| Name | Date | Size | #Lines | LOC | ||
|---|---|---|---|---|---|---|
| .. | - | - | ||||
| aidl/ | H | 25-Apr-2025 | - | 403 | 187 | |
| README.md | H A D | 25-Apr-2025 | 2.5 KiB | 66 | 40 |
README.md
1# IHDCPAuthControl as a Trusted HAL service 2 3IHDCPAuthControl is expected to be a service implemented in a TEE. 4We provide a default reference implementation and its integration in Trusty 5as an example. 6 7The VTS test for a Trusted HAL service ought to run in the VM. 8We provide an integration of the VTS test in a Trusty VM, 9and later in a Microdroid VM (b/380632474). 10 11This interface shall not be exposed to the host and thus shall be part of 12the list of excluded interfaces from 13[compatibility_matrices/exclude/fcm_exclude.cpp](../../../compatibility_matrices/exclude/fcm_exclude.cpp) 14 15## 1. Mock Implementation 16 17The mock implementation under default/src/lib.rs is expected to be integrated in a 18TEE. For AOSP testing we offer two virtual device testing options: 19 20- Cuttlefish AVD, where the reference implementation is integrated in an AVF VM, emulating a TEE. 21- Trusty QEMU AVD, where the reference implementation is integrated in a Trusty TEE image (executed in secure world) 22 23### 1.1. Cuttlefish: Integrate in an AVF HAL pVM (Trusty) 24 25In Cuttlefish, we emulate a TEE with an AVF Trusty pVM. 26The VM2TZ IPC is emulated with a vsock port forward utility (b/379582767). 27 28Until vsock port forwarding is supported, the trusty_test_vm is used temporarily. 29(VTS tests and HAL implementation will be in same pVM). 30 31TODO: complete when trusty_hal_vm is created 32 33In order to add the mock HdcpAuthControlService to the trusty_test_vm, make sure 34that `hardware/interfaces/security/see/hdcp/default` is added to the 35trusty_test_vm makefile, by adding it to 36[trusty/device/x86/generic-x86_64/project/generic-x86_64-inc.mk](../../../../../trusty/device/x86/generic-x86_64/project/generic-x86_64-inc.mk) 37 38### 1.2. Trusty QEMU AVD: Integrate as a TA in Trusty TEE 39 40In order to add the mock HdcpAuthControlService to the Trusty TEE, make sure 41that `hardware/interfaces/security/see/hdcp/default` is added to 42[trusty/device/arm/generic-arm64/project/generic-arm-inc.mk](../../../../../trusty/device/arm/generic-arm64/project/generic-arm-inc.mk) 43 44 45## 2. VTS Tests 46 47IHdcpAuthControl service is expected to only be exposed to AVF pVM. 48 49The VTS tests shall verify: 50 51- IHdcpAuthControl cannot be accessed from the Android Host: 52 53 see [aidl/vts/src/host_test.rs](aidl/vts/host_test.rs) 54 55- IHdcpAuthControl can be accessed from an AVF pVM: 56 57 see [aidl/vts/src/vm_test.rs](aidl/vts/src/vm_test.rs) 58 see [aidl/vts/AndroidTest.xml](aidl/vts/AndroidTest.xml) 59 60 61To integrate the VTS test in the trusty_test_vm: 62 631. 641. add the test to [hardware/interfaces/security/see/usertests-rust-inc.mk](../usertests-rust-inc.mk) 65 66