1# service started when selecting `com.android.hardware.keymint.trusty_system_vm` vendor apex 2service system.keymint-service.trusty_system_vm \ 3 /system_ext/bin/hw/android.hardware.security.keymint-service.trusty_system_vm \ 4 --dev ${system.keymint.trusty_ipc_dev} 5 disabled 6 user nobody 7 group drmrpc 8 # The keymint service is not allowed to restart. 9 # If it crashes, a device restart is required. 10 oneshot 11 12# TODO(b/357821690): Start the KeyMint HALs when the KeyMint VM is ready once the Trusty VM 13# has a mechanism to notify the host. 14on post-fs && property:trusty.security_vm.keymint.enabled=1 && \ 15 property:trusty.security_vm.vm_cid=* 16 setprop system.keymint.trusty_ipc_dev VSOCK:${trusty.security_vm.vm_cid}:1 17 start system.keymint-service.trusty_system_vm 18