Revert submission 3312283-2024-10-18-schuffelen-sepolicy
Reason for revert: Droidmonitor created revert due to b/375059051. Will be verifying through ABTD before submission.
Reverted changes: /q/submissionid:3312283-2024-10-18-schuffelen-sepolicy
Change-Id: Icebd34eb9e2941a6480d9943986a104cc5249729
This cl adds verifications to the IRPC VTS to check that:
- RKP VM DICE chains have a continuous presence of RKP VM markers
till the last DICE certificate.
- Non-RKP VM DICE chains do not have such continuous presence of
RKP VM markers.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Test: atest libkeymint_remote_prov_support_test
Bug: 314128697
Change-Id: Ib966b4bd584f1f931b7f19b4b58a1a37b5266f5e
Summary: This seems to be not implicit when building vendor, so it's now necessary to explicitly include.
Test: Succesful build on master
Change-Id: Ie9720a3ae4c9f94210bc34c60d14756c7d0cf56f
Signed-off-by: Abdelrahman Daim <adaim@meta.com>
The UDS_pub is supposed to be the first element of DiceCertChain
according to generateCertificateRequestV2.cddl.
Bug: 365711214
Test: rkp_factory_extraction_tool
Change-Id: I454a99058d92ce9743810a9334c7ccacccc694e0
Revert submission 3254876-disallow_degenerate_chains
Reason for revert: Droidmonitor created revert due to b/365592588.
Reverted changes: /q/submissionid:3254876-disallow_degenerate_chains
Change-Id: I31f78d6c708f34f0a6fe9f54daef82981a91ac8f
Bug: 323246910
Test: atest libkeymint_remote_prov_support_test & manual testing of
`rkp_factory_extraction_tool` with/without `allow_degenerate=false` on a
device with a degenerate DICE chain
Change-Id: Ia1833c0bb6a895ae5b8aefea24850a41cf956f38
Previous commit was reverted as it removed wifi vintf fragment from
devices, which was caused by 'no_full_install' property from
vintf_fragment module. This change relands the change, with removing
no_full_install property from the vintf_fragment module
Bug: 322089980
Test: aosp_cf_x86_64_phone build succeeded
Test: mokey_go32 build contains
/vendor/etc/vintf/manifest/android.hardware.wifi.supplicant.xml file
Change-Id: I523ce570068b180805b65f984a0d6def0612db87
This reverts commit cf0a2dd5b0.
Reason for revert: b/363215494, breaks WiFi for at least some devices
Change-Id: I5137957087dde51c0049416404f410f53dd912f3
1. allow_any_mode is set as true when the VM RKP instance is being
tested (since the bootloader is unlocked for VTS tests and therefore
the VM DICE chain will necessarily have at least one non-normal
mode.)
2. allow_any_mode is set as true for non-user type builds.
Bug: 318483637
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I15ec3ad32f08eecd8478df14f8efa71fdb0b5d08
Define vintf_fragments as modules if the file is shared among multiple
modules to avoid any conflicts.
Bug: 322089980
Test: aosp_cf_x86_64_phone build succeeded
Change-Id: I1d00623e3e6da6bb787a152d81eb94822153388f
GSI replaces the values for remote_prov_prop properties (since they’re
system_internal_prop properties), so on GSI the properties are not
reliable indicators of whether StrongBox/TEE are RKP-only or not.
Also included is the removal of the helper skipAttestKeyTestIfNeeded()
so the skipping can happen in the tests directly.
Bug: 348159232
Test: VtsAidlKeyMintTargetTest
Change-Id: I2075e1f76ddd0f87620a212e1aa389803139a117
Should return when there's no content be parsed.
Bug: 330791928
Test: rkp_factory_extraction_tool64
Change-Id: I45302ec20a0a931d2f44a7e36f613858c10fe21e
aosp/3106417 added extra tests with for device ID attestation, but
didn't include a version gate for attesting to the second IMEI value,
which is only present in KeyMint v3+.
Test: VtsAidlKeyMintTargetTest
Change-Id: I95f47942058781709efe96d38442e0518e39705d
Add a test that includes all of the device IDs for attestation, which
helps to check whether the emitted extension is including everything in
the correct order.
(This is already tested in CTS since aosp/2650044)
Also fix test of first API level to use `get_vsr_api_level` helper.
Test: VtsAidlKeyMintTargetTest
Test: with/without KeyMint hacked to emit tags in wrong order
Change-Id: Ic6e489aa99c773d794ad8cbddbe5153b1a145ea5
The Done flag of VtsAidlKeyMintTargetTest is false during running
the module with ‘--collect-tests-only’ because it uses standard
output to print logs.
Bug: 340576534
Test: run vts -m VtsAidlKeyMintTargetTest --collect-tests-only
Change-Id: I3d81f7e59b6189fab1b146320263509f2694c11e
Signed-off-by: Huang Rui <rui1.huang@intel.com>
Signed-off-by: Liu Kai <kai1.liu@intel.com>
Make it clearer that the default implementation is non-secure in
various ways, most notably because the TA code is running in-process
in the HAL service.
Bug: 314513765
Test: VtsAidlKeyMintTargetTest
Change-Id: I83509110c32a4df8df6c0b288d14659e022442ff
Because Keystore2 always requires valid auth tokens for user keys, this
copies and extends the existing in-guest GateKeeper implementation to
negotiate a shared secret key with Keymint in order to generate a
session key for signing auth tokens.
This implementation also uses AIDL rather than HIDL to interact with the
framework. It's also packaged in an APEX.
The files are cobbled together from a few sources:
- SoftGateKeeper.h is based on hardware/interfaces/gatekeeper/1.0/software/SoftGateKeeper.h
- GateKeeper.{cpp,h} are based on device/google/cuttlefish/guest/hals/gatekeeper/remote/remote_gatekeeper.{cpp,h}
- SharedSecret.{cpp,h} are based on device/google/cuttlefish/guest/hals/keymint/remote/remote_shared_secret.{cpp,h}
- Apex files are based on device/google/cuttlefish/guest/hals/keymint/rust/
Keymint modifications to use BOOT_TIME are lifted from
https://android-review.git.corp.google.com/c/platform/hardware/interfaces/+/2856649/6..8/security/keymint/aidl/default/ta/clock.rs#38
Bug: 332376454
Change-Id: I81845d5e6370bdddb1a24d67437964e03a5fb243
Test: Run with rust-nonsecure keymint on Cuttlefish
