Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 344e9725 authored by Treehugger Robot's avatar Treehugger Robot Committed by Automerger Merge Worker
Browse files

Merge "The implementation of vts and default implementation to support... 

Merge "The implementation of vts and default implementation to support ISecureClock and ISharedSecret AIDLs. Test: atest VtsAidlSecureClockTargetTest, atest VtsAidlSharedSecretTargetTest Bug: b/175136979, b/175141176" am: 9717a37b am: 9abd32b6

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1562810

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I650c5d1ebc6bd1f1d9f85f4cdd70233c96f879c7
parents f05dcc4c 9abd32b6

security/keymint/aidl/default/Android.bp

+7 −1
Original line number Diff line number Diff line
@@ -2,7 +2,11 @@ cc_binary { 
    name: "android.hardware.security.keymint-service",

    relative_install_path: "hw",

    init_rc: ["android.hardware.security.keymint-service.rc"],

    vintf_fragments: ["android.hardware.security.keymint-service.xml"],

    vintf_fragments: [

        "android.hardware.security.keymint-service.xml",

        "android.hardware.security.sharedsecret-service.xml",

        "android.hardware.security.secureclock-service.xml",

    ],

    vendor: true,

    cflags: [

        "-Wall",
@@ -10,6 +14,8 @@ cc_binary { 
    ],

    shared_libs: [

        "android.hardware.security.keymint-V1-ndk_platform",

        "android.hardware.security.sharedsecret-unstable-ndk_platform",

        "android.hardware.security.secureclock-unstable-ndk_platform",

        "libbase",

        "libbinder_ndk",

        "libcppbor",

security/keymint/aidl/default/android.hardware.security.secureclock-service.xml

0 → 100644
+6 −0
Original line number Diff line number Diff line 
<manifest version="1.0" type="device">

    <hal format="aidl">

        <name>android.hardware.security.secureclock</name>

        <fqname>ISecureClock/default</fqname>

    </hal>

</manifest>

security/keymint/aidl/default/android.hardware.security.sharedsecret-service.xml

0 → 100644
+6 −0
Original line number Diff line number Diff line 
<manifest version="1.0" type="device">

    <hal format="aidl">

        <name>android.hardware.security.sharedsecret</name>

        <fqname>ISharedSecret/default</fqname>

    </hal>

</manifest>

security/keymint/aidl/default/service.cpp

+22 −9
Original line number Diff line number Diff line
@@ -21,25 +21,38 @@ 
#include <android/binder_process.h>



#include <AndroidKeyMintDevice.h>

#include <AndroidSecureClock.h>

#include <AndroidSharedSecret.h>

#include <keymaster/soft_keymaster_logger.h>



using aidl::android::hardware::security::keymint::AndroidKeyMintDevice;

using aidl::android::hardware::security::keymint::SecurityLevel;

using aidl::android::hardware::security::secureclock::AndroidSecureClock;

using aidl::android::hardware::security::sharedsecret::AndroidSharedSecret;



template <typename T, class... Args>

std::shared_ptr<T> addService(Args&&... args) {

    std::shared_ptr<T> ser = ndk::SharedRefBase::make<T>(std::forward<Args>(args)...);

    auto instanceName = std::string(T::descriptor) + "/default";

    LOG(INFO) << "adding keymint service instance: " << instanceName;

    binder_status_t status =

            AServiceManager_addService(ser->asBinder().get(), instanceName.c_str());

    CHECK(status == STATUS_OK);

    return ser;

}



int main() {

    // Zero threads seems like a useless pool, but below we'll join this thread to it, increasing

    // the pool size to 1.

    ABinderProcess_setThreadPoolMaxThreadCount(0);

    std::shared_ptr<AndroidKeyMintDevice> keyMint =

            ndk::SharedRefBase::make<AndroidKeyMintDevice>(SecurityLevel::SOFTWARE);



    keymaster::SoftKeymasterLogger logger;

    const auto instanceName = std::string(AndroidKeyMintDevice::descriptor) + "/default";

    LOG(INFO) << "instance: " << instanceName;

    binder_status_t status =

            AServiceManager_addService(keyMint->asBinder().get(), instanceName.c_str());

    CHECK(status == STATUS_OK);



    // Add Keymint Service

    std::shared_ptr<AndroidKeyMintDevice> keyMint =

            addService<AndroidKeyMintDevice>(SecurityLevel::SOFTWARE);

    // Add Secure Clock Service

    addService<AndroidSecureClock>(keyMint);

    // Add Shared Secret Service

    addService<AndroidSharedSecret>(keyMint);

    ABinderProcess_joinThreadPool();

    return EXIT_FAILURE;  // should not reach

}

security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/ISecureClock.aidl

+15 −2
Original line number Diff line number Diff line 
///////////////////////////////////////////////////////////////////////////////

/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * limitations under the License.

 *////////////////////////////////////////////////////////////////////////////////

// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //

///////////////////////////////////////////////////////////////////////////////
@@ -20,5 +33,5 @@ package android.hardware.security.secureclock; 
@VintfStability

interface ISecureClock {

  android.hardware.security.secureclock.TimeStampToken generateTimeStamp(in long challenge);

  const String TIME_STAMP_MAC_LABEL = "Time Verification";

  const String TIME_STAMP_MAC_LABEL = "Auth Verification";

}