Snap for 11785460 from 26b5ae0fc2f02db8c21b53949e0983027d552a7c to sdk-releasesdk-release

Change-Id: Ic00d2a3b081ceccdd8b04ea8edfb24c46b3aac60

14 files changed, 147 insertions, 47 deletions

diff --git a/automotive/can/1.0/default/tests/fuzzer/Android.bp b/automotive/can/1.0/default/tests/fuzzer/Android.bp
index 01c8a9d233..16030d85f2 100644
--- a/automotive/can/1.0/default/tests/fuzzer/Android.bp
+++ b/automotive/can/1.0/default/tests/fuzzer/Android.bp
@@ -48,7 +48,8 @@ cc_fuzz {
     ],
     fuzz_config: {
         cc: [
-            "android-media-fuzzing-reports@google.com",
+            "chrisweir@google.com",
+            "twasilczyk@google.com",
         ],
         componentid: 533764,
         hotlists: [
diff --git a/bluetooth/aidl/vts/VtsHalBluetoothTargetTest.cpp b/bluetooth/aidl/vts/VtsHalBluetoothTargetTest.cpp
index 140b956043..aaf436f4aa 100644
--- a/bluetooth/aidl/vts/VtsHalBluetoothTargetTest.cpp
+++ b/bluetooth/aidl/vts/VtsHalBluetoothTargetTest.cpp
@@ -1095,6 +1095,37 @@ TEST_P(BluetoothAidlTest, Vsr_Bluetooth4_2Requirements) {
 
 }
 
+/**
+ * VSR-5.3.14-012 MUST support at least eight LE concurrent connections with
+ *                three in peripheral role.
+ */
+// @VsrTest = 5.3.14-012
+TEST_P(BluetoothAidlTest, Vsr_BlE_Connection_Requirement) {
+  std::vector<uint8_t> version_event;
+  send_and_wait_for_cmd_complete(ReadLocalVersionInformationBuilder::Create(),
+                                 version_event);
+  auto version_view = ReadLocalVersionInformationCompleteView::Create(
+      CommandCompleteView::Create(EventView::Create(PacketView<true>(
+          std::make_shared<std::vector<uint8_t>>(version_event)))));
+  ASSERT_TRUE(version_view.IsValid());
+  ASSERT_EQ(::bluetooth::hci::ErrorCode::SUCCESS, version_view.GetStatus());
+  auto version = version_view.GetLocalVersionInformation();
+  if (version.hci_version_ < ::bluetooth::hci::HciVersion::V_5_0) {
+    // This test does not apply to controllers below 5.0
+    return;
+  };
+
+  int max_connections = ::android::base::GetIntProperty(
+      "bluetooth.core.le.max_number_of_concurrent_connections", -1);
+  if (max_connections == -1) {
+    // With the property not set the default minimum of 8 will be used
+    ALOGI("Max number of LE concurrent connections isn't set");
+    return;
+  }
+  ALOGI("Max number of LE concurrent connections = %d", max_connections);
+  ASSERT_GE(max_connections, 8);
+}
+
 GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(BluetoothAidlTest);
 INSTANTIATE_TEST_SUITE_P(PerInstance, BluetoothAidlTest,
                          testing::ValuesIn(android::getAidlHalInstanceNames(
diff --git a/bluetooth/audio/utils/Android.bp b/bluetooth/audio/utils/Android.bp
index cecf8f00dd..779a90f69a 100644
--- a/bluetooth/audio/utils/Android.bp
+++ b/bluetooth/audio/utils/Android.bp
@@ -51,6 +51,7 @@ cc_library_shared {
         "libxsdc-utils",
     ],
     defaults: [
+        "aconfig_lib_cc_static_link.defaults",
         "latest_android_hardware_bluetooth_audio_ndk_shared",
     ],
     shared_libs: [
diff --git a/bluetooth/finder/aidl/vts/VtsHalBluetoothFinderTargetTest.cpp b/bluetooth/finder/aidl/vts/VtsHalBluetoothFinderTargetTest.cpp
index fee9e24200..be07a7db24 100644
--- a/bluetooth/finder/aidl/vts/VtsHalBluetoothFinderTargetTest.cpp
+++ b/bluetooth/finder/aidl/vts/VtsHalBluetoothFinderTargetTest.cpp
@@ -18,7 +18,6 @@
 #include <aidl/Vintf.h>
 #include <aidl/android/hardware/bluetooth/finder/IBluetoothFinder.h>
 #include <android-base/logging.h>
-#include <android-base/properties.h>
 #include <android/binder_manager.h>
 #include <android/binder_process.h>
 #include <binder/IServiceManager.h>
@@ -72,12 +71,6 @@ ScopedAStatus BluetoothFinderTest::getPoweredOffFinderMode(bool* status) {
   return bluetooth_finder->getPoweredOffFinderMode(status);
 }
 
-TEST_P(BluetoothFinderTest, PropertyIsSet) {
-  ASSERT_EQ(
-      android::base::GetProperty("ro.bluetooth.finder.supported", "false"),
-      "true");
-}
-
 TEST_P(BluetoothFinderTest, SendEidsSingle) {
   ScopedAStatus status = sendEids(1);
   ASSERT_TRUE(status.isOk());
diff --git a/graphics/mapper/stable-c/README.md b/graphics/mapper/stable-c/README.md
index 0b9b499b0e..919119a1b5 100644
--- a/graphics/mapper/stable-c/README.md
+++ b/graphics/mapper/stable-c/README.md
@@ -22,6 +22,12 @@ as the `<instance>` in the VINTF manifest `<interface>` section. For example:
 ```
 defines that the IMapper 5.0 library is provided by `/vendor/lib[64]/hw/mapper.minigbm.so`.
