Merge "Add biometric virtual HAL tests to presubmit Bug: 333743980 Test: atest --test-mapping" into main
diff --git a/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp b/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
index 4a7bfbd..8b08945 100644
--- a/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
@@ -1740,6 +1740,11 @@
}
TEST_P(AudioCoreModule, TryConnectMissingDevice) {
+ // Limit checks to connection types that are known to be detectable by HAL implementations.
+ static const std::set<std::string> kCheckedConnectionTypes{
+ AudioDeviceDescription::CONNECTION_HDMI, AudioDeviceDescription::CONNECTION_HDMI_ARC,
+ AudioDeviceDescription::CONNECTION_HDMI_EARC, AudioDeviceDescription::CONNECTION_IP_V4,
+ AudioDeviceDescription::CONNECTION_USB};
ASSERT_NO_FATAL_FAILURE(SetUpModuleConfig());
std::vector<AudioPort> ports = moduleConfig->getExternalDevicePorts();
if (ports.empty()) {
@@ -1748,14 +1753,10 @@
WithDebugFlags doNotSimulateConnections = WithDebugFlags::createNested(*debug);
doNotSimulateConnections.flags().simulateDeviceConnections = false;
ASSERT_NO_FATAL_FAILURE(doNotSimulateConnections.SetUp(module.get()));
+ bool hasAtLeastOneCheckedConnection = false;
for (const auto& port : ports) {
- // Virtual devices may not require external hardware and thus can always be connected.
- if (port.ext.get<AudioPortExt::device>().device.type.connection ==
- AudioDeviceDescription::CONNECTION_VIRTUAL ||
- // SCO devices are handled at low level by DSP, may not be able to check actual
- // connection.
- port.ext.get<AudioPortExt::device>().device.type.connection ==
- AudioDeviceDescription::CONNECTION_BT_SCO) {
+ if (kCheckedConnectionTypes.count(
+ port.ext.get<AudioPortExt::device>().device.type.connection) == 0) {
continue;
}
AudioPort portWithData = GenerateUniqueDeviceAddress(port), connectedPort;
@@ -1768,6 +1769,10 @@
EXPECT_IS_OK(module->disconnectExternalDevice(connectedPort.id))
<< "when disconnecting device port ID " << connectedPort.id;
}
+ hasAtLeastOneCheckedConnection = true;
+ }
+ if (!hasAtLeastOneCheckedConnection) {
+ GTEST_SKIP() << "No external devices with connection types that can be checked.";
}
}
diff --git a/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp b/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp
index 69ab91b..3ed9ed2 100644
--- a/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp
+++ b/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp
@@ -195,48 +195,42 @@
template <typename T>
bool DynamicsProcessingTestHelper::isBandConfigValid(const std::vector<T>& cfgs, int bandCount) {
- std::vector<float> freqs(cfgs.size(), -1);
+ std::unordered_set<int> freqs;
for (auto cfg : cfgs) {
if (cfg.channel < 0 || cfg.channel >= mChannelCount) return false;
if (cfg.band < 0 || cfg.band >= bandCount) return false;
- freqs[cfg.band] = cfg.cutoffFrequencyHz;
+ // duplicated band index
+ if (freqs.find(cfg.band) != freqs.end()) return false;
+ freqs.insert(cfg.band);
}
- if (std::count(freqs.begin(), freqs.end(), -1)) return false;
- return std::is_sorted(freqs.begin(), freqs.end());
+ return true;
}
bool DynamicsProcessingTestHelper::isParamValid(const DynamicsProcessing::Tag& tag,
const DynamicsProcessing& dp) {
switch (tag) {
case DynamicsProcessing::preEq: {
- if (!mEngineConfigApplied.preEqStage.inUse) return false;
return isChannelConfigValid(dp.get<DynamicsProcessing::preEq>());
}
case DynamicsProcessing::postEq: {
- if (!mEngineConfigApplied.postEqStage.inUse) return false;
return isChannelConfigValid(dp.get<DynamicsProcessing::postEq>());
}
case DynamicsProcessing::mbc: {
- if (!mEngineConfigApplied.mbcStage.inUse) return false;
return isChannelConfigValid(dp.get<DynamicsProcessing::mbc>());
}
case DynamicsProcessing::preEqBand: {
- if (!mEngineConfigApplied.preEqStage.inUse) return false;
return isBandConfigValid(dp.get<DynamicsProcessing::preEqBand>(),
mEngineConfigApplied.preEqStage.bandCount);
}
case DynamicsProcessing::postEqBand: {
- if (!mEngineConfigApplied.postEqStage.inUse) return false;
return isBandConfigValid(dp.get<DynamicsProcessing::postEqBand>(),
mEngineConfigApplied.postEqStage.bandCount);
}
case DynamicsProcessing::mbcBand: {
- if (!mEngineConfigApplied.mbcStage.inUse) return false;
return isBandConfigValid(dp.get<DynamicsProcessing::mbcBand>(),
mEngineConfigApplied.mbcStage.bandCount);
}
case DynamicsProcessing::limiter: {
- if (!mEngineConfigApplied.limiterInUse) return false;
return isChannelConfigValid(dp.get<DynamicsProcessing::limiter>());
}
case DynamicsProcessing::inputGain: {
diff --git a/automotive/audiocontrol/aidl/Android.bp b/automotive/audiocontrol/aidl/Android.bp
index bedf5e4..c354069 100644
--- a/automotive/audiocontrol/aidl/Android.bp
+++ b/automotive/audiocontrol/aidl/Android.bp
@@ -93,3 +93,10 @@
latest_android_hardware_automotive_audiocontrol + "-ndk",
],
}
+
+java_defaults {
+ name: "latest_android_hardware_automotive_audiocontrol_java_static",
+ static_libs: [
+ latest_android_hardware_automotive_audiocontrol + "-java",
+ ],
+}
diff --git a/automotive/vehicle/aidl/emu_metadata/android.hardware.automotive.vehicle-types-meta.json b/automotive/vehicle/aidl/emu_metadata/android.hardware.automotive.vehicle-types-meta.json
index 1c5a6b8..135f30a 100644
--- a/automotive/vehicle/aidl/emu_metadata/android.hardware.automotive.vehicle-types-meta.json
+++ b/automotive/vehicle/aidl/emu_metadata/android.hardware.automotive.vehicle-types-meta.json
@@ -67,7 +67,7 @@
"PortLocationType"
],
"data_enum": "PortLocationType",
- "description": "EV port location"
+ "description": "EV port location\nThis property must communicate the location of the charging port on the EV using the PortLocationType enum. If there are multiple ports available on the vehicle, this property must return the port that allows the fastest charging. To communicate all port locations, use INFO_MULTI_EV_PORT_LOCATIONS."
},
{
"name": "INFO_DRIVER_SEAT",
@@ -90,7 +90,7 @@
"PortLocationType"
],
"data_enum": "PortLocationType",
- "description": "Multiple EV port locations\nImplement this property if the vehicle has multiple EV ports. Port locations are defined in PortLocationType. For example, a car has one port in front left and one port in rear left: int32Values[0] = PortLocationType::FRONT_LEFT int32Values[0] = PortLocationType::REAR_LEFT"
+ "description": "Multiple EV port locations\nImplement this property if the vehicle has multiple EV ports. Port locations are defined in PortLocationType. For example, a car has one port in front left and one port in rear left: int32Values[0] = PortLocationType::FRONT_LEFT int32Values[1] = PortLocationType::REAR_LEFT\nIf only one port exists on the vehicle, this property's value should list just one element. See INFO_EV_PORT_LOCATION for describing just one port location."
},
{
"name": "PERF_ODOMETER",
@@ -853,9 +853,9 @@
"description": "Window Move\nThe maxInt32Value and minInt32Value in each VehicleAreaConfig must be defined. All integers between minInt32Value and maxInt32Value must be supported.\nThe maxInt32Value indicates the window is opening in plane\/closing in the out of plane direction at the fastest speed. The minInt32Value indicates the window is closing in plane\/opening in the out of plane direction at the fastest speed.\nLarger absolute values, either positive or negative, indicate a faster movement speed. Once the window reaches the positional limit, the value must reset to 0. If WINDOW_MOVE's value is currently 0, then that means there is no movement currently occurring.\nThis property is not in any particular unit but in a specified range of relative movement speeds.\nFor a window that may open out of plane (i.e. vent mode of sunroof) this parameter will work as follows:\nIf sunroof is open: Max = open the sunroof further, automatically stop when fully open. Min = close the sunroof, automatically stop when sunroof is closed.\nIf vent is open: Max = close the vent, automatically stop when vent is closed. Min = open the vent further, automatically stop when vent is fully open.\nIf sunroof is in the closed position: Max = open the sunroof, automatically stop when sunroof is fully open. Min = open the vent, automatically stop when vent is fully open.\nThis property is defined as VehiclePropertyAccess.READ_WRITE, but OEMs have the option to implement it as VehiclePropertyAccess.READ only."
},
{
- "name": "Window Lock",
+ "name": "Window Child Lock",
"value": 320867268,
- "description": "Window Lock\nTrue indicates windows are locked and can't be moved.\nThis property is defined as VehiclePropertyAccess.READ_WRITE, but OEMs have the option to implement it as VehiclePropertyAccess.READ only."
+ "description": "Window Child Lock\nTrue indicates the window is child-locked.\nThis property is defined as VehiclePropertyAccess.READ_WRITE, but OEMs have the option to implement it as VehiclePropertyAccess.READ only."
},
{
"name": "WINDSHIELD_WIPERS_PERIOD",
diff --git a/automotive/vehicle/aidl_property/android/hardware/automotive/vehicle/VehicleProperty.aidl b/automotive/vehicle/aidl_property/android/hardware/automotive/vehicle/VehicleProperty.aidl
index 9dafa91..ab8023d 100644
--- a/automotive/vehicle/aidl_property/android/hardware/automotive/vehicle/VehicleProperty.aidl
+++ b/automotive/vehicle/aidl_property/android/hardware/automotive/vehicle/VehicleProperty.aidl
@@ -170,6 +170,11 @@
/**
* EV port location
*
+ * This property must communicate the location of the charging port on the EV using the
+ * PortLocationType enum. If there are multiple ports available on the vehicle, this property
+ * must return the port that allows the fastest charging. To communicate all port locations,
+ * use INFO_MULTI_EV_PORT_LOCATIONS.
+ *
* @change_mode VehiclePropertyChangeMode.STATIC
* @access VehiclePropertyAccess.READ
* @data_enum PortLocationType
@@ -214,7 +219,10 @@
* Port locations are defined in PortLocationType.
* For example, a car has one port in front left and one port in rear left:
* int32Values[0] = PortLocationType::FRONT_LEFT
- * int32Values[0] = PortLocationType::REAR_LEFT
+ * int32Values[1] = PortLocationType::REAR_LEFT
+ *
+ * If only one port exists on the vehicle, this property's value should list just one element.
