Merge "Minimize dirgroup for Trusty build" into main
diff --git a/audio/aidl/android/hardware/audio/core/stream-out-async-sm.gv b/audio/aidl/android/hardware/audio/core/stream-out-async-sm.gv
index 56b7926..e2da90d 100644
--- a/audio/aidl/android/hardware/audio/core/stream-out-async-sm.gv
+++ b/audio/aidl/android/hardware/audio/core/stream-out-async-sm.gv
@@ -45,6 +45,8 @@
PAUSED -> ACTIVE [label="start"]; // consumer -> active
PAUSED -> IDLE [label="flush"]; // producer -> passive, buffer is cleared
DRAINING -> IDLE [label="←IStreamCallback.onDrainReady"];
+ DRAINING -> DRAINING [label="←IStreamCallback.onDrainReady"]; // allowed for `DRAIN_EARLY_NOTIFY`
+ DRAINING -> IDLE [label="<empty buffer>"]; // allowed for `DRAIN_EARLY_NOTIFY`
DRAINING -> TRANSFERRING [label="burst"]; // producer -> active
DRAINING -> ACTIVE [label="burst"]; // full write
DRAINING -> DRAIN_PAUSED [label="pause"]; // consumer -> passive (not consuming)
diff --git a/audio/aidl/default/Module.cpp b/audio/aidl/default/Module.cpp
index 51b6085..e96cf81 100644
--- a/audio/aidl/default/Module.cpp
+++ b/audio/aidl/default/Module.cpp
@@ -207,9 +207,9 @@
return ndk::ScopedAStatus::fromExceptionCode(EX_ILLEGAL_ARGUMENT);
}
const auto& flags = portConfigIt->flags.value();
- StreamContext::DebugParameters params{mDebug.streamTransientStateDelayMs,
- mVendorDebug.forceTransientBurst,
- mVendorDebug.forceSynchronousDrain};
+ StreamContext::DebugParameters params{
+ mDebug.streamTransientStateDelayMs, mVendorDebug.forceTransientBurst,
+ mVendorDebug.forceSynchronousDrain, mVendorDebug.forceDrainToDraining};
std::unique_ptr<StreamContext::DataMQ> dataMQ = nullptr;
std::shared_ptr<IStreamCallback> streamAsyncCallback = nullptr;
std::shared_ptr<ISoundDose> soundDose;
@@ -1524,6 +1524,7 @@
const std::string Module::VendorDebug::kForceTransientBurstName = "aosp.forceTransientBurst";
const std::string Module::VendorDebug::kForceSynchronousDrainName = "aosp.forceSynchronousDrain";
+const std::string Module::VendorDebug::kForceDrainToDrainingName = "aosp.forceDrainToDraining";
ndk::ScopedAStatus Module::getVendorParameters(const std::vector<std::string>& in_ids,
std::vector<VendorParameter>* _aidl_return) {
@@ -1538,6 +1539,10 @@
VendorParameter forceSynchronousDrain{.id = id};
forceSynchronousDrain.ext.setParcelable(Boolean{mVendorDebug.forceSynchronousDrain});
_aidl_return->push_back(std::move(forceSynchronousDrain));
+ } else if (id == VendorDebug::kForceDrainToDrainingName) {
+ VendorParameter forceDrainToDraining{.id = id};
+ forceDrainToDraining.ext.setParcelable(Boolean{mVendorDebug.forceDrainToDraining});
+ _aidl_return->push_back(std::move(forceDrainToDraining));
} else {
allParametersKnown = false;
LOG(VERBOSE) << __func__ << ": " << mType << ": unrecognized parameter \"" << id << "\"";
@@ -1578,6 +1583,10 @@
if (!extractParameter<Boolean>(p, &mVendorDebug.forceSynchronousDrain)) {
return ndk::ScopedAStatus::fromExceptionCode(EX_ILLEGAL_ARGUMENT);
}
+ } else if (p.id == VendorDebug::kForceDrainToDrainingName) {
+ if (!extractParameter<Boolean>(p, &mVendorDebug.forceDrainToDraining)) {
+ return ndk::ScopedAStatus::fromExceptionCode(EX_ILLEGAL_ARGUMENT);
+ }
} else {
allParametersKnown = false;
LOG(VERBOSE) << __func__ << ": " << mType << ": unrecognized parameter \"" << p.id
diff --git a/audio/aidl/default/Stream.cpp b/audio/aidl/default/Stream.cpp
index 3d7f30c..4525f6a 100644
--- a/audio/aidl/default/Stream.cpp
+++ b/audio/aidl/default/Stream.cpp
@@ -382,8 +382,20 @@
const std::string StreamOutWorkerLogic::kThreadName = "writer";
StreamOutWorkerLogic::Status StreamOutWorkerLogic::cycle() {
- if (mState == StreamDescriptor::State::DRAINING ||
- mState == StreamDescriptor::State::TRANSFERRING) {
+ if (mState == StreamDescriptor::State::DRAINING && mContext->getForceDrainToDraining() &&
+ mOnDrainReadyStatus == OnDrainReadyStatus::UNSENT) {
+ std::shared_ptr<IStreamCallback> asyncCallback = mContext->getAsyncCallback();
+ if (asyncCallback != nullptr) {
+ ndk::ScopedAStatus status = asyncCallback->onDrainReady();
+ if (!status.isOk()) {
+ LOG(ERROR) << __func__ << ": error from onDrainReady: " << status;
+ }
+ // This sets the timeout for moving into IDLE on next iterations.
+ switchToTransientState(StreamDescriptor::State::DRAINING);
+ mOnDrainReadyStatus = OnDrainReadyStatus::SENT;
+ }
+ } else if (mState == StreamDescriptor::State::DRAINING ||
+ mState == StreamDescriptor::State::TRANSFERRING) {
if (auto stateDurationMs = std::chrono::duration_cast<std::chrono::milliseconds>(
std::chrono::steady_clock::now() - mTransientStateStart);
stateDurationMs >= mTransientStateDelayMs) {
@@ -396,9 +408,12 @@
// drain or transfer completion. In the stub, we switch unconditionally.
if (mState == StreamDescriptor::State::DRAINING) {
mState = StreamDescriptor::State::IDLE;
- ndk::ScopedAStatus status = asyncCallback->onDrainReady();
- if (!status.isOk()) {
- LOG(ERROR) << __func__ << ": error from onDrainReady: " << status;
+ if (mOnDrainReadyStatus != OnDrainReadyStatus::SENT) {
+ ndk::ScopedAStatus status = asyncCallback->onDrainReady();
+ if (!status.isOk()) {
+ LOG(ERROR) << __func__ << ": error from onDrainReady: " << status;
+ }
+ mOnDrainReadyStatus = OnDrainReadyStatus::SENT;
}
} else {
mState = StreamDescriptor::State::ACTIVE;
@@ -537,6 +552,10 @@
mState = StreamDescriptor::State::IDLE;
} else {
switchToTransientState(StreamDescriptor::State::DRAINING);
+ mOnDrainReadyStatus =
+ mode == StreamDescriptor::DrainMode::DRAIN_EARLY_NOTIFY
+ ? OnDrainReadyStatus::UNSENT
+ : OnDrainReadyStatus::IGNORE;
}
} else {
LOG(ERROR) << __func__ << ": drain failed: " << status;
diff --git a/audio/aidl/default/include/core-impl/Module.h b/audio/aidl/default/include/core-impl/Module.h
index 7e32cf2..d03598a 100644
--- a/audio/aidl/default/include/core-impl/Module.h
+++ b/audio/aidl/default/include/core-impl/Module.h
@@ -148,8 +148,10 @@
struct VendorDebug {
static const std::string kForceTransientBurstName;
static const std::string kForceSynchronousDrainName;
+ static const std::string kForceDrainToDrainingName;
bool forceTransientBurst = false;
bool forceSynchronousDrain = false;
+ bool forceDrainToDraining = false;
};
// ids of device ports created at runtime via 'connectExternalDevice'.
// Also stores a list of ids of mix ports with dynamic profiles that were populated from
diff --git a/audio/aidl/default/include/core-impl/Stream.h b/audio/aidl/default/include/core-impl/Stream.h
index f7b9269..8297fc5 100644
--- a/audio/aidl/default/include/core-impl/Stream.h
+++ b/audio/aidl/default/include/core-impl/Stream.h
@@ -78,6 +78,10 @@
bool forceTransientBurst = false;
// Force the "drain" command to be synchronous, going directly to the IDLE state.
bool forceSynchronousDrain = false;
+ // Force the "drain early notify" command to keep the SM in the DRAINING state
+ // after sending 'onDrainReady' callback. The SM moves to IDLE after
+ // 'transientStateDelayMs'.
