Merge "audio: Remove audio effects config from audio HAL VAPEX" into main
diff --git a/audio/aidl/vts/Android.bp b/audio/aidl/vts/Android.bp
index 5218fdd..d219fa4 100644
--- a/audio/aidl/vts/Android.bp
+++ b/audio/aidl/vts/Android.bp
@@ -26,6 +26,7 @@
"android.hardware.common.fmq-V1-ndk",
"libaudioaidlcommon",
"libaidlcommonsupport",
+ "libpffft",
],
header_libs: [
"libaudioaidl_headers",
@@ -36,6 +37,7 @@
"-Wextra",
"-Werror",
"-Wthread-safety",
+ "-Wno-error=unused-parameter",
],
test_config_template: "VtsHalAudioTargetTestTemplate.xml",
test_suites: [
diff --git a/audio/aidl/vts/EffectHelper.h b/audio/aidl/vts/EffectHelper.h
index 0be4e50..82a07fd 100644
--- a/audio/aidl/vts/EffectHelper.h
+++ b/audio/aidl/vts/EffectHelper.h
@@ -37,6 +37,7 @@
#include "EffectFactoryHelper.h"
#include "TestUtils.h"
+#include "pffft.hpp"
using namespace android;
using aidl::android::hardware::audio::effect::CommandId;
@@ -329,4 +330,45 @@
ASSERT_NO_FATAL_FAILURE(command(mEffect, CommandId::RESET));
ASSERT_NO_FATAL_FAILURE(expectState(mEffect, State::IDLE));
}
+
+ // Find FFT bin indices for testFrequencies and get bin center frequencies
+ void roundToFreqCenteredToFftBin(std::vector<int>& testFrequencies,
+ std::vector<int>& binOffsets, const float kBinWidth) {
+ for (size_t i = 0; i < testFrequencies.size(); i++) {
+ binOffsets[i] = std::round(testFrequencies[i] / kBinWidth);
+ testFrequencies[i] = std::round(binOffsets[i] * kBinWidth);
+ }
+ }
+
+ // Generate multitone input between -1 to +1 using testFrequencies
+ void generateMultiTone(const std::vector<int>& testFrequencies, std::vector<float>& input,
+ const int samplingFrequency) {
+ for (size_t i = 0; i < input.size(); i++) {
+ input[i] = 0;
+
+ for (size_t j = 0; j < testFrequencies.size(); j++) {
+ input[i] += sin(2 * M_PI * testFrequencies[j] * i / samplingFrequency);
+ }
+ input[i] /= testFrequencies.size();
+ }
+ }
+
+ // Use FFT transform to convert the buffer to frequency domain
+ // Compute its magnitude at binOffsets
+ std::vector<float> calculateMagnitude(const std::vector<float>& buffer,
+ const std::vector<int>& binOffsets, const int nPointFFT) {
+ std::vector<float> fftInput(nPointFFT);
+ PFFFT_Setup* inputHandle = pffft_new_setup(nPointFFT, PFFFT_REAL);
+ pffft_transform_ordered(inputHandle, buffer.data(), fftInput.data(), nullptr,
+ PFFFT_FORWARD);
+ pffft_destroy_setup(inputHandle);
+ std::vector<float> bufferMag(binOffsets.size());
+ for (size_t i = 0; i < binOffsets.size(); i++) {
+ size_t k = binOffsets[i];
+ bufferMag[i] = sqrt((fftInput[k * 2] * fftInput[k * 2]) +
+ (fftInput[k * 2 + 1] * fftInput[k * 2 + 1]));
+ }
+
+ return bufferMag;
+ }
};
diff --git a/audio/aidl/vts/VtsHalVolumeTargetTest.cpp b/audio/aidl/vts/VtsHalVolumeTargetTest.cpp
index aa2c05f..059d6ab 100644
--- a/audio/aidl/vts/VtsHalVolumeTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalVolumeTargetTest.cpp
@@ -21,6 +21,7 @@
using namespace android;
+using aidl::android::hardware::audio::common::getChannelCount;
using aidl::android::hardware::audio::effect::Descriptor;
using aidl::android::hardware::audio::effect::getEffectTypeUuidVolume;
using aidl::android::hardware::audio::effect::IEffect;
@@ -29,6 +30,80 @@
using aidl::android::hardware::audio::effect::Volume;
using android::hardware::audio::common::testing::detail::TestExecutionTracer;
+class VolumeControlHelper : public EffectHelper {
+ public:
+ void SetUpVolumeControl() {
+ ASSERT_NE(nullptr, mFactory);
+ ASSERT_NO_FATAL_FAILURE(create(mFactory, mEffect, mDescriptor));
+ initFrameCount();
+ Parameter::Specific specific = getDefaultParamSpecific();
+ Parameter::Common common = EffectHelper::createParamCommon(
+ 0 /* session */, 1 /* ioHandle */, kSamplingFrequency /* iSampleRate */,
+ kSamplingFrequency /* oSampleRate */, mInputFrameCount /* iFrameCount */,
