Run BoringSSL self test during startup
NIAP certification requires that all cryptographic functions
undergo a self-test during startup to demonstrate correct
operation. This change adds such a check.
If the check fails, it will prevent the device from booting
by rebooting into the bootloader.
Bug: 119826244
Test: Built for walleye. After device booted examined dmesg and
observed logs from init showing that the new task did
start. Further, when BoringSSL is built to fail its self
check the device did stop during a normal boot and enter
the bootloader, and did so before the boot animation stopped.
Change-Id: I07a5dc73a314502c87de566bb26f4d73499d2675
diff --git a/init/init.cpp b/init/init.cpp
index e7dbc11..a8d1a27 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -49,6 +49,7 @@
#endif
#include "action_parser.h"
+#include "boringssl_self_test.h"
#include "epoll.h"
#include "first_stage_mount.h"
#include "import_parser.h"
@@ -768,6 +769,9 @@
// Trigger all the boot actions to get us started.
am.QueueEventTrigger("init");
+ // Starting the BoringSSL self test, for NIAP certification compliance.
+ am.QueueBuiltinAction(StartBoringSslSelfTest, "StartBoringSslSelfTest");
+
// Repeat mix_hwrng_into_linux_rng in case /dev/hw_random or /dev/random
// wasn't ready immediately after wait_for_coldboot_done
am.QueueBuiltinAction(MixHwrngIntoLinuxRngAction, "MixHwrngIntoLinuxRng");