+ bool forceDrainToDraining = false;
};
StreamContext() = default;
@@ -119,6 +123,7 @@
::aidl::android::media::audio::common::AudioIoFlags getFlags() const { return mFlags; }
bool getForceTransientBurst() const { return mDebugParameters.forceTransientBurst; }
bool getForceSynchronousDrain() const { return mDebugParameters.forceSynchronousDrain; }
+ bool getForceDrainToDraining() const { return mDebugParameters.forceDrainToDraining; }
size_t getFrameSize() const;
int getInternalCommandCookie() const { return mInternalCommandCookie; }
int32_t getMixPortHandle() const { return mMixPortHandle; }
@@ -301,6 +306,9 @@
bool write(size_t clientSize, StreamDescriptor::Reply* reply);
std::shared_ptr<IStreamOutEventCallback> mEventCallback;
+
+ enum OnDrainReadyStatus : int32_t { IGNORE /*used for DRAIN_ALL*/, UNSENT, SENT };
+ OnDrainReadyStatus mOnDrainReadyStatus = OnDrainReadyStatus::IGNORE;
};
using StreamOutWorker = StreamWorkerImpl<StreamOutWorkerLogic>;
diff --git a/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp b/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
index 6bfba65..6bce107 100644
--- a/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
@@ -117,6 +117,10 @@
using ndk::enum_range;
using ndk::ScopedAStatus;
+static constexpr int32_t kAidlVersion1 = 1;
+static constexpr int32_t kAidlVersion2 = 2;
+static constexpr int32_t kAidlVersion3 = 3;
+
template <typename T>
std::set<int32_t> extractIds(const std::vector<T>& v) {
std::set<int32_t> ids;
@@ -452,7 +456,6 @@
// This is implemented by the 'StreamFixture' utility class.
static constexpr int kNegativeTestBufferSizeFrames = 256;
static constexpr int kDefaultLargeBufferSizeFrames = 48000;
- static constexpr int32_t kAidlVersion3 = 3;
void SetUpImpl(const std::string& moduleName, bool setUpDebug = true) {
ASSERT_NO_FATAL_FAILURE(ConnectToService(moduleName, setUpDebug));
@@ -582,7 +585,7 @@
std::unique_ptr<WithDebugFlags> debug;
std::vector<AudioPort> initialPorts;
std::vector<AudioRoute> initialRoutes;
- int32_t aidlVersion;
+ int32_t aidlVersion = -1;
};
class WithDevicePortConnectedState {
@@ -1837,6 +1840,7 @@
}
TEST_P(AudioCoreModule, SetAudioPortConfigInvalidPortAudioGain) {
+ ASSERT_GE(aidlVersion, kAidlVersion1);
if (aidlVersion < kAidlVersion3) {
GTEST_SKIP() << "Skip for audio HAL version lower than " << kAidlVersion3;
}
@@ -4021,6 +4025,7 @@
enum {
NAMED_CMD_NAME,
+ NAMED_CMD_MIN_INTERFACE_VERSION,
NAMED_CMD_DELAY_MS,
NAMED_CMD_STREAM_TYPE,
NAMED_CMD_CMDS,
@@ -4028,7 +4033,7 @@
};
enum class StreamTypeFilter { ANY, SYNC, ASYNC };
using NamedCommandSequence =
- std::tuple<std::string, int /*cmdDelayMs*/, StreamTypeFilter,
+ std::tuple<std::string, int /*minInterfaceVersion*/, int /*cmdDelayMs*/, StreamTypeFilter,
std::shared_ptr<StateSequence>, bool /*validatePositionIncrease*/>;
enum { PARAM_MODULE_NAME, PARAM_CMD_SEQ, PARAM_SETUP_SEQ };
using StreamIoTestParameters =
@@ -4039,6 +4044,12 @@
public:
void SetUp() override {
ASSERT_NO_FATAL_FAILURE(SetUpImpl(std::get<PARAM_MODULE_NAME>(GetParam())));
+ ASSERT_GE(aidlVersion, kAidlVersion1);
+ if (const int minVersion =
+ std::get<NAMED_CMD_MIN_INTERFACE_VERSION>(std::get<PARAM_CMD_SEQ>(GetParam()));
+ aidlVersion < minVersion) {
+ GTEST_SKIP() << "Skip for audio HAL version lower than " << minVersion;
+ }
ASSERT_NO_FATAL_FAILURE(SetUpModuleConfig());
}
@@ -4048,6 +4059,20 @@
if (allPortConfigs.empty()) {
GTEST_SKIP() << "No mix ports have attached devices";
}
+ const auto& commandsAndStates =
+ std::get<NAMED_CMD_CMDS>(std::get<PARAM_CMD_SEQ>(GetParam()));
+ const bool validatePositionIncrease =
+ std::get<NAMED_CMD_VALIDATE_POS_INCREASE>(std::get<PARAM_CMD_SEQ>(GetParam()));
+ auto runStreamIoCommands = [&](const AudioPortConfig& portConfig) {
+ if (!std::get<PARAM_SETUP_SEQ>(GetParam())) {
+ ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq1(portConfig, commandsAndStates,
+ validatePositionIncrease));
+ } else {
+ ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq2(portConfig, commandsAndStates,
+ validatePositionIncrease));
+ }
+ };
+
for (const auto& portConfig : allPortConfigs) {
auto port = moduleConfig->getPort(portConfig.portId);
ASSERT_TRUE(port.has_value());
@@ -4075,16 +4100,18 @@
delayTransientStates.flags().streamTransientStateDelayMs =
std::get<NAMED_CMD_DELAY_MS>(std::get<PARAM_CMD_SEQ>(GetParam()));
ASSERT_NO_FATAL_FAILURE(delayTransientStates.SetUp(module.get()));
- const auto& commandsAndStates =
- std::get<NAMED_CMD_CMDS>(std::get<PARAM_CMD_SEQ>(GetParam()));
- const bool validatePositionIncrease =
- std::get<NAMED_CMD_VALIDATE_POS_INCREASE>(std::get<PARAM_CMD_SEQ>(GetParam()));
- if (!std::get<PARAM_SETUP_SEQ>(GetParam())) {
- ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq1(portConfig, commandsAndStates,
- validatePositionIncrease));
- } else {
- ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq2(portConfig, commandsAndStates,
- validatePositionIncrease));
+ ASSERT_NO_FATAL_FAILURE(runStreamIoCommands(portConfig));
+ if (aidlVersion >= kAidlVersion3 && isNonBlocking && !IOTraits<Stream>::is_input) {
+ // Also try running the same sequence with "aosp.forceDrainToDraining" set.
+ // This will only work with the default implementation. When it works, the stream
+ // tries always to move to the 'DRAINING' state after an "early notify" drain.
+ // This helps to check more paths for our test scenarios.
+ WithModuleParameter forceDrainToDraining("aosp.forceDrainToDraining",
+ Boolean{true});
+ if (forceDrainToDraining.SetUpNoChecks(module.get(), true /*failureExpected*/)
+ .isOk()) {
+ ASSERT_NO_FATAL_FAILURE(runStreamIoCommands(portConfig));
+ }
}
if (isNonBlocking) {
// Also try running the same sequence with "aosp.forceTransientBurst" set.
@@ -4094,13 +4121,7 @@
WithModuleParameter forceTransientBurst("aosp.forceTransientBurst", Boolean{true});
if (forceTransientBurst.SetUpNoChecks(module.get(), true /*failureExpected*/)
.isOk()) {
- if (!std::get<PARAM_SETUP_SEQ>(GetParam())) {
- ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq1(
- portConfig, commandsAndStates, validatePositionIncrease));
- } else {
- ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq2(
- portConfig, commandsAndStates, validatePositionIncrease));
- }
+ ASSERT_NO_FATAL_FAILURE(runStreamIoCommands(portConfig));
}
} else if (!IOTraits<Stream>::is_input) {
// Also try running the same sequence with "aosp.forceSynchronousDrain" set.
