Merge "Update trusty to use secretkeeper hal V1" into main
diff --git a/rootdir/init.rc b/rootdir/init.rc
index e487797..ae6a658 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -1004,6 +1004,11 @@
exec_start system_aconfigd_mainline_init
start system_aconfigd_socket_service
+ # start mainline aconfigd init, after transition, the above system_aconfigd_mainline_init
+ # will be deprecated
+ exec_start mainline_aconfigd_init
+ start mainline_aconfigd_socket_service
+
# Create directories for boot animation.
mkdir /data/misc/bootanim 0755 system system
diff --git a/trusty/trusty-storage-cf.mk b/trusty/trusty-storage-cf.mk
index 3b46445..acefd3e 100644
--- a/trusty/trusty-storage-cf.mk
+++ b/trusty/trusty-storage-cf.mk
@@ -22,4 +22,5 @@
PRODUCT_PACKAGES += \
storageproxyd.system \
rpmb_dev.system \
+ rpmb_dev.test.system \
diff --git a/trusty/utils/rpmb_dev/Android.bp b/trusty/utils/rpmb_dev/Android.bp
index ef23cc5..2f362e8 100644
--- a/trusty/utils/rpmb_dev/Android.bp
+++ b/trusty/utils/rpmb_dev/Android.bp
@@ -58,3 +58,12 @@
"rpmb_dev.wv.system.rc",
],
}
+
+cc_binary {
+ name: "rpmb_dev.test.system",
+ defaults: ["rpmb_dev.cc_defaults"],
+ system_ext_specific: true,
+ init_rc: [
+ "rpmb_dev.test.system.rc",
+ ],
+}
diff --git a/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc b/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc
new file mode 100644
index 0000000..2127798
--- /dev/null
+++ b/trusty/utils/rpmb_dev/rpmb_dev.test.system.rc
@@ -0,0 +1,56 @@
+service trusty_test_vm /apex/com.android.virt/bin/vm run \
+ /data/local/tmp/TrustyTestVM_UnitTests/trusty-test_vm-config.json
+ disabled
+ user system
+ group system
+
+service storageproxyd_test_system /system_ext/bin/storageproxyd.system \
+ -d VSOCK:${trusty.test_vm.vm_cid}:1 \
+ -r /dev/socket/rpmb_mock_test_system \
+ -p /data/secure_storage_test_system \
+ -t sock
+ disabled
+ class hal
+ user system
+ group system
+
+service rpmb_mock_init_test_system /system_ext/bin/rpmb_dev.test.system \
+ --dev /mnt/secure_storage_rpmb_test_system/persist/RPMB_DATA --init --size 2048
+ disabled
+ user system
+ group system
+ oneshot
+
+service rpmb_mock_test_system /system_ext/bin/rpmb_dev.test.system \
+ --dev /mnt/secure_storage_rpmb_test_system/persist/RPMB_DATA \
+ --sock rpmb_mock_test_system
+ disabled
+ user system
+ group system
+ socket rpmb_mock_test_system stream 660 system system
+
+# RPMB Mock
+on post-fs-data
+ # Create a persistent location for the RPMB data
+ # (work around lack of RPMb block device on CF).
+ # file contexts secure_storage_rpmb_system_file
+ # (only used on Cuttlefish as this is non secure)
+ mkdir /metadata/secure_storage_rpmb_test_system 0770 system system
+ mkdir /mnt/secure_storage_rpmb_test_system 0770 system system
+ symlink /metadata/secure_storage_rpmb_test_system \
+ /mnt/secure_storage_rpmb_test_system/persist
+ # Create a system persist directory in /metadata
+ # (work around lack of dedicated system persist partition).
+ # file contexts secure_storage_persist_system_file
+ mkdir /metadata/secure_storage_persist_test_system 0770 system system
+ mkdir /mnt/secure_storage_persist_test_system 0770 system system
+ symlink /metadata/secure_storage_persist_test_system \
+ /mnt/secure_storage_persist_test_system/persist
+ # file contexts secure_storage_system_file
+ mkdir /data/secure_storage_test_system 0770 root system
+ symlink /mnt/secure_storage_persist_test_system/persist \
+ /data/secure_storage_test_system/persist
+ chown root system /data/secure_storage_test_system/persist
+ # setprop storageproxyd_test_system.trusty_ipc_dev VSOCK:${trusty.test_vm.vm_cid}:1
+ exec_start rpmb_mock_init_test_system
+ start rpmb_mock_test_system