
+) {
+ test_mainline(local_source, sink.clone());
+ test_corrupt_sig(local_source, sink.clone());
+ test_corrupt_keys(local_source, sink);
}
/// Perform mainline AuthGraph key exchange with the provided sink and local implementation.
/// Return the agreed AES keys in plaintext.
pub fn test_mainline(
- impls: &mut traits::TraitImpl,
+ local_source: &mut ke::AuthGraphParticipant,
sink: binder::Strong<dyn IAuthGraphKeyExchange>,
) -> [key::AesKey; 2] {
// Step 1: create an ephemeral ECDH key at the (local) source.
- let source_init_info = ke::create(impls).expect("failed to create() with local impl");
+ let source_init_info = local_source
+ .create()
+ .expect("failed to create() with local impl");
// Step 2: pass the source's ECDH public key and other session info to the (remote) sink.
let init_result = sink
@@ -50,40 +55,43 @@
assert!(!sink_info.sessionId.is_empty());
// The AuthGraph core library will verify the session ID signature, but do it here too.
- let sink_verification_key =
- verification_key_from_identity(&impls, &sink_init_info.identity.identity);
- ke::verify_signature_on_session_id(
- &sink_verification_key,
- &sink_info.sessionId,
- &sink_info.signature.signature,
- &*impls.ecdsa,
- )
- .expect("failed verification of signed session ID");
+ let sink_verification_key = local_source
+ .peer_verification_key_from_identity(&sink_init_info.identity.identity)
+ .expect("failed to get peer verification from identity");
+ local_source
+ .verify_signature_on_session_id(
+ &sink_verification_key,
+ &sink_info.sessionId,
+ &sink_info.signature.signature,
+ )
+ .expect("failed verification of signed session ID");
// Step 3: pass the sink's ECDH public key and other session info to the (local) source, so it
// can calculate the same pair of symmetric keys.
- let source_info = ke::finish(
- impls,
- &sink_pub_key.plainPubKey,
- &sink_init_info.identity.identity,
- &sink_info.signature.signature,
- &sink_init_info.nonce,
- sink_init_info.version,
- source_init_info.ke_key,
- )
- .expect("failed to finish() with local impl");
+ let source_info = local_source
+ .finish(
+ &sink_pub_key.plainPubKey,
+ &sink_init_info.identity.identity,
+ &sink_info.signature.signature,
+ &sink_init_info.nonce,
+ sink_init_info.version,
+ source_init_info.ke_key,
+ )
+ .expect("failed to finish() with local impl");
assert!(!source_info.session_id.is_empty());
// The AuthGraph core library will verify the session ID signature, but do it here too.
- let source_verification_key =
- verification_key_from_identity(&impls, &source_init_info.identity);
- ke::verify_signature_on_session_id(
- &source_verification_key,
- &source_info.session_id,
- &source_info.session_id_signature,
- &*impls.ecdsa,
- )
- .expect("failed verification of signed session ID");
+ let source_verification_key = key::Identity::from_slice(&source_init_info.identity)
+ .expect("invalid identity CBOR")
+ .cert_chain
+ .root_key;
+ local_source
+ .verify_signature_on_session_id(
+ &source_verification_key,
+ &source_info.session_id,
+ &source_info.session_id_signature,
+ )
+ .expect("failed verification of signed session ID");
// Both ends should agree on the session ID.
assert_eq!(source_info.session_id, sink_info.sessionId);
@@ -96,19 +104,28 @@
&sink_info.sharedKeys,
)
.expect("failed to authenticationComplete() with remote sink");
-
// Decrypt and return the session keys.
- decipher_aes_keys(&impls, &source_info.shared_keys)
+ let decrypted_shared_keys = local_source
+ .decipher_shared_keys_from_arcs(&source_info.shared_keys)
+ .expect("failed to decrypt shared key arcs")
+ .try_into();
+ let decrypted_shared_keys_array = match decrypted_shared_keys {
+ Ok(array) => array,
+ Err(_) => panic!("wrong number of decrypted shared key arcs"),
+ };
+ decrypted_shared_keys_array
}
/// Perform mainline AuthGraph key exchange with the provided sink, but provide an invalid
/// session ID signature.
pub fn test_corrupt_sig(
- impls: &mut traits::TraitImpl,
+ local_source: &mut ke::AuthGraphParticipant,
sink: binder::Strong<dyn IAuthGraphKeyExchange>,
) {
// Step 1: create an ephemeral ECDH key at the (local) source.
