hardware_interfaces

mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 11:36:00 +00:00

Author	SHA1	Message	Date
David Drysdale	da0b04ce83	KeyMint VTS tests for module hash feature Test: VtsAidlKeyMintTargetTest Bug: 369375199 Bug: 373446864 Bug: 373446999 Bug: 360941058 Change-Id: Iaca508f39be4d76d07ae4f7cf6e640466af78ae4	2024-11-12 15:50:35 +00:00
Seth Moore	d65b3820b5	Add Vikram as owner for RKP HAL and VTS Change-Id: Icc977023adfbbfead28fd06229de7201ca2e4d4b	2024-11-08 17:23:45 +00:00
David Drysdale	c2723cdea3	Merge "keygen test not generating the key for every iteration" into main	2024-11-06 10:40:29 +00:00
Karuna Wadhera	28e04e6221	Merge "Add module info AIDL changes and bump the KeyMint version" into main	2024-11-06 07:09:01 +00:00
Catherine Vlasov	c4f2acc76d	Expect SHA-256 digest for attested VBMeta digest on VSR-V+. Bug: 309963984 Bug: 376832222 Test: atest VtsAidlKeyMintTargetTest Change-Id: I99684cf16d84a08f607aceeb8f51d78d89e93511	2024-11-05 15:19:50 +00:00
Karuna Wadhera	866d2752a9	Add module info AIDL changes and bump the KeyMint version Bug: 369375199 Test: Manually checked that module info is added to the attestation when sent via IKeyMintDevice::setModuleInfo. (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ea426cbf2e0b3064adf090e4cd3d6932b02ae54d) Merged-In: Idb11823e6b65cf17d62ae8687febffee860565e3 Change-Id: Idb11823e6b65cf17d62ae8687febffee860565e3	2024-11-01 21:42:31 +00:00
Spandan Das	db67f303f4	Do not install android.hardware.hardware_keystore.xml outside apex `android.hardware.security.keymint-service.nonsecure` is part of `com.android.hardware.keymint.rust_nonsecure` apex. However, listing android.hardware.hardware_keystore.xml in `required` of the binary installs two copies of this permission file on device - one inside the apex, and another it the /vendor/etc/permission (outside the apex). With this CL, the latter will no longer be installed. This CL is motivated by having the vendor.img building with soong as part of mk->bp migration. Test: m com.android.hardware.keymint.rust_nonsecure Test: deapexer list out/target/product/vsoc_x86_64/vendor/apex/com.android.hardware.keymint.rust_nonsecure.apex # verified that etc/permissions/android.hardware.hardware_keystore.xml is present Bug: 374371755 Bug: 376110962 Change-Id: I15ba92c81296f869277940767ff3a76c28214c18	2024-10-31 22:33:03 +00:00
A. Cody Schuffelen	abed683f94	Reapply "Use platform security domains in keymint/gatekeeper sepolicy" This reverts commit `82e13c4269`. Bug: b/374158137 Change-Id: I7e689444d2bd4a41e0b987e163ef0e97f161ac47 Test: with other changes in topic	2024-10-28 16:39:09 -07:00
Treehugger Robot	739d98c811	Merge "[rkp_factory_tool] enforce the presence of UDS certs" into main	2024-10-28 20:21:13 +00:00
suryaprakash.konduru	87b6dc0a88	keygen test not generating the key for every iteration key_transform field not being reset during DeleteKey() causing keygen test to skip the key generation. Bug: 375151780 Test: VtsAidlKeyMintBenchmarkTest Change-Id: I10428dc9f84831a44917fb180d16bb97e2db2257	2024-10-24 00:07:53 +05:30
Karuna Wadhera	0905f6eef4	Merge "Add versioned libkeymint_support" into main	2024-10-23 16:50:30 +00:00
Karuna Wadhera	c42a2a6862	Add versioned libkeymint_support Bug: 369375199 Test: Treehugger Change-Id: I5eab3a222aeba26640c3d03e52242ee5c2c2b277	2024-10-23 04:29:37 +00:00
Priyanka Advani (xWF)	6c01282b0f	Merge "Revert "Use platform security domains in keymint/gatekeeper sepolicy"" into main	2024-10-23 01:01:46 +00:00
Priyanka Advani (xWF)	82e13c4269	Revert "Use platform security domains in keymint/gatekeeper sepolicy" Revert submission 3312283-2024-10-18-schuffelen-sepolicy Reason for revert: Droidmonitor created revert due to b/375059051. Will be verifying through ABTD before submission. Reverted changes: /q/submissionid:3312283-2024-10-18-schuffelen-sepolicy Change-Id: Icebd34eb9e2941a6480d9943986a104cc5249729	2024-10-22 23:51:23 +00:00
