Support Resume on Reboot When an OTA is downloaded, the RecoverySystem can be triggered to store the user's lock screen knowledge factor in a secure way using the IRebootEscrow HAL. This will allow the credential encrypted (CE) storage, keymaster credentials, and possibly others to be unlocked when the device reboots after an OTA. Bug: 63928581 Test: make Test: boot emulator with default implementation Test: boot Pixel 4 with default implementation Change-Id: I1f02e7a502478715fd642049da01eb0c01d112f6

commit: 76ea325a3de506110a5308be51c0c48ac305c09e [log] [tgz]
author: Kenny Root <kroot@google.com> Tue Dec 03 16:55:43 2019 -0800
committer: Kenny Root <kroot@google.com> Mon Dec 09 14:25:04 2019 -0800
tree: 1cec3b0bf5378e5f754ac6b406ac0bdb76132c64
parent: 8f079fb0e2c094232c9354f24d7d28f46793a50b [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index 5544279..fe1cc42 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -222,6 +222,7 @@
 hal_client_domain(system_server, hal_omx)
 hal_client_domain(system_server, hal_power)
 hal_client_domain(system_server, hal_power_stats)
+hal_client_domain(system_server, hal_rebootescrow)
 hal_client_domain(system_server, hal_sensors)
 hal_client_domain(system_server, hal_tetheroffload)
 hal_client_domain(system_server, hal_thermal)
commit	76ea325a3de506110a5308be51c0c48ac305c09e	[log] [tgz]
author	Kenny Root <kroot@google.com>	Tue Dec 03 16:55:43 2019 -0800
committer	Kenny Root <kroot@google.com>	Mon Dec 09 14:25:04 2019 -0800
tree	1cec3b0bf5378e5f754ac6b406ac0bdb76132c64
parent	8f079fb0e2c094232c9354f24d7d28f46793a50b [diff] [blame]