secretkeeper: add fuzzer
Move nonsecure implementation code out of main.rs and into a new
secretkeeper_nonsecure library, to allow re-use in both the nonsecure
service and the new fuzzer.
The fuzzer drops the `LocalTa` instance on each input, so adjust the
error path to cope with this happening (the channels will fail).
Test: build, fuzz
Bug: 291228655
Change-Id: Ibe2ca5db9a9c8eed129ac5a90de85b933ab256a0
diff --git a/security/secretkeeper/default/Android.bp b/security/secretkeeper/default/Android.bp
index 08cc67a..1d75c74 100644
--- a/security/secretkeeper/default/Android.bp
+++ b/security/secretkeeper/default/Android.bp
@@ -18,6 +18,28 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
+rust_library {
+ name: "libsecretkeeper_nonsecure",
+ crate_name: "secretkeeper_nonsecure",
+ srcs: [
+ "src/lib.rs",
+ ],
+ vendor_available: true,
+ defaults: [
+ "authgraph_use_latest_hal_aidl_rust",
+ ],
+ rustlibs: [
+ "android.hardware.security.secretkeeper-V1-rust",
+ "libauthgraph_boringssl",
+ "libauthgraph_core",
+ "libauthgraph_hal",
+ "libbinder_rs",
+ "liblog_rust",
+ "libsecretkeeper_core_nostd",
+ "libsecretkeeper_comm_nostd",
+ ],
+}
+
rust_binary {
name: "android.hardware.security.secretkeeper-service.nonsecure",
relative_install_path: "hw",
@@ -30,20 +52,34 @@
rustlibs: [
"android.hardware.security.secretkeeper-V1-rust",
"libandroid_logger",
- "libauthgraph_boringssl",
- "libauthgraph_core",
- "libauthgraph_hal",
"libbinder_rs",
"liblog_rust",
- "libsecretkeeper_comm_nostd",
- "libsecretkeeper_core_nostd",
"libsecretkeeper_hal",
+ "libsecretkeeper_nonsecure",
],
srcs: [
"src/main.rs",
],
}
+rust_fuzz {
+ name: "android.hardware.security.secretkeeper-service.nonsecure_fuzzer",
+ rustlibs: [
+ "libsecretkeeper_hal",
+ "libsecretkeeper_nonsecure",
+ "libbinder_random_parcel_rs",
+ "libbinder_rs",
+ ],
+ srcs: ["src/fuzzer.rs"],
+ fuzz_config: {
+ cc: [
+ "alanstokes@google.com",
+ "drysdale@google.com",
+ "shikhapanwar@google.com",
+ ],
+ },
+}
+
prebuilt_etc {
name: "secretkeeper.rc",
src: "secretkeeper.rc",