trusty/apploader: Handle APPLOADER_ERR_NOT_ENCRYPTED

Add a specific error message to the Android CLI tool for the case
where the apploader rejected an attempt to load an application
which requested encryption of its ELF image via its manifest while
containing an unencrypted ELF image.

Bug: 241824652
Change-Id: Ib2a3c881015700492b8166be38c41753bf51b3b2
(cherry picked from commit db9a554a2f30c1592f8825303a4d5131d6b32a2e)
Merged-In: Ib2a3c881015700492b8166be38c41753bf51b3b2

2 files changed, 5 insertions, 0 deletions

diff --git a/trusty/apploader/apploader.cpp b/trusty/apploader/apploader.cpp
index 278499f17..17d083c73 100644
--- a/trusty/apploader/apploader.cpp
+++ b/trusty/apploader/apploader.cpp
@@ -226,6 +226,9 @@ static ssize_t read_response(int tipc_fd) {
         case APPLOADER_ERR_POLICY_VIOLATION:
             LOG(ERROR) << "Error: loading denied by policy engine";
             break;
+        case APPLOADER_ERR_NOT_ENCRYPTED:
+            LOG(ERROR) << "Error: unmet application encryption requirement";
+            break;
         default:
             LOG(ERROR) << "Unrecognized error: " << resp.error;
             break;
diff --git a/trusty/apploader/apploader_ipc.h b/trusty/apploader/apploader_ipc.h
index ed5cbde1a..f0376929c 100644
--- a/trusty/apploader/apploader_ipc.h
+++ b/trusty/apploader/apploader_ipc.h
@@ -48,6 +48,7 @@ enum apploader_command : uint32_t {
  * @APPLOADER_ERR_POLICY_VIOLATION:     signature verification succeeded but
  *                                      key+manifest combination not allowed
  *                                      by app loader policy engine
+ * @APPLOADER_ERR_NOT_ENCRYPTED:        unmet application encryption requirement
  */
 enum apploader_error : uint32_t {
     APPLOADER_NO_ERROR = 0,
@@ -60,6 +61,7 @@ enum apploader_error : uint32_t {
     APPLOADER_ERR_INTERNAL,
     APPLOADER_ERR_INVALID_VERSION,
     APPLOADER_ERR_POLICY_VIOLATION,
+    APPLOADER_ERR_NOT_ENCRYPTED,
 };
 
 /**