 
+ServiceManager should be able to `find` the instance. The instance should be labelled in
+`service_contexts` as follows:
+```
+mapper/minigbm    u:object_r:hal_graphics_mapper_service:s0
+```
+
 This library must export the following `extern "C"` symbols:
 
 ### `ANDROID_HAL_STABLEC_VERSION`
diff --git a/media/1.0/xml/Android.bp b/media/1.0/xml/Android.bp
new file mode 100644
index 0000000000..5b5a95c5b7
--- /dev/null
+++ b/media/1.0/xml/Android.bp
@@ -0,0 +1,26 @@
+// Copyright (C) 2024 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+    default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+///////////////////////////////////////
+// media_profiles_V1_0.dtd
+
+prebuilt_etc {
+    name: "media_profiles_V1_0.dtd",
+    src: "media_profiles.dtd",
+    filename: "media_profiles_V1_0.dtd",
+}
diff --git a/media/1.0/xml/Android.mk b/media/1.0/xml/Android.mk
deleted file mode 100644
index a7952880ab..0000000000
--- a/media/1.0/xml/Android.mk
+++ /dev/null
@@ -1,16 +0,0 @@
-LOCAL_PATH := $(call my-dir)
-
-#######################################
-# media_profiles_V1_0.dtd
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := media_profiles_V1_0.dtd
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
-LOCAL_LICENSE_CONDITIONS := notice
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/../../../NOTICE
-LOCAL_SRC_FILES := media_profiles.dtd
-LOCAL_MODULE_CLASS := ETC
-LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
-
-include $(BUILD_PREBUILT)
diff --git a/security/keymint/aidl/default/Android.bp b/security/keymint/aidl/default/Android.bp
index 0cf53cf6f8..fbb61401b9 100644
--- a/security/keymint/aidl/default/Android.bp
+++ b/security/keymint/aidl/default/Android.bp
@@ -7,6 +7,13 @@ package {
     default_applicable_licenses: ["hardware_interfaces_license"],
 }
 
+// The following target has an insecure implementation of KeyMint where the
+// trusted application (TA) code runs in-process alongside the HAL service
+// code.
+//
+// A real device is required to run the TA code in a secure environment, as
+// per CDD 9.11 [C-1-1]: "MUST back up the keystore implementation with an
+// isolated execution environment."
 cc_binary {
     name: "android.hardware.security.keymint-service",
     relative_install_path: "hw",
@@ -46,6 +53,13 @@ cc_binary {
     ],
 }
 
+// The following target has an insecure implementation of KeyMint where the
+// trusted application (TA) code runs in-process alongside the HAL service
+// code.
+//
+// A real device is required to run the TA code in a secure environment, as
+// per CDD 9.11 [C-1-1]: "MUST back up the keystore implementation with an
+// isolated execution environment."
 rust_binary {
     name: "android.hardware.security.keymint-service.nonsecure",
     relative_install_path: "hw",
diff --git a/security/keymint/aidl/default/main.rs b/security/keymint/aidl/default/main.rs
index 055c698e2f..47143f49fa 100644
--- a/security/keymint/aidl/default/main.rs
+++ b/security/keymint/aidl/default/main.rs
@@ -17,11 +17,15 @@
 //! Default implementation of the KeyMint HAL and related HALs.
