RPMB: Enable mock rpmb package

ARavichandra · sysopenci · commit 0e52eea6a79f · 2025-05-01T05:10:46.000+05:30
Celadon BM doest not support rpmb on nvme, storageproxyd
will fail and keep restarting.rpmb_dev packge is enabled.

Enabling sepolicy for the rpmb_dev package. Mounting teedata
on /mnt/vendor/persist for the rpmb_dev requirement.

Tests Done:
1. Boot the device in MTL nuc.
2. storageproxyd service is running.
3. Screen lock/ unlock working fine using 'input keyevent 26'
   command and After reboot
4. Factory reset working properly.

Tracked-On: OAM-132238
Signed-off-by: Ravichandra Appegowda &lt;ravichandra.appegowda@intel.com&gt;
diff --git a/groups/tee/trusty/BoardConfig.mk b/groups/tee/trusty/BoardConfig.mk
@@ -7,6 +7,7 @@ endif
 BOARD_USES_TRUSTY := true
 BOARD_USES_KEYMASTER1 := true
 BOARD_SEPOLICY_DIRS += $(INTEL_PATH_SEPOLICY)/tee/trusty
+BOARD_SEPOLICY_DIRS += $(INTEL_PATH_SEPOLICY)/tee/trusty/mock_rpmb
 BOARD_SEPOLICY_M4DEFS += module_trusty=true
 
 TRUSTY_BUILDROOT = $(PWD)/$(PRODUCT_OUT)/obj/trusty/
diff --git a/groups/tee/trusty/fstab b/groups/tee/trusty/fstab
@@ -0,0 +1 @@
+/dev/block/by-name/teedata       /mnt/vendor/persist         ext4    discard,noatime,noauto_da_alloc,nosuid,nodev,data=ordered,user_xattr,barrier=1          wait,formattable
diff --git a/groups/tee/trusty/fstab.recovery b/groups/tee/trusty/fstab.recovery
@@ -0,0 +1 @@
+/dev/block/by-name/teedata       /mnt/vendor/persist         ext4    discard,noatime,noauto_da_alloc,nosuid,nodev,data=ordered,user_xattr,barrier=1          wait,formattable
diff --git a/groups/tee/trusty/init.rc b/groups/tee/trusty/init.rc
@@ -1,13 +1,5 @@
 on post-fs-data
     mkdir /data/vendor/securestorage 0700 system system
-    chmod 666 /dev/rpmb0
-
-on early-fs
-    start storageproxyd
-
-service storageproxyd /vendor/bin/storageproxyd -d /dev/trusty-ipc-dev0 -p /data/vendor/securestorage -r /dev/vport0p1 -t virt
-    user system
-    group system
 
 on boot
     start keyboxd
@@ -19,5 +11,4 @@ service keyboxd /vendor/bin/keybox_provisioning -d /dev/trusty-ipc-dev0 -p /dev/
 
 on post-fs
     wait_for_prop vendor.modules.trusty.ready true
-    chmod 666 /dev/vport0p1
     chmod 666 /dev/trusty-ipc-dev0
diff --git a/groups/tee/trusty/product.mk b/groups/tee/trusty/product.mk
@@ -8,7 +8,8 @@ PRODUCT_PACKAGES += \
 	com.android.hardware.gatekeeper.nonsecure \
         android.hardware.security.keymint-service \
 	keybox_provisioning \
-	RemoteProvisioner
+	RemoteProvisioner \
+	rpmb_dev
 
 PRODUCT_PACKAGES_DEBUG += \
 	intel-secure-storage-unit-test \

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+/dev/block/by-name/teedata /mnt/vendor/persist ext4 discard,noatime,noauto_da_alloc,nosuid,nodev,data=ordered,user_xattr,barrier=1 wait,formattable`