Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 895ba8bd authored by A. Cody Schuffelen's avatar A. Cody Schuffelen
Browse files

Package the rust_nonsecure keymint default HAL in an APEX 

This will make it easier to swap in and out with the Cuttlefish remote
implementation.

Bug: 331474817
Test: m com.android.hardware.keymint.rust_nonsecure
Change-Id: I0e9a350b62a90ef6126db109195e19b4181d0cf8
parent c523f768

security/keymint/aidl/default/Android.bp

+42 −0
Original line number Diff line number Diff line
@@ -115,5 +115,47 @@ rust_library { 
        "libkmr_wire",

    ],

    srcs: ["ta/lib.rs"],

}



apex {

    name: "com.android.hardware.keymint.rust_nonsecure",

    manifest: "manifest.json",

    file_contexts: "file_contexts",

    key: "com.google.cf.apex.key",

    certificate: ":com.android.hardware.certificate",

    soc_specific: true,

    updatable: false,

    binaries: [

        "android.hardware.security.keymint-service.nonsecure",

    ],

    prebuilts: [

        "keymint_aidl_nonsecure_init_rc",

        "keymint_aidl_nonsecure_vintf",

        "android.hardware.hardware_keystore.xml", // permissions

    ],

}



prebuilt_etc {

    name: "keymint_aidl_nonsecure_init_rc",

    filename_from_src: true,

    vendor: true,

    src: ":gen-keymint_aidl_nonsecure_init_rc",

}



genrule {

    name: "gen-keymint_aidl_nonsecure_init_rc",

    srcs: ["android.hardware.security.keymint-service.nonsecure.rc"],

    out: ["android.hardware.security.keymint-service.nonsecure.apex.rc"],

    cmd: "sed -E 's%/vendor/bin/%/apex/com.android.hardware.keymint/bin/%' $(in) > $(out)",

}



prebuilt_etc {

    name: "keymint_aidl_nonsecure_vintf",

    sub_dir: "vintf",

    vendor: true,

    srcs: [

        "android.hardware.security.keymint-service.xml",

        "android.hardware.security.sharedsecret-service.xml",

        "android.hardware.security.secureclock-service.xml",

    ],

}

security/keymint/aidl/default/file_contexts

0 → 100644
+3 −0
Original line number Diff line number Diff line 
(/.*)?                                                           u:object_r:vendor_file:s0

/etc(/.*)?                                                       u:object_r:vendor_configs_file:s0

/bin/hw/android\.hardware\.security\.keymint-service\.nonsecure  u:object_r:hal_keymint_rust_exec:s0

security/keymint/aidl/default/manifest.json

0 → 100644
+5 −0
Original line number Diff line number Diff line 
{

    "name": "com.android.hardware.keymint",

    "version": 1,

    "vendorBootstrap": true

}