Google Git
Sign in
android / platform / external / nos / host / android / 00f965be0cdfeeed441eb2a7e7166f8c1998b681
commit00f965be0cdfeeed441eb2a7e7166f8c1998b681[log] [tgz]
authornagendra modadugu <ngm@google.com>Fri Apr 05 18:33:26 2019 -0700
committernagendra modadugu <ngm@google.com>Fri Apr 05 18:35:53 2019 -0700
treee283e175d986488d4521b937a570219ee15580d4
parentddf67e047a973f6f805cc25e9dc01093c422f3da [diff]
keymaster: address UAF bug in attest()

This bug detected by HWSan.

Bug: 129562815
Test: builds
Change-Id: Ia9ebcd99213cd0d8d954b574b850ca563092d91b
Signed-off-by: nagendra modadugu <ngm@google.com>
1 file changed
tree: e283e175d986488d4521b937a570219ee15580d4
  1. citadel/
  2. hals/
  3. manual_tests/
  4. .checkpatch.conf
  5. .clang-format
  6. Android.bp
  7. LICENSE
  8. METADATA
  9. MODULE_LICENSE_APACHE2
  10. NOTICE
  11. README.md
README.md

Android components for Nugget

Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.

Services

Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a NuggetClient. The generator can be found in the generator directory.

Asynchronous communication

Work in progress.

Currently, everything is synchronous and just exposes the call_application() function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:

  • Nugget transport API
  • NuggetClient on top of call_application()
  • Generated services

citadel

This directory contains the components to support Citadel connected to Android.