Merge "Backfill owner information for VTS module VtsHalAudioPolicyV1_0TargetTest."
diff --git a/Android.bp b/Android.bp
index 815e766..fc6babe 100644
--- a/Android.bp
+++ b/Android.bp
@@ -58,8 +58,6 @@
"libhidl_gtest_helper",
],
- group_static_libs: true,
-
// Lists all system dependencies that can be expected on the device.
shared_libs: [
"libbase",
diff --git a/atrace/1.0/vts/functional/OWNERS b/atrace/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..31043aa
--- /dev/null
+++ b/atrace/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 837454
+wvw@google.com
diff --git a/audio/common/all-versions/test/utility/Android.bp b/audio/common/all-versions/test/utility/Android.bp
index 1602d25..757f8a8 100644
--- a/audio/common/all-versions/test/utility/Android.bp
+++ b/audio/common/all-versions/test/utility/Android.bp
@@ -25,7 +25,7 @@
cc_library_static {
name: "android.hardware.audio.common.test.utility",
- defaults : ["hidl_defaults"],
+ defaults: ["hidl_defaults"],
srcs: ["src/ValidateXml.cpp"],
cflags: [
"-O0",
@@ -34,7 +34,34 @@
],
local_include_dirs: ["include/utility"],
export_include_dirs: ["include"],
- shared_libs: ["libxml2", "liblog"],
+ shared_libs: [
+ "libxml2",
+ "liblog",
+ ],
static_libs: ["libgtest"],
export_static_lib_headers: ["libgtest"],
}
+
+// Note: this isn't a VTS test, but rather a unit test
+// to verify correctness of test utilities.
+cc_test {
+ name: "android.hardware.audio.common.test.utility_tests",
+ host_supported: true,
+ local_include_dirs: ["include/utility"],
+ srcs: [
+ "src/ValidateXml.cpp",
+ "tests/utility_tests.cpp",
+ ],
+ cflags: [
+ "-Werror",
+ "-Wall",
+ "-g",
+ ],
+ shared_libs: [
+ "libbase",
+ "libxml2",
+ "liblog",
+ ],
+ static_libs: ["libgtest"],
+ test_suites: ["general-tests"],
+}
diff --git a/audio/common/all-versions/test/utility/TEST_MAPPING b/audio/common/all-versions/test/utility/TEST_MAPPING
new file mode 100644
index 0000000..0bc1871
--- /dev/null
+++ b/audio/common/all-versions/test/utility/TEST_MAPPING
@@ -0,0 +1,7 @@
+{
+ "presubmit": [
+ {
+ "name": "android.hardware.audio.common.test.utility_tests"
+ }
+ ]
+}
diff --git a/audio/common/all-versions/test/utility/src/ValidateXml.cpp b/audio/common/all-versions/test/utility/src/ValidateXml.cpp
index a866104..f111c01 100644
--- a/audio/common/all-versions/test/utility/src/ValidateXml.cpp
+++ b/audio/common/all-versions/test/utility/src/ValidateXml.cpp
@@ -112,7 +112,8 @@
return ::testing::AssertionFailure() << "Failed to parse xml\n" << context();
}
- if (xmlXIncludeProcess(doc.get()) == -1) {
+ // Process 'include' directives w/o modifying elements loaded from included files.
+ if (xmlXIncludeProcessFlags(doc.get(), XML_PARSE_NOBASEFIX) == -1) {
return ::testing::AssertionFailure() << "Failed to resolve xincludes in xml\n" << context();
}
diff --git a/audio/common/all-versions/test/utility/tests/utility_tests.cpp b/audio/common/all-versions/test/utility/tests/utility_tests.cpp
new file mode 100644
index 0000000..c523066
--- /dev/null
+++ b/audio/common/all-versions/test/utility/tests/utility_tests.cpp
@@ -0,0 +1,176 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <android-base/file.h>
+#include <gtest/gtest.h>
+
+#include <ValidateXml.h>
+
+using ::android::hardware::audio::common::test::utility::validateXml;
+
+const char* XSD_SOURCE =
+ "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+ "<xs:schema version=\"2.0\""
+ " elementFormDefault=\"qualified\""
+ " attributeFormDefault=\"unqualified\""
+ " xmlns:xs=\"http://www.w3.org/2001/XMLSchema\">"
+ " <xs:element name=\"audioPolicyConfiguration\">"
+ " <xs:complexType>"
+ " <xs:sequence>"
+ " <xs:element name=\"modules\">"
+ " <xs:complexType>"
+ " <xs:sequence>"
+ " <xs:element name=\"module\" maxOccurs=\"unbounded\">"
+ " <xs:complexType>"
+ " <xs:attribute name=\"name\" type=\"xs:string\" use=\"required\"/>"
+ " </xs:complexType>"
+ " </xs:element>"
+ " </xs:sequence>"
+ " </xs:complexType>"
+ " </xs:element>"
+ " </xs:sequence>"
+ " </xs:complexType>"
+ " </xs:element>"
+ "</xs:schema>";
+
+const char* INVALID_XML_SOURCE =
+ "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>"
+ "<audioPolicyKonfiguration />";
+
+const char* VALID_XML_SOURCE =
+ "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>"
+ "<audioPolicyConfiguration>"
+ " <modules>"
+ " <module name=\"aaa\" />"
+ " %s"
+ " </modules>"
+ "</audioPolicyConfiguration>";
+
+const char* MODULE_SOURCE = "<module name=\"bbb\" />";
+
+const char* XI_INCLUDE = "<xi:include xmlns:xi=\"http://www.w3.org/2001/XInclude\" href=\"%s\" />";
+
+const char* XML_INCLUDED_SOURCE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>%s";
+
+namespace {
+
+std::string substitute(const char* fmt, const char* param) {
+ std::string buffer(static_cast<size_t>(strlen(fmt) + strlen(param)), '\0');
+ snprintf(buffer.data(), buffer.size(), fmt, param);
+ return buffer;
+}
+
+std::string substitute(const char* fmt, const std::string& s) {
+ return substitute(fmt, s.c_str());
+}
+
+} // namespace
+
+TEST(ValidateXml, InvalidXml) {
+ TemporaryFile xml;
+ ASSERT_TRUE(android::base::WriteStringToFile(INVALID_XML_SOURCE, xml.path)) << strerror(errno);
+ TemporaryFile xsd;
+ ASSERT_TRUE(android::base::WriteStringToFile(XSD_SOURCE, xsd.path)) << strerror(errno);
+ EXPECT_FALSE(validateXml("xml", "xsd", xml.path, xsd.path));
+}
+
+TEST(ValidateXml, ValidXml) {
+ TemporaryFile xml;
+ ASSERT_TRUE(
+ android::base::WriteStringToFile(substitute(VALID_XML_SOURCE, MODULE_SOURCE), xml.path))
+ << strerror(errno);
+ TemporaryFile xsd;
+ ASSERT_TRUE(android::base::WriteStringToFile(XSD_SOURCE, xsd.path)) << strerror(errno);
+ EXPECT_TRUE(validateXml("xml", "xsd", xml.path, xsd.path));
+}
+
+TEST(ValidateXml, IncludeAbsolutePath) {
+ TemporaryFile xmlInclude;
+ ASSERT_TRUE(android::base::WriteStringToFile(substitute(XML_INCLUDED_SOURCE, MODULE_SOURCE),
+ xmlInclude.path))
+ << strerror(errno);
+ TemporaryFile xml;
+ ASSERT_TRUE(android::base::WriteStringToFile(
+ substitute(VALID_XML_SOURCE, substitute(XI_INCLUDE, xmlInclude.path)), xml.path))
+ << strerror(errno);
+ TemporaryFile xsd;
+ ASSERT_TRUE(android::base::WriteStringToFile(XSD_SOURCE, xsd.path)) << strerror(errno);
+ EXPECT_TRUE(validateXml("xml", "xsd", xml.path, xsd.path));
+}
+
+TEST(ValidateXml, IncludeSameDirRelativePath) {
+ TemporaryFile xmlInclude;
+ ASSERT_TRUE(android::base::WriteStringToFile(substitute(XML_INCLUDED_SOURCE, MODULE_SOURCE),
+ xmlInclude.path))
+ << strerror(errno);
+ TemporaryFile xml;
+ ASSERT_EQ(android::base::Dirname(xml.path), android::base::Dirname(xmlInclude.path));
+ ASSERT_TRUE(android::base::WriteStringToFile(
+ substitute(VALID_XML_SOURCE,
+ substitute(XI_INCLUDE, android::base::Basename(xmlInclude.path))),
+ xml.path))
+ << strerror(errno);
+ TemporaryFile xsd;
+ ASSERT_TRUE(android::base::WriteStringToFile(XSD_SOURCE, xsd.path)) << strerror(errno);
+ EXPECT_TRUE(validateXml("xml", "xsd", xml.path, xsd.path));
+}
+
+TEST(ValidateXml, IncludeSubdirRelativePath) {
+ TemporaryDir xmlIncludeDir;
+ TemporaryFile xmlInclude(xmlIncludeDir.path);
+ ASSERT_TRUE(android::base::WriteStringToFile(substitute(XML_INCLUDED_SOURCE, MODULE_SOURCE),
+ xmlInclude.path))
+ << strerror(errno);
+ TemporaryFile xml;
+ ASSERT_EQ(android::base::Dirname(xml.path), android::base::Dirname(xmlIncludeDir.path));
+ ASSERT_TRUE(android::base::WriteStringToFile(
+ substitute(VALID_XML_SOURCE,
+ substitute(XI_INCLUDE, android::base::Basename(xmlIncludeDir.path) + "/" +
+ android::base::Basename(xmlInclude.path))),
+ xml.path))
+ << strerror(errno);
+ TemporaryFile xsd;
+ ASSERT_TRUE(android::base::WriteStringToFile(XSD_SOURCE, xsd.path)) << strerror(errno);
+ EXPECT_TRUE(validateXml("xml", "xsd", xml.path, xsd.path));
+}
+
+TEST(ValidateXml, IncludeParentDirRelativePath) {
+ // An XML file from a subdirectory includes a file from the parent directory using '..' syntax.
+ TemporaryFile xmlInclude;
+ ASSERT_TRUE(android::base::WriteStringToFile(substitute(XML_INCLUDED_SOURCE, MODULE_SOURCE),
+ xmlInclude.path))
+ << strerror(errno);
+ TemporaryDir xmlIncludeDir;
+ TemporaryFile xmlParentInclude(xmlIncludeDir.path);
+ ASSERT_TRUE(android::base::WriteStringToFile(
+ substitute(XML_INCLUDED_SOURCE,
+ substitute(XI_INCLUDE, "../" + android::base::Basename(xmlInclude.path))),
+ xmlParentInclude.path))
+ << strerror(errno);
+ TemporaryFile xml;
+ ASSERT_EQ(android::base::Dirname(xml.path), android::base::Dirname(xmlInclude.path));
+ ASSERT_EQ(android::base::Dirname(xml.path), android::base::Dirname(xmlIncludeDir.path));
+ ASSERT_TRUE(android::base::WriteStringToFile(
+ substitute(
+ VALID_XML_SOURCE,
+ substitute(XI_INCLUDE, android::base::Basename(xmlIncludeDir.path) + "/" +
+ android::base::Basename(xmlParentInclude.path))),
+ xml.path))
+ << strerror(errno);
+ TemporaryFile xsd;
+ ASSERT_TRUE(android::base::WriteStringToFile(XSD_SOURCE, xsd.path)) << strerror(errno);
+ EXPECT_TRUE(validateXml("xml", "xsd", xml.path, xsd.path));
+}
diff --git a/audio/core/all-versions/OWNERS b/audio/core/all-versions/OWNERS
index 6fdc97c..f9a2d6b 100644
--- a/audio/core/all-versions/OWNERS
+++ b/audio/core/all-versions/OWNERS
@@ -1,3 +1,3 @@
+# Bug component: 48436
elaurent@google.com
-krocard@google.com
mnaganov@google.com
diff --git a/audio/core/all-versions/default/Android.bp b/audio/core/all-versions/default/Android.bp
index 615655d..27ec17c 100644
--- a/audio/core/all-versions/default/Android.bp
+++ b/audio/core/all-versions/default/Android.bp
@@ -55,7 +55,6 @@
header_libs: [
"android.hardware.audio-impl_headers",
"android.hardware.audio.common.util@all-versions",
- "libaudioclient_headers",
"libaudioutils_headers",
"libaudio_system_headers",
"libhardware_headers",
@@ -137,8 +136,8 @@
defaults: ["android.hardware.audio@6.0-impl_default"],
}
-cc_library_shared {
- name: "android.hardware.audio@7.0-impl",
+cc_defaults {
+ name: "android.hardware.audio@7.0-impl_default",
defaults: ["android.hardware.audio-impl_default"],
shared_libs: [
"android.hardware.audio@7.0",
@@ -154,3 +153,8 @@
"-include common/all-versions/VersionMacro.h",
],
}
+
+cc_library_shared {
+ name: "android.hardware.audio@7.0-impl",
+ defaults: ["android.hardware.audio@7.0-impl_default"],
+}
diff --git a/audio/core/all-versions/default/StreamIn.cpp b/audio/core/all-versions/default/StreamIn.cpp
index 599f3c3..17621a9 100644
--- a/audio/core/all-versions/default/StreamIn.cpp
+++ b/audio/core/all-versions/default/StreamIn.cpp
@@ -412,9 +412,9 @@
}
// Create and launch the thread.
- auto tempReadThread =
- std::make_unique<ReadThread>(&mStopReadThread, mStream, tempCommandMQ.get(),
- tempDataMQ.get(), tempStatusMQ.get(), tempElfGroup.get());
+ sp<ReadThread> tempReadThread =
+ new ReadThread(&mStopReadThread, mStream, tempCommandMQ.get(), tempDataMQ.get(),
+ tempStatusMQ.get(), tempElfGroup.get());
if (!tempReadThread->init()) {
ALOGW("failed to start reader thread: %s", strerror(-status));
sendError(Result::INVALID_ARGUMENTS);
@@ -430,7 +430,7 @@
mCommandMQ = std::move(tempCommandMQ);
mDataMQ = std::move(tempDataMQ);
mStatusMQ = std::move(tempStatusMQ);
- mReadThread = tempReadThread.release();
+ mReadThread = tempReadThread;
mEfGroup = tempElfGroup.release();
#if MAJOR_VERSION <= 6
threadInfo.pid = getpid();
diff --git a/audio/core/all-versions/default/StreamOut.cpp b/audio/core/all-versions/default/StreamOut.cpp
index 4fe6601..c23922d 100644
--- a/audio/core/all-versions/default/StreamOut.cpp
+++ b/audio/core/all-versions/default/StreamOut.cpp
@@ -398,9 +398,9 @@
}
// Create and launch the thread.
- auto tempWriteThread =
- std::make_unique<WriteThread>(&mStopWriteThread, mStream, tempCommandMQ.get(),
- tempDataMQ.get(), tempStatusMQ.get(), tempElfGroup.get());
+ sp<WriteThread> tempWriteThread =
+ new WriteThread(&mStopWriteThread, mStream, tempCommandMQ.get(), tempDataMQ.get(),
+ tempStatusMQ.get(), tempElfGroup.get());
if (!tempWriteThread->init()) {
ALOGW("failed to start writer thread: %s", strerror(-status));
sendError(Result::INVALID_ARGUMENTS);
@@ -416,7 +416,7 @@
mCommandMQ = std::move(tempCommandMQ);
mDataMQ = std::move(tempDataMQ);
mStatusMQ = std::move(tempStatusMQ);
- mWriteThread = tempWriteThread.release();
+ mWriteThread = tempWriteThread;
mEfGroup = tempElfGroup.release();
#if MAJOR_VERSION <= 6
threadInfo.pid = getpid();
diff --git a/audio/core/all-versions/vts/functional/4.0/AudioPrimaryHidlHalTest.cpp b/audio/core/all-versions/vts/functional/4.0/AudioPrimaryHidlHalTest.cpp
index b96cc83..28bcd0b 100644
--- a/audio/core/all-versions/vts/functional/4.0/AudioPrimaryHidlHalTest.cpp
+++ b/audio/core/all-versions/vts/functional/4.0/AudioPrimaryHidlHalTest.cpp
@@ -53,6 +53,11 @@
GTEST_SKIP() << "getMicrophones is not supported"; // returns
}
ASSERT_OK(res);
+
+#if MAJOR_VERSION <= 6
+ // In V7, 'getActiveMicrophones' is tested by the 'MicrophoneInfoInputStream'
+ // test which uses the actual configuration of the device.
+
if (microphones.size() > 0) {
// When there is microphone on the phone, try to open an input stream
// and query for the active microphones.
@@ -60,30 +65,13 @@
"Make sure getMicrophones always succeeds"
"and getActiveMicrophones always succeeds when recording from these microphones.");
AudioConfig config{};
-#if MAJOR_VERSION <= 6
config.channelMask = mkEnumBitfield(AudioChannelMask::IN_MONO);
config.sampleRateHz = 8000;
config.format = AudioFormat::PCM_16_BIT;
auto flags = hidl_bitfield<AudioInputFlag>(AudioInputFlag::NONE);
const SinkMetadata initMetadata = {{{.source = AudioSource::MIC, .gain = 1}}};
-#elif MAJOR_VERSION >= 7
- config.base.channelMask = toString(xsd::AudioChannelMask::AUDIO_CHANNEL_IN_MONO);
- config.base.sampleRateHz = 8000;
- config.base.format = toString(xsd::AudioFormat::AUDIO_FORMAT_PCM_16_BIT);
- hidl_vec<hidl_string> flags;
- const SinkMetadata initMetadata = {
- {{.source = toString(xsd::AudioSource::AUDIO_SOURCE_MIC),
- .gain = 1,
- .tags = {},
- .channelMask = toString(xsd::AudioChannelMask::AUDIO_CHANNEL_IN_MONO)}}};
-#endif
for (auto microphone : microphones) {
-#if MAJOR_VERSION <= 6
if (microphone.deviceAddress.device != AudioDevice::IN_BUILTIN_MIC) {
-#elif MAJOR_VERSION >= 7
- if (xsd::stringToAudioDevice(microphone.deviceAddress.deviceType) !=
- xsd::AudioDevice::AUDIO_DEVICE_IN_BUILTIN_MIC) {
-#endif
continue;
}
sp<IStreamIn> stream;
@@ -106,6 +94,7 @@
EXPECT_NE(0U, activeMicrophones.size());
}
}
+#endif // MAJOR_VERSION <= 6
}
TEST_P(AudioHidlDeviceTest, SetConnectedState) {
diff --git a/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp b/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
index 0b3098b..0cc6a5b 100644
--- a/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
+++ b/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
@@ -839,3 +839,64 @@
::testing::ValuesIn(getInputDevicePcmOnlyConfigParameters()),
&DeviceConfigParameterToString);
GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(PcmOnlyConfigInputStreamTest);
+
+static const std::vector<DeviceConfigParameter>& getBuiltinMicConfigParameters() {
+ static const std::vector<DeviceConfigParameter> parameters = [] {
+ auto allParams = getInputDeviceConfigParameters();
+ std::vector<DeviceConfigParameter> builtinMicParams;
+ std::copy_if(allParams.begin(), allParams.end(), std::back_inserter(builtinMicParams),
+ [](auto cfg) {
+ // The built in mic may participate in various scenarios:
+ // FAST, HW_HOTWORD, MMAP NOIRQ, which are indicated by flags.
+ // We are only interested in testing the simplest scenario w/o any flags.
+ if (!std::get<PARAM_FLAGS>(cfg).empty()) return false;
+ auto maybeSourceDevice = getCachedPolicyConfig().getSourceDeviceForMixPort(
+ std::get<PARAM_DEVICE_NAME>(std::get<PARAM_DEVICE>(cfg)),
+ std::get<PARAM_PORT_NAME>(cfg));
+ return maybeSourceDevice.has_value() &&
+ xsd::stringToAudioDevice(maybeSourceDevice.value().deviceType) ==
+ xsd::AudioDevice::AUDIO_DEVICE_IN_BUILTIN_MIC;
+ });
+ return builtinMicParams;
+ }();
+ return parameters;
+}
+
+class MicrophoneInfoInputStreamTest : public InputStreamTest {};
+
+TEST_P(MicrophoneInfoInputStreamTest, GetActiveMicrophones) {
+ doc::test(
+ "Make sure getActiveMicrophones always succeeds when recording "
+ "from the built-in microphone.");
+ hidl_vec<MicrophoneInfo> microphones;
+ ASSERT_OK(getDevice()->getMicrophones(returnIn(res, microphones)));
+ if (res == Result::NOT_SUPPORTED) {
+ GTEST_SKIP() << "getMicrophones is not supported"; // returns
+ }
+ ASSERT_OK(res);
+
+ auto maybeSourceAddress =
+ getCachedPolicyConfig().getSourceDeviceForMixPort(getDeviceName(), getMixPortName());
+ ASSERT_TRUE(maybeSourceAddress.has_value())
+ << "No source device found for mix port " << getMixPortName() << " (module "
+ << getDeviceName() << ")";
+
+ for (auto microphone : microphones) {
+ if (microphone.deviceAddress == maybeSourceAddress.value()) {
+ StreamReader reader(stream.get(), stream->getBufferSize());
+ ASSERT_TRUE(reader.start());
+ reader.pause(); // This ensures that at least one read has happened.
+ EXPECT_FALSE(reader.hasError());
+
+ hidl_vec<MicrophoneInfo> activeMicrophones;
+ ASSERT_OK(stream->getActiveMicrophones(returnIn(res, activeMicrophones)));
+ ASSERT_OK(res);
+ EXPECT_NE(0U, activeMicrophones.size());
+ }
+ }
+}
+
+INSTANTIATE_TEST_CASE_P(MicrophoneInfoInputStream, MicrophoneInfoInputStreamTest,
+ ::testing::ValuesIn(getBuiltinMicConfigParameters()),
+ &DeviceConfigParameterToString);
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(MicrophoneInfoInputStreamTest);
diff --git a/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h b/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
index aa7fd8e..340903a 100644
--- a/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
+++ b/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
@@ -1390,6 +1390,9 @@
config.channelMask.value(channelMask);
auto ret = stream->setAudioProperties(config);
EXPECT_TRUE(ret.isOk());
+ if (ret == Result::NOT_SUPPORTED) {
+ GTEST_SKIP() << "setAudioProperties is not supported";
+ }
EXPECT_EQ(Result::OK, ret)
<< profile.format << "; " << sampleRate << "; " << channelMask;
}
diff --git a/audio/core/all-versions/vts/functional/OWNERS b/audio/core/all-versions/vts/functional/OWNERS
new file mode 100644
index 0000000..448d9fe
--- /dev/null
+++ b/audio/core/all-versions/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 48436
+mnaganov@google.com
diff --git a/audio/effect/all-versions/OWNERS b/audio/effect/all-versions/OWNERS
index 24071af..f9a2d6b 100644
--- a/audio/effect/all-versions/OWNERS
+++ b/audio/effect/all-versions/OWNERS
@@ -1,2 +1,3 @@
+# Bug component: 48436
elaurent@google.com
mnaganov@google.com
diff --git a/audio/effect/all-versions/default/Android.bp b/audio/effect/all-versions/default/Android.bp
index 6df9dbf..1e01ffb 100644
--- a/audio/effect/all-versions/default/Android.bp
+++ b/audio/effect/all-versions/default/Android.bp
@@ -45,7 +45,6 @@
header_libs: [
"android.hardware.audio.common.util@all-versions",
"libaudio_system_headers",
- "libaudioclient_headers",
"libeffects_headers",
"libhardware_headers",
"libmedia_headers",
diff --git a/audio/effect/all-versions/vts/functional/OWNERS b/audio/effect/all-versions/vts/functional/OWNERS
new file mode 100644
index 0000000..448d9fe
--- /dev/null
+++ b/audio/effect/all-versions/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 48436
+mnaganov@google.com
diff --git a/authsecret/aidl/default/Android.bp b/authsecret/aidl/default/Android.bp
index a6c0bc4..7ce83fd 100644
--- a/authsecret/aidl/default/Android.bp
+++ b/authsecret/aidl/default/Android.bp
@@ -34,7 +34,7 @@
"AuthSecret.cpp",
],
shared_libs: [
- "android.hardware.authsecret-V1-ndk_platform",
+ "android.hardware.authsecret-V1-ndk",
"libbase",
"libbinder_ndk",
],
diff --git a/authsecret/aidl/vts/Android.bp b/authsecret/aidl/vts/Android.bp
index dca7046..5ec9947 100644
--- a/authsecret/aidl/vts/Android.bp
+++ b/authsecret/aidl/vts/Android.bp
@@ -30,7 +30,7 @@
"use_libaidlvintf_gtest_helper_static",
],
srcs: ["VtsHalAuthSecretTargetTest.cpp"],
- static_libs: ["android.hardware.authsecret-V1-ndk_platform"],
+ static_libs: ["android.hardware.authsecret-V1-ndk"],
shared_libs: ["libbinder_ndk"],
test_suites: [
"general-tests",
diff --git a/automotive/evs/1.0/vts/functional/OWNERS b/automotive/evs/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..ea4b613
--- /dev/null
+++ b/automotive/evs/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 853002
+changyeon@google.com
diff --git a/automotive/evs/1.1/vts/functional/OWNERS b/automotive/evs/1.1/vts/functional/OWNERS
new file mode 100644
index 0000000..ea4b613
--- /dev/null
+++ b/automotive/evs/1.1/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 853002
+changyeon@google.com
diff --git a/automotive/occupant_awareness/aidl/default/Android.bp b/automotive/occupant_awareness/aidl/default/Android.bp
index 4db43bb..66af9de 100644
--- a/automotive/occupant_awareness/aidl/default/Android.bp
+++ b/automotive/occupant_awareness/aidl/default/Android.bp
@@ -36,6 +36,6 @@
"libbase",
"libbinder_ndk",
"libutils",
- "android.hardware.automotive.occupant_awareness-V1-ndk_platform",
+ "android.hardware.automotive.occupant_awareness-V1-ndk",
],
}
diff --git a/automotive/occupant_awareness/aidl/mock/Android.bp b/automotive/occupant_awareness/aidl/mock/Android.bp
index 275eb22..b804622 100644
--- a/automotive/occupant_awareness/aidl/mock/Android.bp
+++ b/automotive/occupant_awareness/aidl/mock/Android.bp
@@ -36,6 +36,6 @@
"libbase",
"libbinder_ndk",
"libutils",
- "android.hardware.automotive.occupant_awareness-V1-ndk_platform",
+ "android.hardware.automotive.occupant_awareness-V1-ndk",
],
}
diff --git a/automotive/vehicle/2.0/default/Android.bp b/automotive/vehicle/2.0/default/Android.bp
index c13efde..b0e60ef 100644
--- a/automotive/vehicle/2.0/default/Android.bp
+++ b/automotive/vehicle/2.0/default/Android.bp
@@ -41,7 +41,7 @@
defaults: ["vhal_v2_0_defaults"],
shared_libs: [
"libbinder_ndk",
- "carwatchdog_aidl_interface-V2-ndk_platform",
+ "carwatchdog_aidl_interface-V2-ndk",
],
}
diff --git a/biometrics/face/1.0/vts/functional/OWNERS b/biometrics/face/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..7651b69
--- /dev/null
+++ b/biometrics/face/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 432605
+ilyamaty@google.com
diff --git a/bluetooth/1.0/default/Android.bp b/bluetooth/1.0/default/Android.bp
index 70a42b7..ee368fd 100644
--- a/bluetooth/1.0/default/Android.bp
+++ b/bluetooth/1.0/default/Android.bp
@@ -22,7 +22,7 @@
default_applicable_licenses: ["hardware_interfaces_license"],
}
-cc_library_shared {
+cc_library {
name: "android.hardware.bluetooth@1.0-impl",
defaults: ["hidl_defaults"],
vendor: true,
diff --git a/bluetooth/1.0/vts/functional/OWNERS b/bluetooth/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..7f02612
--- /dev/null
+++ b/bluetooth/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 27441
+bluetooth-reviews@google.com
diff --git a/bluetooth/audio/2.0/default/A2dpSoftwareAudioProvider.cpp b/bluetooth/audio/2.0/default/A2dpSoftwareAudioProvider.cpp
index f71a73e..0c0b85f 100644
--- a/bluetooth/audio/2.0/default/A2dpSoftwareAudioProvider.cpp
+++ b/bluetooth/audio/2.0/default/A2dpSoftwareAudioProvider.cpp
@@ -32,10 +32,14 @@
using ::android::bluetooth::audio::BluetoothAudioSessionReport;
using ::android::hardware::Void;
+// Here the buffer size is based on SBC
static constexpr uint32_t kPcmFrameSize = 4; // 16 bits per sample / stereo
-static constexpr uint32_t kPcmFrameCount = 128;
+// SBC is 128, and here choose the LCM of 16, 24, and 32
+static constexpr uint32_t kPcmFrameCount = 96;
static constexpr uint32_t kRtpFrameSize = kPcmFrameSize * kPcmFrameCount;
-static constexpr uint32_t kRtpFrameCount = 7; // max counts by 1 tick (20ms)
+// The max counts by 1 tick (20ms) for SBC is about 7. Since using 96 for the
+// PCM counts, here we just choose a greater number
+static constexpr uint32_t kRtpFrameCount = 10;
static constexpr uint32_t kBufferSize = kRtpFrameSize * kRtpFrameCount;
static constexpr uint32_t kBufferCount = 2; // double buffer
static constexpr uint32_t kDataMqSize = kBufferSize * kBufferCount;
diff --git a/bluetooth/audio/2.1/default/A2dpSoftwareAudioProvider.cpp b/bluetooth/audio/2.1/default/A2dpSoftwareAudioProvider.cpp
index a37176b..4928cea 100644
--- a/bluetooth/audio/2.1/default/A2dpSoftwareAudioProvider.cpp
+++ b/bluetooth/audio/2.1/default/A2dpSoftwareAudioProvider.cpp
@@ -34,10 +34,14 @@
using ::android::hardware::Void;
using ::android::hardware::bluetooth::audio::V2_0::AudioConfiguration;
+// Here the buffer size is based on SBC
static constexpr uint32_t kPcmFrameSize = 4; // 16 bits per sample / stereo
-static constexpr uint32_t kPcmFrameCount = 128;
+// SBC is 128, and here we choose the LCM of 16, 24, and 32
+static constexpr uint32_t kPcmFrameCount = 96;
static constexpr uint32_t kRtpFrameSize = kPcmFrameSize * kPcmFrameCount;
-static constexpr uint32_t kRtpFrameCount = 7; // max counts by 1 tick (20ms)
+// The max counts by 1 tick (20ms) for SBC is about 7. Since using 96 for the
+// PCM counts, here we just choose a greater number
+static constexpr uint32_t kRtpFrameCount = 10;
static constexpr uint32_t kBufferSize = kRtpFrameSize * kRtpFrameCount;
static constexpr uint32_t kBufferCount = 2; // double buffer
static constexpr uint32_t kDataMqSize = kBufferSize * kBufferCount;
diff --git a/broadcastradio/2.0/vts/functional/OWNERS b/broadcastradio/2.0/vts/functional/OWNERS
new file mode 100644
index 0000000..2c21c25
--- /dev/null
+++ b/broadcastradio/2.0/vts/functional/OWNERS
@@ -0,0 +1,3 @@
+# Bug component: 533946
+oscarazu@google.com
+keunyoung@google.com
diff --git a/broadcastradio/common/vts/utils/Android.bp b/broadcastradio/common/vts/utils/Android.bp
index e08813b..dd48db3 100644
--- a/broadcastradio/common/vts/utils/Android.bp
+++ b/broadcastradio/common/vts/utils/Android.bp
@@ -34,5 +34,4 @@
"-Wextra",
"-Werror",
],
- group_static_libs: true,
}
diff --git a/camera/provider/2.4/default/LegacyCameraProviderImpl_2_4.cpp b/camera/provider/2.4/default/LegacyCameraProviderImpl_2_4.cpp
index 4cff1b7..7c3b982 100644
--- a/camera/provider/2.4/default/LegacyCameraProviderImpl_2_4.cpp
+++ b/camera/provider/2.4/default/LegacyCameraProviderImpl_2_4.cpp
@@ -450,7 +450,9 @@
const sp<ICameraProviderCallback>& callback) {
Mutex::Autolock _l(mCbLock);
mCallbacks = callback;
-
+ if (mCallbacks == nullptr) {
+ return Status::OK;
+ }
// Add and report all presenting external cameras.
for (auto const& statusPair : mCameraStatusMap) {
int id = std::stoi(statusPair.first);
diff --git a/camera/provider/2.4/vts/functional/OWNERS b/camera/provider/2.4/vts/functional/OWNERS
new file mode 100644
index 0000000..479f465
--- /dev/null
+++ b/camera/provider/2.4/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 41727
+epeev@google.com
diff --git a/cas/1.0/vts/functional/OWNERS b/cas/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..aec93b0
--- /dev/null
+++ b/cas/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 1344
+quxiangfang@google.com
diff --git a/common/fmq/aidl/Android.bp b/common/fmq/aidl/Android.bp
index 1ab724f..570d02d 100644
--- a/common/fmq/aidl/Android.bp
+++ b/common/fmq/aidl/Android.bp
@@ -19,12 +19,13 @@
"android/hardware/common/fmq/*.aidl",
],
imports: [
- "android.hardware.common",
+ "android.hardware.common-V2",
],
stability: "vintf",
backend: {
java: {
- enabled: false,
+ sdk_version: "module_current",
+ srcs_available: true,
},
cpp: {
enabled: false,
diff --git a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/GrantorDescriptor.aidl b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/GrantorDescriptor.aidl
index cf7048b..0430c6e 100644
--- a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/GrantorDescriptor.aidl
+++ b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/GrantorDescriptor.aidl
@@ -32,6 +32,7 @@
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.common.fmq;
+/* @hide */
@VintfStability
parcelable GrantorDescriptor {
int fdIndex;
diff --git a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/MQDescriptor.aidl b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/MQDescriptor.aidl
index add4b64..ab3af0f 100644
--- a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/MQDescriptor.aidl
+++ b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/MQDescriptor.aidl
@@ -32,6 +32,7 @@
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.common.fmq;
+/* @hide */
@VintfStability
parcelable MQDescriptor<T, Flavor> {
android.hardware.common.fmq.GrantorDescriptor[] grantors;
diff --git a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/SynchronizedReadWrite.aidl b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/SynchronizedReadWrite.aidl
index 12c61ba..72bab1c 100644
--- a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/SynchronizedReadWrite.aidl
+++ b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/SynchronizedReadWrite.aidl
@@ -32,6 +32,7 @@
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.common.fmq;
+/* @hide */
@VintfStability
enum SynchronizedReadWrite {
EMPTY = 0,
diff --git a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/UnsynchronizedWrite.aidl b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/UnsynchronizedWrite.aidl
index f99528d..f308688 100644
--- a/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/UnsynchronizedWrite.aidl
+++ b/common/fmq/aidl/aidl_api/android.hardware.common.fmq/current/android/hardware/common/fmq/UnsynchronizedWrite.aidl
@@ -32,6 +32,7 @@
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.common.fmq;
+/* @hide */
@VintfStability
enum UnsynchronizedWrite {
EMPTY = 0,
diff --git a/common/fmq/aidl/android/hardware/common/fmq/GrantorDescriptor.aidl b/common/fmq/aidl/android/hardware/common/fmq/GrantorDescriptor.aidl
index 672415e..c6ca470 100644
--- a/common/fmq/aidl/android/hardware/common/fmq/GrantorDescriptor.aidl
+++ b/common/fmq/aidl/android/hardware/common/fmq/GrantorDescriptor.aidl
@@ -18,6 +18,7 @@
/*
* Included in MQDescriptor, for use with libfmq.
+ * @hide
*/
@VintfStability
parcelable GrantorDescriptor {
diff --git a/common/fmq/aidl/android/hardware/common/fmq/MQDescriptor.aidl b/common/fmq/aidl/android/hardware/common/fmq/MQDescriptor.aidl
index 46622f0..f2fcb31 100644
--- a/common/fmq/aidl/android/hardware/common/fmq/MQDescriptor.aidl
+++ b/common/fmq/aidl/android/hardware/common/fmq/MQDescriptor.aidl
@@ -26,6 +26,7 @@
* T - is used to specify the type of the payload
* Flavor - is used to specify the type of the queue using
* android.hardware.common.SynchronizedReadWrite or UnsynchronizedWrite
+ * @hide
*/
@VintfStability
parcelable MQDescriptor<T, Flavor> {
diff --git a/common/fmq/aidl/android/hardware/common/fmq/SynchronizedReadWrite.aidl b/common/fmq/aidl/android/hardware/common/fmq/SynchronizedReadWrite.aidl
index 8c33442..8b1d0a1 100644
--- a/common/fmq/aidl/android/hardware/common/fmq/SynchronizedReadWrite.aidl
+++ b/common/fmq/aidl/android/hardware/common/fmq/SynchronizedReadWrite.aidl
@@ -20,6 +20,7 @@
* For use with android.hardware.common.MQDescriptor to specify which type of
* queue to use. SynchronizedReadWrite is single reader, single writer, with no
* overflow. All messages written need to be read.
+ * @hide
*/
@VintfStability
enum SynchronizedReadWrite {
diff --git a/common/fmq/aidl/android/hardware/common/fmq/UnsynchronizedWrite.aidl b/common/fmq/aidl/android/hardware/common/fmq/UnsynchronizedWrite.aidl
index 24c4cce..5fe48c8 100644
--- a/common/fmq/aidl/android/hardware/common/fmq/UnsynchronizedWrite.aidl
+++ b/common/fmq/aidl/android/hardware/common/fmq/UnsynchronizedWrite.aidl
@@ -20,6 +20,7 @@
* For use with android.hardware.common.MQDescriptor to specify which type of
* queue to use. UnsynchronizedWrite is single writer, multiple reader, with
* overflow. If messages are not read fast enough, they can be overwritten.