- let source_init_info = ke::create(impls).expect("failed to create() with local impl");
+ let source_init_info = local_source
+ .create()
+ .expect("failed to create() with local impl");
// Step 2: pass the source's ECDH public key and other session info to the (remote) sink.
let init_result = sink
@@ -127,16 +144,16 @@
// Step 3: pass the sink's ECDH public key and other session info to the (local) source, so it
// can calculate the same pair of symmetric keys.
- let source_info = ke::finish(
- impls,
- &sink_pub_key.plainPubKey,
- &sink_init_info.identity.identity,
- &sink_info.signature.signature,
- &sink_init_info.nonce,
- sink_init_info.version,
- source_init_info.ke_key,
- )
- .expect("failed to finish() with local impl");
+ let source_info = local_source
+ .finish(
+ &sink_pub_key.plainPubKey,
+ &sink_init_info.identity.identity,
+ &sink_info.signature.signature,
+ &sink_init_info.nonce,
+ sink_init_info.version,
+ source_init_info.ke_key,
+ )
+ .expect("failed to finish() with local impl");
assert!(!source_info.session_id.is_empty());
// Build a corrupted version of the (local) source's session ID signature.
@@ -158,11 +175,13 @@
/// Perform mainline AuthGraph key exchange with the provided sink, but provide an invalid
/// Arc for the sink's key.
pub fn test_corrupt_keys(
- impls: &mut traits::TraitImpl,
+ local_source: &mut ke::AuthGraphParticipant,
sink: binder::Strong<dyn IAuthGraphKeyExchange>,
) {
// Step 1: create an ephemeral ECDH key at the (local) source.
- let source_init_info = ke::create(impls).expect("failed to create() with local impl");
+ let source_init_info = local_source
+ .create()
+ .expect("failed to create() with local impl");
// Step 2: pass the source's ECDH public key and other session info to the (remote) sink.
let init_result = sink
@@ -181,16 +200,16 @@
// Step 3: pass the sink's ECDH public key and other session info to the (local) source, so it
// can calculate the same pair of symmetric keys.
- let source_info = ke::finish(
- impls,
- &sink_pub_key.plainPubKey,
- &sink_init_info.identity.identity,
- &sink_info.signature.signature,
- &sink_init_info.nonce,
- sink_init_info.version,
- source_init_info.ke_key,
- )
- .expect("failed to finish() with local impl");
+ let source_info = local_source
+ .finish(
+ &sink_pub_key.plainPubKey,
+ &sink_init_info.identity.identity,
+ &sink_info.signature.signature,
+ &sink_init_info.nonce,
+ sink_init_info.version,
+ source_init_info.ke_key,
+ )
+ .expect("failed to finish() with local impl");
assert!(!source_info.session_id.is_empty());
// Deliberately corrupt the sink's shared key Arcs before returning them
diff --git a/security/authgraph/aidl/vts/functional/source.rs b/security/authgraph/aidl/vts/functional/source.rs
index 9aaaaee..4178a99 100644
--- a/security/authgraph/aidl/vts/functional/source.rs
+++ b/security/authgraph/aidl/vts/functional/source.rs
@@ -16,19 +16,22 @@
//! VTS tests for sources
use super::*;
-use authgraph_core::traits;
+use authgraph_core::{key, keyexchange as ke};
/// Run AuthGraph tests against the provided source, using a local test sink implementation.
-pub fn test(impls: &mut traits::TraitImpl, source: binder::Strong<dyn IAuthGraphKeyExchange>) {
- test_mainline(impls, source.clone());
- test_corrupt_sig(impls, source.clone());
- test_corrupt_key(impls, source);
+pub fn test(
+ local_sink: &mut ke::AuthGraphParticipant,
+ source: binder::Strong<dyn IAuthGraphKeyExchange>,
+) {
+ test_mainline(local_sink, source.clone());
+ test_corrupt_sig(local_sink, source.clone());
+ test_corrupt_key(local_sink, source);
}
/// Perform mainline AuthGraph key exchange with the provided source.
/// Return the agreed AES keys in plaintext.
pub fn test_mainline(
- impls: &mut traits::TraitImpl,
+ local_sink: &mut ke::AuthGraphParticipant,
source: binder::Strong<dyn IAuthGraphKeyExchange>,
) -> [key::AesKey; 2] {
// Step 1: create an ephemeral ECDH key at the (remote) source.
@@ -40,14 +43,14 @@
let source_pub_key = extract_plain_pub_key(&source_init_info.key.pubKey);
// Step 2: pass the source's ECDH public key and other session info to the (local) sink.