+ mInputFrameCount /* oFrameCount */);
+ ASSERT_NO_FATAL_FAILURE(open(mEffect, common, specific, &mOpenEffectReturn, EX_NONE));
+ ASSERT_NE(nullptr, mEffect);
+ }
+
+ void TearDownVolumeControl() {
+ ASSERT_NO_FATAL_FAILURE(close(mEffect));
+ ASSERT_NO_FATAL_FAILURE(destroy(mFactory, mEffect));
+ mOpenEffectReturn = IEffect::OpenEffectReturn{};
+ }
+
+ Parameter::Specific getDefaultParamSpecific() {
+ Volume vol = Volume::make<Volume::levelDb>(kMinLevel);
+ Parameter::Specific specific = Parameter::Specific::make<Parameter::Specific::volume>(vol);
+ return specific;
+ }
+
+ Parameter createVolumeParam(int param, Volume::Tag volTag) {
+ return Parameter::make<Parameter::specific>(
+ Parameter::Specific::make<Parameter::Specific::volume>(
+ (volTag == Volume::mute) ? Volume::make<Volume::mute>(param)
+ : Volume::make<Volume::levelDb>(param)));
+ }
+
+ void initFrameCount() {
+ int channelCount = getChannelCount(
+ AudioChannelLayout::make<AudioChannelLayout::layoutMask>(kDefaultChannelLayout));
+ mInputFrameCount = kBufferSize / channelCount;
+ mOutputFrameCount = kBufferSize / channelCount;
+ }
+
+ bool isLevelValid(int level) {
+ auto vol = Volume::make<Volume::levelDb>(level);
+ return isParameterValid<Volume, Range::volume>(vol, mDescriptor);
+ }
+
+ void setAndVerifyParameters(Volume::Tag volTag, int param, binder_exception_t expected) {
+ auto expectedParam = createVolumeParam(param, volTag);
+ EXPECT_STATUS(expected, mEffect->setParameter(expectedParam)) << expectedParam.toString();
+
+ if (expected == EX_NONE) {
+ Volume::Id volId = Volume::Id::make<Volume::Id::commonTag>(volTag);
+
+ auto id = Parameter::Id::make<Parameter::Id::volumeTag>(volId);
+ // get parameter
+ Parameter getParam;
+ // if set success, then get should match
+ EXPECT_STATUS(expected, mEffect->getParameter(id, &getParam));
+ EXPECT_EQ(expectedParam, getParam) << "\nexpectedParam:" << expectedParam.toString()
+ << "\ngetParam:" << getParam.toString();
+ }
+ }
+
+ static constexpr int kSamplingFrequency = 44100;
+ static constexpr int kDurationMilliSec = 2000;
+ static constexpr int kBufferSize = kSamplingFrequency * kDurationMilliSec / 1000;
+ static constexpr int kMinLevel = -96;
+ static constexpr int kDefaultChannelLayout = AudioChannelLayout::LAYOUT_STEREO;
+ long mInputFrameCount, mOutputFrameCount;
+ std::shared_ptr<IFactory> mFactory;
+ std::shared_ptr<IEffect> mEffect;
+ IEffect::OpenEffectReturn mOpenEffectReturn;
+ Descriptor mDescriptor;
+};
/**
* Here we focus on specific parameter checking, general IEffect interfaces testing performed in
* VtsAudioEffectTargetTest.
@@ -37,7 +112,8 @@
using VolumeParamTestParam =
std::tuple<std::pair<std::shared_ptr<IFactory>, Descriptor>, int, bool>;
-class VolumeParamTest : public ::testing::TestWithParam<VolumeParamTestParam>, public EffectHelper {
+class VolumeParamTest : public ::testing::TestWithParam<VolumeParamTestParam>,
+ public VolumeControlHelper {
public:
VolumeParamTest()
: mParamLevel(std::get<PARAM_LEVEL>(GetParam())),
@@ -45,94 +121,167 @@
std::tie(mFactory, mDescriptor) = std::get<PARAM_INSTANCE_NAME>(GetParam());
}
- void SetUp() override {
- ASSERT_NE(nullptr, mFactory);
- ASSERT_NO_FATAL_FAILURE(create(mFactory, mEffect, mDescriptor));
+ void SetUp() override { ASSERT_NO_FATAL_FAILURE(SetUpVolumeControl()); }
+ void TearDown() override { TearDownVolumeControl(); }
- Parameter::Specific specific = getDefaultParamSpecific();
- Parameter::Common common = EffectHelper::createParamCommon(
- 0 /* session */, 1 /* ioHandle */, 44100 /* iSampleRate */, 44100 /* oSampleRate */,
- kInputFrameCount /* iFrameCount */, kOutputFrameCount /* oFrameCount */);
- IEffect::OpenEffectReturn ret;
- ASSERT_NO_FATAL_FAILURE(open(mEffect, common, specific, &ret, EX_NONE));
- ASSERT_NE(nullptr, mEffect);
