Loading trusty/storage/interface/Android.bp +2 −1 Original line number Diff line number Diff line Loading @@ -20,6 +20,7 @@ package { cc_library_static { name: "libtrustystorageinterface", vendor: true, vendor_available: true, system_ext_specific: true, export_include_dirs: ["include"], } trusty/storage/proxy/Android.bp +16 −10 Original line number Diff line number Diff line Loading @@ -18,10 +18,8 @@ package { default_applicable_licenses: ["Android-Apache-2.0"], } cc_binary { name: "storageproxyd", vendor: true, cc_defaults { name: "storageproxyd.defaults", srcs: [ "checkpoint_handling.cpp", "ipc.c", Loading @@ -47,14 +45,22 @@ cc_binary { "libtrustystorageinterface", "libtrusty", ], target: { vendor: { // vendor variant requires this flag cflags: ["-DVENDOR_FS_READY_PROPERTY"], }, }, cflags: [ "-Wall", "-Werror", ], } cc_binary { name: "storageproxyd", defaults: ["storageproxyd.defaults"], vendor: true, // vendor variant requires this flag cflags: ["-DVENDOR_FS_READY_PROPERTY"], } cc_binary { name: "storageproxyd.system", defaults: ["storageproxyd.defaults"], system_ext_specific: true, } trusty/trusty-storage-cf.mk 0 → 100644 +25 −0 Original line number Diff line number Diff line # # Copyright (C) 2024 The Android Open-Source Project # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # # This makefile should be included by the cuttlefish device # when enabling the Trusty VM to pull in the baseline set # of storage specific modules PRODUCT_PACKAGES += \ storageproxyd.system \ rpmb_dev.system \ trusty/utils/rpmb_dev/Android.bp +18 −5 Original line number Diff line number Diff line Loading @@ -15,11 +15,8 @@ package { default_applicable_licenses: ["Android-Apache-2.0"], } cc_binary { name: "rpmb_dev", vendor: true, host_supported: true, cc_defaults { name: "rpmb_dev.cc_defaults", srcs: [ "rpmb_dev.c", ], Loading @@ -32,7 +29,23 @@ cc_binary { "-Wall", "-Werror", ], } cc_binary { name: "rpmb_dev", defaults: ["rpmb_dev.cc_defaults"], vendor: true, host_supported: true, init_rc: [ "rpmb_dev.rc", ], } cc_binary { name: "rpmb_dev.system", defaults: ["rpmb_dev.cc_defaults"], system_ext_specific: true, init_rc: [ "rpmb_dev.system.rc", ], } trusty/utils/rpmb_dev/rpmb_dev.system.rc 0 → 100644 +64 −0 Original line number Diff line number Diff line service storageproxyd_system /system_ext/bin/storageproxyd.system \ -d ${storageproxyd_system.trusty_ipc_dev:-/dev/trusty-ipc-dev0} \ -r /dev/socket/rpmb_mock_system \ -p /data/secure_storage_system \ -t sock disabled user system group system service rpmb_mock_init_system /system_ext/bin/rpmb_dev.system \ --dev /mnt/secure_storage_rpmb_system/persist/RPMB_DATA --init --size 2048 disabled user system group system oneshot service rpmb_mock_system /system_ext/bin/rpmb_dev.system \ --dev /mnt/secure_storage_rpmb_system/persist/RPMB_DATA \ --sock rpmb_mock_system disabled user system group system socket rpmb_mock_system stream 660 system system # storageproxyd on late-fs && \ property:trusty_vm_system_nonsecure.ready=1 && \ property:storageproxyd_system.trusty_ipc_dev=* wait /dev/socket/rpmb_mock_system start storageproxyd_system # RPMB Mock on post-fs && \ property:trusty_vm_system_nonsecure.ready=1 && \ property:trusty_vm_system.vm_cid=* # Create a persistent location for the RPMB data # (work around lack of RPMb block device on CF). # file contexts secure_storage_rpmb_system_file # (only used on Cuttlefish as this is non secure) mkdir /metadata/secure_storage_rpmb_system 0770 system system mkdir /mnt/secure_storage_rpmb_system 0770 system system symlink /metadata/secure_storage_rpmb_system \ /mnt/secure_storage_rpmb_system/persist # Create a system persist directory in /metadata # (work around lack of dedicated system persist partition). # file contexts secure_storage_persist_system_file mkdir /metadata/secure_storage_persist_system 0770 system system mkdir /mnt/secure_storage_persist_system 0770 system system symlink /metadata/secure_storage_persist_system \ /mnt/secure_storage_persist_system/persist setprop storageproxyd_system.trusty_ipc_dev VSOCK:${trusty_vm_system.vm_cid}:1 exec_start rpmb_mock_init_system start rpmb_mock_system on post-fs-data && \ property:trusty_vm_system_nonsecure.ready=1 && \ property:storageproxyd_system.trusty_ipc_dev=* # file contexts secure_storage_system_file mkdir /data/secure_storage_system 0770 root system symlink /mnt/secure_storage_persist_system/persist \ /data/secure_storage_system/persist chown root system /data/secure_storage_system/persist restart storageproxyd_system Loading
