Merge "Update some comments for tuner AIDL HAL."
diff --git a/authsecret/aidl/default/service.cpp b/authsecret/aidl/default/service.cpp
index efecf10..a7d8678 100644
--- a/authsecret/aidl/default/service.cpp
+++ b/authsecret/aidl/default/service.cpp
@@ -28,7 +28,7 @@
const std::string instance = std::string() + AuthSecret::descriptor + "/default";
binder_status_t status = AServiceManager_addService(authsecret->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return -1; // Should never be reached
diff --git a/automotive/audiocontrol/aidl/default/main.cpp b/automotive/audiocontrol/aidl/default/main.cpp
index 9b259fc..cc15ccb 100644
--- a/automotive/audiocontrol/aidl/default/main.cpp
+++ b/automotive/audiocontrol/aidl/default/main.cpp
@@ -31,7 +31,7 @@
const std::string instance = std::string() + AudioControl::descriptor + "/default";
binder_status_t status =
AServiceManager_addService(audioControl->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
std::shared_ptr<PowerPolicyClient> powerPolicyClient =
::ndk::SharedRefBase::make<PowerPolicyClient>(audioControl);
diff --git a/biometrics/face/aidl/default/main.cpp b/biometrics/face/aidl/default/main.cpp
index 80b153e..b7274e3 100644
--- a/biometrics/face/aidl/default/main.cpp
+++ b/biometrics/face/aidl/default/main.cpp
@@ -29,7 +29,7 @@
const std::string instance = std::string(Face::descriptor) + "/default";
binder_status_t status = AServiceManager_addService(hal->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reach
diff --git a/biometrics/fingerprint/aidl/default/main.cpp b/biometrics/fingerprint/aidl/default/main.cpp
index 4690d73..c985201 100644
--- a/biometrics/fingerprint/aidl/default/main.cpp
+++ b/biometrics/fingerprint/aidl/default/main.cpp
@@ -29,7 +29,7 @@
const std::string instance = std::string(Fingerprint::descriptor) + "/default";
binder_status_t status = AServiceManager_addService(hal->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reach
diff --git a/compatibility_matrices/compatibility_matrix.current.xml b/compatibility_matrices/compatibility_matrix.current.xml
index 6919b9b..34fbaaf 100644
--- a/compatibility_matrices/compatibility_matrix.current.xml
+++ b/compatibility_matrices/compatibility_matrix.current.xml
@@ -372,7 +372,7 @@
</hal>
<hal format="aidl" optional="true">
<name>android.hardware.security.keymint</name>
- <version>1</version>
+ <version>1-2</version>
<interface>
<name>IKeyMintDevice</name>
<instance>default</instance>
@@ -381,6 +381,7 @@
</hal>
<hal format="aidl" optional="true">
<name>android.hardware.security.keymint</name>
+ <version>1-2</version>
<interface>
<name>IRemotelyProvisionedComponent</name>
<instance>default</instance>
@@ -457,7 +458,7 @@
</hal>
<hal format="aidl" optional="false">
<name>android.hardware.power</name>
- <version>1-2</version>
+ <version>1-3</version>
<interface>
<name>IPower</name>
<instance>default</instance>
diff --git a/contexthub/aidl/aidl_api/android.hardware.contexthub/current/android/hardware/contexthub/NanoappInfo.aidl b/contexthub/aidl/aidl_api/android.hardware.contexthub/current/android/hardware/contexthub/NanoappInfo.aidl
index ea7825a..7175d7f 100644
--- a/contexthub/aidl/aidl_api/android.hardware.contexthub/current/android/hardware/contexthub/NanoappInfo.aidl
+++ b/contexthub/aidl/aidl_api/android.hardware.contexthub/current/android/hardware/contexthub/NanoappInfo.aidl
@@ -38,4 +38,5 @@
int nanoappVersion;
boolean enabled;
String[] permissions;
+ android.hardware.contexthub.NanoappRpcService[] rpcServices;
}
diff --git a/contexthub/aidl/aidl_api/android.hardware.contexthub/current/android/hardware/contexthub/NanoappRpcService.aidl b/contexthub/aidl/aidl_api/android.hardware.contexthub/current/android/hardware/contexthub/NanoappRpcService.aidl
new file mode 100644
index 0000000..a6a1644
--- /dev/null
+++ b/contexthub/aidl/aidl_api/android.hardware.contexthub/current/android/hardware/contexthub/NanoappRpcService.aidl
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.contexthub;
+@VintfStability
+parcelable NanoappRpcService {
+ long id;
+ int version;
+}
diff --git a/contexthub/aidl/android/hardware/contexthub/NanoappInfo.aidl b/contexthub/aidl/android/hardware/contexthub/NanoappInfo.aidl
index 9991dc8..77ac026 100644
--- a/contexthub/aidl/android/hardware/contexthub/NanoappInfo.aidl
+++ b/contexthub/aidl/android/hardware/contexthub/NanoappInfo.aidl
@@ -16,6 +16,8 @@
package android.hardware.contexthub;
+import android.hardware.contexthub.NanoappRpcService;
+
@VintfStability
parcelable NanoappInfo {
/** The unique identifier of the nanoapp. */
@@ -39,4 +41,9 @@
* this list.
*/
String[] permissions;
+
+ /**
+ * The list of RPC services supported by this nanoapp.
+ */
+ NanoappRpcService[] rpcServices;
}
diff --git a/contexthub/aidl/android/hardware/contexthub/NanoappRpcService.aidl b/contexthub/aidl/android/hardware/contexthub/NanoappRpcService.aidl
new file mode 100644
index 0000000..6dc5e95
--- /dev/null
+++ b/contexthub/aidl/android/hardware/contexthub/NanoappRpcService.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.contexthub;
+
+/**
+ * An RPC service exposed by a nanoapp.
+ *
+ * The implementation of the RPC interface is not defined by the HAL, and is written
+ * at the messaging endpoint layers (Android app and/or CHRE nanoapp). NanoappRpcService
+ * contains the informational metadata to be consumed by the RPC interface layer.
+ */
+@VintfStability
+parcelable NanoappRpcService {
+ /**
+ * The unique 64-bit ID of an RPC service exposed by a nanoapp. Note that
+ * the uniqueness is only required within the nanoapp's domain (i.e. the
+ * combination of the nanoapp ID and service id must be unique).