+ * See INFO_EV_PORT_LOCATION for describing just one port location.
*
* @change_mode VehiclePropertyChangeMode.STATIC
* @access VehiclePropertyAccess.READ
@@ -3278,9 +3286,9 @@
WINDOW_MOVE = 0x0BC1 + 0x10000000 + 0x03000000
+ 0x00400000, // VehiclePropertyGroup:SYSTEM,VehicleArea:WINDOW,VehiclePropertyType:INT32
/**
- * Window Lock
+ * Window Child Lock
*
- * True indicates windows are locked and can't be moved.
+ * True indicates the window is child-locked.
*
* This property is defined as VehiclePropertyAccess.READ_WRITE, but OEMs have the option to
* implement it as VehiclePropertyAccess.READ only.
diff --git a/broadcastradio/aidl/vts/src/VtsHalBroadcastradioAidlTargetTest.cpp b/broadcastradio/aidl/vts/src/VtsHalBroadcastradioAidlTargetTest.cpp
index 9633ebb..ee0c639 100644
--- a/broadcastradio/aidl/vts/src/VtsHalBroadcastradioAidlTargetTest.cpp
+++ b/broadcastradio/aidl/vts/src/VtsHalBroadcastradioAidlTargetTest.cpp
@@ -193,7 +193,7 @@
MATCHER_P(InfoHasId, id,
std::string(negation ? "does not contain" : "contains") + " " + id.toString()) {
- vector<int> ids = bcutils::getAllIds(arg.selector, id.type);
+ vector<int64_t> ids = bcutils::getAllIds(arg.selector, id.type);
return ids.end() != find(ids.begin(), ids.end(), id.value);
}
@@ -697,7 +697,7 @@
LOG(DEBUG) << "Current program info: " << infoCb.toString();
// it should tune exactly to what was requested
- vector<int> freqs = bcutils::getAllIds(infoCb.selector, IdentifierType::AMFM_FREQUENCY_KHZ);
+ vector<int64_t> freqs = bcutils::getAllIds(infoCb.selector, IdentifierType::AMFM_FREQUENCY_KHZ);
EXPECT_NE(freqs.end(), find(freqs.begin(), freqs.end(), freq))
<< "FM freq " << freq << " kHz is not sent back by callback.";
}
@@ -829,7 +829,7 @@
LOG(DEBUG) << "Current program info: " << infoCb.toString();
// it should tune exactly to what was requested
- vector<int> freqs = bcutils::getAllIds(infoCb.selector, IdentifierType::DAB_FREQUENCY_KHZ);
+ vector<int64_t> freqs = bcutils::getAllIds(infoCb.selector, IdentifierType::DAB_FREQUENCY_KHZ);
EXPECT_NE(freqs.end(), find(freqs.begin(), freqs.end(), freq))
<< "DAB freq " << freq << " kHz is not sent back by callback.";
}
@@ -1152,7 +1152,7 @@
int expectedResultSize = 0;
uint64_t expectedFreq = 0;
for (const auto& program : *completeList) {
- vector<int> amfmIds =
+ vector<int64_t> amfmIds =
bcutils::getAllIds(program.selector, IdentifierType::AMFM_FREQUENCY_KHZ);
EXPECT_LE(amfmIds.size(), 1u);
if (amfmIds.size() == 0) {
@@ -1238,7 +1238,8 @@
}
for (const auto& program : *list) {
- vector<int> nameIds = bcutils::getAllIds(program.selector, IdentifierType::HD_STATION_NAME);
+ vector<int64_t> nameIds =
+ bcutils::getAllIds(program.selector, IdentifierType::HD_STATION_NAME);
EXPECT_LE(nameIds.size(), 1u);
if (nameIds.size() == 0) {
continue;
diff --git a/broadcastradio/common/utilsaidl/include/broadcastradio-utils-aidl/Utils.h b/broadcastradio/common/utilsaidl/include/broadcastradio-utils-aidl/Utils.h
index 25c96d0..a34ee10 100644
--- a/broadcastradio/common/utilsaidl/include/broadcastradio-utils-aidl/Utils.h
+++ b/broadcastradio/common/utilsaidl/include/broadcastradio-utils-aidl/Utils.h
@@ -121,7 +121,7 @@
/**
* Returns all IDs of a given type.
*/
-std::vector<int> getAllIds(const ProgramSelector& sel, const IdentifierType& type);
+std::vector<int64_t> getAllIds(const ProgramSelector& sel, const IdentifierType& type);
/**
* Checks, if a given selector is supported by the radio module.
diff --git a/broadcastradio/common/utilsaidl/src/Utils.cpp b/broadcastradio/common/utilsaidl/src/Utils.cpp
index 4ab04d2..3de1866 100644
--- a/broadcastradio/common/utilsaidl/src/Utils.cpp
+++ b/broadcastradio/common/utilsaidl/src/Utils.cpp
@@ -178,8 +178,8 @@
return getId(sel, type);
}
-vector<int> getAllIds(const ProgramSelector& sel, const IdentifierType& type) {
- vector<int> ret;
+vector<int64_t> getAllIds(const ProgramSelector& sel, const IdentifierType& type) {
+ vector<int64_t> ret;
// iterate through primaryId and secondaryIds
for (auto it = begin(sel); it != end(sel); it++) {
diff --git a/broadcastradio/common/utilsaidl/test/BroadcastRadioUtilsTest.cpp b/broadcastradio/common/utilsaidl/test/BroadcastRadioUtilsTest.cpp
index b633ff0..81f9470 100644
--- a/broadcastradio/common/utilsaidl/test/BroadcastRadioUtilsTest.cpp
+++ b/broadcastradio/common/utilsaidl/test/BroadcastRadioUtilsTest.cpp
@@ -237,13 +237,22 @@
sel.secondaryIds.push_back(
utils::makeIdentifier(IdentifierType::AMFM_FREQUENCY_KHZ, secondaryFrequencyKHz));
- std::vector<int> allIds = utils::getAllIds(sel, IdentifierType::AMFM_FREQUENCY_KHZ);
+ std::vector<int64_t> allIds = utils::getAllIds(sel, IdentifierType::AMFM_FREQUENCY_KHZ);
ASSERT_EQ(allIds.size(), 2u);
EXPECT_NE(std::find(allIds.begin(), allIds.end(), kFmFrequencyKHz), allIds.end());
EXPECT_NE(std::find(allIds.begin(), allIds.end(), secondaryFrequencyKHz), allIds.end());
}
+TEST(BroadcastRadioUtilsTest, GetAllIdsWithIdLongerThan32Bit) {
+ ProgramSelector sel = utils::makeSelectorDab(kDabSidExt, kDabEnsemble, kDabFrequencyKhz);
+
+ std::vector<int64_t> allIds = utils::getAllIds(sel, IdentifierType::DAB_SID_EXT);
+
+ ASSERT_EQ(allIds.size(), 1u);
+ EXPECT_NE(std::find(allIds.begin(), allIds.end(), kDabSidExt), allIds.end());
+}
+
TEST(BroadcastRadioUtilsTest, GetAllIdsWithIdNotFound) {
ProgramSelector sel = utils::makeSelectorDab(kDabSidExt, kDabEnsemble, kDabFrequencyKhz);
diff --git a/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp b/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp
index 6e3ddc9..368e954 100644
--- a/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp
+++ b/camera/provider/aidl/vts/VtsAidlHalCameraProvider_TargetTest.cpp
@@ -177,6 +177,9 @@
const camera_metadata_t* staticMeta =
reinterpret_cast<const camera_metadata_t*>(meta.metadata.data());
verifyManualFlashStrengthControlCharacteristics(staticMeta);
+ ret = mSession->close();
+ mSession = nullptr;
+ ASSERT_TRUE(ret.isOk());
}
} else {
ALOGI("validateManualFlashStrengthControlKeys: Test skipped.\n");
diff --git a/compatibility_matrices/compatibility_matrix.202404.xml b/compatibility_matrices/compatibility_matrix.202404.xml
index cf7de22..9ea476a 100644
--- a/compatibility_matrices/compatibility_matrix.202404.xml
+++ b/compatibility_matrices/compatibility_matrix.202404.xml
@@ -529,6 +529,7 @@
<name>ISharedSecret</name>
<instance>default</instance>
<instance>strongbox</instance>
+ <regex-instance>.*</regex-instance>
</interface>
</hal>
<hal format="aidl">
diff --git a/compatibility_matrices/compatibility_matrix.202504.xml b/compatibility_matrices/compatibility_matrix.202504.xml
index 09dbf0c..1f51d07 100644
--- a/compatibility_matrices/compatibility_matrix.202504.xml
+++ b/compatibility_matrices/compatibility_matrix.202504.xml
@@ -529,6 +529,7 @@
<name>ISharedSecret</name>
<instance>default</instance>
<instance>strongbox</instance>
+ <regex-instance>.*</regex-instance>
</interface>
</hal>
<hal format="aidl">
diff --git a/contexthub/OWNERS b/contexthub/OWNERS
index ee25833..f35961a 100644
--- a/contexthub/OWNERS
+++ b/contexthub/OWNERS
@@ -1,3 +1,2 @@
# Bug component: 156070
-arthuri@google.com
bduddie@google.com
diff --git a/graphics/composer/aidl/vts/VtsComposerClient.h b/graphics/composer/aidl/vts/VtsComposerClient.h
index fabc82a..d3842c5 100644
--- a/graphics/composer/aidl/vts/VtsComposerClient.h
+++ b/graphics/composer/aidl/vts/VtsComposerClient.h
@@ -258,13 +258,13 @@
struct DisplayConfig {
DisplayConfig(int32_t vsyncPeriod_, int32_t configGroup_,
- std::optional<VrrConfig> vrrConfig_ = {})
+ std::optional<VrrConfig> vrrConfigOpt_ = {})
: vsyncPeriod(vsyncPeriod_),
configGroup(configGroup_),
- vrrConfig(std::move(vrrConfig_)) {}
+ vrrConfigOpt(std::move(vrrConfigOpt_)) {}
int32_t vsyncPeriod;
int32_t configGroup;
- std::optional<VrrConfig> vrrConfig;
+ std::optional<VrrConfig> vrrConfigOpt;
};
void addDisplayConfig(int32_t config, DisplayConfig displayConfig) {
@@ -273,6 +273,21 @@
DisplayConfig getDisplayConfig(int32_t config) { return mDisplayConfigs.find(config)->second; }
+ bool isRateSameBetweenConfigs(int config1, int config2) {
+ const auto displayConfig1 = getDisplayConfig(config1);
+ const auto displayConfig2 = getDisplayConfig(config2);
+ const auto vrrConfigOpt1 = displayConfig1.vrrConfigOpt;
+ const auto vrrConfigOpt2 = displayConfig2.vrrConfigOpt;
+
+ if (vrrConfigOpt1 && vrrConfigOpt2 &&
+ vrrConfigOpt1->minFrameIntervalNs == vrrConfigOpt2->minFrameIntervalNs) {
+ return true;
+ } else if (displayConfig1.vsyncPeriod == displayConfig2.vsyncPeriod) {
+ return true;
+ }
+ return false;
+ }
+
std::unordered_map<int32_t, DisplayConfig> getDisplayConfigs() { return mDisplayConfigs; }
