|author||nagendra modadugu <email@example.com>||Wed Sep 19 14:57:35 2018 -0700|
|committer||Nagendra Modadugu <firstname.lastname@example.org>||Tue Oct 09 23:58:49 2018 +0000|
keymaster: abort operations on HAL errors Not all error code paths in the HAL are aborting initiated operations. This change tackles the error returns in attest(). This particular error case has not been encountered in the field, but any errors during attest would result in a similar situtation as described in the associated bug -- operation handle leakage on Citadel. Bug: 116055338 Test: release-tests.sh pass on PVT1 Change-Id: Icae96cc502cf16ece29c87e84c7b54c3e3e43727
Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.
Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a
NuggetClient. The generator can be found in the
Work in progress.
Currently, everything is synchronous and just exposes the
call_application() function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:
NuggetClienton top of
This directory contains the components to support Citadel connected to Android.