+ */
+ long id;
+
+ /**
+ * The software version of this service, which follows the semantic
+ * versioning scheme (see semver.org). It follows the format
+ * major.minor.patch, where major and minor versions take up one byte
+ * each, and the patch version takes up the final 2 bytes.
+ */
+ int version;
+}
diff --git a/contexthub/aidl/vts/VtsAidlHalContextHubTargetTest.cpp b/contexthub/aidl/vts/VtsAidlHalContextHubTargetTest.cpp
index 1b2dc29..392e23c 100644
--- a/contexthub/aidl/vts/VtsAidlHalContextHubTargetTest.cpp
+++ b/contexthub/aidl/vts/VtsAidlHalContextHubTargetTest.cpp
@@ -41,6 +41,7 @@
using ::android::hardware::contexthub::IContextHubCallbackDefault;
using ::android::hardware::contexthub::NanoappBinary;
using ::android::hardware::contexthub::NanoappInfo;
+using ::android::hardware::contexthub::NanoappRpcService;
using ::android::hardware::contexthub::Setting;
using ::android::hardware::contexthub::vts_utils::kNonExistentAppId;
using ::android::hardware::contexthub::vts_utils::waitForCallback;
@@ -151,6 +152,14 @@
for (const NanoappInfo& appInfo : appInfoList) {
EXPECT_NE(appInfo.nanoappId, UINT64_C(0));
EXPECT_NE(appInfo.nanoappId, kNonExistentAppId);
+
+ // Verify services are unique.
+ std::set<uint64_t> existingServiceIds;
+ for (const NanoappRpcService& rpcService : appInfo.rpcServices) {
+ EXPECT_NE(rpcService.id, UINT64_C(0));
+ EXPECT_EQ(existingServiceIds.count(rpcService.id), 0);
+ existingServiceIds.insert(rpcService.id);
+ }
}
}
diff --git a/dumpstate/aidl/default/main.cpp b/dumpstate/aidl/default/main.cpp
index 2451752..5bc85b4 100644
--- a/dumpstate/aidl/default/main.cpp
+++ b/dumpstate/aidl/default/main.cpp
@@ -29,7 +29,7 @@
const std::string instance = std::string() + Dumpstate::descriptor + "/default";
binder_status_t status =
AServiceManager_registerLazyService(dumpstate->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // Unreachable
diff --git a/gnss/aidl/aidl_api/android.hardware.gnss/current/android/hardware/gnss/IGnss.aidl b/gnss/aidl/aidl_api/android.hardware.gnss/current/android/hardware/gnss/IGnss.aidl
index ea98030..9df7fe5 100644
--- a/gnss/aidl/aidl_api/android.hardware.gnss/current/android/hardware/gnss/IGnss.aidl
+++ b/gnss/aidl/aidl_api/android.hardware.gnss/current/android/hardware/gnss/IGnss.aidl
@@ -44,6 +44,7 @@
@nullable android.hardware.gnss.IGnssGeofence getExtensionGnssGeofence();
@nullable android.hardware.gnss.IGnssNavigationMessageInterface getExtensionGnssNavigationMessage();
android.hardware.gnss.IAGnss getExtensionAGnss();
+ android.hardware.gnss.IGnssDebug getExtensionGnssDebug();
const int ERROR_INVALID_ARGUMENT = 1;
const int ERROR_ALREADY_INIT = 2;
const int ERROR_GENERIC = 3;
diff --git a/gnss/aidl/aidl_api/android.hardware.gnss/current/android/hardware/gnss/IGnssDebug.aidl b/gnss/aidl/aidl_api/android.hardware.gnss/current/android/hardware/gnss/IGnssDebug.aidl
new file mode 100644
index 0000000..27d9887
--- /dev/null
+++ b/gnss/aidl/aidl_api/android.hardware.gnss/current/android/hardware/gnss/IGnssDebug.aidl
@@ -0,0 +1,94 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.gnss;
+@VintfStability
+interface IGnssDebug {
+ android.hardware.gnss.IGnssDebug.DebugData getDebugData();
+ @Backing(type="int") @VintfStability
+ enum SatelliteEphemerisType {
+ EPHEMERIS = 0,
+ ALMANAC_ONLY = 1,
+ NOT_AVAILABLE = 2,
+ }
+ @Backing(type="int") @VintfStability
+ enum SatelliteEphemerisSource {
+ DEMODULATED = 0,
+ SUPL_PROVIDED = 1,
+ OTHER_SERVER_PROVIDED = 2,
+ OTHER = 3,
+ }
+ @Backing(type="int") @VintfStability
+ enum SatelliteEphemerisHealth {
+ GOOD = 0,
+ BAD = 1,
+ UNKNOWN = 2,
+ }
+ @VintfStability
+ parcelable TimeDebug {
+ long timeEstimateMs;
+ float timeUncertaintyNs;
+ float frequencyUncertaintyNsPerSec;
+ }
+ @VintfStability
+ parcelable PositionDebug {
+ boolean valid;
+ double latitudeDegrees;
+ double longitudeDegrees;
+ float altitudeMeters;
+ float speedMetersPerSec;
+ float bearingDegrees;
+ double horizontalAccuracyMeters;
+ double verticalAccuracyMeters;
+ double speedAccuracyMetersPerSecond;
+ double bearingAccuracyDegrees;
+ float ageSeconds;
+ }
+ @VintfStability
+ parcelable SatelliteData {
+ int svid;
+ android.hardware.gnss.GnssConstellationType constellation;
+ android.hardware.gnss.IGnssDebug.SatelliteEphemerisType ephemerisType;
+ android.hardware.gnss.IGnssDebug.SatelliteEphemerisSource ephemerisSource;
+ android.hardware.gnss.IGnssDebug.SatelliteEphemerisHealth ephemerisHealth;
+ float ephemerisAgeSeconds;
+ boolean serverPredictionIsAvailable;
+ float serverPredictionAgeSeconds;
+ }
+ @VintfStability
+ parcelable DebugData {
+ android.hardware.gnss.IGnssDebug.PositionDebug position;
+ android.hardware.gnss.IGnssDebug.TimeDebug time;
+ List<android.hardware.gnss.IGnssDebug.SatelliteData> satelliteDataArray;
+ }
+}
diff --git a/gnss/aidl/android/hardware/gnss/IGnss.aidl b/gnss/aidl/android/hardware/gnss/IGnss.aidl
index 91403ca..2751521 100644
--- a/gnss/aidl/android/hardware/gnss/IGnss.aidl
+++ b/gnss/aidl/android/hardware/gnss/IGnss.aidl
@@ -20,6 +20,7 @@
import android.hardware.gnss.IGnssBatching;
import android.hardware.gnss.IGnssCallback;
import android.hardware.gnss.IGnssConfiguration;
+import android.hardware.gnss.IGnssDebug;
import android.hardware.gnss.IGnssGeofence;
import android.hardware.gnss.IGnssMeasurementInterface;
import android.hardware.gnss.IGnssNavigationMessageInterface;
@@ -134,4 +135,13 @@
* @return The IAGnss interface.