- }
- void TearDown() override {
- ASSERT_NO_FATAL_FAILURE(close(mEffect));
- ASSERT_NO_FATAL_FAILURE(destroy(mFactory, mEffect));
- }
-
- Parameter::Specific getDefaultParamSpecific() {
- Volume vol = Volume::make<Volume::levelDb>(-9600);
- Parameter::Specific specific = Parameter::Specific::make<Parameter::Specific::volume>(vol);
- return specific;
- }
-
- static const long kInputFrameCount = 0x100, kOutputFrameCount = 0x100;
- std::shared_ptr<IFactory> mFactory;
- std::shared_ptr<IEffect> mEffect;
- Descriptor mDescriptor;
int mParamLevel = 0;
bool mParamMute = false;
-
- void SetAndGetParameters() {
- for (auto& it : mTags) {
- auto& tag = it.first;
- auto& vol = it.second;
-
- // validate parameter
- Descriptor desc;
- ASSERT_STATUS(EX_NONE, mEffect->getDescriptor(&desc));
- const bool valid = isParameterValid<Volume, Range::volume>(it.second, desc);
- const binder_exception_t expected = valid ? EX_NONE : EX_ILLEGAL_ARGUMENT;
-
- // set parameter
- Parameter expectParam;
- Parameter::Specific specific;
- specific.set<Parameter::Specific::volume>(vol);
- expectParam.set<Parameter::specific>(specific);
- EXPECT_STATUS(expected, mEffect->setParameter(expectParam)) << expectParam.toString();
-
- // only get if parameter is in range and set success
- if (expected == EX_NONE) {
- Parameter getParam;
- Parameter::Id id;
- Volume::Id volId;
- volId.set<Volume::Id::commonTag>(tag);
- id.set<Parameter::Id::volumeTag>(volId);
- EXPECT_STATUS(EX_NONE, mEffect->getParameter(id, &getParam));
-
- EXPECT_EQ(expectParam, getParam) << "\nexpect:" << expectParam.toString()
- << "\ngetParam:" << getParam.toString();
- }
- }
- }
-
- void addLevelParam(int level) {
- Volume vol;
- vol.set<Volume::levelDb>(level);
- mTags.push_back({Volume::levelDb, vol});
- }
-
- void addMuteParam(bool mute) {
- Volume vol;
- vol.set<Volume::mute>(mute);
- mTags.push_back({Volume::mute, vol});
- }
-
- private:
- std::vector<std::pair<Volume::Tag, Volume>> mTags;
- void CleanUp() { mTags.clear(); }
};
-TEST_P(VolumeParamTest, SetAndGetLevel) {
- EXPECT_NO_FATAL_FAILURE(addLevelParam(mParamLevel));
- SetAndGetParameters();
+TEST_P(VolumeParamTest, SetAndGetParams) {
+ ASSERT_NO_FATAL_FAILURE(
+ setAndVerifyParameters(Volume::levelDb, mParamLevel,
+ isLevelValid(mParamLevel) ? EX_NONE : EX_ILLEGAL_ARGUMENT));
+ ASSERT_NO_FATAL_FAILURE(setAndVerifyParameters(Volume::mute, mParamMute, EX_NONE));
}
-TEST_P(VolumeParamTest, SetAndGetMute) {
- EXPECT_NO_FATAL_FAILURE(addMuteParam(mParamMute));
- SetAndGetParameters();
+using VolumeDataTestParam = std::pair<std::shared_ptr<IFactory>, Descriptor>;
+
+class VolumeDataTest : public ::testing::TestWithParam<VolumeDataTestParam>,
+ public VolumeControlHelper {
+ public:
+ VolumeDataTest() {
+ std::tie(mFactory, mDescriptor) = GetParam();
+ mInput.resize(kBufferSize);
+ mInputMag.resize(mTestFrequencies.size());
+ mBinOffsets.resize(mTestFrequencies.size());
+ roundToFreqCenteredToFftBin(mTestFrequencies, mBinOffsets, kBinWidth);
+ generateMultiTone(mTestFrequencies, mInput, kSamplingFrequency);
+ mInputMag = calculateMagnitude(mInput, mBinOffsets, kNPointFFT);
+ }
+
+ std::vector<int> calculatePercentageDiff(const std::vector<float>& outputMag) {
+ std::vector<int> percentages(mTestFrequencies.size());
+
+ for (size_t i = 0; i < mInputMag.size(); i++) {
+ float diff = mInputMag[i] - outputMag[i];
+ percentages[i] = std::round(diff / mInputMag[i] * 100);
+ }
+ return percentages;
+ }
+
+ // Convert Decibel value to Percentage
+ int percentageDb(float level) { return std::round((1 - (pow(10, level / 20))) * 100); }
+
+ void SetUp() override { ASSERT_NO_FATAL_FAILURE(SetUpVolumeControl()); }
+ void TearDown() override { TearDownVolumeControl(); }
+
+ static constexpr int kMaxAudioSample = 1;
+ static constexpr int kTransitionDuration = 300;
