aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-04-21Add test to verify "device not registered" RKP behavior am: b476b7a6e2Seth Moore
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2070154 Change-Id: I9771a37c62bca0710c959335dc7c6df95bf93f43 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-21Propagate more details about RKP failures am: 7497fdaee1Seth Moore
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2060247 Change-Id: I385c2e76fec523bda61cb08e3f6c2fa36bed69b5 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Add test to verify "device not registered" RKP behaviorSeth Moore
This additional test finishes up coverage of the API changes around retry on rkp-only devices by ensuring unregistered devices correctly recognize the response from the RKP backend and do not retry. Bug: 227306369 Test: RemoteProvisionerUnitTests Change-Id: I6097c9c96a7aa9b4c5ef2ce5c2655aad42d7137d
2022-04-20Propagate more details about RKP failuresSeth Moore
This change reworks the internals of the RemoteProvisioner APK in order to do a better job of propagating error information from deeper within the call stack up to the entry points. This is primarily to convey error information to callers of GenerateRkpKeyService, to allow them to differentiate whether or not a failure is permanent or transient. Add unit tests to verify proper error handling and retry detection. Bug: 227306369 Test: atest RemoteProvisionerUnitTests Change-Id: If44d9c5b46b2dfce65c31f3cbd372cc754e1dfbe
2022-04-16Snap for 8462842 from cdb15e4aa5786c1625c871406b1217e371ac269b to ↵Android Build Coastguard Worker
tm-qpr1-release Change-Id: I350a53b4ede781c8c7a9f284c20698103383de2c
2022-04-16Snap for 8462561 from ac5694043e68b65836920dc2c41777a1d685bdfa to tm-releaseAndroid Build Coastguard Worker
Change-Id: Ic059879df09a7141d21fe16c247958f2004353bd
2022-04-15Refactoring Test mode argument to setting. am: e8f9823ad0 am: bb71278d0b am: ↵Vikram Gaur
20a798509c am: ac5694043e am: e94aed0956 Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2064809 Change-Id: Ic780396dafcefd1917296d4204c6e75588eadb96 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-15Refactoring Test mode argument to setting. am: e8f9823ad0 am: bb71278d0b am: ↵Vikram Gaur
20a798509c am: ac5694043e Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2064809 Change-Id: I422b6d0421ab4cb8f47c1a525f07c43f2a4f2b73 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-15Refactoring Test mode argument to setting. am: e8f9823ad0 am: bb71278d0b am: ↵Vikram Gaur
20a798509c Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2064809 Change-Id: I1ff24c6321125f7eb2b3d9469a22a95733204a2e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-15Refactoring Test mode argument to setting. am: e8f9823ad0 am: bb71278d0bVikram Gaur
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2064809 Change-Id: Ie8a0cb0ba937b2900600b5012259f43ba0483bdc Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-15Refactoring Test mode argument to setting. am: e8f9823ad0Vikram Gaur
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2064809 Change-Id: If24ed36d1c51fae8d525a5063839d63e2301cc89 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-14Refactoring Test mode argument to setting.Vikram Gaur
Change-Id: I6dff4c1bd9bc56ac607ce76b77fca2dc18b61f41 Test: m RemoteProvisioner
2022-04-06Snap for 8414339 from 3d0477de19de47c8a5b315fe84be87d4985bd8cc to ↵Android Build Coastguard Worker
tm-qpr1-release Change-Id: I66a8d88e52992332255db1dee1dc42042b2044fc
2022-03-26Snap for 8364269 from 3d0477de19de47c8a5b315fe84be87d4985bd8cc to tm-releaseAndroid Build Coastguard Worker
Change-Id: Id7e74f8d2ee83767aad151e30e0c45d7d11f5cd3
2022-03-26[automerger skipped] Merge "Improve practical performance of key ↵Max Bires
monitoring." into sc-v2-dev am: 2baccaa5f4 -s ours am: 100534bf33 -s ours am skip reason: Merged-In Idbd767202c30a24e3522ff431dec2d66d2ef631b with SHA-1 96b0cb6cfe is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/17415211 Change-Id: I94266f69ad22046f1e05efaaf6c6e193a53ce1f1 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-03-26[automerger skipped] Merge changes from topic ↵Max Bires
"presubmit-am-b2aa8f33bcec4273b0ddcee37a71919c" into sc-v2-dev-plus-aosp am: 4c0d40e7df -s ours am skip reason: Merged-In Idbd767202c30a24e3522ff431dec2d66d2ef631b with SHA-1 d5c4b82e1b is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/17415211 Change-Id: I6b84db735a59b28e26a2ca2563c8d6b53857ac59 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-03-26[automerger skipped] [automerged blank] Improve practical performance of key ↵Presubmit Automerger Backend
monitoring. 2p: 96b0cb6cfe am: 570d384a5a -s ours am skip reason: Merged-In Idbd767202c30a24e3522ff431dec2d66d2ef631b with SHA-1 d5c4b82e1b is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/17415211 Change-Id: I0ce6561adeef9425f67b7c550e00767ce354dd66 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-03-26[automerger skipped] Merge "Improve practical performance of key ↵Max Bires
monitoring." into sc-v2-dev am: 2baccaa5f4 -s ours am skip reason: Merged-In Idbd767202c30a24e3522ff431dec2d66d2ef631b with SHA-1 96b0cb6cfe is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/17415211 Change-Id: Ia6597bb36801699ad0dfe8312b6034931ca49543 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-03-26Merge changes from topic "presubmit-am-b2aa8f33bcec4273b0ddcee37a71919c" ↵Max Bires
into sc-v2-dev-plus-aosp * changes: [automerged blank] Improve practical performance of key monitoring. 2p: 96b0cb6cfe Improve practical performance of key monitoring.