*/
IAGnss getExtensionAGnss();
+
+ /**
+ * This method returns the IGnssDebug interface.
+ *
+ * This method must return non-null.
+ *
+ * @return Handle to the IGnssDebug interface.
+ */
+ IGnssDebug getExtensionGnssDebug();
}
diff --git a/gnss/aidl/android/hardware/gnss/IGnssDebug.aidl b/gnss/aidl/android/hardware/gnss/IGnssDebug.aidl
new file mode 100644
index 0000000..475a4a3
--- /dev/null
+++ b/gnss/aidl/android/hardware/gnss/IGnssDebug.aidl
@@ -0,0 +1,208 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.gnss;
+
+import android.hardware.gnss.GnssConstellationType;
+
+/**
+ * Extended interface for GNSS Debug support
+ *
+ * This information is used for debugging purpose, e.g., shown in a bugreport to
+ * describe the chipset states including time, position, and satellite data.
+ */
+@VintfStability
+interface IGnssDebug {
+ /** Satellite's ephemeris type */
+ @VintfStability
+ @Backing(type="int")
+ enum SatelliteEphemerisType {
+ EPHEMERIS = 0,
+ ALMANAC_ONLY = 1,
+ NOT_AVAILABLE = 2,
+ }
+
+ /** Satellite's ephemeris source */
+ @VintfStability
+ @Backing(type="int")
+ enum SatelliteEphemerisSource {
+ DEMODULATED = 0,
+ SUPL_PROVIDED = 1,
+ OTHER_SERVER_PROVIDED = 2,
+ OTHER = 3,
+ }
+
+ /** Satellite's ephemeris health */
+ @VintfStability
+ @Backing(type="int")
+ enum SatelliteEphemerisHealth {
+ GOOD = 0,
+ BAD = 1,
+ UNKNOWN = 2,
+ }
+
+ /**
+ * Provides the current best known UTC time estimate.
+ * If no fresh information is available, e.g. after a delete all,
+ * then whatever the effective defaults are on the device must be
+ * provided (e.g. Jan. 1, 2017, with an uncertainty of 5 years) expressed
+ * in the specified units.
+ */
+ @VintfStability
+ parcelable TimeDebug {
+ /** UTC time estimate in milliseconds. */
+ long timeEstimateMs;
+
+ /** 68% time error estimate in nanoseconds. */
+ float timeUncertaintyNs;
+
+ /**
+ * 68% error estimate in local clock drift,
+ * in nanoseconds per second (also known as parts per billion - ppb.)
+ */
+ float frequencyUncertaintyNsPerSec;
+ }
+
+ @VintfStability
+ parcelable PositionDebug {
+ /**
+ * Validity of the data in this struct. False only if no
+ * latitude/longitude information is known.
+ */
+ boolean valid;
+
+ /** Latitude expressed in degrees */
+ double latitudeDegrees;
+
+ /** Longitude expressed in degrees */
+ double longitudeDegrees;
+
+ /** Altitude above ellipsoid expressed in meters */
+ float altitudeMeters;
+
+ /** Represents horizontal speed in meters per second. */
+ float speedMetersPerSec;
+
+ /** Represents heading in degrees. */
+ float bearingDegrees;
+
+ /**
+ * Estimated horizontal accuracy of position expressed in meters,
+ * radial, 68% confidence.
+ */
+ double horizontalAccuracyMeters;
+
+ /**
+ * Estimated vertical accuracy of position expressed in meters, with
+ * 68% confidence.
+ */
+ double verticalAccuracyMeters;
+
+ /**
+ * Estimated speed accuracy in meters per second with 68% confidence.
+ */
+ double speedAccuracyMetersPerSecond;
+
+ /**
+ * Estimated bearing accuracy degrees with 68% confidence.
+ */
+ double bearingAccuracyDegrees;
+
+ /**
+ * Time duration before this report that this position information was
+ * valid. This can, for example, be a previous injected location with
+ * an age potentially thousands of seconds old, or
+ * extrapolated to the current time (with appropriately increased
+ * accuracy estimates), with a (near) zero age.
+ */
+ float ageSeconds;
+ }
+
+ @VintfStability
+ parcelable SatelliteData {
+ /** Satellite vehicle ID number */
+ int svid;
+
+ /** Defines the constellation type of the given SV. */
+ GnssConstellationType constellation;
+
+ /**
+ * Defines the standard broadcast ephemeris or almanac availability for
+ * the satellite. To report status of predicted orbit and clock
+ * information, see the serverPrediction fields below.
+ */
+ SatelliteEphemerisType ephemerisType;
+
+ /** Defines the ephemeris source of the satellite. */
+ SatelliteEphemerisSource ephemerisSource;
+
+ /**
+ * Defines whether the satellite is known healthy
+ * (safe for use in location calculation.)
+ */
+ SatelliteEphemerisHealth ephemerisHealth;
+
+ /**
+ * Time duration from this report (current time), minus the
+ * effective time of the ephemeris source (e.g. TOE, TOA.)
+ * Set to 0 when ephemerisType is NOT_AVAILABLE.
+ */
+ float ephemerisAgeSeconds;
+
+ /**
+ * True if a server has provided a predicted orbit and clock model for
+ * this satellite.
+ */
+ boolean serverPredictionIsAvailable;
+
+ /**
+ * Time duration from this report (current time) minus the time of the
+ * start of the server predicted information. For example, a 1 day
+ * old prediction would be reported as 86400 seconds here.
