Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / e7e4b60c13cbf953bdcb5cda4fa6d4cdb245c775^2..e7e4b60c13cbf953bdcb5cda4fa6d4cdb245c775 / .
commite7e4b60c13cbf953bdcb5cda4fa6d4cdb245c775[log] [tgz]
authorTreehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>Thu Nov 30 22:48:12 2023 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Thu Nov 30 22:48:12 2023 +0000
tree5b81ba2bd1ec8f9a94b6967f12af7ca226216dbc
parentf15937d31527e2a730370ebb451bf94114dfa424 [diff]
parent60a76f0e0474999ac9976243537a9560e269c871 [diff]
Merge "Fix testListProperties test." into main
diff --git a/audio/effect/4.0/xml/Android.bp b/audio/effect/4.0/xml/Android.bp
index 8c03a35..bdffe60 100644
--- a/audio/effect/4.0/xml/Android.bp
+++ b/audio/effect/4.0/xml/Android.bp

@@ -9,9 +9,9 @@
 
 genrule {
     name: "audio_effects_conf_V4_0",
-    srcs: ["audio_effects_conf.xsd"],
+    srcs: [":audio_effects_conf_V2_0"],
     out: [
         "audio_effects_conf_V4_0.xsd",
     ],
-    cmd: "cp -f $(in) $(genDir)/audio_effects_conf_V4_0.xsd",
+    cmd: "cp -f $(in) $(out)",
 }

diff --git a/audio/effect/4.0/xml/audio_effects_conf.xsd b/audio/effect/4.0/xml/audio_effects_conf.xsd
deleted file mode 120000
index 9d85fa7..0000000
--- a/audio/effect/4.0/xml/audio_effects_conf.xsd
+++ /dev/null

@@ -1 +0,0 @@
-../../2.0/xml/audio_effects_conf.xsd
\ No newline at end of file

diff --git a/security/rkp/README.md b/security/rkp/README.md
index 15ea817..71f70cb 100644
--- a/security/rkp/README.md
+++ b/security/rkp/README.md

@@ -190,3 +190,30 @@
 *   [RpcHardwareInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl)
 *   [DeviceInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/DeviceInfo.aidl)
 
+### Support for Android Virtualization Framework
+
+The Android Virtualization Framwork (AVF) relies on RKP to provision keys for VMs. A
+privileged vm, the RKP VM, is reponsible for generating and managing the keys for client
+VMs that run virtualized workloads. See the following for more background information on the
+RKP VM:
+*    [rkp-vm]: https://android.googlesource.com/platform/packages/modules/Virtualization/+/main/service_vm/README.md#rkp-vm-remote-key-provisioning-virtual-machine
+*    [rkp-service]: https://source.android.com/docs/core/ota/modular-system/remote-key-provisioning#stack-architecture
+
+It is important to distinquish the RKP VM from other components, such as KeyMint. An
+[RKP VM marker](https://pigweed.googlesource.com/open-dice/+/HEAD/docs/android.md#configuration-descriptor)
+(key `-70006) is used for this purpose. The existence or absence of this marker is used to
+identify the type of component decribed by a given DICE chain.
+
+The following describes which certificate types may be request based on the RKP VM marker:
+1. "rkp-vm": If a DICE chain has zero or more certificates without the RKP VM
+   marker followed by one or more certificates with the marker, then that chain
+   describes an RKP VM. If there are further certificates without the RKP VM
+   marker, then the chain does not describe an RKP VM.
+
+   Implementations must include the first RPK VM marker as early as possible
+   after the point of divergence between TEE and non-TEE components in the DICE
+   chain, prior to loading the Android Bootloader (ABL).
+2. "widevine" or "keymint": If there are no certificates with the RKP VM
+   marker then it describes a TEE component.
+3. None: Any component described by a DICE chain that does not match the above
+   two categories.
\ No newline at end of file

diff --git a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
index 61404d4..3c43238 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
+++ b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl

