Merge remote-tracking branch 'goog/upstream-master' into ngm-nos-merge-upstream am: 5581f47fe9

Change-Id: I7c3f8ac6be2aca62b791d346b7364eb4a0b2ddcf
author: nagendra modadugu <ngm@google.com> 2020-03-25 14:18:04 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-03-25 14:18:04 +0000
commit: 513d591f084a6e5e0f83d6de5ca2281d6fa4e550 (patch)
tree: b88bcefc691f1cdd6f83b79c48ba40bab2d837cb
parent: bdee6e01a9a4b861b241d919d2a3830efb69183c (diff)
parent: 5581f47fe9f4b3d084e6b8eddd9e9b4472d26527 (diff)
download: platform_external_nos_host_generic-513d591f084a6e5e0f83d6de5ca2281d6fa4e550.tar.gz
platform_external_nos_host_generic-513d591f084a6e5e0f83d6de5ca2281d6fa4e550.tar.bz2
platform_external_nos_host_generic-513d591f084a6e5e0f83d6de5ca2281d6fa4e550.zip
7 files changed, 93 insertions, 14 deletions
diff --git a/libnos_datagram/include/nos/device.h b/libnos_datagram/include/nos/device.h
index 88db927..5472156 100644
--- a/libnos_datagram/include/nos/device.h
+++ b/libnos_datagram/include/nos/device.h
@@ -70,6 +70,7 @@ struct nos_device_ops {
    */
   void (*close)(void *ctx);
 
+#ifndef ANDROID
   /**
    * Get or Set a configuration value. These are opaque, implementation-specific
    * values useful only for bringup and development. The defaults should be
@@ -79,6 +80,7 @@ struct nos_device_ops {
    */
   int (*get_config)(void *ctx, uint32_t config_id, void *value);
   int (*set_config)(void *ctx, uint32_t config_id, void *value);
+#endif
 };
 
 struct nos_device {
diff --git a/libnos_transport/test/test.cpp b/libnos_transport/test/test.cpp
index ac7a884..1090de4 100644
--- a/libnos_transport/test/test.cpp
+++ b/libnos_transport/test/test.cpp
@@ -361,7 +361,9 @@ TEST_F(TransportTest, StatusCrcError) {
   const uint16_t param = 192;
 
   InSequence please;
-  // Try 3 times
+  // Try 5 times
+  EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
+  EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
   EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
   EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
   EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
@@ -392,7 +394,9 @@ TEST_F(TransportTest, FailToClearStatusAfterStatusCrcError) {
   const uint16_t param = 192;
 
   InSequence please;
-  // Try 3 times
+  // Try 5 times
+  EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
+  EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
   EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
   EXPECT_GET_STATUS_IDLE_WITH_BAD_CRC(app_id);
   EXPECT_GET_STATUS_BAD_CRC(app_id);
@@ -412,7 +416,17 @@ TEST_F(TransportTest, RequestCrcError) {
   const uint16_t args_len = 5;
 
   InSequence please;
-  // Should try 3 times
+  // Should try 5 times
+  EXPECT_GET_STATUS_IDLE(app_id);
+  EXPECT_SEND_DATA(app_id, args, args_len);
+  EXPECT_GO_COMMAND(app_id, param, args, args_len, 0);
+  EXPECT_GET_STATUS_BAD_CRC(app_id);
+  // 4 more
+  EXPECT_GET_STATUS_IDLE(app_id);
+  EXPECT_SEND_DATA(app_id, args, args_len);
+  EXPECT_GO_COMMAND(app_id, param, args, args_len, 0);
+  EXPECT_GET_STATUS_BAD_CRC(app_id);
+  // 3 more
   EXPECT_GET_STATUS_IDLE(app_id);
   EXPECT_SEND_DATA(app_id, args, args_len);
   EXPECT_GO_COMMAND(app_id, param, args, args_len, 0);
@@ -554,7 +568,9 @@ TEST_F(TransportTest, ReplyCrcError) {
   EXPECT_SEND_DATA(app_id, nullptr, 0);
   EXPECT_GO_COMMAND(app_id, param, nullptr, 0, reply_len);
   EXPECT_GET_STATUS_DONE_WITH_DATA(app_id, data, sizeof(data));
-  // Try 3 times to read data
+  // Try 5 times to read data
+  EXPECT_RECV_DATA(app_id, reply_len, wrong_data, sizeof(wrong_data));
+  EXPECT_RECV_DATA(app_id, reply_len, wrong_data, sizeof(wrong_data));
   EXPECT_RECV_DATA(app_id, reply_len, wrong_data, sizeof(wrong_data));
   EXPECT_RECV_DATA(app_id, reply_len, wrong_data, sizeof(wrong_data));
   EXPECT_RECV_DATA(app_id, reply_len, wrong_data, sizeof(wrong_data));
diff --git a/libnos_transport/transport.c b/libnos_transport/transport.c
index 551c89a..f7675da 100644
--- a/libnos_transport/transport.c
+++ b/libnos_transport/transport.c
@@ -74,7 +74,7 @@ extern int usleep (uint32_t usec);
 #define RETRY_WAIT_TIME_US 5000
 