+ static constexpr int kNPointFFT = 32768;
+ static constexpr float kBinWidth = (float)kSamplingFrequency / kNPointFFT;
+ static constexpr size_t offset = kSamplingFrequency * kTransitionDuration / 1000;
+ static constexpr float kBaseLevel = 0;
+ std::vector<int> mTestFrequencies = {100, 1000};
+ std::vector<float> mInput;
+ std::vector<float> mInputMag;
+ std::vector<int> mBinOffsets;
+};
+
+TEST_P(VolumeDataTest, ApplyLevelMuteUnmute) {
+ std::vector<float> output(kBufferSize);
+ std::vector<int> diffs(mTestFrequencies.size());
+ std::vector<float> outputMag(mTestFrequencies.size());
+
+ if (!isLevelValid(kBaseLevel)) {
+ GTEST_SKIP() << "Volume Level not supported, skipping the test\n";
+ }
+
+ // Apply Volume Level
+
+ ASSERT_NO_FATAL_FAILURE(setAndVerifyParameters(Volume::levelDb, kBaseLevel, EX_NONE));
+ ASSERT_NO_FATAL_FAILURE(processAndWriteToOutput(mInput, output, mEffect, &mOpenEffectReturn));
+
+ outputMag = calculateMagnitude(output, mBinOffsets, kNPointFFT);
+ diffs = calculatePercentageDiff(outputMag);
+
+ for (size_t i = 0; i < diffs.size(); i++) {
+ ASSERT_EQ(diffs[i], percentageDb(kBaseLevel));
+ }
+
+ // Apply Mute
+
+ ASSERT_NO_FATAL_FAILURE(setAndVerifyParameters(Volume::mute, true /*mute*/, EX_NONE));
+ ASSERT_NO_FATAL_FAILURE(processAndWriteToOutput(mInput, output, mEffect, &mOpenEffectReturn));
+
+ std::vector<float> subOutputMute(output.begin() + offset, output.end());
+ outputMag = calculateMagnitude(subOutputMute, mBinOffsets, kNPointFFT);
+ diffs = calculatePercentageDiff(outputMag);
+
+ for (size_t i = 0; i < diffs.size(); i++) {
+ ASSERT_EQ(diffs[i], percentageDb(kMinLevel /*Mute*/));
+ }
+
+ // Verifying Fade out
+ outputMag = calculateMagnitude(output, mBinOffsets, kNPointFFT);
+ diffs = calculatePercentageDiff(outputMag);
+
+ for (size_t i = 0; i < diffs.size(); i++) {
+ ASSERT_LT(diffs[i], percentageDb(kMinLevel /*Mute*/));
+ }
+
+ // Apply Unmute
+
+ ASSERT_NO_FATAL_FAILURE(setAndVerifyParameters(Volume::mute, false /*unmute*/, EX_NONE));
+ ASSERT_NO_FATAL_FAILURE(processAndWriteToOutput(mInput, output, mEffect, &mOpenEffectReturn));
+
+ std::vector<float> subOutputUnmute(output.begin() + offset, output.end());
+
+ outputMag = calculateMagnitude(subOutputUnmute, mBinOffsets, kNPointFFT);
+ diffs = calculatePercentageDiff(outputMag);
+
+ for (size_t i = 0; i < diffs.size(); i++) {
+ ASSERT_EQ(diffs[i], percentageDb(kBaseLevel));
+ }
+
+ // Verifying Fade in
+ outputMag = calculateMagnitude(output, mBinOffsets, kNPointFFT);
+ diffs = calculatePercentageDiff(outputMag);
+
+ for (size_t i = 0; i < diffs.size(); i++) {
+ ASSERT_GT(diffs[i], percentageDb(kBaseLevel));
+ }
+}
+
+TEST_P(VolumeDataTest, DecreasingLevels) {
+ std::vector<int> decreasingLevels = {-24, -48, -96};
+ std::vector<float> baseOutput(kBufferSize);
+ std::vector<int> baseDiffs(mTestFrequencies.size());
+ std::vector<float> outputMag(mTestFrequencies.size());
+
+ if (!isLevelValid(kBaseLevel)) {
+ GTEST_SKIP() << "Volume Level not supported, skipping the test\n";
+ }
+
+ ASSERT_NO_FATAL_FAILURE(setAndVerifyParameters(Volume::levelDb, kBaseLevel, EX_NONE));
+ ASSERT_NO_FATAL_FAILURE(
+ processAndWriteToOutput(mInput, baseOutput, mEffect, &mOpenEffectReturn));
+
+ outputMag = calculateMagnitude(baseOutput, mBinOffsets, kNPointFFT);
+ baseDiffs = calculatePercentageDiff(outputMag);
+
+ for (int level : decreasingLevels) {
+ std::vector<float> output(kBufferSize);
+ std::vector<int> diffs(mTestFrequencies.size());
+
+ // Skipping the further steps for unnsupported level values
+ if (!isLevelValid(level)) {
+ continue;
+ }
+ ASSERT_NO_FATAL_FAILURE(setAndVerifyParameters(Volume::levelDb, level, EX_NONE));
+ ASSERT_NO_FATAL_FAILURE(
+ processAndWriteToOutput(mInput, output, mEffect, &mOpenEffectReturn));
+
