Merge commit 'a63ccea6abc7ea02e2d98e41c80793ca97237bd3' from

oc-mr1-dev-plus-aosp into stage-aosp-master

Change-Id: Ia33311cd1fd26dfaea59a69317b306fb91203c40
Merged-In: I03d06b10807e8a313c9654c2e1db36bfb59e3f99

16 files changed, 21 insertions, 377 deletions

diff --git a/trusty/Android.bp b/trusty/Android.bp
index 386fbe623..2fb2e194b 100644
--- a/trusty/Android.bp
+++ b/trusty/Android.bp
@@ -2,6 +2,5 @@ subdirs = [
     "gatekeeper",
     "keymaster",
     "libtrusty",
-    "nvram",
     "storage/*",
 ]
diff --git a/trusty/gatekeeper/Android.bp b/trusty/gatekeeper/Android.bp
index a9566a17e..65b271a79 100644
--- a/trusty/gatekeeper/Android.bp
+++ b/trusty/gatekeeper/Android.bp
@@ -22,6 +22,7 @@
 
 cc_library_shared {
     name: "gatekeeper.trusty",
+    vendor: true,
 
     relative_install_path: "hw",
 
@@ -43,4 +44,5 @@ cc_library_shared {
         "libcutils",
         "libtrusty",
     ],
+    header_libs: ["libhardware_headers"],
 }
diff --git a/trusty/keymaster/Android.bp b/trusty/keymaster/Android.bp
index 773568499..322a63d28 100644
--- a/trusty/keymaster/Android.bp
+++ b/trusty/keymaster/Android.bp
@@ -25,6 +25,7 @@
 // and ECDSA keys.
 cc_binary {
     name: "trusty_keymaster_tipc",
+    vendor: true,
     srcs: [
         "trusty_keymaster_device.cpp",
         "trusty_keymaster_ipc.cpp",
@@ -46,6 +47,7 @@ cc_binary {
 // keystore.trusty is the HAL used by keystore on Trusty devices.
 cc_library_shared {
     name: "keystore.trusty",
+    vendor: true,
     relative_install_path: "hw",
     srcs: [
         "module.cpp",
@@ -66,4 +68,5 @@ cc_library_shared {
         "liblog",
         "libcutils",
     ],
+    header_libs: ["libhardware_headers"],
 }
diff --git a/trusty/libtrusty/Android.bp b/trusty/libtrusty/Android.bp
index 1a8db2f90..c48deed1c 100644
--- a/trusty/libtrusty/Android.bp
+++ b/trusty/libtrusty/Android.bp
@@ -18,6 +18,7 @@ subdirs = [
 
 cc_library {
     name: "libtrusty",
+    vendor: true,
 
     srcs: ["trusty.c"],
     export_include_dirs: ["include"],
diff --git a/trusty/libtrusty/tipc-test/Android.bp b/trusty/libtrusty/tipc-test/Android.bp
index 6ec8c23f7..1e8467f0f 100644
--- a/trusty/libtrusty/tipc-test/Android.bp
+++ b/trusty/libtrusty/tipc-test/Android.bp
@@ -14,12 +14,14 @@
 
 cc_test {
     name: "tipc-test",
-    static_executable: true,
+    vendor: true,
 