@@ -14,8 +14,9 @@
 ; be extended without requiring a version bump of the HAL. Custom certificate types may
 ; be used, but the provisioning server may reject the request for an unknown certificate
 ; type. The currently defined certificate types are:
-;  - "widevine"
-;  - "keymint"
+;  * "widevine" -- Widevine content protection system
+;  * "keymint"  -- KeyMint HAL
+;  * "rkp-vm"   -- See "Support for Android Virtualization Framework" in the README.md file.
 CertificateType = tstr
 
 KeysToSign = [ * PublicKey ]   ; Please see PublicKey.cddl for the PublicKey definition.
@@ -112,6 +113,7 @@
     ? -70003 : int / tstr,                   ; Component version
     ? -70004 : null,                         ; Resettable
     ? -70005 : uint,                         ; Security version
+    ? -70006 : null,                         ; RKP VM marker
 }
 
 ; Each entry in the DICE chain is a DiceChainEntryPayload signed by the key from the previous

diff --git a/wifi/supplicant/aidl/aidl_api/android.hardware.wifi.supplicant/current/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl b/wifi/supplicant/aidl/aidl_api/android.hardware.wifi.supplicant/current/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl
index bfc05a4..23017e8 100644
--- a/wifi/supplicant/aidl/aidl_api/android.hardware.wifi.supplicant/current/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl
+++ b/wifi/supplicant/aidl/aidl_api/android.hardware.wifi.supplicant/current/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl

@@ -129,6 +129,7 @@
   void setRoamingConsortiumSelection(in byte[] selectedRcoi);
   void setMinimumTlsVersionEapPhase1Param(android.hardware.wifi.supplicant.TlsVersion tlsVersion);
   void setStrictConservativePeerMode(in boolean enable);
+  void disableEht();
   const int SSID_MAX_LEN_IN_BYTES = 32;
   const int PSK_PASSPHRASE_MIN_LEN_IN_BYTES = 8;
   const int PSK_PASSPHRASE_MAX_LEN_IN_BYTES = 63;

diff --git a/wifi/supplicant/aidl/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl b/wifi/supplicant/aidl/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl
index 750cf72..9fece4e 100644
--- a/wifi/supplicant/aidl/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl
+++ b/wifi/supplicant/aidl/android/hardware/wifi/supplicant/ISupplicantStaNetwork.aidl

@@ -1141,4 +1141,16 @@
      *         |SupplicantStatusCode.FAILURE_NETWORK_INVALID|
      */
     void setStrictConservativePeerMode(in boolean enable);
+
+    /**
+     * Disables Extremely High Throughput (EHT) mode, aka Wi-Fi 7 support, for the network. When
+     * EHT is disabled, the device ceases to transmit EHT related Information Elements (IEs),
+     * including multi-link IEs and EHT capability, in subsequent messages such as (Re)Association
+     * requests to the Access Point (AP).
+     *
+     * @throws ServiceSpecificException with one of the following values:
+     *         |SupplicantStatusCode.FAILURE_UNKNOWN|,
+     *         |SupplicantStatusCode.FAILURE_NETWORK_INVALID|
+     */
+    void disableEht();
 }

diff --git a/wifi/supplicant/aidl/vts/functional/supplicant_sta_network_aidl_test.cpp b/wifi/supplicant/aidl/vts/functional/supplicant_sta_network_aidl_test.cpp
index 973b56a..7574141 100644
--- a/wifi/supplicant/aidl/vts/functional/supplicant_sta_network_aidl_test.cpp
+++ b/wifi/supplicant/aidl/vts/functional/supplicant_sta_network_aidl_test.cpp

@@ -822,6 +822,13 @@
               tlsV13Supported);
 }
 
+/*
+ * disableEht
+ */
+TEST_P(SupplicantStaNetworkAidlTest, DisableEht) {
+    EXPECT_TRUE(sta_network_->disableEht().isOk());
+}
+
 GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(SupplicantStaNetworkAidlTest);
 INSTANTIATE_TEST_SUITE_P(Supplicant, SupplicantStaNetworkAidlTest,
                          testing::ValuesIn(android::getAidlHalInstanceNames(