• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1//
2// Copyright (C) 2015 The Android Open-Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17package {
18    default_applicable_licenses: ["Android-Apache-2.0"],
19}
20
21cc_binary {
22    name: "android.hardware.keymaster@3.0-service.trusty",
23    defaults: ["hidl_defaults"],
24    relative_install_path: "hw",
25    vendor: true,
26    init_rc: ["3.0/android.hardware.keymaster@3.0-service.trusty.rc"],
27    srcs: [
28        "3.0/service.cpp",
29        "3.0/TrustyKeymaster3Device.cpp",
30        "ipc/trusty_keymaster_ipc.cpp",
31        "TrustyKeymaster.cpp",
32    ],
33
34    local_include_dirs: ["include"],
35
36    shared_libs: [
37        "liblog",
38        "libcutils",
39        "libdl",
40        "libbase",
41        "libutils",
42        "libhardware",
43        "libhidlbase",
44        "libtrusty",
45        "libkeymaster_messages",
46        "libkeymaster3device",
47        "android.hardware.keymaster@3.0",
48    ],
49}
50
51cc_binary {
52    name: "android.hardware.keymaster@4.0-service.trusty",
53    defaults: ["hidl_defaults"],
54    relative_install_path: "hw",
55    vendor: true,
56    init_rc: ["4.0/android.hardware.keymaster@4.0-service.trusty.rc"],
57    srcs: [
58        "4.0/service.cpp",
59        "4.0/TrustyKeymaster4Device.cpp",
60        "ipc/trusty_keymaster_ipc.cpp",
61        "TrustyKeymaster.cpp",
62    ],
63
64    local_include_dirs: ["include"],
65
66    shared_libs: [
67        "liblog",
68        "libcutils",
69        "libdl",
70        "libbase",
71        "libutils",
72        "libhardware",
73        "libhidlbase",
74        "libtrusty",
75        "libkeymaster_messages",
76        "libkeymaster4",
77        "android.hardware.keymaster@4.0",
78    ],
79
80    vintf_fragments: ["4.0/android.hardware.keymaster@4.0-service.trusty.xml"],
81}
82
83cc_defaults {
84    name: "android.hardware.security.keymint-service.trusty.defaults",
85    relative_install_path: "hw",
86    vendor: true,
87    cflags: [
88        "-Wall",
89        "-Wextra",
90    ],
91    local_include_dirs: [
92        "include",
93    ],
94    srcs: [
95        "TrustyKeymaster.cpp",
96        "ipc/trusty_keymaster_ipc.cpp",
97        "keymint/TrustyKeyMintDevice.cpp",
98        "keymint/TrustyKeyMintOperation.cpp",
99        "keymint/TrustyRemotelyProvisionedComponentDevice.cpp",
100        "keymint/TrustySecureClock.cpp",
101        "keymint/TrustySharedSecret.cpp",
102        "keymint/service.cpp",
103    ],
104    shared_libs: [
105        "android.hardware.security.keymint-V4-ndk",
106        "android.hardware.security.rkp-V3-ndk",
107        "android.hardware.security.secureclock-V1-ndk",
108        "android.hardware.security.sharedsecret-V1-ndk",
109        "lib_android_keymaster_keymint_utils",
110        "libbase",
111        "libbinder_ndk",
112        "libhardware",
113        "libkeymaster_messages",
114        "libkeymasterconfig",
115        "liblog",
116        "libtrusty",
117        "libutils",
118    ],
119}
120
121// keymint hal binary for keymint in Trusty TEE prebuilt
122cc_binary {
123    name: "android.hardware.security.keymint-service.trusty",
124    defaults: ["android.hardware.security.keymint-service.trusty.defaults"],
125    init_rc: ["keymint/android.hardware.security.keymint-service.trusty.rc"],
126    vintf_fragments: [
127        "keymint/android.hardware.security.keymint-service.trusty.xml",
128    ],
129    required: ["android.hardware.hardware_keystore.xml"],
130}
131
132// Keymint hal service in vendor, enabled by vendor apex.