 //!
 //! This implementation of the HAL is only intended to allow testing and policy compliance.  A real
-//! implementation **must be implemented in a secure environment**.
+//! implementation **must implement the TA in a secure environment**, as per CDD 9.11 [C-1-1]:
+//! "MUST back up the keystore implementation with an isolated execution environment."
+//!
+//! The additional device-specific components that are required for a real implementation of KeyMint
+//! that is based on the Rust reference implementation are described in system/keymint/README.md.
 
 use kmr_hal::SerializedChannel;
 use kmr_hal_nonsecure::{attestation_id_info, get_boot_info};
-use log::{debug, error, info};
+use log::{debug, error, info, warn};
 use std::ops::DerefMut;
 use std::sync::{mpsc, Arc, Mutex};
 
@@ -62,7 +66,7 @@ fn inner_main() -> Result<(), HalServiceError> {
         error!("{}", panic_info);
     }));
 
-    info!("Insecure KeyMint HAL service is starting.");
+    warn!("Insecure KeyMint HAL service is starting.");
 
     info!("Starting thread pool now.");
     binder::ProcessState::start_thread_pool();
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index b65218fba9..65a4645536 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -22,6 +22,7 @@
 #include <algorithm>
 #include <iostream>
 #include <map>
+#include <set>
 
 #include <openssl/curve25519.h>
 #include <openssl/ec.h>
@@ -3588,6 +3589,42 @@ TEST_P(SigningOperationsTest, HmacAllDigests) {
 }
 
 /*
+ * SigningOperationsTest.HmacMessageDigestUnique
+ *
+ * Verifies that HMAC with different keys gives different results.
+ */
+TEST_P(SigningOperationsTest, HmacMessageDigestUnique) {
+    for (int key_len : {64, 128, 192, 256, 512}) {
+        for (int msg_len = 0; msg_len <= 30; msg_len += 10) {
+            string message = string(msg_len, 'x');
+            for (auto digest : ValidDigests(false /* withNone */, false /* withMD5 */)) {
+                SCOPED_TRACE(testing::Message() << "Digest::" << digest << "::MsgLen::" << msg_len);
+
+                int count = 10;
+                std::set<string> results;
+                for (int ii = 0; ii < count; ii++) {
+                    ASSERT_EQ(ErrorCode::OK,
+                              GenerateKey(AuthorizationSetBuilder()
+                                                  .Authorization(TAG_NO_AUTH_REQUIRED)
+                                                  .HmacKey(key_len)
+                                                  .Digest(digest)
+                                                  .Authorization(TAG_MIN_MAC_LENGTH, 160)))
+                            << "Failed to create HMAC key with digest " << digest;
+                    string signature = MacMessage(message, digest, 160);
+                    EXPECT_EQ(160U / 8U, signature.size())
+                            << "Failed to sign with HMAC key with digest " << digest;
+                    CheckedDeleteKey();
+                    results.insert(signature);
+                }
+                EXPECT_EQ(results.size(), count)
+                        << "HMAC of a message '" << message << "' with " << count
+                        << " fresh keys only gave " << results.size() << " distinct results";
+            }
+        }
+    }
+}
+
+/*
  * SigningOperationsTest.HmacSha256TooLargeMacLength
  *
  * Verifies that HMAC fails in the correct way when asked to generate a MAC larger than the
diff --git a/security/rkp/README.md b/security/rkp/README.md
index 2d00b83295..67cf72e6bf 100644
--- a/security/rkp/README.md
+++ b/security/rkp/README.md
@@ -201,7 +201,7 @@ RKP VM:
 
 It is important to distinquish the RKP VM from other components, such as KeyMint. An
 [RKP VM marker](https://pigweed.googlesource.com/open-dice/+/HEAD/docs/android.md#configuration-descriptor)
-(key `-70006) is used for this purpose. The existence or absence of this marker is used to
+(key `-70006`) is used for this purpose. The existence or absence of this marker is used to
 identify the type of component decribed by a given DICE chain.