+ */
+ float serverPredictionAgeSeconds;
+ }
+
+ /**
+ * Provides a set of debug information that is filled by the GNSS chipset
+ * when the method getDebugData() is invoked.
+ */
+ @VintfStability
+ parcelable DebugData {
+ /** Current best known position. */
+ PositionDebug position;
+
+ /** Current best know time estimate */
+ TimeDebug time;
+
+ /**
+ * Provides a list of the available satellite data, for all
+ * satellites and constellations the device can track,
+ * including GnssConstellationType UNKNOWN.
+ */
+ List<SatelliteData> satelliteDataArray;
+ }
+
+ /**
+ * This methods requests position, time and satellite ephemeris debug information
+ * from the HAL.
+ *
+ * @return ret debugData information from GNSS Hal that contains the current best
+ * known position, best known time estimate and a complete list of
+ * constellations that the device can track.
+ */
+ DebugData getDebugData();
+}
diff --git a/gnss/aidl/default/Android.bp b/gnss/aidl/default/Android.bp
index 1236714..24569ae 100644
--- a/gnss/aidl/default/Android.bp
+++ b/gnss/aidl/default/Android.bp
@@ -58,6 +58,7 @@
"AGnss.cpp",
"Gnss.cpp",
"GnssBatching.cpp",
+ "GnssDebug.cpp",
"GnssGeofence.cpp",
"GnssHidlHal.cpp",
"GnssNavigationMessageInterface.cpp",
diff --git a/gnss/aidl/default/Gnss.cpp b/gnss/aidl/default/Gnss.cpp
index 0e3cdd3..45d6b1d 100644
--- a/gnss/aidl/default/Gnss.cpp
+++ b/gnss/aidl/default/Gnss.cpp
@@ -21,6 +21,7 @@
#include "AGnss.h"
#include "GnssBatching.h"
#include "GnssConfiguration.h"
+#include "GnssDebug.h"
#include "GnssGeofence.h"
#include "GnssMeasurementInterface.h"
#include "GnssNavigationMessageInterface.h"
@@ -120,4 +121,11 @@
return ndk::ScopedAStatus::ok();
}
+ndk::ScopedAStatus Gnss::getExtensionGnssDebug(std::shared_ptr<IGnssDebug>* iGnssDebug) {
+ ALOGD("Gnss::getExtensionGnssDebug");
+
+ *iGnssDebug = SharedRefBase::make<GnssDebug>();
+ return ndk::ScopedAStatus::ok();
+}
+
} // namespace aidl::android::hardware::gnss
diff --git a/gnss/aidl/default/Gnss.h b/gnss/aidl/default/Gnss.h
index 4feb781..f59607f 100644
--- a/gnss/aidl/default/Gnss.h
+++ b/gnss/aidl/default/Gnss.h
@@ -20,6 +20,7 @@
#include <aidl/android/hardware/gnss/BnGnss.h>
#include <aidl/android/hardware/gnss/BnGnssBatching.h>
#include <aidl/android/hardware/gnss/BnGnssConfiguration.h>
+#include <aidl/android/hardware/gnss/BnGnssDebug.h>
#include <aidl/android/hardware/gnss/BnGnssMeasurementInterface.h>
#include <aidl/android/hardware/gnss/BnGnssPowerIndication.h>
#include <aidl/android/hardware/gnss/BnGnssPsds.h>
@@ -46,6 +47,7 @@
ndk::ScopedAStatus getExtensionGnssNavigationMessage(
std::shared_ptr<IGnssNavigationMessageInterface>* iGnssNavigationMessage) override;
ndk::ScopedAStatus getExtensionAGnss(std::shared_ptr<IAGnss>* iAGnss) override;
+ ndk::ScopedAStatus getExtensionGnssDebug(std::shared_ptr<IGnssDebug>* iGnssDebug) override;
std::shared_ptr<GnssConfiguration> mGnssConfiguration;
std::shared_ptr<GnssPowerIndication> mGnssPowerIndication;
diff --git a/gnss/aidl/default/GnssDebug.cpp b/gnss/aidl/default/GnssDebug.cpp
new file mode 100644
index 0000000..f40c0bc
--- /dev/null
+++ b/gnss/aidl/default/GnssDebug.cpp
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "GnssDebugAidl"
+
+#include "GnssDebug.h"
+#include <log/log.h>
+#include "MockLocation.h"
+
+namespace aidl::android::hardware::gnss {
+
+ndk::ScopedAStatus GnssDebug::getDebugData(DebugData* debugData) {
+ ALOGD("GnssDebug::getDebugData");
+
+ PositionDebug positionDebug = {.valid = true,
+ .latitudeDegrees = 37.4219999,
+ .longitudeDegrees = -122.0840575,
+ .altitudeMeters = 1.60062531,
+ .speedMetersPerSec = 0,
+ .bearingDegrees = 0,
+ .horizontalAccuracyMeters = 5,
+ .verticalAccuracyMeters = 5,
+ .speedAccuracyMetersPerSecond = 1,
+ .bearingAccuracyDegrees = 90,
+ .ageSeconds = 0.99};
+ TimeDebug timeDebug = {.timeEstimateMs = 1519930775453L,
+ .timeUncertaintyNs = 1000,
+ .frequencyUncertaintyNsPerSec = 5.0e4};
+ std::vector<SatelliteData> satelliteDataArrayDebug = {};
+ debugData->position = positionDebug;
+ debugData->time = timeDebug;
+ debugData->satelliteDataArray = satelliteDataArrayDebug;
+
+ return ndk::ScopedAStatus::ok();
+}
+
+} // namespace aidl::android::hardware::gnss
diff --git a/gnss/aidl/default/GnssDebug.h b/gnss/aidl/default/GnssDebug.h
new file mode 100644
index 0000000..001d47c
--- /dev/null
+++ b/gnss/aidl/default/GnssDebug.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <aidl/android/hardware/gnss/BnGnssDebug.h>
+
+namespace aidl::android::hardware::gnss {
+
+struct GnssDebug : public BnGnssDebug {
+ public:
+ ndk::ScopedAStatus getDebugData(DebugData* debugData) override;
+};
+
+} // namespace aidl::android::hardware::gnss
diff --git a/gnss/aidl/default/service.cpp b/gnss/aidl/default/service.cpp
index 09f1ad2..bbe34f1 100644
--- a/gnss/aidl/default/service.cpp