Sean Thomas	e2307105fc	[rkp_factory_tool] enforce the presence of UDS certs add a flag to verifyFactoryCsr that enforces the presence of UDS certs in the presented CSR Bug: 366147625 Test: m rkp_factory_extraction_tool Test: m librkp_factory_extraction_test Test: m libkeymint_remote_prov_support_test Test: atest system/security/provisioner Test: atest hardware/interfaces/security/keymint/support Change-Id: I1b6c85b858d76b1ea418400342c89553cbd4bc1d	2024-10-22 21:53:29 +00:00
Roman Kiryanov	c1136a5b92	Merge "Use platform security domains in keymint/gatekeeper sepolicy" into main	2024-10-22 20:07:34 +00:00
Treehugger Robot	094b92841f	Merge "Add proposed trendy teams for VTS modules" into main	2024-10-22 16:17:21 +00:00
Seth Moore	c6f1566d93	Merge "Add UDS certificate requirements to RKP docs" into main	2024-10-21 17:05:31 +00:00
Treehugger Robot	362843c8c5	Merge "[vts] Verify RKP VM DICE chain in IRPC VTS" into main	2024-10-18 19:11:25 +00:00
Seth Moore	628e2ea664	Add UDS certificate requirements to RKP docs Add a section to the RKP README that describes the requirements for UDS certificates. Change-Id: Id1dac4f20495a25792c5f0e4c601433b26c82297	2024-10-18 18:51:01 +00:00
A. Cody Schuffelen	580ae4e9b8	Use platform security domains in keymint/gatekeeper sepolicy ... rather than Cuttlefish sepolicy. Issue reported by rkir@. Bug: b/374158137 Test: cvd create Change-Id: I7522187100e4c8ec94aade5f3cb791087900f7e0	2024-10-17 14:01:23 -07:00
Alice Wang	f112ec92ee	[vts] Verify RKP VM DICE chain in IRPC VTS This cl adds verifications to the IRPC VTS to check that: - RKP VM DICE chains have a continuous presence of RKP VM markers till the last DICE certificate. - Non-RKP VM DICE chains do not have such continuous presence of RKP VM markers. Test: atest VtsHalRemotelyProvisionedComponentTargetTest Test: atest libkeymint_remote_prov_support_test Bug: 314128697 Change-Id: Ib966b4bd584f1f931b7f19b4b58a1a37b5266f5e	2024-10-15 08:22:12 +00:00
Treehugger Robot	78b668e4a9	Merge "Add frozen: true\|false to all AOSP HALs that don't have frozen" into main	2024-10-14 22:55:12 +00:00
Yihan Dong	8c111de52b	Add proposed trendy teams for VTS modules Change-Id: Iedaa3412d58aa501a8ecdeceb9f87e2473f3b422 Test: build locally Bug: 368362374	2024-10-12 08:59:17 +00:00
David Drysdale	7b05efd13f	KeyMint: coalesce device ID failure code Test: VtsAidlKeyMintTargetTest Change-Id: I7c94af96010f5c5f708f54bf02e0f85a96cece3f	2024-10-10 18:19:51 +01:00
Treehugger Robot	876f8b4392	Merge "Explicitly include libhardware_header for vendors" into main	2024-09-30 09:25:16 +00:00
Abdelrahman Daim	7c60a7a0cb	Explicitly include libhardware_header for vendors Summary: This seems to be not implicit when building vendor, so it's now necessary to explicitly include. Test: Succesful build on master Change-Id: Ie9720a3ae4c9f94210bc34c60d14756c7d0cf56f Signed-off-by: Abdelrahman Daim <adaim@meta.com>	2024-09-27 07:47:17 -07:00
Seth Moore	95b0e8beac	Replace "UDS_Public" with "UDS_Pub" for consistency Change-Id: I0d331abb7e538ac4c7e8cc966653aac38c0190d6	2024-09-18 16:24:00 +00:00
Devin Moore	33ae251c82	Add frozen: true\|false to all AOSP HALs that don't have frozen This is to prepare for enforcing a requirement of always having frozen specified. Test: m Bug: 366292468 Change-Id: I2f26eb96a3a5a4ac279f665b9866bbfddbd8c496	2024-09-16 22:15:45 +00:00
Treehugger Robot	fd6b994b9d	Merge "Remove trong@ from OWNERS" into main	2024-09-12 17:22:47 +00:00
Max Bires	6347dd5742	Remove trong@ from OWNERS Cleaning up the OWNERS file for those who are no longer on the team. Test: The ghost of trong@'s account cannot approve changes in this repository Change-Id: Ib777c16b53691f82de5bea33bd3cc363a8720982 Change-Id: I6c2bcdbfc6177b5d8e9416a5b93edf7e5e8a2b5b	2024-09-12 15:23:31 +00:00
Karuna Wadhera	e2346b7a13	Merge "Revert "Revert "Optionally (dis)allow degenerate DICE chains in ..."" into main	2024-09-11 13:06:14 +00:00
Karuna Wadhera	6a0dd7014d	Revert "Revert "Optionally (dis)allow degenerate DICE chains in ..." Revert submission 3260534-revert-3254876-disallow_degenerate_chains-RZRFZAKDEJ Reason for revert: Breakage fixed Reverted changes: /q/submissionid:3260534-revert-3254876-disallow_degenerate_chains-RZRFZAKDEJ Change-Id: I972b9b0cae932cc39be3f8d44ac59f82e878ca53	2024-09-10 22:41:53 +00:00