 
 The following describes which certificate types may be request based on the RKP VM marker:
diff --git a/threadnetwork/aidl/default/main.cpp b/threadnetwork/aidl/default/main.cpp
index 841904174d..26683bf079 100644
--- a/threadnetwork/aidl/default/main.cpp
+++ b/threadnetwork/aidl/default/main.cpp
@@ -26,24 +26,29 @@
 using aidl::android::hardware::threadnetwork::IThreadChip;
 using aidl::android::hardware::threadnetwork::ThreadChip;
 
+namespace {
+void addThreadChip(int id, const char* url) {
+    binder_status_t status;
+    const std::string serviceName(std::string() + IThreadChip::descriptor + "/chip" +
+            std::to_string(id));
+
+    ALOGI("ServiceName: %s, Url: %s", serviceName.c_str(), url);
+
+    auto threadChip = ndk::SharedRefBase::make<ThreadChip>(url);
+
+    CHECK_NE(threadChip, nullptr);
+
+    status = AServiceManager_addService(threadChip->asBinder().get(), serviceName.c_str());
+    CHECK_EQ(status, STATUS_OK);
+}
+}
+
 int main(int argc, char* argv[]) {
     CHECK_GT(argc, 1);
-    std::vector<std::shared_ptr<ThreadChip>> threadChips;
     aidl::android::hardware::threadnetwork::Service service;
 
     for (int id = 0; id < argc - 1; id++) {
-        binder_status_t status;
-        const std::string serviceName(std::string() + IThreadChip::descriptor + "/chip" +
-                                      std::to_string(id));
-        auto threadChip = ndk::SharedRefBase::make<ThreadChip>(argv[id + 1]);
-
-        CHECK_NE(threadChip, nullptr);
-
-        status = AServiceManager_addService(threadChip->asBinder().get(), serviceName.c_str());
-        CHECK_EQ(status, STATUS_OK);
-
-        ALOGI("ServiceName: %s, Url: %s", serviceName.c_str(), argv[id + 1]);
-        threadChips.push_back(std::move(threadChip));
+        addThreadChip(id, argv[id + 1]);
     }
 
     ALOGI("Thread Network HAL is running");
diff --git a/threadnetwork/aidl/default/thread_chip.cpp b/threadnetwork/aidl/default/thread_chip.cpp
index d1e1d4ceaf..e31272886b 100644
--- a/threadnetwork/aidl/default/thread_chip.cpp
+++ b/threadnetwork/aidl/default/thread_chip.cpp
@@ -32,11 +32,9 @@ namespace android {
 namespace hardware {
 namespace threadnetwork {
 
-ThreadChip::ThreadChip(char* url) : mUrl(), mRxFrameBuffer(), mCallback(nullptr) {
+ThreadChip::ThreadChip(const char* url) : mUrl(url), mRxFrameBuffer(), mCallback(nullptr) {
     const char* interfaceName;
 
-    CHECK_EQ(mUrl.Init(url), 0);
-
     interfaceName = mUrl.GetProtocol();
     CHECK_NE(interfaceName, nullptr);
 
diff --git a/threadnetwork/aidl/default/thread_chip.hpp b/threadnetwork/aidl/default/thread_chip.hpp
index 30046ef040..d07d0498f6 100644
--- a/threadnetwork/aidl/default/thread_chip.hpp
+++ b/threadnetwork/aidl/default/thread_chip.hpp
@@ -20,8 +20,8 @@
 #include <aidl/android/hardware/threadnetwork/IThreadChipCallback.h>
 
 #include "lib/spinel/spinel_interface.hpp"
-#include "lib/url/url.hpp"
 #include "mainloop.hpp"
+#include "radio_url.hpp"
 
 #include <android/binder_auto_utils.h>
 #include <android/binder_ibinder.h>
@@ -34,7 +34,7 @@ namespace threadnetwork {
 
 class ThreadChip : public BnThreadChip, ot::Posix::Mainloop::Source {
   public:
-    ThreadChip(char* url);
+    ThreadChip(const char* url);
     ~ThreadChip() {}
 
     ndk::ScopedAStatus open(const std::shared_ptr<IThreadChipCallback>& in_callback) override;
@@ -55,7 +55,7 @@ class ThreadChip : public BnThreadChip, ot::Posix::Mainloop::Source {
     ndk::ScopedAStatus initChip(const std::shared_ptr<IThreadChipCallback>& in_callback);
     ndk::ScopedAStatus deinitChip();
 
-    ot::Url::Url mUrl;
+    ot::Posix::RadioUrl mUrl;
     std::shared_ptr<ot::Spinel::SpinelInterface> mSpinelInterface;
     ot::Spinel::SpinelInterface::RxFrameBuffer mRxFrameBuffer;
     std::shared_ptr<IThreadChipCallback> mCallback;