From a4742a0291f0726b031275fa07792c2423a0e0f9 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 17 May 2023 17:48:30 +0000 Subject: [PATCH] Clarify the Weaver documentation - Explicitly mention that Weaver is for *persistent* storage - Explicitly mention secure deletion requirement Change-Id: I3eaf7408570ff20c69a21398e39e16be97d2a917 (cherry picked from commit acd066c61425d6b7f512445c6e2883baa28f381e) Merged-In: I3eaf7408570ff20c69a21398e39e16be97d2a917 --- weaver/aidl/android/hardware/weaver/IWeaver.aidl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/weaver/aidl/android/hardware/weaver/IWeaver.aidl b/weaver/aidl/android/hardware/weaver/IWeaver.aidl index f51034a387..ae816ef3f4 100644 --- a/weaver/aidl/android/hardware/weaver/IWeaver.aidl +++ b/weaver/aidl/android/hardware/weaver/IWeaver.aidl @@ -20,8 +20,8 @@ import android.hardware.weaver.WeaverConfig; import android.hardware.weaver.WeaverReadResponse; /** - * Weaver provides secure storage of secret values that may only be read if the - * corresponding key has been presented. + * Weaver provides secure persistent storage of secret values that may only be + * read if the corresponding key has been presented. * * The storage must be secure as the device's user authentication and encryption * relies on the security of these values. The cardinality of the domains of the @@ -76,7 +76,8 @@ interface IWeaver { WeaverReadResponse read(in int slotId, in byte[] key); /** - * Overwrites the identified slot with the provided key and value. + * Overwrites the identified slot with the provided key and value, rendering + * the previous contents of the slot permanently unrecoverable. * * The new values are written regardless of the current state of the slot in * order to remain idempotent.