Tommy Chiu	b501642820	Correct the UDS_pub source The UDS_pub is supposed to be the first element of DiceCertChain according to generateCertificateRequestV2.cddl. Bug: 365711214 Test: rkp_factory_extraction_tool Change-Id: I454a99058d92ce9743810a9334c7ccacccc694e0	2024-09-10 10:15:47 +00:00
Priyanka Advani (xWF)	704df56108	Merge "Revert "Optionally (dis)allow degenerate DICE chains in verifyCsr"" into main	2024-09-09 20:57:18 +00:00
Priyanka Advani (xWF)	ebc265f0bc	Revert "Optionally (dis)allow degenerate DICE chains in verifyCsr" Revert submission 3254876-disallow_degenerate_chains Reason for revert: Droidmonitor created revert due to b/365592588. Reverted changes: /q/submissionid:3254876-disallow_degenerate_chains Change-Id: I31f78d6c708f34f0a6fe9f54daef82981a91ac8f	2024-09-09 20:44:24 +00:00
Karuna Wadhera	f3d44a7bac	Merge "Optionally (dis)allow degenerate DICE chains in verifyCsr" into main	2024-09-09 18:18:27 +00:00
Karuna Wadhera	39de0cb35b	Optionally (dis)allow degenerate DICE chains in verifyCsr Bug: 323246910 Test: atest libkeymint_remote_prov_support_test & manual testing of `rkp_factory_extraction_tool` with/without `allow_degenerate=false` on a device with a degenerate DICE chain Change-Id: Ia1833c0bb6a895ae5b8aefea24850a41cf956f38	2024-09-06 19:10:04 +00:00
Kiyoung Kim	4a518d2e1e	Reapply "Define vintf_fragments as modules" Previous commit was reverted as it removed wifi vintf fragment from devices, which was caused by 'no_full_install' property from vintf_fragment module. This change relands the change, with removing no_full_install property from the vintf_fragment module Bug: 322089980 Test: aosp_cf_x86_64_phone build succeeded Test: mokey_go32 build contains /vendor/etc/vintf/manifest/android.hardware.wifi.supplicant.xml file Change-Id: I523ce570068b180805b65f984a0d6def0612db87	2024-09-04 15:55:29 +09:00
Treehugger Robot	bee59e3b47	Merge "Revert "Define vintf_fragments as modules"" into main	2024-08-30 15:58:23 +00:00
Greg Kaiser	3892274102	Revert "Define vintf_fragments as modules" This reverts commit `cf0a2dd5b0`. Reason for revert: b/363215494, breaks WiFi for at least some devices Change-Id: I5137957087dde51c0049416404f410f53dd912f3	2024-08-30 14:07:37 +00:00
Kiyoung Kim	71af7d2bfe	Merge "Define vintf_fragments as modules" into main	2024-08-30 08:26:49 +00:00
Karuna Wadhera	69a761318f	Merge "Pass in allow_any_mode when verifying DICE chains" into main	2024-08-28 14:03:19 +00:00
Pranav Garg (xWF)	f74d274807	Fixing isDeviceIdAttestationRequired to require both cases instead of just one Bug: 356536705 Change-Id: I15326e68fc2ea1ce9a2dfbe7498790900ebb43e4	2024-08-27 18:36:15 +00:00
Karuna Wadhera	eabdb6edf0	Update getDiceChainKind for VSR >15 Bug: 346861728 Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I8698663c29c8d91e7b39ca02e588b87377356363	2024-08-26 12:25:04 +00:00
Karuna Wadhera	ca6d8cce51	Pass in allow_any_mode when verifying DICE chains 1. allow_any_mode is set as true when the VM RKP instance is being tested (since the bootloader is unlocked for VTS tests and therefore the VM DICE chain will necessarily have at least one non-normal mode.) 2. allow_any_mode is set as true for non-user type builds. Bug: 318483637 Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I15ec3ad32f08eecd8478df14f8efa71fdb0b5d08	2024-08-22 18:48:58 +00:00
Yi Kong	99df7ced5d	security: Remove unnecessary std::move Moving a temporary object prevents copy elision, and could reduce performance. This fixes -Wpessimizing-move compiler warning. Test: presubmit Bug: 154270751 Change-Id: I378f1b9029f1a0711728ff14e4071263ad330504	2024-08-14 01:56:18 +08:00
Kiyoung Kim	cf0a2dd5b0	Define vintf_fragments as modules Define vintf_fragments as modules if the file is shared among multiple modules to avoid any conflicts. Bug: 322089980 Test: aosp_cf_x86_64_phone build succeeded Change-Id: I1d00623e3e6da6bb787a152d81eb94822153388f	2024-08-12 15:31:10 +09:00
Tommy Chiu	2027a9b597	Update the UdsCertChain comment to reflect the latest recommendation. Bug: 331136391 Test: comment update only Change-Id: I72f45c85d106d87fcd4c56d4c4fa86eb1af8f5a7	2024-08-07 07:10:57 +08:00
Karuna Wadhera	550caafbfd	Merge "Amend tests on GSI that rely on RKP-only props" into main	2024-07-17 14:28:45 +00:00

1 2 3 4 5 ...

1139 Commits