Google Git
Sign in
android / platform / external / nos / host / android / 5b7a6eb2833afb8d694dceb9bd17c26d7ffef60b
commit5b7a6eb2833afb8d694dceb9bd17c26d7ffef60b[log] [tgz]
authorGarret Kelly <gdk@google.com>Tue Apr 23 16:38:15 2019 -0400
committerGarret Kelly <gdk@google.com>Tue Apr 23 16:59:18 2019 -0400
tree890d952c1e1e836fabef971bf47434c7f9cde2e5
parent70116aecc16ab5d62e52befe256b4219f5e05c45 [diff]
parent53ef156e633540c9732cab949930e3c4df74eaa3 [diff]
Merge remote-tracking branch 'goog/upstream-master' into doodle_wip7

* goog/upstream-master:
  citadeld: retrieve unexpected events from Citadel
  keymaster: address UAF bug in attest()

Bug: 131177129
Bug: 129562815
Bug: 34946126
Bug: 62713383
Test: manual
Change-Id: If283dff00ec13334f8498875005ae4ccf339eae3
tree: 890d952c1e1e836fabef971bf47434c7f9cde2e5
  1. citadel/
  2. hals/
  3. manual_tests/
  4. .checkpatch.conf
  5. .clang-format
  6. Android.bp
  7. LICENSE
  8. METADATA
  9. MODULE_LICENSE_APACHE2
  10. NOTICE
  11. OWNERS
  12. README.md
README.md

Android components for Nugget

Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.

Services

Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a NuggetClient. The generator can be found in the generator directory.

Asynchronous communication

Work in progress.

Currently, everything is synchronous and just exposes the call_application() function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:

  • Nugget transport API
  • NuggetClient on top of call_application()
  • Generated services

citadel

This directory contains the components to support Citadel connected to Android.