@@ -4111,13 +4132,7 @@
Boolean{true});
if (forceSynchronousDrain.SetUpNoChecks(module.get(), true /*failureExpected*/)
.isOk()) {
- if (!std::get<PARAM_SETUP_SEQ>(GetParam())) {
- ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq1(
- portConfig, commandsAndStates, validatePositionIncrease));
- } else {
- ASSERT_NO_FATAL_FAILURE(RunStreamIoCommandsImplSeq2(
- portConfig, commandsAndStates, validatePositionIncrease));
- }
+ ASSERT_NO_FATAL_FAILURE(runStreamIoCommands(portConfig));
}
}
}
@@ -4570,14 +4585,14 @@
return std::make_shared<StateSequenceFollower>(std::move(d));
}
static const NamedCommandSequence kReadSeq =
- std::make_tuple(std::string("Read"), 0, StreamTypeFilter::ANY, makeBurstCommands(true),
- true /*validatePositionIncrease*/);
+ std::make_tuple(std::string("Read"), kAidlVersion1, 0, StreamTypeFilter::ANY,
+ makeBurstCommands(true), true /*validatePositionIncrease*/);
static const NamedCommandSequence kWriteSyncSeq =
- std::make_tuple(std::string("Write"), 0, StreamTypeFilter::SYNC, makeBurstCommands(true),
- true /*validatePositionIncrease*/);
+ std::make_tuple(std::string("Write"), kAidlVersion1, 0, StreamTypeFilter::SYNC,
+ makeBurstCommands(true), true /*validatePositionIncrease*/);
static const NamedCommandSequence kWriteAsyncSeq =
- std::make_tuple(std::string("Write"), 0, StreamTypeFilter::ASYNC, makeBurstCommands(false),
- true /*validatePositionIncrease*/);
+ std::make_tuple(std::string("Write"), kAidlVersion1, 0, StreamTypeFilter::ASYNC,
+ makeBurstCommands(false), true /*validatePositionIncrease*/);
std::shared_ptr<StateSequence> makeAsyncDrainCommands(bool isInput) {
using State = StreamDescriptor::State;
@@ -4606,10 +4621,10 @@
return std::make_shared<StateSequenceFollower>(std::move(d));
}
static const NamedCommandSequence kWriteDrainAsyncSeq = std::make_tuple(
- std::string("WriteDrain"), kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
- makeAsyncDrainCommands(false), false /*validatePositionIncrease*/);
+ std::string("WriteDrain"), kAidlVersion1, kStreamTransientStateTransitionDelayMs,
+ StreamTypeFilter::ASYNC, makeAsyncDrainCommands(false), false /*validatePositionIncrease*/);
static const NamedCommandSequence kDrainInSeq =
- std::make_tuple(std::string("Drain"), 0, StreamTypeFilter::ANY,
+ std::make_tuple(std::string("Drain"), kAidlVersion1, 0, StreamTypeFilter::ANY,
makeAsyncDrainCommands(true), false /*validatePositionIncrease*/);
std::shared_ptr<StateSequence> makeDrainOutCommands(bool isSync) {
@@ -4631,12 +4646,28 @@
return std::make_shared<StateSequenceFollower>(std::move(d));
}
static const NamedCommandSequence kDrainOutSyncSeq =
- std::make_tuple(std::string("Drain"), 0, StreamTypeFilter::SYNC, makeDrainOutCommands(true),
- false /*validatePositionIncrease*/);
+ std::make_tuple(std::string("Drain"), kAidlVersion1, 0, StreamTypeFilter::SYNC,
+ makeDrainOutCommands(true), false /*validatePositionIncrease*/);
static const NamedCommandSequence kDrainOutAsyncSeq =
- std::make_tuple(std::string("Drain"), 0, StreamTypeFilter::ASYNC,
+ std::make_tuple(std::string("Drain"), kAidlVersion3, 0, StreamTypeFilter::ASYNC,
makeDrainOutCommands(false), false /*validatePositionIncrease*/);
+std::shared_ptr<StateSequence> makeDrainEarlyOutCommands() {
+ using State = StreamDescriptor::State;
+ auto d = std::make_unique<StateDag>();
+ StateDag::Node last = d->makeFinalNode(State::IDLE);
+ StateDag::Node draining = d->makeNode(State::DRAINING, kDrainReadyEvent, last);
+ draining.children().push_back(d->makeNode(State::DRAINING, kGetStatusCommand, last));
+ StateDag::Node active = d->makeNode(State::ACTIVE, kDrainOutEarlyCommand, draining);
+ StateDag::Node idle = d->makeNode(State::IDLE, kBurstCommand, active);
+ idle.children().push_back(d->makeNode(State::TRANSFERRING, kTransferReadyEvent, active));
+ d->makeNode(State::STANDBY, kStartCommand, idle);
+ return std::make_shared<StateSequenceFollower>(std::move(d));
+}
+static const NamedCommandSequence kDrainEarlyOutAsyncSeq =
+ std::make_tuple(std::string("DrainEarly"), kAidlVersion3, 0, StreamTypeFilter::ASYNC,
+ makeDrainEarlyOutCommands(), false /*validatePositionIncrease*/);
+
std::shared_ptr<StateSequence> makeDrainPauseOutCommands(bool isSync) {
using State = StreamDescriptor::State;
auto d = std::make_unique<StateDag>();
@@ -4656,12 +4687,33 @@
d->makeNode(State::STANDBY, kStartCommand, idle);
return std::make_shared<StateSequenceFollower>(std::move(d));
}
-static const NamedCommandSequence kDrainPauseOutSyncSeq = std::make_tuple(
- std::string("DrainPause"), kStreamTransientStateTransitionDelayMs, StreamTypeFilter::SYNC,
- makeDrainPauseOutCommands(true), false /*validatePositionIncrease*/);
-static const NamedCommandSequence kDrainPauseOutAsyncSeq = std::make_tuple(
- std::string("DrainPause"), kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
- makeDrainPauseOutCommands(false), false /*validatePositionIncrease*/);
+static const NamedCommandSequence kDrainPauseOutSyncSeq =
+ std::make_tuple(std::string("DrainPause"), kAidlVersion1,
+ kStreamTransientStateTransitionDelayMs, StreamTypeFilter::SYNC,
+ makeDrainPauseOutCommands(true), false /*validatePositionIncrease*/);
+static const NamedCommandSequence kDrainPauseOutAsyncSeq =
+ std::make_tuple(std::string("DrainPause"), kAidlVersion1,
+ kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
+ makeDrainPauseOutCommands(false), false /*validatePositionIncrease*/);
+
+std::shared_ptr<StateSequence> makeDrainEarlyPauseOutCommands() {
+ using State = StreamDescriptor::State;
+ auto d = std::make_unique<StateDag>();
+ StateDag::Node draining = d->makeNodes({std::make_pair(State::DRAINING, kPauseCommand),
+ std::make_pair(State::DRAIN_PAUSED, kStartCommand),
+ std::make_pair(State::DRAINING, kPauseCommand),
+ std::make_pair(State::DRAIN_PAUSED, kBurstCommand)},
+ State::TRANSFER_PAUSED);
+ StateDag::Node active = d->makeNode(State::ACTIVE, kDrainOutEarlyCommand, draining);
+ StateDag::Node idle = d->makeNode(State::IDLE, kBurstCommand, active);
+ idle.children().push_back(d->makeNode(State::TRANSFERRING, kDrainOutEarlyCommand, draining));
+ d->makeNode(State::STANDBY, kStartCommand, idle);
+ return std::make_shared<StateSequenceFollower>(std::move(d));
+}
+static const NamedCommandSequence kDrainEarlyPauseOutAsyncSeq =
+ std::make_tuple(std::string("DrainEarlyPause"), kAidlVersion3,
+ kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
+ makeDrainEarlyPauseOutCommands(), false /*validatePositionIncrease*/);
// This sequence also verifies that the capture / presentation position is not reset on standby.
std::shared_ptr<StateSequence> makeStandbyCommands(bool isInput, bool isSync) {
@@ -4703,14 +4755,15 @@
return std::make_shared<StateSequenceFollower>(std::move(d));
}
static const NamedCommandSequence kStandbyInSeq =
- std::make_tuple(std::string("Standby"), 0, StreamTypeFilter::ANY,
+ std::make_tuple(std::string("Standby"), kAidlVersion1, 0, StreamTypeFilter::ANY,
makeStandbyCommands(true, false), false /*validatePositionIncrease*/);
static const NamedCommandSequence kStandbyOutSyncSeq =
- std::make_tuple(std::string("Standby"), 0, StreamTypeFilter::SYNC,
+ std::make_tuple(std::string("Standby"), kAidlVersion1, 0, StreamTypeFilter::SYNC,
makeStandbyCommands(false, true), false /*validatePositionIncrease*/);
-static const NamedCommandSequence kStandbyOutAsyncSeq = std::make_tuple(
- std::string("Standby"), kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
- makeStandbyCommands(false, false), false /*validatePositionIncrease*/);
+static const NamedCommandSequence kStandbyOutAsyncSeq =
+ std::make_tuple(std::string("Standby"), kAidlVersion1,
+ kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
+ makeStandbyCommands(false, false), false /*validatePositionIncrease*/);
std::shared_ptr<StateSequence> makePauseCommands(bool isInput, bool isSync) {
using State = StreamDescriptor::State;
@@ -4745,14 +4798,15 @@
return std::make_shared<StateSequenceFollower>(std::move(d));
}
static const NamedCommandSequence kPauseInSeq =
- std::make_tuple(std::string("Pause"), 0, StreamTypeFilter::ANY,
+ std::make_tuple(std::string("Pause"), kAidlVersion1, 0, StreamTypeFilter::ANY,
makePauseCommands(true, false), false /*validatePositionIncrease*/);
static const NamedCommandSequence kPauseOutSyncSeq =
- std::make_tuple(std::string("Pause"), 0, StreamTypeFilter::SYNC,
+ std::make_tuple(std::string("Pause"), kAidlVersion1, 0, StreamTypeFilter::SYNC,
makePauseCommands(false, true), false /*validatePositionIncrease*/);
-static const NamedCommandSequence kPauseOutAsyncSeq = std::make_tuple(
- std::string("Pause"), kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
- makePauseCommands(false, false), false /*validatePositionIncrease*/);
+static const NamedCommandSequence kPauseOutAsyncSeq =
+ std::make_tuple(std::string("Pause"), kAidlVersion1, kStreamTransientStateTransitionDelayMs,
+ StreamTypeFilter::ASYNC, makePauseCommands(false, false),
+ false /*validatePositionIncrease*/);
std::shared_ptr<StateSequence> makeFlushCommands(bool isInput, bool isSync) {
using State = StreamDescriptor::State;
@@ -4780,14 +4834,15 @@
return std::make_shared<StateSequenceFollower>(std::move(d));
}
static const NamedCommandSequence kFlushInSeq =
- std::make_tuple(std::string("Flush"), 0, StreamTypeFilter::ANY,
+ std::make_tuple(std::string("Flush"), kAidlVersion1, 0, StreamTypeFilter::ANY,
makeFlushCommands(true, false), false /*validatePositionIncrease*/);
static const NamedCommandSequence kFlushOutSyncSeq =
- std::make_tuple(std::string("Flush"), 0, StreamTypeFilter::SYNC,
+ std::make_tuple(std::string("Flush"), kAidlVersion1, 0, StreamTypeFilter::SYNC,
makeFlushCommands(false, true), false /*validatePositionIncrease*/);
-static const NamedCommandSequence kFlushOutAsyncSeq = std::make_tuple(
- std::string("Flush"), kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
- makeFlushCommands(false, false), false /*validatePositionIncrease*/);
+static const NamedCommandSequence kFlushOutAsyncSeq =
+ std::make_tuple(std::string("Flush"), kAidlVersion1, kStreamTransientStateTransitionDelayMs,
+ StreamTypeFilter::ASYNC, makeFlushCommands(false, false),
+ false /*validatePositionIncrease*/);
std::shared_ptr<StateSequence> makeDrainPauseFlushOutCommands(bool isSync) {
using State = StreamDescriptor::State;
@@ -4807,13 +4862,13 @@
return std::make_shared<StateSequenceFollower>(std::move(d));
}
static const NamedCommandSequence kDrainPauseFlushOutSyncSeq =
- std::make_tuple(std::string("DrainPauseFlush"), kStreamTransientStateTransitionDelayMs,
- StreamTypeFilter::SYNC, makeDrainPauseFlushOutCommands(true),
- false /*validatePositionIncrease*/);
+ std::make_tuple(std::string("DrainPauseFlush"), kAidlVersion1,
+ kStreamTransientStateTransitionDelayMs, StreamTypeFilter::SYNC,
+ makeDrainPauseFlushOutCommands(true), false /*validatePositionIncrease*/);
static const NamedCommandSequence kDrainPauseFlushOutAsyncSeq =
- std::make_tuple(std::string("DrainPauseFlush"), kStreamTransientStateTransitionDelayMs,
- StreamTypeFilter::ASYNC, makeDrainPauseFlushOutCommands(false),
- false /*validatePositionIncrease*/);
+ std::make_tuple(std::string("DrainPauseFlush"), kAidlVersion1,
+ kStreamTransientStateTransitionDelayMs, StreamTypeFilter::ASYNC,
+ makeDrainPauseFlushOutCommands(false), false /*validatePositionIncrease*/);
// Note, this isn't the "official" enum printer, it is only used to make the test name suffix.
