Merge "[test] Test nostd open-dice library in pvmfw dice test" into main
diff --git a/android/TerminalApp/AndroidManifest.xml b/android/TerminalApp/AndroidManifest.xml
index 6a1ecaf..1af6c8a 100644
--- a/android/TerminalApp/AndroidManifest.xml
+++ b/android/TerminalApp/AndroidManifest.xml
@@ -34,6 +34,7 @@
android:icon="@mipmap/ic_launcher"
android:theme="@style/Theme.Material3.DayNight.NoActionBar"
android:usesCleartextTraffic="true"
+ android:supportsRtl="true"
android:enabled="false">
<activity android:name=".MainActivity"
android:configChanges="orientation|screenSize|keyboard|keyboardHidden|navigation|uiMode|screenLayout|smallestScreenSize"
diff --git a/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt b/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt
index 03768e9..73bb0b9 100644
--- a/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt
+++ b/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt
@@ -30,7 +30,6 @@
val toolbar: MaterialToolbar = findViewById(R.id.settings_toolbar)
setSupportActionBar(toolbar)
- supportActionBar?.title = resources.getString(R.string.action_settings)
val settingsItems = arrayOf(
SettingsItem(
resources.getString(R.string.settings_disk_resize_title),
diff --git a/android/TerminalApp/res/layout/activity_installer.xml b/android/TerminalApp/res/layout/activity_installer.xml
index ce37129..fcd3f1a 100644
--- a/android/TerminalApp/res/layout/activity_installer.xml
+++ b/android/TerminalApp/res/layout/activity_installer.xml
@@ -38,8 +38,7 @@
android:adjustViewBounds="true"
android:layout_alignParentStart="true"
android:layout_marginTop="48dp"
- android:layout_marginLeft="32dp"
- android:layout_marginRight="32dp"
+ android:layout_marginHorizontal="32dp"
app:tint="?attr/colorPrimary" />
<TextView
@@ -49,10 +48,8 @@
android:singleLine="false"
android:text="@string/installer_title_text"
android:layout_below="@id/installer_terminal_icon"
- android:layout_marginTop="24dp"
- android:layout_marginBottom="24dp"
- android:layout_marginLeft="32dp"
- android:layout_marginRight="32dp"
+ android:layout_marginVertical="24dp"
+ android:layout_marginHorizontal="32dp"
android:textSize="36sp" />
<TextView
@@ -63,8 +60,7 @@
android:layout_below="@id/installer_title"
android:lineSpacingExtra="5dp"
android:layout_marginTop="24dp"
- android:layout_marginLeft="32dp"
- android:layout_marginRight="32dp"
+ android:layout_marginHorizontal="32dp"
android:textSize="16sp" />
<CheckBox
@@ -72,8 +68,7 @@
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:textSize="16sp"
- android:layout_marginLeft="42dp"
- android:layout_marginRight="42dp"
+ android:layout_marginHorizontal="42dp"
android:layout_above="@id/installer_install_button"
android:layout_alignParentEnd="true"
android:text="@string/installer_wait_for_wifi_checkbox_text" />
@@ -85,8 +80,7 @@
android:layout_alignParentBottom="true"
android:layout_alignParentEnd="true"
android:layout_marginBottom="32dp"
- android:layout_marginLeft="40dp"
- android:layout_marginRight="40dp"
+ android:layout_marginHorizontal="40dp"
android:backgroundTint="?attr/colorPrimaryDark"
android:text="@string/installer_install_button_enabled_text" />
</RelativeLayout>
diff --git a/android/TerminalApp/res/layout/settings_activity.xml b/android/TerminalApp/res/layout/settings_activity.xml
index 9edfd96..adeff36 100644
--- a/android/TerminalApp/res/layout/settings_activity.xml
+++ b/android/TerminalApp/res/layout/settings_activity.xml
@@ -25,6 +25,7 @@
android:id="@+id/settings_toolbar"
android:layout_width="match_parent"
android:layout_height="?attr/actionBarSize"
+ app:title="@string/action_settings"
app:layout_constraintTop_toTopOf="parent"/>
<androidx.recyclerview.widget.RecyclerView
android:id="@+id/settings_list_recycler_view"
diff --git a/android/TerminalApp/res/layout/settings_list_item.xml b/android/TerminalApp/res/layout/settings_list_item.xml
index 7b27421..b48c5d3 100644
--- a/android/TerminalApp/res/layout/settings_list_item.xml
+++ b/android/TerminalApp/res/layout/settings_list_item.xml
@@ -14,61 +14,56 @@
limitations under the License.
