Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ddb1810a authored by Orlando Arbildo's avatar Orlando Arbildo Committed by Automerger Merge Worker
Browse files

Merge "trusty: utils: rpmb_dev: add wv secure storage init.rc" into main am: e4414f58 

Original change: https://android-review.googlesource.com/c/platform/system/core/+/3294774



Change-Id: Id83d066376194127a78d1ba7741b785d3db7158a
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents a11317c0 e4414f58

trusty/utils/rpmb_dev/Android.bp

+9 −0
Original line number Diff line number Diff line
@@ -49,3 +49,12 @@ cc_binary { 
        "rpmb_dev.system.rc",

    ],

}



cc_binary {

    name: "rpmb_dev.wv.system",

    defaults: ["rpmb_dev.cc_defaults"],

    system_ext_specific: true,

    init_rc: [

        "rpmb_dev.wv.system.rc",

    ],

}

trusty/utils/rpmb_dev/rpmb_dev.wv.system.rc

0 → 100644
+62 −0
Original line number Diff line number Diff line 
service storageproxyd_wv_system /system_ext/bin/storageproxyd.system \

        -d ${storageproxyd_wv_system.trusty_ipc_dev:-/dev/trusty-ipc-dev0} \

        -r /dev/socket/rpmb_mock_wv_system \

        -p /data/secure_storage_wv_system \

        -t sock

    disabled

    class hal

    user system

    group system



service rpmb_mock_init_wv_system /system_ext/bin/rpmb_dev.wv.system \

        --dev /mnt/secure_storage_rpmb_wv_system/persist/RPMB_DATA --init --size 2048

    disabled

    user system

    group system

    oneshot



service rpmb_mock_wv_system /system_ext/bin/rpmb_dev.wv.system \

        --dev /mnt/secure_storage_rpmb_wv_system/persist/RPMB_DATA \

        --sock rpmb_mock_wv_system

    disabled

    user system

    group system

    socket rpmb_mock_wv_system stream 660 system system



# storageproxyd

on boot && \

    property:trusty.widevine_vm.nonsecure_vm_ready=1 && \

    property:storageproxyd_wv_system.trusty_ipc_dev=*

    wait /dev/socket/rpmb_mock_wv_system

    enable storageproxyd_wv_system





# RPMB Mock

on early-boot && \

    property:ro.hardware.security.trusty.widevine_vm.system=1 && \

    property:trusty.widevine_vm.vm_cid=* && \

    property:ro.boot.vendor.apex.com.android.services.widevine=\

com.android.services.widevine.cf_guest_trusty_nonsecure

    # Create a persistent location for the RPMB data

    # (work around lack of RPMb block device on CF).

    # file contexts secure_storage_rpmb_system_file

    # (only used on Cuttlefish as this is non secure)

    mkdir /metadata/secure_storage_rpmb_wv_system 0770 system system

    mkdir /mnt/secure_storage_rpmb_wv_system 0770 system system

    symlink /metadata/secure_storage_rpmb_wv_system \

            /mnt/secure_storage_rpmb_wv_system/persist

    # Create a system persist directory in /metadata

    # (work around lack of dedicated system persist partition).

    # file contexts secure_storage_persist_system_file

    mkdir /metadata/secure_storage_persist_wv_system 0770 system system

    mkdir /mnt/secure_storage_persist_wv_system 0770 system system

    symlink /metadata/secure_storage_persist_wv_system \

            /mnt/secure_storage_persist_wv_system/persist

    # file contexts secure_storage_system_file

    mkdir /data/secure_storage_wv_system 0770 root system

    symlink /mnt/secure_storage_persist_wv_system/persist \

            /data/secure_storage_wv_system/persist

    chown root system /data/secure_storage_wv_system/persist

    setprop storageproxyd_wv_system.trusty_ipc_dev VSOCK:${trusty.widevine_vm.vm_cid}:1

    exec_start rpmb_mock_init_wv_system

    start rpmb_mock_wv_system