133// This service is disabled by default and does not package a VINTF fragment.
134// This service can be enabled at boot via vendor apex:
135// - at boot, mount a vendor apex for module `com.android.hardware.keymint`
136// - have the vendor init.rc file enable the service when the associated
137//   apex is selected
138// - have the vendor apex package the vintf fragment and the required permissions
139cc_binary {
140    name: "android.hardware.security.keymint-service.trusty_tee.cpp",
141    defaults: ["android.hardware.security.keymint-service.trusty.defaults"],
142    init_rc: ["keymint/android.hardware.security.keymint-service.trusty_tee.cpp.rc"],
143}
144
145// vintf fragment packaged in vendor apex
146prebuilt_etc {
147    name: "android.hardware.security.keymint-service.trusty.xml",
148    sub_dir: "vintf",
149    vendor: true,
150    src: "keymint/android.hardware.security.keymint-service.trusty.xml",
151}
152
153prebuilt_etc {
154    name: "keymaster_soft_attestation_keys.xml",
155    vendor: true,
156    src: "set_attestation_key/keymaster_soft_attestation_keys.xml",
157}
158
159cc_library {
160    name: "libtrusty_ipc",
161    vendor: true,
162    srcs: ["ipc/trusty_keymaster_ipc.cpp"],
163    local_include_dirs: ["include"],
164    shared_libs: [
165        "libc",
166        "libcrypto",
167        "liblog",
168        "libtrusty",
169        "libhardware",
170        "libkeymaster_messages",
171        "libutils",
172        "libxml2",
173    ],
174    export_include_dirs: ["include"],
175    cflags: [
176        "-Wall",
177        "-Werror",
178    ],
179}
180
181cc_binary {
182    name: "trusty_keymaster_set_attestation_key",
183    vendor: true,
184
185    srcs: [
186        "set_attestation_key/set_attestation_key.cpp",
187        "ipc/trusty_keymaster_ipc.cpp",
188    ],
189
190    local_include_dirs: ["include"],
191
192    shared_libs: [
193        "libc",
194        "libcrypto",
195        "liblog",
196        "libtrusty",
197        "libhardware",
198        "libkeymaster_messages",
199        "libutils",
200        "libxml2",
201    ],
202    cflags: [
203        "-Wall",
204        "-Werror",
205    ],
206}
207
208cc_binary {
209    name: "trusty_keymaster_set_attestation_ids",
210    vendor: true,
211
212    srcs: [
213        "set_attestation_ids/set_attestation_ids.cpp",
214        "ipc/trusty_keymaster_ipc.cpp",
215    ],
216
217    local_include_dirs: ["include"],
218
219    shared_libs: [
220        "libbase",
221        "libc",
222        "libcrypto",
223        "liblog",
224        "libtrusty",
225        "libhardware",
226        "libkeymaster_messages",
227        "libutils",
228    ],
229    cflags: [
230        "-Wall",
231        "-Werror",
232    ],
233}
234
235prebuilt_etc {
236    name: "rkp_uds_cert_test.xml",
237    vendor: true,
238    src: "set_uds_certs/rkp_uds_cert_test.xml",
239}
240
241cc_binary {
242    name: "trusty_rkp_set_uds_cert",
243    vendor: true,
244
245    srcs: [
246        "set_uds_certs/set_uds_certificates.cpp",
247        "ipc/trusty_keymaster_ipc.cpp",
248    ],
249
250    local_include_dirs: ["include"],
251
252    shared_libs: [
253        "libc",
254        "libcrypto",
255        "liblog",
256        "libtrusty",
257        "libhardware",
258        "libkeymaster_messages",
259        "libutils",
260        "libxml2",
261    ],
262    cflags: [
263        "-Wall",
264        "-Werror",
265    ],
266}
267