+ * @hide
*/
@VintfStability
enum UnsynchronizedWrite {
diff --git a/common/support/Android.bp b/common/support/Android.bp
index 730798d..b24893b 100644
--- a/common/support/Android.bp
+++ b/common/support/Android.bp
@@ -15,7 +15,7 @@
srcs: ["NativeHandle.cpp"],
export_include_dirs: ["include"],
shared_libs: [
- "android.hardware.common-V2-ndk_platform",
+ "android.hardware.common-V2-ndk",
"libcutils",
],
apex_available: [
@@ -31,7 +31,7 @@
defaults: ["libbinder_ndk_host_user"],
srcs: ["test.cpp"],
static_libs: [
- "android.hardware.common-V2-ndk_platform",
+ "android.hardware.common-V2-ndk",
"libaidlcommonsupport",
],
shared_libs: [
diff --git a/compatibility_matrices/Android.bp b/compatibility_matrices/Android.bp
index da55347..a59be21 100644
--- a/compatibility_matrices/Android.bp
+++ b/compatibility_matrices/Android.bp
@@ -80,8 +80,6 @@
"compatibility_matrix.current.xml",
],
kernel_configs: [
- "kernel_config_current_4.19",
- "kernel_config_current_5.4",
"kernel_config_current_5.10",
],
}
diff --git a/compatibility_matrices/compatibility_matrix.current.xml b/compatibility_matrices/compatibility_matrix.current.xml
index 0b779ee..c88530a 100644
--- a/compatibility_matrices/compatibility_matrix.current.xml
+++ b/compatibility_matrices/compatibility_matrix.current.xml
@@ -611,6 +611,14 @@
<instance>default</instance>
</interface>
</hal>
+ <hal format="aidl" optional="true">
+ <name>android.hardware.wifi.hostapd</name>
+ <version>1</version>
+ <interface>
+ <name>IHostapd</name>
+ <instance>default</instance>
+ </interface>
+ </hal>
<hal format="hidl" optional="true">
<name>android.hardware.wifi.supplicant</name>
<version>1.2-3</version>
diff --git a/current.txt b/current.txt
index 88b067d..f58358f 100644
--- a/current.txt
+++ b/current.txt
@@ -828,7 +828,7 @@
3e8866987de4ecb48807c09d4c88ec38365930a22415f1b74edf8b14da17846b android.hardware.radio@1.6::IRadio
715789427a44cc78f9d123b0ceb9e035e4ac2b1049501337c23a512e85b87850 android.hardware.radio@1.6::IRadioIndication
2e9c08c4bc9539d8da28d7de33500f87148f7fa2e377238ee898b41752ac4f29 android.hardware.radio@1.6::IRadioResponse
-6475887a9cd5cc8cb803e3a78956d84d7a5fde571407ede2396f3ea5e0c0d3ad android.hardware.radio@1.6::types
+278e1997a379f2e93f0b7743c5bb28afb0cd6922915a760d58c2dd8177fde6ee android.hardware.radio@1.6::types
f22813615be1445ddd817655c054fc69dc9efea56c9035cd0757f3cbed190641 android.hardware.radio.config@1.3::IRadioConfig
c9ad18729268593d14681d88ffad1c97e707444a45e1b4ed804dab949edbd84f android.hardware.radio.config@1.3::IRadioConfigResponse
78dcb9a6975e8b377cb90bbe952078162960941468c992dcd2e1830a477b8c03 android.hardware.radio.config@1.3::types
diff --git a/gnss/1.0/vts/functional/OWNERS b/gnss/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..b831eb4
--- /dev/null
+++ b/gnss/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 393449
+yuhany@google.com
diff --git a/gnss/1.1/vts/functional/OWNERS b/gnss/1.1/vts/functional/OWNERS
new file mode 100644
index 0000000..b831eb4
--- /dev/null
+++ b/gnss/1.1/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 393449
+yuhany@google.com
diff --git a/gnss/2.0/vts/functional/OWNERS b/gnss/2.0/vts/functional/OWNERS
new file mode 100644
index 0000000..b831eb4
--- /dev/null
+++ b/gnss/2.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 393449
+yuhany@google.com
diff --git a/gnss/2.1/vts/functional/OWNERS b/gnss/2.1/vts/functional/OWNERS
new file mode 100644
index 0000000..b831eb4
--- /dev/null
+++ b/gnss/2.1/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 393449
+yuhany@google.com
diff --git a/graphics/common/aidl/Android.bp b/graphics/common/aidl/Android.bp
index cadd13c..2a7adce 100644
--- a/graphics/common/aidl/Android.bp
+++ b/graphics/common/aidl/Android.bp
@@ -21,7 +21,7 @@
],
stability: "vintf",
imports: [
- "android.hardware.common",
+ "android.hardware.common-V2",
],
backend: {
java: {
diff --git a/graphics/mapper/4.0/vts/functional/Android.bp b/graphics/mapper/4.0/vts/functional/Android.bp
index 11ebdc5..032bc0f 100644
--- a/graphics/mapper/4.0/vts/functional/Android.bp
+++ b/graphics/mapper/4.0/vts/functional/Android.bp
@@ -28,7 +28,7 @@
defaults: ["VtsHalTargetTestDefaults"],
srcs: ["VtsHalGraphicsMapperV4_0TargetTest.cpp"],
static_libs: [
- "android.hardware.graphics.common-V2-ndk_platform",
+ "android.hardware.graphics.common-V2-ndk",
"android.hardware.graphics.mapper@4.0-vts",
"libgralloctypes",
"libsync",
diff --git a/health/2.0/vts/OWNERS b/health/2.0/vts/OWNERS
index 4024ec0..9f96f51 100644
--- a/health/2.0/vts/OWNERS
+++ b/health/2.0/vts/OWNERS
@@ -1,5 +1,3 @@
+# Bug component: 30545
elsk@google.com
sspatil@google.com
-
-# VTS team
-yim@google.com
diff --git a/health/storage/1.0/vts/functional/OWNERS b/health/storage/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..8f66979
--- /dev/null
+++ b/health/storage/1.0/vts/functional/OWNERS
@@ -0,0 +1,3 @@
+# Bug component: 30545
+elsk@google.com
+jaegeuk@google.com
diff --git a/health/storage/aidl/default/Android.bp b/health/storage/aidl/default/Android.bp
index 819b885..7cfabb0 100644
--- a/health/storage/aidl/default/Android.bp
+++ b/health/storage/aidl/default/Android.bp
@@ -29,7 +29,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.health.storage-V1-ndk_platform",
+ "android.hardware.health.storage-V1-ndk",
],
static_libs: [
"libfstab",
diff --git a/health/storage/aidl/vts/functional/Android.bp b/health/storage/aidl/vts/functional/Android.bp
index be3eac7..fe15170 100644
--- a/health/storage/aidl/vts/functional/Android.bp
+++ b/health/storage/aidl/vts/functional/Android.bp
@@ -34,7 +34,7 @@
"libbinder_ndk",
],
static_libs: [
- "android.hardware.health.storage-V1-ndk_platform",
+ "android.hardware.health.storage-V1-ndk",
],
header_libs: [
"libhealth_storage_test_common_headers",
diff --git a/health/utils/libhealth2impl/BinderHealth.cpp b/health/utils/libhealth2impl/BinderHealth.cpp
index 625d0e0..8ec8962 100644
--- a/health/utils/libhealth2impl/BinderHealth.cpp
+++ b/health/utils/libhealth2impl/BinderHealth.cpp
@@ -35,10 +35,9 @@
namespace V2_1 {
namespace implementation {
-bool IsDeadObjectLogged(const Return<void>& ret) {
+bool IsDeadObject(const Return<void>& ret) {
if (ret.isOk()) return false;
if (ret.isDeadObject()) return true;
- LOG(ERROR) << "Cannot call healthInfoChanged* on callback: " << ret.description();
return false;
}
@@ -77,7 +76,7 @@
return;
}
auto ret = wrapped->Notify(health_info);
- if (IsDeadObjectLogged(ret)) {
+ if (IsDeadObject(ret)) {
// Remove callback reference.
std::lock_guard<decltype(callbacks_lock_)> lock(callbacks_lock_);
auto it = std::find_if(callbacks_.begin(), callbacks_.end(),
@@ -133,7 +132,7 @@
std::unique_lock<decltype(callbacks_lock_)> lock(callbacks_lock_);
for (auto it = callbacks_.begin(); it != callbacks_.end();) {
auto ret = (*it)->Notify(health_info);
- if (IsDeadObjectLogged(ret)) {
+ if (IsDeadObject(ret)) {
it = callbacks_.erase(it);
} else {
++it;
diff --git a/identity/aidl/default/Android.bp b/identity/aidl/default/Android.bp
index 28c4893..3de8d30 100644
--- a/identity/aidl/default/Android.bp
+++ b/identity/aidl/default/Android.bp
@@ -39,8 +39,8 @@
"libsoft_attestation_cert",
"libpuresoftkeymasterdevice",
"android.hardware.identity-support-lib",
- "android.hardware.identity-V3-ndk_platform",
- "android.hardware.keymaster-V3-ndk_platform",
+ "android.hardware.identity-V3-ndk",
+ "android.hardware.keymaster-V3-ndk",
],
}
@@ -100,8 +100,8 @@
"libsoft_attestation_cert",
"libpuresoftkeymasterdevice",
"android.hardware.identity-support-lib",
- "android.hardware.identity-V3-ndk_platform",
- "android.hardware.keymaster-V3-ndk_platform",
+ "android.hardware.identity-V3-ndk",
+ "android.hardware.keymaster-V3-ndk",
"android.hardware.identity-libeic-hal-common",
"android.hardware.identity-libeic-library",
],
@@ -127,7 +127,7 @@
"-DEIC_DEBUG",
],
local_include_dirs: [
- "common",
+ "common",
],
shared_libs: [
"liblog",
diff --git a/identity/aidl/default/FakeSecureHardwareProxy.cpp b/identity/aidl/default/FakeSecureHardwareProxy.cpp
index 287ffb8..f0307dc 100644
--- a/identity/aidl/default/FakeSecureHardwareProxy.cpp
+++ b/identity/aidl/default/FakeSecureHardwareProxy.cpp
@@ -70,6 +70,7 @@
bool FakeSecureHardwareProvisioningProxy::initializeForUpdate(
bool testCredential, string docType, vector<uint8_t> encryptedCredentialKeys) {
return eicProvisioningInitForUpdate(&ctx_, testCredential, docType.c_str(),
+ docType.size(),
encryptedCredentialKeys.data(),
encryptedCredentialKeys.size());
}
@@ -92,8 +93,11 @@
bool FakeSecureHardwareProvisioningProxy::startPersonalization(
int accessControlProfileCount, vector<int> entryCounts, const string& docType,
size_t expectedProofOfProvisioningSize) {
- if (!eicProvisioningStartPersonalization(&ctx_, accessControlProfileCount, entryCounts.data(),
- entryCounts.size(), docType.c_str(),
+
+ if (!eicProvisioningStartPersonalization(&ctx_, accessControlProfileCount,
+ entryCounts.data(),
+ entryCounts.size(),
+ docType.c_str(), docType.size(),
expectedProofOfProvisioningSize)) {
return false;
}
@@ -105,9 +109,11 @@
int id, const vector<uint8_t>& readerCertificate, bool userAuthenticationRequired,
uint64_t timeoutMillis, uint64_t secureUserId) {
vector<uint8_t> mac(28);
+ uint8_t scratchSpace[512];
if (!eicProvisioningAddAccessControlProfile(
&ctx_, id, readerCertificate.data(), readerCertificate.size(),
- userAuthenticationRequired, timeoutMillis, secureUserId, mac.data())) {
+ userAuthenticationRequired, timeoutMillis, secureUserId, mac.data(),
+ scratchSpace, sizeof(scratchSpace))) {
return {};
}
return mac;
@@ -117,9 +123,15 @@
const string& nameSpace, const string& name,
uint64_t entrySize) {
uint8_t scratchSpace[512];
- return eicProvisioningBeginAddEntry(&ctx_, accessControlProfileIds.data(),
- accessControlProfileIds.size(), nameSpace.c_str(),
- name.c_str(), entrySize, scratchSpace, sizeof scratchSpace);
+ vector<uint8_t> uint8AccessControlProfileIds;
+ for (size_t i = 0; i < accessControlProfileIds.size(); i++) {
+ uint8AccessControlProfileIds.push_back(accessControlProfileIds[i] & 0xFF);
+ }
+
+ return eicProvisioningBeginAddEntry(&ctx_, uint8AccessControlProfileIds.data(),
+ uint8AccessControlProfileIds.size(), nameSpace.c_str(),
+ nameSpace.size(), name.c_str(), name.size(), entrySize,
+ scratchSpace, sizeof(scratchSpace));
}
// Returns encryptedContent.
@@ -128,11 +140,16 @@
const vector<uint8_t>& content) {
vector<uint8_t> eicEncryptedContent;
uint8_t scratchSpace[512];
+ vector<uint8_t> uint8AccessControlProfileIds;
+ for (size_t i = 0; i < accessControlProfileIds.size(); i++) {
+ uint8AccessControlProfileIds.push_back(accessControlProfileIds[i] & 0xFF);
+ }
+
eicEncryptedContent.resize(content.size() + 28);
if (!eicProvisioningAddEntryValue(
- &ctx_, accessControlProfileIds.data(), accessControlProfileIds.size(),
- nameSpace.c_str(), name.c_str(), content.data(), content.size(),
- eicEncryptedContent.data(), scratchSpace, sizeof scratchSpace)) {
+ &ctx_, uint8AccessControlProfileIds.data(), uint8AccessControlProfileIds.size(),
+ nameSpace.c_str(), nameSpace.size(), name.c_str(), name.size(), content.data(),
+ content.size(), eicEncryptedContent.data(), scratchSpace, sizeof(scratchSpace))) {
return {};
}
return eicEncryptedContent;
@@ -152,7 +169,7 @@
const string& docType) {
vector<uint8_t> encryptedCredentialKeys(116);
size_t size = encryptedCredentialKeys.size();
- if (!eicProvisioningFinishGetCredentialData(&ctx_, docType.c_str(),
+ if (!eicProvisioningFinishGetCredentialData(&ctx_, docType.c_str(), docType.size(),
encryptedCredentialKeys.data(), &size)) {
return {};
}
@@ -170,7 +187,7 @@
vector<uint8_t> encryptedCredentialKeys) {
LOG(INFO) << "FakeSecureHardwarePresentationProxy created, sizeof(EicPresentation): "
<< sizeof(EicPresentation);
- return eicPresentationInit(&ctx_, testCredential, docType.c_str(),
+ return eicPresentationInit(&ctx_, testCredential, docType.c_str(), docType.size(),
encryptedCredentialKeys.data(), encryptedCredentialKeys.size());
}
@@ -181,8 +198,9 @@
size_t publicKeyCertSize = sizeof(publicKeyCert);
vector<uint8_t> signingKeyBlob(60);
- if (!eicPresentationGenerateSigningKeyPair(&ctx_, docType.c_str(), now, publicKeyCert,
- &publicKeyCertSize, signingKeyBlob.data())) {
+ if (!eicPresentationGenerateSigningKeyPair(&ctx_, docType.c_str(), docType.size(), now,
+ publicKeyCert, &publicKeyCertSize,
+ signingKeyBlob.data())) {
return {};
}
@@ -244,10 +262,12 @@
int id, const vector<uint8_t>& readerCertificate, bool userAuthenticationRequired,
int timeoutMillis, uint64_t secureUserId, const vector<uint8_t>& mac) {
bool accessGranted = false;
+ uint8_t scratchSpace[512];
if (!eicPresentationValidateAccessControlProfile(&ctx_, id, readerCertificate.data(),
readerCertificate.size(),
userAuthenticationRequired, timeoutMillis,
- secureUserId, mac.data(), &accessGranted)) {
+ secureUserId, mac.data(), &accessGranted,
+ scratchSpace, sizeof(scratchSpace))) {
return {};
}
return accessGranted;
@@ -267,7 +287,7 @@
}
return eicPresentationCalcMacKey(&ctx_, sessionTranscript.data(), sessionTranscript.size(),
readerEphemeralPublicKey.data(), signingKeyBlob.data(),
- docType.c_str(), numNamespacesWithValues,
+ docType.c_str(), docType.size(), numNamespacesWithValues,
expectedProofOfProvisioningSize);
}
@@ -275,10 +295,16 @@
const string& nameSpace, const string& name, unsigned int newNamespaceNumEntries,
int32_t entrySize, const vector<int32_t>& accessControlProfileIds) {
uint8_t scratchSpace[512];
+ vector<uint8_t> uint8AccessControlProfileIds;
+ for (size_t i = 0; i < accessControlProfileIds.size(); i++) {
+ uint8AccessControlProfileIds.push_back(accessControlProfileIds[i] & 0xFF);
+ }
+
EicAccessCheckResult result = eicPresentationStartRetrieveEntryValue(
- &ctx_, nameSpace.c_str(), name.c_str(), newNamespaceNumEntries, entrySize,
- accessControlProfileIds.data(), accessControlProfileIds.size(), scratchSpace,
- sizeof scratchSpace);
+ &ctx_, nameSpace.c_str(), nameSpace.size(), name.c_str(), name.size(),
+ newNamespaceNumEntries, entrySize, uint8AccessControlProfileIds.data(),
+ uint8AccessControlProfileIds.size(), scratchSpace,
+ sizeof(scratchSpace));
switch (result) {
case EIC_ACCESS_CHECK_RESULT_OK:
return AccessCheckResult::kOk;
@@ -299,12 +325,18 @@
const vector<uint8_t>& encryptedContent, const string& nameSpace, const string& name,
const vector<int32_t>& accessControlProfileIds) {
uint8_t scratchSpace[512];
+ vector<uint8_t> uint8AccessControlProfileIds;
+ for (size_t i = 0; i < accessControlProfileIds.size(); i++) {
+ uint8AccessControlProfileIds.push_back(accessControlProfileIds[i] & 0xFF);
+ }
+
vector<uint8_t> content;
content.resize(encryptedContent.size() - 28);
if (!eicPresentationRetrieveEntryValue(
&ctx_, encryptedContent.data(), encryptedContent.size(), content.data(),
- nameSpace.c_str(), name.c_str(), accessControlProfileIds.data(),
- accessControlProfileIds.size(), scratchSpace, sizeof scratchSpace)) {
+ nameSpace.c_str(), nameSpace.size(), name.c_str(), name.size(),
+ uint8AccessControlProfileIds.data(), uint8AccessControlProfileIds.size(),
+ scratchSpace, sizeof(scratchSpace))) {
return {};
}
return content;
@@ -324,9 +356,9 @@
const string& docType, const vector<uint8_t>& challenge, bool includeChallenge,
size_t proofOfDeletionCborSize) {
vector<uint8_t> signatureOfToBeSigned(EIC_ECDSA_P256_SIGNATURE_SIZE);
- if (!eicPresentationDeleteCredential(&ctx_, docType.c_str(), challenge.data(), challenge.size(),
- includeChallenge, proofOfDeletionCborSize,
- signatureOfToBeSigned.data())) {
+ if (!eicPresentationDeleteCredential(&ctx_, docType.c_str(), docType.size(), challenge.data(),
+ challenge.size(), includeChallenge,
+ proofOfDeletionCborSize, signatureOfToBeSigned.data())) {
return {};
}
return signatureOfToBeSigned;
@@ -336,8 +368,8 @@
const string& docType, bool testCredential, const vector<uint8_t>& challenge,
size_t proofOfOwnershipCborSize) {
vector<uint8_t> signatureOfToBeSigned(EIC_ECDSA_P256_SIGNATURE_SIZE);
- if (!eicPresentationProveOwnership(&ctx_, docType.c_str(), testCredential, challenge.data(),
- challenge.size(), proofOfOwnershipCborSize,
+ if (!eicPresentationProveOwnership(&ctx_, docType.c_str(), docType.size(), testCredential,
+ challenge.data(), challenge.size(), proofOfOwnershipCborSize,
signatureOfToBeSigned.data())) {
return {};
}
diff --git a/identity/aidl/default/libeic/EicCbor.c b/identity/aidl/default/libeic/EicCbor.c
index 0e2684f..b9304bc 100644
--- a/identity/aidl/default/libeic/EicCbor.c
+++ b/identity/aidl/default/libeic/EicCbor.c
@@ -91,7 +91,7 @@
return 8;
}
-void eicCborBegin(EicCbor* cbor, int majorType, size_t size) {
+void eicCborBegin(EicCbor* cbor, int majorType, uint64_t size) {
uint8_t data[9];
if (size < 24) {
@@ -132,10 +132,13 @@
eicCborAppend(cbor, data, dataSize);
}
-void eicCborAppendString(EicCbor* cbor, const char* str) {
- size_t length = eicStrLen(str);
- eicCborBegin(cbor, EIC_CBOR_MAJOR_TYPE_STRING, length);
- eicCborAppend(cbor, (const uint8_t*)str, length);
+void eicCborAppendString(EicCbor* cbor, const char* str, size_t strLength) {
+ eicCborBegin(cbor, EIC_CBOR_MAJOR_TYPE_STRING, strLength);
+ eicCborAppend(cbor, (const uint8_t*)str, strLength);
+}
+
+void eicCborAppendStringZ(EicCbor* cbor, const char* str) {
+ eicCborAppendString(cbor, str, eicStrLen(str));
}
void eicCborAppendSimple(EicCbor* cbor, uint8_t simpleValue) {
@@ -153,13 +156,13 @@
}
void eicCborAppendUnsigned(EicCbor* cbor, uint64_t value) {
- size_t encoded = value;
+ uint64_t encoded = value;
eicCborBegin(cbor, EIC_CBOR_MAJOR_TYPE_UNSIGNED, encoded);
}
void eicCborAppendNumber(EicCbor* cbor, int64_t value) {
if (value < 0) {
- size_t encoded = -1 - value;
+ uint64_t encoded = -1 - value;
eicCborBegin(cbor, EIC_CBOR_MAJOR_TYPE_NEGATIVE, encoded);
} else {
eicCborAppendUnsigned(cbor, value);
@@ -188,19 +191,19 @@
}
}
eicCborAppendMap(cborBuilder, numPairs);
- eicCborAppendString(cborBuilder, "id");
+ eicCborAppendStringZ(cborBuilder, "id");
eicCborAppendUnsigned(cborBuilder, id);
if (readerCertificateSize > 0) {
- eicCborAppendString(cborBuilder, "readerCertificate");
+ eicCborAppendStringZ(cborBuilder, "readerCertificate");
eicCborAppendByteString(cborBuilder, readerCertificate, readerCertificateSize);
}
if (userAuthenticationRequired) {
- eicCborAppendString(cborBuilder, "userAuthenticationRequired");
+ eicCborAppendStringZ(cborBuilder, "userAuthenticationRequired");
eicCborAppendBool(cborBuilder, userAuthenticationRequired);
- eicCborAppendString(cborBuilder, "timeoutMillis");
+ eicCborAppendStringZ(cborBuilder, "timeoutMillis");
eicCborAppendUnsigned(cborBuilder, timeoutMillis);
if (secureUserId > 0) {
- eicCborAppendString(cborBuilder, "secureUserId");
+ eicCborAppendStringZ(cborBuilder, "secureUserId");
eicCborAppendUnsigned(cborBuilder, secureUserId);
}
}
@@ -214,20 +217,21 @@
return true;
}
-bool eicCborCalcEntryAdditionalData(const int* accessControlProfileIds,
+bool eicCborCalcEntryAdditionalData(const uint8_t* accessControlProfileIds,
size_t numAccessControlProfileIds, const char* nameSpace,
- const char* name, uint8_t* cborBuffer, size_t cborBufferSize,
- size_t* outAdditionalDataCborSize,
+ size_t nameSpaceLength, const char* name,
+ size_t nameLength, uint8_t* cborBuffer,
+ size_t cborBufferSize, size_t* outAdditionalDataCborSize,
uint8_t additionalDataSha256[EIC_SHA256_DIGEST_SIZE]) {
EicCbor cborBuilder;
eicCborInit(&cborBuilder, cborBuffer, cborBufferSize);
eicCborAppendMap(&cborBuilder, 3);
- eicCborAppendString(&cborBuilder, "Namespace");
- eicCborAppendString(&cborBuilder, nameSpace);
- eicCborAppendString(&cborBuilder, "Name");
- eicCborAppendString(&cborBuilder, name);
- eicCborAppendString(&cborBuilder, "AccessControlProfileIds");
+ eicCborAppendStringZ(&cborBuilder, "Namespace");
+ eicCborAppendString(&cborBuilder, nameSpace, nameSpaceLength);
+ eicCborAppendStringZ(&cborBuilder, "Name");
+ eicCborAppendString(&cborBuilder, name, nameLength);
+ eicCborAppendStringZ(&cborBuilder, "AccessControlProfileIds");
eicCborAppendArray(&cborBuilder, numAccessControlProfileIds);
for (size_t n = 0; n < numAccessControlProfileIds; n++) {
eicCborAppendNumber(&cborBuilder, accessControlProfileIds[n]);
diff --git a/identity/aidl/default/libeic/EicCbor.h b/identity/aidl/default/libeic/EicCbor.h
index 9c0f531..16f7ab6 100644
--- a/identity/aidl/default/libeic/EicCbor.h
+++ b/identity/aidl/default/libeic/EicCbor.h
@@ -102,13 +102,16 @@
#define EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR 24
/* Begins a new CBOR value. */
-void eicCborBegin(EicCbor* cbor, int majorType, size_t size);
+void eicCborBegin(EicCbor* cbor, int majorType, uint64_t size);
/* Appends a bytestring. */
void eicCborAppendByteString(EicCbor* cbor, const uint8_t* data, size_t dataSize);
+/* Appends a UTF-8 string. */
+void eicCborAppendString(EicCbor* cbor, const char* str, size_t strLength);
+
/* Appends a NUL-terminated UTF-8 string. */
-void eicCborAppendString(EicCbor* cbor, const char* str);
+void eicCborAppendStringZ(EicCbor* cbor, const char* str);
/* Appends a simple value. */
void eicCborAppendSimple(EicCbor* cbor, uint8_t simpleValue);
@@ -144,22 +147,13 @@
size_t readerCertificateSize, bool userAuthenticationRequired,
uint64_t timeoutMillis, uint64_t secureUserId);
-bool eicCborCalcEntryAdditionalData(const int* accessControlProfileIds,
+bool eicCborCalcEntryAdditionalData(const uint8_t* accessControlProfileIds,
size_t numAccessControlProfileIds, const char* nameSpace,
- const char* name, uint8_t* cborBuffer, size_t cborBufferSize,
- size_t* outAdditionalDataCborSize,
+ size_t nameSpaceLength, const char* name,
+ size_t nameLength, uint8_t* cborBuffer,
+ size_t cborBufferSize, size_t* outAdditionalDataCborSize,
uint8_t additionalDataSha256[EIC_SHA256_DIGEST_SIZE]);
-// The maximum size of an encoded Secure Access Control Profile that we
-// support. Since the SACP may contain a reader certificate chain these can get
-// pretty big.
-//
-// Currently we allocate space on the stack for this structure which is why we
-// have a maximum size. We can get rid of the maximum size by incrementally
-// building/verifying the SACP. TODO: actually do this.
-//
-#define EIC_MAX_CBOR_SIZE_FOR_ACCESS_CONTROL_PROFILE 512
-
#ifdef __cplusplus
}
#endif
diff --git a/identity/aidl/default/libeic/EicCommon.h b/identity/aidl/default/libeic/EicCommon.h
new file mode 100644
index 0000000..476276e
--- /dev/null
+++ b/identity/aidl/default/libeic/EicCommon.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2020, The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(EIC_INSIDE_LIBEIC_H) && !defined(EIC_COMPILATION)
+#error "Never include this file directly, include libeic.h instead."
+#endif
+
+#ifndef ANDROID_HARDWARE_IDENTITY_EIC_COMMON_H
+#define ANDROID_HARDWARE_IDENTITY_EIC_COMMON_H
+
+// Feature version 202009:
+//
+// CredentialKeys = [
+// bstr, ; storageKey, a 128-bit AES key
+// bstr, ; credentialPrivKey, the private key for credentialKey
+// ]
+//
+// Feature version 202101:
+//
+// CredentialKeys = [
+// bstr, ; storageKey, a 128-bit AES key
+// bstr, ; credentialPrivKey, the private key for credentialKey
+// bstr ; proofOfProvisioning SHA-256
+// ]
+//
+// where storageKey is 16 bytes, credentialPrivateKey is 32 bytes, and proofOfProvisioning
+// SHA-256 is 32 bytes.
+#define EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202009 52
+#define EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202101 86
+
+#endif // ANDROID_HARDWARE_IDENTITY_EIC_COMMON_H
diff --git a/identity/aidl/default/libeic/EicPresentation.c b/identity/aidl/default/libeic/EicPresentation.c
index 3d13766..0d03ae9 100644
--- a/identity/aidl/default/libeic/EicPresentation.c
+++ b/identity/aidl/default/libeic/EicPresentation.c
@@ -15,22 +15,23 @@
*/
#include "EicPresentation.h"
+#include "EicCommon.h"
#include <inttypes.h>
bool eicPresentationInit(EicPresentation* ctx, bool testCredential, const char* docType,
- const uint8_t* encryptedCredentialKeys,
+ size_t docTypeLength, const uint8_t* encryptedCredentialKeys,
size_t encryptedCredentialKeysSize) {
- uint8_t credentialKeys[86];
+ uint8_t credentialKeys[EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202101];
bool expectPopSha256 = false;
// For feature version 202009 it's 52 bytes long and for feature version 202101 it's 86
// bytes (the additional data is the ProofOfProvisioning SHA-256). We need
// to support loading all feature versions.
//
- if (encryptedCredentialKeysSize == 52 + 28) {
+ if (encryptedCredentialKeysSize == EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202009 + 28) {
/* do nothing */
- } else if (encryptedCredentialKeysSize == 86 + 28) {
+ } else if (encryptedCredentialKeysSize == EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202101 + 28) {
expectPopSha256 = true;
} else {
eicDebug("Unexpected size %zd for encryptedCredentialKeys", encryptedCredentialKeysSize);
@@ -42,7 +43,7 @@
if (!eicOpsDecryptAes128Gcm(eicOpsGetHardwareBoundKey(testCredential), encryptedCredentialKeys,
encryptedCredentialKeysSize,
// DocType is the additionalAuthenticatedData
- (const uint8_t*)docType, eicStrLen(docType), credentialKeys)) {
+ (const uint8_t*)docType, docTypeLength, credentialKeys)) {
eicDebug("Error decrypting CredentialKeys");
return false;
}
@@ -88,7 +89,8 @@
return true;
}
-bool eicPresentationGenerateSigningKeyPair(EicPresentation* ctx, const char* docType, time_t now,
+bool eicPresentationGenerateSigningKeyPair(EicPresentation* ctx, const char* docType,
+ size_t docTypeLength, time_t now,
uint8_t* publicKeyCert, size_t* publicKeyCertSize,
uint8_t signingKeyBlob[60]) {
uint8_t signingKeyPriv[EIC_P256_PRIV_KEY_SIZE];
@@ -114,7 +116,7 @@
EicCbor cbor;
eicCborInit(&cbor, cborBuf, sizeof cborBuf);
eicCborAppendArray(&cbor, 2);
- eicCborAppendString(&cbor, "ProofOfBinding");
+ eicCborAppendStringZ(&cbor, "ProofOfBinding");
eicCborAppendByteString(&cbor, ctx->proofOfProvisioningSha256, EIC_SHA256_DIGEST_SIZE);
if (cbor.size > sizeof(cborBuf)) {
eicDebug("Exceeded buffer size");
@@ -147,7 +149,7 @@
}
if (!eicOpsEncryptAes128Gcm(ctx->storageKey, nonce, signingKeyPriv, sizeof(signingKeyPriv),
// DocType is the additionalAuthenticatedData
- (const uint8_t*)docType, eicStrLen(docType), signingKeyBlob)) {
+ (const uint8_t*)docType, docTypeLength, signingKeyBlob)) {
eicDebug("Error encrypting signing key");
return false;
}
@@ -219,7 +221,7 @@
EicCbor cbor;
eicCborInit(&cbor, NULL, 0);
eicCborAppendArray(&cbor, 4);
- eicCborAppendString(&cbor, "Signature1");
+ eicCborAppendStringZ(&cbor, "Signature1");
// The COSE Encoded protected headers is just a single field with
// COSE_LABEL_ALG (1) -> coseSignAlg (e.g. -7). For simplicitly we just
@@ -277,7 +279,7 @@
//
size_t payloadOffset = cbor.size;
eicCborBegin(&cbor, EIC_CBOR_MAJOR_TYPE_ARRAY, 3);
- eicCborAppendString(&cbor, "ReaderAuthentication");
+ eicCborAppendStringZ(&cbor, "ReaderAuthentication");
eicCborAppend(&cbor, sessionTranscript, sessionTranscriptSize);
eicCborAppendSemantic(&cbor, EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR);
eicCborBegin(&cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, requestMessageSize);
@@ -438,18 +440,18 @@
size_t readerCertificateSize,
bool userAuthenticationRequired, int timeoutMillis,
uint64_t secureUserId, const uint8_t mac[28],
- bool* accessGranted) {
+ bool* accessGranted,
+ uint8_t* scratchSpace,
+ size_t scratchSpaceSize) {
*accessGranted = false;
-
if (id < 0 || id >= 32) {
eicDebug("id value of %d is out of allowed range [0, 32[", id);
return false;
}
// Validate the MAC
- uint8_t cborBuffer[EIC_MAX_CBOR_SIZE_FOR_ACCESS_CONTROL_PROFILE];
EicCbor cborBuilder;
- eicCborInit(&cborBuilder, cborBuffer, EIC_MAX_CBOR_SIZE_FOR_ACCESS_CONTROL_PROFILE);
+ eicCborInit(&cborBuilder, scratchSpace, scratchSpaceSize);
if (!eicCborCalcAccessControl(&cborBuilder, id, readerCertificate, readerCertificateSize,
userAuthenticationRequired, timeoutMillis, secureUserId)) {
return false;
@@ -464,15 +466,15 @@
checkUserAuth(ctx, userAuthenticationRequired, timeoutMillis, secureUserId);
bool passedReaderAuth = checkReaderAuth(ctx, readerCertificate, readerCertificateSize);
- ctx->accessControlProfileMaskValidated |= (1 << id);
+ ctx->accessControlProfileMaskValidated |= (1U << id);
if (readerCertificateSize > 0) {
- ctx->accessControlProfileMaskUsesReaderAuth |= (1 << id);
+ ctx->accessControlProfileMaskUsesReaderAuth |= (1U << id);
}
if (!passedReaderAuth) {
- ctx->accessControlProfileMaskFailedReaderAuth |= (1 << id);
+ ctx->accessControlProfileMaskFailedReaderAuth |= (1U << id);
}
if (!passedUserAuth) {
- ctx->accessControlProfileMaskFailedUserAuth |= (1 << id);
+ ctx->accessControlProfileMaskFailedUserAuth |= (1U << id);
}
if (passedUserAuth && passedReaderAuth) {
@@ -486,11 +488,11 @@
size_t sessionTranscriptSize,
const uint8_t readerEphemeralPublicKey[EIC_P256_PUB_KEY_SIZE],
const uint8_t signingKeyBlob[60], const char* docType,
- unsigned int numNamespacesWithValues,
+ size_t docTypeLength, unsigned int numNamespacesWithValues,
size_t expectedDeviceNamespacesSize) {
uint8_t signingKeyPriv[EIC_P256_PRIV_KEY_SIZE];
if (!eicOpsDecryptAes128Gcm(ctx->storageKey, signingKeyBlob, 60, (const uint8_t*)docType,
- eicStrLen(docType), signingKeyPriv)) {
+ docTypeLength, signingKeyPriv)) {
eicDebug("Error decrypting signingKeyBlob");
return false;
}
@@ -530,7 +532,7 @@
// ]
//
eicCborAppendArray(&ctx->cbor, 4);
- eicCborAppendString(&ctx->cbor, "MAC0");
+ eicCborAppendStringZ(&ctx->cbor, "MAC0");
// The COSE Encoded protected headers is just a single field with
// COSE_LABEL_ALG (1) -> COSE_ALG_HMAC_256_256 (5). For simplicitly we just
@@ -566,8 +568,7 @@
calculatedSize += 1; // "DeviceAuthentication" less than 24 bytes
calculatedSize += sizeof("DeviceAuthentication") - 1; // Don't include trailing NUL
calculatedSize += sessionTranscriptSize; // Already CBOR encoded
- size_t docTypeLen = eicStrLen(docType);
- calculatedSize += 1 + eicCborAdditionalLengthBytesFor(docTypeLen) + docTypeLen;
+ calculatedSize += 1 + eicCborAdditionalLengthBytesFor(docTypeLength) + docTypeLength;
calculatedSize += 2; // Semantic tag EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR (24)
calculatedSize += 1 + eicCborAdditionalLengthBytesFor(expectedDeviceNamespacesSize);
calculatedSize += expectedDeviceNamespacesSize;
@@ -589,9 +590,9 @@
eicCborBegin(&ctx->cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, calculatedSize);
eicCborAppendArray(&ctx->cbor, 4);
- eicCborAppendString(&ctx->cbor, "DeviceAuthentication");
+ eicCborAppendStringZ(&ctx->cbor, "DeviceAuthentication");
eicCborAppend(&ctx->cbor, sessionTranscript, sessionTranscriptSize);
- eicCborAppendString(&ctx->cbor, docType);
+ eicCborAppendString(&ctx->cbor, docType, docTypeLength);
// For the payload, the _encoded_ form follows here. We handle this by simply
// opening a bstr, and then writing the CBOR. This requires us to know the
@@ -618,16 +619,18 @@
}
EicAccessCheckResult eicPresentationStartRetrieveEntryValue(
- EicPresentation* ctx, const char* nameSpace, const char* name,
- unsigned int newNamespaceNumEntries, int32_t /* entrySize */,
- const int* accessControlProfileIds, size_t numAccessControlProfileIds,
+ EicPresentation* ctx, const char* nameSpace, size_t nameSpaceLength,
+ const char* name, size_t nameLength,
+ unsigned int newNamespaceNumEntries, int32_t entrySize,
+ const uint8_t* accessControlProfileIds, size_t numAccessControlProfileIds,
uint8_t* scratchSpace, size_t scratchSpaceSize) {
+ (void)entrySize;
uint8_t* additionalDataCbor = scratchSpace;
- const size_t additionalDataCborBufSize = scratchSpaceSize;
+ size_t additionalDataCborBufferSize = scratchSpaceSize;
size_t additionalDataCborSize;
if (newNamespaceNumEntries > 0) {
- eicCborAppendString(&ctx->cbor, nameSpace);
+ eicCborAppendString(&ctx->cbor, nameSpace, nameSpaceLength);
eicCborAppendMap(&ctx->cbor, newNamespaceNumEntries);
}
@@ -636,8 +639,9 @@
//
ctx->accessCheckOk = false;
if (!eicCborCalcEntryAdditionalData(accessControlProfileIds, numAccessControlProfileIds,
- nameSpace, name, additionalDataCbor,
- additionalDataCborBufSize, &additionalDataCborSize,
+ nameSpace, nameSpaceLength, name, nameLength,
+ additionalDataCbor, additionalDataCborBufferSize,
+ &additionalDataCborSize,
ctx->additionalDataSha256)) {
return EIC_ACCESS_CHECK_RESULT_FAILED;
}
@@ -681,7 +685,7 @@
eicDebug("Result %d for name %s", result, name);
if (result == EIC_ACCESS_CHECK_RESULT_OK) {
- eicCborAppendString(&ctx->cbor, name);
+ eicCborAppendString(&ctx->cbor, name, nameLength);
ctx->accessCheckOk = true;
}
return result;
@@ -690,18 +694,21 @@
// Note: |content| must be big enough to hold |encryptedContentSize| - 28 bytes.
bool eicPresentationRetrieveEntryValue(EicPresentation* ctx, const uint8_t* encryptedContent,
size_t encryptedContentSize, uint8_t* content,
- const char* nameSpace, const char* name,
- const int* accessControlProfileIds,
- size_t numAccessControlProfileIds, uint8_t* scratchSpace,
+ const char* nameSpace, size_t nameSpaceLength,
+ const char* name, size_t nameLength,
+ const uint8_t* accessControlProfileIds,
+ size_t numAccessControlProfileIds,
+ uint8_t* scratchSpace,
size_t scratchSpaceSize) {
uint8_t* additionalDataCbor = scratchSpace;
- const size_t additionalDataCborBufSize = scratchSpaceSize;
+ size_t additionalDataCborBufferSize = scratchSpaceSize;
size_t additionalDataCborSize;
uint8_t calculatedSha256[EIC_SHA256_DIGEST_SIZE];
if (!eicCborCalcEntryAdditionalData(accessControlProfileIds, numAccessControlProfileIds,
- nameSpace, name, additionalDataCbor,
- additionalDataCborBufSize, &additionalDataCborSize,
+ nameSpace, nameSpaceLength, name, nameLength,
+ additionalDataCbor, additionalDataCborBufferSize,
+ &additionalDataCborSize,
calculatedSha256)) {
return false;
}
@@ -746,9 +753,10 @@
return true;
}
-bool eicPresentationDeleteCredential(EicPresentation* ctx, const char* docType,
+bool eicPresentationDeleteCredential(EicPresentation* ctx, const char* docType, size_t docTypeLength,
const uint8_t* challenge, size_t challengeSize,
- bool includeChallenge, size_t proofOfDeletionCborSize,
+ bool includeChallenge,
+ size_t proofOfDeletionCborSize,
uint8_t signatureOfToBeSigned[EIC_ECDSA_P256_SIGNATURE_SIZE]) {
EicCbor cbor;
@@ -766,7 +774,7 @@
// ]
//
eicCborAppendArray(&cbor, 4);
- eicCborAppendString(&cbor, "Signature1");
+ eicCborAppendStringZ(&cbor, "Signature1");
// The COSE Encoded protected headers is just a single field with
// COSE_LABEL_ALG (1) -> COSE_ALG_ECSDA_256 (-7). For simplicitly we just
@@ -787,8 +795,8 @@
// Finally, the CBOR that we're actually signing.
eicCborAppendArray(&cbor, includeChallenge ? 4 : 3);
- eicCborAppendString(&cbor, "ProofOfDeletion");
- eicCborAppendString(&cbor, docType);
+ eicCborAppendStringZ(&cbor, "ProofOfDeletion");
+ eicCborAppendString(&cbor, docType, docTypeLength);
if (includeChallenge) {
eicCborAppendByteString(&cbor, challenge, challengeSize);
}
@@ -804,7 +812,8 @@
return true;
}
-bool eicPresentationProveOwnership(EicPresentation* ctx, const char* docType, bool testCredential,
+bool eicPresentationProveOwnership(EicPresentation* ctx, const char* docType,
+ size_t docTypeLength, bool testCredential,
const uint8_t* challenge, size_t challengeSize,
size_t proofOfOwnershipCborSize,
uint8_t signatureOfToBeSigned[EIC_ECDSA_P256_SIGNATURE_SIZE]) {
@@ -824,7 +833,7 @@
// ]
//
eicCborAppendArray(&cbor, 4);
- eicCborAppendString(&cbor, "Signature1");
+ eicCborAppendStringZ(&cbor, "Signature1");
// The COSE Encoded protected headers is just a single field with
// COSE_LABEL_ALG (1) -> COSE_ALG_ECSDA_256 (-7). For simplicitly we just
@@ -845,8 +854,8 @@
// Finally, the CBOR that we're actually signing.
eicCborAppendArray(&cbor, 4);
- eicCborAppendString(&cbor, "ProofOfOwnership");
- eicCborAppendString(&cbor, docType);
+ eicCborAppendStringZ(&cbor, "ProofOfOwnership");
+ eicCborAppendString(&cbor, docType, docTypeLength);
eicCborAppendByteString(&cbor, challenge, challengeSize);
eicCborAppendBool(&cbor, testCredential);
diff --git a/identity/aidl/default/libeic/EicPresentation.h b/identity/aidl/default/libeic/EicPresentation.h
index c888049..6f7f432 100644
--- a/identity/aidl/default/libeic/EicPresentation.h
+++ b/identity/aidl/default/libeic/EicPresentation.h
@@ -94,10 +94,11 @@
} EicPresentation;
bool eicPresentationInit(EicPresentation* ctx, bool testCredential, const char* docType,
- const uint8_t* encryptedCredentialKeys,
+ size_t docTypeLength, const uint8_t* encryptedCredentialKeys,
size_t encryptedCredentialKeysSize);
-bool eicPresentationGenerateSigningKeyPair(EicPresentation* ctx, const char* docType, time_t now,
+bool eicPresentationGenerateSigningKeyPair(EicPresentation* ctx, const char* docType,
+ size_t docTypeLength, time_t now,
uint8_t* publicKeyCert, size_t* publicKeyCertSize,
uint8_t signingKeyBlob[60]);
@@ -148,12 +149,17 @@
// be called after pushing that certificate using
// eicPresentationPushReaderCert().
