diff options
author | Andrew Scull <ascull@google.com> | 2017-03-27 15:29:32 +0100 |
---|---|---|
committer | Andrew Scull <ascull@google.com> | 2017-04-10 17:09:11 +0100 |
commit | efd5e251e334c1c63eb2a0a04dba4c047ddf9df8 (patch) | |
tree | 963683d4ba54492beb3764084348d1e44a4ba9ea /oemlock/1.0 | |
parent | 23d9c7410442fce20f5558e8087f438ebf31c1f5 (diff) | |
download | android_hardware_interfaces-efd5e251e334c1c63eb2a0a04dba4c047ddf9df8.tar.gz android_hardware_interfaces-efd5e251e334c1c63eb2a0a04dba4c047ddf9df8.tar.bz2 android_hardware_interfaces-efd5e251e334c1c63eb2a0a04dba4c047ddf9df8.zip |
OemLock HAL
This HAL allows vendor defined implementation of the OEM lock.
Bug: 34766843
Test: Boot and call from system_server
Change-Id: I5371fea496b6cae8cc6dd234d9302036ddb68ece
Diffstat (limited to 'oemlock/1.0')
-rw-r--r-- | oemlock/1.0/Android.bp | 63 | ||||
-rw-r--r-- | oemlock/1.0/Android.mk | 156 | ||||
-rw-r--r-- | oemlock/1.0/IOemLock.hal | 77 | ||||
-rw-r--r-- | oemlock/1.0/types.hal | 28 |
4 files changed, 324 insertions, 0 deletions
diff --git a/oemlock/1.0/Android.bp b/oemlock/1.0/Android.bp new file mode 100644 index 000000000..33096c39b --- /dev/null +++ b/oemlock/1.0/Android.bp @@ -0,0 +1,63 @@ +// This file is autogenerated by hidl-gen. Do not edit manually. + +filegroup { + name: "android.hardware.oemlock@1.0_hal", + srcs: [ + "types.hal", + "IOemLock.hal", + ], +} + +genrule { + name: "android.hardware.oemlock@1.0_genc++", + tools: ["hidl-gen"], + cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.oemlock@1.0", + srcs: [ + ":android.hardware.oemlock@1.0_hal", + ], + out: [ + "android/hardware/oemlock/1.0/types.cpp", + "android/hardware/oemlock/1.0/OemLockAll.cpp", + ], +} + +genrule { + name: "android.hardware.oemlock@1.0_genc++_headers", + tools: ["hidl-gen"], + cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.oemlock@1.0", + srcs: [ + ":android.hardware.oemlock@1.0_hal", + ], + out: [ + "android/hardware/oemlock/1.0/types.h", + "android/hardware/oemlock/1.0/hwtypes.h", + "android/hardware/oemlock/1.0/IOemLock.h", + "android/hardware/oemlock/1.0/IHwOemLock.h", + "android/hardware/oemlock/1.0/BnHwOemLock.h", + "android/hardware/oemlock/1.0/BpHwOemLock.h", + "android/hardware/oemlock/1.0/BsOemLock.h", + ], +} + +cc_library_shared { + name: "android.hardware.oemlock@1.0", + generated_sources: ["android.hardware.oemlock@1.0_genc++"], + generated_headers: ["android.hardware.oemlock@1.0_genc++_headers"], + export_generated_headers: ["android.hardware.oemlock@1.0_genc++_headers"], + shared_libs: [ + "libhidlbase", + "libhidltransport", + "libhwbinder", + "liblog", + "libutils", + "libcutils", + "android.hidl.base@1.0", + ], + export_shared_lib_headers: [ + "libhidlbase", + "libhidltransport", + "libhwbinder", + "libutils", + "android.hidl.base@1.0", + ], +} diff --git a/oemlock/1.0/Android.mk b/oemlock/1.0/Android.mk new file mode 100644 index 000000000..e50c2881f --- /dev/null +++ b/oemlock/1.0/Android.mk @@ -0,0 +1,156 @@ +# This file is autogenerated by hidl-gen. Do not edit manually. + +LOCAL_PATH := $(call my-dir) + +################################################################################ + +include $(CLEAR_VARS) +LOCAL_MODULE := android.hardware.oemlock@1.0-java +LOCAL_MODULE_CLASS := JAVA_LIBRARIES + +intermediates := $(call local-generated-sources-dir, COMMON) + +HIDL := $(HOST_OUT_EXECUTABLES)/hidl-gen$(HOST_EXECUTABLE_SUFFIX) + +LOCAL_JAVA_LIBRARIES := \ + android.hidl.base@1.0-java \ + + +# +# Build types.hal (OemLockSecureStatus) +# +GEN := $(intermediates)/android/hardware/oemlock/V1_0/OemLockSecureStatus.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.oemlock@1.0::types.OemLockSecureStatus + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (OemLockStatus) +# +GEN := $(intermediates)/android/hardware/oemlock/V1_0/OemLockStatus.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.oemlock@1.0::types.OemLockStatus + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IOemLock.hal +# +GEN := $(intermediates)/android/hardware/oemlock/V1_0/IOemLock.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IOemLock.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.oemlock@1.0::IOemLock + +$(GEN): $(LOCAL_PATH)/IOemLock.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) +include $(BUILD_JAVA_LIBRARY) + + +################################################################################ + +include $(CLEAR_VARS) +LOCAL_MODULE := android.hardware.oemlock@1.0-java-static +LOCAL_MODULE_CLASS := JAVA_LIBRARIES + +intermediates := $(call local-generated-sources-dir, COMMON) + +HIDL := $(HOST_OUT_EXECUTABLES)/hidl-gen$(HOST_EXECUTABLE_SUFFIX) + +LOCAL_STATIC_JAVA_LIBRARIES := \ + android.hidl.base@1.0-java-static \ + + +# +# Build types.hal (OemLockSecureStatus) +# +GEN := $(intermediates)/android/hardware/oemlock/V1_0/OemLockSecureStatus.