std::string PrintStreamFilterToString(StreamTypeFilter filter) {
@@ -4851,9 +4906,10 @@
AudioStreamIoOutTest, AudioStreamIoOut,
testing::Combine(testing::ValuesIn(android::getAidlHalInstanceNames(IModule::descriptor)),
testing::Values(kWriteSyncSeq, kWriteAsyncSeq, kWriteDrainAsyncSeq,
- kDrainOutSyncSeq, kDrainPauseOutSyncSeq,
- kDrainPauseOutAsyncSeq, kStandbyOutSyncSeq,
- kStandbyOutAsyncSeq,
+ kDrainOutSyncSeq, kDrainOutAsyncSeq,
+ kDrainEarlyOutAsyncSeq, kDrainPauseOutSyncSeq,
+ kDrainPauseOutAsyncSeq, kDrainEarlyPauseOutAsyncSeq,
+ kStandbyOutSyncSeq, kStandbyOutAsyncSeq,
kPauseOutSyncSeq, // kPauseOutAsyncSeq,
kFlushOutSyncSeq, kFlushOutAsyncSeq,
kDrainPauseFlushOutSyncSeq, kDrainPauseFlushOutAsyncSeq),
diff --git a/automotive/can/1.0/default/libnetdevice/Android.bp b/automotive/can/1.0/default/libnetdevice/Android.bp
index 653e773..b42893e 100644
--- a/automotive/can/1.0/default/libnetdevice/Android.bp
+++ b/automotive/can/1.0/default/libnetdevice/Android.bp
@@ -23,10 +23,19 @@
default_applicable_licenses: ["hardware_interfaces_license"],
}
-cc_library_static {
- name: "android.hardware.automotive.can@libnetdevice",
- defaults: ["android.hardware.automotive.can@defaults"],
+cc_defaults {
+ name: "libnetdevice-common",
vendor_available: true,
+ cflags: [
+ "-Wall",
+ "-Wextra",
+ "-Werror",
+ "-DANDROID_BASE_UNIQUE_FD_DISABLE_IMPLICIT_CONVERSION",
+ ],
+ shared_libs: [
+ "libbase",
+ "libutils",
+ ],
srcs: [
"can.cpp",
"common.cpp",
@@ -40,3 +49,14 @@
"libnl++",
],
}
+
+// TODO: migrate to "libnetdevice" and remove
+cc_library_static {
+ name: "android.hardware.automotive.can@libnetdevice",
+ defaults: ["libnetdevice-common"],
+}
+
+cc_library_static {
+ name: "libnetdevice",
+ defaults: ["libnetdevice-common"],
+}
diff --git a/automotive/can/1.0/default/libnl++/Android.bp b/automotive/can/1.0/default/libnl++/Android.bp
index 01c1e55..d929d84 100644
--- a/automotive/can/1.0/default/libnl++/Android.bp
+++ b/automotive/can/1.0/default/libnl++/Android.bp
@@ -25,8 +25,17 @@
cc_library_static {
name: "libnl++",
- defaults: ["android.hardware.automotive.can@defaults"],
vendor_available: true,
+ cflags: [
+ "-Wall",
+ "-Wextra",
+ "-Werror",
+ "-DANDROID_BASE_UNIQUE_FD_DISABLE_IMPLICIT_CONVERSION",
+ ],
+ shared_libs: [
+ "libbase",
+ "libutils",
+ ],
srcs: [
"protocols/common/Empty.cpp",
"protocols/common/Error.cpp",
diff --git a/nfc/aidl/aidl_api/android.hardware.nfc/current/android/hardware/nfc/ProtocolDiscoveryConfig.aidl b/nfc/aidl/aidl_api/android.hardware.nfc/current/android/hardware/nfc/ProtocolDiscoveryConfig.aidl
index 021dfe2..2df0d35 100644
--- a/nfc/aidl/aidl_api/android.hardware.nfc/current/android/hardware/nfc/ProtocolDiscoveryConfig.aidl
+++ b/nfc/aidl/aidl_api/android.hardware.nfc/current/android/hardware/nfc/ProtocolDiscoveryConfig.aidl
@@ -43,4 +43,5 @@
byte discoveryPollKovio;
byte discoveryPollBPrime;
byte discoveryListenBPrime;
+ byte protocolChineseId;
}
diff --git a/nfc/aidl/android/hardware/nfc/ProtocolDiscoveryConfig.aidl b/nfc/aidl/android/hardware/nfc/ProtocolDiscoveryConfig.aidl
index f8e3228..021e307 100644
--- a/nfc/aidl/android/hardware/nfc/ProtocolDiscoveryConfig.aidl
+++ b/nfc/aidl/android/hardware/nfc/ProtocolDiscoveryConfig.aidl
@@ -33,4 +33,5 @@
byte discoveryPollKovio;
byte discoveryPollBPrime;
byte discoveryListenBPrime;
+ byte protocolChineseId;
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
index 294c205..da8b513 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
@@ -145,9 +145,9 @@
* verifiedBootKey OCTET_STRING,
* deviceLocked BOOLEAN,
* verifiedBootState VerifiedBootState,
- * # verifiedBootHash must contain 32-byte value that represents the state of all binaries
- * # or other components validated by verified boot. Updating any verified binary or
- * # component must cause this value to change.
+ * # verifiedBootHash must contain a SHA-256 digest of all binaries and components validated
+ * # by Verified Boot. Updating any verified binary or component must cause this value to
+ * # change.
* verifiedBootHash OCTET_STRING,
* }
*
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index cfe9fa7..51afa12 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -149,7 +149,7 @@
// The multiplier should never be higher than the AIDL version, but can be less
// (for example, if the implementation is from an earlier version but the HAL service
// uses the default libraries and so reports the current AIDL version).
- EXPECT_TRUE((attestation_version / 100) <= aidl_version);
+ EXPECT_LE((attestation_version / 100), aidl_version);
}
bool avb_verification_enabled() {
@@ -160,12 +160,13 @@
char nibble2hex[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
-// Attestations don't contain everything in key authorization lists, so we need to filter the key
-// lists to produce the lists that we expect to match the attestations.
+// Attestations don't completely align with key authorization lists, so we need to filter the lists
+// to include only the tags that are in both.
auto kTagsToFilter = {
Tag::CREATION_DATETIME,
Tag::HARDWARE_TYPE,
Tag::INCLUDE_UNIQUE_ID,
+ Tag::MODULE_HASH,
};
AuthorizationSet filtered_tags(const AuthorizationSet& set) {
@@ -234,6 +235,83 @@
return boot_patch_level(key_characteristics_);
}
+std::optional<vector<uint8_t>> KeyMintAidlTestBase::getModuleHash() {
+ if (AidlVersion() < 4) {
+ // The `MODULE_HASH` tag was introduced in v4 of the HAL; earlier versions should never
+ // expect to encounter it.