+++ b/gnss/aidl/default/service.cpp
@@ -42,7 +42,7 @@
const std::string instance = std::string() + Gnss::descriptor + "/default";
binder_status_t status =
AServiceManager_addService(gnssAidl->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
sp<IGnss> gnss = new GnssHidlHal(gnssAidl);
configureRpcThreadpool(1, true /* will join */);
diff --git a/gnss/aidl/vts/gnss_hal_test_cases.cpp b/gnss/aidl/vts/gnss_hal_test_cases.cpp
index aac59db..36be631 100644
--- a/gnss/aidl/vts/gnss_hal_test_cases.cpp
+++ b/gnss/aidl/vts/gnss_hal_test_cases.cpp
@@ -19,10 +19,12 @@
#include <android/hardware/gnss/IAGnss.h>
#include <android/hardware/gnss/IGnss.h>
#include <android/hardware/gnss/IGnssBatching.h>
+#include <android/hardware/gnss/IGnssDebug.h>
#include <android/hardware/gnss/IGnssMeasurementCallback.h>
#include <android/hardware/gnss/IGnssMeasurementInterface.h>
#include <android/hardware/gnss/IGnssPowerIndication.h>
#include <android/hardware/gnss/IGnssPsds.h>
+#include <cutils/properties.h>
#include "AGnssCallbackAidl.h"
#include "GnssBatchingCallback.h"
#include "GnssGeofenceCallback.h"
@@ -43,6 +45,7 @@
using android::hardware::gnss::IGnssBatching;
using android::hardware::gnss::IGnssBatchingCallback;
using android::hardware::gnss::IGnssConfiguration;
+using android::hardware::gnss::IGnssDebug;
using android::hardware::gnss::IGnssGeofence;
using android::hardware::gnss::IGnssGeofenceCallback;
using android::hardware::gnss::IGnssMeasurementCallback;
@@ -55,6 +58,12 @@
using GnssConstellationTypeAidl = android::hardware::gnss::GnssConstellationType;
+static bool IsAutomotiveDevice() {
+ char buffer[PROPERTY_VALUE_MAX] = {0};
+ property_get("ro.hardware.type", buffer, "");
+ return strncmp(buffer, "automotive", PROPERTY_VALUE_MAX) == 0;
+}
+
/*
* SetupTeardownCreateCleanup:
* Requests the gnss HAL then calls cleanup
@@ -820,3 +829,50 @@
status = iAGnss->setServer(AGnssType::SUPL, String16("supl.google.com"), 7275);
ASSERT_TRUE(status.isOk());
}
+
+/*
+ * GnssDebugValuesSanityTest:
+ * Ensures that GnssDebug values make sense.
+ */
+TEST_P(GnssHalTest, GnssDebugValuesSanityTest) {
+ if (aidl_gnss_hal_->getInterfaceVersion() == 1) {
+ return;
+ }
+ sp<IGnssDebug> iGnssDebug;
+ auto status = aidl_gnss_hal_->getExtensionGnssDebug(&iGnssDebug);
+ ASSERT_TRUE(status.isOk());
+
+ if (!IsAutomotiveDevice() && gnss_cb_->info_cbq_.calledCount() > 0) {
+ ASSERT_TRUE(iGnssDebug != nullptr);
+
+ IGnssDebug::DebugData data;
+ auto status = iGnssDebug->getDebugData(&data);
+ ASSERT_TRUE(status.isOk());
+
+ if (data.position.valid) {
+ ASSERT_TRUE(data.position.latitudeDegrees >= -90 &&
+ data.position.latitudeDegrees <= 90);
+ ASSERT_TRUE(data.position.longitudeDegrees >= -180 &&
+ data.position.longitudeDegrees <= 180);
+ ASSERT_TRUE(data.position.altitudeMeters >= -1000 && // Dead Sea: -414m
+ data.position.altitudeMeters <= 20000); // Mount Everest: 8850m
+ ASSERT_TRUE(data.position.speedMetersPerSec >= 0 &&
+ data.position.speedMetersPerSec <= 600);
+ ASSERT_TRUE(data.position.bearingDegrees >= -360 &&
+ data.position.bearingDegrees <= 360);
+ ASSERT_TRUE(data.position.horizontalAccuracyMeters > 0 &&
+ data.position.horizontalAccuracyMeters <= 20000000);
+ ASSERT_TRUE(data.position.verticalAccuracyMeters > 0 &&
+ data.position.verticalAccuracyMeters <= 20000);
+ ASSERT_TRUE(data.position.speedAccuracyMetersPerSecond > 0 &&
+ data.position.speedAccuracyMetersPerSecond <= 500);
+ ASSERT_TRUE(data.position.bearingAccuracyDegrees > 0 &&
+ data.position.bearingAccuracyDegrees <= 180);
+ ASSERT_TRUE(data.position.ageSeconds >= 0);
+ }
+ ASSERT_TRUE(data.time.timeEstimateMs >= 1483228800000); // Jan 01 2017 00:00:00 GMT.
+ ASSERT_TRUE(data.time.timeUncertaintyNs > 0);
+ ASSERT_TRUE(data.time.frequencyUncertaintyNsPerSec > 0 &&
+ data.time.frequencyUncertaintyNsPerSec <= 2.0e5); // 200 ppm
+ }
+}
diff --git a/graphics/composer/aidl/android/hardware/graphics/composer3/vts/functional/VtsHalGraphicsComposer3_TargetTest.cpp b/graphics/composer/aidl/android/hardware/graphics/composer3/vts/functional/VtsHalGraphicsComposer3_TargetTest.cpp
index 272da7e..39825c4 100644
--- a/graphics/composer/aidl/android/hardware/graphics/composer3/vts/functional/VtsHalGraphicsComposer3_TargetTest.cpp
+++ b/graphics/composer/aidl/android/hardware/graphics/composer3/vts/functional/VtsHalGraphicsComposer3_TargetTest.cpp
@@ -1968,5 +1968,41 @@
ALOGE("Failed to stop init.svc.surfaceflinger");
return -1;
}
+
+ android::ProcessState::self()->setThreadPoolMaxThreadCount(4);
+
+ // The binder threadpool we start will inherit sched policy and priority
+ // of (this) creating thread. We want the binder thread pool to have
+ // SCHED_FIFO policy and priority 1 (lowest RT priority)
+ // Once the pool is created we reset this thread's priority back to
+ // original.
