trusty: keymint: provision boot_info to Keymint Rust in TEE
Provision boot_info from keymint HAL to the Keymint Rust TA
in TEE. This is a nonsecure workaround until
this can be done by the bootloader.
Bug: 395896949
Test: lunch qemu_trusty_arm64-trunk_staging-userdebug
Change-Id: Ie69e2fe028dc4cd848383fc2da540602a42a48ff
diff --git a/trusty/keymint/Android.bp b/trusty/keymint/Android.bp
index d1cd71b..80e58f9 100644
--- a/trusty/keymint/Android.bp
+++ b/trusty/keymint/Android.bp
@@ -57,6 +57,13 @@
vendor: true,
defaults: ["android.hardware.security.keymint-service.rust.trusty.default"],
init_rc: ["android.hardware.security.keymint-service.trusty_tee.rc"],
+ features: select(soong_config_variable("trusty_system_vm", "placeholder_trusted_hal"), {
+ true: ["nonsecure"],
+ default: [],
+ }),
+ rustlibs: [
+ "libkmr_hal_nonsecure",
+ ],
}
// Keymint hal service in system_ext, interacting with the Trusty Security VM.