1// Copyright 2020, The Android Open Source Project 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15package { 16 default_team: "trendy_team_android_hardware_backed_security", 17 // See: http://go/android-license-faq 18 // A large-scale-change added 'default_applicable_licenses' to import 19 // all of the 'license_kinds' from "system_security_license" 20 // to get the below license kinds: 21 // SPDX-license-identifier-Apache-2.0 22 default_applicable_licenses: ["system_security_license"], 23} 24 25rust_defaults { 26 name: "libkeystore2_defaults", 27 crate_name: "keystore2", 28 srcs: ["src/lib.rs"], 29 defaults: [ 30 "keymint_use_latest_hal_aidl_rust", 31 "keystore2_use_latest_aidl_rust", 32 "structured_log_rust_defaults", 33 ], 34 cfgs: select(release_flag("RELEASE_AVF_ENABLE_EARLY_VM"), { 35 true: ["early_vm"], 36 default: [], 37 }), 38 rustlibs: [ 39 "android.hardware.security.rkp-V3-rust", 40 "android.hardware.security.secureclock-V1-rust", 41 "android.hardware.security.sharedsecret-V1-rust", 42 "android.os.permissions_aidl-rust", 43 "android.security.apc-rust", 44 "android.security.authorization-rust", 45 "android.security.compat-rust", 46 "android.security.maintenance-rust", 47 "android.security.metrics-rust", 48 "android.security.rkp_aidl-rust", 49 "libaconfig_android_hardware_biometrics_rust", 50 "libandroid_security_flags_rust", 51 "libanyhow", 52 "libbinder_rs", 53 "libbssl_crypto", 54 "libder", 55 "libkeystore2_aaid-rust", 56 "libkeystore2_apc_compat-rust", 57 "libkeystore2_crypto_rust", 58 "libkeystore2_flags_rust", 59 "libkeystore2_hal_names_rust", 60 "libkeystore2_km_compat", 61 "libkeystore2_selinux", 62 "liblibc", 63 "liblog_rust", 64 "libmessage_macro", 65 "libpostprocessor_client", 66 "librand", 67 "librkpd_client", 68 "librustutils", 69 "libserde", 70 "libserde_cbor", 71 "libthiserror", 72 "libtokio", 73 "libwatchdog_rs", 74 ], 75 shared_libs: [ 76 "libcutils", 77 ], 78 features: [ 79 "watchdog", 80 ], 81} 82 83rust_library { 84 name: "libkeystore2", 85 defaults: ["libkeystore2_defaults"], 86 rustlibs: [ 87 "liblibsqlite3_sys", 88 "librusqlite", 89 ], 90} 91 92rust_library { 93 name: "libkeystore2_with_test_utils", 94 defaults: ["libkeystore2_defaults"], 95 features: [ 96 "keystore2_blob_test_utils", 97 ], 98 rustlibs: [ 99 "libkeystore2_test_utils", 100 "liblibsqlite3_sys", 101 "librusqlite", 102 ], 103} 104 105rust_test { 106 name: "keystore2_test", 107 crate_name: "keystore2", 108 test_suites: ["general-tests"], 109 auto_gen_config: true, 110 compile_multilib: "first", 111 defaults: ["libkeystore2_defaults"], 112 rustlibs: [ 113 "libandroid_logger", 114 "libhex", 115 "libkeystore2_test_utils", 116 "libkeystore2_with_test_utils", 117 "liblibsqlite3_sys", 118 "libnix", 119 "librusqlite", 120 "libtempfile", 121 ], 122 // The test should always include watchdog. 123 features: [ 124 "keystore2_blob_test_utils", 125 "watchdog", 126 ], 127 require_root: true, 128} 129 130vintf_fragment { 131 name: "android.system.keystore2-service.xml", 132 src: "android.system.keystore2-service.xml", 133} 134 135rust_defaults { 136 name: "keystore2_defaults", 137 srcs: ["src/keystore2_main.rs"], 138 rustlibs: [ 139 "libandroid_logger", 140 "libbinder_rs", 141 "liblog_rust", 142 ], 143 init_rc: ["keystore2.rc"], 144 145 // In S, keystore2 is the only process using dynamically linked Rust from 146 // /system. As a result, the usual savings from sharing libraries don't 147 // apply. 148 // Remove `prefer_rlib: true` once we have several processes, once a space 149 // calculation shows net RAM savings, or once we have automatic variant 150 // selection available in the build system. 151 prefer_rlib: true, 152 153 vintf_fragment_modules: ["android.system.keystore2-service.xml"], 154 155 required: ["keystore_cli_v2"], 156} 157 158rust_binary { 159 name: "keystore2", 160 defaults: ["keystore2_defaults"], 161 rustlibs: [ 162 "libkeystore2", 163 "liblegacykeystore-rust", 164 "librusqlite", 165 ], 166 afdo: true, 167} 168 169// Keystore Flag definitions 170aconfig_declarations { 171 name: "keystore2_flags", 172 package: "android.security.keystore2", 173 container: "system", 174 srcs: ["aconfig/flags.aconfig"], 175} 176 177java_aconfig_library { 178 name: "keystore2_flags_java", 179 aconfig_declarations: "keystore2_flags", 180} 181 182java_aconfig_library { 183 name: "keystore2_flags_java-host", 184 aconfig_declarations: "keystore2_flags", 185 host_supported: true, 186} 187 188java_aconfig_library { 189 name: "keystore2_flags_java-framework", 190 aconfig_declarations: "keystore2_flags", 191 defaults: ["framework-minus-apex-aconfig-java-defaults"], 192} 193 194rust_aconfig_library { 195 name: "libkeystore2_flags_rust", 196 crate_name: "keystore2_flags", 197 aconfig_declarations: "keystore2_flags", 198} 199 200rust_aconfig_library { 201 name: "libaconfig_android_hardware_biometrics_rust", 202 crate_name: "aconfig_android_hardware_biometrics_rust", 203 aconfig_declarations: "android.hardware.biometrics.flags-aconfig", 204} 205