+ return std::nullopt;
+ }
+
+ // The KeyMint instance should already have been informed of the `MODULE_HASH` value for the
+ // currently running system. Generate a single attestation so we can find out what the value
+ // is.
+ auto challenge = "hello";
+ auto app_id = "foo";
+ auto params = AuthorizationSetBuilder()
+ .EcdsaSigningKey(EcCurve::P_256)
+ .Digest(Digest::NONE)
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AttestationChallenge(challenge)
+ .AttestationApplicationId(app_id)
+ .SetDefaultValidity();
+ vector<uint8_t> key_blob;
+ vector<KeyCharacteristics> key_characteristics;
+ vector<Certificate> chain;
+ auto result = GenerateKey(params, &key_blob, &key_characteristics, &chain);
+ if (result != ErrorCode::OK) {
+ ADD_FAILURE() << "Failed to generate attestation:" << result;
+ return std::nullopt;
+ }
+ KeyBlobDeleter deleter(keymint_, key_blob);
+ if (chain.empty()) {
+ ADD_FAILURE() << "No attestation cert";
+ return std::nullopt;
+ }
+
+ // Parse the attestation record in the leaf cert.
+ X509_Ptr cert(parse_cert_blob(chain[0].encodedCertificate));
+ if (cert.get() == nullptr) {
+ ADD_FAILURE() << "Failed to parse attestation cert";
+ return std::nullopt;
+ }
+ ASN1_OCTET_STRING* attest_rec = get_attestation_record(cert.get());
+ if (attest_rec == nullptr) {
+ ADD_FAILURE() << "Failed to find attestation extension";
+ return std::nullopt;
+ }
+ AuthorizationSet att_sw_enforced;
+ AuthorizationSet att_hw_enforced;
+ uint32_t att_attestation_version;
+ uint32_t att_keymint_version;
+ SecurityLevel att_attestation_security_level;
+ SecurityLevel att_keymint_security_level;
+ vector<uint8_t> att_challenge;
+ vector<uint8_t> att_unique_id;
+ vector<uint8_t> att_app_id;
+
+ auto error = parse_attestation_record(attest_rec->data, //
+ attest_rec->length, //
+ &att_attestation_version, //
+ &att_attestation_security_level, //
+ &att_keymint_version, //
+ &att_keymint_security_level, //
+ &att_challenge, //
+ &att_sw_enforced, //
+ &att_hw_enforced, //
+ &att_unique_id);
+ if (error != ErrorCode::OK) {
+ ADD_FAILURE() << "Failed to parse attestation extension";
+ return std::nullopt;
+ }
+
+ // The module hash should be present in the software-enforced list.
+ if (!att_sw_enforced.Contains(TAG_MODULE_HASH)) {
+ ADD_FAILURE() << "No TAG_MODULE_HASH in attestation extension";
+ return std::nullopt;
+ }
+ return att_sw_enforced.GetTagValue(TAG_MODULE_HASH);
+}
+
/**
* An API to determine device IDs attestation is required or not,
* which is mandatory for KeyMint version 2 and first_api_level 33 or greater.
@@ -270,12 +348,7 @@
}
// Curve 25519 was included in version 2 of the KeyMint interface.
- int32_t version = 0;
- auto status = keymint_->getInterfaceVersion(&version);
- if (!status.isOk()) {
- ADD_FAILURE() << "Failed to determine interface version";
- }
- return version >= 2;
+ return AidlVersion() >= 2;
}
void KeyMintAidlTestBase::InitializeKeyMint(std::shared_ptr<IKeyMintDevice> keyMint) {
@@ -293,6 +366,20 @@
os_version_ = getOsVersion();
os_patch_level_ = getOsPatchlevel();
vendor_patch_level_ = getVendorPatchlevel();
+
+ // TODO(b/369375199): temporary code, remove when apexd -> keystore2 -> KeyMint transmission
+ // of module info happens.
+ {
+ GTEST_LOG_(INFO) << "Setting MODULE_HASH to fake value as fallback";
+ // Ensure that a MODULE_HASH value is definitely present in KeyMint (if it's >= v4).
+ vector<uint8_t> fakeModuleHash = {
+ 0xf3, 0xf1, 0x1f, 0xe5, 0x13, 0x05, 0xfe, 0xfa, 0xe9, 0xc3, 0x53,
+ 0xef, 0x69, 0xdf, 0x9f, 0xd7, 0x0c, 0x1e, 0xcc, 0x2c, 0x2c, 0x62,
+ 0x1f, 0x5e, 0x2c, 0x1d, 0x19, 0xa1, 0xfd, 0xac, 0xa1, 0xb4,
+ };
+ vector<KeyParameter> info = {Authorization(TAG_MODULE_HASH, fakeModuleHash)};
+ keymint_->setAdditionalAttestationInfo(info);
+ }
}
int32_t KeyMintAidlTestBase::AidlVersion() const {
@@ -320,6 +407,13 @@
ErrorCode KeyMintAidlTestBase::GenerateKey(const AuthorizationSet& key_desc,
vector<uint8_t>* key_blob,
vector<KeyCharacteristics>* key_characteristics) {
+ return GenerateKey(key_desc, key_blob, key_characteristics, &cert_chain_);
+}
+
+ErrorCode KeyMintAidlTestBase::GenerateKey(const AuthorizationSet& key_desc,
+ vector<uint8_t>* key_blob,
+ vector<KeyCharacteristics>* key_characteristics,
+ vector<Certificate>* cert_chain) {
std::optional<AttestationKey> attest_key = std::nullopt;
vector<Certificate> attest_cert_chain;
// If an attestation is requested, but the system is RKP-only, we need to supply an explicit
@@ -340,11 +434,10 @@
attest_key.value().issuerSubjectName = make_name_from_str("Android Keystore Key");
}
- ErrorCode error =
- GenerateKey(key_desc, attest_key, key_blob, key_characteristics, &cert_chain_);
+ ErrorCode error = GenerateKey(key_desc, attest_key, key_blob, key_characteristics, cert_chain);
if (error == ErrorCode::OK && attest_cert_chain.size() > 0) {
- cert_chain_.push_back(attest_cert_chain[0]);
+ cert_chain->push_back(attest_cert_chain[0]);
}
return error;
@@ -1049,13 +1142,12 @@
int openssl_padding = RSA_NO_PADDING;
switch (padding) {
case PaddingMode::NONE:
- ASSERT_TRUE(data_size <= key_len);
+ ASSERT_LE(data_size, key_len);
ASSERT_EQ(key_len, signature.size());
openssl_padding = RSA_NO_PADDING;
break;
case PaddingMode::RSA_PKCS1_1_5_SIGN:
- ASSERT_TRUE(data_size + kPkcs1UndigestedSignaturePaddingOverhead <=
- key_len);
+ ASSERT_LE(data_size + kPkcs1UndigestedSignaturePaddingOverhead, key_len);
openssl_padding = RSA_PKCS1_PADDING;
break;
default:
@@ -1812,7 +1904,7 @@
}
}
- // Verified boot key should be all 0's if the boot state is not verified or self signed
+ // Verified Boot key should be all zeroes if the boot state is "orange".
std::string empty_boot_key(32, '\0');
std::string verified_boot_key_str((const char*)verified_boot_key.data(),
verified_boot_key.size());
@@ -2271,7 +2363,7 @@
// ATTESTATION_IDS_NOT_PROVISIONED in this case.
ASSERT_TRUE((tag == TAG_ATTESTATION_ID_IMEI || tag == TAG_ATTESTATION_ID_MEID ||
tag == TAG_ATTESTATION_ID_SECOND_IMEI))
- << "incorrect error code on attestation ID mismatch";
+ << "incorrect error code on attestation ID mismatch for " << tag;
} else {
ADD_FAILURE() << "Error code " << result
<< " returned on attestation ID mismatch, should be CANNOT_ATTEST_IDS";
@@ -2353,7 +2445,7 @@
FILE* pipe = popen(command.c_str(), "r");
if (!pipe) {
- LOG(ERROR) << "popen failed.";
+ GTEST_LOG_(ERROR) << "popen failed.";
return result;
}
@@ -2379,7 +2471,7 @@
std::string output = exec_command(cmd);
if (output.empty()) {
- LOG(ERROR) << "Command failed. Cmd: " << cmd;
+ GTEST_LOG_(ERROR) << "Command failed. Cmd: " << cmd;
return "";
}
@@ -2387,13 +2479,14 @@
::android::base::Tokenize(::android::base::Trim(output), "Device IMEI:");
if (out.size() != 1) {
- LOG(ERROR) << "Error in parsing the command output. Cmd: " << cmd;
+ GTEST_LOG_(ERROR) << "Error in parsing the command output. Cmd: " << cmd;
return "";
}
std::string imei = ::android::base::Trim(out[0]);
if (imei.compare("null") == 0) {
- LOG(WARNING) << "Failed to get IMEI from Telephony service: value is null. Cmd: " << cmd;
+ GTEST_LOG_(WARNING) << "Failed to get IMEI from Telephony service: value is null. Cmd: "
+ << cmd;
return "";
}
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
index 85ae93d..1c12136 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
@@ -103,6 +103,7 @@
uint32_t vendor_patch_level() { return vendor_patch_level_; }
uint32_t boot_patch_level(const vector<KeyCharacteristics>& key_characteristics);
uint32_t boot_patch_level();
+ std::optional<vector<uint8_t>> getModuleHash();
bool isDeviceIdAttestationRequired();
bool isSecondImeiIdAttestationRequired();
std::optional<bool> isRkpOnly();
@@ -114,6 +115,10 @@
ErrorCode GenerateKey(const AuthorizationSet& key_desc, vector<uint8_t>* key_blob,
vector<KeyCharacteristics>* key_characteristics);
+ ErrorCode GenerateKey(const AuthorizationSet& key_desc, vector<uint8_t>* key_blob,
+ vector<KeyCharacteristics>* key_characteristics,
+ vector<Certificate>* cert_chain);
+
ErrorCode GenerateKey(const AuthorizationSet& key_desc,
const optional<AttestationKey>& attest_key, vector<uint8_t>* key_blob,
vector<KeyCharacteristics>* key_characteristics,
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 527b5e0..067db78 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -643,6 +643,7 @@
// Verify that App data, ROT and auth timeout are NOT included.