+ // This thread policy is based on what we do in the SurfaceFlinger while starting
+ // the thread pool and we need to replicate that for the VTS tests.
+ int newPriority = 0;
+ int origPolicy = sched_getscheduler(0);
+ struct sched_param origSchedParam;
+
+ int errorInPriorityModification = sched_getparam(0, &origSchedParam);
+ if (errorInPriorityModification == 0) {
+ int policy = SCHED_FIFO;
+ newPriority = sched_get_priority_min(policy);
+
+ struct sched_param param;
+ param.sched_priority = newPriority;
+
+ errorInPriorityModification = sched_setscheduler(0, policy, ¶m);
+ }
+
+ // start the thread pool
+ android::ProcessState::self()->startThreadPool();
+
+ // Reset current thread's policy and priority
+ if (errorInPriorityModification == 0) {
+ errorInPriorityModification = sched_setscheduler(0, origPolicy, &origSchedParam);
+ } else {
+ ALOGE("Failed to set VtsHalGraphicsComposer3_TargetTest binder threadpool priority to "
+ "SCHED_FIFO");
+ }
+
return RUN_ALL_TESTS();
}
diff --git a/identity/aidl/default/service.cpp b/identity/aidl/default/service.cpp
index c290c08..78f4fbc 100644
--- a/identity/aidl/default/service.cpp
+++ b/identity/aidl/default/service.cpp
@@ -43,7 +43,7 @@
const std::string instance = std::string() + IdentityCredentialStore::descriptor + "/default";
binder_status_t status = AServiceManager_addService(store->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reach
diff --git a/light/aidl/default/main.cpp b/light/aidl/default/main.cpp
index a860bf4..54e1316 100644
--- a/light/aidl/default/main.cpp
+++ b/light/aidl/default/main.cpp
@@ -28,7 +28,7 @@
const std::string instance = std::string() + Lights::descriptor + "/default";
binder_status_t status = AServiceManager_addService(lights->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reached
diff --git a/memtrack/aidl/default/main.cpp b/memtrack/aidl/default/main.cpp
index d063d2a..5cf5f94 100644
--- a/memtrack/aidl/default/main.cpp
+++ b/memtrack/aidl/default/main.cpp
@@ -29,7 +29,7 @@
const std::string instance = std::string() + Memtrack::descriptor + "/default";
binder_status_t status =
AServiceManager_addService(memtrack->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // Unreachable
diff --git a/oemlock/aidl/default/service.cpp b/oemlock/aidl/default/service.cpp
index af828a0..9fa7d63 100644
--- a/oemlock/aidl/default/service.cpp
+++ b/oemlock/aidl/default/service.cpp
@@ -28,7 +28,7 @@
const std::string instance = std::string() + OemLock::descriptor + "/default";
binder_status_t status = AServiceManager_addService(oemlock->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return -1; // Should never be reached
diff --git a/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/Mode.aidl b/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/Mode.aidl
index 8920c01..ba444a7 100644
--- a/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/Mode.aidl
+++ b/power/aidl/aidl_api/android.hardware.power/current/android/hardware/power/Mode.aidl
@@ -49,4 +49,5 @@
CAMERA_STREAMING_LOW = 12,
CAMERA_STREAMING_MID = 13,
CAMERA_STREAMING_HIGH = 14,
+ GAME_LOADING = 15,
}
diff --git a/power/aidl/android/hardware/power/Mode.aidl b/power/aidl/android/hardware/power/Mode.aidl
index ae113e3..2ebace1 100644
--- a/power/aidl/android/hardware/power/Mode.aidl
+++ b/power/aidl/android/hardware/power/Mode.aidl
@@ -162,4 +162,9 @@
* This hint indicates that camera high resolution stream is being started.
*/
CAMERA_STREAMING_HIGH,
+
+ /**
+ * This mode indicates that the user is waiting for loading in a game.
+ */
+ GAME_LOADING,
}
diff --git a/power/aidl/default/Android.bp b/power/aidl/default/Android.bp
index 9acb9e0..223b9d5 100644
--- a/power/aidl/default/Android.bp
+++ b/power/aidl/default/Android.bp
@@ -30,7 +30,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.power-V2-ndk",
+ "android.hardware.power-V3-ndk",
],
srcs: [
"main.cpp",
diff --git a/power/aidl/default/main.cpp b/power/aidl/default/main.cpp
index 964bd96..306b91b 100644
--- a/power/aidl/default/main.cpp
+++ b/power/aidl/default/main.cpp
@@ -28,7 +28,7 @@
const std::string instance = std::string() + Power::descriptor + "/default";
binder_status_t status = AServiceManager_addService(vib->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reach
diff --git a/power/aidl/default/power-default.xml b/power/aidl/default/power-default.xml
index 9f56deb..927ba22 100644
--- a/power/aidl/default/power-default.xml
+++ b/power/aidl/default/power-default.xml
@@ -1,7 +1,7 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.power</name>
- <version>2</version>
+ <version>3</version>
<fqname>IPower/default</fqname>
</hal>
</manifest>
diff --git a/power/stats/aidl/default/main.cpp b/power/stats/aidl/default/main.cpp
index 2fe3d2e..9e78247 100644
--- a/power/stats/aidl/default/main.cpp
+++ b/power/stats/aidl/default/main.cpp
@@ -73,7 +73,7 @@
const std::string instance = std::string() + PowerStats::descriptor + "/default";
binder_status_t status = AServiceManager_addService(p->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reach
diff --git a/rebootescrow/aidl/default/service.cpp b/rebootescrow/aidl/default/service.cpp
index 8a8086b..dc06c71 100644
--- a/rebootescrow/aidl/default/service.cpp
+++ b/rebootescrow/aidl/default/service.cpp
@@ -34,7 +34,7 @@
auto re = ndk::SharedRefBase::make<RebootEscrow>(rebootEscrowDevicePath);
const std::string instance = std::string() + RebootEscrow::descriptor + "/default";
binder_status_t status = AServiceManager_addService(re->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE;
diff --git a/security/keymint/aidl/Android.bp b/security/keymint/aidl/Android.bp
index 3cf6ff2..dcbe9c1 100644
--- a/security/keymint/aidl/Android.bp
+++ b/security/keymint/aidl/Android.bp
@@ -45,14 +45,14 @@
cc_defaults {
name: "keymint_use_latest_hal_aidl_ndk_static",
static_libs: [
- "android.hardware.security.keymint-V1-ndk",
+ "android.hardware.security.keymint-V2-ndk",
],
}
cc_defaults {
name: "keymint_use_latest_hal_aidl_ndk_shared",
shared_libs: [
- "android.hardware.security.keymint-V1-ndk",
+ "android.hardware.security.keymint-V2-ndk",
],
}
@@ -62,6 +62,6 @@
rust_defaults {
name: "keymint_use_latest_hal_aidl_rust",
rustlibs: [
- "android.hardware.security.keymint-V1-rust",
+ "android.hardware.security.keymint-V2-rust",
],
}
diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/EcCurve.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/EcCurve.aidl
index 6b4a9ae..ffc7efe 100644
--- a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/EcCurve.aidl
+++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/EcCurve.aidl
@@ -39,4 +39,5 @@
P_256 = 1,
P_384 = 2,
P_521 = 3,
+ CURVE_25519 = 4,
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/EcCurve.aidl b/security/keymint/aidl/android/hardware/security/keymint/EcCurve.aidl
index 5b1c10c..e9f81d8 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/EcCurve.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/EcCurve.aidl
@@ -27,4 +27,5 @@
P_256 = 1,
P_384 = 2,
P_521 = 3,
+ CURVE_25519 = 4,
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index cd8cfc5..9846ee9 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -93,6 +93,11 @@
* P-521. STRONGBOX IKeyMintDevices must support NIST curve P-256.