     srcs: ["tipc_test.c"],
     static_libs: [
-        "libc",
         "libtrusty",
+    ],
+    shared_libs: [
+        "libc",
         "liblog",
     ],
     gtest: false,
diff --git a/trusty/nvram/Android.bp b/trusty/nvram/Android.bp
deleted file mode 100644
index 15e6c3e5e..000000000
--- a/trusty/nvram/Android.bp
+++ /dev/null
@@ -1,61 +0,0 @@
-//
-// Copyright (C) 2016 The Android Open-Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-// nvram.trusty is the Trusty NVRAM HAL module.
-cc_library_shared {
-    name: "nvram.trusty",
-    relative_install_path: "hw",
-    srcs: [
-        "module.c",
-        "trusty_nvram_device.cpp",
-        "trusty_nvram_implementation.cpp",
-    ],
-
-    cflags: [
-        "-Wall",
-        "-Werror",
-        "-Wextra",
-        "-fvisibility=hidden",
-    ],
-    static_libs: ["libnvram-hal"],
-    shared_libs: [
-        "libtrusty",
-        "libnvram-messages",
-        "liblog",
-    ],
-}
-
-// nvram-wipe is a helper tool for clearing NVRAM state.
-cc_binary {
-    name: "nvram-wipe",
-    srcs: [
-        "nvram_wipe.cpp",
-        "trusty_nvram_implementation.cpp",
-    ],
-
-    cflags: [
-        "-Wall",
-        "-Werror",
-        "-Wextra",
-        "-fvisibility=hidden",
-    ],
-    static_libs: ["libnvram-hal"],
-    shared_libs: [
-        "libtrusty",
-        "libnvram-messages",
-        "liblog",
-    ],
-}
diff --git a/trusty/nvram/module.c b/trusty/nvram/module.c
deleted file mode 100644
index a2e64d372..000000000
--- a/trusty/nvram/module.c
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <hardware/nvram.h>
-
-// This function is defined in trusty_nvram_device.cpp.
-int trusty_nvram_open(const hw_module_t* module,
-                      const char* device_id,
-                      hw_device_t** device_ptr);
-
-static struct hw_module_methods_t nvram_module_methods = {
-    .open = trusty_nvram_open,
-};
-
-struct nvram_module HAL_MODULE_INFO_SYM
-    __attribute__((visibility("default"))) = {
-        .common = {.tag = HARDWARE_MODULE_TAG,
-                   .module_api_version = NVRAM_MODULE_API_VERSION_0_1,
-                   .hal_api_version = HARDWARE_HAL_API_VERSION,
-                   .id = NVRAM_HARDWARE_MODULE_ID,
-                   .name = "Trusty NVRAM HAL",
-                   .author = "The Android Open Source Project",
-                   .methods = &nvram_module_methods,
-                   .dso = 0,
-                   .reserved = {}},
-};
diff --git a/trusty/nvram/nvram_wipe.cpp b/trusty/nvram/nvram_wipe.cpp
deleted file mode 100644
index d0f4faded..000000000
--- a/trusty/nvram/nvram_wipe.cpp
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <nvram/messages/nvram_messages.h>
-
-#include "trusty_nvram_implementation.h"
-
-void usage(const char* program_name) {
-  fprintf(stderr, "Usage: %s [status|disable|wipe]\n", program_name);
-  exit(-1);
-}
-
-int main(int argc, char* argv[]) {
-  if (argc < 2) {
-    usage(argv[0]);
-  }
-
-  nvram::TrustyNvramImplementation nvram_proxy;
-  nvram::Request request;
-  nvram::Response response;
-
-  if (!strcmp(argv[1], "status")) {
-    request.payload.Activate<nvram::COMMAND_GET_INFO>();
-    nvram_proxy.Execute(request, &response);
-    const nvram::GetInfoResponse* get_info_response =
-        response.payload.get<nvram::COMMAND_GET_INFO>();
-    if (response.result == NV_RESULT_SUCCESS) {
-      int status = get_info_response && get_info_response->wipe_disabled;
-      printf("Wiping disabled: %d\n", status);
-      return status;
-    }
-  } else if (!strcmp(argv[1], "disable")) {
-    request.payload.Activate<nvram::COMMAND_DISABLE_WIPE>();
-    nvram_proxy.Execute(request, &response);
-  } else if (!strcmp(argv[1], "wipe")) {
-    request.payload.Activate<nvram::COMMAND_WIPE_STORAGE>();
-    nvram_proxy.Execute(request, &response);
-  } else {
-    usage(argv[0]);
-  }
-
-  if (response.result != NV_RESULT_SUCCESS) {
-    fprintf(stderr, "Command execution failure: %u\n", response.result);
-    return -1;
-  }
-
-  return 0;
-}
-
diff --git a/trusty/nvram/trusty_nvram_device.cpp b/trusty/nvram/trusty_nvram_device.cpp
deleted file mode 100644
index 82a122870..000000000
--- a/trusty/nvram/trusty_nvram_device.cpp
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <errno.h>
-
-#include <nvram/hal/nvram_device_adapter.h>
-
-#include "trusty_nvram_implementation.h"
-
-extern "C" int trusty_nvram_open(const hw_module_t* module,
-                                 const char* device_id,
-                                 hw_device_t** device_ptr) {
-  if (strcmp(NVRAM_HARDWARE_DEVICE_ID, device_id) != 0) {
-    return -EINVAL;
-  }
-
-  nvram::NvramDeviceAdapter* adapter = new nvram::NvramDeviceAdapter(
-      module, new nvram::TrustyNvramImplementation);
