sm8650-common: Enable OMAPI service

* Import hal_uuid_map_config.xml from hardware/nxp/keymint/KM300/res and adjust UID to match QCOM definitions Change-Id: I393ff4053bd0e0f2b0ebccb83b03c7a1fdffb598
2025-11-03 21:55:36 +08:00 · 2025-08-05 20:57:22 +08:00
parent 763ad79a7e
commit 9007dd12fc
7 changed files with 96 additions and 0 deletions
--- a/common.mk
+++ b/common.mk
@@ -315,6 +315,20 @@ PRODUCT_PACKAGES += \
 PRODUCT_PACKAGES += \
    vendor.qti.qspa-service

+# SecureElement
+PRODUCT_PACKAGES += \
+    SecureElementResTarget_Vendor
+
+PRODUCT_COPY_FILES += \
+    $(LOCAL_PATH)/configs/com.android.se.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/com.android.se.xml \
+    $(LOCAL_PATH)/configs/hal_uuid_map_config.xml:$(TARGET_COPY_OUT_VENDOR)/etc/hal_uuid_map_23.xml \
+    $(LOCAL_PATH)/configs/hal_uuid_map_config.xml:$(TARGET_COPY_OUT_VENDOR)/etc/hal_uuid_map_29.xml \
+    $(LOCAL_PATH)/configs/hal_uuid_map_config.xml:$(TARGET_COPY_OUT_VENDOR)/etc/hal_uuid_map_31.xml \
+    $(LOCAL_PATH)/configs/hal_uuid_map_config.xml:$(TARGET_COPY_OUT_VENDOR)/etc/hal_uuid_map_config.xml
+
+PRODUCT_COPY_FILES += \
+    frameworks/native/data/etc/android.hardware.se.omapi.uicc.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.se.omapi.uicc.xml
+
 # Sensors
 PRODUCT_PACKAGES += \
    android.hardware.sensors-service.multihal \
--- a/configs/com.android.se.xml
+++ b/configs/com.android.se.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+    Copyright (c) 2022 Qualcomm Technologies, Inc.
+    All Rights Reserved.
+    Confidential and Proprietary - Qualcomm Technologies, Inc.
+-->
+<permissions>
+    <feature name="com.android.se" />
+</permissions>
--- a/configs/hal_uuid_map_config.xml
+++ b/configs/hal_uuid_map_config.xml
@@ -0,0 +1,42 @@
+<!-- Vendor mapping file -->
+<!-- Sample UUID to list of UIDs mapping file -->
+
+<!-- UUID: Universally Unique IDentifier -->
+<!-- 16 Byte UUID need to be generated by vendors to add new entry -->
+<!-- As per global platform access control spec, UUID is expected to be of -->
+<!-- length 20 bytes. While using this UUID, it is expected to be -->
+<!-- automatically padded with ffffffff in initial 4 bytes of 20 Byte length -->
+
+<!-- UID: user identifier of the service -->
+
+<!-- This mapping file should contain an entry for VTS tests, since VTS -->
+<!-- tests run as root, user identifier 0 should be mapped to its -->
+<!-- corresponding UUID to allow VTS tests to access secure element -->
+<!-- For VTS tests use UID: 0 and UUID: 9f36407ead0639fc966f14dde7970f68 -->
+
+<ref_do>
+    <!-- mapping entries to map unique identifiers to device hal services -->
+    <!-- uids -->
+
+    <!-- UUID would be automatically padding with ffffffff to fulfill 20 -->
+    <!-- bytes in access rule. For example for -->
+    <!-- UUID:9f36407ead0639fc966f14dde7970f68 after padding it should look -->
+    <!-- like ffffffff9f36407ead0639fc966f14dde7970f68 -->
+    <uuid_ref_do>
+        <uids>
+            <uid>0</uid>
+        </uids>
+        <uuid>9f36407ead0639fc966f14dde7970f68</uuid>
+    </uuid_ref_do>
+
+    <!-- Sample mapping entry with UIDs:1096 and 1097 mapped to -->
+    <!-- UUID:9f36407ead0639fc966f14dde7970f68 -->
+    <uuid_ref_do>
+        <uids>
+            <uid>2910</uid>
+            <uid>2911</uid>
+            <uid>2915</uid>
+        </uids>
+        <uuid>636F6D2E6E78702E7365637572697479</uuid>
+    </uuid_ref_do>
+</ref_do>
--- a/overlay/SecureElement/Android.bp
+++ b/overlay/SecureElement/Android.bp
@@ -0,0 +1,9 @@
+//
+// Copyright (C) 2025 The LineageOS Project
+// SPDX-License-Identifier: Apache-2.0
+//
+
+runtime_resource_overlay {
+    name: "SecureElementResTarget_Vendor",
+    vendor: true,
+}
--- a/overlay/SecureElement/AndroidManifest.xml
+++ b/overlay/SecureElement/AndroidManifest.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--Copyright (c) 2024, Qualcomm Technologies, Inc.
+    All Rights Reserved.
+-->
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    package="com.android.se.overlay.target">
+    <overlay android:targetPackage="com.android.se" android:isStatic="true" android:priority="500"/>
+</manifest>
--- a/overlay/SecureElement/res/values/config.xml
+++ b/overlay/SecureElement/res/values/config.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--Copyright (c) 2024, Qualcomm Technologies, Inc.
+    All Rights Reserved.
+-->
+<resources>
+    <!-- The list of AIDs are the candidate of the ARA AID in ESE.
+         The first available AID will be taken as the ARA AID. -->
+    <string-array name="config_ara_aid_candidate_list_ese" translatable="false" />
+
+    <!-- To enable vendor stable service, set this to true and
+         make sure its vntf manifest entry is also configured. -->
+    <bool name="secure_element_vintf_enabled">true</bool>
+</resources>
--- a/proprietary-files.txt
+++ b/proprietary-files.txt
@@ -1685,6 +1685,7 @@ vendor/lib64/libqcbor.so
 # Secure element
 odm/bin/hw/android.hardware.secure_element-service.qti
 odm/etc/init/android.hardware.secure_element-service.qti.rc
+odm/etc/vintf/manifest/secure_element_omapi_service.xml:vendor/etc/vintf/manifest/secure_element-service-omapi.xml
 odm/lib64/android.hardware.secure_element-V1-ndk.so:odm/lib64/android.hardware.secure_element-V1-ndk_odm.so;FIX_SONAME
 vendor/etc/vintf/manifest/android.hardware.secure_element.xml
 vendor/lib64/hw/libEseUtils.so