Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

The ODCC example service and client applications

This repository contains the code of https://github.sec.samsung.net/SYSSEC/odcc_example adjusted to the AOSP build system. To run a service in a Realm, it uses the CCPlugIn.

Cloning

cd $ANDROID_BUILD_TOP
mkdir -p vendor/samsung
cd vendor/samsung
git clone https://github.sec.samsung.net/SYSSEC/odcc-example-aosp.git -b on-device-cc

The OdccExampleServiceOrig/gen/ folder

OdccExampleServiceOrig/gen/ holds a checked-in reference copy of Java and metadata that aidl generates from IExampleInterface.aidl (invoked from OdccExampleServiceOrig/ccplugin_template/Android.bp), so you can read the auto-generated proxy, manifest fragment, and realm target hint without a full tree build. For what each path is and how to refresh the snapshot from Soong or aidl, see OdccExampleServiceOrig/gen/README.md.

Building

To build the client and service applications execute the following commands.

For the client app:

m OdccExampleClientOrig

For the CC-enabled service app:

m OdccExampleServiceOrig

The resulting APK files are located in out/target/product/vsoc_arm64_only/system/app folder.

OdccExampleClientOrig/OdccExampleClientOrig.apk
OdccExampleServiceOrig/OdccExampleServiceOrig.apk

Installation

You can install them at once by simply running:

cd <AOSP Root>/out/target/product/vsoc_arm64_only/system/app/
adb install-multi-package OdccExampleClientOrig/OdccExampleClientOrig.apk OdccExampleServiceOrig/OdccExampleServiceOrig.apk

Running

Run the CC-enabled service app using crosvm

adb root
adb shell
setenforce 0

# Run the client and the service apps.
# The client calls 'bindService' to the CCPlugIn with BIND_AUTO_CREATE flag. So CCPlugIn will be launched automatically.
# NOTE: But it takes some time to run the VM. Don't touch any buttons in client UI.
am start -n com.examplecc.client/.MainActivity

# Check the log "Target service binder successfully obtained and converted"
# If you can see the log, then the VM is running.
tail -f /data/data/com.examplecc.service/files/service2.txt

Then press any button and see the result in the UI like the below image:

image

Run it using kvmtool

To run it using kvmtool, follow this commands:

adb root
adb shell
setenforce 0

# Create files which are some kinds of flags to use kvmtool
touch /data/use_kvmtool /data/use_realm

# Run the client app.
am start -n com.examplecc.client/.MainActivity

# Check the log "Target service binder successfully obtained and converted"
# If you can see the log, then the realm is running.
tail -f /data/data/com.examplecc.service/files/service2.txt