EXPECT_FALSE(auths.Contains(TAG_ROOT_OF_TRUST));
EXPECT_FALSE(auths.Contains(TAG_APPLICATION_DATA));
+ EXPECT_FALSE(auths.Contains(TAG_MODULE_HASH));
EXPECT_FALSE(auths.Contains(TAG_AUTH_TIMEOUT, 301U));
// None of the tests specify CREATION_DATETIME so check that the KeyMint implementation
@@ -2583,7 +2584,8 @@
auto result = GenerateKey(
AuthorizationSetBuilder().EcdsaKey(256).Digest(Digest::NONE).SetDefaultValidity());
ASSERT_TRUE(result == ErrorCode::UNSUPPORTED_KEY_SIZE ||
- result == ErrorCode::UNSUPPORTED_EC_CURVE);
+ result == ErrorCode::UNSUPPORTED_EC_CURVE)
+ << "unexpected result " << result;
}
/*
@@ -2604,7 +2606,7 @@
.SigningKey()
.Digest(Digest::NONE)
.SetDefaultValidity());
- ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT);
+ ASSERT_EQ(result, ErrorCode::INVALID_ARGUMENT);
}
/*
@@ -3183,7 +3185,8 @@
string result;
ErrorCode finish_error_code = Finish(message, &result);
EXPECT_TRUE(finish_error_code == ErrorCode::INVALID_INPUT_LENGTH ||
- finish_error_code == ErrorCode::INVALID_ARGUMENT);
+ finish_error_code == ErrorCode::INVALID_ARGUMENT)
+ << "unexpected error code " << finish_error_code;
// Very large message that should exceed the transfer buffer size of any reasonable TEE.
message = string(128 * 1024, 'a');
@@ -3193,7 +3196,8 @@
.Padding(PaddingMode::RSA_PKCS1_1_5_SIGN)));
finish_error_code = Finish(message, &result);
EXPECT_TRUE(finish_error_code == ErrorCode::INVALID_INPUT_LENGTH ||
- finish_error_code == ErrorCode::INVALID_ARGUMENT);
+ finish_error_code == ErrorCode::INVALID_ARGUMENT)
+ << "unexpected error code " << finish_error_code;
}
/*
@@ -3247,7 +3251,8 @@
.Digest(Digest::NONE)
.Digest(Digest::SHA1)
.Padding(PaddingMode::RSA_PKCS1_1_5_SIGN));
- ASSERT_TRUE(result == ErrorCode::UNSUPPORTED_DIGEST || result == ErrorCode::INVALID_ARGUMENT);
+ ASSERT_TRUE(result == ErrorCode::UNSUPPORTED_DIGEST || result == ErrorCode::INVALID_ARGUMENT)
+ << "unexpected result " << result;
ASSERT_EQ(ErrorCode::UNSUPPORTED_DIGEST,
Begin(KeyPurpose::SIGN,
@@ -3420,7 +3425,8 @@
}
auto rc = DeleteKey();
- ASSERT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED);
+ ASSERT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED)
+ << "unexpected result " << rc;
}
}
@@ -5704,7 +5710,8 @@
// is checked against those values, and found absent.
auto result = Begin(KeyPurpose::DECRYPT, params);
EXPECT_TRUE(result == ErrorCode::UNSUPPORTED_MGF_DIGEST ||
- result == ErrorCode::INCOMPATIBLE_MGF_DIGEST);
+ result == ErrorCode::INCOMPATIBLE_MGF_DIGEST)
+ << "unexpected result " << result;
}
/*
@@ -5969,14 +5976,16 @@
.BlockMode(BlockMode::ECB)
.Padding(PaddingMode::NONE));
EXPECT_TRUE(result == ErrorCode::INCOMPATIBLE_BLOCK_MODE ||
- result == ErrorCode::UNSUPPORTED_BLOCK_MODE);
+ result == ErrorCode::UNSUPPORTED_BLOCK_MODE)
+ << "unexpected result " << result;
result = Begin(KeyPurpose::ENCRYPT, AuthorizationSetBuilder()
.BlockMode(BlockMode::ECB)
.Padding(PaddingMode::NONE)
.Padding(PaddingMode::PKCS7));
EXPECT_TRUE(result == ErrorCode::INCOMPATIBLE_PADDING_MODE ||
- result == ErrorCode::UNSUPPORTED_PADDING_MODE);
+ result == ErrorCode::UNSUPPORTED_PADDING_MODE)
+ << "unexpected result " << result;
}
/*
@@ -8759,7 +8768,8 @@
// Re-enable and run at your own risk.
TEST_P(DestroyAttestationIdsTest, DISABLED_DestroyTest) {
auto result = DestroyAttestationIds();
- EXPECT_TRUE(result == ErrorCode::OK || result == ErrorCode::UNIMPLEMENTED);
+ EXPECT_TRUE(result == ErrorCode::OK || result == ErrorCode::UNIMPLEMENTED)
+ << "unexpected result " << result;
}
INSTANTIATE_KEYMINT_AIDL_TEST(DestroyAttestationIdsTest);
@@ -8892,6 +8902,49 @@
INSTANTIATE_KEYMINT_AIDL_TEST(EarlyBootKeyTest);
+using ModuleHashTest = KeyMintAidlTestBase;
+
+TEST_P(ModuleHashTest, SetSameValue) {
+ if (AidlVersion() < 4) {
+ GTEST_SKIP() << "Module hash only available for >= v4, this device is v" << AidlVersion();
+ }
+ auto module_hash = getModuleHash();
+ ASSERT_TRUE(module_hash.has_value());
+
+ // Setting the same value that's already there should work.
+ vector<KeyParameter> info = {Authorization(TAG_MODULE_HASH, module_hash.value())};
+ EXPECT_TRUE(keymint_->setAdditionalAttestationInfo(info).isOk());
+}
+
+TEST_P(ModuleHashTest, SetDifferentValue) {
+ if (AidlVersion() < 4) {
+ GTEST_SKIP() << "Module hash only available for >= v4, this device is v" << AidlVersion();
+ }
+ auto module_hash = getModuleHash();
+ ASSERT_TRUE(module_hash.has_value());
+ vector<uint8_t> wrong_hash = module_hash.value();
+ ASSERT_EQ(wrong_hash.size(), 32);
+
+ // Setting a slightly different value should fail.
+ wrong_hash[0] ^= 0x01;
+ vector<KeyParameter> info = {Authorization(TAG_MODULE_HASH, wrong_hash)};
+ EXPECT_EQ(GetReturnErrorCode(keymint_->setAdditionalAttestationInfo(info)),
+ ErrorCode::MODULE_HASH_ALREADY_SET);
+}
+
+TEST_P(ModuleHashTest, SetUnrelatedTag) {
+ if (AidlVersion() < 4) {
+ GTEST_SKIP() << "Module hash only available for >= v4, this device is v" << AidlVersion();
+ }
+
+ // Trying to set an unexpected tag should be silently ignored..
