Merge remote-tracking branch 'goog/upstream-master' into into D2-SC-023 and MP-SC-02android12-dev

Release notes:
  Fix struct nugget_app_storage for C++
  keymint: Extend hmac_sharing_params max_count to 10
  Define NUGGET_PARAM_STORAGE_ functions

Bug: 189517156
Test: release tests, QMC
Change-Id: I94328a13f1f1dd8fee8118e0916760b57eccf1ae

2 files changed, 45 insertions, 1 deletions

diff --git a/nugget/include/app_nugget.h b/nugget/include/app_nugget.h
index 525e774..1ef9f31 100644
--- a/nugget/include/app_nugget.h
+++ b/nugget/include/app_nugget.h
@@ -370,6 +370,50 @@ enum nugget_sjtag_avb_boot_lock_result {
  * @errors             APP_ERROR_BOGUS_ARGS
  */
 
+/*
+ * Persistent storage of arbitrary data, up to
+ * (FS_MAX_FILE_SIZE - sizeof(struct nugget_app_data)) bytes.
+ */
+struct nugget_app_storage {
+  uint32_t flags; /* TBD, use zero for now */
+#ifndef __cplusplus
+  uint8_t data[]; /* Zero or more bytes */
+#endif
+} __packed;
+
+#define NUGGET_PARAM_STORAGE_WRITE 0x0014
+/*
+ * Write arbitrary data.
+ *
+ * The current storage is erased, then new data (if any) is saved.
+ *
+ * .flags meaning is not yet defined; for now it must be 0x00000000
+ *        Possible usage could restrict reading to the bootloader,
+ *        erase data after N reads or reboots, etc.
+ *
+ * @param args         struct nugget_app_storage + zero or more bytes
+ * @param arg_len      To write: >  sizeof(struct nugget_app_storage)
+ *                     To erase: <= sizeof(struct nugget_app_storage)
+ * @param reply        <none>
+ * @param reply_len    0
+ *
+ * @errors             APP_ERROR_BOGUS_ARGS
+ */
+#define NUGGET_PARAM_STORAGE_READ 0x0015
+/*
+ * Read arbitrary data.
+ *
+ * On success, struct nugget_app_storage is returned, followed by zero
+ * or more bytes of .data
+ *
+ * @param args         <none>
+ * @param arg_len      0
+ * @param reply        struct nugget_app_storage + zero or more bytes
+ * @param reply_len    <varies>
+ *
+ * @errors             APP_ERROR_BOGUS_ARGS
+ */
+
 /****************************************************************************/
 /* Test related commands */
 
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.options b/nugget/proto/nugget/app/keymaster/keymaster.options
index be1a236..4d99765 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster.options
+++ b/nugget/proto/nugget/app/keymaster/keymaster.options
@@ -4,7 +4,7 @@ nugget.app.keymaster.ImportWrappedKeyRequest.masking_key max_size:32
 nugget.app.keymaster.SetRootOfTrustRequest.digest max_size:32
 nugget.app.keymaster.SetBootStateRequest.public_key max_size:32
 nugget.app.keymaster.SetBootStateRequest.boot_hash max_size:32
-nugget.app.keymaster.ComputeSharedHmacRequest.hmac_sharing_params max_count:3
+nugget.app.keymaster.ComputeSharedHmacRequest.hmac_sharing_params max_count:10
 nugget.app.keymaster.ComputeSharedHmacResponse.sharing_check max_size:32
 nugget.app.keymaster.DTupHandshakeRequest.nonce_client max_size:32
 nugget.app.keymaster.DTupHandshakeResponse.nonce_citadel max_size:32