//
+// The scratchSpace should be set to a buffer at least 512 bytes. It's done
+// this way to avoid allocating stack space.
+//
bool eicPresentationValidateAccessControlProfile(EicPresentation* ctx, int id,
const uint8_t* readerCertificate,
size_t readerCertificateSize,
bool userAuthenticationRequired, int timeoutMillis,
uint64_t secureUserId, const uint8_t mac[28],
- bool* accessGranted);
+ bool* accessGranted,
+ uint8_t* scratchSpace,
+ size_t scratchSpaceSize);
// Validates that the given requestMessage is signed by the public key in the
// certificate last set with eicPresentationPushReaderCert().
@@ -196,7 +202,7 @@
size_t sessionTranscriptSize,
const uint8_t readerEphemeralPublicKey[EIC_P256_PUB_KEY_SIZE],
const uint8_t signingKeyBlob[60], const char* docType,
- unsigned int numNamespacesWithValues,
+ size_t docTypeLength, unsigned int numNamespacesWithValues,
size_t expectedDeviceNamespacesSize);
// The scratchSpace should be set to a buffer at least 512 bytes (ideally 1024
@@ -204,9 +210,11 @@
// space.
//
EicAccessCheckResult eicPresentationStartRetrieveEntryValue(
- EicPresentation* ctx, const char* nameSpace, const char* name,
- unsigned int newNamespaceNumEntries, int32_t entrySize, const int* accessControlProfileIds,
- size_t numAccessControlProfileIds, uint8_t* scratchSpace, size_t scratchSpaceSize);
+ EicPresentation* ctx, const char* nameSpace, size_t nameSpaceLength,
+ const char* name, size_t nameLength,
+ unsigned int newNamespaceNumEntries, int32_t entrySize,
+ const uint8_t* accessControlProfileIds, size_t numAccessControlProfileIds,
+ uint8_t* scratchSpace, size_t scratchSpaceSize);
// Note: |content| must be big enough to hold |encryptedContentSize| - 28 bytes.
//
@@ -215,9 +223,11 @@
//
bool eicPresentationRetrieveEntryValue(EicPresentation* ctx, const uint8_t* encryptedContent,
size_t encryptedContentSize, uint8_t* content,
- const char* nameSpace, const char* name,
- const int* accessControlProfileIds,
- size_t numAccessControlProfileIds, uint8_t* scratchSpace,
+ const char* nameSpace, size_t nameSpaceLength,
+ const char* name, size_t nameLength,
+ const uint8_t* accessControlProfileIds,
+ size_t numAccessControlProfileIds,
+ uint8_t* scratchSpace,
size_t scratchSpaceSize);
// Returns the HMAC-SHA256 of |ToBeMaced| as per RFC 8051 "6.3. How to Compute
@@ -229,7 +239,7 @@
// the ToBeSigned CBOR from RFC 8051 "4.4. Signing and Verification Process"
// where content is set to the ProofOfDeletion CBOR.
//
-bool eicPresentationDeleteCredential(EicPresentation* ctx, const char* docType,
+bool eicPresentationDeleteCredential(EicPresentation* ctx, const char* docType, size_t docTypeLength,
const uint8_t* challenge, size_t challengeSize,
bool includeChallenge, size_t proofOfDeletionCborSize,
uint8_t signatureOfToBeSigned[EIC_ECDSA_P256_SIGNATURE_SIZE]);
@@ -238,8 +248,8 @@
// the ToBeSigned CBOR from RFC 8051 "4.4. Signing and Verification Process"
// where content is set to the ProofOfOwnership CBOR.
//
-bool eicPresentationProveOwnership(EicPresentation* ctx, const char* docType, bool testCredential,
- const uint8_t* challenge, size_t challengeSize,
+bool eicPresentationProveOwnership(EicPresentation* ctx, const char* docType, size_t docTypeLength,
+ bool testCredential, const uint8_t* challenge, size_t challengeSize,
size_t proofOfOwnershipCborSize,
uint8_t signatureOfToBeSigned[EIC_ECDSA_P256_SIGNATURE_SIZE]);
diff --git a/identity/aidl/default/libeic/EicProvisioning.c b/identity/aidl/default/libeic/EicProvisioning.c
index 3b4148e..c9df4fd 100644
--- a/identity/aidl/default/libeic/EicProvisioning.c
+++ b/identity/aidl/default/libeic/EicProvisioning.c
@@ -15,6 +15,7 @@
*/
#include "EicProvisioning.h"
+#include "EicCommon.h"
bool eicProvisioningInit(EicProvisioning* ctx, bool testCredential) {
eicMemSet(ctx, '\0', sizeof(EicProvisioning));
@@ -27,18 +28,18 @@
}
bool eicProvisioningInitForUpdate(EicProvisioning* ctx, bool testCredential, const char* docType,
- const uint8_t* encryptedCredentialKeys,
+ size_t docTypeLength, const uint8_t* encryptedCredentialKeys,
size_t encryptedCredentialKeysSize) {
- uint8_t credentialKeys[86];
+ uint8_t credentialKeys[EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202101];
// For feature version 202009 it's 52 bytes long and for feature version 202101 it's 86
// bytes (the additional data is the ProofOfProvisioning SHA-256). We need
// to support loading all feature versions.
//
bool expectPopSha256 = false;
- if (encryptedCredentialKeysSize == 52 + 28) {
+ if (encryptedCredentialKeysSize == EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202009 + 28) {
/* do nothing */
- } else if (encryptedCredentialKeysSize == 86 + 28) {
+ } else if (encryptedCredentialKeysSize == EIC_CREDENTIAL_KEYS_CBOR_SIZE_FEATURE_VERSION_202101 + 28) {
expectPopSha256 = true;
} else {
eicDebug("Unexpected size %zd for encryptedCredentialKeys", encryptedCredentialKeysSize);
@@ -51,7 +52,7 @@
if (!eicOpsDecryptAes128Gcm(eicOpsGetHardwareBoundKey(testCredential), encryptedCredentialKeys,
encryptedCredentialKeysSize,
// DocType is the additionalAuthenticatedData
- (const uint8_t*)docType, eicStrLen(docType), credentialKeys)) {
+ (const uint8_t*)docType, docTypeLength, credentialKeys)) {
eicDebug("Error decrypting CredentialKeys");
return false;
}
@@ -114,7 +115,7 @@
bool eicProvisioningStartPersonalization(EicProvisioning* ctx, int accessControlProfileCount,
const int* entryCounts, size_t numEntryCounts,
- const char* docType,
+ const char* docType, size_t docTypeLength,
size_t expectedProofOfProvisioningSize) {
if (numEntryCounts >= EIC_MAX_NUM_NAMESPACES) {
return false;
@@ -150,7 +151,7 @@
// ]
//
eicCborAppendArray(&ctx->cbor, 4);
- eicCborAppendString(&ctx->cbor, "Signature1");
+ eicCborAppendStringZ(&ctx->cbor, "Signature1");
// The COSE Encoded protected headers is just a single field with
// COSE_LABEL_ALG (1) -> COSE_ALG_ECSDA_256 (-7). For simplicitly we just
@@ -174,8 +175,8 @@
eicCborEnableSecondaryDigesterSha256(&ctx->cbor, &ctx->proofOfProvisioningDigester);
eicCborAppendArray(&ctx->cbor, 5);
- eicCborAppendString(&ctx->cbor, "ProofOfProvisioning");
- eicCborAppendString(&ctx->cbor, docType);
+ eicCborAppendStringZ(&ctx->cbor, "ProofOfProvisioning");
+ eicCborAppendString(&ctx->cbor, docType, docTypeLength);
eicCborAppendArray(&ctx->cbor, accessControlProfileCount);
@@ -185,12 +186,12 @@
bool eicProvisioningAddAccessControlProfile(EicProvisioning* ctx, int id,
const uint8_t* readerCertificate,
size_t readerCertificateSize,
- bool userAuthenticationRequired, uint64_t timeoutMillis,
- uint64_t secureUserId, uint8_t outMac[28]) {
- uint8_t cborBuffer[EIC_MAX_CBOR_SIZE_FOR_ACCESS_CONTROL_PROFILE];
+ bool userAuthenticationRequired,
+ uint64_t timeoutMillis, uint64_t secureUserId,
+ uint8_t outMac[28], uint8_t* scratchSpace,
+ size_t scratchSpaceSize) {
EicCbor cborBuilder;
-
- eicCborInit(&cborBuilder, cborBuffer, EIC_MAX_CBOR_SIZE_FOR_ACCESS_CONTROL_PROFILE);
+ eicCborInit(&cborBuilder, scratchSpace, scratchSpaceSize);
if (!eicCborCalcAccessControl(&cborBuilder, id, readerCertificate, readerCertificateSize,
userAuthenticationRequired, timeoutMillis, secureUserId)) {
@@ -209,7 +210,7 @@
// The ACP CBOR in the provisioning receipt doesn't include secureUserId so build
// it again.
- eicCborInit(&cborBuilder, cborBuffer, EIC_MAX_CBOR_SIZE_FOR_ACCESS_CONTROL_PROFILE);
+ eicCborInit(&cborBuilder, scratchSpace, scratchSpaceSize);
if (!eicCborCalcAccessControl(&cborBuilder, id, readerCertificate, readerCertificateSize,
userAuthenticationRequired, timeoutMillis,
0 /* secureUserId */)) {
@@ -222,9 +223,10 @@
return true;
}
-bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const int* accessControlProfileIds,
+bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const uint8_t* accessControlProfileIds,
size_t numAccessControlProfileIds, const char* nameSpace,
- const char* name, uint64_t entrySize, uint8_t* scratchSpace,
+ size_t nameSpaceLength, const char* name, size_t nameLength,
+ uint64_t entrySize, uint8_t* scratchSpace,
size_t scratchSpaceSize) {
uint8_t* additionalDataCbor = scratchSpace;
const size_t additionalDataCborBufSize = scratchSpaceSize;
@@ -233,9 +235,9 @@
// We'll need to calc and store a digest of additionalData to check that it's the same
// additionalData being passed in for every eicProvisioningAddEntryValue() call...
if (!eicCborCalcEntryAdditionalData(accessControlProfileIds, numAccessControlProfileIds,
- nameSpace, name, additionalDataCbor,
- additionalDataCborBufSize, &additionalDataCborSize,
- ctx->additionalDataSha256)) {
+ nameSpace, nameSpaceLength, name, nameLength,
+ additionalDataCbor, additionalDataCborBufSize,
+ &additionalDataCborSize, ctx->additionalDataSha256)) {
return false;
}
@@ -244,7 +246,7 @@
ctx->curNamespaceNumProcessed = 0;
// Opens the main map: { * Namespace => [ + Entry ] }
eicCborAppendMap(&ctx->cbor, ctx->numEntryCounts);
- eicCborAppendString(&ctx->cbor, nameSpace);
+ eicCborAppendString(&ctx->cbor, nameSpace, nameSpaceLength);
// Opens the per-namespace array: [ + Entry ]
eicCborAppendArray(&ctx->cbor, ctx->entryCounts[ctx->curNamespace]);
}
@@ -252,37 +254,39 @@
if (ctx->curNamespaceNumProcessed == ctx->entryCounts[ctx->curNamespace]) {
ctx->curNamespace += 1;
ctx->curNamespaceNumProcessed = 0;
- eicCborAppendString(&ctx->cbor, nameSpace);
+ eicCborAppendString(&ctx->cbor, nameSpace, nameSpaceLength);
// Opens the per-namespace array: [ + Entry ]
eicCborAppendArray(&ctx->cbor, ctx->entryCounts[ctx->curNamespace]);
}
eicCborAppendMap(&ctx->cbor, 3);
- eicCborAppendString(&ctx->cbor, "name");
- eicCborAppendString(&ctx->cbor, name);
+ eicCborAppendStringZ(&ctx->cbor, "name");
+ eicCborAppendString(&ctx->cbor, name, nameLength);
ctx->curEntrySize = entrySize;
ctx->curEntryNumBytesReceived = 0;
- eicCborAppendString(&ctx->cbor, "value");
+ eicCborAppendStringZ(&ctx->cbor, "value");
ctx->curNamespaceNumProcessed += 1;
return true;
}
-bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const int* accessControlProfileIds,
+bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const uint8_t* accessControlProfileIds,
size_t numAccessControlProfileIds, const char* nameSpace,
- const char* name, const uint8_t* content, size_t contentSize,
+ size_t nameSpaceLength, const char* name, size_t nameLength,
+ const uint8_t* content, size_t contentSize,
uint8_t* outEncryptedContent, uint8_t* scratchSpace,
size_t scratchSpaceSize) {
uint8_t* additionalDataCbor = scratchSpace;
const size_t additionalDataCborBufSize = scratchSpaceSize;
size_t additionalDataCborSize;
-
uint8_t calculatedSha256[EIC_SHA256_DIGEST_SIZE];
+
if (!eicCborCalcEntryAdditionalData(accessControlProfileIds, numAccessControlProfileIds,
- nameSpace, name, additionalDataCbor,
- additionalDataCborBufSize, &additionalDataCborSize,
+ nameSpace, nameSpaceLength, name, nameLength,
+ additionalDataCbor, additionalDataCborBufSize,
+ &additionalDataCborSize,
calculatedSha256)) {
return false;
}
@@ -305,7 +309,7 @@
// If done with this entry, close the map
ctx->curEntryNumBytesReceived += contentSize;
if (ctx->curEntryNumBytesReceived == ctx->curEntrySize) {
- eicCborAppendString(&ctx->cbor, "accessControlProfiles");
+ eicCborAppendStringZ(&ctx->cbor, "accessControlProfiles");
eicCborAppendArray(&ctx->cbor, numAccessControlProfileIds);
for (size_t n = 0; n < numAccessControlProfileIds; n++) {
eicCborAppendNumber(&ctx->cbor, accessControlProfileIds[n]);
@@ -337,6 +341,7 @@
}
bool eicProvisioningFinishGetCredentialData(EicProvisioning* ctx, const char* docType,
+ size_t docTypeLength,
uint8_t* encryptedCredentialKeys,
size_t* encryptedCredentialKeysSize) {
EicCbor cbor;
@@ -367,7 +372,7 @@
if (!eicOpsEncryptAes128Gcm(
eicOpsGetHardwareBoundKey(ctx->testCredential), nonce, cborBuf, cbor.size,
// DocType is the additionalAuthenticatedData
- (const uint8_t*)docType, eicStrLen(docType), encryptedCredentialKeys)) {
+ (const uint8_t*)docType, docTypeLength, encryptedCredentialKeys)) {
eicDebug("Error encrypting CredentialKeys");
return false;
}
diff --git a/identity/aidl/default/libeic/EicProvisioning.h b/identity/aidl/default/libeic/EicProvisioning.h
index f064787..92f1e4a 100644
--- a/identity/aidl/default/libeic/EicProvisioning.h
+++ b/identity/aidl/default/libeic/EicProvisioning.h
@@ -65,7 +65,7 @@
bool eicProvisioningInit(EicProvisioning* ctx, bool testCredential);
bool eicProvisioningInitForUpdate(EicProvisioning* ctx, bool testCredential, const char* docType,
- const uint8_t* encryptedCredentialKeys,
+ size_t docTypeLength, const uint8_t* encryptedCredentialKeys,
size_t encryptedCredentialKeysSize);
bool eicProvisioningCreateCredentialKey(EicProvisioning* ctx, const uint8_t* challenge,
@@ -75,21 +75,27 @@
bool eicProvisioningStartPersonalization(EicProvisioning* ctx, int accessControlProfileCount,
const int* entryCounts, size_t numEntryCounts,
- const char* docType,
+ const char* docType, size_t docTypeLength,
size_t expectedProofOfProvisioningingSize);
-bool eicProvisioningAddAccessControlProfile(EicProvisioning* ctx, int id,
- const uint8_t* readerCertificate,
- size_t readerCertificateSize,
- bool userAuthenticationRequired, uint64_t timeoutMillis,
- uint64_t secureUserId, uint8_t outMac[28]);
-
// The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to
// avoid allocating stack space.
//
-bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const int* accessControlProfileIds,
+bool eicProvisioningAddAccessControlProfile(EicProvisioning* ctx, int id,
+ const uint8_t* readerCertificate,
+ size_t readerCertificateSize,
+ bool userAuthenticationRequired,
+ uint64_t timeoutMillis, uint64_t secureUserId,
+ uint8_t outMac[28], uint8_t* scratchSpace,
+ size_t scratchSpaceSize);
+
+// The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to
+// avoid allocating stack space.
+//
+bool eicProvisioningBeginAddEntry(EicProvisioning* ctx, const uint8_t* accessControlProfileIds,
size_t numAccessControlProfileIds, const char* nameSpace,
- const char* name, uint64_t entrySize, uint8_t* scratchSpace,
+ size_t nameSpaceLength, const char* name, size_t nameLength,
+ uint64_t entrySize, uint8_t* scratchSpace,
size_t scratchSpaceSize);
// The outEncryptedContent array must be contentSize + 28 bytes long.
@@ -97,9 +103,10 @@
// The scratchSpace should be set to a buffer at least 512 bytes. It's done this way to
// avoid allocating stack space.
//
-bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const int* accessControlProfileIds,
+bool eicProvisioningAddEntryValue(EicProvisioning* ctx, const uint8_t* accessControlProfileIds,
size_t numAccessControlProfileIds, const char* nameSpace,
- const char* name, const uint8_t* content, size_t contentSize,
+ size_t nameSpaceLength, const char* name, size_t nameLength,
+ const uint8_t* content, size_t contentSize,
uint8_t* outEncryptedContent, uint8_t* scratchSpace,
size_t scratchSpaceSize);
@@ -128,6 +135,7 @@
// |encryptedCredentialKeys| will be no longer than 86 + 28 = 114 bytes.
//
bool eicProvisioningFinishGetCredentialData(EicProvisioning* ctx, const char* docType,
+ size_t docTypeLength,
uint8_t* encryptedCredentialKeys,
size_t* encryptedCredentialKeysSize);
diff --git a/identity/aidl/default/libeic/libeic.h b/identity/aidl/default/libeic/libeic.h
index 88abef8..20c8896 100644
--- a/identity/aidl/default/libeic/libeic.h
+++ b/identity/aidl/default/libeic/libeic.h
@@ -30,6 +30,7 @@
#include "EicOps.h"
#include "EicPresentation.h"
#include "EicProvisioning.h"
+#include "EicCommon.h"
#undef EIC_INSIDE_LIBEIC_H
#ifdef __cplusplus
diff --git a/identity/aidl/vts/Android.bp b/identity/aidl/vts/Android.bp
index 61d15d2..e5de91e 100644
--- a/identity/aidl/vts/Android.bp
+++ b/identity/aidl/vts/Android.bp
@@ -42,7 +42,7 @@
"android.hardware.identity-support-lib",
"android.hardware.identity-V3-cpp",
"android.hardware.keymaster-V3-cpp",
- "android.hardware.keymaster-V3-ndk_platform",
+ "android.hardware.keymaster-V3-ndk",
"libkeymaster4support",
"libkeymaster4_1support",
],
diff --git a/input/classifier/1.0/vts/functional/OWNERS b/input/classifier/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..540b75b
--- /dev/null
+++ b/input/classifier/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 136048
+svv@google.com
diff --git a/keymaster/4.0/support/fuzzer/Android.bp b/keymaster/4.0/support/fuzzer/Android.bp
new file mode 100644
index 0000000..57a2d26
--- /dev/null
+++ b/keymaster/4.0/support/fuzzer/Android.bp
@@ -0,0 +1,67 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+cc_defaults {
+ name: "keymaster4_fuzzer_defaults",
+ static_libs: [
+ "libbase",
+ "liblog",
+ "libkeymaster4support",
+ "libutils",
+ ],
+ shared_libs: [
+ "android.hardware.keymaster@4.0",
+ "libcrypto",
+ "libhidlbase",
+ ],
+ fuzz_config: {
+ cc: [
+ "android-media-fuzzing-reports@google.com",
+ ],
+ componentid: 533764,
+ },
+}
+
+cc_fuzz {
+ name: "keymaster4_attestation_fuzzer",
+ defaults: [
+ "keymaster4_fuzzer_defaults",
+ ],
+ srcs: [
+ "keymaster4_attestation_fuzzer.cpp",
+ ],
+}
+
+cc_fuzz {
+ name: "keymaster4_authSet_fuzzer",
+ defaults: [
+ "keymaster4_fuzzer_defaults",
+ ],
+ srcs: [
+ "keymaster4_authSet_fuzzer.cpp",
+ ],
+}
+
+cc_fuzz {
+ name: "keymaster4_utils_fuzzer",
+ defaults: [
+ "keymaster4_fuzzer_defaults",
+ ],
+ srcs: [
+ "keymaster4_utils_fuzzer.cpp",
+ ],
+}
diff --git a/keymaster/4.0/support/fuzzer/README.md b/keymaster/4.0/support/fuzzer/README.md
new file mode 100644
index 0000000..bf4af25
--- /dev/null
+++ b/keymaster/4.0/support/fuzzer/README.md
@@ -0,0 +1,58 @@
+# Fuzzers for libkeymaster4support
+
+## Plugin Design Considerations
+The fuzzer plugins for libkeymaster4support are designed based on the understanding of the
+source code and try to achieve the following:
+
+##### Maximize code coverage
+The configuration parameters are not hardcoded, but instead selected based on
+incoming data. This ensures more code paths are reached by the fuzzers.
+
+libkeymaster4support supports the following parameters:
+1. Security Level (parameter name: `securityLevel`)
+2. Ec Curve (parameter name: `ecCurve`)
+3. Padding Mode (parameter name: `paddingMode`)
+4. Digest (parameter name: `digest`)
+5. Tag (parameter name: `tag`)
+
+| Parameter| Valid Values| Configured Value|
+|------------- |-------------| ----- |
+| `securityLevel` | 0.`SecurityLevel::SOFTWARE` 1.`SecurityLevel::TRUSTED_ENVIRONMENT` 2.`SecurityLevel::STRONGBOX`| Value obtained from FuzzedDataProvider|
+| `ecCurve` | 0.`EcCurve::P_224` 1.`EcCurve::P_256` 2.`EcCurve::P_384` 3. `EcCurve::P_521`| Value obtained from FuzzedDataProvider|
+| `paddingMode` | 0.`PaddingMode::NONE` 1.`PaddingMode::RSA_OAEP` 2.`PaddingMode::RSA_PSS` 3. `PaddingMode::RSA_PKCS1_1_5_ENCRYPT` 4.`PaddingMode::RSA_PKCS1_1_5_SIGN` 5.`PaddingMode::PKCS7`| Value obtained from FuzzedDataProvider|
+| `digest` | 1. `Digest::NONE` 2.`Digest::MD5` 3.`Digest::SHA1` 4.`Digest::SHA_2_224` 5.`Digest::SHA_2_256` 6.`Digest::SHA_2_384` 7.`Digest::SHA_2_512`| Value obtained from FuzzedDataProvider|
+| `tag` | 1. `Tag::INVALID` 2.`Tag::PURPOSE` 3.`Tag::ALGORITHM` 4.`Tag::KEY_SIZE` 5.`Tag::BLOCK_MODE` 6.`Tag::DIGEST` 7.`Tag::PADDING` 8.`Tag::CALLER_NONCE` 9.`Tag::MIN_MAC_LENGTH` 10.`Tag::EC_CURVE` 11.`Tag::RSA_PUBLIC_EXPONENT` 12.`Tag::INCLUDE_UNIQUE_ID` 13. `Tag::BLOB_USAGE_REQUIREMENTS` 14.`Tag::BOOTLOADER_ONLY` 15.`Tag::ROLLBACK_RESISTANCE` 16.`Tag::HARDWARE_TYPE` 17.`Tag::ACTIVE_DATETIME` 18. `Tag::ORIGINATION_EXPIRE_DATETIME` 19.`Tag::USAGE_EXPIRE_DATETIME` 20.`Tag::MIN_SECONDS_BETWEEN_OPS` 21.`Tag::MAX_USES_PER_BOOT` 22.`Tag::USER_ID` 23.` Tag::USER_SECURE_ID` 24.`Tag::NO_AUTH_REQUIRED` 25.`Tag::USER_AUTH_TYPE` 26.`Tag::AUTH_TIMEOUT` 27.`Tag::ALLOW_WHILE_ON_BODY` 28.`Tag::TRUSTED_USER_PRESENCE_REQUIRED` 29.`Tag::TRUSTED_CONFIRMATION_REQUIRED` 30.`Tag::UNLOCKED_DEVICE_REQUIRED` 31.`Tag::APPLICATION_ID` 32.`Tag::APPLICATION_DATA` 33.`Tag::CREATION_DATETIME` 34.`Tag::ORIGIN` 35.`Tag::ROOT_OF_TRUST` 36.`Tag::OS_VERSION` 37.`Tag::OS_PATCHLEVEL` 38.`Tag::UNIQUE_ID` 39.`Tag::ATTESTATION_CHALLENGE` 40.`Tag::ATTESTATION_APPLICATION_ID` 41.`Tag::ATTESTATION_ID_BRAND` 42.`Tag::ATTESTATION_ID_DEVICE` 43.`Tag::ATTESTATION_ID_PRODUCT` 44.`Tag::ATTESTATION_ID_SERIAL` 45.`Tag::ATTESTATION_ID_IMEI` 46.`Tag::ATTESTATION_ID_MEID` 47.`Tag::ATTESTATION_ID_MANUFACTURER` 48.`Tag::ATTESTATION_ID_MODEL` 49.`Tag::VENDOR_PATCHLEVEL` 50.`Tag::BOOT_PATCHLEVEL` 51.`Tag::ASSOCIATED_DATA` 52.`Tag::NONCE` 53.`Tag::MAC_LENGTH` 54.`Tag::RESET_SINCE_ID_ROTATION` 55.`Tag::CONFIRMATION_TOKEN`| Value obtained from FuzzedDataProvider|
+
+This also ensures that the plugins are always deterministic for any given input.
+
+##### Maximize utilization of input data
+The plugins feed the entire input data to the module.
+This ensures that the plugins tolerate any kind of input (empty, huge,
+malformed, etc) and dont `exit()` on any input and thereby increasing the
+chance of identifying vulnerabilities.
+
+## Build
+
+This describes steps to build keymaster4_attestation_fuzzer, keymaster4_authSet_fuzzer and keymaster4_utils_fuzzer binaries
+
+### Android
+
+#### Steps to build
+Build the fuzzer
+```
+ $ mm -j$(nproc) keymaster4_attestation_fuzzer
+ $ mm -j$(nproc) keymaster4_authSet_fuzzer
+ $ mm -j$(nproc) keymaster4_utils_fuzzer
+```
+#### Steps to run
+To run on device
+```
+ $ adb sync data
+ $ adb shell /data/fuzz/${TARGET_ARCH}/keymaster4_attestation_fuzzer/keymaster4_attestation_fuzzer
+ $ adb shell /data/fuzz/${TARGET_ARCH}/keymaster4_authSet_fuzzer/keymaster4_authSet_fuzzer
+ $ adb shell /data/fuzz/${TARGET_ARCH}/keymaster4_utils_fuzzer/keymaster4_utils_fuzzer
+```
+
+## References:
+ * http://llvm.org/docs/LibFuzzer.html
+ * https://github.com/google/oss-fuzz
diff --git a/keymaster/4.0/support/fuzzer/keymaster4_attestation_fuzzer.cpp b/keymaster/4.0/support/fuzzer/keymaster4_attestation_fuzzer.cpp
new file mode 100644
index 0000000..b8b858d
--- /dev/null
+++ b/keymaster/4.0/support/fuzzer/keymaster4_attestation_fuzzer.cpp
@@ -0,0 +1,185 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+#include <android/hardware/keymaster/4.0/IKeymasterDevice.h>
+#include <keymasterV4_0/attestation_record.h>
+#include <keymasterV4_0/openssl_utils.h>
+#include "keymaster4_common.h"
+
+namespace android::hardware::keymaster::V4_0::fuzzer {
+
+constexpr size_t kMinBytes = 1;
+constexpr size_t kMaxBytes = 10;
+
+class KeyMaster4AttestationFuzzer {
+ public:
+ void process(const uint8_t* data, size_t size);
+
+ private:
+ ErrorCode generateKey(const AuthorizationSet& keyDesc, hidl_vec<uint8_t>* keyBlob,
+ KeyCharacteristics* keyCharacteristics);
+ ErrorCode attestKey(hidl_vec<uint8_t>& keyBlob, const AuthorizationSet& attestParams,
+ hidl_vec<hidl_vec<uint8_t>>* certificateChain);
+ X509_Ptr parseCertificateBlob(const hidl_vec<uint8_t>& blob);
+ ASN1_OCTET_STRING* getAttestationRecord(const X509* certificate);
+ bool verifyAttestationRecord(const hidl_vec<uint8_t>& attestationCert);
+ void invokeAttestationRecord();
+
+ sp<IKeymasterDevice> mKeymaster = nullptr;
+ std::unique_ptr<FuzzedDataProvider> mFdp = nullptr;
+};
+
+ErrorCode KeyMaster4AttestationFuzzer::generateKey(const AuthorizationSet& key_desc,
+ hidl_vec<uint8_t>* keyBlob,
+ KeyCharacteristics* keyCharacteristics) {
+ ErrorCode error;
+ mKeymaster->generateKey(key_desc.hidl_data(),
+ [&](ErrorCode hidlError, const hidl_vec<uint8_t>& hidlKeyBlob,
+ const KeyCharacteristics& hidlKeyCharacteristics) {
+ error = hidlError;
+ *keyBlob = hidlKeyBlob;
+ *keyCharacteristics = hidlKeyCharacteristics;
+ });
+ return error;
+}
+
+ErrorCode KeyMaster4AttestationFuzzer::attestKey(hidl_vec<uint8_t>& keyBlob,
+ const AuthorizationSet& attestParams,
+ hidl_vec<hidl_vec<uint8_t>>* certificateChain) {
+ ErrorCode error;
+ auto rc = mKeymaster->attestKey(
+ keyBlob, attestParams.hidl_data(),
+ [&](ErrorCode hidlError, const hidl_vec<hidl_vec<uint8_t>>& hidlCertificateChain) {
+ error = hidlError;
+ *certificateChain = hidlCertificateChain;
+ });
+
+ if (!rc.isOk()) {
+ return ErrorCode::UNKNOWN_ERROR;
+ }
+ return error;
+}
+
+X509_Ptr KeyMaster4AttestationFuzzer::parseCertificateBlob(const hidl_vec<uint8_t>& blob) {
+ const uint8_t* p = blob.data();
+ return X509_Ptr(d2i_X509(nullptr, &p, blob.size()));
+}
+
+/**
+ * @brief getAttestationRecord() accepts a 'certificate' pointer and the return value points to the
+ * data owned by 'certificate'. Hence, 'certificate' should not be freed and the return value cannot
+ * outlive 'certificate'
+ */
+ASN1_OCTET_STRING* KeyMaster4AttestationFuzzer::getAttestationRecord(const X509* certificate) {
+ ASN1_OBJECT_Ptr oid(OBJ_txt2obj(kAttestionRecordOid, 1 /* dotted string format */));
+ if (!oid.get()) {
+ return nullptr;
+ }
+
+ int location = X509_get_ext_by_OBJ(certificate, oid.get(), -1 /* search from beginning */);
+ if (location == -1) {
+ return nullptr;
+ }
+
+ X509_EXTENSION* attestRecordExt = X509_get_ext(certificate, location);
+ if (!attestRecordExt) {
+ return nullptr;
+ }
+
+ ASN1_OCTET_STRING* attestRecord = X509_EXTENSION_get_data(attestRecordExt);
+ return attestRecord;
+}
+
+bool KeyMaster4AttestationFuzzer::verifyAttestationRecord(
+ const hidl_vec<uint8_t>& attestationCert) {
+ X509_Ptr cert(parseCertificateBlob(attestationCert));
+ if (!cert.get()) {
+ return false;
+ }
+
+ ASN1_OCTET_STRING* attestRecord = getAttestationRecord(cert.get());
+ if (!attestRecord) {
+ return false;
+ }
+
+ AuthorizationSet attestationSwEnforced;
+ AuthorizationSet attestationHwEnforced;
+ uint32_t attestationVersion;
+ uint32_t keymasterVersion;
+ SecurityLevel securityLevel;
+ SecurityLevel keymasterSecurityLevel;
+ hidl_vec<uint8_t> attestationChallenge;
+ hidl_vec<uint8_t> attestationUniqueId;
+
+ auto error = parse_attestation_record(
+ attestRecord->data, attestRecord->length, &attestationVersion, &securityLevel,
+ &keymasterVersion, &keymasterSecurityLevel, &attestationChallenge,
+ &attestationSwEnforced, &attestationHwEnforced, &attestationUniqueId);
+ if (error != ErrorCode::OK) {
+ return false;
+ }
+
+ hidl_vec<uint8_t> verifiedBootKey;
+ keymaster_verified_boot_t verifiedBootState;
+ bool device_locked;
+ hidl_vec<uint8_t> verifiedBootHash;
+
+ parse_root_of_trust(attestRecord->data, attestRecord->length, &verifiedBootKey,
+ &verifiedBootState, &device_locked, &verifiedBootHash);
+ return true;
+}
+
+void KeyMaster4AttestationFuzzer::invokeAttestationRecord() {
+ mKeymaster = IKeymasterDevice::getService();
+ if (!mKeymaster) {
+ return;
+ }
+
+ hidl_vec<uint8_t> keyBlob;
+ KeyCharacteristics keyCharacteristics;
+ generateKey(createAuthorizationSet(mFdp), &keyBlob, &keyCharacteristics);
+
+ hidl_vec<hidl_vec<uint8_t>> certificateChain;
+
+ std::vector<uint8_t> challenge, attestationId;
+ challenge =
+ mFdp->ConsumeBytes<uint8_t>(mFdp->ConsumeIntegralInRange<size_t>(kMinBytes, kMaxBytes));
+ attestationId =
+ mFdp->ConsumeBytes<uint8_t>(mFdp->ConsumeIntegralInRange<size_t>(kMinBytes, kMaxBytes));
+ attestKey(keyBlob,
+ AuthorizationSetBuilder()
+ .Authorization(TAG_ATTESTATION_CHALLENGE, challenge)
+ .Authorization(TAG_ATTESTATION_APPLICATION_ID, attestationId),
+ &certificateChain);
+
+ if (certificateChain.size() > 0) {
+ verifyAttestationRecord(certificateChain[mFdp->ConsumeIntegralInRange<size_t>(
+ 0, certificateChain.size() - 1)]);
+ }
+}
+
+void KeyMaster4AttestationFuzzer::process(const uint8_t* data, size_t size) {
+ mFdp = std::make_unique<FuzzedDataProvider>(data, size);
+ invokeAttestationRecord();
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ KeyMaster4AttestationFuzzer km4AttestationFuzzer;
+ km4AttestationFuzzer.process(data, size);
+ return 0;
+}
+
+} // namespace android::hardware::keymaster::V4_0::fuzzer
diff --git a/keymaster/4.0/support/fuzzer/keymaster4_authSet_fuzzer.cpp b/keymaster/4.0/support/fuzzer/keymaster4_authSet_fuzzer.cpp
new file mode 100644
index 0000000..63e0499
--- /dev/null
+++ b/keymaster/4.0/support/fuzzer/keymaster4_authSet_fuzzer.cpp
@@ -0,0 +1,202 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+#include <fstream>
+#include "keymaster4_common.h"
+
+namespace android::hardware::keymaster::V4_0::fuzzer {
+
+constexpr size_t kMaxVectorSize = 100;
+constexpr size_t kMaxKeyParameter = 10;
+
+constexpr Tag kTagArray[] = {Tag::INVALID,
+ Tag::PURPOSE,
+ Tag::ALGORITHM,
+ Tag::KEY_SIZE,
+ Tag::BLOCK_MODE,
+ Tag::DIGEST,
+ Tag::PADDING,
+ Tag::CALLER_NONCE,
+ Tag::MIN_MAC_LENGTH,
+ Tag::EC_CURVE,
+ Tag::RSA_PUBLIC_EXPONENT,
+ Tag::INCLUDE_UNIQUE_ID,
+ Tag::BLOB_USAGE_REQUIREMENTS,
+ Tag::BOOTLOADER_ONLY,
+ Tag::ROLLBACK_RESISTANCE,
+ Tag::HARDWARE_TYPE,
+ Tag::ACTIVE_DATETIME,
+ Tag::ORIGINATION_EXPIRE_DATETIME,
+ Tag::USAGE_EXPIRE_DATETIME,
+ Tag::MIN_SECONDS_BETWEEN_OPS,
+ Tag::MAX_USES_PER_BOOT,
+ Tag::USER_ID,
+ Tag::USER_SECURE_ID,
+ Tag::NO_AUTH_REQUIRED,
+ Tag::USER_AUTH_TYPE,
+ Tag::AUTH_TIMEOUT,
+ Tag::ALLOW_WHILE_ON_BODY,
+ Tag::TRUSTED_USER_PRESENCE_REQUIRED,
+ Tag::TRUSTED_CONFIRMATION_REQUIRED,
+ Tag::UNLOCKED_DEVICE_REQUIRED,
+ Tag::APPLICATION_ID,
+ Tag::APPLICATION_DATA,
+ Tag::CREATION_DATETIME,
+ Tag::ORIGIN,
+ Tag::ROOT_OF_TRUST,
+ Tag::OS_VERSION,
+ Tag::OS_PATCHLEVEL,
+ Tag::UNIQUE_ID,
+ Tag::ATTESTATION_CHALLENGE,
+ Tag::ATTESTATION_APPLICATION_ID,
+ Tag::ATTESTATION_ID_BRAND,
+ Tag::ATTESTATION_ID_DEVICE,
+ Tag::ATTESTATION_ID_PRODUCT,
+ Tag::ATTESTATION_ID_SERIAL,
+ Tag::ATTESTATION_ID_IMEI,
+ Tag::ATTESTATION_ID_MEID,
+ Tag::ATTESTATION_ID_MANUFACTURER,
+ Tag::ATTESTATION_ID_MODEL,
+ Tag::VENDOR_PATCHLEVEL,
+ Tag::BOOT_PATCHLEVEL,
+ Tag::ASSOCIATED_DATA,
+ Tag::NONCE,
+ Tag::MAC_LENGTH,
+ Tag::RESET_SINCE_ID_ROTATION,
+ Tag::CONFIRMATION_TOKEN};
+
+class KeyMaster4AuthSetFuzzer {
+ public:
+ void process(const uint8_t* data, size_t size);
+
+ private:
+ void invokeAuthSetAPIs();
+ std::unique_ptr<FuzzedDataProvider> mFdp = nullptr;
+};
+
+/**
+ * @brief invokeAuthSetAPIs() function aims at calling functions of authorization_set.cpp
+ * and authorization_set.h in order to get a good coverage for libkeymaster4support.