+ vector<uint8_t> data = {0, 1, 2, 3, 4};
+ vector<KeyParameter> info = {Authorization(TAG_ROOT_OF_TRUST, data)};
+ EXPECT_EQ(GetReturnErrorCode(keymint_->setAdditionalAttestationInfo(info)), ErrorCode::OK);
+}
+
+INSTANTIATE_KEYMINT_AIDL_TEST(ModuleHashTest);
+
using VsrRequirementTest = KeyMintAidlTestBase;
// @VsrTest = VSR-3.10-008
@@ -8912,6 +8965,18 @@
EXPECT_GE(AidlVersion(), 3) << "VSR 14+ requires KeyMint version 3";
}
+// @VsrTest = GMS-VSR-3.10-019
+TEST_P(VsrRequirementTest, Vsr16Test) {
+ int vsr_api_level = get_vsr_api_level();
+ if (vsr_api_level <= __ANDROID_API_V__) {
+ GTEST_SKIP() << "Applies only to VSR API level > 35, this device is: " << vsr_api_level;
+ }
+ if (SecLevel() == SecurityLevel::STRONGBOX) {
+ GTEST_SKIP() << "Applies only to TEE KeyMint, not StrongBox KeyMint";
+ }
+ EXPECT_GE(AidlVersion(), 4) << "VSR 16+ requires KeyMint version 4 in TEE";
+}
+
INSTANTIATE_KEYMINT_AIDL_TEST(VsrRequirementTest);
class InstanceTest : public testing::Test {
diff --git a/security/keymint/support/Android.bp b/security/keymint/support/Android.bp
index 271e36c..7050141 100644
--- a/security/keymint/support/Android.bp
+++ b/security/keymint/support/Android.bp
@@ -30,6 +30,7 @@
"-Wall",
"-Wextra",
"-Werror",
+ "-DKEYMINT_HAL_V4",
],
srcs: [
"attestation_record.cpp",
diff --git a/security/keymint/support/attestation_record.cpp b/security/keymint/support/attestation_record.cpp
index 5a26611..d2cbf88 100644
--- a/security/keymint/support/attestation_record.cpp
+++ b/security/keymint/support/attestation_record.cpp
@@ -106,6 +106,7 @@
ASN1_NULL* device_unique_attestation;
ASN1_NULL* identity_credential;
ASN1_OCTET_STRING* attestation_id_second_imei;
+ ASN1_OCTET_STRING* module_hash;
} KM_AUTH_LIST;
ASN1_SEQUENCE(KM_AUTH_LIST) = {
@@ -173,6 +174,7 @@
TAG_IDENTITY_CREDENTIAL_KEY.maskedTag()),
ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_second_imei, ASN1_OCTET_STRING,
TAG_ATTESTATION_ID_SECOND_IMEI.maskedTag()),
+ ASN1_EXP_OPT(KM_AUTH_LIST, module_hash, ASN1_OCTET_STRING, TAG_MODULE_HASH.maskedTag()),
} ASN1_SEQUENCE_END(KM_AUTH_LIST);
IMPLEMENT_ASN1_FUNCTIONS(KM_AUTH_LIST);
@@ -327,6 +329,7 @@
copyAuthTag(record->device_unique_attestation, TAG_DEVICE_UNIQUE_ATTESTATION, auth_list);
copyAuthTag(record->identity_credential, TAG_IDENTITY_CREDENTIAL_KEY, auth_list);
copyAuthTag(record->attestation_id_second_imei, TAG_ATTESTATION_ID_SECOND_IMEI, auth_list);
+ copyAuthTag(record->module_hash, TAG_MODULE_HASH, auth_list);
return ErrorCode::OK;
}
diff --git a/security/keymint/support/include/keymint_support/keymint_tags.h b/security/keymint/support/include/keymint_support/keymint_tags.h
index 823899a..89c9c0b 100644
--- a/security/keymint/support/include/keymint_support/keymint_tags.h
+++ b/security/keymint/support/include/keymint_support/keymint_tags.h
@@ -103,6 +103,15 @@
DECLARE_TYPED_TAG(MAX_USES_PER_BOOT);
DECLARE_TYPED_TAG(MIN_MAC_LENGTH);
DECLARE_TYPED_TAG(MIN_SECONDS_BETWEEN_OPS);
+// TODO: remove special case macro once v4 HAL is frozen
+#ifdef KEYMINT_HAL_V4
+DECLARE_TYPED_TAG(MODULE_HASH);
+#else
+// When building for previous frozen HAL, the `Tag::MODULE_NAME` constant is not available.
+static const Tag Tag_MODULE_HASH = static_cast<Tag>(-1879047468);
+typedef typename Tag2TypedTag<Tag_MODULE_HASH>::type TAG_MODULE_HASH_t;
+static TAG_MODULE_HASH_t TAG_MODULE_HASH;
+#endif
DECLARE_TYPED_TAG(NONCE);
DECLARE_TYPED_TAG(NO_AUTH_REQUIRED);
DECLARE_TYPED_TAG(ORIGIN);
diff --git a/staging/security/see/hwcrypto/aidl/Android.bp b/staging/security/see/hwcrypto/aidl/Android.bp
index 0a7e8be..2da59a4 100644
--- a/staging/security/see/hwcrypto/aidl/Android.bp
+++ b/staging/security/see/hwcrypto/aidl/Android.bp
@@ -28,4 +28,5 @@
enabled: true,
},
},
+ frozen: false,
}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
index 3763f0a..5b34572 100644
--- a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
@@ -38,10 +38,16 @@
android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKey deriveKey(in android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKeyParameters parameters);
android.hardware.security.see.hwcrypto.IHwCryptoOperations getHwCryptoOperations();
android.hardware.security.see.hwcrypto.IOpaqueKey importClearKey(in android.hardware.security.see.hwcrypto.types.ExplicitKeyMaterial keyMaterial, in android.hardware.security.see.hwcrypto.KeyPolicy newKeyPolicy);
+ byte[] getCurrentDicePolicy();
+ android.hardware.security.see.hwcrypto.IOpaqueKey keyTokenImport(in android.hardware.security.see.hwcrypto.types.OpaqueKeyToken requestedKey, in byte[] sealingDicePolicy);
+ android.hardware.security.see.hwcrypto.IOpaqueKey getKeyslotData(android.hardware.security.see.hwcrypto.IHwCryptoKey.KeySlot slotId);
enum DeviceKeyId {
DEVICE_BOUND_KEY,
BATCH_KEY,
}
+ enum KeySlot {
+ KEYMINT_SHARED_HMAC_KEY,
+ }
union DiceBoundDerivationKey {
android.hardware.security.see.hwcrypto.IOpaqueKey opaqueKey;
android.hardware.security.see.hwcrypto.IHwCryptoKey.DeviceKeyId keyId;
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
index 9cbf272..88dbdf1 100644
--- a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
@@ -36,4 +36,6 @@
byte[] exportWrappedKey(in android.hardware.security.see.hwcrypto.IOpaqueKey wrappingKey);
android.hardware.security.see.hwcrypto.KeyPolicy getKeyPolicy();
byte[] getPublicKey();
+ android.hardware.security.see.hwcrypto.types.OpaqueKeyToken getShareableToken(in byte[] sealingDicePolicy);
+ void setProtectionId(in android.hardware.security.see.hwcrypto.types.ProtectionId protectionId, in android.hardware.security.see.hwcrypto.types.OperationType[] allowedOperations);
}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/OperationParameters.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/OperationParameters.aidl
index 017e51c..e069610 100644
--- a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/OperationParameters.aidl
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/OperationParameters.aidl
@@ -35,4 +35,5 @@
union OperationParameters {
android.hardware.security.see.hwcrypto.types.SymmetricAuthOperationParameters symmetricAuthCrypto;
android.hardware.security.see.hwcrypto.types.SymmetricOperationParameters symmetricCrypto;
+ android.hardware.security.see.hwcrypto.types.HmacOperationParameters hmac;
}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl
index 933fb67..9970678 100644
--- a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl
@@ -34,4 +34,5 @@
package android.hardware.security.see.hwcrypto.types;
union ExplicitKeyMaterial {
android.hardware.security.see.hwcrypto.types.AesKey aes;
+ android.hardware.security.see.hwcrypto.types.HmacKey hmac;
}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
index cd8b3c6..742314c 100644
--- a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
@@ -41,4 +41,5 @@
const int ALLOCATION_ERROR = (-5) /* -5 */;
const int INVALID_KEY = (-6) /* -6 */;
const int BAD_PARAMETER = (-7) /* -7 */;
+ const int UNAUTHORIZED = (-8) /* -8 */;
}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HmacKey.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HmacKey.aidl
new file mode 100644
index 0000000..f8de94a
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HmacKey.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+union HmacKey {
+ byte[32] sha256 = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
+ byte[64] sha512;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HmacOperationParameters.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HmacOperationParameters.aidl
new file mode 100644
index 0000000..532cd8d
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HmacOperationParameters.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+parcelable HmacOperationParameters {
+ android.hardware.security.see.hwcrypto.IOpaqueKey key;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
new file mode 100644
index 0000000..fc2dd63
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+parcelable OpaqueKeyToken {
+ byte[] keyToken;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/ProtectionId.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/ProtectionId.aidl
new file mode 100644
index 0000000..1e304ab
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/ProtectionId.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+enum ProtectionId {
+ WIDEVINE_OUTPUT_BUFFER = 1,
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
index b5e7e9d..bb194a3 100644
--- a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
@@ -19,6 +19,7 @@
import android.hardware.security.see.hwcrypto.IOpaqueKey;
import android.hardware.security.see.hwcrypto.KeyPolicy;
import android.hardware.security.see.hwcrypto.types.ExplicitKeyMaterial;
+import android.hardware.security.see.hwcrypto.types.OpaqueKeyToken;
/*
* Higher level interface to access and generate keys.
@@ -36,6 +37,19 @@
DEVICE_BOUND_KEY,
BATCH_KEY,
}
+
+ /*
+ * Identifier for the requested key slot. The currently supported identifiers are:
+ *
+ * KEYMINT_SHARED_HMAC_KEY:
+ * This is the shared HMAC key that will now be computed by HwCryptoKey after participating
+ * in the ISharedSecret protocol that can be shared with KeyMint and authenticators. See
+ * ISharedSecret.aidl for more information.
+ */
+ enum KeySlot {
+ KEYMINT_SHARED_HMAC_KEY,
+ }
+
union DiceBoundDerivationKey {
/*
* Opaque to be used to derive the DICE bound key.
