commit | 3815ab27586b20c127f598c18076c0abf87c40bc | [log] [tgz] |
---|---|---|
author | Andrew Scull <ascull@google.com> | Mon Sep 11 18:01:20 2017 +0100 |
committer | Andrew Scull <ascull@google.com> | Wed Sep 13 16:07:31 2017 +0000 |
tree | 1578c204aa657111dbaac3e1a6053bc91f34c9cd | |
parent | e1f9f9a64cc0644cfa6918f0ec9e40680b86a921 [diff] |
Fix the build for the new repo structure. libnos now contains the shared definitions. Test: mm Change-Id: If918b55eee4dfabd6c91f691292f0cf5e51679de
Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.
libnos offers the NuggetClient
interface that should be used by the HALs. AppClient
is a wrapper around a NuggetClient
for talking to a specific app.
Nugget can be implemented on a number of chips with different drivers so the NuggetClient interface must be implemented for the hardware in use. This interface also allows proxing via a synchronizing service and injecting mocks for testing.
Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a NuggetClient
. The generator can be found in the generator
directory.
Work in progress.
Currently, everything is synchronous and just exposes the call_application()
function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:
NuggetClient
on top of call_application()
Citadel will be running Nugget. In order to synchronize access to the driver / bus, HALs should proxy all communication via the citadeld
daemon which will be the only service with driver access.
Synchronizing with this service, rather than in the driver, allows for easier debugging and fixing should the need arise.
CitadeldProxyClient
will implement NuggetClient
to handle proxying communication via citadeld
without requiring change to the HALs.