-->
-<FrameLayout xmlns:android="http://schemas.android.com/apk/res/android"
+<com.google.android.material.card.MaterialCardView
+ xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:app="http://schemas.android.com/apk/res-auto"
- android:layout_width="match_parent"
- android:gravity="center_vertical"
- android:layout_height="wrap_content">
+ android:id="@+id/settings_list_item_card"
+ app:strokeWidth="0dp"
+ app:cardCornerRadius="28dp"
+ app:checkedIcon="@null"
+ android:focusable="true"
+ android:checkable="true"
+ android:layout_height="wrap_content"
+ android:layout_width="match_parent">
- <com.google.android.material.card.MaterialCardView
- android:id="@+id/settings_list_item_card"
- app:strokeWidth="0dp"
- app:cardCornerRadius="28dp"
- app:checkedIcon="@null"
- android:focusable="true"
- android:checkable="true"
- android:layout_height="wrap_content"
- android:layout_width="match_parent">
+ <androidx.constraintlayout.widget.ConstraintLayout
+ android:layout_width="match_parent"
+ android:layout_height="88dp"
+ android:layout_marginStart="24dp"
+ android:layout_marginEnd="16dp">
- <androidx.constraintlayout.widget.ConstraintLayout
- android:layout_width="match_parent"
- android:layout_height="88dp"
+ <com.google.android.material.imageview.ShapeableImageView
+ android:id="@+id/settings_list_item_icon"
+ android:layout_width="24dp"
+ android:layout_height="24dp"
+ android:layout_marginEnd="24dp"
+ android:scaleType="centerCrop"
+ app:layout_constraintTop_toTopOf="parent"
+ app:layout_constraintBottom_toBottomOf="parent"
+ app:layout_constraintStart_toStartOf="parent" />
+
+ <TextView
+ android:id="@+id/settings_list_item_title"
+ android:layout_width="0dp"
+ android:layout_height="wrap_content"
+ android:layout_marginTop="20dp"
android:layout_marginStart="24dp"
- android:layout_marginEnd="16dp">
+ android:textSize="20sp"
+ app:layout_constraintTop_toTopOf="parent"
+ app:layout_constraintBottom_toTopOf="@+id/settings_list_item_sub_title"
+ app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
+ app:layout_constraintEnd_toEndOf="parent" />
- <com.google.android.material.imageview.ShapeableImageView
- android:id="@+id/settings_list_item_icon"
- android:layout_width="24dp"
- android:layout_height="24dp"
- android:layout_marginEnd="24dp"
- android:scaleType="centerCrop"
- app:layout_constraintTop_toTopOf="parent"
- app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintLeft_toLeftOf="parent" />
-
- <TextView
- android:id="@+id/settings_list_item_title"
- android:layout_width="0dp"
- android:layout_height="wrap_content"
- android:layout_marginTop="20dp"
- android:layout_marginStart="24dp"
- android:textSize="20sp"
- app:layout_constraintTop_toTopOf="parent"
- app:layout_constraintBottom_toTopOf="@+id/settings_list_item_sub_title"
- app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
- app:layout_constraintEnd_toEndOf="parent" />
-
- <TextView
- android:id="@+id/settings_list_item_sub_title"
- android:layout_width="0dp"
- android:layout_height="wrap_content"
- android:textSize="14sp"
- android:layout_marginBottom="20dp"
- android:layout_marginStart="24dp"
- app:layout_constraintTop_toBottomOf="@+id/settings_list_item_title"
- app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
- app:layout_constraintEnd_toEndOf="parent" />
- </androidx.constraintlayout.widget.ConstraintLayout>
- </com.google.android.material.card.MaterialCardView>
-</FrameLayout>
\ No newline at end of file
+ <TextView
+ android:id="@+id/settings_list_item_sub_title"
+ android:layout_width="0dp"
+ android:layout_height="wrap_content"
+ android:textSize="14sp"
+ android:layout_marginBottom="20dp"
+ android:layout_marginStart="24dp"
+ app:layout_constraintTop_toBottomOf="@+id/settings_list_item_title"
+ app:layout_constraintBottom_toBottomOf="parent"
+ app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
+ app:layout_constraintEnd_toEndOf="parent" />
+ </androidx.constraintlayout.widget.ConstraintLayout>
+</com.google.android.material.card.MaterialCardView>
\ No newline at end of file
diff --git a/android/TerminalApp/res/layout/settings_port_forwarding_item.xml b/android/TerminalApp/res/layout/settings_port_forwarding_item.xml
index 5418bf8..8a57b41 100644
--- a/android/TerminalApp/res/layout/settings_port_forwarding_item.xml
+++ b/android/TerminalApp/res/layout/settings_port_forwarding_item.xml
@@ -14,11 +14,12 @@
limitations under the License.