+ outputMag = calculateMagnitude(output, mBinOffsets, kNPointFFT);
+ diffs = calculatePercentageDiff(outputMag);
+
+ // Decrease in volume level results in greater magnitude difference
+ for (size_t i = 0; i < diffs.size(); i++) {
+ ASSERT_GT(diffs[i], baseDiffs[i]);
+ }
+
+ baseDiffs = diffs;
+ }
}
std::vector<std::pair<std::shared_ptr<IFactory>, Descriptor>> kDescPair;
@@ -157,6 +306,20 @@
GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(VolumeParamTest);
+INSTANTIATE_TEST_SUITE_P(VolumeTest, VolumeDataTest,
+ testing::ValuesIn(EffectFactoryHelper::getAllEffectDescriptors(
+ IFactory::descriptor, getEffectTypeUuidVolume())),
+ [](const testing::TestParamInfo<VolumeDataTest::ParamType>& info) {
+ auto descriptor = info.param;
+ std::string name = getPrefix(descriptor.second);
+ std::replace_if(
+ name.begin(), name.end(),
+ [](const char c) { return !std::isalnum(c); }, '_');
+ return name;
+ });
+
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(VolumeDataTest);
+
int main(int argc, char** argv) {
::testing::InitGoogleTest(&argc, argv);
::testing::UnitTest::GetInstance()->listeners().Append(new TestExecutionTracer());
diff --git a/gnss/1.1/vts/functional/gnss_hal_test.cpp b/gnss/1.1/vts/functional/gnss_hal_test.cpp
index 6663a19..5ec9806 100644
--- a/gnss/1.1/vts/functional/gnss_hal_test.cpp
+++ b/gnss/1.1/vts/functional/gnss_hal_test.cpp
@@ -168,8 +168,7 @@
manager->listManifestByInterface(
"android.hardware.gnss@1.1::IGnss",
[&hasGnssHalVersion_1_1](const hidl_vec<hidl_string>& registered) {
- ASSERT_EQ(1, registered.size());
- hasGnssHalVersion_1_1 = true;
+ hasGnssHalVersion_1_1 = registered.size() != 0;
});
bool hasGnssHalVersion_2_0 = false;
diff --git a/staging/security/see/storage/aidl/Android.bp b/staging/security/see/storage/aidl/Android.bp
new file mode 100644
index 0000000..f669be8
--- /dev/null
+++ b/staging/security/see/storage/aidl/Android.bp
@@ -0,0 +1,26 @@
+package {
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+aidl_interface {
+ name: "android.hardware.security.see.storage",
+ unstable: true,
+ host_supported: true,
+ srcs: [
+ "android/hardware/security/see/storage/*.aidl",
+ ],
+ backend: {
+ java: {
+ enabled: false,
+ },
+ cpp: {
+ enabled: true,
+ },
+ ndk: {
+ enabled: true,
+ },
+ rust: {
+ enabled: true,
+ },
+ },
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/CreationMode.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/CreationMode.aidl
new file mode 100644
index 0000000..1c65038
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/CreationMode.aidl
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+enum CreationMode {
+ /** Returns an error if the file does not already exist. */
+ NO_CREATE,
+
+ /** Creates the file or returns an error if it already exists. */
+ CREATE_EXCLUSIVE,
+
+ /** Creates the file if it does not already exist. */
+ CREATE,
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/DeleteOptions.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/DeleteOptions.aidl
new file mode 100644
index 0000000..1a94eb2
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/DeleteOptions.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+import android.hardware.security.see.storage.ReadIntegrity;
+
+parcelable DeleteOptions {
+ /**
+ * Set to acknowledge possible files tampering.
+ *
+ * If unacknowledged tampering is detected, the operation will fail with an ERR_FS_*
+ * service-specific code.
+ */
+ ReadIntegrity readIntegrity = ReadIntegrity.NO_TAMPER;
+
+ /**
+ * Allow writes to succeed while the filesystem is in the middle of an A/B update.
+ *
+ * If the A/B update fails, the operation will be rolled back. This rollback will not
+ * cause subsequent operations fail with any ERR_FS_* code nor will need to be
+ * acknowledged by setting the `readIntegrity`.