private:
diff --git a/graphics/composer/aidl/vts/VtsHalGraphicsComposer3_TargetTest.cpp b/graphics/composer/aidl/vts/VtsHalGraphicsComposer3_TargetTest.cpp
index f72cf55..61df350 100644
--- a/graphics/composer/aidl/vts/VtsHalGraphicsComposer3_TargetTest.cpp
+++ b/graphics/composer/aidl/vts/VtsHalGraphicsComposer3_TargetTest.cpp
@@ -1603,18 +1603,24 @@
EXPECT_TRUE(mComposerClient->setActiveConfig(&display, config1).isOk());
sendRefreshFrame(display, nullptr);
- const auto displayConfigGroup1 = display.getDisplayConfig(config1);
- int32_t vsyncPeriod1 = displayConfigGroup1.vsyncPeriod;
- int32_t configGroup1 = displayConfigGroup1.configGroup;
+ const auto displayConfig1 = display.getDisplayConfig(config1);
+ int32_t vsyncPeriod1 = displayConfig1.vsyncPeriod;
+ int32_t configGroup1 = displayConfig1.configGroup;
- const auto displayConfigGroup2 = display.getDisplayConfig(config2);
- int32_t vsyncPeriod2 = displayConfigGroup2.vsyncPeriod;
- int32_t configGroup2 = displayConfigGroup2.configGroup;
+ const auto displayConfig2 = display.getDisplayConfig(config2);
+ int32_t vsyncPeriod2 = displayConfig2.vsyncPeriod;
+ int32_t configGroup2 = displayConfig2.configGroup;
if (vsyncPeriod1 == vsyncPeriod2) {
return; // continue
}
+ if ((!displayConfig1.vrrConfigOpt && displayConfig2.vrrConfigOpt) ||
+ (displayConfig1.vrrConfigOpt && !displayConfig2.vrrConfigOpt)) {
+ // switching between vrr to non-vrr modes
+ return; // continue
+ }
+
// We don't allow delayed change when changing config groups
if (params.delayForChange > 0 && configGroup1 != configGroup2) {
return; // continue
@@ -2738,7 +2744,7 @@
const auto displayFilter = [&](auto refreshRateChangedDebugData) {
bool nonVrrRateMatching = true;
if (std::optional<VrrConfig> vrrConfigOpt =
- display.getDisplayConfig(configId).vrrConfig;
+ display.getDisplayConfig(configId).vrrConfigOpt;
getInterfaceVersion() >= 3 && !vrrConfigOpt) {
nonVrrRateMatching = refreshRateChangedDebugData.refreshPeriodNanos ==
refreshRateChangedDebugData.vsyncPeriodNanos;
@@ -2836,10 +2842,7 @@
.isOk());
forEachTwoConfigs(displayId, [&](int32_t config1, int32_t config2) {
- const int32_t vsyncPeriod1 = display.getDisplayConfig(config1).vsyncPeriod;
- const int32_t vsyncPeriod2 = display.getDisplayConfig(config2).vsyncPeriod;
-
- if (vsyncPeriod1 == vsyncPeriod2) {
+ if (display.isRateSameBetweenConfigs(config1, config2)) {
return; // continue
}
@@ -2854,6 +2857,7 @@
sendRefreshFrame(display, &timeline);
}
+ const int32_t vsyncPeriod2 = display.getDisplayConfig(config2).vsyncPeriod;
const auto callbackFilter = [displayId,
vsyncPeriod2](auto refreshRateChangedDebugData) {
constexpr int kVsyncThreshold = 1000;
@@ -3002,14 +3006,10 @@
GTEST_SKIP() << "LAYER_LIFECYCLE_BATCH_COMMAND not supported by the implementation";
return;
}
-
auto& writer = getWriter(getPrimaryDisplayId());
- int64_t layer = 5;
- writer.setLayerLifecycleBatchCommandType(getPrimaryDisplayId(), layer,
- LayerLifecycleBatchCommandType::CREATE);
- writer.setNewBufferSlotCount(getPrimaryDisplayId(), layer, 1);
- writer.validateDisplay(getPrimaryDisplayId(), ComposerClientWriter::kNoTimestamp,
- VtsComposerClient::kNoFrameIntervalNs);
+ const auto& [status, layer] =
+ mComposerClient->createLayer(getPrimaryDisplayId(), kBufferSlotCount, &writer);
+ EXPECT_TRUE(status.isOk());
execute();
ASSERT_TRUE(mReader.takeErrors().empty());
}
@@ -3019,15 +3019,13 @@
GTEST_SKIP() << "LAYER_LIFECYCLE_BATCH_COMMAND not supported by the implementation";
return;
}
-
- auto& writer = getWriter(getPrimaryDisplayId());
+ auto& writer = getWriter(getInvalidDisplayId());
int64_t layer = 5;
writer.setLayerLifecycleBatchCommandType(getInvalidDisplayId(), layer,
LayerLifecycleBatchCommandType::CREATE);
- writer.setNewBufferSlotCount(getPrimaryDisplayId(), layer, 1);
- writer.validateDisplay(getPrimaryDisplayId(), ComposerClientWriter::kNoTimestamp,
- VtsComposerClient::kNoFrameIntervalNs);
+ writer.setNewBufferSlotCount(getInvalidDisplayId(), layer, 1);
execute();
+
const auto errors = mReader.takeErrors();
ASSERT_TRUE(errors.size() == 1 && errors[0].errorCode == IComposerClient::EX_BAD_DISPLAY);
}
@@ -3037,26 +3035,15 @@
GTEST_SKIP() << "LAYER_LIFECYCLE_BATCH_COMMAND not supported by the implementation";
return;
}
-
auto& writer = getWriter(getPrimaryDisplayId());
- int64_t layer = 5;
- writer.setLayerLifecycleBatchCommandType(getPrimaryDisplayId(), layer,
- LayerLifecycleBatchCommandType::CREATE);
- writer.setNewBufferSlotCount(getPrimaryDisplayId(), layer, 1);
- writer.validateDisplay(getPrimaryDisplayId(), ComposerClientWriter::kNoTimestamp,
- VtsComposerClient::kNoFrameIntervalNs);
+ const auto& [status, layer] =
+ mComposerClient->createLayer(getPrimaryDisplayId(), kBufferSlotCount, &writer);
+ EXPECT_TRUE(status.isOk());
execute();
ASSERT_TRUE(mReader.takeErrors().empty());
- writer.setLayerLifecycleBatchCommandType(getPrimaryDisplayId(), layer,
- LayerLifecycleBatchCommandType::DESTROY);
- layer++;
- writer.setLayerLifecycleBatchCommandType(getPrimaryDisplayId(), layer,
- LayerLifecycleBatchCommandType::CREATE);
- writer.setNewBufferSlotCount(getPrimaryDisplayId(), layer, 1);
-
+ EXPECT_TRUE(mComposerClient->destroyLayer(getPrimaryDisplayId(), layer, &writer).isOk());
execute();
- const auto errors = mReader.takeErrors();
- ASSERT_TRUE(errors.size() == 1 && errors[0].errorCode == IComposerClient::EX_BAD_DISPLAY);
+ ASSERT_TRUE(mReader.takeErrors().empty());
}
TEST_P(GraphicsComposerAidlCommandV3Test, DestroyBatchedCommand_BadDisplay) {
@@ -3064,25 +3051,20 @@
GTEST_SKIP() << "LAYER_LIFECYCLE_BATCH_COMMAND not supported by the implementation";
return;
}
-
auto& writer = getWriter(getPrimaryDisplayId());
- int64_t layer = 5;
- writer.setLayerLifecycleBatchCommandType(getPrimaryDisplayId(), layer,
- LayerLifecycleBatchCommandType::CREATE);
- writer.setNewBufferSlotCount(getPrimaryDisplayId(), layer, 1);
- writer.validateDisplay(getPrimaryDisplayId(), ComposerClientWriter::kNoTimestamp,
- VtsComposerClient::kNoFrameIntervalNs);
- execute();
- ASSERT_TRUE(mReader.takeErrors().empty());
- writer.setLayerLifecycleBatchCommandType(getInvalidDisplayId(), layer,
- LayerLifecycleBatchCommandType::DESTROY);
- layer++;
- writer.setLayerLifecycleBatchCommandType(getInvalidDisplayId(), layer,
- LayerLifecycleBatchCommandType::CREATE);
- writer.setNewBufferSlotCount(getPrimaryDisplayId(), layer, 1);
+ const auto& [status, layer] =
+ mComposerClient->createLayer(getPrimaryDisplayId(), kBufferSlotCount, &writer);
+ EXPECT_TRUE(status.isOk());
execute();
ASSERT_TRUE(mReader.takeErrors().empty());
+
+ auto& invalid_writer = getWriter(getInvalidDisplayId());
+ invalid_writer.setLayerLifecycleBatchCommandType(getInvalidDisplayId(), layer,
+ LayerLifecycleBatchCommandType::DESTROY);
+ execute();
+ const auto errors = mReader.takeErrors();
+ ASSERT_TRUE(errors.size() == 1 && errors[0].errorCode == IComposerClient::EX_BAD_DISPLAY);
}
TEST_P(GraphicsComposerAidlCommandV3Test, NoCreateDestroyBatchedCommandIncorrectLayer) {
diff --git a/security/keymint/aidl/default/main.rs b/security/keymint/aidl/default/main.rs
index ea432d1..055c698 100644
--- a/security/keymint/aidl/default/main.rs
+++ b/security/keymint/aidl/default/main.rs
@@ -44,7 +44,7 @@
}
fn main() {
- if let Err(e) = inner_main() {
+ if let Err(HalServiceError(e)) = inner_main() {
panic!("HAL service failed: {:?}", e);
}
}
diff --git a/security/keymint/aidl/default/ta/lib.rs b/security/keymint/aidl/default/ta/lib.rs
index fe8ad95..f002422 100644
--- a/security/keymint/aidl/default/ta/lib.rs
+++ b/security/keymint/aidl/default/ta/lib.rs
@@ -86,7 +86,7 @@
));
let dev = Implementation {
keys,
- sign_info: Box::new(sign_info),
+ sign_info: Some(Box::new(sign_info)),
// HAL populates attestation IDs from properties.
attest_ids: None,
sdd_mgr: None,
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index cc97c13..7fbca36 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -20,6 +20,7 @@
#include <cutils/log.h>
#include <cutils/properties.h>
+#include <keymint_support/authorization_set.h>
#include <keymint_support/key_param_output.h>
#include <keymint_support/openssl_utils.h>
@@ -93,7 +94,7 @@
class AttestKeyTest : public KeyMintAidlTestBase {
public:
void SetUp() override {
- skipAttestKeyTest();
+ skipAttestKeyTestIfNeeded();
KeyMintAidlTestBase::SetUp();
}
};
@@ -273,7 +274,7 @@
/*
* AttestKeyTest.RsaAttestedAttestKeys
*
- * This test creates an RSA attestation key signed by factory keys, and varifies it can be
+ * This test creates an RSA attestation key signed by factory keys, and verifies it can be
* used to sign other RSA and EC keys.
