[km] Add a new rust binary for non-secure KeyMint host
The new binary sets non-secure RoT for keymint. The non-secure
version will be used on cuttlefish.
Bug: 355194622
Test: CF is gets booted with KeyMint TA in VM
Change-Id: Iff202c6d4bb70dabeb866b4f3fbc18c006bb219e
diff --git a/trusty/keymint/Android.bp b/trusty/keymint/Android.bp
index 92d9c6f..1b87d80 100644
--- a/trusty/keymint/Android.bp
+++ b/trusty/keymint/Android.bp
@@ -17,12 +17,10 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
-rust_binary {
- name: "android.hardware.security.keymint-service.rust.trusty",
+rust_defaults {
+ name: "android.hardware.security.keymint-service.rust.trusty.default",
relative_install_path: "hw",
vendor: true,
- init_rc: ["android.hardware.security.keymint-service.rust.trusty.rc"],
- vintf_fragments: ["android.hardware.security.keymint-service.rust.trusty.xml"],
srcs: [
"src/keymint_hal_main.rs",
],
@@ -37,7 +35,23 @@
"liblog_rust",
],
prefer_rlib: true,
+}
+
+rust_binary {
+ name: "android.hardware.security.keymint-service.rust.trusty",
+ defaults: ["android.hardware.security.keymint-service.rust.trusty.default"],
+ init_rc: ["android.hardware.security.keymint-service.rust.trusty.rc"],
+ vintf_fragments: ["android.hardware.security.keymint-service.rust.trusty.xml"],
required: [
"android.hardware.hardware_keystore.xml",
],
}
+
+rust_binary {
+ name: "android.hardware.security.keymint-service.rust.trusty.nonsecure",
+ defaults: ["android.hardware.security.keymint-service.rust.trusty.default"],
+ features: ["nonsecure"],
+ rustlibs: [
+ "libkmr_hal_nonsecure",
+ ],
+}