- let init_result = ke::init(
- impls,
- &source_pub_key.plainPubKey,
- &source_init_info.identity.identity,
- &source_init_info.nonce,
- source_init_info.version,
- )
- .expect("failed to init() with local impl");
+ let init_result = local_sink
+ .init(
+ &source_pub_key.plainPubKey,
+ &source_init_info.identity.identity,
+ &source_init_info.nonce,
+ source_init_info.version,
+ )
+ .expect("failed to init() with local impl");
let sink_init_info = init_result.session_init_info;
let sink_pub_key = sink_init_info
.ke_key
@@ -58,14 +61,17 @@
assert!(!sink_info.session_id.is_empty());
// The AuthGraph core library will verify the session ID signature, but do it here too.
- let sink_verification_key = verification_key_from_identity(&impls, &sink_init_info.identity);
- ke::verify_signature_on_session_id(
- &sink_verification_key,
- &sink_info.session_id,
- &sink_info.session_id_signature,
- &*impls.ecdsa,
- )
- .expect("failed verification of signed session ID");
+ let sink_verification_key = key::Identity::from_slice(&sink_init_info.identity)
+ .expect("invalid identity CBOR")
+ .cert_chain
+ .root_key;
+ local_sink
+ .verify_signature_on_session_id(
+ &sink_verification_key,
+ &sink_info.session_id,
+ &sink_info.session_id_signature,
+ )
+ .expect("failed verification of signed session ID");
// Step 3: pass the sink's ECDH public key and other session info to the (remote) source, so it
// can calculate the same pair of symmetric keys.
@@ -86,36 +92,41 @@
assert!(!source_info.sessionId.is_empty());
// The AuthGraph core library will verify the session ID signature, but do it here too.
- let source_verification_key =
- verification_key_from_identity(&impls, &source_init_info.identity.identity);
- ke::verify_signature_on_session_id(
- &source_verification_key,
- &source_info.sessionId,
- &source_info.signature.signature,
- &*impls.ecdsa,
- )
- .expect("failed verification of signed session ID");
+ let source_verification_key = local_sink
+ .peer_verification_key_from_identity(&source_init_info.identity.identity)
+ .expect("failed to get peer verification from identity");
+ local_sink
+ .verify_signature_on_session_id(
+ &source_verification_key,
+ &source_info.sessionId,
+ &source_info.signature.signature,
+ )
+ .expect("failed verification of signed session ID");
// Both ends should agree on the session ID.
assert_eq!(source_info.sessionId, sink_info.session_id);
// Step 4: pass the (remote) source's session ID signature back to the sink, so it can check it
// and update the symmetric keys so they're marked as authentication complete.
- let sink_arcs = ke::authentication_complete(
- impls,
- &source_info.signature.signature,
- sink_info.shared_keys,
- )
- .expect("failed to authenticationComplete() with local sink");
-
+ let sink_arcs = local_sink
+ .authentication_complete(&source_info.signature.signature, sink_info.shared_keys)
+ .expect("failed to authenticationComplete() with local sink");
// Decrypt and return the session keys.
- decipher_aes_keys(&impls, &sink_arcs)
+ let decrypted_shared_keys = local_sink
+ .decipher_shared_keys_from_arcs(&sink_arcs)
+ .expect("failed to decrypt shared key arcs")
+ .try_into();
+ let decrypted_shared_keys_array = match decrypted_shared_keys {
+ Ok(array) => array,
+ Err(_) => panic!("wrong number of decrypted shared key arcs"),
+ };
+ decrypted_shared_keys_array
}
/// Perform mainline AuthGraph key exchange with the provided source, but provide an invalid session
/// ID signature.
pub fn test_corrupt_sig(
- impls: &mut traits::TraitImpl,
+ local_sink: &mut ke::AuthGraphParticipant,
source: binder::Strong<dyn IAuthGraphKeyExchange>,
) {
// Step 1: create an ephemeral ECDH key at the (remote) source.
@@ -127,14 +138,14 @@
let source_pub_key = extract_plain_pub_key(&source_init_info.key.pubKey);
// Step 2: pass the source's ECDH public key and other session info to the (local) sink.