@@ -217,4 +231,59 @@
* otherwise.
*/
IOpaqueKey importClearKey(in ExplicitKeyMaterial keyMaterial, in KeyPolicy newKeyPolicy);
+
+ /*
+ * getCurrentDicePolicy() - Returns the client current DICE policy. This policy is encrypted and
+ * considered opaque from the client perspective. This policy is the
+ * same used to create DICE bound keys and will also be used to seal
+ * secrets that can only be retrieved by the DICE policy owner. The
+ * first use of this seal operation will be
+ * <code>IOpaqueKey::getShareableToken</code> and
+ * <code>IHwCryptoKey::keyTokenImport</code>. To start this process,
+ * the intended key receiver will call this function and then pass the
+ * generated DICE policy to the owner of the key that the receiver
+ * wants to import. The key owner will then call
+ * <code>IOpaqueKey::getShareableToken</code> passing the receiver DICE
+ * policy to insure that only that receiver can import the key.
+ *
+ * Return:
+ * byte[] on success, which is the caller encrypted DICE policy.
+ */
+ byte[] getCurrentDicePolicy();
+
+ /*
+ * key_token_import() - Imports a key from a different client service instance. Because
+ * IOpaqueKey are binder objects that cannot be directly shared between
+ * binder rpc clients, this method provide a way to send a key to another
+ * client. Keys to be imported by the receiver are represented by a token
+ * created using <code>IOpaqueKey::getShareableToken</code>. The flow
+ * to create this token is described in
+ * <code>IHwCryptoKey::getCurrentDicePolicy</code>.
+ *
+ * @requested_key:
+ * Handle to the key to be imported to the caller service.
+ * @sealingDicePolicy:
+ * DICE policy used to seal the exported key.
+ * Return:
+ * A IOpaqueKey that can be directly be used on the local HWCrypto service on
+ * success, service specific error based on <code>HalErrorCode</code> otherwise.
+ */
+ IOpaqueKey keyTokenImport(in OpaqueKeyToken requestedKey, in byte[] sealingDicePolicy);
+
+ /*
+ * getKeyslotData() - Gets the keyslot key material referenced by slotId.
+ *
+ * @slotId:
+ * Identifier for the requested keyslot
+ *
+ * This interface is used to access device specific keys with known types and uses. Because the
+ * returned key is opaque, it can only be used through the different HwCrypto interfaces.
+ * Because the keys live in a global namespace the identity of the caller needs to be
+ * checked to verify that it has permission to accesses the requested key.
+ *
+ * Return:
+ * Ok(IOpaqueKey) on success, UNAUTHORIZED if the caller cannot access the requested key,
+ * another specific error code otherwise.
+ */
+ IOpaqueKey getKeyslotData(KeySlot slotId);
}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
index 0d0f613..9a72639 100644
--- a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
@@ -16,7 +16,9 @@
package android.hardware.security.see.hwcrypto;
import android.hardware.security.see.hwcrypto.KeyPolicy;
+import android.hardware.security.see.hwcrypto.types.OpaqueKeyToken;
import android.hardware.security.see.hwcrypto.types.OperationType;
+import android.hardware.security.see.hwcrypto.types.ProtectionId;
interface IOpaqueKey {
/*
@@ -52,4 +54,37 @@
* <code>HalErrorCode</code> otherwise. Format used for the returned public key is COSE.
*/
byte[] getPublicKey();
+
+ /*
+ * getShareableToken() - Returns a token that can shared with another HWCrypto client.
+ *
+ * @sealingDicePolicy:
+ * Token to be used to protect the returned OpaqueKeyToken. It will be used so only
+ * the owner of the sealingDicePolicy can import the key.
+ * Return:
+ * <code>OpaqueKeyMaterial</code> token on success, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ OpaqueKeyToken getShareableToken(in byte[] sealingDicePolicy);
+
+ /*
+ * setProtectionId() - Sets the protectionID associated with the buffers where the operation
+ * will be performed. A protection ID serves as a limitation on the key so
+ * it can only operate on buffers with a matching protection ID.
+ * The client calling this functions needs to have the necessary permissions
+ * to read and/or write to this buffer. Setting this parameter means that
+ * if the key is shared with a different client, the client receiving the
+ * key will be limited in which buffers can be used to read/write data for
+ * this operation.
+ *
+ * @protectionId:
+ * ID of the given use case to provide protection for. The method of protecting the buffer
+ * will be platform dependent.
+ * @allowedOperations:
+ * array of allowed operations. Allowed operations are either READ or WRITE.
+ *
+ * Return:
+ * service specific error based on <code>HalErrorCode</code> on failure.
+ */
+ void setProtectionId(in ProtectionId protectionId, in OperationType[] allowedOperations);
}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/OperationParameters.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/OperationParameters.aidl
index 9e2fc6c..a977f56 100644
--- a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/OperationParameters.aidl
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/OperationParameters.aidl
@@ -15,6 +15,7 @@
*/
package android.hardware.security.see.hwcrypto;
+import android.hardware.security.see.hwcrypto.types.HmacOperationParameters;
import android.hardware.security.see.hwcrypto.types.SymmetricAuthOperationParameters;
import android.hardware.security.see.hwcrypto.types.SymmetricOperationParameters;
@@ -31,4 +32,9 @@
* Parameters for non-authenticated symmetric cryptography (AES/TDES).
*/
SymmetricOperationParameters symmetricCrypto;
+
+ /*
+ * Parameters for hash based message authenticated code operations.
+ */
+ HmacOperationParameters hmac;
}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl
index 4298ba9..3aa5611 100644
--- a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/ExplicitKeyMaterial.aidl
@@ -16,10 +16,12 @@
package android.hardware.security.see.hwcrypto.types;
import android.hardware.security.see.hwcrypto.types.AesKey;
+import android.hardware.security.see.hwcrypto.types.HmacKey;
/*
* Type encapsulating a clear key.
*/
union ExplicitKeyMaterial {
AesKey aes;
+ HmacKey hmac;
}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
index e8e8539..f536c0e 100644
--- a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
@@ -42,4 +42,7 @@
/* Bad parameter supplied for the desired operation */
const int BAD_PARAMETER = -7;
+
+ /* Caller is not authorized to make this call */
+ const int UNAUTHORIZED = -8;
}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HmacKey.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HmacKey.aidl
new file mode 100644
index 0000000..a0b6ba7
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HmacKey.aidl
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Type that represents an Hmac key.
+ */
+union HmacKey {
+ /*
+ * Raw Hmac key for use with sha256.
+ */
+ byte[32] sha256 = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0};
+
+ /*
+ * Raw Hmac key for use with sha512.
+ */
+ byte[64] sha512;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HmacOperationParameters.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HmacOperationParameters.aidl
new file mode 100644
index 0000000..da09a2c
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HmacOperationParameters.aidl
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+import android.hardware.security.see.hwcrypto.IOpaqueKey;
+/*
+ * Data needed to perform HMAC operations.
+ */
+parcelable HmacOperationParameters {
+ /*
+ * Key to be used for the HMAC operation.
+ */
+ IOpaqueKey key;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
new file mode 100644
index 0000000..db95c18
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Implementation defined structure that represents a key and its associated metadata. It is only
+ * valid on the current boot, and its reuse after a session is closed (or between sessions) is not
+ * guaranteed.
+ */
+parcelable OpaqueKeyToken {
+ /*
+ * Opaque type used to send IOpaqueKeys keys to different clients. Its format is implementation
+ * dependant.
+ */
+ byte[] keyToken;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/ProtectionId.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/ProtectionId.aidl
new file mode 100644
index 0000000..8686882
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/ProtectionId.aidl
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Enum describing the different types of protected buffers. Protected buffers are named by its
+ * corresponding use case and its underlaying implementation is platform dependant.
+ */
+enum ProtectionId {
+ /*
+ * ProtectionID used by HwCrypto to enable Keys that can be used for Widevine video buffers.
+ * These buffers should not be readable by non-trusted entities and HwCrypto should not allow
+ * any read access to them through its interface.
+ */
+ WIDEVINE_OUTPUT_BUFFER = 1,
+}
diff --git a/staging/security/see/storage/aidl/android/hardware/security/see/storage/ISecureStorage.aidl b/staging/security/see/storage/aidl/android/hardware/security/see/storage/ISecureStorage.aidl
index 022de9a..1841bf5 100644
--- a/staging/security/see/storage/aidl/android/hardware/security/see/storage/ISecureStorage.aidl
+++ b/staging/security/see/storage/aidl/android/hardware/security/see/storage/ISecureStorage.aidl
@@ -34,6 +34,13 @@
/**
* Starts a storage session for a filesystem.
*
+ * Clients should be prepared for `startSession` and any methods called on the `IStorageSession`
+ * or its sub-interfaces to return `WOULD_BLOCK` (a `binder::Status` with an exception code of
+ * `EX_TRANSACTION_FAILED` and a transaction error code of `android::WOULD_BLOCK`), which
+ * indicates that the requested storage is not currently available. Possible cases that might
+ * cause this return code might be accessing the data partition during boot stages where it
+ * isn't yet mounted or attempting to commit changes while an A/B update is in progress.
+ *
* @filesystem:
* The minimum filesystem properties requested.
*