Support Resume on Reboot

When an OTA is downloaded, the RecoverySystem can be triggered to store
the user's lock screen knowledge factor in a secure way using the
IRebootEscrow HAL. This will allow the credential encrypted (CE)
storage, keymaster credentials, and possibly others to be unlocked when
the device reboots after an OTA.

Bug: 63928581
Test: make
Test: boot emulator with default implementation
Test: boot Pixel 4 with default implementation
Change-Id: I1f02e7a502478715fd642049da01eb0c01d112f6
diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index bd950dd..6a4b4db 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -19,6 +19,7 @@
     gmscore_app
     hal_can_bus_hwservice
     hal_can_controller_hwservice
+    hal_rebootescrow_service
     hal_tv_tuner_hwservice
     hal_vibrator_service
     init_svc_debug_prop
diff --git a/private/service_contexts b/private/service_contexts
index dd71111..4399ea4 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -1,3 +1,4 @@
+android.hardware.rebootescrow.IRebootEscrow/default u:object_r:hal_rebootescrow_service:s0
 android.hardware.vibrator.IVibrator/default u:object_r:hal_vibrator_service:s0
 
 accessibility                             u:object_r:accessibility_service:s0
diff --git a/private/system_server.te b/private/system_server.te
index 5544279..fe1cc42 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -222,6 +222,7 @@
 hal_client_domain(system_server, hal_omx)
 hal_client_domain(system_server, hal_power)
 hal_client_domain(system_server, hal_power_stats)
+hal_client_domain(system_server, hal_rebootescrow)
 hal_client_domain(system_server, hal_sensors)
 hal_client_domain(system_server, hal_tetheroffload)
 hal_client_domain(system_server, hal_thermal)
diff --git a/public/attributes b/public/attributes
index b600ea4..0fd2be2 100644
--- a/public/attributes
+++ b/public/attributes
@@ -325,6 +325,7 @@
 hal_attribute(omx);
 hal_attribute(power);
 hal_attribute(power_stats);
+hal_attribute(rebootescrow);
 hal_attribute(secure_element);
 hal_attribute(sensors);
 hal_attribute(telephony);
diff --git a/public/hal_rebootescrow.te b/public/hal_rebootescrow.te
new file mode 100644
index 0000000..4352630
--- /dev/null
+++ b/public/hal_rebootescrow.te
@@ -0,0 +1,7 @@
+# HwBinder IPC from client to server
+binder_call(hal_rebootescrow_client, hal_rebootescrow_server)
+
+add_service(hal_rebootescrow_server, hal_rebootescrow_service)
+binder_use(hal_rebootescrow_server)
+
+allow hal_rebootescrow_client hal_rebootescrow_service:service_manager find;
diff --git a/public/service.te b/public/service.te
index c025530..d9dee0f 100644
--- a/public/service.te
+++ b/public/service.te
@@ -197,6 +197,7 @@
 ### HAL Services
 ###
 
+type hal_rebootescrow_service, vendor_service, service_manager_type;
 type hal_vibrator_service, vendor_service, service_manager_type;
 
 ###
diff --git a/public/su.te b/public/su.te
index f76a2a8..fa32a4b 100644
--- a/public/su.te
+++ b/public/su.te
@@ -86,6 +86,7 @@
   typeattribute su hal_nfc_client;
   typeattribute su hal_oemlock_client;
   typeattribute su hal_power_client;
+  typeattribute su hal_rebootescrow_client;
   typeattribute su hal_secure_element_client;
   typeattribute su hal_sensors_client;
   typeattribute su hal_telephony_client;
diff --git a/vendor/hal_rebootescrow_default.te b/vendor/hal_rebootescrow_default.te
new file mode 100644
index 0000000..c264e49
--- /dev/null
+++ b/vendor/hal_rebootescrow_default.te
@@ -0,0 +1,5 @@
+type hal_rebootescrow_default, domain;
+hal_server_domain(hal_rebootescrow_default, hal_rebootescrow)
+
+type hal_rebootescrow_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_rebootescrow_default)