-->
-<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
+<androidx.constraintlayout.widget.ConstraintLayout
+ xmlns:android="http://schemas.android.com/apk/res/android"
+ xmlns:app="http://schemas.android.com/apk/res-auto"
android:layout_width="match_parent"
android:layout_height="wrap_content"
- app:layout_constraintCircleRadius="@dimen/material_emphasis_medium"
- xmlns:app="http://schemas.android.com/apk/res-auto">
+ app:layout_constraintCircleRadius="@dimen/material_emphasis_medium">
<TextView
android:id="@+id/settings_port_forwarding_item_port"
@@ -26,13 +27,13 @@
android:layout_width="match_parent"
app:layout_constraintTop_toTopOf="parent"
app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintLeft_toLeftOf="parent"/>
+ app:layout_constraintStart_toStartOf="parent"/>
<com.google.android.material.materialswitch.MaterialSwitch
android:id="@+id/settings_port_forwarding_item_enabled_switch"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
app:layout_constraintTop_toTopOf="parent"
- app:layout_constraintRight_toRightOf="parent" />
+ app:layout_constraintEnd_toEndOf="parent" />
</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/android/TerminalApp/res/layout/settings_recovery.xml b/android/TerminalApp/res/layout/settings_recovery.xml
index 12344c6..4cce61d 100644
--- a/android/TerminalApp/res/layout/settings_recovery.xml
+++ b/android/TerminalApp/res/layout/settings_recovery.xml
@@ -57,7 +57,7 @@
android:text="@string/settings_recovery_reset_title"
app:layout_constraintTop_toTopOf="parent"
app:layout_constraintBottom_toTopOf="@+id/settings_recovery_reset_sub_title"
- app:layout_constraintLeft_toLeftOf="parent" />
+ app:layout_constraintStart_toStartOf="parent" />
<TextView
android:id="@+id/settings_recovery_reset_sub_title"
@@ -69,7 +69,7 @@
android:text="@string/settings_recovery_reset_sub_title"
app:layout_constraintTop_toBottomOf="@+id/settings_recovery_reset_title"
app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintLeft_toLeftOf="parent" />
+ app:layout_constraintStart_toStartOf="parent" />
</androidx.constraintlayout.widget.ConstraintLayout>
</com.google.android.material.card.MaterialCardView>
</LinearLayout>
\ No newline at end of file
diff --git a/guest/pvmfw/avb/Android.bp b/guest/pvmfw/avb/Android.bp
index f97a713..bc5cbfe 100644
--- a/guest/pvmfw/avb/Android.bp
+++ b/guest/pvmfw/avb/Android.bp
@@ -33,6 +33,7 @@
":microdroid_kernel_signed",
":microdroid_initrd_normal",
":microdroid_initrd_debuggable",
+ ":trusty_security_vm_signed",
":test_image_with_one_hashdesc",
":test_image_with_non_initrd_hashdesc",
":test_image_with_initrd_and_non_initrd_desc",
diff --git a/guest/pvmfw/avb/tests/api_test.rs b/guest/pvmfw/avb/tests/api_test.rs
index 01c13d4..72c795c 100644