 /* In case of CRC error, try to retransmit */
-#define CRC_RETRY_COUNT 3
+#define CRC_RETRY_COUNT 5
 
 /* How long to poll before giving up */
 #define POLL_LIMIT_SECONDS 60
@@ -487,6 +487,16 @@ uint32_t nos_call_application(const struct nos_device *dev,
 
     /* Wait until the app has finished */
     status_code = poll_until_done(&ctx, &status);
+
+    /* Citadel chip complained we sent it a count different from what we claimed
+     * or more than it can accept but this should not happen. Give to the chip a
+     * little bit of time and retry calling again. */
+    if (status_code == APP_ERROR_TOO_MUCH) {
+      NLOGD("App %d returning 0x%x, give a retry(%d/%d)",
+            app_id, status_code, retries, CRC_RETRY_COUNT);
+      usleep(RETRY_WAIT_TIME_US);
+      continue;
+    }
     if (status_code != APP_ERROR_CHECKSUM) break;
     NLOGW("App %d request checksum error", app_id);
   }
diff --git a/nugget/include/app_nugget.h b/nugget/include/app_nugget.h
index f2ab32f..4336734 100644
--- a/nugget/include/app_nugget.h
+++ b/nugget/include/app_nugget.h
@@ -457,6 +457,25 @@ struct nugget_app_write32 {
  * @param reply_len    number of bytes in reply (including trailing '\0')
  */
 
+enum nugget_app_sleep_mode {
+	NUGGET_APP_SLEEP_MODE_DEFAULT,
+	NUGGET_APP_SLEEP_MODE_WFI,
+	NUGGET_APP_SLEEP_MODE_SLEEP
+};
+#define NUGGET_PARAM_SET_SLEEP_MODE 0xF004
+/**
+ * Set the Sleep mode of the GSC.
+ *
+ * In certain tests, we expect the GSC to be in either WFI mode, or in deep
+ * sleep mode. The sleep state should be provided by the host to the GSC, to
+ * ensure that the test is performed in the correct circumstances.
+ *
+ * @param args         enum nugget_app_sleep_mode selection
+ * @param arg_len      4
+ * @param reply        <none>
+ * @param reply_len    0
+ */
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/nugget/include/application.h b/nugget/include/application.h
index ddc7600..c7b6da8 100644
--- a/nugget/include/application.h
+++ b/nugget/include/application.h
@@ -168,15 +168,17 @@ typedef void (write_to_app_fn_t)(uint32_t command,
  * @param  Id        The Application ID, defined above
  * @param  Name      A human-readable string identifying the application
  * @param  Version   An app-specific uint32_t number, for compability purposes
- * @param  From_fn   A pointer to the app's read_from_app_fnt_t handler
+ * @param  From_fn   A pointer to the app's read_from_app_fn_t handler
  * @param  To_fn     A pointer to the app's write_to_app_fn_t handler
+ * @param  Data      App's private data
  */
-#define DECLARE_APPLICATION_DATAGRAM(Id, Name, Version, From_fn, To_fn) \
-    const struct app_info __keep CONCAT2(app_, Id)                      \
-      __attribute__((section(".rodata.app_info")))                      \
-      = { .api = { .id = Id,                                            \
-             .from_fn = From_fn, .to_fn = To_fn},                       \
-          .version = Version, .name = Name }
+#define DECLARE_APPLICATION_DATAGRAM(Id, Name, Version, From_fn, To_fn, Data) \
+  const struct app_info __keep CONCAT2(app_, Id)                        \
+    __attribute__((section(".rodata.app_info")))                        \
+    = { .api = { .id = Id,                                              \
+                 .from_fn = From_fn, .to_fn = To_fn,                    \
+                 .data = Data},                                         \
+        .version = Version, .name = Name }
 
 /****************************************************************************/
 /* Transport API */
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.proto b/nugget/proto/nugget/app/keymaster/keymaster.proto
index 8dac4e8..5ed4df1 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster.proto
@@ -115,6 +115,12 @@ service Keymaster {
    */
   rpc ProvisionCertificates(ProvisionCertificatesRequest) returns (ProvisionCertificatesResponse);
 
