Reboot to bootloader if sending module info to KeyMint fails * Panic in check_send_module_info if sending module info to KeyMint fails. * Make Keystore a critical service, in order to reboot to bootloader if Keystore crashes more than 4 times before sys.boot_completed = true. * On Keystore start, check if we should send KeyMint module info, and if so, send the info. (The check here is whether keystore.module_hash.sent != true.) Bug: 400439023 Test: (1) for the successful case, ran Keystore CTS tests; (2) for the unsuccessful case, where we reach the panic in send_module_info, confirmed that the phone ended up in fastboot. Flag: android.security.keystore2.attest_modules Change-Id: I702828fc3462f5e90ae09c4f654d90c85f28195a

commit: fd8b9ebca44cb843ca8e7f5d38658de97c13fd1e [log] [tgz]
author: Karuna Wadhera <kwadhera@google.com> Wed Mar 19 17:56:35 2025 +0000
committer: Karuna Wadhera <kwadhera@google.com> Thu Mar 20 20:08:18 2025 +0000
tree: e614eb2d27ec5e3f2fd041a961d3b95b7f4c2cc4
parent: 3ec7eb706533ab1e0a6fb6e0287e5a1bddd1b1be [diff] [blame]
diff --git a/keystore2/keystore2.rc b/keystore2/keystore2.rc
index d7d6951..e669b18 100644
--- a/keystore2/keystore2.rc
+++ b/keystore2/keystore2.rc

@@ -13,3 +13,5 @@
     task_profiles ProcessCapacityHigh
     # The default memlock limit of 65536 bytes is too low for keystore.
     rlimit memlock unlimited unlimited
+    # Reboot to bootloader if Keystore crashes more than 4 times before `sys.boot_completed`.
+    critical window=0
commit	fd8b9ebca44cb843ca8e7f5d38658de97c13fd1e	[log] [tgz]
author	Karuna Wadhera <kwadhera@google.com>	Wed Mar 19 17:56:35 2025 +0000
committer	Karuna Wadhera <kwadhera@google.com>	Thu Mar 20 20:08:18 2025 +0000
tree	e614eb2d27ec5e3f2fd041a961d3b95b7f4c2cc4
parent	3ec7eb706533ab1e0a6fb6e0287e5a1bddd1b1be [diff] [blame]