From 3a99f0fba1dd93dc733d5e9c14c32fa436c0cefe Mon Sep 17 00:00:00 2001
From: Matthew Maurer <mmaurer@google.com>
Date: Thu, 7 Mar 2019 17:01:23 -0800
Subject: Enable Trusty Gatekeeper 1.0 and Keymaster 3.0

Activates both services, and installs VTS to allow for testing them.

Fails one subtest of keymaster@3.0 VTS at the moment, but so does the
default emulator, so this is either a bug in system/keymaster or VTS.

Bug: 127700127
Test: VTS for gatekeeper@1.0, VTS for keymaster@3.0
Change-Id: I53a901c090dd5cbaddab0d430e28f9b7de8dda89
---
 BoardConfig.mk         |   5 +-
 manifest.xml           | 206 +++++++++++++++++++++++++++++++++++++++++++++++++
 qemu_trusty_base.mk    |   5 ++
 sepolicy/file_contexts |   2 +
 4 files changed, 217 insertions(+), 1 deletion(-)
 create mode 100644 manifest.xml

diff --git a/BoardConfig.mk b/BoardConfig.mk
index 50a330f..6fcb5c4 100644
--- a/BoardConfig.mk
+++ b/BoardConfig.mk
@@ -37,7 +37,7 @@ BUILD_QEMU_IMAGES := true
 
 TARGET_USERIMAGES_USE_EXT4 := true
 BOARD_SYSTEMIMAGE_PARTITION_SIZE := 268435456 # 256M
-BOARD_USERDATAIMAGE_PARTITION_SIZE := 4194304 # 4M
+BOARD_USERDATAIMAGE_PARTITION_SIZE := 67108864 # 64M
 TARGET_COPY_OUT_VENDOR := vendor
 # ~100 MB vendor image. Please adjust system image / vendor image sizes
 # when finalizing them.
@@ -53,3 +53,6 @@ BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
 # Enable A/B update
 TARGET_NO_RECOVERY := true
 BOARD_BUILD_SYSTEM_ROOT_IMAGE := true
+
+# Specify HALs
+DEVICE_MANIFEST_FILE := device/generic/trusty/manifest.xml
diff --git a/manifest.xml b/manifest.xml
new file mode 100644
index 0000000..26d4b3d
--- /dev/null
+++ b/manifest.xml
@@ -0,0 +1,206 @@
+<manifest version="1.0" type="device" target-level="3">
+    <hal format="hidl">
+        <name>android.hardware.drm</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>ICryptoFactory</name>
+            <instance>default</instance>
+        </interface>
+        <interface>
+            <name>IDrmFactory</name>
+            <instance>default</instance>
+        </interface>
+        <fqname>@1.1::ICryptoFactory/clearkey</fqname>
+        <fqname>@1.1::IDrmFactory/clearkey</fqname>
+        <fqname>@1.1::ICryptoFactory/widevine</fqname>
+        <fqname>@1.1::IDrmFactory/widevine</fqname>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.audio.effect</name>
+        <transport>hwbinder</transport>
+        <version>4.0</version>
+        <interface>
+            <name>IEffectsFactory</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.biometrics.fingerprint</name>
+        <transport>hwbinder</transport>
+        <version>2.1</version>
+        <interface>
+            <name>IBiometricsFingerprint</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.configstore</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>ISurfaceFlingerConfigs</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.audio</name>
+        <transport>hwbinder</transport>
+        <version>4.0</version>
+        <interface>
+            <name>IDevicesFactory</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.keymaster</name>
+        <transport>hwbinder</transport>
+        <version>3.0</version>
+        <interface>
+            <name>IKeymasterDevice</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.graphics.allocator</name>
+        <transport>hwbinder</transport>
+        <version>2.0</version>
+        <interface>
+            <name>IAllocator</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.graphics.mapper</name>
+        <transport arch="32+64">passthrough</transport>
+        <version>2.0</version>
+        <interface>
+            <name>IMapper</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.graphics.composer</name>
+        <transport>hwbinder</transport>
+        <version>2.1</version>
+        <interface>
+            <name>IComposer</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.power</name>
+        <transport>hwbinder</transport>
+        <version>1.1</version>
+        <interface>
+            <name>IPower</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.broadcastradio</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IBroadcastRadioFactory</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.camera.provider</name>
+        <transport>hwbinder</transport>
+        <version>2.4</version>
+        <interface>
+            <name>ICameraProvider</name>
+            <instance>legacy/0</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.sensors</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>ISensors</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.gatekeeper</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IGatekeeper</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.gnss</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IGnss</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.media.omx</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IOmx</name>
+            <instance>default</instance>
+        </interface>
+        <interface>
+            <name>IOmxStore</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.radio</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IRadio</name>
+            <instance>slot1</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.wifi</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IWifi</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.wifi.hostapd</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IHostapd</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.wifi.supplicant</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>ISupplicant</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.health</name>
+        <transport>hwbinder</transport>
+        <version>2.0</version>
+        <interface>
+            <name>IHealth</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <sepolicy>
+        <version>27.0</version>
+    </sepolicy>
+</manifest>
diff --git a/qemu_trusty_base.mk b/qemu_trusty_base.mk
index 7862ebe..8262de1 100644
--- a/qemu_trusty_base.mk
+++ b/qemu_trusty_base.mk
@@ -24,6 +24,7 @@ PRODUCT_PACKAGES += \
     apexd \
     com.android.runtime \
     dhcpclient \
+    gatekeeperd \
     hwservicemanager \
     init \
     init_system \
@@ -85,9 +86,13 @@ PRODUCT_COPY_FILES += \
 $(call inherit-product, system/core/trusty/trusty-base.mk)
 $(call inherit-product, system/core/trusty/trusty-storage.mk)
 
+# Test Utilities
 PRODUCT_PACKAGES += \
     tipc-test \
     trusty-ut-ctrl \
+    VtsHalGatekeeperV1_0TargetTest \
+    VtsHalKeymasterV3_0TargetTest \
+    VtsHalKeymasterV4_0TargetTest \
 
 PRODUCT_BOOT_JARS := \
     core-oj \
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 42e1b50..94f5594 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -4,3 +4,5 @@
 /vendor/bin/storageproxyd            u:object_r:tee_exec:s0
 /data/vendor/var/run(/.*)?           u:object_r:varrun_file:s0
 /data/vendor/ss(/.*)?                u:object_r:tee_data_file:s0
+/vendor/bin/hw/android.hardware.gatekeeper@1.0-service.trusty           u:object_r:hal_gatekeeper_default_exec:s0
+/vendor/bin/hw/android.hardware.keymaster@3.0-service.trusty            u:object_r:hal_keymaster_default_exec:s0
-- 
cgit v1.2.3