*/
TEST_P(AttestKeyTest, RsaAttestedAttestKeys) {
@@ -305,9 +306,8 @@
.SetDefaultValidity(),
{} /* attestation signing key */, &attest_key.keyBlob,
&attest_key_characteristics, &attest_key_cert_chain);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) return;
+ if (isRkpOnly() && result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
+ GTEST_SKIP() << "RKP-only devices do not have a factory key";
}
ASSERT_EQ(ErrorCode::OK, result);
KeyBlobDeleter attest_deleter(keymint_, attest_key.keyBlob);
@@ -400,30 +400,32 @@
attest_key_opt = attest_key;
}
- auto result = GenerateAttestKey(AuthorizationSetBuilder()
- .RsaKey(2048, 65537)
- .AttestKey()
- .AttestationChallenge("foo")
- .AttestationApplicationId("bar")
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
- .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
- .SetDefaultValidity(),
- attest_key_opt, &key_blob_list[i],
- &attested_key_characteristics, &cert_chain_list[i]);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) return;
+ AuthorizationSetBuilder auth_set_builder =
+ AuthorizationSetBuilder()
+ .RsaKey(2048, 65537)
+ .AttestKey()
+ .AttestationApplicationId("bar")
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
+ .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
+ .SetDefaultValidity();
+ // In RKP-only systems, the first key cannot be attested due to lack of batch key
+ if (!isRkpOnly() || i > 0) {
+ auth_set_builder.AttestationChallenge("foo");
}
+ auto result = GenerateAttestKey(auth_set_builder, attest_key_opt, &key_blob_list[i],
+ &attested_key_characteristics, &cert_chain_list[i]);
ASSERT_EQ(ErrorCode::OK, result);
deleters.push_back(KeyBlobDeleter(keymint_, key_blob_list[i]));
- AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
- AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
- ASSERT_GT(cert_chain_list[i].size(), 0);
- ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
- SecLevel(),
- cert_chain_list[i][0].encodedCertificate));
+ if (!isRkpOnly() || i > 0) {
+ AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
+ AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
+ ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced,
+ hw_enforced, SecLevel(),
+ cert_chain_list[i][0].encodedCertificate));
+ }
if (i > 0) {
/*
@@ -439,7 +441,7 @@
}
EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_list[i]));
- EXPECT_GT(cert_chain_list[i].size(), i + 1);
+ EXPECT_GT(cert_chain_list[i].size(), i + (isRkpOnly() ? 0 : 1));
verify_subject_and_serial(cert_chain_list[i][0], serial_int, subject, false);
}
}
@@ -475,36 +477,34 @@
attest_key_opt = attest_key;
}
- auto result = GenerateAttestKey(AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .AttestationChallenge("foo")
- .AttestationApplicationId("bar")
- .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
- .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .SetDefaultValidity(),
- attest_key_opt, &key_blob_list[i],
- &attested_key_characteristics, &cert_chain_list[i]);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) return;
+ AuthorizationSetBuilder auth_set_builder =
+ AuthorizationSetBuilder()
+ .EcdsaKey(EcCurve::P_256)
+ .AttestKey()
+ .AttestationApplicationId("bar")
+ .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
+ .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .SetDefaultValidity();
+ // In RKP-only systems, the first key cannot be attested due to lack of batch key
+ if (!isRkpOnly() || i > 0) {
+ auth_set_builder.AttestationChallenge("foo");
}
+ auto result = GenerateAttestKey(auth_set_builder, attest_key_opt, &key_blob_list[i],
+ &attested_key_characteristics, &cert_chain_list[i]);
ASSERT_EQ(ErrorCode::OK, result);
deleters.push_back(KeyBlobDeleter(keymint_, key_blob_list[i]));
- AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
- AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
- ASSERT_GT(cert_chain_list[i].size(), 0);
- ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
- SecLevel(),
- cert_chain_list[i][0].encodedCertificate));
+ if (!isRkpOnly() || i > 0) {
+ AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
+ AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
+ ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced,
+ hw_enforced, SecLevel(),
+ cert_chain_list[i][0].encodedCertificate));
+ }
if (i > 0) {
- /*
- * The first key is attestated with factory chain, but all the rest of the keys are
- * not supposed to be returned in attestation certificate chains.
- */
EXPECT_FALSE(ChainSignaturesAreValid(cert_chain_list[i]));
// Appending the attest_key chain to the attested_key_chain should yield a valid chain.
@@ -514,7 +514,7 @@
}
EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_list[i]));
- EXPECT_GT(cert_chain_list[i].size(), i + 1);
+ EXPECT_GT(cert_chain_list[i].size(), i + (isRkpOnly() ? 0 : 1));
verify_subject_and_serial(cert_chain_list[i][0], serial_int, subject, false);
}
}
@@ -576,45 +576,36 @@
attest_key.keyBlob = key_blob_list[i - 1];
attest_key_opt = attest_key;
}
- ErrorCode result;
+ AuthorizationSetBuilder auth_set_builder =
+ AuthorizationSetBuilder()
+ .AttestKey()
+ .AttestationApplicationId("bar")
+ .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
+ .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .SetDefaultValidity();
+ // In RKP-only systems, the first key cannot be attested due to lack of batch key
+ if (!isRkpOnly() || i > 0) {
+ auth_set_builder.AttestationChallenge("foo");
+ }
if ((i & 0x1) == 1) {
- result = GenerateAttestKey(AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .AttestationChallenge("foo")
- .AttestationApplicationId("bar")
- .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
- .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .SetDefaultValidity(),
- attest_key_opt, &key_blob_list[i],
- &attested_key_characteristics, &cert_chain_list[i]);
+ auth_set_builder.EcdsaKey(EcCurve::P_256);
} else {
- result = GenerateAttestKey(AuthorizationSetBuilder()
- .RsaKey(2048, 65537)
- .AttestKey()
- .AttestationChallenge("foo")
- .AttestationApplicationId("bar")
- .Authorization(TAG_CERTIFICATE_SERIAL, serial_blob)
- .Authorization(TAG_CERTIFICATE_SUBJECT, subject_der)
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .SetDefaultValidity(),
- attest_key_opt, &key_blob_list[i],
- &attested_key_characteristics, &cert_chain_list[i]);
+ auth_set_builder.RsaKey(2048, 65537);
}
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) return;
- }
+ ErrorCode result = GenerateAttestKey(auth_set_builder, attest_key_opt, &key_blob_list[i],
+ &attested_key_characteristics, &cert_chain_list[i]);
ASSERT_EQ(ErrorCode::OK, result);
deleters.push_back(KeyBlobDeleter(keymint_, key_blob_list[i]));
- AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
- AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
- ASSERT_GT(cert_chain_list[i].size(), 0);
- ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced, hw_enforced,
- SecLevel(),
- cert_chain_list[i][0].encodedCertificate));
+ if (!isRkpOnly() || i > 0) {
+ AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
+ AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
+ ASSERT_TRUE(verify_attestation_record(AidlVersion(), "foo", "bar", sw_enforced,
+ hw_enforced, SecLevel(),
+ cert_chain_list[i][0].encodedCertificate));
+ }
if (i > 0) {
/*
@@ -630,7 +621,7 @@
}
EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_list[i]));
- EXPECT_GT(cert_chain_list[i].size(), i + 1);
+ EXPECT_GT(cert_chain_list[i].size(), i + (isRkpOnly() ? 0 : 1));
verify_subject_and_serial(cert_chain_list[i][0], serial_int, subject, false);
}
}
diff --git a/security/keymint/aidl/vts/functional/AuthTest.cpp b/security/keymint/aidl/vts/functional/AuthTest.cpp
index eb5db68..f435513 100644
--- a/security/keymint/aidl/vts/functional/AuthTest.cpp
+++ b/security/keymint/aidl/vts/functional/AuthTest.cpp
@@ -455,18 +455,7 @@
.Authorization(TAG_AUTH_TIMEOUT, timeout_secs);
vector<uint8_t> keyblob;
vector<KeyCharacteristics> key_characteristics;
- vector<Certificate> cert_chain;
- auto result = GenerateKey(builder, std::nullopt, &keyblob, &key_characteristics, &cert_chain);
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(),
- builder, &keyblob, &key_characteristics,
- &cert_chain);
- }
- }
+ auto result = GenerateKey(builder, &keyblob, &key_characteristics);
ASSERT_EQ(ErrorCode::OK, result);
// Verify first user to get a HAT that should work.
diff --git a/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp b/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp
index 808ed18..c1f6aee 100644
--- a/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp
+++ b/security/keymint/aidl/vts/functional/BootloaderStateTest.cpp
@@ -54,18 +54,6 @@
.Digest(Digest::NONE)
.SetDefaultValidity();
auto result = GenerateKey(keyDesc, &key_blob, &key_characteristics);
- // If factory provisioned attestation key is not supported by Strongbox,
- // then create a key with self-signed attestation and use it as the
- // attestation key instead.