+ */
+ boolean allowWritesDuringAbUpdate = false;
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileAvailability.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileAvailability.aidl
new file mode 100644
index 0000000..d339170
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileAvailability.aidl
@@ -0,0 +1,25 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+/** Determines how early during the boot process file is able to be accessed. */
+enum FileAvailability {
+ /** Available before userdata is mounted, but after android has booted. */
+ BEFORE_USERDATA,
+
+ /** Available after userdata is mounted. */
+ AFTER_USERDATA,
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileIntegrity.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileIntegrity.aidl
new file mode 100644
index 0000000..1879b16
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileIntegrity.aidl
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+enum FileIntegrity {
+ /** REE may prevent operations, but cannot alter data once written. */
+ TAMPER_PROOF_AT_REST,
+
+ /**
+ * REE may alter written data, but changes will be detected and reported as
+ * an error on read.
+ */
+ TAMPER_DETECT,
+
+ /**
+ * REE may alter written data. Changes other than full filesystem resets will be detected and
+ * reported.
+ */
+ TAMPER_DETECT_IGNORE_RESET,
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileMode.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileMode.aidl
new file mode 100644
index 0000000..18a2eae
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileMode.aidl
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+enum FileMode {
+ /** The file may only be read from. */
+ READ_ONLY,
+
+ /** The file may only be written to. */
+ WRITE_ONLY,
+
+ /** The file may be both read from and written to. */
+ READ_WRITE,
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileProperties.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileProperties.aidl
new file mode 100644
index 0000000..733b5b0
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/FileProperties.aidl
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+import android.hardware.security.see.storage.FileAvailability;
+import android.hardware.security.see.storage.FileIntegrity;
+
+parcelable FileProperties {
+ FileIntegrity integrity = FileIntegrity.TAMPER_PROOF_AT_REST;
+ FileAvailability availability = FileAvailability.BEFORE_USERDATA;
+
+ /** Whether the file is reset when user data is wiped. */
+ boolean persistent;
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/IDir.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IDir.aidl
new file mode 100644
index 0000000..a0a9f3d
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IDir.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+/** The interface for an open directory */
+interface IDir {
+ /**
+ * Gets the next batch of filenames in this directory.
+ *
+ * Calling multiple times will return different results as the IDir iterates through all the
+ * files it contains. When all filenames have been returned, all successive calls will return an
+ * empty list.
+ *
+ * @maxCount:
+ * the maximum number of filenames to return. A @maxCount of 0 signifies no limit on the
+ * number of filenames returned.
+ *
+ * Returns:
+ * An ordered list of filenames. If @maxCount > 0, the length of the returned list will be
+ * less than or equal to @maxCount.
+ *
+ * May return service-specific errors:
+ * - ERR_FS_* if the filesystem has been tampered with in a way that the `readIntegrity` the
+ * dir was opened with does not acknowledge
+ */
+ @utf8InCpp String[] readNextFilenames(int maxCount);
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/IFile.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IFile.aidl
new file mode 100644
index 0000000..ff26aa4
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IFile.aidl
@@ -0,0 +1,95 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+import android.hardware.security.see.storage.CreationMode;
+
+/** The interface for an open file */
+interface IFile {
+ /**
+ * Read bytes from this file.
+ *
+ * @size:
+ * the size (in bytes) of the segment to read. If @size is larger than the service's maximum
+ * read size, the call will return an error (EX_ILLEGAL_ARGUMENT).
+ * @offset:
+ * the offset (in bytes) at which to start reading
+ *
+ * Return:
+ * the sequence of bytes at [offset, offset + size) in the file
+ *
+ * May return service-specific errors:
+ * - ERR_FS_* if the filesystem has been tampered with in a way that the `readIntegrity` the
+ * file was opened with does not acknowledge
+ */
+ byte[] read(long size, long offset);
+
+ /**
+ * Write the bytes in `buffer` to this file.
+ *
+ * @offset:
+ * the offset (in bytes) at which to start writing
+ *
+ * Return:
+ * the number of bytes written successfully
+ *
+ * May return service-specific errors:
+ * - ERR_FS_* if the filesystem has been tampered with in a way that the `readIntegrity` the
+ * file was opened with does not acknowledge
+ */
+ long write(long offset, in byte[] buffer);
+
+ /**
+ * Reads this file's size.
+ *
+ * May return service-specific errors:
+ * - ERR_FS_* if the filesystem has been tampered with in a way that the `readIntegrity` the
+ * file was opened with does not acknowledge
+ */
+ long getSize();
+
+ /**
+ * Sets this file's size.
+ *
+ * Truncates the file if `new_size` is less than the current size. If `new_size` is greater than
+ * the current size, the file will be extended with zeroed data.
+ *
+ * @newSize:
+ * the file's new size
+ *
+ * May return service-specific errors:
+ * - ERR_FS_* if the filesystem has been tampered with in a way that the `readIntegrity` the
+ * file was opened with does not acknowledge
+ */
+ void setSize(long newSize);
+
+ /**
+ * Renames this file.