trusty/storage/interface/Android.bp +2 −1 Original line number Diff line number Diff line Loading @@ -20,6 +20,7 @@ package { cc_library_static { name: "libtrustystorageinterface", vendor: true, vendor_available: true, system_ext_specific: true, export_include_dirs: ["include"], }
trusty/storage/proxy/Android.bp +16 −10 Original line number Diff line number Diff line Loading @@ -18,10 +18,8 @@ package { default_applicable_licenses: ["Android-Apache-2.0"], } cc_binary { name: "storageproxyd", vendor: true, cc_defaults { name: "storageproxyd.defaults", srcs: [ "checkpoint_handling.cpp", "ipc.c", Loading @@ -47,14 +45,22 @@ cc_binary { "libtrustystorageinterface", "libtrusty", ], target: { vendor: { // vendor variant requires this flag cflags: ["-DVENDOR_FS_READY_PROPERTY"], }, }, cflags: [ "-Wall", "-Werror", ], } cc_binary { name: "storageproxyd", defaults: ["storageproxyd.defaults"], vendor: true, // vendor variant requires this flag cflags: ["-DVENDOR_FS_READY_PROPERTY"], } cc_binary { name: "storageproxyd.system", defaults: ["storageproxyd.defaults"], system_ext_specific: true, }
trusty/trusty-storage-cf.mk 0 → 100644 +25 −0 Original line number Diff line number Diff line # # Copyright (C) 2024 The Android Open-Source Project # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # # This makefile should be included by the cuttlefish device # when enabling the Trusty VM to pull in the baseline set # of storage specific modules PRODUCT_PACKAGES += \ storageproxyd.system \ rpmb_dev.system \
trusty/utils/rpmb_dev/Android.bp +18 −5 Original line number Diff line number Diff line Loading @@ -15,11 +15,8 @@ package { default_applicable_licenses: ["Android-Apache-2.0"], } cc_binary { name: "rpmb_dev", vendor: true, host_supported: true, cc_defaults { name: "rpmb_dev.cc_defaults", srcs: [ "rpmb_dev.c", ], Loading @@ -32,7 +29,23 @@ cc_binary { "-Wall", "-Werror", ], } cc_binary { name: "rpmb_dev", defaults: ["rpmb_dev.cc_defaults"], vendor: true, host_supported: true, init_rc: [ "rpmb_dev.rc", ], } cc_binary { name: "rpmb_dev.system", defaults: ["rpmb_dev.cc_defaults"], system_ext_specific: true, init_rc: [ "rpmb_dev.system.rc", ], }
trusty/utils/rpmb_dev/rpmb_dev.system.rc 0 → 100644 +64 −0 Original line number Diff line number Diff line service storageproxyd_system /system_ext/bin/storageproxyd.system \ -d ${storageproxyd_system.trusty_ipc_dev:-/dev/trusty-ipc-dev0} \ -r /dev/socket/rpmb_mock_system \ -p /data/secure_storage_system \ -t sock disabled user system group system service rpmb_mock_init_system /system_ext/bin/rpmb_dev.system \ --dev /mnt/secure_storage_rpmb_system/persist/RPMB_DATA --init --size 2048 disabled user system group system oneshot service rpmb_mock_system /system_ext/bin/rpmb_dev.system \ --dev /mnt/secure_storage_rpmb_system/persist/RPMB_DATA \ --sock rpmb_mock_system disabled user system group system socket rpmb_mock_system stream 660 system system # storageproxyd on late-fs && \ property:trusty_vm_system_nonsecure.ready=1 && \ property:storageproxyd_system.trusty_ipc_dev=* wait /dev/socket/rpmb_mock_system start storageproxyd_system # RPMB Mock on post-fs && \ property:trusty_vm_system_nonsecure.ready=1 && \ property:trusty_vm_system.vm_cid=* # Create a persistent location for the RPMB data # (work around lack of RPMb block device on CF). # file contexts secure_storage_rpmb_system_file # (only used on Cuttlefish as this is non secure) mkdir /metadata/secure_storage_rpmb_system 0770 system system mkdir /mnt/secure_storage_rpmb_system 0770 system system symlink /metadata/secure_storage_rpmb_system \ /mnt/secure_storage_rpmb_system/persist # Create a system persist directory in /metadata # (work around lack of dedicated system persist partition). # file contexts secure_storage_persist_system_file mkdir /metadata/secure_storage_persist_system 0770 system system mkdir /mnt/secure_storage_persist_system 0770 system system symlink /metadata/secure_storage_persist_system \ /mnt/secure_storage_persist_system/persist setprop storageproxyd_system.trusty_ipc_dev VSOCK:${trusty_vm_system.vm_cid}:1 exec_start rpmb_mock_init_system start rpmb_mock_system on post-fs-data && \ property:trusty_vm_system_nonsecure.ready=1 && \ property:storageproxyd_system.trusty_ipc_dev=* # file contexts secure_storage_system_file mkdir /data/secure_storage_system 0770 root system symlink /mnt/secure_storage_persist_system/persist \ /data/secure_storage_system/persist chown root system /data/secure_storage_system/persist restart storageproxyd_system