- if (SecLevel() == SecurityLevel::STRONGBOX &&
- result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- keyDesc, &key_blob, &key_characteristics);
- }
ASSERT_EQ(ErrorCode::OK, result);
// Parse attested AVB values.
diff --git a/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp b/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
index 8e9aded..f669110 100644
--- a/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
+++ b/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
@@ -73,20 +73,22 @@
vector<KeyCharacteristics> key_characteristics;
// Check RSA implementation
- auto result = GenerateKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .RsaSigningKey(2048, 65537)
- .Digest(Digest::SHA_2_256)
- .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN)
- .Authorization(TAG_INCLUDE_UNIQUE_ID)
- .Authorization(TAG_CREATION_DATETIME, 1619621648000)
- .SetDefaultValidity()
- .AttestationChallenge("challenge")
- .AttestationApplicationId("foo")
- .Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),
- &key_blob, &key_characteristics);
+ auto result =
+ GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .RsaSigningKey(2048, 65537)
+ .Digest(Digest::SHA_2_256)
+ .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID)
+ .Authorization(TAG_CREATION_DATETIME, 1619621648000)
+ .SetDefaultValidity()
+ .AttestationChallenge("challenge")
+ .AttestationApplicationId("foo")
+ .Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),
+ /*attest_key=*/std::nullopt, &key_blob, &key_characteristics, &cert_chain_);
- ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT || result == ErrorCode::UNSUPPORTED_TAG);
+ ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT || result == ErrorCode::UNSUPPORTED_TAG)
+ << "Result: " << result;
}
/*
@@ -104,19 +106,21 @@
vector<KeyCharacteristics> key_characteristics;
// Check Ecdsa implementation
- auto result = GenerateKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(EcCurve::P_256)
- .Digest(Digest::SHA_2_256)
- .Authorization(TAG_INCLUDE_UNIQUE_ID)
- .Authorization(TAG_CREATION_DATETIME, 1619621648000)
- .SetDefaultValidity()
- .AttestationChallenge("challenge")
- .AttestationApplicationId("foo")
- .Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),
- &key_blob, &key_characteristics);
+ auto result =
+ GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(EcCurve::P_256)
+ .Digest(Digest::SHA_2_256)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID)
+ .Authorization(TAG_CREATION_DATETIME, 1619621648000)
+ .SetDefaultValidity()
+ .AttestationChallenge("challenge")
+ .AttestationApplicationId("foo")
+ .Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),
+ /*attest_key=*/std::nullopt, &key_blob, &key_characteristics, &cert_chain_);
- ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT || result == ErrorCode::UNSUPPORTED_TAG);
+ ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT || result == ErrorCode::UNSUPPORTED_TAG)
+ << "Result: " << result;
}
/*
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index c121d31..332fcd4 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -20,6 +20,10 @@
#include <fstream>
#include <unordered_set>
#include <vector>
+#include "aidl/android/hardware/security/keymint/AttestationKey.h"
+#include "aidl/android/hardware/security/keymint/ErrorCode.h"
+#include "keymint_support/authorization_set.h"
+#include "keymint_support/keymint_tags.h"
#include <android-base/logging.h>
#include <android/binder_manager.h>
@@ -245,6 +249,13 @@
return AidlVersion() >= 3 && property_get_int32("ro.vendor.api_level", 0) > __ANDROID_API_T__;
}
+bool KeyMintAidlTestBase::isRkpOnly() {
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ return property_get_bool("remote_provisioning.strongbox.rkp_only", false);
+ }
+ return property_get_bool("remote_provisioning.tee.rkp_only", false);
+}
+
bool KeyMintAidlTestBase::Curve25519Supported() {
// Strongbox never supports curve 25519.
if (SecLevel() == SecurityLevel::STRONGBOX) {
@@ -295,6 +306,40 @@
}
}
+ErrorCode KeyMintAidlTestBase::GenerateKey(const AuthorizationSet& key_desc) {
+ return GenerateKey(key_desc, &key_blob_, &key_characteristics_);
+}
+
+ErrorCode KeyMintAidlTestBase::GenerateKey(const AuthorizationSet& key_desc,
+ vector<uint8_t>* key_blob,
+ vector<KeyCharacteristics>* key_characteristics) {
+ std::optional<AttestationKey> attest_key = std::nullopt;
+ vector<Certificate> attest_cert_chain;
+ // If an attestation is requested, but the system is RKP-only, we need to supply an explicit
+ // attestation key. Else the result is a key without an attestation.
+ if (isRkpOnly() && key_desc.Contains(TAG_ATTESTATION_CHALLENGE)) {
+ skipAttestKeyTestIfNeeded();
+ AuthorizationSet attest_key_desc =
+ AuthorizationSetBuilder().EcdsaKey(EcCurve::P_256).AttestKey().SetDefaultValidity();
+ attest_key.emplace();
+ vector<KeyCharacteristics> attest_key_characteristics;
+ auto error = GenerateAttestKey(attest_key_desc, std::nullopt, &attest_key.value().keyBlob,
+ &attest_key_characteristics, &attest_cert_chain);
+ EXPECT_EQ(error, ErrorCode::OK);
+ EXPECT_EQ(attest_cert_chain.size(), 1);
+ attest_key.value().issuerSubjectName = make_name_from_str("Android Keystore Key");
+ }
+
+ ErrorCode error =
+ GenerateKey(key_desc, attest_key, key_blob, key_characteristics, &cert_chain_);
+
+ if (error == ErrorCode::OK && attest_cert_chain.size() > 0) {
+ cert_chain_.push_back(attest_cert_chain[0]);
+ }
+
+ return error;
+}
+
ErrorCode KeyMintAidlTestBase::GenerateKey(const AuthorizationSet& key_desc,
const optional<AttestationKey>& attest_key,
vector<uint8_t>* key_blob,
@@ -335,36 +380,6 @@
return GetReturnErrorCode(result);
}
-ErrorCode KeyMintAidlTestBase::GenerateKey(const AuthorizationSet& key_desc,
- const optional<AttestationKey>& attest_key) {
- return GenerateKey(key_desc, attest_key, &key_blob_, &key_characteristics_, &cert_chain_);
-}
-
-ErrorCode KeyMintAidlTestBase::GenerateKeyWithSelfSignedAttestKey(
- const AuthorizationSet& attest_key_desc, const AuthorizationSet& key_desc,
- vector<uint8_t>* key_blob, vector<KeyCharacteristics>* key_characteristics,
- vector<Certificate>* cert_chain) {
- skipAttestKeyTest();
- AttestationKey attest_key;
- vector<Certificate> attest_cert_chain;
- vector<KeyCharacteristics> attest_key_characteristics;
- // Generate a key with self signed attestation.
- auto error = GenerateAttestKey(attest_key_desc, std::nullopt, &attest_key.keyBlob,
- &attest_key_characteristics, &attest_cert_chain);
- if (error != ErrorCode::OK) {
- return error;
- }
-
- attest_key.issuerSubjectName = make_name_from_str("Android Keystore Key");
- // Generate a key, by passing the above self signed attestation key as attest key.
- error = GenerateKey(key_desc, attest_key, key_blob, key_characteristics, cert_chain);
- if (error == ErrorCode::OK) {
- // Append the attest_cert_chain to the attested cert_chain to yield a valid cert chain.
- cert_chain->push_back(attest_cert_chain[0]);
- }
- return error;
-}
-
ErrorCode KeyMintAidlTestBase::ImportKey(const AuthorizationSet& key_desc, KeyFormat format,
const string& key_material, vector<uint8_t>* key_blob,
vector<KeyCharacteristics>* key_characteristics) {
@@ -1663,7 +1678,7 @@
// Skip a test that involves use of the ATTEST_KEY feature in specific configurations
// where ATTEST_KEY is not supported (for either StrongBox or TEE).
-void KeyMintAidlTestBase::skipAttestKeyTest(void) const {
+void KeyMintAidlTestBase::skipAttestKeyTestIfNeeded() const {
if (shouldSkipAttestKeyTest()) {
GTEST_SKIP() << "Test using ATTEST_KEY is not applicable on waivered device";
}
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
index 4ed7698..b884cc7 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
@@ -104,35 +104,19 @@
uint32_t boot_patch_level();
bool isDeviceIdAttestationRequired();
bool isSecondImeiIdAttestationRequired();
+ bool isRkpOnly();
bool Curve25519Supported();
+ ErrorCode GenerateKey(const AuthorizationSet& key_desc);
+
ErrorCode GenerateKey(const AuthorizationSet& key_desc, vector<uint8_t>* key_blob,
- vector<KeyCharacteristics>* key_characteristics) {
- return GenerateKey(key_desc, std::nullopt /* attest_key */, key_blob, key_characteristics,
- &cert_chain_);
- }
+ vector<KeyCharacteristics>* key_characteristics);
+
ErrorCode GenerateKey(const AuthorizationSet& key_desc,
const optional<AttestationKey>& attest_key, vector<uint8_t>* key_blob,
vector<KeyCharacteristics>* key_characteristics,
vector<Certificate>* cert_chain);
- ErrorCode GenerateKey(const AuthorizationSet& key_desc,
- const optional<AttestationKey>& attest_key = std::nullopt);
-
- // Generate key for implementations which do not support factory attestation.
- ErrorCode GenerateKeyWithSelfSignedAttestKey(const AuthorizationSet& attest_key_desc,
- const AuthorizationSet& key_desc,
- vector<uint8_t>* key_blob,
- vector<KeyCharacteristics>* key_characteristics,
- vector<Certificate>* cert_chain);
-
- ErrorCode GenerateKeyWithSelfSignedAttestKey(const AuthorizationSet& attest_key_desc,
- const AuthorizationSet& key_desc,
- vector<uint8_t>* key_blob,
- vector<KeyCharacteristics>* key_characteristics) {
- return GenerateKeyWithSelfSignedAttestKey(attest_key_desc, key_desc, key_blob,
- key_characteristics, &cert_chain_);
- }
ErrorCode ImportKey(const AuthorizationSet& key_desc, KeyFormat format,
const string& key_material, vector<uint8_t>* key_blob,
@@ -372,7 +356,7 @@
bool is_strongbox_enabled(void) const;
bool is_chipset_allowed_km4_strongbox(void) const;
bool shouldSkipAttestKeyTest(void) const;
- void skipAttestKeyTest(void) const;
+ void skipAttestKeyTestIfNeeded() const;
void assert_mgf_digests_present_or_not_in_key_characteristics(
const vector<KeyCharacteristics>& key_characteristics,
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 3bcdd8f..b65218f 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -37,6 +37,7 @@
#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h>
#include <aidl/android/hardware/security/keymint/KeyFormat.h>
+#include <keymint_support/authorization_set.h>
#include <keymint_support/key_param_output.h>
#include <keymint_support/openssl_utils.h>
@@ -1146,17 +1147,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .RsaKey(key_size, 65537)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(ErrorCode::OK, result);
KeyBlobDeleter deleter(keymint_, key_blob);
ASSERT_GT(key_blob.size(), 0U);
@@ -1369,17 +1359,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .RsaKey(key_size, 65537)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(ErrorCode::OK, result);
KeyBlobDeleter deleter(keymint_, key_blob);
@@ -1490,17 +1469,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .RsaKey(2048, 65537)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(ErrorCode::ATTESTATION_APPLICATION_ID_MISSING, result);
}
@@ -1625,17 +1593,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .RsaKey(key_size, 65537)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(ErrorCode::OK, result);
KeyBlobDeleter deleter(keymint_, key_blob);
@@ -1877,17 +1834,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(curve)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(ErrorCode::OK, result);
KeyBlobDeleter deleter(keymint_, key_blob);
ASSERT_GT(key_blob.size(), 0U);
@@ -2020,17 +1966,6 @@
// Tag not required to be supported by all KeyMint implementations.
continue;
}
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(result, ErrorCode::OK);
KeyBlobDeleter deleter(keymint_, key_blob);
ASSERT_GT(key_blob.size(), 0U);
@@ -2082,18 +2017,6 @@
builder.push_back(tag);
auto error = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (error == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- error = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
-
device_id_attestation_check_acceptable_error(tag.tag, error);
}
}
@@ -2138,10 +2061,6 @@
AuthorizationSetBuilder builder = base_builder;
builder.push_back(tag);
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) return;
- }
if (result == ErrorCode::CANNOT_ATTEST_IDS && !isDeviceIdAttestationRequired()) {
// ID attestation was optional till api level 32, from api level 33 it is mandatory.
continue;
@@ -2199,16 +2118,6 @@
builder.Authorization(TAG_RESET_SINCE_ID_ROTATION);
}
auto result = GenerateKey(builder);
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob_, &key_characteristics_, &cert_chain_);
- }
- }
ASSERT_EQ(ErrorCode::OK, result);
ASSERT_GT(key_blob_.size(), 0U);
@@ -2309,17 +2218,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(result, ErrorCode::OK);
KeyBlobDeleter deleter(keymint_, key_blob);
ASSERT_GT(key_blob.size(), 0U);
@@ -2404,17 +2302,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(ErrorCode::ATTESTATION_APPLICATION_ID_MISSING, result);
}
@@ -2482,17 +2369,6 @@
.SetDefaultValidity();
auto result = GenerateKey(builder, &key_blob, &key_characteristics);
- // Strongbox may not support factory provisioned attestation key.