+ *
+ * @destPath:
+ * the file's new path, relative to filesystem root
+ * @destCreateMode:
+ * controls creation behavior of the dest file
+ *
+ * May return service-specific errors:
+ * - ERR_NOT_FOUND if no file exists at @destPath and @destCreateMode is `NO_CREATE`
+ * - ERR_ALREADY_EXISTS if a file already exists at @destPath and @destCreateMode is
+ * `CREATE_EXCLUSIVE`
+ * - ERR_FS_* if the filesystem has been tampered with in a way that the `readIntegrity` the
+ * file was opened with does not acknowledge
+ */
+ void rename(in @utf8InCpp String destPath, in CreationMode destCreateMode);
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/ISecureStorage.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/ISecureStorage.aidl
new file mode 100644
index 0000000..be3c045
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/ISecureStorage.aidl
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+import android.hardware.security.see.storage.FileProperties;
+import android.hardware.security.see.storage.IStorageSession;
+
+/**
+ * Interface for the Secure Storage HAL
+ *
+ * Creates sessions which can be used to access storage.
+ */
+interface ISecureStorage {
+ const int ERR_UNSUPPORTED_PROPERTIES = 1;
+ const int ERR_NOT_FOUND = 2;
+ const int ERR_ALREADY_EXISTS = 3;
+ const int ERR_BAD_TRANSACTION = 4;
+
+ const int ERR_FS_RESET = 5;
+ const int ERR_FS_ROLLED_BACK = 6;
+ const int ERR_FS_TAMPERED = 7;
+
+ /**
+ * Starts a storage session for a filesystem.
+ *
+ * @properties:
+ * the minimum filesystem properties requested for the session.
+ *
+ * May return service-specific errors:
+ * - ERR_UNSUPPORTED_PROPERTIES if no filesystems exist which meet the minimum requested
+ * requirements
+ */
+ IStorageSession startSession(in FileProperties properties);
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/IStorageSession.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IStorageSession.aidl
new file mode 100644
index 0000000..cd126b8
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/IStorageSession.aidl
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+import android.hardware.security.see.storage.DeleteOptions;
+import android.hardware.security.see.storage.IDir;
+import android.hardware.security.see.storage.IFile;
+import android.hardware.security.see.storage.OpenOptions;
+import android.hardware.security.see.storage.ReadIntegrity;
+import android.hardware.security.see.storage.RenameOptions;
+
+/**
+ * Interface for a Secure Storage session
+ *
+ * When the connection is opened, it will start a transaction and any changes made through this
+ * session or the interfaces this session returns will be added to this transaction's pending
+ * changes. Calling `CommitChanges`/`AbandonChanges` will commit/abandon these pending changes, and
+ * start a new, empty transaction. The interfaces this session returns _remain_ valid across
+ * transactions; it is not necessary, for example, to reopen a file after a commit.
+ *
+ * Any changes still pending when the session is dropped will be abandoned.
+ */
+interface IStorageSession {
+ /**
+ * Commits any pending changes made through this session to storage.
+ *
+ * The session will no longer have pending changes after this call returns. Files may then still
+ * be modified through this session to create another commit.
+ *
+ * May return service-specific errors:
+ * - ERR_BAD_TRANSACTION
+ */
+ void commitChanges();
+
+ /**
+ * Abandons any pending changes made through this session.
+ *
+ * The session can then be reused to make new changes.
+ */
+ void abandonChanges();
+
+ /**
+ * Opens a secure file for writing and/or reading.
+ *
+ * Changes made to the file are part of the current transaction. Dropping this session
+ * invalidates the returned `IFile` interface
+ *
+ * @filePath:
+ * path to the file, relative to filesystem root
+ * @options:
+ * options controlling opening behavior
+ *
+ * May return service-specific errors:
+ * - ERR_NOT_FOUND
+ * - ERR_ALREADY_EXISTS
+ * - ERR_FS_* if the filesystem has been tampered with in a way that @options.readIntegrity
+ * does not acknowledge
+ */
+ IFile openFile(in @utf8InCpp String filePath, in OpenOptions options);
+
+ /**
+ * Delete a file.
+ *
+ * @filePath:
+ * path to the file, relative to filesystem root
+ * @options:
+ * options controlling deletion behavior
+ *
+ * May return service-specific errors:
+ * - ERR_NOT_FOUND
+ * - ERR_FS_* if the filesystem has been tampered with in a way that @options.readIntegrity
+ * does not acknowledge
+ */
+ void deleteFile(in @utf8InCpp String filePath, in DeleteOptions options);
+
+ /**
+ * Renames an existing file.
+ *
+ * The file must not already be opened. (If it is, use `IFile::rename`.)
+ *
+ * @currentPath:
+ * path to the file, relative to filesystem root
+ * @destPath:
+ * the file's new path, relative to filesystem root
+ * @options:
+ * options controlling rename behavior
+ *
+ * May return service-specific errors:
+ * - ERR_NOT_FOUND if no file exists at @currentPath, or if @options.destCreateMode is
+ * `NO_CREATE` and no file exists at @destPath
+ * - ERR_ALREADY_EXISTS if @options.destCreateMode is `CREATE_EXCLUSIVE` and a file exists at
+ * @destPath
+ * - ERR_FS_* if the filesystem has been tampered with in a way that @options.readIntegrity
+ * does not acknowledge
+ */
+ void renameFile(in @utf8InCpp String currentPath, in @utf8InCpp String destPath,
+ in RenameOptions options);
+
+ /**
+ * Opens a directory from a filesystem with the given properties.