+ */
+void KeyMaster4AuthSetFuzzer::invokeAuthSetAPIs() {
+ AuthorizationSet authSet = createAuthorizationSet(mFdp);
+ while (mFdp->remaining_bytes() > 0) {
+ uint32_t action = mFdp->ConsumeIntegralInRange<uint32_t>(0, 15);
+ switch (action) {
+ case 0: {
+ authSet.Sort();
+ } break;
+ case 1: {
+ authSet.Deduplicate();
+ } break;
+ case 2: {
+ authSet.Union(createAuthorizationSet(mFdp));
+ } break;
+ case 3: {
+ authSet.Subtract(createAuthorizationSet(mFdp));
+ } break;
+ case 4: {
+ std::filebuf fbOut;
+ fbOut.open("/dev/zero", std::ios::out);
+ std::ostream out(&fbOut);
+ authSet.Serialize(&out);
+ } break;
+ case 5: {
+ std::filebuf fbIn;
+ fbIn.open("/dev/zero", std::ios::in);
+ std::istream in(&fbIn);
+ authSet.Deserialize(&in);
+ } break;
+ case 6: { // invoke push_back()
+ AuthorizationSetBuilder builder = AuthorizationSetBuilder();
+ for (const KeyParameter& tag : authSet) {
+ builder.push_back(tag);
+ }
+ AuthorizationSet params = createAuthorizationSet(mFdp);
+ authSet.push_back(params);
+ } break;
+ case 7: { // invoke copy constructor
+ auto params = AuthorizationSetBuilder().Authorizations(authSet);
+ authSet = params;
+ } break;
+ case 8: { // invoke move constructor
+ auto params = AuthorizationSetBuilder().Authorizations(authSet);
+ authSet = std::move(params);
+ } break;
+ case 9: { // invoke Constructor from hidl_vec<KeyParameter>
+ hidl_vec<KeyParameter> keyParam;
+ size_t numKeyParam = mFdp->ConsumeIntegralInRange<size_t>(1, kMaxKeyParameter);
+ keyParam.resize(numKeyParam);
+ for (size_t i = 0; i < numKeyParam - 1; ++i) {
+ keyParam[i].tag = mFdp->PickValueInArray(kTagArray);
+ std::vector<uint8_t> dataVector = mFdp->ConsumeBytes<uint8_t>(
+ mFdp->ConsumeIntegralInRange<size_t>(0, kMaxVectorSize));
+ keyParam[i].blob = dataVector;
+ }
+ if (mFdp->ConsumeBool()) {
+ AuthorizationSet auths(keyParam);
+ auths.push_back(AuthorizationSet(keyParam));
+ } else { // invoke operator=
+ AuthorizationSet auths = keyParam;
+ }
+ } break;
+ case 10: { // invoke 'Contains()'
+ Tag tag;
+ if (authSet.size() > 0) {
+ tag = authSet[mFdp->ConsumeIntegralInRange<size_t>(0, authSet.size() - 1)].tag;
+ }
+ authSet.Contains(mFdp->ConsumeBool() ? tag : mFdp->PickValueInArray(kTagArray));
+ } break;
+ case 11: { // invoke 'GetTagCount()'
+ Tag tag;
+ if (authSet.size() > 0) {
+ tag = authSet[mFdp->ConsumeIntegralInRange<size_t>(0, authSet.size() - 1)].tag;
+ }
+ authSet.GetTagCount(mFdp->ConsumeBool() ? tag : mFdp->PickValueInArray(kTagArray));
+ } break;
+ case 12: { // invoke 'empty()'
+ authSet.empty();
+ } break;
+ case 13: { // invoke 'data()'
+ authSet.data();
+ } break;
+ case 14: { // invoke 'hidl_data()'
+ authSet.hidl_data();
+ } break;
+ case 15: { // invoke 'erase()'
+ if (authSet.size() > 0) {
+ authSet.erase(mFdp->ConsumeIntegralInRange<size_t>(0, authSet.size() - 1));
+ }
+ } break;
+ default:
+ break;
+ };
+ }
+ authSet.Clear();
+}
+
+void KeyMaster4AuthSetFuzzer::process(const uint8_t* data, size_t size) {
+ mFdp = std::make_unique<FuzzedDataProvider>(data, size);
+ invokeAuthSetAPIs();
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ KeyMaster4AuthSetFuzzer km4AuthSetFuzzer;
+ km4AuthSetFuzzer.process(data, size);
+ return 0;
+}
+
+} // namespace android::hardware::keymaster::V4_0::fuzzer
diff --git a/keymaster/4.0/support/fuzzer/keymaster4_common.h b/keymaster/4.0/support/fuzzer/keymaster4_common.h
new file mode 100644
index 0000000..f6e53ee
--- /dev/null
+++ b/keymaster/4.0/support/fuzzer/keymaster4_common.h
@@ -0,0 +1,198 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+#ifndef __KEYMASTER4_COMMON_H__
+#define __KEYMASTER4_COMMON_H__
+
+#include <fuzzer/FuzzedDataProvider.h>
+#include <keymasterV4_0/authorization_set.h>
+
+namespace android::hardware::keymaster::V4_0::fuzzer {
+
+using ::android::hardware::hidl_vec;
+
+constexpr uint32_t kKeySize = 2048;
+constexpr uint32_t kPublicExponent = 65537;
+
+constexpr EcCurve kCurve[] = {EcCurve::P_224, EcCurve::P_256, EcCurve::P_384, EcCurve::P_521};
+
+constexpr PaddingMode kPaddingMode[] = {
+ PaddingMode::NONE,
+ PaddingMode::RSA_OAEP,
+ PaddingMode::RSA_PSS,
+ PaddingMode::RSA_PKCS1_1_5_ENCRYPT,
+ PaddingMode::RSA_PKCS1_1_5_SIGN,
+ PaddingMode::PKCS7,
+};
+
+constexpr Digest kDigest[] = {
+ Digest::NONE, Digest::MD5, Digest::SHA1, Digest::SHA_2_224,
+ Digest::SHA_2_256, Digest::SHA_2_384, Digest::SHA_2_512,
+};
+
+enum AuthSet : uint32_t {
+ RSA_SIGNING_KEY = 0u,
+ RSA_ENCRYPRION_KEY,
+ ECDSA_SIGNING_CURVE,
+ ECDSA_SIGNING_KEY,
+ AES_ENCRYPTION_KEY,
+ TRIPLE_DES,
+ HMAC,
+ NO_DIGEST,
+ ECB_MODE,
+ GSM_MODE_MIN_MAC,
+ GSM_MODE_MAC,
+ BLOCK_MODE,
+ kMaxValue = BLOCK_MODE
+};
+
+AuthorizationSet createAuthorizationSet(std::unique_ptr<FuzzedDataProvider>& dataProvider) {
+ uint32_t authSet = dataProvider->ConsumeEnum<AuthSet>();
+ switch (authSet) {
+ case RSA_SIGNING_KEY: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .RsaSigningKey(kKeySize, kPublicExponent)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case RSA_ENCRYPRION_KEY: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .RsaEncryptionKey(kKeySize, kPublicExponent)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case ECDSA_SIGNING_CURVE: {
+ EcCurve ecCurve = dataProvider->PickValueInArray(kCurve);
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(ecCurve)
+ .Digest(digest)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case ECDSA_SIGNING_KEY: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(kKeySize)
+ .Digest(digest)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case AES_ENCRYPTION_KEY: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AesEncryptionKey(kKeySize)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case TRIPLE_DES: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .TripleDesEncryptionKey(kKeySize)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case HMAC: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .HmacKey(kKeySize)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case NO_DIGEST: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .NoDigestOrPadding()
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case ECB_MODE: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcbMode()
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case GSM_MODE_MIN_MAC: {
+ uint32_t minMacLength = dataProvider->ConsumeIntegral<uint32_t>();
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .GcmModeMinMacLen(minMacLength)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case GSM_MODE_MAC: {
+ uint32_t macLength = dataProvider->ConsumeIntegral<uint32_t>();
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .GcmModeMacLen(macLength)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ case BLOCK_MODE: {
+ Digest digest = dataProvider->PickValueInArray(kDigest);
+ PaddingMode padding = dataProvider->PickValueInArray(kPaddingMode);
+ auto blockModes = {
+ BlockMode::ECB,
+ BlockMode::CBC,
+ BlockMode::CTR,
+ BlockMode::GCM,
+ };
+ return AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .BlockMode(blockModes)
+ .Digest(digest)
+ .Padding(padding)
+ .Authorization(TAG_INCLUDE_UNIQUE_ID);
+ } break;
+ default:
+ break;
+ };
+ return AuthorizationSetBuilder();
+}
+
+} // namespace android::hardware::keymaster::V4_0::fuzzer
+
+#endif // __KEYMASTER4_COMMON_H__
diff --git a/keymaster/4.0/support/fuzzer/keymaster4_utils_fuzzer.cpp b/keymaster/4.0/support/fuzzer/keymaster4_utils_fuzzer.cpp
new file mode 100644
index 0000000..bf074e8
--- /dev/null
+++ b/keymaster/4.0/support/fuzzer/keymaster4_utils_fuzzer.cpp
@@ -0,0 +1,89 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+#include <hardware/hw_auth_token.h>
+#include <keymasterV4_0/keymaster_utils.h>
+#include "keymaster4_common.h"
+
+namespace android::hardware::keymaster::V4_0::fuzzer {
+
+using android::hardware::keymaster::V4_0::SecurityLevel;
+using android::hardware::keymaster::V4_0::VerificationToken;
+using android::hardware::keymaster::V4_0::support::deserializeVerificationToken;
+using android::hardware::keymaster::V4_0::support::serializeVerificationToken;
+
+constexpr SecurityLevel kSecurityLevel[]{
+ SecurityLevel::SOFTWARE,
+ SecurityLevel::TRUSTED_ENVIRONMENT,
+ SecurityLevel::STRONGBOX,
+};
+constexpr size_t kMaxVectorSize = 100;
+constexpr size_t kMaxCharacters = 100;
+
+class KeyMaster4UtilsFuzzer {
+ public:
+ void process(const uint8_t* data, size_t size);
+
+ private:
+ void invokeKeyMasterUtils();
+ std::unique_ptr<FuzzedDataProvider> mFdp = nullptr;
+};
+
+void KeyMaster4UtilsFuzzer::invokeKeyMasterUtils() {
+ support::getOsVersion();
+ support::getOsPatchlevel();
+
+ VerificationToken token;
+ token.challenge = mFdp->ConsumeIntegral<uint64_t>();
+ token.timestamp = mFdp->ConsumeIntegral<uint64_t>();
+ token.securityLevel = mFdp->PickValueInArray(kSecurityLevel);
+ size_t vectorSize = mFdp->ConsumeIntegralInRange<size_t>(0, kMaxVectorSize);
+ token.mac.resize(vectorSize);
+ for (size_t n = 0; n < vectorSize; ++n) {
+ token.mac[n] = n;
+ }
+ std::optional<std::vector<uint8_t>> serialized = serializeVerificationToken(token);
+ if (serialized.has_value()) {
+ std::optional<VerificationToken> deserialized =
+ deserializeVerificationToken(serialized.value());
+ }
+
+ std::vector<uint8_t> dataVector;
+ size_t size = mFdp->ConsumeIntegralInRange<size_t>(0, sizeof(hw_auth_token_t));
+ dataVector = mFdp->ConsumeBytes<uint8_t>(size);
+ support::blob2hidlVec(dataVector.data(), dataVector.size());
+
+ support::blob2hidlVec(dataVector);
+
+ std::string str = mFdp->ConsumeRandomLengthString(kMaxCharacters);
+ support::blob2hidlVec(str);
+
+ HardwareAuthToken authToken = support::hidlVec2AuthToken(dataVector);
+ hidl_vec<uint8_t> volatile hidlVector = support::authToken2HidlVec(authToken);
+}
+
+void KeyMaster4UtilsFuzzer::process(const uint8_t* data, size_t size) {
+ mFdp = std::make_unique<FuzzedDataProvider>(data, size);
+ invokeKeyMasterUtils();
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ KeyMaster4UtilsFuzzer kmUtilsFuzzer;
+ kmUtilsFuzzer.process(data, size);
+ return 0;
+}
+
+} // namespace android::hardware::keymaster::V4_0::fuzzer
diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index 01c502c..476eed8 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -438,7 +438,7 @@
// TODO(b/136282179): When running under VTS-on-GSI the TEE-backed
// keymaster implementation will report YYYYMM dates instead of YYYYMMDD
// for the BOOT_PATCH_LEVEL.
- if (avb_verification_enabled()) {
+ if (!is_gsi()) {
for (int i = 0; i < att_hw_enforced.size(); i++) {
if (att_hw_enforced[i].tag == TAG_BOOT_PATCHLEVEL ||
att_hw_enforced[i].tag == TAG_VENDOR_PATCHLEVEL) {
diff --git a/light/aidl/default/Android.bp b/light/aidl/default/Android.bp
index 459b8e2..2ccf140 100644
--- a/light/aidl/default/Android.bp
+++ b/light/aidl/default/Android.bp
@@ -16,7 +16,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.light-V1-ndk_platform",
+ "android.hardware.light-V1-ndk",
],
srcs: [
"Lights.cpp",
diff --git a/memtrack/aidl/android/hardware/memtrack/IMemtrack.aidl b/memtrack/aidl/android/hardware/memtrack/IMemtrack.aidl
index e78d4d7..88b090b 100644
--- a/memtrack/aidl/android/hardware/memtrack/IMemtrack.aidl
+++ b/memtrack/aidl/android/hardware/memtrack/IMemtrack.aidl
@@ -31,21 +31,36 @@
* accounting for stride, bit depth, rounding up to page size, etc.
*
* The following getMemory() categories are important for memory accounting in
- * `dumpsys meminfo` and should be reported as described below:
+ * Android frameworks (e.g. `dumpsys meminfo`) and should be reported as described
+ * below:
*
* - MemtrackType::GRAPHICS and MemtrackRecord::FLAG_SMAPS_UNACCOUNTED
- * This should report the PSS of all DMA buffers mapped by the process
- * with the specified PID. This PSS can be calculated using ReadDmaBufPss()
- * form libdmabufinfo.
+ * This should report the PSS of all CPU-Mapped DMA-BUFs (buffers mapped into
+ * the process address space) and all GPU-Mapped DMA-BUFs (buffers mapped into
+ * the GPU device address space on behalf of the process), removing any overlap
+ * between the CPU-mapped and GPU-mapped sets.
*
* - MemtrackType::GL and MemtrackRecord::FLAG_SMAPS_UNACCOUNTED
* This category should report all GPU private allocations for the specified
* PID that are not accounted in /proc/<pid>/smaps.
*
+ * getMemory() called with PID 0 should report the global total GPU-private
+ * memory, for MemtrackType::GL and MemtrackRecord::FLAG_SMAPS_UNACCOUNTED.
+ *
+ * getMemory() called with PID 0 for a MemtrackType other than GL should
+ * report 0.
+ *
* - MemtrackType::OTHER and MemtrackRecord::FLAG_SMAPS_UNACCOUNTED
* Any other memory not accounted for in /proc/<pid>/smaps if any, otherwise
* this should return 0.
*
+ * SMAPS_UNACCOUNTED memory should also include memory that is mapped with
+ * VM_PFNMAP flag set. For these mappings PSS and RSS are reported as 0 in smaps.
+ * Such mappings have no backing page structs from which PSS/RSS can be calculated.
+ *
+ * Any memtrack operation that is not supported should return a binder status with
+ * exception code EX_UNSUPPORTED_OPERATION.
+ *
* Constructor for the interface should be used to perform memtrack management
* setup actions and must be called once before any calls to getMemory().
*/
diff --git a/memtrack/aidl/default/Android.bp b/memtrack/aidl/default/Android.bp
index 7a7feea..6c77177 100644
--- a/memtrack/aidl/default/Android.bp
+++ b/memtrack/aidl/default/Android.bp
@@ -30,7 +30,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.memtrack-V1-ndk_platform",
+ "android.hardware.memtrack-V1-ndk",
],
srcs: [
"main.cpp",
diff --git a/memtrack/aidl/vts/Android.bp b/memtrack/aidl/vts/Android.bp
index 8614b47..f54388a 100644
--- a/memtrack/aidl/vts/Android.bp
+++ b/memtrack/aidl/vts/Android.bp
@@ -19,7 +19,7 @@
"libvintf",
],
static_libs: [
- "android.hardware.memtrack-V1-ndk_platform",
+ "android.hardware.memtrack-V1-ndk",
],
test_suites: [
"vts",
diff --git a/neuralnetworks/1.0/utils/Android.bp b/neuralnetworks/1.0/utils/Android.bp
index 0ad9926..8c51c67 100644
--- a/neuralnetworks/1.0/utils/Android.bp
+++ b/neuralnetworks/1.0/utils/Android.bp
@@ -44,6 +44,7 @@
cc_test {
name: "neuralnetworks_utils_hal_1_0_test",
+ host_supported: true,
srcs: ["test/*.cpp"],
static_libs: [
"android.hardware.neuralnetworks@1.0",
@@ -62,8 +63,12 @@
"libhidlbase",
"libhidlmemory",
"liblog",
- "libnativewindow",
"libutils",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ },
test_suites: ["general-tests"],
}
diff --git a/neuralnetworks/1.0/vts/functional/Android.bp b/neuralnetworks/1.0/vts/functional/Android.bp
index 9a91560..b33c581 100644
--- a/neuralnetworks/1.0/vts/functional/Android.bp
+++ b/neuralnetworks/1.0/vts/functional/Android.bp
@@ -25,19 +25,10 @@
cc_defaults {
name: "neuralnetworks_vts_functional_defaults",
- defaults: ["VtsHalTargetTestDefaults"],
- arch: {
- x86: {
- cflags: [ "-D_Float16=__fp16",
- "-Xclang", "-fnative-half-type",
- "-Xclang", "-fallow-half-arguments-and-returns" ],
- },
- x86_64: {
- cflags: [ "-D_Float16=__fp16",
- "-Xclang", "-fnative-half-type",
- "-Xclang", "-fallow-half-arguments-and-returns" ],
- },
- },
+ defaults: [
+ "VtsHalTargetTestDefaults",
+ "neuralnetworks_float16",
+ ],
}
cc_library_static {
@@ -83,6 +74,7 @@
"libnativewindow",
],
static_libs: [
+ "VtsHalNeuralNetworksV1_0_utils",
"android.hardware.neuralnetworks@1.0",
"android.hidl.allocator@1.0",
"android.hidl.memory@1.0",
@@ -90,7 +82,6 @@
"libhidlmemory",
"libneuralnetworks_generated_test_harness",
"libneuralnetworks_utils",
- "VtsHalNeuralNetworksV1_0_utils",
],
whole_static_libs: [
"neuralnetworks_generated_V1_0_example",
@@ -98,5 +89,8 @@
header_libs: [
"libneuralnetworks_headers",
],
- test_suites: ["general-tests", "vts"],
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
}
diff --git a/neuralnetworks/1.0/vts/functional/AndroidTest.xml b/neuralnetworks/1.0/vts/functional/AndroidTest.xml
index 9dd85ae..8f56ff9 100644
--- a/neuralnetworks/1.0/vts/functional/AndroidTest.xml
+++ b/neuralnetworks/1.0/vts/functional/AndroidTest.xml
@@ -29,5 +29,6 @@
<option name="native-test-device-path" value="/data/local/tmp" />
<option name="module-name" value="VtsHalNeuralnetworksV1_0TargetTest" />
<option name="native-test-timeout" value="20m" />
+ <option name="native-test-flag" value="--gtest_break_on_failure" />
</test>
</configuration>
diff --git a/neuralnetworks/1.0/vts/functional/GeneratedTestHarness.cpp b/neuralnetworks/1.0/vts/functional/GeneratedTestHarness.cpp
index ae1e3a2..2ef66c2 100644
--- a/neuralnetworks/1.0/vts/functional/GeneratedTestHarness.cpp
+++ b/neuralnetworks/1.0/vts/functional/GeneratedTestHarness.cpp
@@ -154,6 +154,8 @@
void GeneratedTestBase::SetUp() {
testing::TestWithParam<GeneratedTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
std::vector<NamedModel> getNamedModels(const FilterFn& filter) {
diff --git a/neuralnetworks/1.0/vts/functional/VtsHalNeuralnetworks.cpp b/neuralnetworks/1.0/vts/functional/VtsHalNeuralnetworks.cpp
index 2c17796..e2c0511 100644
--- a/neuralnetworks/1.0/vts/functional/VtsHalNeuralnetworks.cpp
+++ b/neuralnetworks/1.0/vts/functional/VtsHalNeuralnetworks.cpp
@@ -81,6 +81,8 @@
void NeuralnetworksHidlTest::SetUp() {
testing::TestWithParam<NeuralnetworksHidlTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
static NamedDevice makeNamedDevice(const std::string& name) {
diff --git a/neuralnetworks/1.1/utils/Android.bp b/neuralnetworks/1.1/utils/Android.bp
index d9e82d4..737ff58 100644
--- a/neuralnetworks/1.1/utils/Android.bp
+++ b/neuralnetworks/1.1/utils/Android.bp
@@ -46,6 +46,7 @@
cc_test {
name: "neuralnetworks_utils_hal_1_1_test",
+ host_supported: true,
srcs: ["test/*.cpp"],
static_libs: [
"android.hardware.neuralnetworks@1.0",
@@ -66,8 +67,12 @@
"libhidlbase",
"libhidlmemory",
"liblog",
- "libnativewindow",
"libutils",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ },
test_suites: ["general-tests"],
}
diff --git a/neuralnetworks/1.1/vts/functional/Android.bp b/neuralnetworks/1.1/vts/functional/Android.bp
index 826ba96..c001112 100644
--- a/neuralnetworks/1.1/vts/functional/Android.bp
+++ b/neuralnetworks/1.1/vts/functional/Android.bp
@@ -28,18 +28,19 @@
defaults: ["neuralnetworks_vts_functional_defaults"],
srcs: [
"BasicTests.cpp",
+ "GeneratedTestHarness.cpp",
"TestAssertions.cpp",
"TestMain.cpp",
"ValidateModel.cpp",
"ValidateRequest.cpp",
"VtsHalNeuralnetworks.cpp",
- "GeneratedTestHarness.cpp",
],
shared_libs: [
"libfmq",
"libnativewindow",
],
static_libs: [
+ "VtsHalNeuralNetworksV1_0_utils",
"android.hardware.neuralnetworks@1.0",
"android.hardware.neuralnetworks@1.1",
"android.hidl.allocator@1.0",
@@ -48,7 +49,6 @@
"libhidlmemory",
"libneuralnetworks_generated_test_harness",
"libneuralnetworks_utils",
- "VtsHalNeuralNetworksV1_0_utils",
],
whole_static_libs: [
"neuralnetworks_generated_V1_0_example",
@@ -57,5 +57,8 @@
header_libs: [
"libneuralnetworks_headers",
],
- test_suites: ["general-tests", "vts"],
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
}
diff --git a/neuralnetworks/1.1/vts/functional/AndroidTest.xml b/neuralnetworks/1.1/vts/functional/AndroidTest.xml
index 74001f9..9569333 100644
--- a/neuralnetworks/1.1/vts/functional/AndroidTest.xml
+++ b/neuralnetworks/1.1/vts/functional/AndroidTest.xml
@@ -29,5 +29,6 @@
<option name="native-test-device-path" value="/data/local/tmp" />
<option name="module-name" value="VtsHalNeuralnetworksV1_1TargetTest" />
<option name="native-test-timeout" value="20m" />
+ <option name="native-test-flag" value="--gtest_break_on_failure" />
</test>
</configuration>
diff --git a/neuralnetworks/1.1/vts/functional/GeneratedTestHarness.cpp b/neuralnetworks/1.1/vts/functional/GeneratedTestHarness.cpp
index a233835..faf7bb4 100644
--- a/neuralnetworks/1.1/vts/functional/GeneratedTestHarness.cpp
+++ b/neuralnetworks/1.1/vts/functional/GeneratedTestHarness.cpp
@@ -162,6 +162,8 @@
void GeneratedTestBase::SetUp() {
testing::TestWithParam<GeneratedTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
std::vector<NamedModel> getNamedModels(const FilterFn& filter) {
diff --git a/neuralnetworks/1.1/vts/functional/VtsHalNeuralnetworks.cpp b/neuralnetworks/1.1/vts/functional/VtsHalNeuralnetworks.cpp
index 54e8802..613b828 100644
--- a/neuralnetworks/1.1/vts/functional/VtsHalNeuralnetworks.cpp
+++ b/neuralnetworks/1.1/vts/functional/VtsHalNeuralnetworks.cpp
@@ -84,6 +84,8 @@
void NeuralnetworksHidlTest::SetUp() {
testing::TestWithParam<NeuralnetworksHidlTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
static NamedDevice makeNamedDevice(const std::string& name) {
diff --git a/neuralnetworks/1.2/utils/Android.bp b/neuralnetworks/1.2/utils/Android.bp
index 41281ee..4eefb0f 100644
--- a/neuralnetworks/1.2/utils/Android.bp
+++ b/neuralnetworks/1.2/utils/Android.bp
@@ -50,10 +50,21 @@
cflags: ["-DNN_DEBUGGABLE"],
},
},
+ target: {
+ host: {
+ cflags: [
+ "-D__INTRODUCED_IN(x)=",
+ "-D__assert(a,b,c)=",
+ // We want all the APIs to be available on the host.
+ "-D__ANDROID_API__=10000",
+ ],
+ },
+ },
}
cc_test {
name: "neuralnetworks_utils_hal_1_2_test",
+ host_supported: true,
srcs: ["test/*.cpp"],
static_libs: [
"android.hardware.neuralnetworks@1.0",
@@ -76,8 +87,12 @@
"libhidlbase",
"libhidlmemory",
"liblog",
- "libnativewindow",
"libutils",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ },
test_suites: ["general-tests"],
}
diff --git a/neuralnetworks/1.2/vts/functional/AndroidTest.xml b/neuralnetworks/1.2/vts/functional/AndroidTest.xml
index 5396d85..c28b2e2 100644
--- a/neuralnetworks/1.2/vts/functional/AndroidTest.xml
+++ b/neuralnetworks/1.2/vts/functional/AndroidTest.xml
@@ -29,5 +29,6 @@
<option name="native-test-device-path" value="/data/local/tmp" />
<option name="module-name" value="VtsHalNeuralnetworksV1_2TargetTest" />
<option name="native-test-timeout" value="20m" />
+ <option name="native-test-flag" value="--gtest_break_on_failure" />
</test>
</configuration>
diff --git a/neuralnetworks/1.2/vts/functional/CompilationCachingTests.cpp b/neuralnetworks/1.2/vts/functional/CompilationCachingTests.cpp
index ede1600..3d783d9 100644
--- a/neuralnetworks/1.2/vts/functional/CompilationCachingTests.cpp
+++ b/neuralnetworks/1.2/vts/functional/CompilationCachingTests.cpp
@@ -225,6 +225,8 @@
void SetUp() override {
testing::Test::SetUp();
ASSERT_NE(kDevice.get(), nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
// Create cache directory. The cache directory and a temporary cache file is always created
// to test the behavior of prepareModelFromCache, even when caching is not supported.
diff --git a/neuralnetworks/1.2/vts/functional/GeneratedTestHarness.cpp b/neuralnetworks/1.2/vts/functional/GeneratedTestHarness.cpp
index 56f3c0b..9fa139a 100644
--- a/neuralnetworks/1.2/vts/functional/GeneratedTestHarness.cpp
+++ b/neuralnetworks/1.2/vts/functional/GeneratedTestHarness.cpp
@@ -384,6 +384,8 @@
void GeneratedTestBase::SetUp() {
testing::TestWithParam<GeneratedTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
std::vector<NamedModel> getNamedModels(const FilterFn& filter) {
diff --git a/neuralnetworks/1.2/vts/functional/VtsHalNeuralnetworks.cpp b/neuralnetworks/1.2/vts/functional/VtsHalNeuralnetworks.cpp
index a60ec4d..729d584 100644
--- a/neuralnetworks/1.2/vts/functional/VtsHalNeuralnetworks.cpp
+++ b/neuralnetworks/1.2/vts/functional/VtsHalNeuralnetworks.cpp
@@ -87,6 +87,8 @@
void NeuralnetworksHidlTest::SetUp() {
testing::TestWithParam<NeuralnetworksHidlTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
static NamedDevice makeNamedDevice(const std::string& name) {
diff --git a/neuralnetworks/1.3/utils/Android.bp b/neuralnetworks/1.3/utils/Android.bp
index 28c036a..7acb4fc 100644
--- a/neuralnetworks/1.3/utils/Android.bp
+++ b/neuralnetworks/1.3/utils/Android.bp
@@ -47,10 +47,21 @@
export_static_lib_headers: [
"neuralnetworks_utils_hal_common",
],
+ target: {
+ host: {
+ cflags: [
+ "-D__INTRODUCED_IN(x)=",
+ "-D__assert(a,b,c)=",
+ // We want all the APIs to be available on the host.
+ "-D__ANDROID_API__=10000",
+ ],
+ },
+ },
}
cc_test {
name: "neuralnetworks_utils_hal_1_3_test",
+ host_supported: true,
srcs: ["test/*.cpp"],
static_libs: [
"android.hardware.neuralnetworks@1.0",
@@ -75,8 +86,12 @@
"libhidlbase",
"libhidlmemory",
"liblog",
- "libnativewindow",
"libutils",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ },
test_suites: ["general-tests"],
}
diff --git a/neuralnetworks/1.3/vts/functional/Android.bp b/neuralnetworks/1.3/vts/functional/Android.bp
index f975250..1382bdb 100644
--- a/neuralnetworks/1.3/vts/functional/Android.bp
+++ b/neuralnetworks/1.3/vts/functional/Android.bp
@@ -66,7 +66,7 @@
"VtsHalNeuralNetworksV1_0_utils",
"VtsHalNeuralNetworksV1_2_utils",
"VtsHalNeuralNetworksV1_3_utils",
- "android.hardware.neuralnetworks-V1-ndk_platform",
+ "android.hardware.neuralnetworks-V1-ndk",
"android.hardware.neuralnetworks@1.0",
"android.hardware.neuralnetworks@1.1",
"android.hardware.neuralnetworks@1.2",
diff --git a/neuralnetworks/1.3/vts/functional/AndroidTest.xml b/neuralnetworks/1.3/vts/functional/AndroidTest.xml
index c418aaa..d1cba6a 100644
--- a/neuralnetworks/1.3/vts/functional/AndroidTest.xml
+++ b/neuralnetworks/1.3/vts/functional/AndroidTest.xml
@@ -29,5 +29,6 @@
<option name="native-test-device-path" value="/data/local/tmp" />
<option name="module-name" value="VtsHalNeuralnetworksV1_3TargetTest" />
<option name="native-test-timeout" value="20m" />
+ <option name="native-test-flag" value="--gtest_break_on_failure" />
</test>
</configuration>
diff --git a/neuralnetworks/1.3/vts/functional/CompilationCachingTests.cpp b/neuralnetworks/1.3/vts/functional/CompilationCachingTests.cpp
index edffa22..a2013ec 100644
--- a/neuralnetworks/1.3/vts/functional/CompilationCachingTests.cpp
+++ b/neuralnetworks/1.3/vts/functional/CompilationCachingTests.cpp
@@ -228,6 +228,8 @@
void SetUp() override {
testing::Test::SetUp();
ASSERT_NE(kDevice.get(), nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
// Create cache directory. The cache directory and a temporary cache file is always created
// to test the behavior of prepareModelFromCache_1_3, even when caching is not supported.
diff --git a/neuralnetworks/1.3/vts/functional/GeneratedTestHarness.cpp b/neuralnetworks/1.3/vts/functional/GeneratedTestHarness.cpp
index 0a95695..6d30d85 100644
--- a/neuralnetworks/1.3/vts/functional/GeneratedTestHarness.cpp
+++ b/neuralnetworks/1.3/vts/functional/GeneratedTestHarness.cpp
@@ -926,6 +926,8 @@
void GeneratedTestBase::SetUp() {
testing::TestWithParam<GeneratedTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
std::vector<NamedModel> getNamedModels(const FilterFn& filter) {
diff --git a/neuralnetworks/1.3/vts/functional/MemoryDomainTests.cpp b/neuralnetworks/1.3/vts/functional/MemoryDomainTests.cpp
index 5facc5e..e2fa6e4 100644
--- a/neuralnetworks/1.3/vts/functional/MemoryDomainTests.cpp
+++ b/neuralnetworks/1.3/vts/functional/MemoryDomainTests.cpp
@@ -243,6 +243,8 @@
void SetUp() override {
testing::Test::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
sp<IPreparedModel> createConvPreparedModel(const TestOperand& testOperand,
diff --git a/neuralnetworks/1.3/vts/functional/VtsHalNeuralnetworks.cpp b/neuralnetworks/1.3/vts/functional/VtsHalNeuralnetworks.cpp
index df1e453..eb8cb4b 100644
--- a/neuralnetworks/1.3/vts/functional/VtsHalNeuralnetworks.cpp
+++ b/neuralnetworks/1.3/vts/functional/VtsHalNeuralnetworks.cpp
@@ -92,6 +92,8 @@
void NeuralnetworksHidlTest::SetUp() {
testing::TestWithParam<NeuralnetworksHidlTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive = kDevice->ping().isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
static NamedDevice makeNamedDevice(const std::string& name) {
diff --git a/neuralnetworks/aidl/Android.bp b/neuralnetworks/aidl/Android.bp
index ebf4654..4316c31 100644
--- a/neuralnetworks/aidl/Android.bp
+++ b/neuralnetworks/aidl/Android.bp
@@ -9,14 +9,15 @@
aidl_interface {
name: "android.hardware.neuralnetworks",
+ host_supported: true,
vendor_available: true,
srcs: [
"android/hardware/neuralnetworks/*.aidl",
],
stability: "vintf",
imports: [
- "android.hardware.common",
- "android.hardware.graphics.common",
+ "android.hardware.common-V2",
+ "android.hardware.graphics.common-V2",
],
backend: {
java: {
diff --git a/neuralnetworks/aidl/utils/Android.bp b/neuralnetworks/aidl/utils/Android.bp
index 0ccc711..508b1ea 100644
--- a/neuralnetworks/aidl/utils/Android.bp
+++ b/neuralnetworks/aidl/utils/Android.bp
@@ -31,18 +31,22 @@
export_include_dirs: ["include"],
cflags: ["-Wthread-safety"],
static_libs: [
- "android.hardware.graphics.common-V2-ndk_platform",
+ "android.hardware.graphics.common-V2-ndk",
"libaidlcommonsupport",
"libarect",
"neuralnetworks_types",
"neuralnetworks_utils_hal_common",
],
shared_libs: [
- "android.hardware.neuralnetworks-V1-ndk_platform",
+ "android.hardware.neuralnetworks-V1-ndk",
"libbinder_ndk",
"libhidlbase",
- "libnativewindow",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ },
}
cc_test {
@@ -52,9 +56,9 @@
"test/*.cpp",
],
static_libs: [
- "android.hardware.common-V2-ndk_platform",
- "android.hardware.graphics.common-V2-ndk_platform",
- "android.hardware.neuralnetworks-V1-ndk_platform",
+ "android.hardware.common-V2-ndk",
+ "android.hardware.graphics.common-V2-ndk",
+ "android.hardware.neuralnetworks-V1-ndk",
"libaidlcommonsupport",
"libgmock",
"libneuralnetworks_common",
@@ -70,9 +74,21 @@
"libhidlbase",
"libhidlmemory",
"liblog",
- "libnativewindow",
"libutils",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ host: {
+ cflags: [
+ "-D__INTRODUCED_IN(x)=",
+ "-D__assert(a,b,c)=",
+ // We want all the APIs to be available on the host.