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob, &key_characteristics);
- }
- }
ASSERT_EQ(ErrorCode::OK, result);
KeyBlobDeleter deleter(keymint_, key_blob);
ASSERT_GT(key_blob.size(), 0U);
@@ -2718,7 +2594,8 @@
.AttestationChallenge(challenge)
.AttestationApplicationId(app_id)
.Authorization(TAG_MIN_MAC_LENGTH, 128),
- &key_blob, &key_characteristics));
+ /*attest_key=*/std::nullopt, &key_blob,
+ &key_characteristics, &cert_chain_));
KeyBlobDeleter deleter(keymint_, key_blob);
ASSERT_GT(key_blob.size(), 0U);
@@ -2907,7 +2784,9 @@
.EcbMode()
.Padding(PaddingMode::PKCS7)
.AttestationChallenge(challenge)
- .AttestationApplicationId(app_id)));
+ .AttestationApplicationId(app_id),
+ /*attest_key=*/std::nullopt, &key_blob_,
+ &key_characteristics_, &cert_chain_));
ASSERT_EQ(cert_chain_.size(), 0);
}
@@ -2928,7 +2807,9 @@
.Authorization(TAG_NO_AUTH_REQUIRED)
.Padding(PaddingMode::NONE)
.AttestationChallenge(challenge)
- .AttestationApplicationId(app_id)));
+ .AttestationApplicationId(app_id),
+ /*attest_key=*/std::nullopt, &key_blob_,
+ &key_characteristics_, &cert_chain_));
ASSERT_EQ(cert_chain_.size(), 0);
}
@@ -8510,17 +8391,6 @@
.Authorization(TAG_ATTESTATION_CHALLENGE, challenge)
.SetDefaultValidity();
ErrorCode result = GenerateKey(builder);
-
- if (SecLevel() == SecurityLevel::STRONGBOX) {
- if (result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {
- result = GenerateKeyWithSelfSignedAttestKey(
- AuthorizationSetBuilder()
- .EcdsaKey(EcCurve::P_256)
- .AttestKey()
- .SetDefaultValidity(), /* attest key params */
- builder, &key_blob_, &key_characteristics_, &cert_chain_);
- }
- }
ASSERT_EQ(ErrorCode::OK, result) << "Failed to generate key";
ASSERT_GT(cert_chain_.size(), 0);
X509_Ptr kmKeyCert(parse_cert_blob(cert_chain_[0].encodedCertificate));
@@ -8811,11 +8681,6 @@
KeyBlobDeleter ecdsa_deleter(keymint_, ecdsaKeyData.blob);
for (const auto& keyData : {aesKeyData, hmacKeyData, rsaKeyData, ecdsaKeyData}) {
- // Strongbox may not support factory attestation. Key creation might fail with
- // ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED
- if (SecLevel() == SecurityLevel::STRONGBOX && keyData.blob.size() == 0U) {
- continue;
- }
ASSERT_GT(keyData.blob.size(), 0U);
AuthorizationSet crypto_params = SecLevelAuthorizations(keyData.characteristics);
EXPECT_TRUE(crypto_params.Contains(TAG_EARLY_BOOT_ONLY)) << crypto_params;
diff --git a/security/secretkeeper/aidl/Android.bp b/security/secretkeeper/aidl/Android.bp
index 4975ab9..d282621 100644
--- a/security/secretkeeper/aidl/Android.bp
+++ b/security/secretkeeper/aidl/Android.bp
@@ -28,7 +28,8 @@
frozen: true,
backend: {
java: {
- enabled: false,
+ enabled: true,
+ platform_apis: true,
},
ndk: {
enabled: true,
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
new file mode 100644
index 0000000..7efcdd6
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+interface IHwCryptoKey {
+ android.hardware.security.see.hwcrypto.IHwCryptoKey.DiceCurrentBoundKeyResult deriveCurrentDicePolicyBoundKey(in android.hardware.security.see.hwcrypto.IHwCryptoKey.DiceBoundDerivationKey derivationKey);
+ android.hardware.security.see.hwcrypto.IHwCryptoKey.DiceBoundKeyResult deriveDicePolicyBoundKey(in android.hardware.security.see.hwcrypto.IHwCryptoKey.DiceBoundDerivationKey derivationKey, in byte[] dicePolicyForKeyVersion);
+ android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKey deriveKey(in android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKeyParameters parameters);
+ enum DeviceKeyId {
+ DEVICE_BOUND_KEY,
+ BATCH_KEY,
+ }
+ union DiceBoundDerivationKey {
+ android.hardware.security.see.hwcrypto.IOpaqueKey opaqueKey;
+ android.hardware.security.see.hwcrypto.IHwCryptoKey.DeviceKeyId keyId;
+ }
+ parcelable DiceCurrentBoundKeyResult {
+ android.hardware.security.see.hwcrypto.IOpaqueKey diceBoundKey;
+ byte[] dicePolicyForKeyVersion;
+ }
+ parcelable DiceBoundKeyResult {
+ android.hardware.security.see.hwcrypto.IOpaqueKey diceBoundKey;
+ boolean dicePolicyWasCurrent;
+ }
+ parcelable ClearKeyPolicy {
+ int keySizeBytes;
+ }
+ union DerivedKeyPolicy {
+ android.hardware.security.see.hwcrypto.KeyPolicy opaqueKey;
+ android.hardware.security.see.hwcrypto.IHwCryptoKey.ClearKeyPolicy clearKey;
+ }
+ parcelable DerivedKeyParameters {
+ android.hardware.security.see.hwcrypto.IOpaqueKey derivationKey;
+ android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKeyPolicy keyPolicy;
+ byte[] context;
+ }
+ union DerivedKey {
+ byte[] explicitKey = {};
+ android.hardware.security.see.hwcrypto.IOpaqueKey opaque;
+ }
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
new file mode 100644
index 0000000..939014a
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
@@ -0,0 +1,186 @@
+/*
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.IOpaqueKey;
+import android.hardware.security.see.hwcrypto.KeyPolicy;
+
+/*
+ * Higher level interface to access and generate keys.
+ */
+interface IHwCryptoKey {
+ /*
+ * Identifier for the requested device provided key. The currently supported identifiers are:
+ *
+ * DEVICE_BOUND_KEY:
+ * This is a key unique to the device.
+ * BATCH_KEY:
+ * This is a shared by a set of devices.
+ */
+ enum DeviceKeyId {
+ DEVICE_BOUND_KEY,
+ BATCH_KEY,
+ }
+ union DiceBoundDerivationKey {
+ /*
+ * Opaque to be used to derive the DICE bound key.
+ */
+ IOpaqueKey opaqueKey;
+
+ /*
+ * Device provided key to be used to derive the DICE bound key.
+ */
+ DeviceKeyId keyId;
+ }
+
+ parcelable DiceCurrentBoundKeyResult {
+ /*
+ * Key cryptographically bound to a DICE policy.
+ */
+ IOpaqueKey diceBoundKey;
+
+ /*
+ * Current dice policy which was used to generate the returned key. This policy is
+ * opaque from this service perspective (it will be sent to an Authentication Manager
+ * Service to be verified). It follows the structure defined on DicePolicy.cddl, located
+ * under hardware/interfaces/security/authgraph/aidl/android/hardware/security/authgraph/
+ * with the caveat that it could be encrypted if the client does not have enough permissions
+ * to see the device dice policy information.
+ */
+ byte[] dicePolicyForKeyVersion;
+ }
+
+ parcelable DiceBoundKeyResult {
+ /*
+ * Key cryptographically bound to a DICE policy.
+ */
+ IOpaqueKey diceBoundKey;
+
+ /*
+ * Indicates if the diceBoundKey returned was created using a current DICE policy. The
+ * caller can use this to detect if an old policy was provided and rotate its keys if so
+ * desired. Old, valid policies remain usable, but care needs to be taken to not continue to
+ * use a potentially compromised key.
+ */
+ boolean dicePolicyWasCurrent;
+ }
+
+ parcelable ClearKeyPolicy {
+ /*
+ * Indicates the desired key size. It will be used to calculate how many bytes of key
+ * material should be returned.
+ */
+ int keySizeBytes;
+ }
+
+ union DerivedKeyPolicy {
+ /*
+ * Policy for the newly derived opaque key. Defines how the key can be used and its type.
+ */
+ KeyPolicy opaqueKey;
+
+ /*
+ * If used we will derive a clear key and pass it back as an array of bytes on
+ * <code>HwCryptoKeyMaterial::explicitKey</code>.
+ */
+ ClearKeyPolicy clearKey;
+ }
+
+ parcelable DerivedKeyParameters {
+ /*
+ * Key to be used to derive the new key using HKDF.
+ */
+ IOpaqueKey derivationKey;
+
+ /*
+ * Policy for the newly derived key. Depending on its type, either a clear or opaque key
+ * will be derived.
+ */
+ DerivedKeyPolicy keyPolicy;
+
+ /*
+ * An arbitrary set of bytes incorporated into the key derivation. May have
+ * an implementation-specific maximum length, but it is guaranteed to accept
+ * at least 32 bytes.
+ */
+ byte[] context;
+ }
+
+ union DerivedKey {
+ /*
+ * Derived key in clear format.
+ */
+ byte[] explicitKey = {};
+
+ /*
+ * Derived key as a key token to be used only through the HWCrypto service.
+ */
+ IOpaqueKey opaque;
+ }
+
+ /*
+ * deriveCurrentDicePolicyBoundKey() - Derives a versioned key tied to the caller's current DICE
+ * policy. It will return this current policy back to the caller
+ * along with the generated key.
+ *
+ * @derivationKey:
+ * Key to be used to derive the new key using HKDF.
