Merge "boringssl self tests: explicitly specify empty capabilities"
diff --git a/debuggerd/handler/debuggerd_handler.cpp b/debuggerd/handler/debuggerd_handler.cpp
index c64de0e..1e25309 100644
--- a/debuggerd/handler/debuggerd_handler.cpp
+++ b/debuggerd/handler/debuggerd_handler.cpp
@@ -371,12 +371,29 @@
{.iov_base = thread_info->ucontext, .iov_len = sizeof(ucontext_t)},
};
+ constexpr size_t kHeaderSize = sizeof(version) + sizeof(siginfo_t) + sizeof(ucontext_t);
+
if (thread_info->process_info.fdsan_table) {
// Dynamic executables always use version 4. There is no need to increment the version number if
// the format changes, because the sender (linker) and receiver (crash_dump) are version locked.
version = 4;
expected = sizeof(CrashInfoHeader) + sizeof(CrashInfoDataDynamic);
+ static_assert(sizeof(CrashInfoHeader) + sizeof(CrashInfoDataDynamic) ==
+ kHeaderSize + sizeof(thread_info->process_info),
+ "Wire protocol structs do not match the data sent.");
+#define ASSERT_SAME_OFFSET(MEMBER1, MEMBER2) \
+ static_assert(sizeof(CrashInfoHeader) + offsetof(CrashInfoDataDynamic, MEMBER1) == \
+ kHeaderSize + offsetof(debugger_process_info, MEMBER2), \
+ "Wire protocol offset does not match data sent: " #MEMBER1);
+ ASSERT_SAME_OFFSET(fdsan_table_address, fdsan_table);
+ ASSERT_SAME_OFFSET(gwp_asan_state, gwp_asan_state);
+ ASSERT_SAME_OFFSET(gwp_asan_metadata, gwp_asan_metadata);
+ ASSERT_SAME_OFFSET(scudo_stack_depot, scudo_stack_depot);
+ ASSERT_SAME_OFFSET(scudo_region_info, scudo_region_info);
+ ASSERT_SAME_OFFSET(scudo_ring_buffer, scudo_ring_buffer);
+#undef ASSERT_SAME_OFFSET
+
iovs[3] = {.iov_base = &thread_info->process_info,
.iov_len = sizeof(thread_info->process_info)};
} else {
@@ -384,6 +401,10 @@
version = 1;
expected = sizeof(CrashInfoHeader) + sizeof(CrashInfoDataStatic);
+ static_assert(
+ sizeof(CrashInfoHeader) + sizeof(CrashInfoDataStatic) == kHeaderSize + sizeof(uintptr_t),
+ "Wire protocol structs do not match the data sent.");
+
iovs[3] = {.iov_base = &thread_info->process_info.abort_msg, .iov_len = sizeof(uintptr_t)};
}
errno = 0;
diff --git a/debuggerd/test_permissive_mte/Android.bp b/debuggerd/test_permissive_mte/Android.bp
index 1c09240..d3f7520 100644
--- a/debuggerd/test_permissive_mte/Android.bp
+++ b/debuggerd/test_permissive_mte/Android.bp
@@ -18,6 +18,7 @@
cc_binary {
name: "mte_crash",
+ tidy: false,
srcs: ["mte_crash.cpp"],
sanitize: {
memtag_heap: true,
diff --git a/libcutils/include/cutils/qtaguid.h b/libcutils/include/cutils/qtaguid.h
index a5ffb03..8902c2b 100644
--- a/libcutils/include/cutils/qtaguid.h
+++ b/libcutils/include/cutils/qtaguid.h
@@ -33,12 +33,6 @@
*/
extern int qtaguid_untagSocket(int sockfd);
-/*
- * Enable/disable qtaguid functionnality at a lower level.
- * When pacified, the kernel will accept commands but do nothing.
- */
-extern int qtaguid_setPacifier(int on);
-
#ifdef __cplusplus
}
#endif
diff --git a/trusty/trusty-base.mk b/trusty/trusty-base.mk
index 0609709..7b4aa26 100644
--- a/trusty/trusty-base.mk
+++ b/trusty/trusty-base.mk
@@ -22,8 +22,21 @@
# For gatekeeper, we include the generic -service and -impl to use legacy
# HAL loading of gatekeeper.trusty.
+# Allow the KeyMint HAL service implementation to be selected at build time. This needs to be
+# done in sync with the TA implementation included in Trusty. Possible values are:
+#
+# - Rust implementation: export TRUSTY_KEYMINT_IMPL=rust
+# - C++ implementation: (any other value of TRUSTY_KEYMINT_IMPL)
+
+ifeq ($(TRUSTY_KEYMINT_IMPL),rust)
+ LOCAL_KEYMINT_PRODUCT_PACKAGE := android.hardware.security.keymint-service.rust.trusty
+else
+ # Default to the C++ implementation
+ LOCAL_KEYMINT_PRODUCT_PACKAGE := android.hardware.security.keymint-service.trusty
+endif
+
PRODUCT_PACKAGES += \
- android.hardware.security.keymint-service.trusty \
+ $(LOCAL_KEYMINT_PRODUCT_PACKAGE) \
android.hardware.gatekeeper@1.0-service.trusty \
trusty_apploader \
RemoteProvisioner