Revert submission 3312283-2024-10-18-schuffelen-sepolicy
Reason for revert: Droidmonitor created revert due to b/375059051. Will be verifying through ABTD before submission.
Reverted changes: /q/submissionid:3312283-2024-10-18-schuffelen-sepolicy
Change-Id: Icebd34eb9e2941a6480d9943986a104cc5249729
This cl adds verifications to the IRPC VTS to check that:
- RKP VM DICE chains have a continuous presence of RKP VM markers
till the last DICE certificate.
- Non-RKP VM DICE chains do not have such continuous presence of
RKP VM markers.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Test: atest libkeymint_remote_prov_support_test
Bug: 314128697
Change-Id: Ib966b4bd584f1f931b7f19b4b58a1a37b5266f5e
Summary: This seems to be not implicit when building vendor, so it's now necessary to explicitly include.
Test: Succesful build on master
Change-Id: Ie9720a3ae4c9f94210bc34c60d14756c7d0cf56f
Signed-off-by: Abdelrahman Daim <adaim@meta.com>
This is to prepare for enforcing a requirement of always having frozen
specified.
Test: m
Bug: 366292468
Change-Id: I2f26eb96a3a5a4ac279f665b9866bbfddbd8c496
Cleaning up the OWNERS file for those who are no longer on the team.
Test: The ghost of trong@'s account cannot approve changes in this
repository
Change-Id: Ib777c16b53691f82de5bea33bd3cc363a8720982
Change-Id: I6c2bcdbfc6177b5d8e9416a5b93edf7e5e8a2b5b
The UDS_pub is supposed to be the first element of DiceCertChain
according to generateCertificateRequestV2.cddl.
Bug: 365711214
Test: rkp_factory_extraction_tool
Change-Id: I454a99058d92ce9743810a9334c7ccacccc694e0
Revert submission 3254876-disallow_degenerate_chains
Reason for revert: Droidmonitor created revert due to b/365592588.
Reverted changes: /q/submissionid:3254876-disallow_degenerate_chains
Change-Id: I31f78d6c708f34f0a6fe9f54daef82981a91ac8f
Bug: 323246910
Test: atest libkeymint_remote_prov_support_test & manual testing of
`rkp_factory_extraction_tool` with/without `allow_degenerate=false` on a
device with a degenerate DICE chain
Change-Id: Ia1833c0bb6a895ae5b8aefea24850a41cf956f38
Previous commit was reverted as it removed wifi vintf fragment from
devices, which was caused by 'no_full_install' property from
vintf_fragment module. This change relands the change, with removing
no_full_install property from the vintf_fragment module
Bug: 322089980
Test: aosp_cf_x86_64_phone build succeeded
Test: mokey_go32 build contains
/vendor/etc/vintf/manifest/android.hardware.wifi.supplicant.xml file
Change-Id: I523ce570068b180805b65f984a0d6def0612db87
This reverts commit cf0a2dd5b0.
Reason for revert: b/363215494, breaks WiFi for at least some devices
Change-Id: I5137957087dde51c0049416404f410f53dd912f3
1. allow_any_mode is set as true when the VM RKP instance is being
tested (since the bootloader is unlocked for VTS tests and therefore
the VM DICE chain will necessarily have at least one non-normal
mode.)
2. allow_any_mode is set as true for non-user type builds.
Bug: 318483637
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I15ec3ad32f08eecd8478df14f8efa71fdb0b5d08
Define vintf_fragments as modules if the file is shared among multiple
modules to avoid any conflicts.
Bug: 322089980
Test: aosp_cf_x86_64_phone build succeeded
Change-Id: I1d00623e3e6da6bb787a152d81eb94822153388f
GSI replaces the values for remote_prov_prop properties (since they’re
system_internal_prop properties), so on GSI the properties are not
reliable indicators of whether StrongBox/TEE are RKP-only or not.
Also included is the removal of the helper skipAttestKeyTestIfNeeded()
so the skipping can happen in the tests directly.
Bug: 348159232
Test: VtsAidlKeyMintTargetTest
Change-Id: I2075e1f76ddd0f87620a212e1aa389803139a117
Should return when there's no content be parsed.
Bug: 330791928
Test: rkp_factory_extraction_tool64
Change-Id: I45302ec20a0a931d2f44a7e36f613858c10fe21e
The policy building library changes in aosp/3125493, accordingly change
the function call. This does not change the behaviour or test coverage
of VTS.
Test: atest VtsSecretkeeperTargetTest
Bug: 291245237
Change-Id: I21a7b0abe5bf186893ec9a68bb080b41778d3313