- let init_result = ke::init(
- impls,
- &source_pub_key.plainPubKey,
- &source_init_info.identity.identity,
- &source_init_info.nonce,
- source_init_info.version,
- )
- .expect("failed to init() with local impl");
+ let init_result = local_sink
+ .init(
+ &source_pub_key.plainPubKey,
+ &source_init_info.identity.identity,
+ &source_init_info.nonce,
+ source_init_info.version,
+ )
+ .expect("failed to init() with local impl");
let sink_init_info = init_result.session_init_info;
let sink_pub_key = sink_init_info
.ke_key
@@ -172,7 +183,7 @@
/// Perform mainline AuthGraph key exchange with the provided source, but give it back
/// a corrupted key.
pub fn test_corrupt_key(
- impls: &mut traits::TraitImpl,
+ local_sink: &mut ke::AuthGraphParticipant,
source: binder::Strong<dyn IAuthGraphKeyExchange>,
) {
// Step 1: create an ephemeral ECDH key at the (remote) source.
@@ -184,14 +195,14 @@
let source_pub_key = extract_plain_pub_key(&source_init_info.key.pubKey);
// Step 2: pass the source's ECDH public key and other session info to the (local) sink.
- let init_result = ke::init(
- impls,
- &source_pub_key.plainPubKey,
- &source_init_info.identity.identity,
- &source_init_info.nonce,
- source_init_info.version,
- )
- .expect("failed to init() with local impl");
+ let init_result = local_sink
+ .init(
+ &source_pub_key.plainPubKey,
+ &source_init_info.identity.identity,
+ &source_init_info.nonce,
+ source_init_info.version,
+ )
+ .expect("failed to init() with local impl");
let sink_init_info = init_result.session_init_info;
let sink_pub_key = sink_init_info
.ke_key
@@ -202,14 +213,17 @@
assert!(!sink_info.session_id.is_empty());
// The AuthGraph core library will verify the session ID signature, but do it here too.
- let sink_verification_key = verification_key_from_identity(&impls, &sink_init_info.identity);
- ke::verify_signature_on_session_id(
- &sink_verification_key,
- &sink_info.session_id,
- &sink_info.session_id_signature,
- &*impls.ecdsa,
- )
- .expect("failed verification of signed session ID");
+ let sink_verification_key = key::Identity::from_slice(&sink_init_info.identity)
+ .expect("invalid identity CBOR")
+ .cert_chain
+ .root_key;
+ local_sink
+ .verify_signature_on_session_id(
+ &sink_verification_key,
+ &sink_info.session_id,
+ &sink_info.session_id_signature,
+ )
+ .expect("failed verification of signed session ID");
// Deliberately corrupt the source's encrypted key.
let mut corrupt_key = source_init_info.key.clone();
diff --git a/security/authgraph/default/src/fuzzer.rs b/security/authgraph/default/src/fuzzer.rs
index 6a9cfdd..d401777 100644
--- a/security/authgraph/default/src/fuzzer.rs
+++ b/security/authgraph/default/src/fuzzer.rs
@@ -25,7 +25,7 @@
use std::sync::{Arc, Mutex};
fuzz_target!(|data: &[u8]| {
- let local_ta = LocalTa::new();
+ let local_ta = LocalTa::new().expect("Failed to create an AuthGraph local TA.");
let service = AuthGraphService::new_as_binder(Arc::new(Mutex::new(local_ta)));
fuzz_service(&mut service.as_binder(), data);
});
diff --git a/security/authgraph/default/src/lib.rs b/security/authgraph/default/src/lib.rs
index 4cd0cb7..43d037c 100644
--- a/security/authgraph/default/src/lib.rs
+++ b/security/authgraph/default/src/lib.rs
@@ -18,7 +18,9 @@
use authgraph_boringssl as boring;
use authgraph_core::{
+ error,
key::MillisecondsSinceEpoch,
+ keyexchange,
ta::{AuthGraphTa, Role},
traits,
};
@@ -57,16 +59,17 @@
impl LocalTa {
/// Create a new instance.