* - TRUSTED_ENVIRONMENT IKeyMintDevices must support SHA1, SHA-2 224, SHA-2 256, SHA-2
* 384 and SHA-2 512 digest modes. STRONGBOX IKeyMintDevices must support SHA-2 256.
+ * - TRUSTED_ENVRIONMENT IKeyMintDevices must support curve 25519 for Purpose::SIGN (Ed25519,
+ * as specified in RFC 8032), Purpose::ATTEST_KEY (Ed25519) or for KeyPurpose::AGREE_KEY
+ * (X25519, as specified in RFC 7748). However, a key must have exactly one of these
+ * purpose values; the same key cannot be used for multiple purposes.
+ * STRONGBOX IKeyMintDevices do not support curve 25519.
*
* o AES
*
@@ -287,7 +292,7 @@
* except AGREE_KEY must be supported for RSA keys.
*
* o Tag::DIGEST specifies digest algorithms that may be used with the new key. TEE
- * IKeyMintDevice implementations must support all Digest values (see digest.aidl) for RSA
+ * IKeyMintDevice implementations must support all Digest values (see Digest.aidl) for RSA
* keys. StrongBox IKeyMintDevice implementations must support SHA_2_256.
*
* o Tag::PADDING specifies the padding modes that may be used with the new
@@ -298,13 +303,24 @@
* == ECDSA Keys ==
*
* Tag::EC_CURVE must be provided to generate an ECDSA key. If it is not provided, generateKey
- * must return ErrorCode::UNSUPPORTED_KEY_SIZE. TEE IKeyMintDevice implementations must support
- * all curves. StrongBox implementations must support P_256.
-
+ * must return ErrorCode::UNSUPPORTED_KEY_SIZE or ErrorCode::UNSUPPORTED_EC_CURVE. TEE
+ * IKeyMintDevice implementations must support all required curves. StrongBox implementations
+ * must support P_256 and no other curves.
+ *
* Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER must be provided to specify the
* valid date range for the returned X.509 certificate holding the public key. If omitted,
* generateKey must return ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.
*
+ * Keys with EC_CURVE of EcCurve::CURVE_25519 must have exactly one purpose in the set
+ * {KeyPurpose::SIGN, KeyPurpose::ATTEST_KEY, KeyPurpose::AGREE_KEY}. Key generation with more
+ * than one purpose should be rejected with ErrorCode::INCOMPATIBLE_PURPOSE.
+ * StrongBox implementation do not support CURVE_25519.
+ *
+ * Tag::DIGEST specifies digest algorithms that may be used with the new key. TEE
+ * IKeyMintDevice implementations must support all Digest values (see Digest.aidl) for ECDSA
+ * keys; Ed25519 keys only support Digest::NONE. StrongBox IKeyMintDevice implementations must
+ * support SHA_2_256.
+ *
* == AES Keys ==
*
* Only Tag::KEY_SIZE is required to generate an AES key. If omitted, generateKey must return
diff --git a/security/keymint/aidl/android/hardware/security/keymint/KeyFormat.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyFormat.aidl
index da3d521..3faef38 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/KeyFormat.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/KeyFormat.aidl
@@ -25,8 +25,10 @@
enum KeyFormat {
/** X.509 certificate format, for public key export. */
X509 = 0,
- /** PCKS#8 format, asymmetric key pair import. */
+ /** PKCS#8 format, asymmetric key pair import. */
PKCS8 = 1,
- /** Raw bytes, for symmetric key import. */
+ /**
+ * Raw bytes, for symmetric key import, and for import of raw asymmetric keys for curve 25519.
+ */
RAW = 3,
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/KeyPurpose.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyPurpose.aidl
index e141e55..fd103ef 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/KeyPurpose.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/KeyPurpose.aidl
@@ -44,6 +44,10 @@
AGREE_KEY = 6,
/* Usable as an attestation signing key. Keys with this purpose must not have any other
- * purpose. */
+ * purpose; if they do, key generation/import must be rejected with
+ * ErrorCode::INCOMPATIBLE_PURPOSE. (Rationale: If key also included KeyPurpose::SIGN, then
+ * it could be used to sign arbitrary data, including any tbsCertificate, and so an
+ * attestation produced by the key would have no security properties.)
