diff options
author | Alan Stokes <alanstokes@google.com> | 2023-12-01 11:19:24 +0000 |
---|---|---|
committer | Alan Stokes <alanstokes@google.com> | 2023-12-01 11:21:37 +0000 |
commit | 2b4b898d7541f8c2740f2ce0a491b65cae845fed (patch) | |
tree | 81669406a226e931c3ea2e27c3d924c2b02dd9bd | |
parent | 28e80a8911a069a56c0ef3a23d334b68dbeb2c88 (diff) | |
parent | 11e2ffb04000b77904d540f903a09f2b2f12fffb (diff) | |
download | open-dice-2b4b898d7541f8c2740f2ce0a491b65cae845fed.tar.gz |
Merge upstream changes
Just documentation changes:
- Clarify security version.
- Details of RKP VM marker moved to RKP HAL readme.
Bug: 312171054
Test: TH
Change-Id: Idad57f54eda8bcba2a418beb0d7629649e641767
-rw-r--r-- | docs/android.md | 27 |
1 files changed, 4 insertions, 23 deletions
diff --git a/docs/android.md b/docs/android.md index 6398996..8c40f27 100644 --- a/docs/android.md +++ b/docs/android.md @@ -76,35 +76,16 @@ of the reserved range. Unless explicitly stated as required in the [versions](#versions) section, each field is optional. If no fields are relevant, an empty map should be encoded. -Name | Key | Value type | Meaning +Name | Key | Value type | Meaning --- | --- | --- | --- Component name | -70002 | tstr | Name of the component Component version | -70003 | int / tstr | Version of the component Resettable | -70004 | null | If present, key changes on factory reset -Security version | -70005 | uint | Machine-comparable, monotonically increasing version of the component where a greater value indicates a newer version, for example, the anti-rollback counter -[RKP VM][rkp-vm] marker | -70006 | null | If present, the component can take part in running a VM that can receive an attestation certificate from an [RKP Service][rkp-service]. +Security version | -70005 | uint | Machine-comparable, monotonically increasing version of the component where a greater value indicates a newer version. This value must increment for every update that changes the code hash, for example by using the timestamp of the version's release. +[RKP VM][rkp-vm] marker | -70006 | null | See the [Android HAL documentation][rkp-hal-readme] for precise semantics, as they vary by Android version. [rkp-vm]: https://android.googlesource.com/platform/packages/modules/Virtualization/+/main/service_vm/README.md#rkp-vm-remote-key-provisioning-virtual-machine -[rkp-service]: https://source.android.com/docs/core/ota/modular-system/remote-key-provisioning#stack-architecture - -### RKP VM - -The RKP VM marker is used to distinguish the RKP VM from other components. - -When parsing a DICE chain compliant with this profile, there are multiple types -of components that may be described by a given chain: -1. RKP VM: If a DICE chain has zero or more certificates without the RKP VM - marker followed by one or more certificates with the marker, then that chain - describes an RKP VM. If there are further certificates without the RKP VM - marker, then the chain does not describe an RKP VM. - - Implementations must include the first RPK VM marker as early as possible - after the point of divergence between TEE and non-TEE components in the DICE - chain, prior to loading the Android Bootloader (ABL). -2. A TEE Component (e.g. KeyMint): If there are no certificates with the RKP VM - marker then it describes a TEE component. -3. Other: Any component described by a DICE chain that does not match the above - two categories. +[rkp-hal-readme]: https://android.googlesource.com/platform/hardware/interfaces/+/main/security/rkp/README.md ### Versions |