xref: /aosp_15_r20/system/core/trusty/utils/rpmb_dev/rpmb_dev.wv.system.rc (revision 00c7fec1bb09f3284aad6a6f96d2f63dfc3650ad) 
1service storageproxyd_wv_system /system_ext/bin/storageproxyd.system \
2        -d ${storageproxyd_wv_system.trusty_ipc_dev:-/dev/trusty-ipc-dev0} \
3        -r /dev/socket/rpmb_mock_wv_system \
4        -p /data/secure_storage_wv_system \
5        -t sock
6    disabled
7    class hal
8    user system
9    group system
10
11service rpmb_mock_init_wv_system /system_ext/bin/rpmb_dev.wv.system \
12        --dev /mnt/secure_storage_rpmb_wv_system/persist/RPMB_DATA --init --size 2048
13    disabled
14    user system
15    group system
16    oneshot
17
18service rpmb_mock_wv_system /system_ext/bin/rpmb_dev.wv.system \
19        --dev /mnt/secure_storage_rpmb_wv_system/persist/RPMB_DATA \
20        --sock rpmb_mock_wv_system
21    disabled
22    user system
23    group system
24    socket rpmb_mock_wv_system stream 660 system system
25
26# storageproxyd
27on boot && \
28    property:trusty.widevine_vm.nonsecure_vm_ready=1 && \
29    property:storageproxyd_wv_system.trusty_ipc_dev=*
30    wait /dev/socket/rpmb_mock_wv_system
31    enable storageproxyd_wv_system
32
33
34# RPMB Mock
35on early-boot && \
36    property:ro.hardware.security.trusty.widevine_vm.system=1 && \
37    property:trusty.widevine_vm.vm_cid=* && \
38    property:ro.boot.vendor.apex.com.android.services.widevine=\
39com.android.services.widevine.cf_guest_trusty_nonsecure
40    # Create a persistent location for the RPMB data
41    # (work around lack of RPMb block device on CF).
42    # file contexts secure_storage_rpmb_system_file
43    # (only used on Cuttlefish as this is non secure)
44    mkdir /metadata/secure_storage_rpmb_wv_system 0770 system system
45    mkdir /mnt/secure_storage_rpmb_wv_system 0770 system system
46    symlink /metadata/secure_storage_rpmb_wv_system \
47            /mnt/secure_storage_rpmb_wv_system/persist
48    # Create a system persist directory in /metadata
49    # (work around lack of dedicated system persist partition).
50    # file contexts secure_storage_persist_system_file
51    mkdir /metadata/secure_storage_persist_wv_system 0770 system system
52    mkdir /mnt/secure_storage_persist_wv_system 0770 system system
53    symlink /metadata/secure_storage_persist_wv_system \
54            /mnt/secure_storage_persist_wv_system/persist
55    # file contexts secure_storage_system_file
56    mkdir /data/secure_storage_wv_system 0770 root system
57    symlink /mnt/secure_storage_persist_wv_system/persist \
58            /data/secure_storage_wv_system/persist
59    chown root system /data/secure_storage_wv_system/persist
60    setprop storageproxyd_wv_system.trusty_ipc_dev VSOCK:${trusty.widevine_vm.vm_cid}:1
61    exec_start rpmb_mock_init_wv_system
62    start rpmb_mock_wv_system
63