Loading trusty/keymaster/TrustyKeymaster.cpp +17 −0 Original line number Original line Diff line number Diff line Loading @@ -79,6 +79,16 @@ int TrustyKeymaster::Initialize(KmVersion version) { return -1; return -1; } } // Set the vendor patchlevel to value retrieved from system property (which // requires SELinux permission). ConfigureVendorPatchlevelRequest vendor_req(message_version()); vendor_req.vendor_patchlevel = GetVendorPatchlevel(); ConfigureVendorPatchlevelResponse vendor_rsp = ConfigureVendorPatchlevel(vendor_req); if (vendor_rsp.error != KM_ERROR_OK) { LOG(ERROR) << "Failed to configure keymaster vendor patchlevel: " << vendor_rsp.error; // Don't fail if this message isn't understood. } return 0; return 0; } } Loading Loading @@ -262,4 +272,11 @@ DeviceLockedResponse TrustyKeymaster::DeviceLocked(const DeviceLockedRequest& re return response; return response; } } ConfigureVendorPatchlevelResponse TrustyKeymaster::ConfigureVendorPatchlevel( const ConfigureVendorPatchlevelRequest& request) { ConfigureVendorPatchlevelResponse response(message_version()); ForwardCommand(KM_CONFIGURE_VENDOR_PATCHLEVEL, request, &response); return response; } } // namespace keymaster } // namespace keymaster trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h +2 −0 Original line number Original line Diff line number Diff line Loading @@ -64,6 +64,8 @@ class TrustyKeymaster { GetVersion2Response GetVersion2(const GetVersion2Request& request); GetVersion2Response GetVersion2(const GetVersion2Request& request); EarlyBootEndedResponse EarlyBootEnded(); EarlyBootEndedResponse EarlyBootEnded(); DeviceLockedResponse DeviceLocked(const DeviceLockedRequest& request); DeviceLockedResponse DeviceLocked(const DeviceLockedRequest& request); ConfigureVendorPatchlevelResponse ConfigureVendorPatchlevel( const ConfigureVendorPatchlevelRequest& request); uint32_t message_version() const { return message_version_; } uint32_t message_version() const { return message_version_; } Loading trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h +3 −1 Original line number Original line Diff line number Diff line Loading @@ -58,6 +58,7 @@ enum keymaster_command : uint32_t { KM_DEVICE_LOCKED = (30 << KEYMASTER_REQ_SHIFT), KM_DEVICE_LOCKED = (30 << KEYMASTER_REQ_SHIFT), KM_GENERATE_RKP_KEY = (31 << KEYMASTER_REQ_SHIFT), KM_GENERATE_RKP_KEY = (31 << KEYMASTER_REQ_SHIFT), KM_GENERATE_CSR = (32 << KEYMASTER_REQ_SHIFT), KM_GENERATE_CSR = (32 << KEYMASTER_REQ_SHIFT), KM_CONFIGURE_VENDOR_PATCHLEVEL = (33 << KEYMASTER_REQ_SHIFT), // Bootloader/provisioning calls. // Bootloader/provisioning calls. KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT), KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT), Loading @@ -71,7 +72,8 @@ enum keymaster_command : uint32_t { KM_SET_PRODUCT_ID = (0x9000 << KEYMASTER_REQ_SHIFT), KM_SET_PRODUCT_ID = (0x9000 << KEYMASTER_REQ_SHIFT), KM_CLEAR_ATTESTATION_CERT_CHAIN = (0xa000 << KEYMASTER_REQ_SHIFT), KM_CLEAR_ATTESTATION_CERT_CHAIN = (0xa000 << KEYMASTER_REQ_SHIFT), KM_SET_WRAPPED_ATTESTATION_KEY = (0xb000 << KEYMASTER_REQ_SHIFT), KM_SET_WRAPPED_ATTESTATION_KEY = (0xb000 << KEYMASTER_REQ_SHIFT), KM_SET_ATTESTATION_IDS = (0xc000 << KEYMASTER_REQ_SHIFT) KM_SET_ATTESTATION_IDS = (0xc000 << KEYMASTER_REQ_SHIFT), KM_CONFIGURE_BOOT_PATCHLEVEL = (0xd000 << KEYMASTER_REQ_SHIFT), }; }; #ifdef __ANDROID__ #ifdef __ANDROID__ Loading Loading