+ "-D__ANDROID_API__=10000",
+ ],
+ },
+ },
cflags: [
/* GMOCK defines functions for printing all MOCK_DEVICE arguments and
* MockDevice contains a string pointer which triggers a warning in the
diff --git a/neuralnetworks/aidl/utils/src/Conversions.cpp b/neuralnetworks/aidl/utils/src/Conversions.cpp
index 0517730..f087156 100644
--- a/neuralnetworks/aidl/utils/src/Conversions.cpp
+++ b/neuralnetworks/aidl/utils/src/Conversions.cpp
@@ -25,7 +25,6 @@
#include <android-base/mapped_file.h>
#include <android-base/unique_fd.h>
#include <android/binder_auto_utils.h>
-#include <android/hardware_buffer.h>
#include <cutils/native_handle.h>
#include <nnapi/OperandTypes.h>
#include <nnapi/OperationTypes.h>
@@ -36,7 +35,6 @@
#include <nnapi/Validation.h>
#include <nnapi/hal/CommonUtils.h>
#include <nnapi/hal/HandleError.h>
-#include <vndk/hardware_buffer.h>
#include <algorithm>
#include <chrono>
@@ -48,6 +46,11 @@
#include "Utils.h"
+#ifdef __ANDROID__
+#include <android/hardware_buffer.h>
+#include <vndk/hardware_buffer.h>
+#endif // __ANDROID__
+
#define VERIFY_NON_NEGATIVE(value) \
while (UNLIKELY(value < 0)) return NN_ERROR()
@@ -119,6 +122,7 @@
using UniqueNativeHandle = std::unique_ptr<native_handle_t, NativeHandleDeleter>;
+#ifdef __ANDROID__
GeneralResult<UniqueNativeHandle> nativeHandleFromAidlHandle(const NativeHandle& handle) {
auto nativeHandle = UniqueNativeHandle(dupFromAidl(handle));
if (nativeHandle.get() == nullptr) {
@@ -131,6 +135,7 @@
}
return nativeHandle;
}
+#endif // __ANDROID__
} // anonymous namespace
@@ -371,6 +376,7 @@
return createSharedMemoryFromFd(size, prot, fd, offset);
}
case Tag::hardwareBuffer: {
+#ifdef __ANDROID__
const auto& hardwareBuffer = memory.get<Tag::hardwareBuffer>();
const UniqueNativeHandle handle =
@@ -393,6 +399,11 @@
}
return createSharedMemoryFromAHWB(ahwb, /*takeOwnership=*/true);
+#else // __ANDROID__
+ LOG(FATAL) << "GeneralResult<SharedMemory> unvalidatedConvert(const aidl_hal::Memory& "
+ "memory): Not Available on Host Build";
+ return NN_ERROR() << "createFromHandle failed";
+#endif // __ANDROID__
}
}
return NN_ERROR() << "Unrecognized Memory::Tag: " << memory.getTag();
@@ -612,6 +623,7 @@
template <class... Ts>
overloaded(Ts...)->overloaded<Ts...>;
+#ifdef __ANDROID__
nn::GeneralResult<common::NativeHandle> aidlHandleFromNativeHandle(
const native_handle_t& nativeHandle) {
auto handle = ::android::dupToAidl(&nativeHandle);
@@ -621,6 +633,7 @@
}
return handle;
}
+#endif // __ANDROID__
nn::GeneralResult<Memory> unvalidatedConvert(const nn::Memory::Ashmem& memory) {
if constexpr (std::numeric_limits<size_t>::max() > std::numeric_limits<int64_t>::max()) {
@@ -668,6 +681,7 @@
}
nn::GeneralResult<Memory> unvalidatedConvert(const nn::Memory::HardwareBuffer& memory) {
+#ifdef __ANDROID__
const native_handle_t* nativeHandle = AHardwareBuffer_getNativeHandle(memory.handle.get());
if (nativeHandle == nullptr) {
return (NN_ERROR() << "unvalidatedConvert failed because AHardwareBuffer_getNativeHandle "
@@ -695,6 +709,12 @@
.handle = std::move(handle),
};
return Memory::make<Memory::Tag::hardwareBuffer>(std::move(hardwareBuffer));
+#else // __ANDROID__
+ LOG(FATAL) << "nn::GeneralResult<Memory> unvalidatedConvert(const nn::Memory::HardwareBuffer& "
+ "memory): Not Available on Host Build";
+ (void)memory;
+ return (NN_ERROR() << "unvalidatedConvert failed").operator nn::GeneralResult<Memory>();
+#endif // __ANDROID__
}
nn::GeneralResult<Memory> unvalidatedConvert(const nn::Memory::Unknown& /*memory*/) {
diff --git a/neuralnetworks/aidl/utils/src/Device.cpp b/neuralnetworks/aidl/utils/src/Device.cpp
index 0fd453b..e80de0b 100644
--- a/neuralnetworks/aidl/utils/src/Device.cpp
+++ b/neuralnetworks/aidl/utils/src/Device.cpp
@@ -119,7 +119,7 @@
<< numberOfCacheFiles.numDataCache << " vs " << nn::kMaxNumberOfCacheFiles
<< ")";
}
- return std::make_pair(numberOfCacheFiles.numDataCache, numberOfCacheFiles.numModelCache);
+ return std::make_pair(numberOfCacheFiles.numModelCache, numberOfCacheFiles.numDataCache);
}
} // namespace
diff --git a/neuralnetworks/aidl/utils/test/DeviceTest.cpp b/neuralnetworks/aidl/utils/test/DeviceTest.cpp
index e53b0a8..f121aca 100644
--- a/neuralnetworks/aidl/utils/test/DeviceTest.cpp
+++ b/neuralnetworks/aidl/utils/test/DeviceTest.cpp
@@ -58,7 +58,7 @@
const std::shared_ptr<BnDevice> kInvalidDevice;
constexpr PerformanceInfo kNoPerformanceInfo = {.execTime = std::numeric_limits<float>::max(),
.powerUsage = std::numeric_limits<float>::max()};
-constexpr NumberOfCacheFiles kNumberOfCacheFiles = {.numModelCache = nn::kMaxNumberOfCacheFiles,
+constexpr NumberOfCacheFiles kNumberOfCacheFiles = {.numModelCache = nn::kMaxNumberOfCacheFiles - 1,
.numDataCache = nn::kMaxNumberOfCacheFiles};
constexpr auto makeStatusOk = [] { return ndk::ScopedAStatus::ok(); };
@@ -300,6 +300,21 @@
EXPECT_EQ(result.error().code, nn::ErrorStatus::DEAD_OBJECT);
}
+TEST(DeviceTest, getNumberOfCacheFilesNeeded) {
+ // setup call
+ const auto mockDevice = createMockDevice();
+ EXPECT_CALL(*mockDevice, getNumberOfCacheFilesNeeded(_)).Times(1);
+
+ // run test
+ const auto result = Device::create(kName, mockDevice);
+
+ // verify result
+ ASSERT_TRUE(result.has_value());
+ constexpr auto kNumberOfCacheFilesPair = std::make_pair<uint32_t, uint32_t>(
+ kNumberOfCacheFiles.numModelCache, kNumberOfCacheFiles.numDataCache);
+ EXPECT_EQ(result.value()->getNumberOfCacheFilesNeeded(), kNumberOfCacheFilesPair);
+}
+
TEST(DeviceTest, getNumberOfCacheFilesNeededError) {
// setup call
const auto mockDevice = createMockDevice();
diff --git a/neuralnetworks/aidl/vts/functional/Android.bp b/neuralnetworks/aidl/vts/functional/Android.bp
index d5b150a..8fa9756 100644
--- a/neuralnetworks/aidl/vts/functional/Android.bp
+++ b/neuralnetworks/aidl/vts/functional/Android.bp
@@ -49,9 +49,9 @@
"libvndksupport",
],
static_libs: [
- "android.hardware.common-V2-ndk_platform",
- "android.hardware.graphics.common-V2-ndk_platform",
- "android.hardware.neuralnetworks-V1-ndk_platform",
+ "android.hardware.common-V2-ndk",
+ "android.hardware.graphics.common-V2-ndk",
+ "android.hardware.neuralnetworks-V1-ndk",
"android.hidl.allocator@1.0",
"android.hidl.memory@1.0",
"libaidlcommonsupport",
diff --git a/neuralnetworks/aidl/vts/functional/AndroidTest.xml b/neuralnetworks/aidl/vts/functional/AndroidTest.xml
index 384d420..204d8f1 100644
--- a/neuralnetworks/aidl/vts/functional/AndroidTest.xml
+++ b/neuralnetworks/aidl/vts/functional/AndroidTest.xml
@@ -29,5 +29,6 @@
<option name="native-test-device-path" value="/data/local/tmp" />
<option name="module-name" value="VtsHalNeuralnetworksTargetTest" />
<option name="native-test-timeout" value="20m" />
+ <option name="native-test-flag" value="--gtest_break_on_failure" />
</test>
</configuration>
diff --git a/neuralnetworks/aidl/vts/functional/CompilationCachingTests.cpp b/neuralnetworks/aidl/vts/functional/CompilationCachingTests.cpp
index 94ce5c1..77208aa 100644
--- a/neuralnetworks/aidl/vts/functional/CompilationCachingTests.cpp
+++ b/neuralnetworks/aidl/vts/functional/CompilationCachingTests.cpp
@@ -223,6 +223,9 @@
void SetUp() override {
testing::Test::SetUp();
ASSERT_NE(kDevice.get(), nullptr);
+ const bool deviceIsResponsive =
+ ndk::ScopedAStatus::fromStatus(AIBinder_ping(kDevice->asBinder().get())).isOk();
+ ASSERT_TRUE(deviceIsResponsive);
// Create cache directory. The cache directory and a temporary cache file is always created
// to test the behavior of prepareModelFromCache, even when caching is not supported.
diff --git a/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp b/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp
index 2356ff0..ac5b96a 100644
--- a/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp
+++ b/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp
@@ -904,6 +904,9 @@
void GeneratedTestBase::SetUp() {
testing::TestWithParam<GeneratedTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive =
+ ndk::ScopedAStatus::fromStatus(AIBinder_ping(kDevice->asBinder().get())).isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
std::vector<NamedModel> getNamedModels(const FilterFn& filter) {
diff --git a/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp b/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp
index e8313f1..1819699 100644
--- a/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp
+++ b/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp
@@ -233,6 +233,9 @@
void SetUp() override {
testing::Test::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive =
+ ndk::ScopedAStatus::fromStatus(AIBinder_ping(kDevice->asBinder().get())).isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
std::shared_ptr<IPreparedModel> createConvPreparedModel(const TestOperand& testOperand,
diff --git a/neuralnetworks/aidl/vts/functional/Utils.cpp b/neuralnetworks/aidl/vts/functional/Utils.cpp
index 9af362e..325a436 100644
--- a/neuralnetworks/aidl/vts/functional/Utils.cpp
+++ b/neuralnetworks/aidl/vts/functional/Utils.cpp
@@ -153,26 +153,19 @@
.stride = size,
};
- ASSERT_EQ(AHardwareBuffer_allocate(&desc, &mAhwb), 0);
- ASSERT_NE(mAhwb, nullptr);
+ AHardwareBuffer* ahwb = nullptr;
+ ASSERT_EQ(AHardwareBuffer_allocate(&desc, &ahwb), 0);
+ ASSERT_NE(ahwb, nullptr);
- const auto sharedMemory =
- nn::createSharedMemoryFromAHWB(mAhwb, /*takeOwnership=*/false).value();
- mMapping = nn::map(sharedMemory).value();
+ mMemory = nn::createSharedMemoryFromAHWB(ahwb, /*takeOwnership=*/true).value();
+ mMapping = nn::map(mMemory).value();
mPtr = static_cast<uint8_t*>(std::get<void*>(mMapping.pointer));
CHECK_NE(mPtr, nullptr);
- mAidlMemory = utils::convert(sharedMemory).value();
+ mAidlMemory = utils::convert(mMemory).value();
mIsValid = true;
}
-TestBlobAHWB::~TestBlobAHWB() {
- if (mAhwb) {
- AHardwareBuffer_unlock(mAhwb, nullptr);
- AHardwareBuffer_release(mAhwb);
- }
-}
-
std::string gtestCompliantName(std::string name) {
// gtest test names must only contain alphanumeric characters
std::replace_if(
diff --git a/neuralnetworks/aidl/vts/functional/Utils.h b/neuralnetworks/aidl/vts/functional/Utils.h
index 9dd7359..ca81418 100644
--- a/neuralnetworks/aidl/vts/functional/Utils.h
+++ b/neuralnetworks/aidl/vts/functional/Utils.h
@@ -102,11 +102,10 @@
// The constructor calls initialize, which constructs the memory resources. This is a
// workaround that gtest macros cannot be used directly in a constructor.
TestBlobAHWB(uint32_t size) { initialize(size); }
- ~TestBlobAHWB();
private:
void initialize(uint32_t size);
- AHardwareBuffer* mAhwb = nullptr;
+ nn::SharedMemory mMemory;
nn::Mapping mMapping;
};
diff --git a/neuralnetworks/aidl/vts/functional/VtsHalNeuralnetworks.cpp b/neuralnetworks/aidl/vts/functional/VtsHalNeuralnetworks.cpp
index ee7cf89..c417356 100644
--- a/neuralnetworks/aidl/vts/functional/VtsHalNeuralnetworks.cpp
+++ b/neuralnetworks/aidl/vts/functional/VtsHalNeuralnetworks.cpp
@@ -91,6 +91,9 @@
void NeuralNetworksAidlTest::SetUp() {
testing::TestWithParam<NeuralNetworksAidlTestParam>::SetUp();
ASSERT_NE(kDevice, nullptr);
+ const bool deviceIsResponsive =
+ ndk::ScopedAStatus::fromStatus(AIBinder_ping(kDevice->asBinder().get())).isOk();
+ ASSERT_TRUE(deviceIsResponsive);
}
static NamedDevice makeNamedDevice(const std::string& name) {
diff --git a/neuralnetworks/utils/common/Android.bp b/neuralnetworks/utils/common/Android.bp
index 2ed1e40..431885c 100644
--- a/neuralnetworks/utils/common/Android.bp
+++ b/neuralnetworks/utils/common/Android.bp
@@ -35,15 +35,20 @@
"neuralnetworks_types",
],
shared_libs: [
- "android.hardware.neuralnetworks-V1-ndk_platform",
+ "android.hardware.neuralnetworks-V1-ndk",
"libhidlbase",
- "libnativewindow",
"libbinder_ndk",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ },
}
cc_test {
name: "neuralnetworks_utils_hal_common_test",
+ host_supported: true,
srcs: ["test/*.cpp"],
static_libs: [
"android.hardware.neuralnetworks@1.0",
@@ -61,8 +66,12 @@
"libhidlbase",
"libhidlmemory",
"liblog",
- "libnativewindow",
"libutils",
],
+ target: {
+ android: {
+ shared_libs: ["libnativewindow"],
+ },
+ },
test_suites: ["general-tests"],
}
diff --git a/neuralnetworks/utils/common/src/CommonUtils.cpp b/neuralnetworks/utils/common/src/CommonUtils.cpp
index 906b0cf..ae02c88 100644
--- a/neuralnetworks/utils/common/src/CommonUtils.cpp
+++ b/neuralnetworks/utils/common/src/CommonUtils.cpp
@@ -20,14 +20,12 @@
#include <android-base/logging.h>
#include <android-base/unique_fd.h>
-#include <android/hardware_buffer.h>
#include <hidl/HidlSupport.h>
#include <nnapi/Result.h>
#include <nnapi/SharedMemory.h>
#include <nnapi/TypeUtils.h>
#include <nnapi/Types.h>
#include <nnapi/Validation.h>
-#include <vndk/hardware_buffer.h>
#include <algorithm>
#include <any>
@@ -36,6 +34,11 @@
#include <variant>
#include <vector>
+#ifdef __ANDROID__
+#include <android/hardware_buffer.h>
+#include <vndk/hardware_buffer.h>
+#endif // __ANDROID__
+
namespace android::hardware::neuralnetworks::utils {
namespace {
@@ -139,6 +142,7 @@
}
nn::GeneralResult<hidl_memory> createHidlMemoryFrom(const nn::Memory::HardwareBuffer& memory) {
+#ifdef __ANDROID__
const auto* ahwb = memory.handle.get();
AHardwareBuffer_Desc bufferDesc;
AHardwareBuffer_describe(ahwb, &bufferDesc);
@@ -152,6 +156,12 @@
hidl_handle copiedHandle(hidlHandle);
return hidl_memory(name, std::move(copiedHandle), size);
+#else // __ANDROID__
+ LOG(FATAL) << "nn::GeneralResult<hidl_memory> createHidlMemoryFrom(const "
+ "nn::Memory::HardwareBuffer& memory): Not Available on Host Build";
+ (void)memory;
+ return (NN_ERROR() << "createHidlMemoryFrom failed").operator nn::GeneralResult<hidl_memory>();
+#endif // __ANDROID__
}
nn::GeneralResult<hidl_memory> createHidlMemoryFrom(const nn::Memory::Unknown& memory) {
@@ -333,9 +343,11 @@
return std::visit([](const auto& x) { return createHidlMemoryFrom(x); }, memory->handle);
}
+#ifdef __ANDROID__
static uint32_t roundUpToMultiple(uint32_t value, uint32_t multiple) {
return (value + multiple - 1) / multiple * multiple;
}
+#endif // __ANDROID__
nn::GeneralResult<nn::SharedMemory> createSharedMemoryFromHidlMemory(const hidl_memory& memory) {
CHECK_LE(memory.size(), std::numeric_limits<size_t>::max());
@@ -387,6 +399,7 @@
return std::make_shared<const nn::Memory>(nn::Memory{.handle = std::move(handle)});
}
+#ifdef __ANDROID__
const auto size = memory.size();
const auto format = AHARDWAREBUFFER_FORMAT_BLOB;
const auto usage = AHARDWAREBUFFER_USAGE_CPU_READ_OFTEN | AHARDWAREBUFFER_USAGE_CPU_WRITE_OFTEN;
@@ -423,6 +436,13 @@
}
return nn::createSharedMemoryFromAHWB(hardwareBuffer, /*takeOwnership=*/true);
+#else // __ANDROID__
+ LOG(FATAL) << "nn::GeneralResult<nn::SharedMemory> createSharedMemoryFromHidlMemory(const "
+ "hidl_memory& memory): Not Available on Host Build";
+ return (NN_ERROR() << "createSharedMemoryFromHidlMemory failed")
+ .
+ operator nn::GeneralResult<nn::SharedMemory>();
+#endif // __ANDROID__
}
nn::GeneralResult<hidl_handle> hidlHandleFromSharedHandle(const nn::Handle& handle) {
diff --git a/neuralnetworks/utils/service/Android.bp b/neuralnetworks/utils/service/Android.bp
index 5f36dff..653e51a 100644
--- a/neuralnetworks/utils/service/Android.bp
+++ b/neuralnetworks/utils/service/Android.bp
@@ -39,7 +39,7 @@
"neuralnetworks_utils_hal_common",
],
shared_libs: [
- "android.hardware.neuralnetworks-V1-ndk_platform",
+ "android.hardware.neuralnetworks-V1-ndk",
"android.hardware.neuralnetworks@1.0",
"android.hardware.neuralnetworks@1.1",
"android.hardware.neuralnetworks@1.2",
diff --git a/nfc/1.2/vts/functional/OWNERS b/nfc/1.2/vts/functional/OWNERS
new file mode 100644
index 0000000..c506226
--- /dev/null
+++ b/nfc/1.2/vts/functional/OWNERS
@@ -0,0 +1,4 @@
+# Bug component: 48448
+georgekgchang@google.com
+jackcwyu@google.com
+alisher@google.com
diff --git a/oemlock/aidl/default/Android.bp b/oemlock/aidl/default/Android.bp
index 84136fe..063199a 100644
--- a/oemlock/aidl/default/Android.bp
+++ b/oemlock/aidl/default/Android.bp
@@ -34,7 +34,7 @@
"OemLock.cpp",
],
shared_libs: [
- "android.hardware.oemlock-V1-ndk_platform",
+ "android.hardware.oemlock-V1-ndk",
"libbase",
"libbinder_ndk",
],
diff --git a/oemlock/aidl/vts/Android.bp b/oemlock/aidl/vts/Android.bp
index 840d20a..eb999a9 100644
--- a/oemlock/aidl/vts/Android.bp
+++ b/oemlock/aidl/vts/Android.bp
@@ -34,7 +34,7 @@
"libbinder_ndk",
"libbase",
],
- static_libs: ["android.hardware.oemlock-V1-ndk_platform"],
+ static_libs: ["android.hardware.oemlock-V1-ndk"],
test_suites: [
"general-tests",
"vts",
diff --git a/power/aidl/default/Android.bp b/power/aidl/default/Android.bp
index 5aa6893..22dd9a2 100644
--- a/power/aidl/default/Android.bp
+++ b/power/aidl/default/Android.bp
@@ -30,7 +30,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.power-V1-ndk_platform",
+ "android.hardware.power-V1-ndk",
],
srcs: [
"main.cpp",
diff --git a/power/stats/1.0/vts/functional/OWNERS b/power/stats/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..8dd30e0
--- /dev/null
+++ b/power/stats/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 709877
+bsschwar@google.com
diff --git a/power/stats/aidl/default/Android.bp b/power/stats/aidl/default/Android.bp
index 417dc97..7c0caf3 100644
--- a/power/stats/aidl/default/Android.bp
+++ b/power/stats/aidl/default/Android.bp
@@ -30,7 +30,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.power.stats-V1-ndk_platform",
+ "android.hardware.power.stats-V1-ndk",
],
srcs: [
"main.cpp",
diff --git a/power/stats/aidl/vts/Android.bp b/power/stats/aidl/vts/Android.bp
index b556548..b9a395b 100644
--- a/power/stats/aidl/vts/Android.bp
+++ b/power/stats/aidl/vts/Android.bp
@@ -32,7 +32,7 @@
"libbinder_ndk",
],
static_libs: [
- "android.hardware.power.stats-V1-ndk_platform",
+ "android.hardware.power.stats-V1-ndk",
],
test_suites: [
"general-tests",
diff --git a/radio/1.0/vts/functional/OWNERS b/radio/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..1b6d937
--- /dev/null
+++ b/radio/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 20868
+shuoq@google.com
diff --git a/radio/1.5/vts/functional/radio_hidl_hal_api.cpp b/radio/1.5/vts/functional/radio_hidl_hal_api.cpp
index 0b49b36..d108951 100644
--- a/radio/1.5/vts/functional/radio_hidl_hal_api.cpp
+++ b/radio/1.5/vts/functional/radio_hidl_hal_api.cpp
@@ -1251,8 +1251,20 @@
* Test IRadio.getBarringInfo() for the response returned.
*/
TEST_P(RadioHidlTest_v1_5, getBarringInfo) {
+ // If the previous setRadioPower_1_5_emergencyCall_cancelled test has just finished.
+ // Due to radio restarting, modem may need a little more time to acquire network service
+ // and barring infos. If voice status is in-service, waiting 3s to get barring infos ready.
+ // Or waiting 10s if voice status is not in-service.
serial = GetRandomSerialNumber();
+ radio_v1_5->getVoiceRegistrationState_1_5(serial);
+ EXPECT_EQ(std::cv_status::no_timeout, wait());
+ if (isVoiceInService(radioRsp_v1_5->voiceRegResp.regState)) {
+ sleep(BARRING_INFO_MAX_WAIT_TIME_SECONDS);
+ } else {
+ sleep(VOICE_SERVICE_MAX_WAIT_TIME_SECONDS);
+ }
+ serial = GetRandomSerialNumber();
Return<void> res = radio_v1_5->getBarringInfo(serial);
EXPECT_EQ(std::cv_status::no_timeout, wait());
EXPECT_EQ(RadioResponseType::SOLICITED, radioRsp_v1_5->rspInfo.type);
diff --git a/radio/1.5/vts/functional/radio_hidl_hal_utils_v1_5.h b/radio/1.5/vts/functional/radio_hidl_hal_utils_v1_5.h
index 87ce675..65442ca 100644
--- a/radio/1.5/vts/functional/radio_hidl_hal_utils_v1_5.h
+++ b/radio/1.5/vts/functional/radio_hidl_hal_utils_v1_5.h
@@ -51,6 +51,8 @@
#define TIMEOUT_PERIOD 75
#define MODEM_EMERGENCY_CALL_ESTABLISH_TIME 3
#define MODEM_EMERGENCY_CALL_DISCONNECT_TIME 3
+#define VOICE_SERVICE_MAX_WAIT_TIME_SECONDS 10
+#define BARRING_INFO_MAX_WAIT_TIME_SECONDS 3
#define RADIO_SERVICE_NAME "slot1"
@@ -69,6 +71,7 @@
// Call
hidl_vec<::android::hardware::radio::V1_2::Call> currentCalls;
+ ::android::hardware::radio::V1_2::VoiceRegStateResult voiceRegResp;
// Modem
bool isModemEnabled;
diff --git a/radio/1.5/vts/functional/radio_response.cpp b/radio/1.5/vts/functional/radio_response.cpp
index 9b6d450..3d6fc17 100644
--- a/radio/1.5/vts/functional/radio_response.cpp
+++ b/radio/1.5/vts/functional/radio_response.cpp
@@ -763,8 +763,9 @@
Return<void> RadioResponse_v1_5::getVoiceRegistrationStateResponse_1_2(
const RadioResponseInfo& info,
- const ::android::hardware::radio::V1_2::VoiceRegStateResult& /*voiceRegResponse*/) {
+ const ::android::hardware::radio::V1_2::VoiceRegStateResult& voiceRegResponse) {
rspInfo = info;
+ voiceRegResp = voiceRegResponse;
parent_v1_5.notify(info.serial);
return Void();
}
@@ -989,8 +990,9 @@
Return<void> RadioResponse_v1_5::getVoiceRegistrationStateResponse_1_5(
const RadioResponseInfo& info,
- const ::android::hardware::radio::V1_5::RegStateResult& /*regResponse*/) {
+ const ::android::hardware::radio::V1_5::RegStateResult& regResponse) {
rspInfo = info;
+ voiceRegResp.regState = regResponse.regState;
parent_v1_5.notify(info.serial);
return Void();
}
diff --git a/radio/1.6/types.hal b/radio/1.6/types.hal
index 4b75db5..d026589 100644
--- a/radio/1.6/types.hal
+++ b/radio/1.6/types.hal
@@ -1024,18 +1024,6 @@
*/
uint8_t precedence;
/**
- * Parameters defining this RouteSelectionDescriptor. The length of the vector
- * must be >= 1.
- */
- vec<RouteSelectionDescriptorParams> routeSelectionDescriptorParams;
-};
-
-/**
- * This struct represents a route selection descriptor. A valid struct must have
- * at least one of the vectors non-empty.
- */
-struct RouteSelectionDescriptorParams {
- /**
* Valid values are IP, IPV6 and IPV4V6.
*/
OptionalPdpProtocolType sessionType;
diff --git a/radio/config/1.0/vts/functional/OWNERS b/radio/config/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..badd6d7
--- /dev/null
+++ b/radio/config/1.0/vts/functional/OWNERS
@@ -0,0 +1,6 @@
+# Bug component: 20868
+jminjie@google.com
+sarahchin@google.com
+amitmahajan@google.com
+shuoq@google.com
+jackyu@google.com
diff --git a/rebootescrow/aidl/default/Android.bp b/rebootescrow/aidl/default/Android.bp
index 1f67a3e..4409314 100644
--- a/rebootescrow/aidl/default/Android.bp
+++ b/rebootescrow/aidl/default/Android.bp
@@ -29,7 +29,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.rebootescrow-V1-ndk_platform",
+ "android.hardware.rebootescrow-V1-ndk",
],
export_include_dirs: ["include"],
srcs: [
@@ -56,7 +56,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.rebootescrow-V1-ndk_platform",
+ "android.hardware.rebootescrow-V1-ndk",
],
static_libs: [
"libhadamardutils",
diff --git a/secure_element/1.0/vts/functional/OWNERS b/secure_element/1.0/vts/functional/OWNERS
new file mode 100644
index 0000000..a7ee7e9
--- /dev/null
+++ b/secure_element/1.0/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 456592
+jackcwyu@google.com
diff --git a/secure_element/1.2/vts/functional/OWNERS b/secure_element/1.2/vts/functional/OWNERS
new file mode 100644
index 0000000..a7ee7e9
--- /dev/null
+++ b/secure_element/1.2/vts/functional/OWNERS
@@ -0,0 +1,2 @@
+# Bug component: 456592
+jackcwyu@google.com
diff --git a/security/keymint/aidl/Android.bp b/security/keymint/aidl/Android.bp
index 3796847..4bbfb35 100644
--- a/security/keymint/aidl/Android.bp
+++ b/security/keymint/aidl/Android.bp
@@ -14,7 +14,7 @@
"android/hardware/security/keymint/*.aidl",
],
imports: [
- "android.hardware.security.secureclock",
+ "android.hardware.security.secureclock-V1",
],
stability: "vintf",
backend: {
diff --git a/security/keymint/aidl/OWNERS b/security/keymint/aidl/OWNERS
index a93b171..54d820a 100644
--- a/security/keymint/aidl/OWNERS
+++ b/security/keymint/aidl/OWNERS
@@ -1,3 +1,4 @@
+drysdale@google.com
jbires@google.com
jdanis@google.com
seleneh@google.com
diff --git a/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
index 32d69cd..b0761bf 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
@@ -44,6 +44,12 @@
* ? "vendor_patch_level" : uint, // YYYYMMDD
* "version" : 1, // The CDDL schema version.
* "security_level" : "tee" / "strongbox"
+ * "att_id_state": "locked" / "open", // Attestation IDs State. If "locked", this
+ * // indicates a device's attestable IDs are
+ * // factory-locked and immutable. If "open",
+ * // this indicates the device is still in a
+ * // provisionable state and the attestable IDs
+ * // are not yet frozen.
* }
*/
byte[] deviceInfo;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index 88b2a26..cd8cfc5 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -96,7 +96,8 @@
*
* o AES
*
- * - 128 and 256-bit keys
+ * - TRUSTED_ENVIRONMENT IKeyMintDevices must support 128, 192 and 256-bit keys.
+ * STRONGBOX IKeyMintDevices must only support 128 and 256-bit keys.
* - CBC, CTR, ECB and GCM modes. The GCM mode must not allow the use of tags smaller than 96
* bits or nonce lengths other than 96 bits.
* - CBC and ECB modes must support unpadded and PKCS7 padding modes. With no padding CBC and
@@ -275,6 +276,10 @@
* must return ErrorCode::INVALID_ARGUMENT. The values 3 and 65537 must be supported. It is
* recommended to support all prime values up to 2^64.
*
+ * o Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER specify the valid date range for
+ * the returned X.509 certificate holding the public key. If omitted, generateKey must return
+ * ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.
+ *
* The following parameters are not necessary to generate a usable RSA key, but generateKey must
* not return an error if they are omitted:
*
@@ -295,6 +300,10 @@
* Tag::EC_CURVE must be provided to generate an ECDSA key. If it is not provided, generateKey
* must return ErrorCode::UNSUPPORTED_KEY_SIZE. TEE IKeyMintDevice implementations must support
* all curves. StrongBox implementations must support P_256.
+
+ * Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER must be provided to specify the
+ * valid date range for the returned X.509 certificate holding the public key. If omitted,
+ * generateKey must return ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.
*
* == AES Keys ==
*
diff --git a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
index 31dbb28..24cdbc1 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
@@ -158,20 +158,7 @@
* payload: bstr .cbor BccPayload
* ]
*
- * VerifiedDeviceInfo = {
- * ? "brand" : tstr,
- * ? "manufacturer" : tstr,
- * ? "product" : tstr,
- * ? "model" : tstr,
- * ? "board" : tstr,
- * ? "device" : tstr,
- * ? "vb_state" : "green" / "yellow" / "orange",
- * ? "bootloader_state" : "locked" / "unlocked",
- * ? "os_version" : tstr,
- * ? "system_patch_level" : uint, // YYYYMMDD
- * ? "boot_patch_level" : uint, // YYYYMMDD
- * ? "vendor_patch_level" : uint, // YYYYMMDD
- * }
+ * VerifiedDeviceInfo = DeviceInfo // See DeviceInfo.aidl
*
* PubKeyX25519 = { // COSE_Key
* 1 : 1, // Key type : Octet Key Pair
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index 972ce2e..b28ebcb 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
@@ -286,7 +286,7 @@
*
* Must be hardware-enforced.
*
- * TODO(b/191458710): find out if this tag is still supported.
+ * TODO(b/191738660): Remove in KeyMint V2. Currently only used for FDE.
*/
MIN_SECONDS_BETWEEN_OPS = TagType.UINT | 403,
@@ -477,12 +477,12 @@
/**
* Tag::TRUSTED_CONFIRMATION_REQUIRED is only applicable to keys with KeyPurpose SIGN, and
- * specifies that this key must not be usable unless the user provides confirmation of the data
- * to be signed. Confirmation is proven to keyMint via an approval token. See
- * CONFIRMATION_TOKEN, as well as the ConfirmationUI HAL.
+ * specifies that this key must not be usable unless the user provides confirmation of the data
+ * to be signed. Confirmation is proven to keyMint via an approval token. See the authToken
+ * parameter of begin(), as well as the ConfirmationUI HAL.
*
* If an attempt to use a key with this tag does not have a cryptographically valid
- * CONFIRMATION_TOKEN provided to finish() or if the data provided to update()/finish() does not
+ * token provided to finish() or if the data provided to update()/finish() does not
* match the data described in the token, keyMint must return NO_USER_CONFIRMATION.
*
* Must be hardware-enforced.
@@ -491,9 +491,11 @@
/**
* Tag::UNLOCKED_DEVICE_REQUIRED specifies that the key may only be used when the device is
- * unlocked.
+ * unlocked, as reported to KeyMint via authToken operation parameter and the
+ * IKeyMintDevice::deviceLocked() method
*
- * Must be software-enforced.
+ * Must be hardware-enforced (but is also keystore-enforced on a per-user basis: see the
+ * deviceLocked() documentation).
*/
UNLOCKED_DEVICE_REQUIRED = TagType.BOOL | 509,
@@ -825,11 +827,22 @@
/**
* DEVICE_UNIQUE_ATTESTATION is an argument to IKeyMintDevice::attested key generation/import
* operations. It indicates that attestation using a device-unique key is requested, rather
- * than a batch key. When a device-unique key is used, the returned chain should contain two
- * certificates:
+ * than a batch key. When a device-unique key is used, the returned chain should contain two or
+ * three certificates.
+ *
+ * In case the chain contains two certificates, they should be:
* * The attestation certificate, containing the attestation extension, as described in
- KeyCreationResult.aidl.
+ * KeyCreationResult.aidl.
* * A self-signed root certificate, signed by the device-unique key.
+ *
+ * In case the chain contains three certificates, they should be:
+ * * The attestation certificate, containing the attestation extension, as described in
+ * KeyCreationResult.aidl, signed by the device-unique key.
+ * * An intermediate certificate, containing the public portion of the device-unique key.
+ * * A self-signed root certificate, signed by a dedicated key, certifying the
+ * intermediate. Ideally, the dedicated key would be the same for all StrongBox
+ * instances of the same manufacturer to ease validation.
+ *
* No additional chained certificates are provided. Only SecurityLevel::STRONGBOX
* IKeyMintDevices may support device-unique attestations. SecurityLevel::TRUSTED_ENVIRONMENT
* IKeyMintDevices must return ErrorCode::INVALID_ARGUMENT if they receive
@@ -864,8 +877,9 @@
*
* STORAGE_KEY is used to denote that a key generated or imported is a key used for storage
* encryption. Keys of this type can either be generated or imported or secure imported using
- * keyMint. exportKey() can be used to re-wrap storage key with a per-boot ephemeral key
- * wrapped key once the key characteristics are enforced.
+ * keyMint. The convertStorageKeyToEphemeral() method of IKeyMintDevice can be used to re-wrap
+ * storage key with a per-boot ephemeral key wrapped key once the key characteristics are
+ * enforced.
*
* Keys with this tag cannot be used for any operation within keyMint.
* ErrorCode::INVALID_OPERATION is returned when a key with Tag::STORAGE_KEY is provided to
@@ -875,7 +889,7 @@
/**
* OBSOLETE: Do not use. See IKeyMintOperation.updateAad instead.
- * TODO: Delete when keystore1 is deleted.
+ * TODO(b/191738660): Remove in KeyMint v2.
*/
ASSOCIATED_DATA = TagType.BYTES | 1000,
@@ -914,11 +928,10 @@
RESET_SINCE_ID_ROTATION = TagType.BOOL | 1004,
/**
- * Tag::CONFIRMATION_TOKEN is used to deliver a cryptographic token proving that the user
- * confirmed a signing request. The content is a full-length HMAC-SHA256 value. See the
- * ConfirmationUI HAL for details of token computation.
+ * OBSOLETE: Do not use. See the authToken parameter for IKeyMintDevice::begin and for
+ * IKeyMintOperation methods instead.
*
- * Must never appear in KeyCharacteristics.
+ * TODO(b/191738660): Delete when keystore1 is deleted.