+  /*
+   * KM4.1 methods.
+   */
+  rpc DeviceLocked(DeviceLockedRequest) returns (DeviceLockedResponse);
+  rpc EarlyBootEnded(EarlyBootEndedRequest) returns (EarlyBootEndedResponse);
+
   // These are implemented with a enum, so new RPCs must be appended, and
   // deprecated RPCs need placeholders.
 }
@@ -337,6 +343,21 @@ message ComputeSharedHmacResponse {
   bytes sharing_check = 2;
 }
 
+// DeviceLockedRequest
+message DeviceLockedRequest {
+  bool password_only = 1;
+  VerificationToken verification_token = 2;
+}
+message DeviceLockedResponse {
+  ErrorCode error_code = 1;
+}
+
+// DeviceLockedRequest
+message EarlyBootEndedRequest {}
+message EarlyBootEndedResponse {
+  ErrorCode error_code = 1;
+}
+
 /*
  * Vendor HAL.
  */
@@ -455,4 +476,4 @@ message ProvisionCertificatesRequest {
 message ProvisionCertificatesResponse {
   ErrorCode error_code = 1;
   CertificateStatus cert_status = 2;
-}
-\ No newline at end of file
+}
diff --git a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto
index 9860244..76f1a2f 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto
@@ -55,6 +55,7 @@ enum Tag {
   BOOTLOADER_ONLY = 0x7012e; // (TagType:BOOL | 302)
   ROLLBACK_RESISTANCE = 0x7012f; // (TagType:BOOL | 303)
   HARDWARE_TYPE = 0x10130; // TagType:ENUM | 304,
+  EARLY_BOOT_ONLY = 0x70131;  // TagType:BOOL | 305,
   ACTIVE_DATETIME = 0x60190; // (TagType:DATE | 400)
   ORIGINATION_EXPIRE_DATETIME = 0x60191; // (TagType:DATE | 401)
   USAGE_EXPIRE_DATETIME = 0x60192; // (TagType:DATE | 402)
@@ -94,6 +95,8 @@ enum Tag {
   VENDOR_PATCHLEVEL = 0x302ce; // (TagType:UINT | 718)
   BOOT_PATCHLEVEL = 0x302cf; // (TagType:UINT | 719)
   DEVICE_UNIQUE_ATTESTATION = 0x702d0;  // (TagType:BOOL | 720)
+  IDENTITY_CREDENTIAL_KEY = 0x702d1;    // (TagType:BOOL | 721)
+  STORAGE_KEY = 0x702d2;                // (TagType:BOOL | 722)
   ASSOCIATED_DATA = 0x903e8; // (TagType:BYTES | 1000)
   NONCE = 0x903e9; // (TagType:BYTES | 1001)
   /* RESERVED: AUTH_TOKEN = 0x903ea; // (TagType:BYTES | 1002) */
@@ -250,6 +253,12 @@ enum ErrorCode {
   PRODUCTION_MODE_PROVISIONING = 73;      // Vendor specific.
   NO_USER_CONFIRMATION = 74;
   KEY_UPGRADE_NOT_REQUIRED = 75;          // Vendor specific.
+  DEVICE_LOCKED = 76;
+  EARLY_BOOT_ENDED = 77;
+  ATTESTATION_KEYS_NOT_PROVISIONED = 78;
+  ATTESTATION_IDS_NOT_PROVISIONED = 79;
+  INVALID_OPERATION = 80;
+  STORAGE_KEY_UNSUPPORTED = 81;
 };
 
 enum SecurityLevel {
@@ -306,4 +315,4 @@ enum CertificateStatus {
   CERT_CHECKSUM = 2;
   CERT_UNKNOWN_ERROR = 3;
   CERT_WRONG_PACKET = 4;
-}
-\ No newline at end of file
+}
author	nagendra modadugu <ngm@google.com>	2020-03-25 14:18:04 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-03-25 14:18:04 +0000
commit	513d591f084a6e5e0f83d6de5ca2281d6fa4e550 (patch)
tree	b88bcefc691f1cdd6f83b79c48ba40bab2d837cb
parent	bdee6e01a9a4b861b241d919d2a3830efb69183c (diff)
parent	5581f47fe9f4b3d084e6b8eddd9e9b4472d26527 (diff)
download	platform_external_nos_host_generic-513d591f084a6e5e0f83d6de5ca2281d6fa4e550.tar.gz platform_external_nos_host_generic-513d591f084a6e5e0f83d6de5ca2281d6fa4e550.tar.bz2 platform_external_nos_host_generic-513d591f084a6e5e0f83d6de5ca2281d6fa4e550.zip