--- a/guest/pvmfw/avb/tests/api_test.rs
+++ b/guest/pvmfw/avb/tests/api_test.rs
@@ -55,6 +55,17 @@
}
#[test]
+fn latest_trusty_security_vm_kernel_passes_verification() -> Result<()> {
+ let salt = b"trusty_security_vm_salt";
+ let expected_rollback_index = 1;
+ assert_payload_without_initrd_passes_verification(
+ &load_latest_trusty_security_vm_signed_kernel()?,
+ salt,
+ expected_rollback_index,
+ )
+}
+
+#[test]
fn latest_debug_payload_passes_verification() -> Result<()> {
assert_latest_payload_verification_passes(
&load_latest_initrd_debug()?,
diff --git a/guest/pvmfw/avb/tests/utils.rs b/guest/pvmfw/avb/tests/utils.rs
index e989579..0e836d5 100644
--- a/guest/pvmfw/avb/tests/utils.rs
+++ b/guest/pvmfw/avb/tests/utils.rs
@@ -33,6 +33,7 @@
const MICRODROID_KERNEL_IMG_PATH: &str = "microdroid_kernel";
const INITRD_NORMAL_IMG_PATH: &str = "microdroid_initrd_normal.img";
const INITRD_DEBUG_IMG_PATH: &str = "microdroid_initrd_debuggable.img";
+const TRUSTY_SECURITY_VM_KERNEL_IMG_PATH: &str = "trusty_security_vm_signed";
const PUBLIC_KEY_RSA4096_PATH: &str = "data/testkey_rsa4096_pub.bin";
pub const PUBLIC_KEY_RSA2048_PATH: &str = "data/testkey_rsa2048_pub.bin";
@@ -60,6 +61,10 @@
Ok(fs::read(MICRODROID_KERNEL_IMG_PATH)?)
}
+pub fn load_latest_trusty_security_vm_signed_kernel() -> Result<Vec<u8>> {
+ Ok(fs::read(TRUSTY_SECURITY_VM_KERNEL_IMG_PATH)?)
+}
+
pub fn load_latest_initrd_normal() -> Result<Vec<u8>> {
Ok(fs::read(INITRD_NORMAL_IMG_PATH)?)
}
@@ -134,6 +139,35 @@
Ok(())
}
+pub fn assert_payload_without_initrd_passes_verification(
+ kernel: &[u8],
+ salt: &[u8],
+ expected_rollback_index: u64,
+) -> Result<()> {
+ let public_key = load_trusted_public_key()?;
+ let verified_boot_data = verify_payload(
+ kernel,
+ None, // initrd
+ &public_key,
+ )
+ .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
+
+ let footer = extract_avb_footer(kernel)?;
+ let kernel_digest =
+ hash(&[&hash(&[salt]), &kernel[..usize::try_from(footer.original_image_size)?]]);
+ let expected_boot_data = VerifiedBootData {
+ debug_level: DebugLevel::None,
+ kernel_digest,
+ initrd_digest: None,
+ public_key: &public_key,
+ capabilities: vec![],
+ rollback_index: expected_rollback_index,
+ };
+ assert_eq!(expected_boot_data, verified_boot_data);
+
+ Ok(())
+}
+
pub fn hash(inputs: &[&[u8]]) -> Digest {
let mut digester = sha::Sha256::new();
inputs.iter().for_each(|input| digester.update(input));
diff --git a/guest/trusty/security_vm/launcher/Android.bp b/guest/trusty/security_vm/launcher/Android.bp
index c90d893..38e3e42 100644
--- a/guest/trusty/security_vm/launcher/Android.bp
+++ b/guest/trusty/security_vm/launcher/Android.bp
@@ -57,7 +57,7 @@
enabled: false,
arch: {
x86_64: {
- src: ":trusty-test-lk.elf",
+ src: ":trusty-lk.elf",
enabled: true,
},
arm64: {