Revert "Activate KeyMint"
Revert submission 14947110-activate_keymint
Reason for revert: Likely b/191652216
Reverted Changes:
I6c5210356:Activate KeyMint
I784d39383:Activate KeyMint.
Bug: b/191652216
Change-Id: I5f6d69f7657180c09a6ec8e8afad09bbd63cdc32
diff --git a/CleanSpec.mk b/CleanSpec.mk
index 12538be..1ca5183 100644
--- a/CleanSpec.mk
+++ b/CleanSpec.mk
@@ -77,9 +77,3 @@
$(call add-clean-step, rm -f $(PRODUCT_OUT)/vendor/bin/hw/android.hardware.power.stats@1.0-service.gs101)
$(call add-clean-step, rm -f $(PRODUCT_OUT)/vendor/etc/init/android.hardware.power.stats@1.0-service.gs101.rc)
$(call add-clean-step, rm -f $(PRODUCT_OUT)/vendor/etc/vintf/manifest/android.hardware.power.stats@1.0-service.gs101.xml)
-
-# Keymaster to KeyMint
-$(call add-clean-step, rm -f $(PRODUCT_OUT)/vendor/bin/hw/android.hardware.keymaster@4.0-service.trusty)
-$(call add-clean-step, rm -f $(PRODUCT_OUT)/vendor/etc/init/android.hardware.keymaster@4.0-service.trusty.rc)
-$(call add-clean-step, rm -f $(PRODUCT_OUT)/vendor/etc/vintf/manifest/android.hardware.keymaster@4.0-service.trusty.xml)
-$(call add-clean-step, rm -f $(PRODUCT_OUT)/vendor/bin/hw/wait_for_strongbox)
diff --git a/keymaster/Android.bp b/keymaster/Android.bp
new file mode 100644
index 0000000..99aa4b4
--- /dev/null
+++ b/keymaster/Android.bp
@@ -0,0 +1,40 @@
+//
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "//device/google/gs101:device_google_gs101_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: [
+ "//device/google/gs101:device_google_gs101_license",
+ ],
+}
+
+cc_binary {
+ name: "wait_for_strongbox",
+ init_rc: ["wait_for_strongbox.rc"],
+ relative_install_path: "hw",
+ srcs: [ "wait_for_strongbox.cpp" ],
+ cflags: [ "-Werror", "-Wall" ],
+ shared_libs: [
+ "android.hardware.keymaster@4.0",
+ "libbase",
+ "libkeymaster4_1support",
+ "libutils",
+ ],
+ proprietary: true,
+}
diff --git a/keymaster/wait_for_strongbox.cpp b/keymaster/wait_for_strongbox.cpp
new file mode 100644
index 0000000..c0f4094
--- /dev/null
+++ b/keymaster/wait_for_strongbox.cpp
@@ -0,0 +1,59 @@
+/*
+ ** Copyright 2018, The Android Open Source Project
+ **
+ ** Licensed under the Apache License, Version 2.0 (the "License");
+ ** you may not use this file except in compliance with the License.
+ ** You may obtain a copy of the License at
+ **
+ ** http://www.apache.org/licenses/LICENSE-2.0
+ **
+ ** Unless required by applicable law or agreed to in writing, software
+ ** distributed under the License is distributed on an "AS IS" BASIS,
+ ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ** See the License for the specific language governing permissions and
+ ** limitations under the License.
+ */
+
+#include <unistd.h>
+
+#define LOG_TAG "wait_for_strongbox"
+#include <android-base/logging.h>
+
+#include <keymasterV4_1/Keymaster.h>
+
+using android::hardware::keymaster::V4_1::SecurityLevel;
+using android::hardware::keymaster::V4_1::support::Keymaster;
+
+useconds_t kWaitTimeMicroseconds = 1 * 1000; // 1 milliseconds
+
+int main() {
+ for (unsigned cycleCount = 0; /* Forever */; ++cycleCount) {
+ auto keymasters = Keymaster::enumerateAvailableDevices();
+
+ bool foundStrongBox = false;
+ bool foundTee = false;
+ for (auto &dev : keymasters) {
+ SecurityLevel securityLevel = dev->halVersion().securityLevel;
+ uint8_t majorVersion = dev->halVersion().majorVersion;
+ if (securityLevel == SecurityLevel::STRONGBOX && majorVersion == 4) {
+ foundStrongBox = true;
+ }
+ if (securityLevel == SecurityLevel::TRUSTED_ENVIRONMENT && majorVersion == 4) {
+ foundTee = true;
+ }
+ }
+
+ if (foundTee && foundStrongBox) {
+ return 0;
+ }
+ if (cycleCount % 10 == 1) {
+ if (!foundStrongBox) {
+ LOG(WARNING) << "Still waiting for StrongBox Keymaster";
+ }
+ if (!foundTee) {
+ LOG(WARNING) << "Still waiting for TEE Keymaster";
+ }
+ }
+ usleep(kWaitTimeMicroseconds);
+ }
+}
diff --git a/keymaster/wait_for_strongbox.rc b/keymaster/wait_for_strongbox.rc
new file mode 100644
index 0000000..c02fc46
--- /dev/null
+++ b/keymaster/wait_for_strongbox.rc
@@ -0,0 +1,9 @@
+# Wait for both Trusty and Strongbox HALs to be up
+service wait_for_strongbox /vendor/bin/hw/wait_for_strongbox
+ user root
+ group root system
+ priority -20
+ ioprio rt 0
+
+on late-fs
+ exec_start wait_for_strongbox