+ */
ATTEST_KEY = 7,
}
diff --git a/security/keymint/aidl/default/service.cpp b/security/keymint/aidl/default/service.cpp
index 8092e34..dc0c618 100644
--- a/security/keymint/aidl/default/service.cpp
+++ b/security/keymint/aidl/default/service.cpp
@@ -39,7 +39,7 @@
LOG(INFO) << "adding keymint service instance: " << instanceName;
binder_status_t status =
AServiceManager_addService(ser->asBinder().get(), instanceName.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
return ser;
}
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 73c3820..0fdf48d 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -175,6 +175,24 @@
}
/*
+ * AttestKeyTest.RsaAttestKeyMultiPurposeFail
+ *
+ * This test attempts to create an RSA attestation key that also allows signing.
+ */
+TEST_P(AttestKeyTest, RsaAttestKeyMultiPurposeFail) {
+ vector<uint8_t> attest_key_blob;
+ vector<KeyCharacteristics> attest_key_characteristics;
+ vector<Certificate> attest_key_cert_chain;
+ ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
+ GenerateKey(AuthorizationSetBuilder()
+ .RsaSigningKey(2048, 65537)
+ .AttestKey()
+ .SetDefaultValidity(),
+ {} /* attestation signing key */, &attest_key_blob,
+ &attest_key_characteristics, &attest_key_cert_chain));
+}
+
+/*
* AttestKeyTest.RsaAttestedAttestKeys
*
* This test creates an RSA attestation key signed by factory keys, and varifies it can be
@@ -412,6 +430,24 @@
}
/*
+ * AttestKeyTest.EcAttestKeyMultiPurposeFail
+ *
+ * This test attempts to create an EC attestation key that also allows signing.
+ */
+TEST_P(AttestKeyTest, EcAttestKeyMultiPurposeFail) {
+ vector<uint8_t> attest_key_blob;
+ vector<KeyCharacteristics> attest_key_characteristics;
+ vector<Certificate> attest_key_cert_chain;
+ ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
+ GenerateKey(AuthorizationSetBuilder()
+ .EcdsaSigningKey(EcCurve::P_256)
+ .AttestKey()
+ .SetDefaultValidity(),
+ {} /* attestation signing key */, &attest_key_blob,
+ &attest_key_characteristics, &attest_key_cert_chain));
+}
+
+/*
* AttestKeyTest.AlternateAttestKeyChaining
*
* This test creates a chain of multiple attest keys, in the order Ec - RSA - Ec - RSA ....
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index d8b19dc..3f33686 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -3352,6 +3352,26 @@
}
/*
+ * ImportKeyTest.RsaAttestMultiPurposeFail
+ *
+ * Verifies that importing an RSA key pair with purpose ATTEST_KEY+SIGN fails.
+ */
+TEST_P(ImportKeyTest, RsaAttestMultiPurposeFail) {
+ uint32_t key_size = 2048;
+ string key = rsa_2048_key;
+
+ ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
+ ImportKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .RsaSigningKey(key_size, 65537)
+ .AttestKey()
+ .Digest(Digest::SHA_2_256)
+ .Padding(PaddingMode::RSA_PSS)
+ .SetDefaultValidity(),
+ KeyFormat::PKCS8, key));
+}
+
+/*
* ImportKeyTest.EcdsaSuccess
*
* Verifies that importing and using an ECDSA P-256 key pair works correctly.
@@ -3470,6 +3490,22 @@
}
/*
+ * ImportKeyTest.EcdsaAttestMultiPurposeFail
+ *
+ * Verifies that importing and using an ECDSA P-256 key pair with purpose ATTEST_KEY+SIGN fails.
+ */
+TEST_P(ImportKeyTest, EcdsaAttestMultiPurposeFail) {
+ ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
+ ImportKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(EcCurve::P_256)
+ .AttestKey()
+ .Digest(Digest::SHA_2_256)
+ .SetDefaultValidity(),
+ KeyFormat::PKCS8, ec_256_key));
+}
+
+/*
* ImportKeyTest.AesSuccess
*
* Verifies that importing and using an AES key works.
@@ -6661,7 +6697,7 @@
typedef KeyMintAidlTestBase KeyAgreementTest;
-int CurveToOpenSslCurveName(EcCurve curve) {
+static int EcdhCurveToOpenSslCurveName(EcCurve curve) {
switch (curve) {
case EcCurve::P_224:
return NID_secp224r1;
@@ -6671,6 +6707,8 @@
return NID_secp384r1;
case EcCurve::P_521:
return NID_secp521r1;
+ case EcCurve::CURVE_25519:
+ return NID_X25519;
}
}
@@ -6692,7 +6730,7 @@
for (auto localCurve : ValidCurves()) {
// Generate EC key locally (with access to private key material)
auto ecKey = EC_KEY_Ptr(EC_KEY_new());
- int curveName = CurveToOpenSslCurveName(localCurve);
+ int curveName = EcdhCurveToOpenSslCurveName(localCurve);
auto group = EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(curveName));
ASSERT_NE(group, nullptr);
ASSERT_EQ(EC_KEY_set_group(ecKey.get(), group.get()), 1);
diff --git a/vibrator/aidl/default/main.cpp b/vibrator/aidl/default/main.cpp
index bd834d2..feba2c7 100644
--- a/vibrator/aidl/default/main.cpp
+++ b/vibrator/aidl/default/main.cpp
@@ -31,14 +31,14 @@
auto vib = ndk::SharedRefBase::make<Vibrator>();
const std::string vibName = std::string() + Vibrator::descriptor + "/default";
binder_status_t status = AServiceManager_addService(vib->asBinder().get(), vibName.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
// make the vibrator manager service with a different vibrator
auto managedVib = ndk::SharedRefBase::make<Vibrator>();
auto vibManager = ndk::SharedRefBase::make<VibratorManager>(std::move(managedVib));
const std::string vibManagerName = std::string() + VibratorManager::descriptor + "/default";
status = AServiceManager_addService(vibManager->asBinder().get(), vibManagerName.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reach
diff --git a/weaver/aidl/default/service.cpp b/weaver/aidl/default/service.cpp
index 1495bc9..2099ffd 100644
--- a/weaver/aidl/default/service.cpp
+++ b/weaver/aidl/default/service.cpp
@@ -28,7 +28,7 @@
const std::string instance = std::string() + Weaver::descriptor + "/default";
binder_status_t status = AServiceManager_addService(weaver->asBinder().get(), instance.c_str());
- CHECK(status == STATUS_OK);
+ CHECK_EQ(status, STATUS_OK);
ABinderProcess_joinThreadPool();
return -1; // Should never be reached