From 5d301317091fe79d9f5f9b3020bb2aea6bce4a6c Mon Sep 17 00:00:00 2001 From: Paul Crowley Date: Thu, 28 Jan 2021 20:06:22 -0800 Subject: [PATCH] Add MAX_BOOT_LEVEL tag, BOOT_LEVEL_EXCEEDED error A key with the MAX_BOOT_LEVEL tag cannot be used past a particular stage of device boot. Test: Treehugger Bug: 176450483 Change-Id: I113e3101734736a8621a01ed85969a4ecbe12a68 --- .../android/hardware/security/keymint/ErrorCode.aidl | 1 + .../android/hardware/security/keymint/Tag.aidl | 1 + .../android/hardware/security/keymint/ErrorCode.aidl | 1 + .../aidl/android/hardware/security/keymint/Tag.aidl | 11 +++++++++++ .../support/include/keymint_support/keymint_tags.h | 1 + 5 files changed, 15 insertions(+) diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ErrorCode.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ErrorCode.aidl index 3faba48abd..2eb6e35d1a 100644 --- a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ErrorCode.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ErrorCode.aidl @@ -115,6 +115,7 @@ enum ErrorCode { MISSING_NOT_AFTER = -81, MISSING_ISSUER_SUBJECT = -82, INVALID_ISSUER_SUBJECT = -83, + BOOT_LEVEL_EXCEEDED = -84, UNIMPLEMENTED = -100, VERSION_MISMATCH = -101, UNKNOWN_ERROR = -1000, diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl index 03982e3621..2469d27aea 100644 --- a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl @@ -98,4 +98,5 @@ enum Tag { CERTIFICATE_SUBJECT = -1879047185, CERTIFICATE_NOT_BEFORE = 1610613744, CERTIFICATE_NOT_AFTER = 1610613745, + MAX_BOOT_LEVEL = 805307378, } diff --git a/security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl b/security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl index 57651303bf..95b38f2958 100644 --- a/security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl @@ -105,6 +105,7 @@ enum ErrorCode { MISSING_NOT_AFTER = -81, MISSING_ISSUER_SUBJECT = -82, INVALID_ISSUER_SUBJECT = -83, + BOOT_LEVEL_EXCEEDED = -84, UNIMPLEMENTED = -100, VERSION_MISMATCH = -101, diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl index 4f58cbeb76..244e92da07 100644 --- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl @@ -964,4 +964,15 @@ enum Tag { * or importKey. */ CERTIFICATE_NOT_AFTER = (6 << 28) /* TagType:DATE */ | 1009, + + /** + * Tag::MAX_BOOT_LEVEL specifies a maximum boot level at which a key should function. + * + * Over the course of the init process, the boot level will be raised to + * monotonically increasing integer values. Implementations MUST NOT allow the key + * to be used once the boot level advances beyond the value of this tag. + * + * Cannot be hardware enforced in this version. + */ + MAX_BOOT_LEVEL = (3 << 28) /* TagType:UINT */ | 1010, } diff --git a/security/keymint/support/include/keymint_support/keymint_tags.h b/security/keymint/support/include/keymint_support/keymint_tags.h index 479a11d137..ae21125213 100644 --- a/security/keymint/support/include/keymint_support/keymint_tags.h +++ b/security/keymint/support/include/keymint_support/keymint_tags.h @@ -130,6 +130,7 @@ DECLARE_TYPED_TAG(CERTIFICATE_SERIAL); DECLARE_TYPED_TAG(CERTIFICATE_SUBJECT); DECLARE_TYPED_TAG(CERTIFICATE_NOT_BEFORE); DECLARE_TYPED_TAG(CERTIFICATE_NOT_AFTER); +DECLARE_TYPED_TAG(MAX_BOOT_LEVEL); #undef DECLARE_TYPED_TAG