+ *
+ * Return:
+ * Ok(DiceCurrentBoundKeyResult) on success, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ DiceCurrentBoundKeyResult deriveCurrentDicePolicyBoundKey(
+ in DiceBoundDerivationKey derivationKey);
+
+ /*
+ * deriveDicePolicyBoundKey() - Derive a versioned key by checking the provided DICE policy
+ * against the caller and then using it as a context for deriving
+ * the returned key.
+ *
+ * @derivationKey:
+ * Key to be used to derive the new key using HKDF.
+ *
+ * @dicePolicyForKeyVersion:
+ * Policy used to derive keys tied to specific versions. Using this parameter
+ * the caller can tie a derived key to a minimum version of itself, so in the future only
+ * itself or a more recent version can derive the same key. This parameter is opaque to the
+ * caller and it could be encrypted in the case the client doesn't have permission to know
+ * the dice chain.
+ * When implementing this function, this parameter shall be one of the components fed
+ * to the KDF context and it needs to be checked against the caller DICE certificate before
+ * being used.
+ *
+ * Return:
+ * Ok(DiceBoundKeyResult) on success, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ DiceBoundKeyResult deriveDicePolicyBoundKey(
+ in DiceBoundDerivationKey derivationKey, in byte[] dicePolicyForKeyVersion);
+
+ /*
+ * deriveKey() - Derive a new key based on the given key, policy and context.
+ *
+ * @parameters:
+ * Parameters used for the key derivation. See <code>DerivedKeyParameters</code> on this
+ * file for more information.
+ *
+ * Return:
+ * Ok(HwCryptoKeyMaterial) on success, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ DerivedKey deriveKey(in DerivedKeyParameters parameters);
+}
diff --git a/threadnetwork/aidl/default/socket_interface.cpp b/threadnetwork/aidl/default/socket_interface.cpp
index f874209..0544502 100644
--- a/threadnetwork/aidl/default/socket_interface.cpp
+++ b/threadnetwork/aidl/default/socket_interface.cpp
@@ -23,6 +23,7 @@
#include "socket_interface.hpp"
#include <errno.h>
+#include <linux/limits.h>
#include <openthread/logging.h>
#include <sys/inotify.h>
#include <sys/socket.h>
@@ -42,6 +43,8 @@
namespace hardware {
namespace threadnetwork {
+const char SocketInterface::kLogModuleName[] = "SocketIntface";
+
SocketInterface::SocketInterface(const ot::Url::Url& aRadioUrl)
: mReceiveFrameCallback(nullptr),
mReceiveFrameContext(nullptr),
@@ -157,7 +160,7 @@
} else if (rval < 0) {
DieNow(OT_EXIT_ERROR_ERRNO);
} else {
- otLogCritPlat("Socket connection is closed by remote.");
+ LogCrit("Socket connection is closed by remote.");
exit(OT_EXIT_FAILURE);
}
}
@@ -192,7 +195,7 @@
mReceiveFrameCallback(mReceiveFrameContext);
} else {
mReceiveFrameBuffer->DiscardFrame();
- otLogWarnPlat("Process socket frame failed: %s", otThreadErrorToString(aError));
+ LogWarn("Process socket frame failed: %s", otThreadErrorToString(aError));
}
exit:
@@ -204,16 +207,16 @@
sockaddr_un serverAddress;
VerifyOrExit(sizeof(serverAddress.sun_path) > strlen(aRadioUrl.GetPath()),
- otLogCritPlat("Invalid file path length"));
+ LogCrit("Invalid file path length"));
strncpy(serverAddress.sun_path, aRadioUrl.GetPath(), sizeof(serverAddress.sun_path));
serverAddress.sun_family = AF_UNIX;
fd = socket(AF_UNIX, SOCK_SEQPACKET, 0);
- VerifyOrExit(fd != -1, otLogCritPlat("open(): errno=%s", strerror(errno)));
+ VerifyOrExit(fd != -1, LogCrit("open(): errno=%s", strerror(errno)));
if (connect(fd, reinterpret_cast<struct sockaddr*>(&serverAddress), sizeof(serverAddress)) ==
-1) {
- otLogCritPlat("connect(): errno=%s", strerror(errno));
+ LogCrit("connect(): errno=%s", strerror(errno));
close(fd);
fd = -1;
}
@@ -225,9 +228,9 @@
void SocketInterface::CloseFile(void) {
VerifyOrExit(mSockFd != -1);
- VerifyOrExit(0 == close(mSockFd), otLogCritPlat("close(): errno=%s", strerror(errno)));
+ VerifyOrExit(0 == close(mSockFd), LogCrit("close(): errno=%s", strerror(errno)));
VerifyOrExit(wait(nullptr) != -1 || errno == ECHILD,
- otLogCritPlat("wait(): errno=%s", strerror(errno)));
+ LogCrit("wait(): errno=%s", strerror(errno)));
mSockFd = -1;
@@ -254,7 +257,7 @@
wd = inotify_add_watch(inotifyFd, folderPath.c_str(), IN_CREATE);
VerifyOrDie(wd != -1, OT_EXIT_ERROR_ERRNO);
- otLogInfoPlat("Waiting for socket file %s be created...", aPath);
+ LogInfo("Waiting for socket file %s be created...", aPath);
while (true) {
fd_set fds;
@@ -271,7 +274,7 @@
}
if (FD_ISSET(inotifyFd, &fds)) {
- char buffer[sizeof(struct inotify_event)];
+ char buffer[sizeof(struct inotify_event) + NAME_MAX + 1];
ssize_t bytesRead = read(inotifyFd, buffer, sizeof(buffer));
VerifyOrDie(bytesRead >= 0, OT_EXIT_ERROR_ERRNO);
@@ -286,7 +289,7 @@
close(inotifyFd);
exit:
- otLogInfoPlat("Socket file: %s is created", aPath);
+ LogInfo("Socket file: %s is created", aPath);
return;
}
diff --git a/threadnetwork/aidl/default/socket_interface.hpp b/threadnetwork/aidl/default/socket_interface.hpp
index f88e926..6f3be7f 100644
--- a/threadnetwork/aidl/default/socket_interface.hpp
+++ b/threadnetwork/aidl/default/socket_interface.hpp
@@ -22,6 +22,7 @@
#include "lib/spinel/spinel_interface.hpp"
#include "lib/url/url.hpp"
+#include "logger.hpp"
namespace aidl {
namespace android {
@@ -32,8 +33,11 @@
* Defines a Socket interface to the Radio Co-processor (RCP)
*
*/
-class SocketInterface : public ot::Spinel::SpinelInterface {
+class SocketInterface : public ot::Spinel::SpinelInterface,
+ public ot::Posix::Logger<SocketInterface> {
public:
+ static const char kLogModuleName[]; ///< Module name used for logging.
+
/**
* Initializes the object.
*
diff --git a/threadnetwork/aidl/default/utils.cpp b/threadnetwork/aidl/default/utils.cpp
index 1cb42ec..3552b3a 100644
--- a/threadnetwork/aidl/default/utils.cpp
+++ b/threadnetwork/aidl/default/utils.cpp
@@ -20,6 +20,20 @@
#include <openthread/platform/alarm-milli.h>
#include <utils/Log.h>
+void otLogPlatArgs(otLogLevel aLogLevel, const char* aPlatModuleName, const char* aFormat,
+ va_list aArgs) {
+ OT_UNUSED_VARIABLE(aPlatModuleName);
+ static const android_LogPriority kLogPriorities[] = {ANDROID_LOG_SILENT, ANDROID_LOG_FATAL,
+ ANDROID_LOG_WARN, ANDROID_LOG_INFO,
+ ANDROID_LOG_INFO, ANDROID_LOG_DEBUG};
+
+ if (aLogLevel >= sizeof(kLogPriorities) / sizeof(android_LogPriority)) {
+ return;
+ }
+
+ __android_log_vprint(kLogPriorities[aLogLevel], LOG_TAG, aFormat, aArgs);
+}
+
void otLogCritPlat(const char* format, ...) {
va_list args;
@@ -28,38 +42,6 @@
va_end(args);
}
-void otLogWarnPlat(const char* format, ...) {
- va_list args;
-
- va_start(args, format);
- __android_log_vprint(ANDROID_LOG_WARN, LOG_TAG, format, args);
- va_end(args);
-}
-
-void otLogNotePlat(const char* format, ...) {
- va_list args;
-
- va_start(args, format);
- __android_log_vprint(ANDROID_LOG_INFO, LOG_TAG, format, args);
- va_end(args);
-}
-
-void otLogInfoPlat(const char* format, ...) {
- va_list args;
-
- va_start(args, format);
- __android_log_vprint(ANDROID_LOG_INFO, LOG_TAG, format, args);
- va_end(args);
-}
-
-void otLogDebgPlat(const char* format, ...) {
- va_list args;
-
- va_start(args, format);
- __android_log_vprint(ANDROID_LOG_DEBUG, LOG_TAG, format, args);
- va_end(args);
-}
-
void otDumpDebgPlat(const char* aText, const void* aData, uint16_t aDataLength) {
constexpr uint16_t kBufSize = 512;
char buf[kBufSize];
diff --git a/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp b/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
index 6c6846f..db474d6 100644
--- a/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
+++ b/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
@@ -41,6 +41,8 @@
using android::hardware::vibrator::PrimitivePwle;
using std::chrono::high_resolution_clock;
+using namespace ::std::chrono_literals;
+
const std::vector<Effect> kEffects{android::enum_range<Effect>().begin(),
android::enum_range<Effect>().end()};
const std::vector<EffectStrength> kEffectStrengths{android::enum_range<EffectStrength>().begin(),
@@ -71,6 +73,9 @@
static_cast<CompositePrimitive>(static_cast<int32_t>(kCompositePrimitives.back()) + 1),
};
+// Timeout to wait for vibration callback completion.
+static constexpr auto VIBRATION_CALLBACK_TIMEOUT = 100ms;
+
class CompletionCallback : public BnVibratorCallback {
public:
CompletionCallback(const std::function<void()> &callback) : mCallback(callback) {}
@@ -221,7 +226,7 @@
sp<CompletionCallback> callback =
new CompletionCallback([&completionPromise] { completionPromise.set_value(); });
uint32_t durationMs = 250;
- std::chrono::milliseconds timeout{durationMs * 2};
+ auto timeout = std::chrono::milliseconds(durationMs) + VIBRATION_CALLBACK_TIMEOUT;
EXPECT_TRUE(vibrator->on(durationMs, callback).isOk());
EXPECT_EQ(completionFuture.wait_for(timeout), std::future_status::ready);
EXPECT_TRUE(vibrator->off().isOk());
@@ -288,10 +293,10 @@
if (!status.isOk())
continue;
- //TODO(b/187207798): revert back to conservative timeout values once
- //latencies have been fixed
- std::chrono::milliseconds timeout{lengthMs * 8};
+ auto timeout = std::chrono::milliseconds(lengthMs) + VIBRATION_CALLBACK_TIMEOUT;
EXPECT_EQ(completionFuture.wait_for(timeout), std::future_status::ready);
+
+ EXPECT_TRUE(vibrator->off().isOk());
}
}
}
@@ -619,9 +624,7 @@
EXPECT_EQ(Status::EX_NONE, vibrator->compose(composite, callback).exceptionCode())
<< toString(primitive);
- // TODO(b/261130361): Investigate why latency from driver and hardware will cause test
- // to fail when wait duration is ~40ms or less.