-  *device_ptr = adapter->as_device();
-  return 0;
-}
diff --git a/trusty/nvram/trusty_nvram_implementation.cpp b/trusty/nvram/trusty_nvram_implementation.cpp
deleted file mode 100644
index 9215c8502..000000000
--- a/trusty/nvram/trusty_nvram_implementation.cpp
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#define LOG_TAG "TrustyNVRAM"
-
-#include "trusty_nvram_implementation.h"
-
-#include <errno.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <hardware/nvram.h>
-#include <log/log.h>
-#include <trusty/tipc.h>
-
-#include <nvram/messages/blob.h>
-
-namespace nvram {
-namespace {
-
-// Character device to open for Trusty IPC connections.
-const char kTrustyDeviceName[] = "/dev/trusty-ipc-dev0";
-
-// App identifier of the NVRAM app.
-const char kTrustyNvramAppId[] = "com.android.trusty.nvram";
-
-}  // namespace
-
-TrustyNvramImplementation::~TrustyNvramImplementation() {
-  if (tipc_nvram_fd_ != -1) {
-    tipc_close(tipc_nvram_fd_);
-    tipc_nvram_fd_ = -1;
-  }
-}
-
-void TrustyNvramImplementation::Execute(const nvram::Request& request,
-                                        nvram::Response* response) {
-  if (!SendRequest(request, response)) {
-    response->result = NV_RESULT_INTERNAL_ERROR;
-  }
-}
-
-bool TrustyNvramImplementation::Connect() {
-  if (tipc_nvram_fd_ != -1) {
-    return true;
-  }
-
-  int rc = tipc_connect(kTrustyDeviceName, kTrustyNvramAppId);
-  if (rc < 0) {
-    ALOGE("Failed to connect to Trusty NVRAM app: %s\n", strerror(-rc));
-    return false;
-  }
-
-  tipc_nvram_fd_ = rc;
-  return true;
-}
-
-bool TrustyNvramImplementation::SendRequest(const nvram::Request& request,
-                                            nvram::Response* response) {
-  if (!Connect()) {
-    return false;
-  }
-
-  nvram::Blob request_buffer;
-  if (!nvram::Encode(request, &request_buffer)) {
-    ALOGE("Failed to encode NVRAM request.\n");
-    return false;
-  }
-
-  ssize_t rc =
-      write(tipc_nvram_fd_, request_buffer.data(), request_buffer.size());
-  if (rc < 0) {
-    ALOGE("Failed to send NVRAM request: %s\n", strerror(-rc));
-    return false;
-  }
-  if (static_cast<size_t>(rc) != request_buffer.size()) {
-    ALOGE("Failed to send full request buffer: %zd\n", rc);
-    return false;
-  }
-
-  rc = read(tipc_nvram_fd_, response_buffer_, sizeof(response_buffer_));
-  if (rc < 0) {
-    ALOGE("Failed to read NVRAM response: %s\n", strerror(-rc));
-    return false;
-  }
-
-  if (static_cast<size_t>(rc) >= sizeof(response_buffer_)) {
-    ALOGE("NVRAM response exceeds response buffer size.\n");
-    return false;
-  }
-
-  if (!nvram::Decode(response_buffer_, static_cast<size_t>(rc), response)) {
-    ALOGE("Failed to decode NVRAM response.\n");
-    return false;
-  }
-
-  return true;
-}
-
-}  // namespace nvram
diff --git a/trusty/nvram/trusty_nvram_implementation.h b/trusty/nvram/trusty_nvram_implementation.h
deleted file mode 100644
index 60758f7fb..000000000
--- a/trusty/nvram/trusty_nvram_implementation.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_
-#define TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_
-
-#include <stdint.h>
-
-#include <nvram/hal/nvram_device_adapter.h>
-#include <nvram/messages/nvram_messages.h>
-
-namespace nvram {
-
-// |TrustyNvramImplementation| proxies requests to the Trusty NVRAM app. It
-// serializes the request objects, sends it to the Trusty app and finally reads
-// back the result and decodes it.
-class TrustyNvramImplementation : public nvram::NvramImplementation {
- public:
-  ~TrustyNvramImplementation() override;
-
-  void Execute(const nvram::Request& request,
-               nvram::Response* response) override;
-
- private:
-  // Connects the IPC channel to the Trusty app if it is not already open.
-  // Returns true if the channel is open, false on errors.
-  bool Connect();
-
-  // Dispatches a command to the trust app. Returns true if successful (note
-  // that the response may still indicate an error on the Trusty side), false if
-  // there are any I/O or encoding/decoding errors.
-  bool SendRequest(const nvram::Request& request,
-                   nvram::Response* response);
-
-  // The file descriptor for the IPC connection to the Trusty app.
-  int tipc_nvram_fd_ = -1;
-
-  // Response buffer. This puts a hard size limit on the responses from the
-  // Trusty app. 4096 matches the maximum IPC message size currently supported
-  // by Trusty.
-  uint8_t response_buffer_[4096];
-};
-
-}  // namespace nvram
-
-#endif  // TRUSTY_NVRAM_TRUSTY_NVRAM_IMPLEMENTATION_H_
diff --git a/trusty/storage/interface/Android.bp b/trusty/storage/interface/Android.bp
index a551c37aa..18b4a5f90 100644
--- a/trusty/storage/interface/Android.bp
+++ b/trusty/storage/interface/Android.bp
@@ -16,5 +16,6 @@
 