*/
CONFIRMATION_TOKEN = TagType.BYTES | 1005,
diff --git a/security/keymint/aidl/default/Android.bp b/security/keymint/aidl/default/Android.bp
index 230534c..c2918ef 100644
--- a/security/keymint/aidl/default/Android.bp
+++ b/security/keymint/aidl/default/Android.bp
@@ -22,9 +22,9 @@
"-Wextra",
],
shared_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
- "android.hardware.security.sharedsecret-V1-ndk_platform",
- "android.hardware.security.secureclock-V1-ndk_platform",
+ "android.hardware.security.keymint-V1-ndk",
+ "android.hardware.security.sharedsecret-V1-ndk",
+ "android.hardware.security.secureclock-V1-ndk",
"libbase",
"libbinder_ndk",
"libcppbor_external",
diff --git a/security/keymint/aidl/vts/functional/Android.bp b/security/keymint/aidl/vts/functional/Android.bp
index ff08ce6..ff6a6f8 100644
--- a/security/keymint/aidl/vts/functional/Android.bp
+++ b/security/keymint/aidl/vts/functional/Android.bp
@@ -23,29 +23,39 @@
default_applicable_licenses: ["hardware_interfaces_license"],
}
-cc_test {
- name: "VtsAidlKeyMintTargetTest",
+cc_defaults {
+ name: "keymint_vts_defaults",
defaults: [
- "VtsHalTargetTestDefaults",
"use_libaidlvintf_gtest_helper_static",
- ],
- srcs: [
- "AttestKeyTest.cpp",
- "DeviceUniqueAttestationTest.cpp",
- "KeyMintTest.cpp",
+ "VtsHalTargetTestDefaults",
],
shared_libs: [
"libbinder_ndk",
"libcrypto",
],
static_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
- "android.hardware.security.secureclock-V1-ndk_platform",
+ "android.hardware.security.keymint-V1-ndk",
+ "android.hardware.security.secureclock-V1-ndk",
"libcppbor_external",
"libcppcose_rkp",
+ "libjsoncpp",
"libkeymint",
"libkeymint_remote_prov_support",
"libkeymint_support",
+ ],
+}
+
+cc_test {
+ name: "VtsAidlKeyMintTargetTest",
+ defaults: [
+ "keymint_vts_defaults",
+ ],
+ srcs: [
+ "AttestKeyTest.cpp",
+ "DeviceUniqueAttestationTest.cpp",
+ "KeyMintTest.cpp",
+ ],
+ static_libs: [
"libkeymint_vts_test_utils",
],
test_suites: [
@@ -57,8 +67,7 @@
cc_test_library {
name: "libkeymint_vts_test_utils",
defaults: [
- "VtsHalTargetTestDefaults",
- "use_libaidlvintf_gtest_helper_static",
+ "keymint_vts_defaults",
],
srcs: [
"KeyMintAidlTestBase.cpp",
@@ -66,48 +75,26 @@
export_include_dirs: [
".",
],
- shared_libs: [
- "libbinder_ndk",
- "libcrypto",
- ],
static_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
- "android.hardware.security.secureclock-V1-ndk_platform",
- "libcppbor_external",
- "libcppcose_rkp",
"libgmock_ndk",
- "libkeymint",
- "libkeymint_remote_prov_support",
- "libkeymint_support",
],
}
cc_test {
name: "VtsHalRemotelyProvisionedComponentTargetTest",
defaults: [
- "VtsHalTargetTestDefaults",
- "use_libaidlvintf_gtest_helper_static",
+ "keymint_vts_defaults",
],
srcs: [
"VtsRemotelyProvisionedComponentTests.cpp",
],
- shared_libs: [
- "libbinder_ndk",
- "libcrypto",
- ],
static_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
- "android.hardware.security.secureclock-V1-ndk_platform",
- "libcppbor_external",
- "libcppcose_rkp",
"libgmock_ndk",
"libkeymaster_portable",
- "libkeymint",
- "libkeymint_support",
- "libkeymint_remote_prov_support",
"libkeymint_vts_test_utils",
"libpuresoftkeymasterdevice",
],
+ test_config: "VtsRemotelyProvisionedComponentTests.xml",
test_suites: [
"general-tests",
"vts",
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index a312723..26ed344 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -312,6 +312,7 @@
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
cert_chain_list[i][0].encodedCertificate));
@@ -383,6 +384,7 @@
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
cert_chain_list[i][0].encodedCertificate));
@@ -471,6 +473,7 @@
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ ASSERT_GT(cert_chain_list[i].size(), 0);
EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced, SecLevel(),
cert_chain_list[i][0].encodedCertificate));
diff --git a/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp b/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
index a3ed3ad..d7abf07 100644
--- a/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
+++ b/security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp
@@ -40,11 +40,16 @@
AuthorizationSet crypto_params = SecLevelAuthorizations(key_characteristics);
- // The device-unique attestation chain should contain exactly two certificates:
+ // The device-unique attestation chain should contain exactly three certificates:
// * The leaf with the attestation extension.
- // * A self-signed root, signed using the device-unique key.
- ASSERT_EQ(cert_chain_.size(), 2);
- EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_));
+ // * An intermediate, signing the leaf using the device-unique key.
+ // * A self-signed root, signed using some authority's key, certifying
+ // the device-unique key.
+ const size_t chain_length = cert_chain_.size();
+ ASSERT_TRUE(chain_length == 2 || chain_length == 3);
+ // TODO(b/191361618): Once StrongBox implementations use a correctly-issued
+ // certificate chain, do not skip issuers matching.
+ EXPECT_TRUE(ChainSignaturesAreValid(cert_chain_, /* strict_issuer_check= */ false));
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(key_characteristics);
EXPECT_TRUE(verify_attestation_record("challenge", "foo", sw_enforced, hw_enforced,
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 5359b3b..2032411 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -1493,7 +1493,8 @@
return authList;
}
-AssertionResult ChainSignaturesAreValid(const vector<Certificate>& chain) {
+AssertionResult ChainSignaturesAreValid(const vector<Certificate>& chain,
+ bool strict_issuer_check) {
std::stringstream cert_data;
for (size_t i = 0; i < chain.size(); ++i) {
@@ -1520,7 +1521,7 @@
string cert_issuer = x509NameToStr(X509_get_issuer_name(key_cert.get()));
string signer_subj = x509NameToStr(X509_get_subject_name(signing_cert.get()));
- if (cert_issuer != signer_subj) {
+ if (cert_issuer != signer_subj && strict_issuer_check) {
return AssertionFailure() << "Cert " << i << " has wrong issuer.\n"
<< " Signer subject is " << signer_subj
<< " Issuer subject is " << cert_issuer << endl
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
index d592d36..ec3fcf6 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
@@ -349,7 +349,8 @@
AuthorizationSet HwEnforcedAuthorizations(const vector<KeyCharacteristics>& key_characteristics);
AuthorizationSet SwEnforcedAuthorizations(const vector<KeyCharacteristics>& key_characteristics);
-::testing::AssertionResult ChainSignaturesAreValid(const vector<Certificate>& chain);
+::testing::AssertionResult ChainSignaturesAreValid(const vector<Certificate>& chain,
+ bool strict_issuer_check = true);
#define INSTANTIATE_KEYMINT_AIDL_TEST(name) \
INSTANTIATE_TEST_SUITE_P(PerInstance, name, \
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index caac346..a90ee65 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -951,8 +951,12 @@
*
* Verifies that keymint can generate all required RSA key sizes, using an attestation key
* that has been generated using an associate IRemotelyProvisionedComponent.
+ *
+ * This test is disabled because the KeyMint specification does not require that implementations
+ * of the first version of KeyMint have to also implement IRemotelyProvisionedComponent.
+ * However, the test is kept in the code because KeyMint v2 will impose this requirement.
*/
-TEST_P(NewKeyGenerationTest, RsaWithRpkAttestation) {
+TEST_P(NewKeyGenerationTest, DISABLED_RsaWithRpkAttestation) {
// There should be an IRemotelyProvisionedComponent instance associated with the KeyMint
// instance.
std::shared_ptr<IRemotelyProvisionedComponent> rp;
@@ -1493,9 +1497,8 @@
tag.tag == TAG_ROLLBACK_RESISTANCE) {
continue;
}
- if (result == ErrorCode::UNSUPPORTED_TAG &&
- (tag.tag == TAG_ALLOW_WHILE_ON_BODY || tag.tag == TAG_TRUSTED_USER_PRESENCE_REQUIRED)) {
- // Optional tag not supported by this KeyMint implementation.
+ if (result == ErrorCode::UNSUPPORTED_TAG && tag.tag == TAG_TRUSTED_USER_PRESENCE_REQUIRED) {
+ // Tag not required to be supported by all KeyMint implementations.
continue;
}
ASSERT_EQ(result, ErrorCode::OK);
@@ -1507,9 +1510,8 @@
AuthorizationSet hw_enforced = HwEnforcedAuthorizations(key_characteristics);
AuthorizationSet sw_enforced = SwEnforcedAuthorizations(key_characteristics);
- if (tag.tag != TAG_ATTESTATION_APPLICATION_ID) {
- // Expect to find most of the extra tags in the key characteristics
- // of the generated key (but not for ATTESTATION_APPLICATION_ID).
+ // Some tags are optional, so don't require them to be in the enforcements.
+ if (tag.tag != TAG_ATTESTATION_APPLICATION_ID && tag.tag != TAG_ALLOW_WHILE_ON_BODY) {
EXPECT_TRUE(hw_enforced.Contains(tag.tag) || sw_enforced.Contains(tag.tag))
<< tag << " not in hw:" << hw_enforced << " nor sw:" << sw_enforced;
}
@@ -1845,12 +1847,13 @@
if (SecLevel() == SecurityLevel::STRONGBOX) return;
auto result = GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_ALGORITHM, Algorithm::EC)
.Authorization(TAG_KEY_SIZE, 224)
.Authorization(TAG_EC_CURVE, EcCurve::P_256)
+ .SigningKey()
.Digest(Digest::NONE)
.SetDefaultValidity());
- ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT ||
- result == ErrorCode::UNSUPPORTED_ALGORITHM);
+ ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT);
}
/*
@@ -3273,10 +3276,10 @@
for (uint32_t key_size : {bitlen - 1, bitlen + 1, bitlen - 8, bitlen + 8}) {
// Explicit key size doesn't match that of the provided key.
auto result = ImportKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .AesEncryptionKey(key_size)
- .EcbMode()
- .Padding(PaddingMode::PKCS7),
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AesEncryptionKey(key_size)
+ .EcbMode()
+ .Padding(PaddingMode::PKCS7),
KeyFormat::RAW, key);
ASSERT_TRUE(result == ErrorCode::IMPORT_PARAMETER_MISMATCH ||
result == ErrorCode::UNSUPPORTED_KEY_SIZE)
@@ -3340,10 +3343,10 @@
for (uint32_t key_size : {bitlen - 1, bitlen + 1, bitlen - 8, bitlen + 8}) {
// Explicit key size doesn't match that of the provided key.
auto result = ImportKey(AuthorizationSetBuilder()
- .Authorization(TAG_NO_AUTH_REQUIRED)
- .TripleDesEncryptionKey(key_size)
- .EcbMode()
- .Padding(PaddingMode::PKCS7),
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .TripleDesEncryptionKey(key_size)
+ .EcbMode()
+ .Padding(PaddingMode::PKCS7),
KeyFormat::RAW, key);
ASSERT_TRUE(result == ErrorCode::IMPORT_PARAMETER_MISMATCH ||
result == ErrorCode::UNSUPPORTED_KEY_SIZE)
@@ -6205,7 +6208,8 @@
.Digest(Digest::NONE)
.Padding(PaddingMode::NONE)
.Authorization(TAG_NO_AUTH_REQUIRED)
- .Authorization(TAG_ROLLBACK_RESISTANCE));
+ .Authorization(TAG_ROLLBACK_RESISTANCE)
+ .SetDefaultValidity());
ASSERT_TRUE(error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE || error == ErrorCode::OK);
// Delete must work if rollback protection is implemented
diff --git a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
index 78f8f08..38f3586 100644
--- a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -29,6 +29,7 @@
#include <openssl/ec_key.h>
#include <openssl/x509.h>
#include <remote_prov/remote_prov_utils.h>
+#include <vector>
#include "KeyMintAidlTestBase.h"
@@ -40,6 +41,7 @@
namespace {
#define INSTANTIATE_REM_PROV_AIDL_TEST(name) \
+ GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(name); \
INSTANTIATE_TEST_SUITE_P( \
PerInstance, name, \
testing::ValuesIn(VtsRemotelyProvisionedComponentTests::build_params()), \
@@ -102,8 +104,8 @@
return std::move(corruptSig);
}
-ErrMsgOr<EekChain> corrupt_sig_chain(const EekChain& eek, int which) {
- auto [chain, _, parseErr] = cppbor::parse(eek.chain);
+ErrMsgOr<bytevec> corrupt_sig_chain(const bytevec& encodedEekChain, int which) {
+ auto [chain, _, parseErr] = cppbor::parse(encodedEekChain);
if (!chain || !chain->asArray()) {
return "EekChain parse failed";
}
@@ -125,7 +127,7 @@
corruptChain.add(eekChain->get(ii)->clone());
}
}
- return EekChain{corruptChain.encode(), eek.last_pubkey, eek.last_privkey};
+ return corruptChain.encode();
}
string device_suffix(const string& name) {
@@ -271,14 +273,14 @@
class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
protected:
CertificateRequestTest() : eekId_(string_to_bytevec("eekid")), challenge_(randomBytes(32)) {
- generateEek(3);
+ generateTestEekChain(3);
}
- void generateEek(size_t eekLength) {
+ void generateTestEekChain(size_t eekLength) {
auto chain = generateEekChain(eekLength, eekId_);
EXPECT_TRUE(chain) << chain.message();
- if (chain) eekChain_ = chain.moveValue();
- eekLength_ = eekLength;
+ if (chain) testEekChain_ = chain.moveValue();
+ testEekLength_ = eekLength;
}
void generateKeys(bool testMode, size_t numKeys) {
@@ -297,7 +299,8 @@
}
void checkProtectedData(const DeviceInfo& deviceInfo, const cppbor::Array& keysToSign,
- const bytevec& keysToSignMac, const ProtectedData& protectedData) {
+ const bytevec& keysToSignMac, const ProtectedData& protectedData,
+ std::vector<BccEntryData>* bccOutput = nullptr) {
auto [parsedProtectedData, _, protDataErrMsg] = cppbor::parse(protectedData.protectedData);
ASSERT_TRUE(parsedProtectedData) << protDataErrMsg;
ASSERT_TRUE(parsedProtectedData->asArray());
@@ -307,8 +310,9 @@
ASSERT_TRUE(senderPubkey) << senderPubkey.message();
EXPECT_EQ(senderPubkey->second, eekId_);
- auto sessionKey = x25519_HKDF_DeriveKey(eekChain_.last_pubkey, eekChain_.last_privkey,
- senderPubkey->first, false /* senderIsA */);
+ auto sessionKey =
+ x25519_HKDF_DeriveKey(testEekChain_.last_pubkey, testEekChain_.last_privkey,
+ senderPubkey->first, false /* senderIsA */);
ASSERT_TRUE(sessionKey) << sessionKey.message();
auto protectedDataPayload =
@@ -354,11 +358,15 @@
auto macPayload = verifyAndParseCoseMac0(&coseMac0, *macKey);
ASSERT_TRUE(macPayload) << macPayload.message();
+
+ if (bccOutput) {
+ *bccOutput = std::move(*bccContents);
+ }
}
bytevec eekId_;
- size_t eekLength_;
- EekChain eekChain_;
+ size_t testEekLength_;
+ EekChain testEekChain_;
bytevec challenge_;
std::vector<MacedPublicKey> keysToSign_;
cppbor::Array cborKeysToSign_;
@@ -372,13 +380,13 @@
bool testMode = true;
for (size_t eekLength : {2, 3, 7}) {
SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
- generateEek(eekLength);
+ generateTestEekChain(eekLength);
bytevec keysToSignMac;
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
- testMode, {} /* keysToSign */, eekChain_.chain, challenge_, &deviceInfo,
+ testMode, {} /* keysToSign */, testEekChain_.chain, challenge_, &deviceInfo,
&protectedData, &keysToSignMac);
ASSERT_TRUE(status.isOk()) << status.getMessage();
@@ -387,31 +395,62 @@
}
/**
- * Generate an empty certificate request in prod mode. Generation will fail because we don't have a
- * valid GEEK.
- *
- * TODO(swillden): Get a valid GEEK and use it so the generation can succeed, though we won't be
- * able to decrypt.
+ * Ensure that test mode outputs a unique BCC root key every time we request a
+ * certificate request. Else, it's possible that the test mode API could be used
+ * to fingerprint devices. Only the GEEK should be allowed to decrypt the same
+ * device public key multiple times.
*/
-TEST_P(CertificateRequestTest, EmptyRequest_prodMode) {
- bool testMode = false;
- for (size_t eekLength : {2, 3, 7}) {
- SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
- generateEek(eekLength);
+TEST_P(CertificateRequestTest, NewKeyPerCallInTestMode) {
+ constexpr bool testMode = true;
- bytevec keysToSignMac;
- DeviceInfo deviceInfo;
- ProtectedData protectedData;
- auto status = provisionable_->generateCertificateRequest(
- testMode, {} /* keysToSign */, eekChain_.chain, challenge_, &deviceInfo,
- &protectedData, &keysToSignMac);
- EXPECT_FALSE(status.isOk());
- EXPECT_EQ(status.getServiceSpecificError(),
- BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, {} /* keysToSign */, testEekChain_.chain, challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
+ ASSERT_TRUE(status.isOk()) << status.getMessage();
+
+ std::vector<BccEntryData> firstBcc;
+ checkProtectedData(deviceInfo, /*keysToSign=*/cppbor::Array(), keysToSignMac, protectedData,
+ &firstBcc);
+
+ status = provisionable_->generateCertificateRequest(
+ testMode, {} /* keysToSign */, testEekChain_.chain, challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
+ ASSERT_TRUE(status.isOk()) << status.getMessage();
+
+ std::vector<BccEntryData> secondBcc;
+ checkProtectedData(deviceInfo, /*keysToSign=*/cppbor::Array(), keysToSignMac, protectedData,
+ &secondBcc);
+
+ // Verify that none of the keys in the first BCC are repeated in the second one.
+ for (const auto& i : firstBcc) {
+ for (auto& j : secondBcc) {
+ ASSERT_THAT(i.pubKey, testing::Not(testing::ElementsAreArray(j.pubKey)))
+ << "Found a repeated pubkey in two generateCertificateRequest test mode calls";
+ }
}
}
/**
+ * Generate an empty certificate request in prod mode. This test must be run explicitly, and
+ * is not run by default. Not all devices are GMS devices, and therefore they do not all
+ * trust the Google EEK root.
+ */
+TEST_P(CertificateRequestTest, DISABLED_EmptyRequest_prodMode) {
+ bool testMode = false;
+
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, {} /* keysToSign */, getProdEekChain(), challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
* Generate a non-empty certificate request in test mode. Decrypt, parse and validate the contents.
*/
TEST_P(CertificateRequestTest, NonEmptyRequest_testMode) {
@@ -420,13 +459,13 @@
for (size_t eekLength : {2, 3, 7}) {
SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
- generateEek(eekLength);
+ generateTestEekChain(eekLength);
bytevec keysToSignMac;
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
- testMode, keysToSign_, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
+ testMode, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo, &protectedData,
&keysToSignMac);
ASSERT_TRUE(status.isOk()) << status.getMessage();
@@ -435,30 +474,21 @@
}
/**
- * Generate a non-empty certificate request in prod mode. Must fail because we don't have a valid
- * GEEK.
- *
- * TODO(swillden): Get a valid GEEK and use it so the generation can succeed, though we won't be
- * able to decrypt.
+ * Generate a non-empty certificate request in prod mode. This test must be run explicitly, and
+ * is not run by default. Not all devices are GMS devices, and therefore they do not all
+ * trust the Google EEK root.
*/
-TEST_P(CertificateRequestTest, NonEmptyRequest_prodMode) {
+TEST_P(CertificateRequestTest, DISABLED_NonEmptyRequest_prodMode) {
bool testMode = false;
generateKeys(testMode, 4 /* numKeys */);
- for (size_t eekLength : {2, 3, 7}) {
- SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
- generateEek(eekLength);
-
- bytevec keysToSignMac;
- DeviceInfo deviceInfo;
- ProtectedData protectedData;
- auto status = provisionable_->generateCertificateRequest(
- testMode, keysToSign_, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
- &keysToSignMac);
- EXPECT_FALSE(status.isOk());
- EXPECT_EQ(status.getServiceSpecificError(),
- BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
- }
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, keysToSign_, getProdEekChain(), challenge_, &deviceInfo, &protectedData,
+ &keysToSignMac);
+ EXPECT_TRUE(status.isOk());
}
/**
@@ -473,8 +503,8 @@
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
- testMode, {keyWithCorruptMac}, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
- &keysToSignMac);
+ testMode, {keyWithCorruptMac}, testEekChain_.chain, challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk()) << status.getMessage();
EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_MAC);
}
@@ -483,7 +513,7 @@
* Generate a non-empty certificate request in prod mode, but with the MAC corrupted on the keypair.
*/
TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_prodMode) {
- bool testMode = true;
+ bool testMode = false;
generateKeys(testMode, 1 /* numKeys */);
MacedPublicKey keyWithCorruptMac = corrupt_maced_key(keysToSign_[0]).moveValue();
@@ -491,38 +521,35 @@
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
- testMode, {keyWithCorruptMac}, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
- &keysToSignMac);
+ testMode, {keyWithCorruptMac}, getProdEekChain(), challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk()) << status.getMessage();
- auto rc = status.getServiceSpecificError();
-
- // TODO(drysdale): drop the INVALID_EEK potential error code when a real GEEK is available.
- EXPECT_TRUE(rc == BnRemotelyProvisionedComponent::STATUS_INVALID_EEK ||
- rc == BnRemotelyProvisionedComponent::STATUS_INVALID_MAC);
+ EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_MAC);
}
/**
* Generate a non-empty certificate request in prod mode that has a corrupt EEK chain.
* Confirm that the request is rejected.
- *
- * TODO(drysdale): Update to use a valid GEEK, so that the test actually confirms that the
- * implementation is checking signatures.
*/
TEST_P(CertificateRequestTest, NonEmptyCorruptEekRequest_prodMode) {
bool testMode = false;
generateKeys(testMode, 4 /* numKeys */);
- for (size_t ii = 0; ii < eekLength_; ii++) {
- auto chain = corrupt_sig_chain(eekChain_, ii);
+ auto prodEekChain = getProdEekChain();
+ auto [parsedChain, _, parseErr] = cppbor::parse(prodEekChain);
+ ASSERT_NE(parsedChain, nullptr) << parseErr;
+ ASSERT_NE(parsedChain->asArray(), nullptr);
+
+ for (int ii = 0; ii < parsedChain->asArray()->size(); ++ii) {
+ auto chain = corrupt_sig_chain(prodEekChain, ii);
ASSERT_TRUE(chain) << chain.message();
- EekChain corruptEek = chain.moveValue();
bytevec keysToSignMac;
DeviceInfo deviceInfo;
ProtectedData protectedData;
- auto status = provisionable_->generateCertificateRequest(
- testMode, keysToSign_, corruptEek.chain, challenge_, &deviceInfo, &protectedData,
- &keysToSignMac);
+ auto status = provisionable_->generateCertificateRequest(testMode, keysToSign_, *chain,
+ challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk());
ASSERT_EQ(status.getServiceSpecificError(),
BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
@@ -532,9 +559,6 @@
/**
* Generate a non-empty certificate request in prod mode that has an incomplete EEK chain.
* Confirm that the request is rejected.
- *
- * TODO(drysdale): Update to use a valid GEEK, so that the test actually confirms that the
- * implementation is checking signatures.
*/
TEST_P(CertificateRequestTest, NonEmptyIncompleteEekRequest_prodMode) {
bool testMode = false;
@@ -542,7 +566,7 @@
// Build an EEK chain that omits the first self-signed cert.
auto truncatedChain = cppbor::Array();
- auto [chain, _, parseErr] = cppbor::parse(eekChain_.chain);
+ auto [chain, _, parseErr] = cppbor::parse(getProdEekChain());
ASSERT_TRUE(chain);
auto eekChain = chain->asArray();
ASSERT_NE(eekChain, nullptr);
@@ -571,7 +595,7 @@
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
- true /* testMode */, keysToSign_, eekChain_.chain, challenge_, &deviceInfo,
+ true /* testMode */, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo,
&protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk());
ASSERT_EQ(status.getServiceSpecificError(),
@@ -589,7 +613,7 @@
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
- false /* testMode */, keysToSign_, eekChain_.chain, challenge_, &deviceInfo,
+ false /* testMode */, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo,
&protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk());
ASSERT_EQ(status.getServiceSpecificError(),
diff --git a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.xml b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.xml
new file mode 100644
index 0000000..2375bde
--- /dev/null
+++ b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (C) 2021 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration description="Runs VtsHalRemotelyProvisionedComponentTargetTest.">
+ <option name="test-suite-tag" value="apct" />
+ <option name="test-suite-tag" value="apct-native" />
+
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+
+ <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
+ <option name="cleanup" value="true" />
+ <option name="push-file"
+ key="VtsHalRemotelyProvisionedComponentTargetTest"
+ value="/data/local/tmp/VtsHalRemotelyProvisionedComponentTargetTest" />
+ </target_preparer>
+
+ <test class="com.android.tradefed.testtype.GTest" >
+ <option name="native-test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="VtsHalRemotelyProvisionedComponentTargetTest" />
+ <option name="native-test-timeout" value="900000"/> <!-- 15 minutes -->
+ </test>
+</configuration>
diff --git a/security/keymint/aidl/vts/performance/Android.bp b/security/keymint/aidl/vts/performance/Android.bp
index 79ed0d5..355f87b 100644
--- a/security/keymint/aidl/vts/performance/Android.bp
+++ b/security/keymint/aidl/vts/performance/Android.bp
@@ -39,8 +39,8 @@
"libkeymint_support",
],
static_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
- "android.hardware.security.secureclock-V1-ndk_platform",
+ "android.hardware.security.keymint-V1-ndk",
+ "android.hardware.security.secureclock-V1-ndk",
"libcppbor_external",
"libchrome",
],
diff --git a/security/keymint/support/Android.bp b/security/keymint/support/Android.bp
index 718133a..bdb4cdf 100644
--- a/security/keymint/support/Android.bp
+++ b/security/keymint/support/Android.bp
@@ -40,7 +40,7 @@
"include",
],
shared_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
+ "android.hardware.security.keymint-V1-ndk",
"libbase",
"libcrypto",
"libutils",
@@ -57,8 +57,28 @@
"include",
],
shared_libs: [
+ "libbase",
"libcppbor_external",
"libcppcose_rkp",
"libcrypto",
+ "libjsoncpp",
+ ],
+}
+
+cc_test {
+ name: "libkeymint_remote_prov_support_test",
+ srcs: ["remote_prov_utils_test.cpp"],
+ static_libs: [
+ "libgmock",
+ "libgtest_main",
+ ],
+ shared_libs: [
+ "libbase",
+ "libcppbor_external",
+ "libcppcose_rkp",
+ "libcrypto",
+ "libjsoncpp",
+ "libkeymaster_portable",
+ "libkeymint_remote_prov_support",
],
}
diff --git a/security/keymint/support/include/remote_prov/remote_prov_utils.h b/security/keymint/support/include/remote_prov/remote_prov_utils.h
index e4261f3..406b7a9 100644
--- a/security/keymint/support/include/remote_prov/remote_prov_utils.h
+++ b/security/keymint/support/include/remote_prov/remote_prov_utils.h
@@ -27,6 +27,31 @@
extern bytevec kTestMacKey;
+// The Google root key for the Endpoint Encryption Key chain, encoded as COSE_Sign1
+inline constexpr uint8_t kCoseEncodedRootCert[] = {
+ 0x84, 0x43, 0xa1, 0x01, 0x27, 0xa0, 0x58, 0x2a, 0xa4, 0x01, 0x01, 0x03, 0x27, 0x20, 0x06,
+ 0x21, 0x58, 0x20, 0x99, 0xb9, 0xee, 0xdd, 0x5e, 0xe4, 0x52, 0xf6, 0x85, 0xc6, 0x4c, 0x62,
+ 0xdc, 0x3e, 0x61, 0xab, 0x57, 0x48, 0x7d, 0x75, 0x37, 0x29, 0xad, 0x76, 0x80, 0x32, 0xd2,
+ 0xb3, 0xcb, 0x63, 0x58, 0xd9, 0x58, 0x40, 0x1e, 0x22, 0x08, 0x4b, 0xa4, 0xb7, 0xa4, 0xc8,
+ 0xd7, 0x4e, 0x03, 0x0e, 0xfe, 0xb8, 0xaf, 0x14, 0x4c, 0xa7, 0x3b, 0x6f, 0xa5, 0xcd, 0xdc,
+ 0xda, 0x79, 0xc6, 0x2b, 0x64, 0xfe, 0x99, 0x39, 0xaf, 0x76, 0xe7, 0x80, 0xfa, 0x66, 0x00,
+ 0x85, 0x0d, 0x07, 0x98, 0x2a, 0xac, 0x91, 0x5c, 0xa7, 0x25, 0x14, 0x49, 0x06, 0x34, 0x75,
+ 0xca, 0x8a, 0x27, 0x7a, 0xd9, 0xe3, 0x5a, 0x49, 0xeb, 0x02, 0x03};
+
+// The Google Endpoint Encryption Key certificate, encoded as COSE_Sign1
+inline constexpr uint8_t kCoseEncodedGeekCert[] = {
+ 0x84, 0x43, 0xa1, 0x01, 0x27, 0xa0, 0x58, 0x4e, 0xa5, 0x01, 0x01, 0x02, 0x58, 0x20,
+ 0xd0, 0xae, 0xc1, 0x15, 0xca, 0x2a, 0xcf, 0x73, 0xae, 0x6b, 0xcc, 0xcb, 0xd1, 0x96,
+ 0x1d, 0x65, 0xe8, 0xb1, 0xdd, 0xd7, 0x4a, 0x1a, 0x37, 0xb9, 0x43, 0x3a, 0x97, 0xd5,
+ 0x99, 0xdf, 0x98, 0x08, 0x03, 0x38, 0x18, 0x20, 0x04, 0x21, 0x58, 0x20, 0xbe, 0x85,
+ 0xe7, 0x46, 0xc4, 0xa3, 0x42, 0x5a, 0x40, 0xd9, 0x36, 0x3a, 0xa6, 0x15, 0xd0, 0x2c,
+ 0x58, 0x7e, 0x3d, 0xdc, 0x33, 0x02, 0x32, 0xd2, 0xfc, 0x5e, 0x1e, 0x87, 0x25, 0x5f,
+ 0x72, 0x60, 0x58, 0x40, 0x9b, 0xcf, 0x90, 0xe2, 0x2e, 0x4b, 0xab, 0xd1, 0x18, 0xb1,
+ 0x0e, 0x8e, 0x5d, 0x20, 0x27, 0x4b, 0x84, 0x58, 0xfe, 0xfc, 0x32, 0x90, 0x7e, 0x72,
+ 0x05, 0x83, 0xbc, 0xd7, 0x82, 0xbe, 0xfa, 0x64, 0x78, 0x2d, 0x54, 0x10, 0x4b, 0xc0,
+ 0x31, 0xbf, 0x6b, 0xe8, 0x1e, 0x35, 0xe2, 0xf0, 0x2d, 0xce, 0x6c, 0x2f, 0x4f, 0xf2,
+ 0xf5, 0x4f, 0xa5, 0xd4, 0x83, 0xad, 0x96, 0xa2, 0xf1, 0x87, 0x58, 0x04};
+
/**
* Generates random bytes.
*/
@@ -44,6 +69,11 @@
*/
ErrMsgOr<EekChain> generateEekChain(size_t length, const bytevec& eekId);
+/**
+ * Returns the CBOR-encoded, production Google Endpoint Encryption Key chain.
+ */
+bytevec getProdEekChain();
+
struct BccEntryData {
bytevec pubKey;
};
@@ -57,4 +87,26 @@
*/
ErrMsgOr<std::vector<BccEntryData>> validateBcc(const cppbor::Array* bcc);
+struct JsonOutput {
+ static JsonOutput Ok(std::string json) { return {std::move(json), ""}; }
+ static JsonOutput Error(std::string error) { return {"", std::move(error)}; }
+
+ std::string output;
+ std::string error; // if non-empty, this describes what went wrong
+};
+
+/**
+ * Take a given certificate request and output a JSON blob containing both the
+ * build fingerprint and certificate request. This data may be serialized, then
+ * later uploaded to the remote provisioning service. The input csr is not
+ * validated, only encoded.
+ *
+ * Output format:
+ * {
+ * "build_fingerprint": <string>
+ * "csr": <base64 CBOR CSR>
+ * }
+ */
+JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr);
+
} // namespace aidl::android::hardware::security::keymint::remote_prov
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 33f1ed3..0cbee51 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -14,11 +14,15 @@
* limitations under the License.
*/
-#include <remote_prov/remote_prov_utils.h>
+#include <iterator>
+#include <tuple>
-#include <openssl/rand.h>
-
+#include <android-base/properties.h>
#include <cppbor.h>
+#include <json/json.h>
+#include <openssl/base64.h>
+#include <openssl/rand.h>
+#include <remote_prov/remote_prov_utils.h>
namespace aidl::android::hardware::security::keymint::remote_prov {
@@ -31,6 +35,10 @@
}
ErrMsgOr<EekChain> generateEekChain(size_t length, const bytevec& eekId) {
+ if (length < 2) {
+ return "EEK chain must contain at least 2 certs.";
+ }
+
auto eekChain = cppbor::Array();
bytevec prev_priv_key;
@@ -78,6 +86,18 @@
return EekChain{eekChain.encode(), pub_key, priv_key};
}
+bytevec getProdEekChain() {
+ bytevec prodEek;
+ prodEek.reserve(1 + sizeof(kCoseEncodedRootCert) + sizeof(kCoseEncodedGeekCert));
+
+ // In CBOR encoding, 0x82 indicates an array of two items
+ prodEek.push_back(0x82);
+ prodEek.insert(prodEek.end(), std::begin(kCoseEncodedRootCert), std::end(kCoseEncodedRootCert));
+ prodEek.insert(prodEek.end(), std::begin(kCoseEncodedGeekCert), std::end(kCoseEncodedGeekCert));
+
+ return prodEek;
+}
+
ErrMsgOr<bytevec> verifyAndParseCoseSign1Cwt(const cppbor::Array* coseSign1,
const bytevec& signingCoseKey, const bytevec& aad) {
if (!coseSign1 || coseSign1->size() != kCoseSign1EntryCount) {
@@ -162,4 +182,36 @@
return result;
}
+JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) {
+ const std::string kFingerprintProp = "ro.build.fingerprint";
+
+ if (!::android::base::WaitForPropertyCreation(kFingerprintProp)) {
+ return JsonOutput::Error("Unable to read build fingerprint");
+ }
+
+ bytevec csrCbor = csr.encode();
+ size_t base64Length;
+ int rc = EVP_EncodedLength(&base64Length, csrCbor.size());
+ if (!rc) {
+ return JsonOutput::Error("Error getting base64 length. Size overflow?");
+ }
+
+ std::vector<char> base64(base64Length);
+ rc = EVP_EncodeBlock(reinterpret_cast<uint8_t*>(base64.data()), csrCbor.data(), csrCbor.size());
+ ++rc; // Account for NUL, which BoringSSL does not for some reason.
+ if (rc != base64Length) {
+ return JsonOutput::Error("Error writing base64. Expected " + std::to_string(base64Length) +
+ " bytes to be written, but " + std::to_string(rc) +
+ " bytes were actually written.");
+ }
+
+ Json::Value json(Json::objectValue);
+ json["build_fingerprint"] = ::android::base::GetProperty(kFingerprintProp, /*default=*/"");
+ json["csr"] = base64.data(); // Boring writes a NUL-terminated c-string
+
+ Json::StreamWriterBuilder factory;
+ factory["indentation"] = ""; // disable pretty formatting
+ return JsonOutput::Ok(Json::writeString(factory, json));
+}
+
} // namespace aidl::android::hardware::security::keymint::remote_prov
diff --git a/security/keymint/support/remote_prov_utils_test.cpp b/security/keymint/support/remote_prov_utils_test.cpp
new file mode 100644
index 0000000..8697c51
--- /dev/null
+++ b/security/keymint/support/remote_prov_utils_test.cpp
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <android-base/properties.h>
+#include <cppbor_parse.h>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <keymaster/android_keymaster_utils.h>
+#include <keymaster/logger.h>
+#include <keymaster/remote_provisioning_utils.h>
+#include <openssl/curve25519.h>
+#include <remote_prov/remote_prov_utils.h>
+#include <cstdint>
+#include "cppbor.h"
+#include "keymaster/cppcose/cppcose.h"
+
+namespace aidl::android::hardware::security::keymint::remote_prov {
+namespace {
+
+using ::keymaster::KeymasterBlob;
+using ::keymaster::validateAndExtractEekPubAndId;
+using ::testing::ElementsAreArray;
+
+TEST(RemoteProvUtilsTest, GenerateEekChainInvalidLength) {
+ ASSERT_FALSE(generateEekChain(1, /*eekId=*/{}));
+}
+
+TEST(RemoteProvUtilsTest, GenerateEekChain) {
+ bytevec kTestEekId = {'t', 'e', 's', 't', 'I', 'd', 0};
+ for (size_t length : {2, 3, 31}) {
+ auto get_eek_result = generateEekChain(length, kTestEekId);
+ ASSERT_TRUE(get_eek_result) << get_eek_result.message();
+
+ auto& [chain, pubkey, privkey] = *get_eek_result;
+
+ auto validation_result = validateAndExtractEekPubAndId(
+ /*testMode=*/true, KeymasterBlob(chain.data(), chain.size()));
+ ASSERT_TRUE(validation_result.isOk());
+
+ auto& [eekPub, eekId] = *validation_result;
+ EXPECT_THAT(eekId, ElementsAreArray(kTestEekId));
+ EXPECT_THAT(eekPub, ElementsAreArray(pubkey));
+ }
+}
+
+TEST(RemoteProvUtilsTest, GetProdEekChain) {
+ auto chain = getProdEekChain();
+
+ auto validation_result = validateAndExtractEekPubAndId(
+ /*testMode=*/false, KeymasterBlob(chain.data(), chain.size()));
+ ASSERT_TRUE(validation_result.isOk()) << "Error: " << validation_result.moveError();
+
+ auto& [eekPub, eekId] = *validation_result;
+
+ auto [geekCert, ignoredNewPos, error] =
+ cppbor::parse(kCoseEncodedGeekCert, sizeof(kCoseEncodedGeekCert));
+ ASSERT_NE(geekCert, nullptr) << "Error: " << error;
+ ASSERT_NE(geekCert->asArray(), nullptr);
+
+ auto& encodedGeekCoseKey = geekCert->asArray()->get(kCoseSign1Payload);
+ ASSERT_NE(encodedGeekCoseKey, nullptr);
+ ASSERT_NE(encodedGeekCoseKey->asBstr(), nullptr);
+
+ auto geek = CoseKey::parse(encodedGeekCoseKey->asBstr()->value());
+ ASSERT_TRUE(geek) << "Error: " << geek.message();
+
+ const std::vector<uint8_t> empty;
+ EXPECT_THAT(eekId, ElementsAreArray(geek->getBstrValue(CoseKey::KEY_ID).value_or(empty)));
+ EXPECT_THAT(eekPub, ElementsAreArray(geek->getBstrValue(CoseKey::PUBKEY_X).value_or(empty)));
+}
+
+TEST(RemoteProvUtilsTest, JsonEncodeCsr) {
+ cppbor::Array array;
+ array.add(1);
+
+ auto [json, error] = jsonEncodeCsrWithBuild(array);
+
+ ASSERT_TRUE(error.empty()) << error;
+
+ std::string expected = R"({"build_fingerprint":")" +
+ ::android::base::GetProperty("ro.build.fingerprint", /*default=*/"") +
+ R"(","csr":"gQE="})";
+
+ ASSERT_EQ(json, expected);
+}
+
+} // namespace
+} // namespace aidl::android::hardware::security::keymint::remote_prov
diff --git a/security/secureclock/aidl/vts/functional/Android.bp b/security/secureclock/aidl/vts/functional/Android.bp
index 56c8e1d..806517d 100644
--- a/security/secureclock/aidl/vts/functional/Android.bp
+++ b/security/secureclock/aidl/vts/functional/Android.bp
@@ -41,8 +41,8 @@
"libcrypto",
],
static_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
- "android.hardware.security.secureclock-V1-ndk_platform",
+ "android.hardware.security.keymint-V1-ndk",
+ "android.hardware.security.secureclock-V1-ndk",
"libkeymint",
],
test_suites: [
diff --git a/security/sharedsecret/aidl/vts/functional/Android.bp b/security/sharedsecret/aidl/vts/functional/Android.bp
index d3747fc..94da675 100644
--- a/security/sharedsecret/aidl/vts/functional/Android.bp
+++ b/security/sharedsecret/aidl/vts/functional/Android.bp
@@ -41,8 +41,8 @@
"libcrypto",
],
static_libs: [
- "android.hardware.security.keymint-V1-ndk_platform",
- "android.hardware.security.sharedsecret-V1-ndk_platform",
+ "android.hardware.security.keymint-V1-ndk",
+ "android.hardware.security.sharedsecret-V1-ndk",
"libkeymint",
],
test_suites: [
diff --git a/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp b/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
index 919f882..51938ba 100644
--- a/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
+++ b/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp
@@ -268,10 +268,16 @@
<< "Shared secret service that provided tweaked param should fail to compute "
"shared secret";
} else {
- EXPECT_EQ(ErrorCode::OK, responses[i].error) << "Others should succeed";
- EXPECT_NE(correct_response, responses[i].sharing_check)
- << "Others should calculate a different shared secret, due to the tweaked "
- "nonce.";
+ // Other services *may* succeed, or may notice the invalid size for the nonce.
