This fixes a buid warning in aosp/2163081.

Test: atest MicrodroidBenchmarks
Change-Id: I52128a56c9ed3427d029828e9a63ec695192131a

Bug: 236123069
Test: atest MicrodroidBenchmarks
Change-Id: Ia46ea8d1b4425fa280171adcce7f82a76f1a329e

testMinimumRequiredRAM will find minimum required RAM to boot Microdroid
by bisecting. The result will be collected as a metric.

Bug: 231105297
Test: atest MicrodroidBenchmarks
Change-Id: Icb34a2cc2f9d906ebde661be86ac9b802288de5b

Extend compos_helper to support signing, use it from CompOS.

Expose the public key from the VM. Rename compos_verify_key to
compos_verify and get it to verify the signature against the current
instance's public key.

Also move DICE access to compos_key_main. There's no use having it in
the library - neither the tests nor compos_verify can use it - and it
complicates the build rules.

There's a lot more that can be deleted, but I'll do that in a
follow-up; this is big enough already.

Bug: 218494522
Test: atest CompOsSigningHostTest CompOsDenialHostTest
Change-Id: I2d71f68a595d5ddadb2e7b16937fa6855f5db0ab

Implement our own keypair generation and signing (using BoringSSL) and
our own private key blob protection (using Ring). This includes
replacing the old compos_key_service with the new signing_key.

Use DICE as the source of the VM secret used to protect the private
key instead of assuming keystore has one.

Changed compsvc to return the RSAPublicKey directly. Previously we
returned the self-signed cert from Keystore, and composd then
extracted the public key. As a result composd no longer needs any
native helper code to call BoringSSL; however now compsvc does.

Removed similarly redundant key-extraction code from compos_key_cmd.

Create SystemRandom when we need it rather than having it as a field;
it's stateless anyway.

Bug: 214233409
Test: atest ComposKeyTestCase compsvc_device_tests
Change-Id: I8b14fe2acdf43f49d45e2d32d4b6f482bd420eee

Compsvc returns a self-signed cert (from Keystore), but we only want
the public key. Extracting this in Rust is non-trivial, so instead we
use existing support in BoringSSL in native code. (The details are
copied from compos_key_cmd.cpp, which in turn were copied from the
now-deleted FakeCompOS in odsign.)

We could alternatively do this in compsvc itself, but I was slightly
more reluctant to introduce native code there.

Bug: 186126194
Test: Run composd_cmd twice, check it accepts the key pair it generated.
Change-Id: I3faab9a7ada149d7f2776c2fb4d2656837c95e6f

This change adjusts the module/directory layout to make it easier to
reason.

 - File "transports" are now under file/. Common traits are defined in
   file.rs.

 - All fs-verity related modules are now under fsverity/. This includes
   VerifiedFileReader, which implements traits in the file module to
   provide transparent verification.

 - Rename structs for better consistency.  Drop "Chunked" for
   simplicity.

    ChunkedFileReader          ->  LocalFileReader
    RemoteChunkedFileReader    ->  RemoteFileReader
    FsverityChunkedFileReader  ->  VerifiedFileReader

 - Move and rename get_local_service from remote_file.rs to file.rs.

Also, rename command line flags and related class/field names in main.rs
so that later the name of new read-writable file can fit in more consistently.

New layours:
  src/
  |-- auth.rs
  |-- common.rs
  |-- crypto.hpp
  |-- crypto.rs
  |-- file.rs
  |-- file
  |   |-- local_file.rs
  |   `-- remote_file.rs
  |-- fsverity.rs
  |-- fsverity
  |   |-- builder.rs
  |   |-- common.rs
  |   |-- sys.rs
  |   |-- verifier.rs
  |   `-- editor.rs
  |-- fusefs.rs
  `-- main.rs

Bug: 171279640
Test: atest

Change-Id: Ib257a37df89c6b813f4d97978678db3483d28b57

MerkleLeaves will be used by a "writer" for remembering the hashes of
written blocks for integrity checking. For example, when a file is
written from a trusted environment to an untrusted storage / remote,
MerkleLeaves allows the writer to verify the reads later with a
cryptographical strong hash.

Besides verification, if requested, the tree can grow from the leaves(!)
to generate the root hash and fs-verity digest.

 - fsverity/builder.rs: implements MerkleLeaves
 - fsverity/verifier.rs: renamed from fsverity.rs with minor changes
 - fsverity/common.rs: common utils from the original fsverity.rs with
    one addition error in the enum
 - crypto.rs: more helper function / constant

Bug: 171279640
Test: atest authfs_device_test_src_lib

Change-Id: I76e5ebd81a2f2afa017e3c670774ccbb797766df

fs-verity assumes block/page/chunk size to be 4K, and the assumption
may not change for the foreseeable future. Remove the const from the
trait and use a simple const for simplicity.

Bug: 171279640
Test: atest

Change-Id: I8e47acb1869b15dab676dfb10449d2800f3aca73

Now that Rust tests can run with data:
 - Add unit tests for ChunkedFileReader
 - Update other tests to use test files, instead of include_bytes!
 - Remove `impl ReadOnlyDataByChunk for &[u8]` since it's no longer use.

Test: atest authfs_device_test_src_lib
Bug: 178874539
Change-Id: Idee833a2fd86aa9d8b8550b574686ea56158f93f

This was reported by the needless-lifetimes lint during the rollout of
1.49.0. Also remove the attribute to use "android" clippy lints as this
is already enabled by default, based on the project location.

Bug: 177058330
Test: m authfs
Change-Id: I3ee9111a40b8806815f398da6e9011919831a72c

The filesystem can currently serve local files specified via command
line flags, with verification using manually specified Merkle tree dump.
It also allows regular read without verification.

The change currently only supports local files for debug only. We will
need to add new configuration for remote file access with our own server
and protocol.

See tools/test.sh for the example setup.

BYPASS_INCLUSIVE_LANGUAGE_REASON=man page

Bug: 173507504
Test: atest --host authfs_host_test_src_lib
Test: tools/test.sh (on workstation)
Change-Id: I0ec14559fe8b4df2bd6fe5888018c12963958dc2

The new chunked reader uses a Merkle tree to verify each chunk read of
the corresponding backing file. The reader also accepts an
autheneticator for signature verification, though it is currently a fake
implementation due to the lack of PKCS#7 signature support in BoringSSL
(b/170494765).

Test: atest authfs_host_test_src_lib
Bug: 171310075

Change-Id: Ibf4151ab2a93f7515ad8c9c0462df6c21c10d767

The fs-verity verification is compatible to the original format in Linux
kernel. The current verification only verifies a chunk of content
against the Merkle tree, without any signature check yet.

Bug: 171310075
Test: atest authfs_host_test_src_lib
Test: stress test with lots of possible input sizes

Change-Id: Icf2194aa5ebf282936d7b304bcc956d39f500b1a