commit | 62976b458c03f326066e5c3cf43097873cec9223 | [log] [tgz] |
---|---|---|
author | Garret Kelly <gdk@google.com> | Thu May 23 08:46:31 2019 -0400 |
committer | android-build-team Robot <android-build-team-robot@google.com> | Fri May 24 05:59:52 2019 +0000 |
tree | 8a1ea17fa37d8c492708fea944db01a56a66e692 | |
parent | 97f37e99745f205b4bd3cece9f0470388587f14c [diff] |
Merge remote-tracking branch 'goog/upstream-pixel18' into pi-dev-uaf-fix * goog/upstream-pixel18: keymaster: address UAF bug in attest() Bug: 133197843 Bug: 129562815 Test: manual Change-Id: If990030f5cff02c241a88a51d63bc2b9dbfc365f Signed-off-by: Garret Kelly <gdk@google.com> (cherry picked from commit 15361469739d69efba81b06198c01e09581e5d4e)
Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.
Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a NuggetClient
. The generator can be found in the generator
directory.
Work in progress.
Currently, everything is synchronous and just exposes the call_application()
function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:
NuggetClient
on top of call_application()
citadel
This directory contains the components to support Citadel connected to Android.