- pub fn new() -> Self {
- Self {
+ pub fn new() -> Result<Self, error::Error> {
+ Ok(Self {
ta: Arc::new(Mutex::new(AuthGraphTa::new(
- boring::trait_impls(
+ keyexchange::AuthGraphParticipant::new(
+ boring::crypto_trait_impls(),
Box::<boring::test_device::AgDevice>::default(),
- Some(Box::new(StdClock::default())),
- ),
+ keyexchange::MAX_OPENED_SESSIONS,
+ )?,
Role::Both,
))),
- }
+ })
}
}
diff --git a/security/authgraph/default/src/main.rs b/security/authgraph/default/src/main.rs
index 873eb4e..81f2dd6 100644
--- a/security/authgraph/default/src/main.rs
+++ b/security/authgraph/default/src/main.rs
@@ -65,7 +65,8 @@
binder::ProcessState::start_thread_pool();
// Register the service
- let local_ta = LocalTa::new();
+ let local_ta =
+ LocalTa::new().map_err(|e| format!("Failed to create the TA because: {e:?}"))?;
let service = service::AuthGraphService::new_as_binder(Arc::new(Mutex::new(local_ta)));
let service_name = format!("{}/{}", SERVICE_NAME, SERVICE_INSTANCE);
binder::add_service(&service_name, service.as_binder()).map_err(|e| {
diff --git a/tv/tuner/aidl/default/Demux.cpp b/tv/tuner/aidl/default/Demux.cpp
index 34e3442..de94467 100644
--- a/tv/tuner/aidl/default/Demux.cpp
+++ b/tv/tuner/aidl/default/Demux.cpp
@@ -53,6 +53,9 @@
Demux::~Demux() {
ALOGV("%s", __FUNCTION__);
+ if (mDemuxIptvReadThread.joinable()) {
+ mDemuxIptvReadThread.join();
+ }
close();
}
@@ -114,16 +117,26 @@
}
}
-void Demux::readIptvThreadLoop(dtv_plugin* interface, dtv_streamer* streamer, void* buf,
- size_t buf_size, int timeout_ms, int buffer_timeout) {
+void Demux::setIptvThreadRunning(bool isIptvThreadRunning) {
+ std::unique_lock<std::mutex> lock(mIsIptvThreadRunningMutex);
+ mIsIptvReadThreadRunning = isIptvThreadRunning;
+ mIsIptvThreadRunningCv.notify_all();
+}
+
+void Demux::readIptvThreadLoop(dtv_plugin* interface, dtv_streamer* streamer, size_t buf_size,
+ int timeout_ms, int buffer_timeout) {
Timer *timer, *fullBufferTimer;
- while (mDemuxIptvReadThreadRunning) {
+ while (true) {
+ std::unique_lock<std::mutex> lock(mIsIptvThreadRunningMutex);
+ mIsIptvThreadRunningCv.wait(lock, [this] { return mIsIptvReadThreadRunning; });
if (mIsIptvDvrFMQFull && fullBufferTimer->get_elapsed_time_ms() > buffer_timeout) {
ALOGE("DVR FMQ has not been flushed within timeout of %d ms", buffer_timeout);
delete fullBufferTimer;
break;
}
timer = new Timer();
+ void* buf = malloc(sizeof(char) * IPTV_BUFFER_SIZE);
+ if (buf == nullptr) ALOGI("Buffer allocation failed");
ssize_t bytes_read = interface->read_stream(streamer, buf, buf_size, timeout_ms);
if (bytes_read == 0) {
double elapsed_time = timer->get_elapsed_time_ms();
@@ -157,8 +170,9 @@
default:
ALOGI("Invalid DVR Status");
}
+
+ free(buf);
}
- mDemuxIptvReadThreadRunning = false;
}
::ndk::ScopedAStatus Demux::setFrontendDataSource(int32_t in_frontendId) {
@@ -216,17 +230,8 @@
// while thread is alive, keep reading data
int timeout_ms = 20;
int buffer_timeout = 10000; // 10s
- void* buf = malloc(sizeof(char) * IPTV_BUFFER_SIZE);
- if (buf == nullptr) ALOGI("malloc buf failed");
- ALOGI("[ INFO ] Allocated buffer of size %d", IPTV_BUFFER_SIZE);
- ALOGI("Getting FMQ from DVR instance to write socket data");
- mDemuxIptvReadThreadRunning = true;
mDemuxIptvReadThread = std::thread(&Demux::readIptvThreadLoop, this, interface, streamer,
- buf, IPTV_BUFFER_SIZE, timeout_ms, buffer_timeout);
- if (mDemuxIptvReadThread.joinable()) {
- mDemuxIptvReadThread.join();
- }
- free(buf);
+ IPTV_BUFFER_SIZE, timeout_ms, buffer_timeout);
}
return ::ndk::ScopedAStatus::ok();
}
diff --git a/tv/tuner/aidl/default/Demux.h b/tv/tuner/aidl/default/Demux.h
index a23063f..ad7b7a7 100644
--- a/tv/tuner/aidl/default/Demux.h
+++ b/tv/tuner/aidl/default/Demux.h
@@ -103,7 +103,7 @@
void setIsRecording(bool isRecording);
bool isRecording();
void startFrontendInputLoop();
- void readIptvThreadLoop(dtv_plugin* interface, dtv_streamer* streamer, void* buf, size_t size,
+ void readIptvThreadLoop(dtv_plugin* interface, dtv_streamer* streamer, size_t size,
int timeout_ms, int buffer_timeout);
/**
@@ -124,6 +124,11 @@
void setInUse(bool inUse);
void setTunerService(std::shared_ptr<Tuner> tuner);
+ /**
+ * Setter for IPTV Reading thread
+ */
+ void setIptvThreadRunning(bool isIptvThreadRunning);
+
private:
// Tuner service
std::shared_ptr<Tuner> mTuner;
@@ -196,10 +201,16 @@
* If a specific filter's writing loop is still running
*/
std::atomic<bool> mFrontendInputThreadRunning;
- std::atomic<bool> mDemuxIptvReadThreadRunning;
std::atomic<bool> mKeepFetchingDataFromFrontend;
/**
+ * Controls IPTV reading thread status
+ */
+ bool mIsIptvReadThreadRunning;
+ std::mutex mIsIptvThreadRunningMutex;
+ std::condition_variable mIsIptvThreadRunningCv;
+
+ /**
* If the dvr recording is running.