trusty/keymaster/TrustyKeymaster.cpp +17 −0 Original line number Original line Diff line number Diff line Loading @@ -79,6 +79,16 @@ int TrustyKeymaster::Initialize(KmVersion version) { return -1; return -1; } } // Set the vendor patchlevel to value retrieved from system property (which // requires SELinux permission). ConfigureVendorPatchlevelRequest vendor_req(message_version()); vendor_req.vendor_patchlevel = GetVendorPatchlevel(); ConfigureVendorPatchlevelResponse vendor_rsp = ConfigureVendorPatchlevel(vendor_req); if (vendor_rsp.error != KM_ERROR_OK) { LOG(ERROR) << "Failed to configure keymaster vendor patchlevel: " << vendor_rsp.error; // Don't fail if this message isn't understood. } return 0; return 0; } } Loading Loading @@ -262,4 +272,11 @@ DeviceLockedResponse TrustyKeymaster::DeviceLocked(const DeviceLockedRequest& re return response; return response; } } ConfigureVendorPatchlevelResponse TrustyKeymaster::ConfigureVendorPatchlevel( const ConfigureVendorPatchlevelRequest& request) { ConfigureVendorPatchlevelResponse response(message_version()); ForwardCommand(KM_CONFIGURE_VENDOR_PATCHLEVEL, request, &response); return response; } } // namespace keymaster } // namespace keymaster
trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h +2 −0 Original line number Original line Diff line number Diff line Loading @@ -64,6 +64,8 @@ class TrustyKeymaster { GetVersion2Response GetVersion2(const GetVersion2Request& request); GetVersion2Response GetVersion2(const GetVersion2Request& request); EarlyBootEndedResponse EarlyBootEnded(); EarlyBootEndedResponse EarlyBootEnded(); DeviceLockedResponse DeviceLocked(const DeviceLockedRequest& request); DeviceLockedResponse DeviceLocked(const DeviceLockedRequest& request); ConfigureVendorPatchlevelResponse ConfigureVendorPatchlevel( const ConfigureVendorPatchlevelRequest& request); uint32_t message_version() const { return message_version_; } uint32_t message_version() const { return message_version_; } Loading
trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h +3 −1 Original line number Original line Diff line number Diff line Loading @@ -58,6 +58,7 @@ enum keymaster_command : uint32_t { KM_DEVICE_LOCKED = (30 << KEYMASTER_REQ_SHIFT), KM_DEVICE_LOCKED = (30 << KEYMASTER_REQ_SHIFT), KM_GENERATE_RKP_KEY = (31 << KEYMASTER_REQ_SHIFT), KM_GENERATE_RKP_KEY = (31 << KEYMASTER_REQ_SHIFT), KM_GENERATE_CSR = (32 << KEYMASTER_REQ_SHIFT), KM_GENERATE_CSR = (32 << KEYMASTER_REQ_SHIFT), KM_CONFIGURE_VENDOR_PATCHLEVEL = (33 << KEYMASTER_REQ_SHIFT), // Bootloader/provisioning calls. // Bootloader/provisioning calls. KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT), KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT), Loading @@ -71,7 +72,8 @@ enum keymaster_command : uint32_t { KM_SET_PRODUCT_ID = (0x9000 << KEYMASTER_REQ_SHIFT), KM_SET_PRODUCT_ID = (0x9000 << KEYMASTER_REQ_SHIFT), KM_CLEAR_ATTESTATION_CERT_CHAIN = (0xa000 << KEYMASTER_REQ_SHIFT), KM_CLEAR_ATTESTATION_CERT_CHAIN = (0xa000 << KEYMASTER_REQ_SHIFT), KM_SET_WRAPPED_ATTESTATION_KEY = (0xb000 << KEYMASTER_REQ_SHIFT), KM_SET_WRAPPED_ATTESTATION_KEY = (0xb000 << KEYMASTER_REQ_SHIFT), KM_SET_ATTESTATION_IDS = (0xc000 << KEYMASTER_REQ_SHIFT) KM_SET_ATTESTATION_IDS = (0xc000 << KEYMASTER_REQ_SHIFT), KM_CONFIGURE_BOOT_PATCHLEVEL = (0xd000 << KEYMASTER_REQ_SHIFT), }; }; #ifdef __ANDROID__ #ifdef __ANDROID__ Loading