 cc_library_static {
     name: "libtrustystorageinterface",
+    vendor: true,
     export_include_dirs: ["include"],
 }
diff --git a/trusty/storage/lib/Android.bp b/trusty/storage/lib/Android.bp
index 5eb3f0778..4e41674bd 100644
--- a/trusty/storage/lib/Android.bp
+++ b/trusty/storage/lib/Android.bp
@@ -16,16 +16,19 @@
 
 cc_library_static {
     name: "libtrustystorage",
+    vendor: true,
 
     srcs: ["storage.c"],
 
     export_include_dirs: ["include"],
 
     static_libs: [
-        "liblog",
         "libtrusty",
         "libtrustystorageinterface",
     ],
+    shared_libs: [
+        "liblog",
+    ],
 
     cflags: [
         "-fvisibility=hidden",
diff --git a/trusty/storage/proxy/Android.bp b/trusty/storage/proxy/Android.bp
index eb34df014..da8542d5a 100644
--- a/trusty/storage/proxy/Android.bp
+++ b/trusty/storage/proxy/Android.bp
@@ -16,6 +16,7 @@
 
 cc_binary {
     name: "storageproxyd",
+    vendor: true,
 
     srcs: [
         "ipc.c",
@@ -25,6 +26,7 @@ cc_binary {
     ],
 
     shared_libs: ["liblog"],
+    header_libs: ["libcutils_headers"],
 
     static_libs: [
         "libtrustystorageinterface",
diff --git a/trusty/storage/proxy/proxy.c b/trusty/storage/proxy/proxy.c
index 27e58917f..41263e5df 100644
--- a/trusty/storage/proxy/proxy.c
+++ b/trusty/storage/proxy/proxy.c
@@ -24,7 +24,7 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
-#include <private/android_filesystem_config.h>
+#include <cutils/android_filesystem_config.h>
 
 #include "ipc.h"
 #include "log.h"
diff --git a/trusty/storage/tests/Android.bp b/trusty/storage/tests/Android.bp
index 1e4fced8f..536c3ca7a 100644
--- a/trusty/storage/tests/Android.bp
+++ b/trusty/storage/tests/Android.bp
@@ -16,6 +16,7 @@
 
 cc_test {
     name: "secure-storage-unit-test",
+    vendor: true,
 
     cflags: [
         "-g",
@@ -28,6 +29,8 @@ cc_test {
         "libtrustystorageinterface",
         "libtrustystorage",
         "libtrusty",
+    ],
+    shared_libs: [
         "liblog",
     ],