• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..--

doc/15-Dec-2024-414347

oemlock/15-Dec-2024-298177

rust/15-Dec-2024-958681

storage/15-Dec-2024-546348

Android.bpD15-Dec-20245.7 KiB235226

OWNERSD14-Jan-202485 32

README.mdD14-Jan-2024841 1511

composite_serialization.cppD14-Jan-20241.4 KiB5330

composite_serialization.hD14-Jan-20241.4 KiB4414

confui_sign_server.cppD14-Jan-20243.4 KiB9159

confui_sign_server.hD14-Jan-20241.1 KiB3717

device_tpm.cppD14-Jan-20241.8 KiB5937

device_tpm.hD14-Jan-20241.1 KiB4014

encrypted_serializable.cppD15-Dec-202411.1 KiB322282

encrypted_serializable.hD14-Jan-20242.5 KiB6418

encrypted_serializable_test.cppD14-Jan-20242.1 KiB5630

gatekeeper_responder.cppD15-Dec-20242.2 KiB6645

gatekeeper_responder.hD14-Jan-20241 KiB3714

gatekeeper_storage.hD14-Jan-20241.5 KiB4716

hmac_serializable.cppD14-Jan-20245.1 KiB152125

hmac_serializable.hD14-Jan-20242.4 KiB6624

in_process_tpm.cppD14-Jan-20245.4 KiB190142

in_process_tpm.hD14-Jan-20241.4 KiB5217

json_serializable.cppD14-Jan-20245.2 KiB160121

json_serializable.hD14-Jan-2024960 309

keymaster_responder.cppD14-Jan-20245.9 KiB127105

keymaster_responder.hD14-Jan-20241 KiB3714

primary_key_builder.cppD15-Dec-20245.1 KiB145108

primary_key_builder.hD14-Jan-20241.4 KiB5123

proxy_keymaster_context.hD15-Dec-20246.6 KiB181132

secure_env_not_windows_main.cppD15-Dec-202418.3 KiB442354

secure_env_windows_lib.cppD15-Dec-20245.1 KiB13996

secure_env_windows_lib.hD14-Jan-20241.6 KiB4818

secure_env_windows_main.cppD14-Jan-20241.8 KiB5128

soft_gatekeeper.hD15-Dec-20245.8 KiB177129

suspend_resume_handler.cppD15-Dec-20244.5 KiB12489

suspend_resume_handler.hD15-Dec-20242.4 KiB7830

test_tpm.cppD14-Jan-20241.1 KiB3714

test_tpm.hD14-Jan-2024891 3613

tpm.hD14-Jan-2024812 309

tpm_attestation_record.cppD14-Jan-20247.2 KiB207153

tpm_attestation_record.hD14-Jan-20242.6 KiB7551

tpm_auth.cppD14-Jan-20241.3 KiB4825

tpm_auth.hD14-Jan-20241.3 KiB4817

tpm_commands.cppD14-Jan-20246 KiB152130

tpm_commands.hD14-Jan-2024755 276

tpm_encrypt_decrypt.cppD14-Jan-20243.2 KiB9568

tpm_encrypt_decrypt.hD14-Jan-20241.7 KiB4912

tpm_ffi.cppD14-Jan-20242.4 KiB7957

tpm_ffi.hD14-Jan-20241.3 KiB4314

tpm_gatekeeper.cppD15-Dec-20247.1 KiB229185

tpm_gatekeeper.hD15-Dec-20242.7 KiB8949

tpm_hmac.cppD15-Dec-20245.4 KiB155124

tpm_hmac.hD14-Jan-20242.1 KiB6522

tpm_key_blob_maker.cppD15-Dec-202410.6 KiB293223

tpm_key_blob_maker.hD14-Jan-20243.1 KiB8438

tpm_keymaster_context.cppD15-Dec-202425.4 KiB687549

tpm_keymaster_context.hD14-Jan-20245.6 KiB148101

tpm_keymaster_enforcement.cppD15-Dec-202410.9 KiB336269

tpm_keymaster_enforcement.hD14-Jan-20242.6 KiB7137

tpm_random_source.cppD15-Dec-20243.6 KiB10374

tpm_random_source.hD15-Dec-20241.3 KiB4415

tpm_remote_provisioning_context.cppD14-Jan-20248.9 KiB255208

tpm_remote_provisioning_context.hD14-Jan-20242.7 KiB7345

tpm_resource_manager.cppD15-Dec-20242.7 KiB8856

tpm_resource_manager.hD15-Dec-20242.3 KiB8642

tpm_serialize.cppD14-Jan-20242.5 KiB8958

tpm_serialize.hD14-Jan-20241.8 KiB5721

worker_thread_loop_body.cppD15-Dec-20242.8 KiB7846

worker_thread_loop_body.hD15-Dec-2024985 3110

README.md

1Host process substituting for a TEE (Trusted Execution Environment). Used to
2run backing implementations of Android HALs that normally delegate to a TEE
3environment, specifically ConfirmationUI, Gatekeeper, and Keymint.
4
5Gatekeeper and Keymint communicate with `secure_env` through virtio-console
6channels connected to FIFO files on the host. The display part of
7ConfirmationUI is runs in the `webRTC` host process, which delegates signing
8operations only to `secure_env`.
9
10Before entering the kernel, the u-boot bootloader writes some information
11about the device image files into the keymint channel to prepare it with
12the authenticated version number of the operating system.
13
14[![linkage](./doc/linkage.png)](https://cs.android.com/android/platform/superproject/+/master:device/google/cuttlefish/host/commands/secure_env/doc/linkage.svg)
15