+ *
+ * Dropping this session invalidates the returned `IDir` interface.
+ *
+ * @path:
+ * path to the directory, relative to filesystem root
+ * @readIntegrity:
+ * allow opening (and subsequent read/write operations) despite possible tampering for the
+ * directory
+ *
+ * May return service-specific errors:
+ * - ERR_NOT_FOUND
+ * - ERR_FS_* if the filesystem has been tampered with in a way that @readIntegrity does not
+ * acknowledge
+ */
+ IDir openDir(in @utf8InCpp String path, in ReadIntegrity readIntegrity);
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/OpenOptions.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/OpenOptions.aidl
new file mode 100644
index 0000000..997ca62
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/OpenOptions.aidl
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+import android.hardware.security.see.storage.CreationMode;
+import android.hardware.security.see.storage.FileMode;
+import android.hardware.security.see.storage.ReadIntegrity;
+
+parcelable OpenOptions {
+ /** Controls creation behavior of the to-be-opened file. See `CreationMode` docs for details. */
+ CreationMode createMode = CreationMode.NO_CREATE;
+
+ /** Controls access behavior of the to-be-opened file. See `FileMode` docs for details. */
+ FileMode accessMode = FileMode.READ_WRITE;
+
+ /**
+ * Set to acknowledge possible files tampering.
+ *
+ * If unacknowledged tampering is detected, the operation will fail with an ERR_FS_*
+ * service-specific code.
+ */
+ ReadIntegrity readIntegrity = ReadIntegrity.NO_TAMPER;
+
+ /**
+ * If this file already exists, discard existing content and open
+ * it as a new file. No semantic change if the file does not exist.
+ */
+ boolean truncateOnOpen;
+
+ /**
+ * Allow writes to succeed while the filesystem is in the middle of an A/B update.
+ *
+ * If the A/B update fails, the operation will be rolled back. This rollback will not
+ * cause subsequent operations fail with any ERR_FS_* code nor will need to be
+ * acknowledged by setting the `readIntegrity`.
+ */
+ boolean allowWritesDuringAbUpdate = false;
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/ReadIntegrity.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/ReadIntegrity.aidl
new file mode 100644
index 0000000..cc0e4f9
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/ReadIntegrity.aidl
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+enum ReadIntegrity {
+ /**
+ * Return an error on reads if any REE alteration of the written data
+ * has been detected.
+ */
+ NO_TAMPER,
+
+ /**
+ * Return an error on reads if any REE alteration other than a reset
+ * has been detected.
+ */
+ IGNORE_RESET,
+
+ /**
+ * Return an error if any REE alteration other than a rollback to a
+ * valid checkpoint has been detected. (What makes a checkpoint valid is
+ * implementation defined; an implementation might take a checkpoint on its
+ * first post-factory boot. A reset is a rollback to the initial state.)
+ */
+ IGNORE_ROLLBACK,
+
+ // There's no `IGNORE_ALL` because if REE has done any alteration other
+ // than a rollback, the file contents will be known-bad data.
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/RenameOptions.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/RenameOptions.aidl
new file mode 100644
index 0000000..f55ea7f
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/RenameOptions.aidl
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+import android.hardware.security.see.storage.CreationMode;
+import android.hardware.security.see.storage.ReadIntegrity;
+
+parcelable RenameOptions {
+ /** Controls creation behavior of the dest file. See `CreationMode` docs for details. */
+ CreationMode destCreateMode = CreationMode.CREATE_EXCLUSIVE;
+
+ /**
+ * Set to acknowledge possible files tampering.
+ *
+ * If unacknowledged tampering is detected, the operation will fail with an ERR_FS_*
+ * service-specific code.
+ */
+ ReadIntegrity readIntegrity = ReadIntegrity.NO_TAMPER;
+
+ /**
+ * Allow writes to succeed while the filesystem is in the middle of an A/B update.
+ *
+ * If the A/B update fails, the operation will be rolled back. This rollback will not
+ * cause subsequent operations fail with any ERR_FS_* code nor will need to be
+ * acknowledged by setting the `readIntegrity`.
+ */
+ boolean allowWritesDuringAbUpdate = false;
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/Tamper.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/Tamper.aidl
new file mode 100644
index 0000000..0a39fdd
--- /dev/null
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/Tamper.aidl
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.storage;
+
+/** Specifies types of REE tampering the filesystem may detect */
+enum Tamper {
+ /** REE has reset this file or the containing file system. */
+ RESET,
+
+ /** REE has rolled back this file or the containing file system to a previous state. */
+ ROLLBACK,
+
+ /** REE has made some other modification to the file. */
+ OTHER,
+}