KeyMint: use same epoch as Gatekeeper

The timestamps produced by KeyMint need to be monotonically increasing,
but they also need to use the same origin/epoch as the timestamps
produced by other components in the secure world, especially Gatekeeper.

Gatekeeper emits timestamps since boot via
`clock_gettime(CLOCK_BOOTTIME)`, so do exactly the same via the `libc`

Test: atest
Bug: 266879029
Change-Id: Iff8689f3fbf274ba51abb7ed7fd0332422d68bf6
1 file changed
tree: 99245ed2927e6574e4a3ecb22dcae88c804b775e
  1. apex/
  2. build/
  3. common/
  4. guest/
  5. host/
  6. recovery/
  7. shared/
  8. tests/
  9. tools/
  10. vsoc_arm64/
  11. vsoc_arm64_minidroid/
  12. vsoc_arm64_only/
  13. vsoc_arm_only/
  14. vsoc_riscv64/
  15. vsoc_riscv64_minidroid/
  16. vsoc_x86/
  17. vsoc_x86_64/
  18. vsoc_x86_64_minidroid/
  19. vsoc_x86_64_only/
  20. vsoc_x86_only/
  21. .clang-format
  22. Android.bp
  26. default-permissions.xml
  27. dtb.img
  30. iwyu.imp
  32. OWNERS
  33. PREUPLOAD.cfg
  35. required_images

Cuttlefish Getting Started

Try Cuttlefish

  1. Make sure virtualization with KVM is available.

    grep -c -w "vmx\|svm" /proc/cpuinfo

    This should return a non-zero value. If running on a cloud machine, this may take cloud-vendor-specific steps to enable. For Google Compute Engine specifically, see the GCE guide.

ARM specific steps:

  • When running on an ARM machine, the most direct way is to check for the existence of /dev/kvm. Note that this method can also be used to confirm support of KVM on any environment.
  1. Download, build, and install the host debian packages:

    sudo apt install -y git devscripts config-package-dev debhelper-compat golang curl
    git clone
    cd android-cuttlefish
    for dir in base frontend; do
      cd $dir
      debuild -i -us -uc -b -d
      cd ..
    sudo dpkg -i ./cuttlefish-base_*_*64.deb || sudo apt-get install -f
    sudo dpkg -i ./cuttlefish-user_*_*64.deb || sudo apt-get install -f
    sudo usermod -aG kvm,cvdnetwork,render $USER
    sudo reboot

    The reboot will trigger installing additional kernel modules and applying udev rules.

  2. Go to

  3. Enter a branch name. Start with aosp-master if you don‘t know what you’re looking for

  4. Navigate to aosp_cf_x86_64_phone and click on userdebug for the latest build

For ARM, use branch aosp-master-throttled-copped and device target aosp_cf_arm64_only_phone-userdebug
  1. Click on Artifacts

  2. Scroll down to the OTA images. These packages look like -- it will always have img in the name. Download this file

  3. Scroll down to cvd-host_package.tar.gz. You should always download a host package from the same build as your images.

  4. On your local system, combine the packages:

    mkdir cf
    cd cf
    tar xvf /path/to/cvd-host_package.tar.gz
    unzip /path/to/
  5. Launch cuttlefish with:

$ HOME=$PWD ./bin/launch_cvd

Debug Cuttlefish

You can use adb to debug it, just like a physical device:

$ ./bin/adb -e shell

Launch Viewer (WebRTC)

When launching with ---start_webrtc (the default), you can see a list of all available devices at https://localhost:8443 . For more information, see the WebRTC on Cuttlefish documentation.

Stop Cuttlefish

You will need to stop the virtual device within the same directory as you used to launch the device.

$ HOME=$PWD ./bin/stop_cvd