*/
bool mIsRecording = false;
diff --git a/tv/tuner/aidl/default/Filter.cpp b/tv/tuner/aidl/default/Filter.cpp
index d8f5dd5..212d329 100644
--- a/tv/tuner/aidl/default/Filter.cpp
+++ b/tv/tuner/aidl/default/Filter.cpp
@@ -328,6 +328,8 @@
std::vector<DemuxFilterEvent> events;
mFilterCount += 1;
+ mDemux->setIptvThreadRunning(true);
+
// All the filter event callbacks in start are for testing purpose.
switch (mType.mainType) {
case DemuxFilterMainType::TS:
@@ -365,6 +367,9 @@
ALOGV("%s", __FUNCTION__);
mFilterCount -= 1;
+ if (mFilterCount == 0) {
+ mDemux->setIptvThreadRunning(false);
+ }
mFilterThreadRunning = false;
if (mFilterThread.joinable()) {
diff --git a/tv/tuner/aidl/default/Frontend.cpp b/tv/tuner/aidl/default/Frontend.cpp
index 6bdbac5..57ed1ba 100644
--- a/tv/tuner/aidl/default/Frontend.cpp
+++ b/tv/tuner/aidl/default/Frontend.cpp
@@ -34,6 +34,8 @@
mTuner = nullptr;
// Init callback to nullptr
mCallback = nullptr;
+ mIptvPluginInterface = nullptr;
+ mIptvPluginStreamer = nullptr;
switch (mType) {
case FrontendType::ISDBS: {
@@ -215,7 +217,7 @@
void Frontend::readTuneByte(dtv_streamer* streamer, void* buf, size_t buf_size, int timeout_ms) {
ssize_t bytes_read = mIptvPluginInterface->read_stream(streamer, buf, buf_size, timeout_ms);
- if (bytes_read == 0) {
+ if (bytes_read <= 0) {
ALOGI("[ ERROR ] Tune byte couldn't be read.");
return;
}
diff --git a/wifi/aidl/Android.bp b/wifi/aidl/Android.bp
index 7bc8ae7..ac95f85 100644
--- a/wifi/aidl/Android.bp
+++ b/wifi/aidl/Android.bp
@@ -27,6 +27,9 @@
srcs: [
"android/hardware/wifi/*.aidl",
],
+ imports: [
+ "android.hardware.wifi.common-V1",
+ ],
stability: "vintf",
backend: {
java: {
@@ -42,6 +45,9 @@
enabled: false,
},
},
+ cpp: {
+ enabled: false,
+ },
},
versions_with_info: [
{
@@ -49,6 +55,5 @@
imports: [],
},
],
- frozen: true,
-
+ frozen: false,
}
diff --git a/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/IWifiChip.aidl b/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/IWifiChip.aidl
index 4ea2081..2d7fe03 100644
--- a/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/IWifiChip.aidl
+++ b/wifi/aidl/aidl_api/android.hardware.wifi/current/android/hardware/wifi/IWifiChip.aidl
@@ -83,6 +83,7 @@
void triggerSubsystemRestart();
void enableStaChannelForPeerNetwork(in int channelCategoryEnableFlag);
void setMloMode(in android.hardware.wifi.IWifiChip.ChipMloMode mode);
+ @PropagateAllowBlocking android.hardware.wifi.IWifiApIface createApOrBridgedApIface(in android.hardware.wifi.IfaceConcurrencyType iface, in android.hardware.wifi.common.OuiKeyedData[] vendorData);
const int NO_POWER_CAP_CONSTANT = 0x7FFFFFFF;
@Backing(type="int") @VintfStability
enum FeatureSetMask {
diff --git a/wifi/aidl/android/hardware/wifi/IWifiChip.aidl b/wifi/aidl/android/hardware/wifi/IWifiChip.aidl
index c1caa7e..733ff62 100644
--- a/wifi/aidl/android/hardware/wifi/IWifiChip.aidl
+++ b/wifi/aidl/android/hardware/wifi/IWifiChip.aidl
@@ -33,6 +33,7 @@
import android.hardware.wifi.WifiIfaceMode;
import android.hardware.wifi.WifiRadioCombination;
import android.hardware.wifi.WifiUsableChannel;
+import android.hardware.wifi.common.OuiKeyedData;
/**
* Interface that represents a chip that must be configured as a single unit.