- EXPECT_EQ(completionFuture.wait_for(duration + std::chrono::milliseconds(50)),
+ EXPECT_EQ(completionFuture.wait_for(duration + VIBRATION_CALLBACK_TIMEOUT),
std::future_status::ready)
<< toString(primitive);
end = high_resolution_clock::now();
@@ -782,9 +785,7 @@
int32_t segmentDurationMaxMs;
vibrator->getPwlePrimitiveDurationMax(&segmentDurationMaxMs);
uint32_t durationMs = segmentDurationMaxMs * 2 + 100; // Sum of 2 active and 1 braking below
- //TODO(b/187207798): revert back to conservative timeout values once
- //latencies have been fixed
- std::chrono::milliseconds timeout{durationMs * 4};
+ auto timeout = std::chrono::milliseconds(durationMs) + VIBRATION_CALLBACK_TIMEOUT;
ActivePwle active = composeValidActivePwle(vibrator, capabilities);
diff --git a/wifi/legacy_headers/include/hardware_legacy/rtt.h b/wifi/legacy_headers/include/hardware_legacy/rtt.h
index 63c3325..426abe0 100644
--- a/wifi/legacy_headers/include/hardware_legacy/rtt.h
+++ b/wifi/legacy_headers/include/hardware_legacy/rtt.h
@@ -121,12 +121,10 @@
/* RTT configuration v3 (11az support)*/
typedef struct {
wifi_rtt_config rtt_config;
- byte ntb_min_measurement_time_millis; // 11az Non-Trigger-based (non-TB) minimum measurement
- // time in milliseconds
- byte ntb_max_measurement_time_millis; // 11az Non-Trigger-based (non-TB) maximum measurement
- // time in milliseconds
- byte tx_ltf_repetition_count; // Multiple transmissions of HE-LTF symbols in an HE
- // Ranging NDP. A value of 1 indicates no repetition.
+ u64 ntb_min_measurement_time; // 11az Non-Trigger-based (non-TB) minimum measurement time in
+ // units of 100 microseconds
+ u64 ntb_max_measurement_time; // 11az Non-Trigger-based (non-TB) maximum measurement time in
+ // units of 10 milliseconds
} wifi_rtt_config_v3;
/* RTT results */
@@ -184,11 +182,19 @@
/* RTT results v3 (11az support)*/
typedef struct {
wifi_rtt_result_v2 rtt_result;
- int tx_ltf_repetition_count; // 11az Transmit LTF repetitions used to get this result.
- int ntb_min_measurement_time_millis; // Minimum non-trigger based (non-TB) dynamic measurement
- // time in milliseconds assigned by the 11az responder.
- int ntb_max_measurement_time_millis; // Maximum non-trigger based (non-TB) dynamic measurement
- // time in milliseconds assigned by the 11az responder.
+ byte i2r_tx_ltf_repetition_count;// Multiple transmissions of HE-LTF symbols in an HE (I2R)
+ // Ranging NDP. An HE-LTF repetition value of 1 indicates no
+ // repetitions.
+ byte r2i_tx_ltf_repetition_count;// Multiple transmissions of HE-LTF symbols in an HE (R2I)
+ // Ranging NDP. An HE-LTF repetition value of 1 indicates no
+ // repetitions.
+ u64 ntb_min_measurement_time; // Minimum non-trigger based (non-TB) dynamic measurement time
+ // in units of 100 microseconds assigned by the 11az responder.
+ u64 ntb_max_measurement_time; // Maximum non-trigger based (non-TB) dynamic measurement
+ // time in units of 10 milliseconds assigned by the 11az
+ // responder.
+ byte num_tx_sts; // Number of transmit space-time streams used.
+ byte num_rx_sts; // Number of receive space-time streams used.
} wifi_rtt_result_v3;
@@ -305,8 +311,6 @@
byte az_bw_support; // bit mask indicates what BW is supported by 11az initiator
byte ntb_initiator_supported; // if 11az non-TB initiator is supported
byte ntb_responder_supported; // if 11az non-TB responder is supported
- byte max_tx_ltf_repetition_count;// maximum HE LTF repetitions the 11az initiator is capable of
- // transmitting in the preamble of I2R NDP
} wifi_rtt_capabilities_v3;
/* RTT capabilities v3 of the device (11az support) */
diff --git a/wifi/legacy_headers/include/hardware_legacy/wifi_hal.h b/wifi/legacy_headers/include/hardware_legacy/wifi_hal.h
index 9c82e80..e770777 100644
--- a/wifi/legacy_headers/include/hardware_legacy/wifi_hal.h
+++ b/wifi/legacy_headers/include/hardware_legacy/wifi_hal.h
@@ -417,6 +417,24 @@
wifi_iface_combination iface_combinations[MAX_IFACE_COMBINATIONS];
} wifi_iface_concurrency_matrix;
+/* Wifi OUI data */
+typedef struct {
+ /* OUI : 24-bit organizationally unique identifier to identify the Vendor/OEM */
+ u32 oui;
+ /* Length of the data buffer */
+ u32 data_len;
+ /* Vendor-specific data */
+ const u8 *data;
+} oui_keyed_data;
+
+/* Wifi Vendor data list */
+typedef struct {
+ /* Number of OUI Keyed Data objects */
+ u32 num_oui_keyed_data;
+ /* List of OUI Keyed Data */
+ oui_keyed_data *oui_data;
+} wifi_vendor_data;
+
/* Initialize/Cleanup */
wifi_error wifi_initialize(wifi_handle *handle);
@@ -1007,6 +1025,16 @@
*/
wifi_error (*wifi_twt_get_capabilities)(wifi_interface_handle iface,
wifi_twt_capabilities* capabilities);
+
+ /**
+ * Register TWT events before sending any TWT request
+ *
+ * @param wifi_interface_handle:
+ * @param events: TWT events callbacks to register
+ * @return Synchronous wifi_error
+ */
+ wifi_error (*wifi_twt_register_events)(wifi_interface_handle iface, wifi_twt_events events);
+
/**
* Setup a TWT session.
*
@@ -1017,11 +1045,10 @@
* @param id Identifier for the command. The value 0 is reserved.
* @param iface Wifi interface handle
* @param request TWT request parameters
- * @param events TWT events
* @return Synchronous wifi_error
*/
wifi_error (*wifi_twt_session_setup)(wifi_request_id id, wifi_interface_handle iface,
- wifi_twt_request request, wifi_twt_events events);
+ wifi_twt_request request);
/**
* Update a TWT session.
*
@@ -1098,7 +1125,7 @@
* @param TwtCallbackHandler: callback function pointers
* @return Synchronous wifi_error
*
- * Note: This function is deprecated
+ * Note: This function is deprecated by wifi_twt_register_events
*/
wifi_error (*wifi_twt_register_handler)(wifi_interface_handle iface,
TwtCallbackHandler handler);
@@ -1170,7 +1197,7 @@
* @param config_id: configuration ID of TWT request
* @return Synchronous wifi_error
*
- * Note: This function is deprecated by wifi_twt_session_clear_stats
+ * Note: This function is deprecated.
*/
wifi_error (*wifi_twt_clear_stats)(wifi_interface_handle iface, u8 config_id);
@@ -1373,6 +1400,18 @@
*/
wifi_error (*wifi_set_mlo_mode)(wifi_handle handle, wifi_mlo_mode mode);
+ /**@brief wifi_virtual_interface_create_with_vendor_data
+ * Create new virtual interface using vendor data.
+ * @param handle: global wifi_handle
+ * @param ifname: name of interface to be created.
+ * @param iface_type: one of interface types from wifi_interface_type.
+ * @param vendor_data: vendor data to apply on this interface.
+ * @return Synchronous wifi_error
+ */
+ wifi_error (*wifi_virtual_interface_create_with_vendor_data)
+ (wifi_handle handle, const char* ifname,
+ wifi_interface_type iface_type, wifi_vendor_data* vendor_data);
+
/*
* when adding new functions make sure to add stubs in
* wifi_legacy_hal_stubs.cpp::initHalFuncTableWithStubs
diff --git a/wifi/legacy_headers/include/hardware_legacy/wifi_twt.h b/wifi/legacy_headers/include/hardware_legacy/wifi_twt.h
index 1a787ef..cb11c78 100644
--- a/wifi/legacy_headers/include/hardware_legacy/wifi_twt.h
+++ b/wifi/legacy_headers/include/hardware_legacy/wifi_twt.h
@@ -31,8 +31,8 @@
u8 is_flexible_twt_supported; // 0 for not supporting flexible twt schedules
u32 min_wake_duration_micros; // minimum twt wake duration capable in microseconds
u32 max_wake_duration_micros; // maximum twt wake duration capable in microseconds
- u32 min_wake_interval_micros; // minimum twt wake interval capable in microseconds
- u32 max_wake_interval_micros; // maximum twt wake interval capable in microseconds
+ u64 min_wake_interval_micros; // minimum twt wake interval capable in microseconds
+ u64 max_wake_interval_micros; // maximum twt wake interval capable in microseconds
} wifi_twt_capabilities;
/* TWT request parameters to setup or update a TWT session */
@@ -41,8 +41,8 @@
// Otherwise UNSPECIFIED.
u32 min_wake_duration_micros; // minimum twt wake duration in microseconds
u32 max_wake_duration_micros; // maximum twt wake duration in microseconds
- u32 min_wake_interval_micros; // minimum twt wake interval in microseconds
- u32 max_wake_interval_micros; // maximum twt wake interval in microseconds
+ u64 min_wake_interval_micros; // minimum twt wake interval in microseconds
+ u64 max_wake_interval_micros; // maximum twt wake interval in microseconds
} wifi_twt_request;
/* TWT negotiation types */
@@ -56,7 +56,7 @@
u32 session_id; // a unique identifier for the session
s8 mlo_link_id; // link id in case of MLO connection. Otherwise UNSPECIFIED.
u32 wake_duration_micros; // TWT service period in microseconds
- u32 wake_interval_micros; // TWT wake interval for this session in microseconds
+ u64 wake_interval_micros; // TWT wake interval for this session in microseconds
wifi_twt_negotiation_type negotiation_type; // TWT negotiation type
u8 is_trigger_enabled; // 0 if this TWT session is not trigger enabled
u8 is_announced; // 0 if this TWT session is not announced