+ // However, if another service completes the computation, it should get the 'wrong'
+ // answer.
+ if (responses[i].error == ErrorCode::OK) {
+ EXPECT_NE(correct_response, responses[i].sharing_check)
+ << "Others should calculate a different shared secret, due to the tweaked "
+ "nonce.";
+ } else {
+ EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error);
+ }
}
}
}
@@ -348,10 +354,16 @@
<< "Shared secret service that provided tweaked param should fail to compute "
"shared secret";
} else {
- EXPECT_EQ(ErrorCode::OK, responses[i].error) << "Others should succeed";
- EXPECT_NE(correct_response, responses[i].sharing_check)
- << "Others should calculate a different shared secret, due to the tweaked "
- "nonce.";
+ // Other services *may* succeed, or may notice the invalid size for the seed.
+ // However, if another service completes the computation, it should get the 'wrong'
+ // answer.
+ if (responses[i].error == ErrorCode::OK) {
+ EXPECT_NE(correct_response, responses[i].sharing_check)
+ << "Others should calculate a different shared secret, due to the tweaked "
+ "seed.";
+ } else {
+ EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error);
+ }
}
}
}
diff --git a/sensors/common/default/2.X/Sensor.cpp b/sensors/common/default/2.X/Sensor.cpp
index 1a7c628..23c9803 100644
--- a/sensors/common/default/2.X/Sensor.cpp
+++ b/sensors/common/default/2.X/Sensor.cpp
@@ -114,7 +114,7 @@
});
} else {
timespec curTime;
- clock_gettime(CLOCK_REALTIME, &curTime);
+ clock_gettime(CLOCK_BOOTTIME, &curTime);
int64_t now = (curTime.tv_sec * kNanosecondsInSeconds) + curTime.tv_nsec;
int64_t nextSampleTime = mLastSampleTimeNs + mSamplingPeriodNs;
diff --git a/sensors/common/default/2.X/multihal/tests/fake_subhal/Sensor.cpp b/sensors/common/default/2.X/multihal/tests/fake_subhal/Sensor.cpp
index 69debb6..f5745c5 100644
--- a/sensors/common/default/2.X/multihal/tests/fake_subhal/Sensor.cpp
+++ b/sensors/common/default/2.X/multihal/tests/fake_subhal/Sensor.cpp
@@ -125,7 +125,7 @@
});
} else {
timespec curTime;
- clock_gettime(CLOCK_REALTIME, &curTime);
+ clock_gettime(CLOCK_BOOTTIME, &curTime);
int64_t now = (curTime.tv_sec * kNanosecondsInSeconds) + curTime.tv_nsec;
int64_t nextSampleTime = mLastSampleTimeNs + mSamplingPeriodNs;
diff --git a/soundtrigger/2.2/vts/functional/OWNERS b/soundtrigger/2.2/vts/functional/OWNERS
new file mode 100644
index 0000000..43126f6
--- /dev/null
+++ b/soundtrigger/2.2/vts/functional/OWNERS
@@ -0,0 +1,3 @@
+# Bug component: 48436
+ytai@google.com
+mdooley@google.com
diff --git a/tests/extension/vibrator/aidl/client/Android.bp b/tests/extension/vibrator/aidl/client/Android.bp
index fb34d7e..20b0344 100644
--- a/tests/extension/vibrator/aidl/client/Android.bp
+++ b/tests/extension/vibrator/aidl/client/Android.bp
@@ -27,7 +27,7 @@
"android.hardware.tests.extension.vibrator-V1-cpp",
"libbinder_ndk",
- "android.hardware.vibrator-V1-ndk_platform",
- "android.hardware.tests.extension.vibrator-V1-ndk_platform",
+ "android.hardware.vibrator-V1-ndk",
+ "android.hardware.tests.extension.vibrator-V1-ndk",
],
}
diff --git a/tests/extension/vibrator/aidl/default/Android.bp b/tests/extension/vibrator/aidl/default/Android.bp
index 17054f4..f489ed9 100644
--- a/tests/extension/vibrator/aidl/default/Android.bp
+++ b/tests/extension/vibrator/aidl/default/Android.bp
@@ -28,7 +28,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.vibrator-V1-ndk_platform",
- "android.hardware.tests.extension.vibrator-V1-ndk_platform",
+ "android.hardware.vibrator-V1-ndk",
+ "android.hardware.tests.extension.vibrator-V1-ndk",
],
}
diff --git a/tests/lazy_cb/1.0/.hidl_for_system_ext b/tests/lazy_cb/1.0/.hidl_for_system_ext
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/lazy_cb/1.0/.hidl_for_system_ext
diff --git a/tests/lazy_cb/1.0/Android.bp b/tests/lazy_cb/1.0/Android.bp
new file mode 100644
index 0000000..4d82b63
--- /dev/null
+++ b/tests/lazy_cb/1.0/Android.bp
@@ -0,0 +1,23 @@
+// This file is autogenerated by hidl-gen -Landroidbp.
+
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+hidl_interface {
+ name: "android.hardware.tests.lazy_cb@1.0",
+ root: "android.hardware",
+ system_ext_specific: true,
+ srcs: [
+ "ILazyCb.hal",
+ ],
+ interfaces: [
+ "android.hidl.base@1.0",
+ ],
+ gen_java: true,
+}
diff --git a/tests/lazy_cb/1.0/ILazyCb.hal b/tests/lazy_cb/1.0/ILazyCb.hal
new file mode 100644
index 0000000..a9046b3
--- /dev/null
+++ b/tests/lazy_cb/1.0/ILazyCb.hal
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.tests.lazy_cb@1.0;
+
+interface ILazyCb {
+ /**
+ * Set the eventfd used to notify that the active services
+ * callback is being executed and is about to terminate the process.
+ */
+ setEventFd(handle fds) generates (bool success);
+};
diff --git a/tests/msgq/1.0/default/Android.bp b/tests/msgq/1.0/default/Android.bp
index 5f116e7..75973fc 100644
--- a/tests/msgq/1.0/default/Android.bp
+++ b/tests/msgq/1.0/default/Android.bp
@@ -100,10 +100,10 @@
// These are static libs only for testing purposes and portability. Shared
// libs should be used on device.
static_libs: [
- "android.hardware.common-V2-ndk_platform",
- "android.hardware.common.fmq-V1-ndk_platform",
+ "android.hardware.common-V2-ndk",
+ "android.hardware.common.fmq-V1-ndk",
"android.hardware.tests.msgq@1.0",
- "android.fmq.test-ndk_platform",
+ "android.fmq.test-ndk",
],
whole_static_libs: [
"android.hardware.tests.msgq@1.0-impl",
diff --git a/thermal/2.0/vts/functional/VtsHalThermalV2_0TargetTest.cpp b/thermal/2.0/vts/functional/VtsHalThermalV2_0TargetTest.cpp
index 2ee91f4..c7bab5c 100644
--- a/thermal/2.0/vts/functional/VtsHalThermalV2_0TargetTest.cpp
+++ b/thermal/2.0/vts/functional/VtsHalThermalV2_0TargetTest.cpp
@@ -103,12 +103,11 @@
// Test ThermalChangedCallback::notifyThrottling().
// This just calls into and back from our local ThermalChangedCallback impl.
-// Note: a real thermal throttling event from the Thermal HAL could be
-// inadvertently received here.
TEST_P(ThermalHidlTest, NotifyThrottlingTest) {
- auto ret = mThermalCallback->notifyThrottling(kThrottleTemp);
+ sp<ThermalCallback> thermalCallback = new (std::nothrow) ThermalCallback();
+ auto ret = thermalCallback->notifyThrottling(kThrottleTemp);
ASSERT_TRUE(ret.isOk());
- auto res = mThermalCallback->WaitForCallback(kCallbackNameNotifyThrottling);
+ auto res = thermalCallback->WaitForCallback(kCallbackNameNotifyThrottling);
EXPECT_TRUE(res.no_timeout);
ASSERT_TRUE(res.args);
EXPECT_EQ(kThrottleTemp, res.args->temperature);
diff --git a/tv/cec/1.0/default/Android.bp b/tv/cec/1.0/default/Android.bp
index fc4298d..b4053df 100644
--- a/tv/cec/1.0/default/Android.bp
+++ b/tv/cec/1.0/default/Android.bp
@@ -12,12 +12,16 @@
defaults: ["hidl_defaults"],
vendor: true,
relative_install_path: "hw",
- srcs: ["HdmiCec.cpp"],
+ srcs: [
+ "HdmiCec.cpp",
+ "HdmiCecDefault.cpp",
+ ],
shared_libs: [
"libhidlbase",
"liblog",
"libbase",
+ "libcutils",
"libutils",
"libhardware",
"android.hardware.tv.cec@1.0",
diff --git a/tv/cec/1.0/default/HdmiCec.cpp b/tv/cec/1.0/default/HdmiCec.cpp
index 171bdfe..74de785 100644
--- a/tv/cec/1.0/default/HdmiCec.cpp
+++ b/tv/cec/1.0/default/HdmiCec.cpp
@@ -20,6 +20,7 @@
#include <hardware/hardware.h>
#include <hardware/hdmi_cec.h>
#include "HdmiCec.h"
+#include "HdmiCecDefault.h"
namespace android {
namespace hardware {
@@ -390,6 +391,15 @@
return mDevice->is_connected(mDevice, portId) > 0;
}
+IHdmiCec* getHdmiCecDefault() {
+ HdmiCecDefault* hdmiCecDefault = new HdmiCecDefault();
+ Result result = hdmiCecDefault->init();
+ if (result == Result::SUCCESS) {
+ return hdmiCecDefault;
+ }
+ LOG(ERROR) << "Failed to load default HAL.";
+ return nullptr;
+}
IHdmiCec* HIDL_FETCH_IHdmiCec(const char* hal) {
hdmi_cec_device_t* hdmi_cec_device;
@@ -410,7 +420,7 @@
return new HdmiCec(hdmi_cec_device);
} else {
LOG(ERROR) << "Passthrough failed to load legacy HAL.";
- return nullptr;
+ return getHdmiCecDefault();
}
}
diff --git a/tv/cec/1.0/default/HdmiCecDefault.cpp b/tv/cec/1.0/default/HdmiCecDefault.cpp
new file mode 100644
index 0000000..299bcf0
--- /dev/null
+++ b/tv/cec/1.0/default/HdmiCecDefault.cpp
@@ -0,0 +1,461 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "android.hardware.tv.cec@1.0-impl"
+#include <android-base/logging.h>
+
+#include <cutils/properties.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <linux/cec.h>
+#include <linux/ioctl.h>
+#include <poll.h>
+#include <pthread.h>
+#include <sys/eventfd.h>
+#include <algorithm>
+
+#include "HdmiCecDefault.h"
+
+namespace android {
+namespace hardware {
+namespace tv {
+namespace cec {
+namespace V1_0 {
+namespace implementation {
+
+// When set to false, all the CEC commands are discarded. True by default after initialization.
+bool mCecEnabled;
+/*
+ * When set to false, HAL does not wake up the system upon receiving <Image View On> or
+ * <Text View On>. True by default after initialization.
+ */
+bool mWakeupEnabled;
+
+int mCecFd;
+int mExitFd;
+pthread_t mEventThread;
+sp<IHdmiCecCallback> mCallback;
+
+HdmiCecDefault::HdmiCecDefault() {
+ mCecFd = -1;
+ mExitFd = -1;
+ mCecEnabled = false;
+ mWakeupEnabled = false;
+ mCallback = nullptr;
+}
+
+HdmiCecDefault::~HdmiCecDefault() {
+ release();
+}
+
+// Methods from ::android::hardware::tv::cec::V1_0::IHdmiCec follow.
+Return<Result> HdmiCecDefault::addLogicalAddress(CecLogicalAddress addr) {
+ if (addr < CecLogicalAddress::TV || addr >= CecLogicalAddress::BROADCAST) {
+ LOG(ERROR) << "Add logical address failed, Invalid address";
+ return Result::FAILURE_INVALID_ARGS;
+ }
+
+ struct cec_log_addrs cecLogAddrs;
+ int ret = ioctl(mCecFd, CEC_ADAP_G_LOG_ADDRS, &cecLogAddrs);
+ if (ret) {
+ LOG(ERROR) << "Add logical address failed, Error = " << strerror(errno);
+ return Result::FAILURE_BUSY;
+ }
+
+ cecLogAddrs.cec_version = getCecVersion();
+ cecLogAddrs.vendor_id = getVendorId();
+
+ unsigned int logAddrType = CEC_LOG_ADDR_TYPE_UNREGISTERED;
+ unsigned int allDevTypes = 0;
+ unsigned int primDevType = 0xff;
+ switch (addr) {
+ case CecLogicalAddress::TV:
+ primDevType = CEC_OP_PRIM_DEVTYPE_TV;
+ logAddrType = CEC_LOG_ADDR_TYPE_TV;
+ allDevTypes = CEC_OP_ALL_DEVTYPE_TV;
+ break;
+ case CecLogicalAddress::RECORDER_1:
+ case CecLogicalAddress::RECORDER_2:
+ case CecLogicalAddress::RECORDER_3:
+ primDevType = CEC_OP_PRIM_DEVTYPE_RECORD;
+ logAddrType = CEC_LOG_ADDR_TYPE_RECORD;
+ allDevTypes = CEC_OP_ALL_DEVTYPE_RECORD;
+ break;
+ case CecLogicalAddress::TUNER_1:
+ case CecLogicalAddress::TUNER_2:
+ case CecLogicalAddress::TUNER_3:
+ case CecLogicalAddress::TUNER_4:
+ primDevType = CEC_OP_PRIM_DEVTYPE_TUNER;
+ logAddrType = CEC_LOG_ADDR_TYPE_TUNER;
+ allDevTypes = CEC_OP_ALL_DEVTYPE_TUNER;
+ break;
+ case CecLogicalAddress::PLAYBACK_1:
+ case CecLogicalAddress::PLAYBACK_2:
+ case CecLogicalAddress::PLAYBACK_3:
+ primDevType = CEC_OP_PRIM_DEVTYPE_PLAYBACK;
+ logAddrType = CEC_LOG_ADDR_TYPE_PLAYBACK;
+ allDevTypes = CEC_OP_ALL_DEVTYPE_PLAYBACK;
+ cecLogAddrs.flags |= CEC_LOG_ADDRS_FL_ALLOW_RC_PASSTHRU;
+ break;
+ case CecLogicalAddress::AUDIO_SYSTEM:
+ primDevType = CEC_OP_PRIM_DEVTYPE_AUDIOSYSTEM;
+ logAddrType = CEC_LOG_ADDR_TYPE_AUDIOSYSTEM;
+ allDevTypes = CEC_OP_ALL_DEVTYPE_AUDIOSYSTEM;
+ break;
+ case CecLogicalAddress::FREE_USE:
+ primDevType = CEC_OP_PRIM_DEVTYPE_PROCESSOR;
+ logAddrType = CEC_LOG_ADDR_TYPE_SPECIFIC;
+ allDevTypes = CEC_OP_ALL_DEVTYPE_SWITCH;
+ break;
+ case CecLogicalAddress::UNREGISTERED:
+ cecLogAddrs.flags |= CEC_LOG_ADDRS_FL_ALLOW_UNREG_FALLBACK;
+ break;
+ }
+
+ int logAddrIndex = cecLogAddrs.num_log_addrs;
+
+ cecLogAddrs.num_log_addrs += 1;
+ cecLogAddrs.log_addr[logAddrIndex] = static_cast<cec_logical_address_t>(addr);
+ cecLogAddrs.log_addr_type[logAddrIndex] = logAddrType;
+ cecLogAddrs.primary_device_type[logAddrIndex] = primDevType;
+ cecLogAddrs.all_device_types[logAddrIndex] = allDevTypes;
+ cecLogAddrs.features[logAddrIndex][0] = 0;
+ cecLogAddrs.features[logAddrIndex][1] = 0;
+
+ ret = ioctl(mCecFd, CEC_ADAP_S_LOG_ADDRS, &cecLogAddrs);
+ if (ret) {
+ LOG(ERROR) << "Add logical address failed, Error = " << strerror(errno);
+ return Result::FAILURE_BUSY;
+ }
+ return Result::SUCCESS;
+}
+
+Return<void> HdmiCecDefault::clearLogicalAddress() {
+ struct cec_log_addrs cecLogAddrs;
+ memset(&cecLogAddrs, 0, sizeof(cecLogAddrs));
+ int ret = ioctl(mCecFd, CEC_ADAP_S_LOG_ADDRS, &cecLogAddrs);
+ if (ret) {
+ LOG(ERROR) << "Clear logical Address failed, Error = " << strerror(errno);
+ }
+ return Void();
+}
+
+Return<void> HdmiCecDefault::getPhysicalAddress(getPhysicalAddress_cb callback) {
+ uint16_t addr;
+ int ret = ioctl(mCecFd, CEC_ADAP_G_PHYS_ADDR, &addr);
+ if (ret) {
+ LOG(ERROR) << "Get physical address failed, Error = " << strerror(errno);
+ callback(Result::FAILURE_INVALID_STATE, addr);
+ return Void();
+ }
+ callback(Result::SUCCESS, addr);
+ return Void();
+}
+
+Return<SendMessageResult> HdmiCecDefault::sendMessage(const CecMessage& message) {
+ if (!mCecEnabled) {
+ return SendMessageResult::FAIL;
+ }
+
+ struct cec_msg cecMsg;
+ memset(&cecMsg, 0, sizeof(cec_msg));
+
+ int initiator = static_cast<cec_logical_address_t>(message.initiator);
+ int destination = static_cast<cec_logical_address_t>(message.destination);
+
+ cecMsg.msg[0] = (initiator << 4) | destination;
+ for (size_t i = 0; i < message.body.size(); ++i) {
+ cecMsg.msg[i + 1] = message.body[i];
+ }
+ cecMsg.len = message.body.size() + 1;
+
+ int ret = ioctl(mCecFd, CEC_TRANSMIT, &cecMsg);
+
+ if (ret) {
+ LOG(ERROR) << "Send message failed, Error = " << strerror(errno);
+ return SendMessageResult::FAIL;
+ }
+
+ if (cecMsg.tx_status != CEC_TX_STATUS_OK) {
+ LOG(ERROR) << "Send message tx_status = " << cecMsg.tx_status;
+ }
+
+ switch (cecMsg.tx_status) {
+ case CEC_TX_STATUS_OK:
+ return SendMessageResult::SUCCESS;
+ case CEC_TX_STATUS_ARB_LOST:
+ return SendMessageResult::BUSY;
+ case CEC_TX_STATUS_NACK:
+ return SendMessageResult::NACK;
+ default:
+ return SendMessageResult::FAIL;
+ }
+}
+
+Return<void> HdmiCecDefault::setCallback(const sp<IHdmiCecCallback>& callback) {
+ if (mCallback != nullptr) {
+ mCallback->unlinkToDeath(this);
+ mCallback = nullptr;
+ }
+
+ if (callback != nullptr) {
+ mCallback = callback;
+ mCallback->linkToDeath(this, 0 /*cookie*/);
+ }
+ return Void();
+}
+
+Return<int32_t> HdmiCecDefault::getCecVersion() {
+ return property_get_int32("ro.hdmi.cec_version", CEC_OP_CEC_VERSION_1_4);
+}
+
+Return<uint32_t> HdmiCecDefault::getVendorId() {
+ return property_get_int32("ro.hdmi.vendor_id", 0x000c03 /* HDMI LLC vendor ID */);
+}
+
+Return<void> HdmiCecDefault::getPortInfo(getPortInfo_cb callback) {
+ uint16_t addr;
+ int ret = ioctl(mCecFd, CEC_ADAP_G_PHYS_ADDR, &addr);
+ if (ret) {
+ LOG(ERROR) << "Get port info failed, Error = " << strerror(errno);
+ }
+
+ unsigned int type = property_get_int32("ro.hdmi.device_type", CEC_DEVICE_PLAYBACK);
+ hidl_vec<HdmiPortInfo> portInfos(1);
+ portInfos[0] = {.type = (type == CEC_DEVICE_TV ? HdmiPortType::INPUT : HdmiPortType::OUTPUT),
+ .portId = 1,
+ .cecSupported = true,
+ .arcSupported = false,
+ .physicalAddress = addr};
+ callback(portInfos);
+ return Void();
+}
+
+Return<void> HdmiCecDefault::setOption(OptionKey key, bool value) {
+ switch (key) {
+ case OptionKey::ENABLE_CEC:
+ LOG(DEBUG) << "setOption: Enable CEC: " << value;
+ mCecEnabled = value;
+ break;
+ case OptionKey::WAKEUP:
+ LOG(DEBUG) << "setOption: WAKEUP: " << value;
+ mWakeupEnabled = value;
+ break;
+ default:
+ break;
+ }
+ return Void();
+}
+
+Return<void> HdmiCecDefault::setLanguage(const hidl_string& /*language*/) {
+ return Void();
+}
+
+Return<void> HdmiCecDefault::enableAudioReturnChannel(int32_t /*portId*/, bool /*enable*/) {
+ return Void();
+}
+
+Return<bool> HdmiCecDefault::isConnected(int32_t /*portId*/) {
+ uint16_t addr;
+ int ret = ioctl(mCecFd, CEC_ADAP_G_PHYS_ADDR, &addr);
+ if (ret) {
+ LOG(ERROR) << "Is connected failed, Error = " << strerror(errno);
+ return false;
+ }
+ if (addr == CEC_PHYS_ADDR_INVALID) {
+ return false;
+ }
+ return true;
+}
+
+// Initialise the cec file descriptor
+Return<Result> HdmiCecDefault::init() {
+ const char* path = "/dev/cec0";
+ mCecFd = open(path, O_RDWR);
+ if (mCecFd < 0) {
+ LOG(ERROR) << "Failed to open " << path << ", Error = " << strerror(errno);
+ return Result::FAILURE_NOT_SUPPORTED;
+ }
+ mExitFd = eventfd(0, EFD_NONBLOCK);
+ if (mExitFd < 0) {
+ LOG(ERROR) << "Failed to open eventfd, Error = " << strerror(errno);
+ release();
+ return Result::FAILURE_NOT_SUPPORTED;
+ }
+
+ // Ensure the CEC device supports required capabilities
+ struct cec_caps caps = {};
+ int ret = ioctl(mCecFd, CEC_ADAP_G_CAPS, &caps);
+ if (ret) {
+ LOG(ERROR) << "Unable to query cec adapter capabilities, Error = " << strerror(errno);
+ release();
+ return Result::FAILURE_NOT_SUPPORTED;
+ }
+
+ if (!(caps.capabilities & (CEC_CAP_LOG_ADDRS | CEC_CAP_TRANSMIT | CEC_CAP_PASSTHROUGH))) {
+ LOG(ERROR) << "Wrong cec adapter capabilities " << caps.capabilities;
+ release();
+ return Result::FAILURE_NOT_SUPPORTED;
+ }
+
+ uint32_t mode = CEC_MODE_INITIATOR | CEC_MODE_EXCL_FOLLOWER_PASSTHRU;
+ ret = ioctl(mCecFd, CEC_S_MODE, &mode);
+ if (ret) {
+ LOG(ERROR) << "Unable to set initiator mode, Error = " << strerror(errno);
+ release();
+ return Result::FAILURE_NOT_SUPPORTED;
+ }
+
+ /* thread loop for receiving cec messages and hotplug events*/
+ if (pthread_create(&mEventThread, NULL, event_thread, NULL)) {
+ LOG(ERROR) << "Can't create event thread: " << strerror(errno);
+ release();
+ return Result::FAILURE_NOT_SUPPORTED;
+ }
+
+ mCecEnabled = true;
+ mWakeupEnabled = true;
+ return Result::SUCCESS;
+}
+
+Return<void> HdmiCecDefault::release() {
+ if (mExitFd > 0) {
+ uint64_t tmp = 1;
+ write(mExitFd, &tmp, sizeof(tmp));
+ pthread_join(mEventThread, NULL);
+ }
+ if (mExitFd > 0) {
+ close(mExitFd);
+ }
+ if (mCecFd > 0) {
+ close(mCecFd);
+ }
+ mCecEnabled = false;
+ mWakeupEnabled = false;
+ setCallback(nullptr);
+ return Void();
+}
+
+void* HdmiCecDefault::event_thread(void*) {
+ struct pollfd ufds[3] = {
+ {mCecFd, POLLIN, 0},
+ {mCecFd, POLLERR, 0},
+ {mExitFd, POLLIN, 0},
+ };
+
+ while (1) {
+ ufds[0].revents = 0;
+ ufds[1].revents = 0;
+ ufds[2].revents = 0;
+
+ int ret = poll(ufds, /* size(ufds) = */ 3, /* timeout = */ -1);
+
+ if (ret <= 0) {
+ continue;
+ }
+
+ if (ufds[2].revents == POLLIN) { /* Exit */
+ break;
+ }
+
+ if (ufds[1].revents == POLLERR) { /* CEC Event */
+ struct cec_event ev;
+ ret = ioctl(mCecFd, CEC_DQEVENT, &ev);
+
+ if (!mCecEnabled) {
+ continue;
+ }
+
+ if (ret) {
+ LOG(ERROR) << "CEC_DQEVENT failed, Error = " << strerror(errno);
+ continue;
+ }
+
+ if (ev.event == CEC_EVENT_STATE_CHANGE) {
+ if (mCallback != nullptr) {
+ HotplugEvent hotplugEvent{
+ .connected = (ev.state_change.phys_addr != CEC_PHYS_ADDR_INVALID),
+ .portId = 1};
+ mCallback->onHotplugEvent(hotplugEvent);
+ } else {
+ LOG(ERROR) << "No event callback for hotplug";
+ }
+ }
+ }
+
+ if (ufds[0].revents == POLLIN) { /* CEC Driver */
+ struct cec_msg msg = {};
+ ret = ioctl(mCecFd, CEC_RECEIVE, &msg);
+
+ if (!mCecEnabled) {
+ continue;
+ }
+
+ if (ret) {
+ LOG(ERROR) << "CEC_RECEIVE failed, Error = " << strerror(errno);
+ continue;
+ }
+
+ if (msg.rx_status != CEC_RX_STATUS_OK) {
+ LOG(ERROR) << "msg rx_status = " << msg.rx_status;
+ continue;
+ }
+
+ if (!mWakeupEnabled && isWakeupMessage(msg)) {
+ LOG(DEBUG) << "Filter wakeup message";
+ continue;
+ }
+
+ if (mCallback != nullptr) {
+ size_t length = std::min(msg.len - 1, (uint32_t)MaxLength::MESSAGE_BODY);
+ CecMessage cecMessage{
+ .initiator = static_cast<CecLogicalAddress>(msg.msg[0] >> 4),
+ .destination = static_cast<CecLogicalAddress>(msg.msg[0] & 0xf),
+ };
+ cecMessage.body.resize(length);
+ for (size_t i = 0; i < length; ++i) {
+ cecMessage.body[i] = static_cast<uint8_t>(msg.msg[i + 1]);
+ }
+ mCallback->onCecMessage(cecMessage);
+ } else {
+ LOG(ERROR) << "no event callback for message";
+ }
+ }
+ }
+ return NULL;
+}
+
+int HdmiCecDefault::getOpcode(struct cec_msg message) {
+ return (static_cast<uint8_t>(message.msg[1]) & 0xff);
+}
+
+bool HdmiCecDefault::isWakeupMessage(struct cec_msg message) {
+ int opcode = getOpcode(message);
+ switch (opcode) {
+ case CEC_MESSAGE_TEXT_VIEW_ON:
+ case CEC_MESSAGE_IMAGE_VIEW_ON:
+ return true;
+ default:
+ return false;
+ }
+}
+
+} // namespace implementation
+} // namespace V1_0
+} // namespace cec
+} // namespace tv
+} // namespace hardware
+} // namespace android
diff --git a/tv/cec/1.0/default/HdmiCecDefault.h b/tv/cec/1.0/default/HdmiCecDefault.h
new file mode 100644
index 0000000..c1bb2c7
--- /dev/null
+++ b/tv/cec/1.0/default/HdmiCecDefault.h
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <android/hardware/tv/cec/1.0/IHdmiCec.h>
+#include <hardware/hdmi_cec.h>
+
+namespace android {
+namespace hardware {
+namespace tv {
+namespace cec {
+namespace V1_0 {
+namespace implementation {
+
+struct HdmiCecDefault : public IHdmiCec, public hidl_death_recipient {
+ HdmiCecDefault();
+ ~HdmiCecDefault();
+ // Methods from ::android::hardware::tv::cec::V1_0::IHdmiCec follow.
+ Return<Result> addLogicalAddress(CecLogicalAddress addr) override;
+ Return<void> clearLogicalAddress() override;
+ Return<void> getPhysicalAddress(getPhysicalAddress_cb _hidl_cb) override;
+ Return<SendMessageResult> sendMessage(const CecMessage& message) override;
+ Return<void> setCallback(const sp<IHdmiCecCallback>& callback) override;
+ Return<int32_t> getCecVersion() override;
+ Return<uint32_t> getVendorId() override;
+ Return<void> getPortInfo(getPortInfo_cb _hidl_cb) override;
+ Return<void> setOption(OptionKey key, bool value) override;
+ Return<void> setLanguage(const hidl_string& language) override;
+ Return<void> enableAudioReturnChannel(int32_t portId, bool enable) override;
+ Return<bool> isConnected(int32_t portId) override;
+
+ virtual void serviceDied(uint64_t, const wp<::android::hidl::base::V1_0::IBase>&) {
+ setCallback(nullptr);
+ }
+
+ Return<Result> init();
+ Return<void> release();
+ static void* event_thread(void*);
+ static int getOpcode(struct cec_msg message);
+ static bool isWakeupMessage(struct cec_msg message);
+};
+
+} // namespace implementation
+} // namespace V1_0
+} // namespace cec
+} // namespace tv
+} // namespace hardware
+} // namespace android
diff --git a/tv/cec/1.0/default/OWNERS b/tv/cec/1.0/default/OWNERS
new file mode 100644
index 0000000..c1d3f1d
--- /dev/null
+++ b/tv/cec/1.0/default/OWNERS
@@ -0,0 +1 @@
+include platform/frameworks/base:/core/java/android/hardware/hdmi/OWNERS
diff --git a/vibrator/aidl/default/Android.bp b/vibrator/aidl/default/Android.bp
index 0f9850f..2f38d26 100644
--- a/vibrator/aidl/default/Android.bp
+++ b/vibrator/aidl/default/Android.bp
@@ -13,7 +13,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.vibrator-V1-ndk_platform",
+ "android.hardware.vibrator-V1-ndk",
],
export_include_dirs: ["include"],
srcs: ["Vibrator.cpp"],
@@ -32,7 +32,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "android.hardware.vibrator-V1-ndk_platform",
+ "android.hardware.vibrator-V1-ndk",
],
static_libs: [
"libvibratorexampleimpl",
diff --git a/vibrator/aidl/default/Vibrator.cpp b/vibrator/aidl/default/Vibrator.cpp
index c446afd..322833b 100644
--- a/vibrator/aidl/default/Vibrator.cpp
+++ b/vibrator/aidl/default/Vibrator.cpp
@@ -125,6 +125,11 @@
ndk::ScopedAStatus Vibrator::getPrimitiveDuration(CompositePrimitive primitive,
int32_t* durationMs) {
+ std::vector<CompositePrimitive> supported;
+ getSupportedPrimitives(&supported);
+ if (std::find(supported.begin(), supported.end(), primitive) == supported.end()) {
+ return ndk::ScopedAStatus::fromExceptionCode(EX_UNSUPPORTED_OPERATION);
+ }
if (primitive != CompositePrimitive::NOOP) {
*durationMs = 100;
} else {
diff --git a/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp b/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
index e51f594..4364df2 100644
--- a/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
+++ b/vibrator/aidl/vts/VtsHalVibratorTargetTest.cpp
@@ -55,9 +55,12 @@
android::enum_range<CompositePrimitive>().begin(),
android::enum_range<CompositePrimitive>().end()};
-const std::vector<CompositePrimitive> kOptionalPrimitives = {
- CompositePrimitive::THUD,
- CompositePrimitive::SPIN,
+const std::vector<CompositePrimitive> kRequiredPrimitives = {
+ CompositePrimitive::CLICK,
+ CompositePrimitive::LIGHT_TICK,
+ CompositePrimitive::QUICK_RISE,
+ CompositePrimitive::SLOW_RISE,
+ CompositePrimitive::QUICK_FALL,
};
const std::vector<CompositePrimitive> kInvalidPrimitives = {
@@ -274,11 +277,11 @@
for (auto primitive : kCompositePrimitives) {
bool isPrimitiveSupported =
std::find(supported.begin(), supported.end(), primitive) != supported.end();
- bool isPrimitiveOptional =
- std::find(kOptionalPrimitives.begin(), kOptionalPrimitives.end(), primitive) !=
- kOptionalPrimitives.end();
+ bool isPrimitiveRequired =
+ std::find(kRequiredPrimitives.begin(), kRequiredPrimitives.end(), primitive) !=
+ kRequiredPrimitives.end();
- EXPECT_TRUE(isPrimitiveSupported || isPrimitiveOptional) << toString(primitive);
+ EXPECT_TRUE(isPrimitiveSupported || !isPrimitiveRequired) << toString(primitive);
}
}
}
diff --git a/weaver/aidl/default/Android.bp b/weaver/aidl/default/Android.bp
index 37a9c94..70d9171 100644
--- a/weaver/aidl/default/Android.bp
+++ b/weaver/aidl/default/Android.bp
@@ -34,7 +34,7 @@
"Weaver.cpp",
],
shared_libs: [
- "android.hardware.weaver-V1-ndk_platform",
+ "android.hardware.weaver-V1-ndk",
"libbase",
"libbinder_ndk",
],
diff --git a/weaver/aidl/vts/Android.bp b/weaver/aidl/vts/Android.bp
index 8dec4c1..cf1661c 100644
--- a/weaver/aidl/vts/Android.bp
+++ b/weaver/aidl/vts/Android.bp
@@ -34,7 +34,7 @@
"libbinder_ndk",
"libbase",
],
- static_libs: ["android.hardware.weaver-V1-ndk_platform"],
+ static_libs: ["android.hardware.weaver-V1-ndk"],
test_suites: [
"general-tests",
"vts",
diff --git a/wifi/1.4/default/wifi.h b/wifi/1.4/default/wifi.h
index 087d6f7..eac0aac 100644
--- a/wifi/1.4/default/wifi.h
+++ b/wifi/1.4/default/wifi.h
@@ -17,11 +17,15 @@
#ifndef WIFI_H_
#define WIFI_H_
-#include <functional>
+// HACK: NAN is a macro defined in math.h, which can be included in various
+// headers. This wifi HAL uses an enum called NAN, which does not compile when
+// the macro is defined. Undefine NAN to work around it.