@@ -1149,4 +1150,27 @@
*
*/
void setMloMode(in ChipMloMode mode);
+
+ /**
+ * Create an AP or bridged AP iface on the chip using vendor-provided configuration parameters.
+ *
+ * Depending on the mode the chip is configured in, the interface creation
+ * may fail (code: |WifiStatusCode.ERROR_NOT_AVAILABLE|) if we've already
+ * reached the maximum allowed (specified in |ChipIfaceCombination|) number
+ * of ifaces of the AP or AP_BRIDGED type.
+ *
+ * @param iface IfaceConcurrencyType to be created. Takes one of
+ |IfaceConcurrencyType.AP| or |IfaceConcurrencyType.AP_BRIDGED|
+ * @param vendorData Vendor-provided configuration data as a list of |OuiKeyedData|.
+ * @return AIDL interface object representing the iface if
+ * successful, null otherwise.
+ * @throws ServiceSpecificException with one of the following values:
+ * |WifiStatusCode.ERROR_WIFI_CHIP_INVALID|,
+ * |WifiStatusCode.ERROR_NOT_SUPPORTED|,
+ * |WifiStatusCode.ERROR_NOT_AVAILABLE|,
+ * |WifiStatusCode.ERROR_INVALID_ARGS|
+ */
+ @PropagateAllowBlocking
+ IWifiApIface createApOrBridgedApIface(
+ in IfaceConcurrencyType iface, in OuiKeyedData[] vendorData);
}
diff --git a/wifi/aidl/default/Android.bp b/wifi/aidl/default/Android.bp
index 91d609d..31a3531 100644
--- a/wifi/aidl/default/Android.bp
+++ b/wifi/aidl/default/Android.bp
@@ -105,7 +105,7 @@
"libwifi-hal",
"libwifi-system-iface",
"libxml2",
- "android.hardware.wifi-V1-ndk",
+ "android.hardware.wifi-V2-ndk",
],
export_include_dirs: ["."],
@@ -132,7 +132,7 @@
"libwifi-hal",
"libwifi-system-iface",
"libxml2",
- "android.hardware.wifi-V1-ndk",
+ "android.hardware.wifi-V2-ndk",
],
static_libs: ["android.hardware.wifi-service-lib"],
init_rc: ["android.hardware.wifi-service.rc"],
@@ -161,7 +161,7 @@
"libwifi-hal",
"libwifi-system-iface",
"libxml2",
- "android.hardware.wifi-V1-ndk",
+ "android.hardware.wifi-V2-ndk",
],
static_libs: ["android.hardware.wifi-service-lib"],
init_rc: ["android.hardware.wifi-service-lazy.rc"],
@@ -192,7 +192,8 @@
static_libs: [
"libgmock",
"libgtest",
- "android.hardware.wifi-V1-ndk",
+ "android.hardware.wifi-V2-ndk",
+ "android.hardware.wifi.common-V1-ndk",
"android.hardware.wifi-service-lib",
],
shared_libs: [
diff --git a/wifi/aidl/default/android.hardware.wifi-service.xml b/wifi/aidl/default/android.hardware.wifi-service.xml
index 5398ee7..3b68c8e 100644
--- a/wifi/aidl/default/android.hardware.wifi-service.xml
+++ b/wifi/aidl/default/android.hardware.wifi-service.xml
@@ -1,6 +1,7 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.wifi</name>
+ <version>2</version>
<fqname>IWifi/default</fqname>
</hal>
</manifest>
diff --git a/wifi/aidl/default/wifi_chip.cpp b/wifi/aidl/default/wifi_chip.cpp
index 41b386c..d72775c 100644
--- a/wifi/aidl/default/wifi_chip.cpp
+++ b/wifi/aidl/default/wifi_chip.cpp
@@ -369,6 +369,14 @@
&WifiChip::createBridgedApIfaceInternal, _aidl_return);
}
+ndk::ScopedAStatus WifiChip::createApOrBridgedApIface(
