1# 2# Copyright (C) 2016 The Android Open-Source Project 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15# 16 17# 18# This makefile should be included by devices that use Trusty TEE 19# to pull in the baseline set of Trusty specific modules. 20# 21 22# For gatekeeper, we include the generic -service and -impl to use legacy 23# HAL loading of gatekeeper.trusty. 24 25# Allow the KeyMint HAL service implementation to be selected at build time. This needs to be 26# done in sync with the TA implementation included in Trusty. Possible values are: 27# 28# - Rust implementation: export TRUSTY_KEYMINT_IMPL=rust 29# - C++ implementation: (any other value of TRUSTY_KEYMINT_IMPL) 30 31ifeq ($(TRUSTY_KEYMINT_IMPL),rust) 32 LOCAL_KEYMINT_PRODUCT_PACKAGE := android.hardware.security.keymint-service.rust.trusty 33else 34 # Default to the C++ implementation 35 LOCAL_KEYMINT_PRODUCT_PACKAGE := android.hardware.security.keymint-service.trusty 36endif 37 38PRODUCT_PACKAGES += \ 39 $(LOCAL_KEYMINT_PRODUCT_PACKAGE) \ 40 android.hardware.gatekeeper-service.trusty \ 41 trusty_apploader \ 42 43PRODUCT_PROPERTY_OVERRIDES += \ 44 ro.hardware.keystore_desede=true \ 45 ro.hardware.keystore=trusty \ 46 ro.hardware.gatekeeper=trusty 47 48PRODUCT_COPY_FILES += \ 49 frameworks/native/data/etc/android.hardware.keystore.app_attest_key.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.keystore.app_attest_key.xml 50