+#undef NAN
+#include <android/hardware/wifi/1.4/IWifi.h>
#include <android-base/macros.h>
-#include <android/hardware/wifi/1.4/IWifi.h>
#include <utils/Looper.h>
+#include <functional>
#include "hidl_callback_util.h"
#include "wifi_chip.h"
diff --git a/wifi/hostapd/aidl/Android.bp b/wifi/hostapd/aidl/Android.bp
new file mode 100644
index 0000000..75758ea
--- /dev/null
+++ b/wifi/hostapd/aidl/Android.bp
@@ -0,0 +1,37 @@
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+aidl_interface {
+ name: "android.hardware.wifi.hostapd",
+ vendor_available: true,
+ srcs: [
+ "android/hardware/wifi/hostapd/*.aidl",
+ ],
+ stability: "vintf",
+ backend: {
+ java: {
+ sdk_version: "module_current",
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.wifi",
+ ],
+ min_sdk_version: "30",
+ },
+ ndk: {
+ vndk: {
+ enabled: true,
+ },
+ },
+ },
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ApInfo.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ApInfo.aidl
new file mode 100644
index 0000000..bdbaadd
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ApInfo.aidl
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+parcelable ApInfo {
+ String ifaceName;
+ String apIfaceInstance;
+ int freqMhz;
+ android.hardware.wifi.hostapd.Bandwidth bandwidth;
+ android.hardware.wifi.hostapd.Generation generation;
+ byte[] apIfaceInstanceMacAddress;
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/BandMask.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/BandMask.aidl
new file mode 100644
index 0000000..b1e7f66
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/BandMask.aidl
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum BandMask {
+ BAND_2_GHZ = 1,
+ BAND_5_GHZ = 2,
+ BAND_6_GHZ = 4,
+ BAND_60_GHZ = 8,
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Bandwidth.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Bandwidth.aidl
new file mode 100644
index 0000000..890d986
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Bandwidth.aidl
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum Bandwidth {
+ BANDWIDTH_INVALID = 0,
+ BANDWIDTH_20_NOHT = 1,
+ BANDWIDTH_20 = 2,
+ BANDWIDTH_40 = 3,
+ BANDWIDTH_80 = 4,
+ BANDWIDTH_80P80 = 5,
+ BANDWIDTH_160 = 6,
+ BANDWIDTH_2160 = 7,
+ BANDWIDTH_4320 = 8,
+ BANDWIDTH_6480 = 9,
+ BANDWIDTH_8640 = 10,
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ChannelParams.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ChannelParams.aidl
new file mode 100644
index 0000000..43a9ada
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ChannelParams.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+parcelable ChannelParams {
+ android.hardware.wifi.hostapd.BandMask bandMask;
+ android.hardware.wifi.hostapd.FrequencyRange[] acsChannelFreqRangesMhz;
+ boolean enableAcs;
+ boolean acsShouldExcludeDfs;
+ int channel;
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ClientInfo.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ClientInfo.aidl
new file mode 100644
index 0000000..c4d62b6
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ClientInfo.aidl
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+parcelable ClientInfo {
+ String ifaceName;
+ String apIfaceInstance;
+ byte[] clientAddress;
+ boolean isConnected;
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/DebugLevel.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/DebugLevel.aidl
new file mode 100644
index 0000000..9795211
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/DebugLevel.aidl
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum DebugLevel {
+ EXCESSIVE = 0,
+ MSGDUMP = 1,
+ DEBUG = 2,
+ INFO = 3,
+ WARNING = 4,
+ ERROR = 5,
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/EncryptionType.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/EncryptionType.aidl
new file mode 100644
index 0000000..cec0c14
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/EncryptionType.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum EncryptionType {
+ NONE = 0,
+ WPA = 1,
+ WPA2 = 2,
+ WPA3_SAE_TRANSITION = 3,
+ WPA3_SAE = 4,
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/FrequencyRange.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/FrequencyRange.aidl
new file mode 100644
index 0000000..1185143
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/FrequencyRange.aidl
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+parcelable FrequencyRange {
+ int startMhz;
+ int endMhz;
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Generation.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Generation.aidl
new file mode 100644
index 0000000..6b60d17
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Generation.aidl
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum Generation {
+ WIFI_STANDARD_UNKNOWN = -1,
+ WIFI_STANDARD_LEGACY = 0,
+ WIFI_STANDARD_11N = 1,
+ WIFI_STANDARD_11AC = 2,
+ WIFI_STANDARD_11AX = 3,
+ WIFI_STANDARD_11AD = 4,
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/HostapdStatusCode.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/HostapdStatusCode.aidl
new file mode 100644
index 0000000..548e497
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/HostapdStatusCode.aidl
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum HostapdStatusCode {
+ SUCCESS = 0,
+ FAILURE_UNKNOWN = 1,
+ FAILURE_ARGS_INVALID = 2,
+ FAILURE_IFACE_UNKNOWN = 3,
+ FAILURE_IFACE_EXISTS = 4,
+ FAILURE_CLIENT_UNKNOWN = 5,
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/HwModeParams.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/HwModeParams.aidl
new file mode 100644
index 0000000..844c838
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/HwModeParams.aidl
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+parcelable HwModeParams {
+ boolean enable80211N;
+ boolean enable80211AC;
+ boolean enable80211AX;
+ boolean enable6GhzBand;
+ boolean enableHeSingleUserBeamformer;
+ boolean enableHeSingleUserBeamformee;
+ boolean enableHeMultiUserBeamformer;
+ boolean enableHeTargetWakeTime;
+ boolean enableEdmg;
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IHostapd.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IHostapd.aidl
new file mode 100644
index 0000000..ff941fd
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IHostapd.aidl
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+interface IHostapd {
+ void addAccessPoint(in android.hardware.wifi.hostapd.IfaceParams ifaceParams, in android.hardware.wifi.hostapd.NetworkParams nwParams);
+ void forceClientDisconnect(in String ifaceName, in byte[] clientAddress, in android.hardware.wifi.hostapd.Ieee80211ReasonCode reasonCode);
+ void registerCallback(in android.hardware.wifi.hostapd.IHostapdCallback callback);
+ void removeAccessPoint(in String ifaceName);
+ void setDebugParams(in android.hardware.wifi.hostapd.DebugLevel level);
+ oneway void terminate();
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IHostapdCallback.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IHostapdCallback.aidl
new file mode 100644
index 0000000..36d2104
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IHostapdCallback.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+interface IHostapdCallback {
+ oneway void onApInstanceInfoChanged(in android.hardware.wifi.hostapd.ApInfo apInfo);
+ oneway void onConnectedClientsChanged(in android.hardware.wifi.hostapd.ClientInfo clientInfo);
+ oneway void onFailure(in String ifaceName);
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Ieee80211ReasonCode.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Ieee80211ReasonCode.aidl
new file mode 100644
index 0000000..99879b5
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/Ieee80211ReasonCode.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum Ieee80211ReasonCode {
+ WLAN_REASON_UNSPECIFIED = 1,
+ WLAN_REASON_PREV_AUTH_NOT_VALID = 2,
+ WLAN_REASON_DISASSOC_AP_BUSY = 5,
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IfaceParams.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IfaceParams.aidl
new file mode 100644
index 0000000..0c88a39
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/IfaceParams.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+parcelable IfaceParams {
+ String name;
+ android.hardware.wifi.hostapd.HwModeParams hwModeParams;
+ android.hardware.wifi.hostapd.ChannelParams[] channelParams;
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/NetworkParams.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/NetworkParams.aidl
new file mode 100644
index 0000000..ffe2f33
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/NetworkParams.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@VintfStability
+parcelable NetworkParams {
+ byte[] ssid;
+ boolean isHidden;
+ android.hardware.wifi.hostapd.EncryptionType encryptionType;
+ String passphrase;
+ boolean isMetered;
+}
diff --git a/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ParamSizeLimits.aidl b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ParamSizeLimits.aidl
new file mode 100644
index 0000000..70f94c1
--- /dev/null
+++ b/wifi/hostapd/aidl/aidl_api/android.hardware.wifi.hostapd/current/android/hardware/wifi/hostapd/ParamSizeLimits.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.wifi.hostapd;
+@Backing(type="int") @VintfStability
+enum ParamSizeLimits {
+ SSID_MAX_LEN_IN_BYTES = 32,
+ WPA2_PSK_PASSPHRASE_MIN_LEN_IN_BYTES = 8,
+ WPA2_PSK_PASSPHRASE_MAX_LEN_IN_BYTES = 63,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ApInfo.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ApInfo.aidl
new file mode 100644
index 0000000..bf506b2
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ApInfo.aidl
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+import android.hardware.wifi.hostapd.Bandwidth;
+import android.hardware.wifi.hostapd.Generation;
+
+/**
+ * Parameters to control the channel selection for the interface.
+ */
+@VintfStability
+parcelable ApInfo {
+ /**
+ * Name of the interface which was added via |IHostapd.addAccessPoint|.
+ */
+ String ifaceName;
+
+ /**
+ * The identity of the AP instance. The interface will have two instances
+ * (e.g. 2.4 Ghz AP and 5 GHz AP) in dual AP mode.
+ * The apIfaceInstance can be used to identify which instance the callback
+ * is from.
+ * Note: The apIfaceInstance must be same as ifaceName in single AP mode.
+ */
+ String apIfaceInstance;
+
+ /**
+ * The operational frequency of the AP in Mhz.
+ */
+ int freqMhz;
+
+ /**
+ * The operational bandwidth of the AP.
+ */
+ Bandwidth bandwidth;
+
+ /**
+ * The operational mode of the AP (e.g. 11ac, 11ax).
+ */
+ Generation generation;
+
+ /**
+ * MAC Address of the apIfaceInstance.
+ */
+ byte[] apIfaceInstanceMacAddress;
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/BandMask.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/BandMask.aidl
new file mode 100644
index 0000000..0c64bd1
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/BandMask.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+@VintfStability
+@Backing(type="int")
+enum BandMask {
+ /**
+ * 2.4 GHz band.
+ */
+ BAND_2_GHZ = 1 << 0,
+ /**
+ * 5 GHz band.
+ */
+ BAND_5_GHZ = 1 << 1,
+ /**
+ * 6 GHz band.
+ */
+ BAND_6_GHZ = 1 << 2,
+ /**
+ * 60 GHz band.
+ */
+ BAND_60_GHZ = 1 << 3,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Bandwidth.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Bandwidth.aidl
new file mode 100644
index 0000000..c982402
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Bandwidth.aidl
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * The channel bandwidth of the AP.
+ */
+@VintfStability
+@Backing(type="int")
+enum Bandwidth {
+ BANDWIDTH_INVALID = 0,
+ BANDWIDTH_20_NOHT = 1,
+ BANDWIDTH_20 = 2,
+ BANDWIDTH_40 = 3,
+ BANDWIDTH_80 = 4,
+ BANDWIDTH_80P80 = 5,
+ BANDWIDTH_160 = 6,
+ BANDWIDTH_2160 = 7,
+ BANDWIDTH_4320 = 8,
+ BANDWIDTH_6480 = 9,
+ BANDWIDTH_8640 = 10,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ChannelParams.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ChannelParams.aidl
new file mode 100644
index 0000000..b2e0c81
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ChannelParams.aidl
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+import android.hardware.wifi.hostapd.BandMask;
+import android.hardware.wifi.hostapd.FrequencyRange;
+
+/**
+ * Parameters to control the channel selection for the interface.
+ */
+@VintfStability
+parcelable ChannelParams {
+ /**
+ * Band to use for the SoftAp operations.
+ */
+ BandMask bandMask;
+ /**
+ * This option can be used to specify the channel frequencies (in MHz) selected by ACS.
+ * If this is an empty list, all channels allowed in selected HW mode
+ * are specified implicitly.
+ * Note: channels may be overridden by firmware.
+ * Note: this option is ignored if ACS is disabled.
+ */
+ FrequencyRange[] acsChannelFreqRangesMhz;
+ /**
+ * Whether to enable ACS (Automatic Channel Selection) or not.
+ * The channel can be selected automatically at run time by setting
+ * this flag, which must enable the ACS survey based algorithm.
+ */
+ boolean enableAcs;
+ /**
+ * This option can be used to exclude all DFS channels from the ACS
+ * channel list in cases where the driver supports DFS channels.
+ **/
+ boolean acsShouldExcludeDfs;
+ /**
+ * Channel number (IEEE 802.11) to use for the interface.
+ * If ACS is enabled, this field is ignored.
+ *
+ * If |enableEdmg| is true, the channel must be set. Refer to
+ * P802.11ay_D4.0 29.3.4.
+ */
+ int channel;
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ClientInfo.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ClientInfo.aidl
new file mode 100644
index 0000000..7bed658
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ClientInfo.aidl
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * Parameters to control the channel selection for the interface.
+ */
+@VintfStability
+parcelable ClientInfo {
+ /**
+ * Name of the interface which was added via |IHostapd.addAccessPoint|.
+ */
+ String ifaceName;
+
+ /**
+ * The identity of the AP instance. The interface will have two instances in dual AP mode.
+ * The apIfaceInstance can be used to identify which instance the callback is from.
+ * Note: The apIfaceInstance must be same as ifaceName in single AP mode.
+ */
+ String apIfaceInstance;
+
+ /**
+ * MAC Address of hotspot client.
+ */
+ byte[] clientAddress;
+
+ /**
+ * True when client connected, false when client disconnected.
+ */
+ boolean isConnected;
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/DebugLevel.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/DebugLevel.aidl
new file mode 100644
index 0000000..5187729
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/DebugLevel.aidl
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * Debug levels for the hostapd.
+ * Only log messages with a level greater than the set level
+ * (via |setDebugParams|) will be logged.
+ */
+@VintfStability
+@Backing(type="int")
+enum DebugLevel {
+ EXCESSIVE = 0,
+ MSGDUMP = 1,
+ DEBUG = 2,
+ INFO = 3,
+ WARNING = 4,
+ ERROR = 5,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/EncryptionType.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/EncryptionType.aidl
new file mode 100644
index 0000000..bfc634d
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/EncryptionType.aidl
@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+import android.hardware.wifi.hostapd.EncryptionType;
+
+/**
+ * Possible Security types.
+ */
+@VintfStability
+@Backing(type="int")
+enum EncryptionType {
+ NONE,
+ WPA,
+ WPA2,
+ WPA3_SAE_TRANSITION,
+ WPA3_SAE,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/FrequencyRange.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/FrequencyRange.aidl
new file mode 100644
index 0000000..81f6744
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/FrequencyRange.aidl
@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * Parameters to specify the channel frequency range.
+ */
+@VintfStability
+parcelable FrequencyRange {
+ /**
+ * Channel Frequency (in MHz) at the start of the range.
+ */
+ int startMhz;
+ /**
+ * Channel Frequency (in MHz) at the end of the range.
+ */
+ int endMhz;
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Generation.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Generation.aidl
new file mode 100644
index 0000000..2cda55b
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Generation.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * The wifi operational mode of the AP.
+ * It depends on hw mode and HT/VHT capabilities in hostapd.
+ *
+ * WIFI_STANDARD_LEGACY = (hw_mode is HOSTAPD_MODE_IEEE80211B) or
+ * (hw_mode is HOSTAPD_MODE_IEEE80211G and HT is 0).
+ * WIFI_STANDARD_11N = [hw_mode is HOSTAPD_MODE_IEEE80211G and (HT is 1 or HT40 is 1)] or
+ * [hw_mode is HOSTAPD_MODE_IEEE80211A and VHT is 0].
+ * WIFI_STANDARD_11AC = hw_mode is HOSTAPD_MODE_IEEE80211A and VHT is 1.
+ * WIFI_STANDARD_11AX = hw_mode is HOSTAPD_MODE_IEEE80211A and High Efficiency supported.
+ * WIFI_STANDARD_11AD = hw_mode is HOSTAPD_MODE_IEEE80211AD.
+ */
+@VintfStability
+@Backing(type="int")
+enum Generation {
+ WIFI_STANDARD_UNKNOWN = -1,
+ WIFI_STANDARD_LEGACY = 0,
+ WIFI_STANDARD_11N = 1,
+ WIFI_STANDARD_11AC = 2,
+ WIFI_STANDARD_11AX = 3,
+ WIFI_STANDARD_11AD = 4,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/HostapdStatusCode.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/HostapdStatusCode.aidl
new file mode 100644
index 0000000..87f1453
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/HostapdStatusCode.aidl
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * Enum values indicating the status of any hostapd operation.
+ */
+@VintfStability
+@Backing(type="int")
+enum HostapdStatusCode {
+ /**
+ * No errors.
+ */
+ SUCCESS,
+ /**
+ * Unknown failure occurred.
+ */
+ FAILURE_UNKNOWN,
+ /**
+ * One or more of the incoming args is invalid.
+ */
+ FAILURE_ARGS_INVALID,
+ /**
+ * Interface with the provided name does not exist.
+ */
+ FAILURE_IFACE_UNKNOWN,
+ /**
+ * Interface with the provided name already exists.
+ */
+ FAILURE_IFACE_EXISTS,
+ /**
+ * Failure because the client is unknown.
+ */
+ FAILURE_CLIENT_UNKNOWN,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/HwModeParams.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/HwModeParams.aidl
new file mode 100644
index 0000000..210e99f
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/HwModeParams.aidl
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * Parameters to control the HW mode for the interface.
+ */
+@VintfStability
+parcelable HwModeParams {
+ /**
+ * Whether IEEE 802.11n (HT) is enabled or not.
+ * Note: hwMode=G (2.4 GHz) and hwMode=A (5 GHz) is used to specify
+ * the band.
+ */
+ boolean enable80211N;
+ /**
+ * Whether IEEE 802.11ac (VHT) is enabled or not.
+ * Note: hw_mode=a is used to specify that 5 GHz band is used with VHT.
+ */
+ boolean enable80211AC;
+ /**
+ * Whether IEEE 802.11ax (High Efficiency) is enabled or not.
+ * Note: hw_mode=a is used to specify that 5 GHz band or 6 GHz band is
+ * used with High Efficiency.
+ */
+ boolean enable80211AX;
+ /**
+ * Whether 6GHz band enabled or not on softAp.
+ * Note: hw_mode=a is used to specify that 5 GHz band or 6 GHz band is
+ * used.
+ */
+ boolean enable6GhzBand;
+ /**
+ * Whether High Efficiency single user beamformer in enabled or not on softAp.
+ * Note: this is only applicable if 802.11ax is supported for softAp
+ */
+ boolean enableHeSingleUserBeamformer;
+ /**
+ * Whether High Efficiency single user beamformee is enabled or not on softAp.
+ * Note: this is only applicable if 802.11ax is supported for softAp
+ */
+ boolean enableHeSingleUserBeamformee;
+ /**
+ * Whether High Efficiency multiple user beamformer is enabled or not on softAp.
+ * Note: this is only applicable if 802.11ax is supported for softAp
+ */
+ boolean enableHeMultiUserBeamformer;
+ /**
+ * Whether High Efficiency Target Wait Time (TWT) is enabled or not on softAp.
+ * Note: this is only applicable if 802.11ax is supported for softAp
+ */
+ boolean enableHeTargetWakeTime;
+ /**
+ * Enable EDMG (802.11ay), this option is only allowed for the 60GHz band.
+ */
+ boolean enableEdmg;
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IHostapd.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IHostapd.aidl
new file mode 100644
index 0000000..d2f4795
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IHostapd.aidl
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+import android.hardware.wifi.hostapd.BandMask;
+import android.hardware.wifi.hostapd.ChannelParams;
+import android.hardware.wifi.hostapd.DebugLevel;
+import android.hardware.wifi.hostapd.HwModeParams;
+import android.hardware.wifi.hostapd.IHostapdCallback;
+import android.hardware.wifi.hostapd.Ieee80211ReasonCode;
+import android.hardware.wifi.hostapd.IfaceParams;
+import android.hardware.wifi.hostapd.NetworkParams;
+
+/**
+ * Top-level interface for managing SoftAPs.
+ */
+@VintfStability
+interface IHostapd {
+ /**
+ * Adds a new access point for hostapd to control.
+ *
+ * This should trigger the setup of an access point with the specified
+ * interface and network params.
+ *
+ * @param ifaceParams AccessPoint Params for the access point.
+ * @param nwParams Network Params for the access point.
+ * @throws ServiceSpecificException with one of the following values:
+ * |HostapdStatusCode.FAILURE_ARGS_INVALID|,
+ * |HostapdStatusCode.FAILURE_UNKNOWN|,
+ * |HostapdStatusCode.FAILURE_IFACE_EXISTS|
+ */
+ void addAccessPoint(in IfaceParams ifaceParams, in NetworkParams nwParams);
+
+ /**
+ * Force one of the hotspot clients to disconnect.
+ *
+ * @param ifaceName Name of the interface.
+ * @param clientAddress MAC Address of the hotspot client.
+ * @param reasonCode One of disconnect reason code defined by 802.11.
+ * @throws ServiceSpecificException with one of the following values:
+ * |HostapdStatusCode.FAILURE_IFACE_UNKNOWN|,
+ * |HostapdStatusCode.FAILURE_CLIENT_UNKNOWN|
+ */
+ void forceClientDisconnect(
+ in String ifaceName, in byte[] clientAddress, in Ieee80211ReasonCode reasonCode);
+
+ /**
+ * Register for callbacks from the hostapd service.
+ *
+ * These callbacks are invoked for global events that are not specific
+ * to any interface or network. Registration of multiple callback
+ * objects is supported. These objects must be deleted when the corresponding
+ * client process is dead.
+ *
+ * @param callback An instance of the |IHostapdCallback| AIDL interface
+ * object.
+ * @throws ServiceSpecificException with one of the following values:
+ * |HostapdStatusCode.FAILURE_UNKNOWN|
+ */
+ void registerCallback(in IHostapdCallback callback);
+
+ /**
+ * Removes an existing access point from hostapd.
+ *
+ * This must bring down the access point previously set up on the
+ * interface.
+ *
+ * @param ifaceName Name of the interface.
+ * @throws ServiceSpecificException with one of the following values:
+ * |HostapdStatusCode.FAILURE_UNKNOWN|,
+ * |HostapdStatusCode.FAILURE_IFACE_UNKNOWN|
+ */
+ void removeAccessPoint(in String ifaceName);
+
+ /**
+ * Set debug parameters for the hostapd.
+ *
+ * @param level Debug logging level for the hostapd.
+ * (one of |DebugLevel| values).
+ * @throws ServiceSpecificException with one of the following values:
+ * |HostapdStatusCode.FAILURE_UNKNOWN|
+ */
+ void setDebugParams(in DebugLevel level);
+
+ /**
+ * Terminate the service.
+ * This must de-register the service and clear all states. If this HAL
+ * supports the lazy HAL protocol, then this may trigger daemon to exit and
+ * wait to be restarted.
+ */
+ oneway void terminate();
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IHostapdCallback.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IHostapdCallback.aidl
new file mode 100644
index 0000000..7b04944
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IHostapdCallback.aidl
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+import android.hardware.wifi.hostapd.ApInfo;
+import android.hardware.wifi.hostapd.ClientInfo;
+
+/**
+ * Top-level callback interface for managing SoftAPs.
+ */
+@VintfStability
+interface IHostapdCallback {
+ /**
+ * Invoked when information changes for one of the AP instances.
+ *
+ * @param apInfo AP information of the instance changed.
+ */
+ oneway void onApInstanceInfoChanged(in ApInfo apInfo);
+
+ /**
+ * Invoked when a client connects/disconnects from the hotspot.
+ *
+ */
+ oneway void onConnectedClientsChanged(in ClientInfo clientInfo);
+
+ /**
+ * Invoked when an asynchronous failure is encountered in one of the access
+ * points added via |IHostapd.addAccessPoint|.
+ *
+ * @param ifaceName Name of the interface.
+ */
+ oneway void onFailure(in String ifaceName);
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Ieee80211ReasonCode.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Ieee80211ReasonCode.aidl
new file mode 100644
index 0000000..a11f44a
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/Ieee80211ReasonCode.aidl
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * Enum values indicating the reason code for disconnect packet.
+ * Reason codes (IEEE Std 802.11-2016, 9.4.1.7, Table 9-45).
+ */
+@VintfStability
+@Backing(type="int")
+enum Ieee80211ReasonCode {
+ WLAN_REASON_UNSPECIFIED = 1,
+ WLAN_REASON_PREV_AUTH_NOT_VALID = 2,
+ WLAN_REASON_DISASSOC_AP_BUSY = 5,
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IfaceParams.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IfaceParams.aidl
new file mode 100644
index 0000000..a8abec3
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/IfaceParams.aidl
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+import android.hardware.wifi.hostapd.ChannelParams;
+import android.hardware.wifi.hostapd.HwModeParams;
+
+/**
+ * Parameters to use for setting up the dual access point interfaces.
+ */
+@VintfStability
+parcelable IfaceParams {
+ /**
+ * Name of the interface
+ */
+ String name;
+ /**
+ * Additional hardware mode params for the interface
+ */
+ HwModeParams hwModeParams;
+ /**
+ * The list of the channel params for the dual interfaces.
+ */
+ ChannelParams[] channelParams;
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/NetworkParams.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/NetworkParams.aidl
new file mode 100644
index 0000000..df84eca
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/NetworkParams.aidl
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+import android.hardware.wifi.hostapd.EncryptionType;
+
+/**
+ * Parameters to use for setting up the access point network.
+ */
+@VintfStability
+parcelable NetworkParams {
+ /**
+ * SSID to set for the network
+ */
+ byte[] ssid;
+ /**
+ * Whether the network needs to be hidden or not.
+ */
+ boolean isHidden;
+ /**
+ * Key management mask for the replace encryptionType.
+ */
+ EncryptionType encryptionType;
+ /**
+ * Passphrase for WPA3_SAE network, WPA3_SAE_TRANSITION and WPA2_PSK.
+ */
+ String passphrase;
+ /**
+ * Enable the interworking service and set access network type to
+ * CHARGEABLE_PUBLIC_NETWORK when set to true.
+ */
+ boolean isMetered;
+}
diff --git a/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ParamSizeLimits.aidl b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ParamSizeLimits.aidl
new file mode 100644
index 0000000..bf34c34
--- /dev/null
+++ b/wifi/hostapd/aidl/android/hardware/wifi/hostapd/ParamSizeLimits.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.hardware.wifi.hostapd;
+
+/**
+ * Size limits for some of the params used in this interface.
+ */
+@VintfStability
+@Backing(type="int")
+enum ParamSizeLimits {
+ /**
+ * Max length of SSID param.
+ */
+ SSID_MAX_LEN_IN_BYTES = 32,
+ /**
+ * Min length of PSK passphrase param.
+ */
+ WPA2_PSK_PASSPHRASE_MIN_LEN_IN_BYTES = 8,
+ /**
+ * Max length of PSK passphrase param.
+ */
+ WPA2_PSK_PASSPHRASE_MAX_LEN_IN_BYTES = 63,
+}
diff --git a/wifi/hostapd/aidl/vts/OWNERS b/wifi/hostapd/aidl/vts/OWNERS
new file mode 100644
index 0000000..2a7a7b0
--- /dev/null
+++ b/wifi/hostapd/aidl/vts/OWNERS
@@ -0,0 +1,2 @@
+etancohen@google.com
+lzye@google.com
diff --git a/wifi/hostapd/aidl/vts/functional/Android.bp b/wifi/hostapd/aidl/vts/functional/Android.bp
new file mode 100644
index 0000000..d37da08
--- /dev/null
+++ b/wifi/hostapd/aidl/vts/functional/Android.bp
@@ -0,0 +1,27 @@
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+cc_test {
+ name: "VtsHalHostapdTargetTest",
+ defaults: [
+ "VtsHalTargetTestDefaults",
+ "use_libaidlvintf_gtest_helper_static",
+ ],
+ srcs: ["VtsHalHostapdTargetTest.cpp"],
+ shared_libs: [
+ "libbinder",
+ ],
+ static_libs: [
+ "android.hardware.wifi.hostapd-V1-cpp",
+ ],
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
+}
diff --git a/wifi/hostapd/aidl/vts/functional/VtsHalHostapdTargetTest.cpp b/wifi/hostapd/aidl/vts/functional/VtsHalHostapdTargetTest.cpp
new file mode 100644
index 0000000..92fbf50
--- /dev/null
+++ b/wifi/hostapd/aidl/vts/functional/VtsHalHostapdTargetTest.cpp
@@ -0,0 +1,417 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <VtsCoreUtil.h>
+
+#include <aidl/Gtest.h>
+#include <aidl/Vintf.h>
+#include <android/hardware/wifi/hostapd/BnHostapd.h>
+#include <binder/IServiceManager.h>
+#include <binder/ProcessState.h>
+
+using android::ProcessState;
+using android::sp;
+using android::String16;
+using android::hardware::wifi::hostapd::BandMask;
+using android::hardware::wifi::hostapd::ChannelParams;
+using android::hardware::wifi::hostapd::DebugLevel;
+using android::hardware::wifi::hostapd::EncryptionType;
+using android::hardware::wifi::hostapd::FrequencyRange;
+using android::hardware::wifi::hostapd::Ieee80211ReasonCode;
+using android::hardware::wifi::hostapd::IfaceParams;
+using android::hardware::wifi::hostapd::IHostapd;
+using android::hardware::wifi::hostapd::NetworkParams;
+
+namespace {
+const unsigned char kNwSsid[] = {'t', 'e', 's', 't', '1', '2', '3', '4', '5'};
+const String16 kIfaceName = String16("wlan0");
+const String16 kPassphrase = String16("test12345");
+const String16 kInvalidMinPassphrase = String16("test");
+const String16 kInvalidMaxPassphrase = String16(
+ "0123456789012345678901234567890123456789012345678901234567890123456789");
+const int kIfaceChannel = 6;
+const int kIfaceInvalidChannel = 567;
+const std::vector<uint8_t> kTestZeroMacAddr(6, 0x0);
+const Ieee80211ReasonCode kTestDisconnectReasonCode =
+ Ieee80211ReasonCode::WLAN_REASON_UNSPECIFIED;
+
+inline BandMask operator|(BandMask a, BandMask b) {
+ return static_cast<BandMask>(static_cast<int32_t>(a) |
+ static_cast<int32_t>(b));
+}
+} // namespace
+
+class HostapdAidl : public testing::TestWithParam<std::string> {
+ public:
+ virtual void SetUp() override {
+ hostapd = android::waitForDeclaredService<IHostapd>(
+ String16(GetParam().c_str()));
+ ASSERT_NE(hostapd, nullptr);
+ EXPECT_TRUE(hostapd->setDebugParams(DebugLevel::EXCESSIVE).isOk());
+ isAcsSupport = testing::checkSubstringInCommandOutput(
+ "/system/bin/cmd wifi get-softap-supported-features",
+ "wifi_softap_acs_supported");
+ isWpa3SaeSupport = testing::checkSubstringInCommandOutput(
+ "/system/bin/cmd wifi get-softap-supported-features",
+ "wifi_softap_wpa3_sae_supported");
+ isBridgedSupport = testing::checkSubstringInCommandOutput(
+ "/system/bin/cmd wifi get-softap-supported-features",
+ "wifi_softap_bridged_ap_supported");
+ }
+
+ virtual void TearDown() override {
+ hostapd->terminate();
+ // Wait 3 seconds to allow terminate to complete
+ sleep(3);
+ }
+
+ sp<IHostapd> hostapd;
+ bool isAcsSupport;
+ bool isWpa3SaeSupport;
+ bool isBridgedSupport;
+
+ IfaceParams getIfaceParamsWithoutAcs(String16 iface_name) {
+ IfaceParams iface_params;
+ ChannelParams channelParams;
+ std::vector<ChannelParams> vec_channelParams;
+
+ iface_params.name = iface_name;
+ iface_params.hwModeParams.enable80211N = true;
+ iface_params.hwModeParams.enable80211AC = false;
+ iface_params.hwModeParams.enable80211AX = false;
+ iface_params.hwModeParams.enable6GhzBand = false;
+
+ channelParams.enableAcs = false;
+ channelParams.acsShouldExcludeDfs = false;
+ channelParams.channel = kIfaceChannel;
+ channelParams.bandMask = BandMask::BAND_2_GHZ;
+
+ vec_channelParams.push_back(channelParams);
+ iface_params.channelParams = vec_channelParams;
+ return iface_params;
+ }
+
+ IfaceParams getIfaceParamsWithBridgedModeACS(String16 iface_name) {
+ IfaceParams iface_params = getIfaceParamsWithoutAcs(iface_name);
+ iface_params.channelParams[0].enableAcs = true;
+ iface_params.channelParams[0].acsShouldExcludeDfs = true;
+
+ std::vector<ChannelParams> vec_channelParams;
+ vec_channelParams.push_back(iface_params.channelParams[0]);
+
+ ChannelParams second_channelParams;
+ second_channelParams.channel = 0;
+ second_channelParams.enableAcs = true;
+ second_channelParams.bandMask = BandMask::BAND_5_GHZ;
+ vec_channelParams.push_back(second_channelParams);
+
+ iface_params.channelParams = vec_channelParams;
+ return iface_params;
+ }
+
+ IfaceParams getIfaceParamsWithAcs(String16 iface_name) {
+ IfaceParams iface_params = getIfaceParamsWithoutAcs(iface_name);
+ iface_params.channelParams[0].enableAcs = true;
+ iface_params.channelParams[0].acsShouldExcludeDfs = true;
+ iface_params.channelParams[0].channel = 0;
+ iface_params.channelParams[0].bandMask =
+ iface_params.channelParams[0].bandMask | BandMask::BAND_5_GHZ;
+ return iface_params;
+ }
+
+ IfaceParams getIfaceParamsWithAcsAndFreqRange(String16 iface_name) {
+ IfaceParams iface_params = getIfaceParamsWithAcs(iface_name);
+ FrequencyRange freqRange;
+ freqRange.startMhz = 2412;
+ freqRange.endMhz = 2462;
+ std::vector<FrequencyRange> vec_FrequencyRange;
+ vec_FrequencyRange.push_back(freqRange);
+ iface_params.channelParams[0].acsChannelFreqRangesMhz =
+ vec_FrequencyRange;
+ return iface_params;
+ }
+
+ IfaceParams getIfaceParamsWithAcsAndInvalidFreqRange(String16 iface_name) {
+ IfaceParams iface_params =
+ getIfaceParamsWithAcsAndFreqRange(iface_name);
+ iface_params.channelParams[0].acsChannelFreqRangesMhz[0].startMhz =
+ 222;
+ iface_params.channelParams[0].acsChannelFreqRangesMhz[0].endMhz =
+ 999;
+ return iface_params;
+ }
+
+ IfaceParams getIfaceParamsWithInvalidChannel(String16 iface_name) {
+ IfaceParams iface_params = getIfaceParamsWithoutAcs(iface_name);
+ iface_params.channelParams[0].channel = kIfaceInvalidChannel;
+ return iface_params;
+ }
+
+ NetworkParams getOpenNwParams() {
+ NetworkParams nw_params;
+ nw_params.ssid =
+ std::vector<uint8_t>(kNwSsid, kNwSsid + sizeof(kNwSsid));
+ nw_params.isHidden = false;
+ nw_params.encryptionType = EncryptionType::NONE;
+ nw_params.isMetered = true;
+ return nw_params;
+ }
+
+ NetworkParams getPskNwParamsWithNonMetered() {
+ NetworkParams nw_params = getOpenNwParams();
+ nw_params.encryptionType = EncryptionType::WPA2;
+ nw_params.passphrase = kPassphrase;
+ nw_params.isMetered = false;
+ return nw_params;
+ }
+
+ NetworkParams getPskNwParams() {
+ NetworkParams nw_params = getOpenNwParams();
+ nw_params.encryptionType = EncryptionType::WPA2;
+ nw_params.passphrase = kPassphrase;
+ return nw_params;
+ }
+
+ NetworkParams getInvalidPskNwParams() {
+ NetworkParams nw_params = getOpenNwParams();
+ nw_params.encryptionType = EncryptionType::WPA2;
+ nw_params.passphrase = kInvalidMaxPassphrase;
+ return nw_params;
+ }
+
+ NetworkParams getSaeTransitionNwParams() {
+ NetworkParams nw_params = getOpenNwParams();
+ nw_params.encryptionType = EncryptionType::WPA3_SAE_TRANSITION;
+ nw_params.passphrase = kPassphrase;
+ return nw_params;
+ }
+
+ NetworkParams getInvalidSaeTransitionNwParams() {
+ NetworkParams nw_params = getOpenNwParams();
+ nw_params.encryptionType = EncryptionType::WPA2;
+ nw_params.passphrase = kInvalidMinPassphrase;
+ return nw_params;
+ }
+
+ NetworkParams getSaeNwParams() {
+ NetworkParams nw_params = getOpenNwParams();
+ nw_params.encryptionType = EncryptionType::WPA3_SAE;
+ nw_params.passphrase = kPassphrase;
+ return nw_params;
+ }
+
+ NetworkParams getInvalidSaeNwParams() {
+ NetworkParams nw_params = getOpenNwParams();
+ nw_params.encryptionType = EncryptionType::WPA3_SAE;
+ nw_params.passphrase = String16("");
+ return nw_params;
+ }
+};
+
+/**
+ * Adds an access point with PSK network config & ACS enabled.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddPskAccessPointWithAcs) {
+ if (!isAcsSupport) GTEST_SKIP() << "Missing ACS support";
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithAcs(kIfaceName),
+ getPskNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds an access point with PSK network config, ACS enabled & frequency Range.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddPskAccessPointWithAcsAndFreqRange) {
+ if (!isAcsSupport) GTEST_SKIP() << "Missing ACS support";
+ auto status = hostapd->addAccessPoint(
+ getIfaceParamsWithAcsAndFreqRange(kIfaceName), getPskNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds an access point with invalid channel range.
+ * Access point creation should fail.
+ */
+TEST_P(HostapdAidl, AddPskAccessPointWithAcsAndInvalidFreqRange) {
+ if (!isAcsSupport) GTEST_SKIP() << "Missing ACS support";
+ auto status = hostapd->addAccessPoint(
+ getIfaceParamsWithAcsAndInvalidFreqRange(kIfaceName), getPskNwParams());
+ EXPECT_FALSE(status.isOk());
+}
+
+/**
+ * Adds an access point with Open network config & ACS enabled.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddOpenAccessPointWithAcs) {
+ if (!isAcsSupport) GTEST_SKIP() << "Missing ACS support";
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithAcs(kIfaceName),
+ getOpenNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds an access point with PSK network config & ACS disabled.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddPskAccessPointWithoutAcs) {
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getPskNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds an access point with PSK network config, ACS disabled & Non metered.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddPskAccessPointWithoutAcsAndNonMetered) {
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getPskNwParamsWithNonMetered());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds an access point with Open network config & ACS disabled.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddOpenAccessPointWithoutAcs) {
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getOpenNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds an access point with SAE Transition network config & ACS disabled.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddSaeTransitionAccessPointWithoutAcs) {
+ if (!isWpa3SaeSupport) GTEST_SKIP() << "Missing SAE support";
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getSaeTransitionNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds an access point with SAE network config & ACS disabled.
+ * Access point creation should pass.
+ */
+TEST_P(HostapdAidl, AddSAEAccessPointWithoutAcs) {
+ if (!isWpa3SaeSupport) GTEST_SKIP() << "Missing SAE support";
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getSaeNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+/**
+ * Adds & then removes an access point with PSK network config & ACS enabled.
+ * Access point creation & removal should pass.
+ */
+TEST_P(HostapdAidl, RemoveAccessPointWithAcs) {
+ if (!isAcsSupport) GTEST_SKIP() << "Missing ACS support";
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithAcs(kIfaceName),
+ getPskNwParams());
+ EXPECT_TRUE(status.isOk());
+ EXPECT_TRUE(hostapd->removeAccessPoint(kIfaceName).isOk());
+}
+
+/**
+ * Adds & then removes an access point with PSK network config & ACS disabled.
+ * Access point creation & removal should pass.
+ */
+TEST_P(HostapdAidl, RemoveAccessPointWithoutAcs) {
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getPskNwParams());
+ EXPECT_TRUE(status.isOk());
+ EXPECT_TRUE(hostapd->removeAccessPoint(kIfaceName).isOk());
+}
+
+/**
+ * Adds an access point with invalid channel.
+ * Access point creation should fail.
+ */
+TEST_P(HostapdAidl, AddPskAccessPointWithInvalidChannel) {
+ auto status = hostapd->addAccessPoint(
+ getIfaceParamsWithInvalidChannel(kIfaceName), getPskNwParams());
+ EXPECT_FALSE(status.isOk());
+}
+
+/**
+ * Adds an access point with invalid PSK network config.
+ * Access point creation should fail.
+ */
+TEST_P(HostapdAidl, AddInvalidPskAccessPointWithoutAcs) {
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getInvalidPskNwParams());
+ EXPECT_FALSE(status.isOk());
+}
+
+/**
+ * Adds an access point with invalid SAE transition network config.
+ * Access point creation should fail.
+ */
+TEST_P(HostapdAidl, AddInvalidSaeTransitionAccessPointWithoutAcs) {
+ if (!isWpa3SaeSupport) GTEST_SKIP() << "Missing SAE support";
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getInvalidSaeTransitionNwParams());
+ EXPECT_FALSE(status.isOk());
+}
+
+/**
+ * Adds an access point with invalid SAE network config.
+ * Access point creation should fail.
+ */
+TEST_P(HostapdAidl, AddInvalidSaeAccessPointWithoutAcs) {
+ if (!isWpa3SaeSupport) GTEST_SKIP() << "Missing SAE support";
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getInvalidSaeNwParams());
+ EXPECT_FALSE(status.isOk());
+}
+
+/**
+ * forceClientDisconnect should fail when hotspot interface available.
+ */
+TEST_P(HostapdAidl, DisconnectClientWhenIfacAvailable) {
+ auto status = hostapd->addAccessPoint(getIfaceParamsWithoutAcs(kIfaceName),
+ getOpenNwParams());
+ EXPECT_TRUE(status.isOk());
+
+ status = hostapd->forceClientDisconnect(kIfaceName, kTestZeroMacAddr,
+ kTestDisconnectReasonCode);
+ EXPECT_FALSE(status.isOk());
+}
+
+/**
+ * AddAccessPointWithDualBandConfig should pass
+ */
+TEST_P(HostapdAidl, AddAccessPointWithDualBandConfig) {
+ if (!isBridgedSupport) GTEST_SKIP() << "Missing Bridged AP support";
+ auto status = hostapd->addAccessPoint(
+ getIfaceParamsWithBridgedModeACS(kIfaceName), getOpenNwParams());
+ EXPECT_TRUE(status.isOk());
+}
+
+INSTANTIATE_TEST_SUITE_P(
+ Hostapd, HostapdAidl,
+ testing::ValuesIn(android::getAidlHalInstanceNames(IHostapd::descriptor)),
+ android::PrintInstanceNameToString);
+
+int main(int argc, char **argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+ ProcessState::self()->setThreadPoolMaxThreadCount(1);
+ ProcessState::self()->startThreadPool();
+ return RUN_ALL_TESTS();
+}