+ IfaceConcurrencyType in_ifaceType, const std::vector<common::OuiKeyedData>& in_vendorData,
+ std::shared_ptr<IWifiApIface>* _aidl_return) {
+ return validateAndCall(this, WifiStatusCode::ERROR_WIFI_CHIP_INVALID,
+ &WifiChip::createApOrBridgedApIfaceInternal, _aidl_return, in_ifaceType,
+ in_vendorData);
+}
+
ndk::ScopedAStatus WifiChip::getApIfaceNames(std::vector<std::string>* _aidl_return) {
return validateAndCall(this, WifiStatusCode::ERROR_WIFI_CHIP_INVALID,
&WifiChip::getApIfaceNamesInternal, _aidl_return);
@@ -854,6 +862,18 @@
return {iface, ndk::ScopedAStatus::ok()};
}
+std::pair<std::shared_ptr<IWifiApIface>, ndk::ScopedAStatus>
+WifiChip::createApOrBridgedApIfaceInternal(
+ IfaceConcurrencyType ifaceType, const std::vector<common::OuiKeyedData>& /* vendorData */) {
+ if (ifaceType == IfaceConcurrencyType::AP) {
+ return createApIfaceInternal();
+ } else if (ifaceType == IfaceConcurrencyType::AP_BRIDGED) {
+ return createBridgedApIfaceInternal();
+ } else {
+ return {nullptr, createWifiStatus(WifiStatusCode::ERROR_INVALID_ARGS)};
+ }
+}
+
std::pair<std::vector<std::string>, ndk::ScopedAStatus> WifiChip::getApIfaceNamesInternal() {
if (ap_ifaces_.empty()) {
return {std::vector<std::string>(), ndk::ScopedAStatus::ok()};
diff --git a/wifi/aidl/default/wifi_chip.h b/wifi/aidl/default/wifi_chip.h
index 1a36032..c6517db 100644
--- a/wifi/aidl/default/wifi_chip.h
+++ b/wifi/aidl/default/wifi_chip.h
@@ -19,6 +19,7 @@
#include <aidl/android/hardware/wifi/BnWifiChip.h>
#include <aidl/android/hardware/wifi/IWifiRttController.h>
+#include <aidl/android/hardware/wifi/common/OuiKeyedData.h>
#include <android-base/macros.h>
#include <list>
@@ -96,6 +97,10 @@
ndk::ScopedAStatus requestFirmwareDebugDump(std::vector<uint8_t>* _aidl_return) override;
ndk::ScopedAStatus createApIface(std::shared_ptr<IWifiApIface>* _aidl_return) override;
ndk::ScopedAStatus createBridgedApIface(std::shared_ptr<IWifiApIface>* _aidl_return) override;
+ ndk::ScopedAStatus createApOrBridgedApIface(
+ IfaceConcurrencyType in_ifaceType,
+ const std::vector<common::OuiKeyedData>& in_vendorData,
+ std::shared_ptr<IWifiApIface>* _aidl_return) override;
ndk::ScopedAStatus getApIfaceNames(std::vector<std::string>* _aidl_return) override;
ndk::ScopedAStatus getApIface(const std::string& in_ifname,
std::shared_ptr<IWifiApIface>* _aidl_return) override;
@@ -176,6 +181,8 @@
ndk::ScopedAStatus createVirtualApInterface(const std::string& apVirtIf);
std::pair<std::shared_ptr<IWifiApIface>, ndk::ScopedAStatus> createApIfaceInternal();
std::pair<std::shared_ptr<IWifiApIface>, ndk::ScopedAStatus> createBridgedApIfaceInternal();
+ std::pair<std::shared_ptr<IWifiApIface>, ndk::ScopedAStatus> createApOrBridgedApIfaceInternal(
+ IfaceConcurrencyType ifaceType, const std::vector<common::OuiKeyedData>& vendorData);
std::pair<std::vector<std::string>, ndk::ScopedAStatus> getApIfaceNamesInternal();
std::pair<std::shared_ptr<IWifiApIface>, ndk::ScopedAStatus> getApIfaceInternal(
const std::string& ifname);