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.oemlock@1.0::types.OemLockSecureStatus + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build types.hal (OemLockStatus) +# +GEN := $(intermediates)/android/hardware/oemlock/V1_0/OemLockStatus.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.oemlock@1.0::types.OemLockStatus + +$(GEN): $(LOCAL_PATH)/types.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) + +# +# Build IOemLock.hal +# +GEN := $(intermediates)/android/hardware/oemlock/V1_0/IOemLock.java +$(GEN): $(HIDL) +$(GEN): PRIVATE_HIDL := $(HIDL) +$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/IOemLock.hal +$(GEN): PRIVATE_DEPS += $(LOCAL_PATH)/types.hal +$(GEN): $(LOCAL_PATH)/types.hal +$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates) +$(GEN): PRIVATE_CUSTOM_TOOL = \ + $(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \ + -Ljava \ + -randroid.hardware:hardware/interfaces \ + -randroid.hidl:system/libhidl/transport \ + android.hardware.oemlock@1.0::IOemLock + +$(GEN): $(LOCAL_PATH)/IOemLock.hal + $(transform-generated-source) +LOCAL_GENERATED_SOURCES += $(GEN) +include $(BUILD_STATIC_JAVA_LIBRARY) + + + +include $(call all-makefiles-under,$(LOCAL_PATH)) diff --git a/oemlock/1.0/IOemLock.hal b/oemlock/1.0/IOemLock.hal new file mode 100644 index 000000000..d57012359 --- /dev/null +++ b/oemlock/1.0/IOemLock.hal @@ -0,0 +1,77 @@ +/* + * Copyright (C) 2017 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.hardware.oemlock@1.0; + +/* + * The OEM lock prevents the bootloader from allowing the device to be flashed. + * + * Both the carrier and the device itself have a say as to whether OEM unlock is + * allowed and both must agree that is allowed in order for unlock to be + * possible. + */ +interface IOemLock { + /** + * Returns a vendor specific identifier of the HAL. + * + * The name returned must not be interpreted by the framework but must be + * passed to vendor code which may use it to identify the security protocol + * used by setOemUnlockAllowedByCarrier. This allows the vendor to identify + * the protocol without having to maintain a device-to-protocol mapping. + * + * @return name of the implementation. + */ + getName() generates (OemLockStatus status, string name); + + /** + * Updates whether OEM unlock is allowed by the carrier. + * + * The implementation may require a vendor defined signature to prove the + * validity of this request in order to harden its security. + * + * @param allowed is the new value of the flag. + * @param signature to prove validity of this request or empty if not + * required. + * @return status is OK if the flag was successfully updated, + * INVALID_SIGNATURE if a signature is required but the wrong one + * was provided or FAILED if the update was otherwise unsuccessful. + */ + setOemUnlockAllowedByCarrier(bool allowed, vec<uint8_t> signature) + generates (OemLockSecureStatus status); + + /** + * Returns whether OEM unlock is allowed by the carrier. + * + * @return status is OK if the flag was successfully read. + * @return allowed is the current state of the flag. + */ + isOemUnlockAllowedByCarrier() generates (OemLockStatus status, bool allowed); + + /** + * Updates whether OEM unlock is allowed by the device. + * + * @param allowed is the new value of the flag. + * @return status is OK if the flag was successfully updated. + */ + setOemUnlockAllowedByDevice(bool allowed) generates (OemLockStatus status); + + /** + * Returns whether OEM unlock ia allowed by the device. + * + * @return status is OK if the flag was successfully read. + * @return allowed is the current state of the flag. + */ + isOemUnlockAllowedByDevice() generates (OemLockStatus status, bool allowed); +}; diff --git a/oemlock/1.0/types.hal b/oemlock/1.0/types.hal new file mode 100644 index 000000000..0b4a8d118 --- /dev/null +++ b/oemlock/1.0/types.hal @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2017 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.hardware.oemlock@1.0; + +enum OemLockStatus : uint32_t { + /** The operation completed successfully. */ + OK, + /** The operation encountered a problem. */ + FAILED, +}; + +enum OemLockSecureStatus : OemLockStatus { + /** An invalid signature was provided so the operation was not performed. */ + INVALID_SIGNATURE, +}; |