2022-03-26Merge "Improve practical performance of key monitoring." into sc-v2-devMax Bires
2022-03-26[automerger skipped] [automerged blank] Fixing test to comply with new ↵Max Bires
expiration pruning. 2p: e7d6002eb7 am: 126fcc2a3c -s ours am skip reason: Merged-In Ie1d158ab7858aa2013b898e68a5c4a18b1ef4f98 with SHA-1 2c708c67a2 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/17412390 Change-Id: I7f1fdf1bb6e5e12e8ff61f3458bd46714d1d8df0 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-03-26[automerged blank] Improve practical performance of key monitoring. 2p: ↵Presubmit Automerger Backend
96b0cb6cfe Blank merge reason: Change-Id Idbd767202c30a24e3522ff431dec2d66d2ef631b with SHA-1 d5c4b82e1b is in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/17415211 Bug: 223489842 Change-Id: I0a572b239769a587309c922169c39e2aae768a82 Merged-In: Idbd767202c30a24e3522ff431dec2d66d2ef631b
2022-03-25[automerged blank] Fixing test to comply with new expiration pruning. 2p: ↵Max Bires
e7d6002eb7 Blank merge reason: Change-Id Ie1d158ab7858aa2013b898e68a5c4a18b1ef4f98 with SHA-1 2c708c67a2 is in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/17412390 Bug: 220065678 Change-Id: I114bdf9c8e4fb077755f696ac8f1d2bf261b5924 Merged-In: Ie1d158ab7858aa2013b898e68a5c4a18b1ef4f98
2022-03-25Improve practical performance of key monitoring.Max Bires
This change fixes: 1) The potential for there to be a period between when the pool is last regularly checked and when the expired keys are cleaned out by making GenerateRkpKeyService much more proactive about triggering the reprovisioning process. It now bases the decision based on the same logic as the JobSchedule'd code, instead of just trying to act as an absolute last chance stopgap. 2) Unnecessarily overeager provisioning. The code will now allow the number of unassigned keys to drop below the "ideal" amount set by the server and avoid reprovisioning until a minimum remaining threshold is crossed. That threshold is currently set to 25% of the ideal amount. E.g. a system that is instructed to keep 20 extra attestation keys available for assignment won't trigger reprovisioning to top up the key pool unless fewer than 5 remain. This does not change the behavior when keys are expiring. This change also refactors the code a bit to follow DRY, while also increasing the testability of the logic that determines if provisioning is needed. Bug: 223489842 Test: atest RemoteProvisionerUnitTests Change-Id: Idbd767202c30a24e3522ff431dec2d66d2ef631b Merged-In: Idbd767202c30a24e3522ff431dec2d66d2ef631b
2022-03-25Fixing test to comply with new expiration pruning.Max Bires
The expired certificate pruning is more aggressive now, both pruning on access to attestation keys and with a significant look ahead buffer of twenty seconds to make sure the attestation certs are still valid when they hit a relying party's servers. Bug: 220065678 Test: atest RemoteProvisionerUnitTests Change-Id: Ie1d158ab7858aa2013b898e68a5c4a18b1ef4f98 Merged-In: Ie1d158ab7858aa2013b898e68a5c4a18b1ef4f98
2022-03-11Snap for 8287852 from 7e6b4efac81c090542d879684a7ce1a39ca20d37 to tm-releaseAndroid Build Coastguard Worker
Change-Id: I1b72ab787a5a0659cc58904701ca91073d79c0f2
2022-03-10Merge "Improve practical performance of key monitoring." am: f9fd5094d7 am: ↵Max Bires
8d06ee9e10 am: 8786651d0c Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2016384 Change-Id: Ieeb1969d095ae4589355444a18f3376f3b8042a3
2022-03-10Merge "Improve practical performance of key monitoring." am: f9fd5094d7 am: ↵Max Bires
8d06ee9e10 Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2016384 Change-Id: Ie3321b2d850e5d2620df44da498c033327075dda
2022-03-10Merge "Improve practical performance of key monitoring." am: f9fd5094d7Max Bires
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/2016384 Change-Id: I201829b95345c766c1c18eeec3886477b18f79a4
2022-03-10Merge "Improve practical performance of key monitoring."Max Bires
2022-03-09Improve practical performance of key monitoring.Max Bires
This change fixes: 1) The potential for there to be a period between when the pool is last regularly checked and when the expired keys are cleaned out by making GenerateRkpKeyService much more proactive about triggering the reprovisioning process. It now bases the decision based on the same logic as the JobSchedule'd code, instead of just trying to act as an absolute last chance stopgap. 2) Unnecessarily overeager provisioning. The code will now allow the number of unassigned keys to drop below the "ideal" amount set by the server and avoid reprovisioning until a minimum remaining threshold is crossed. That threshold is currently set to 25% of the ideal amount. E.g. a system that is instructed to keep 20 extra attestation keys available for assignment won't trigger reprovisioning to top up the key pool unless fewer than 5 remain. This does not change the behavior when keys are expiring. This change also refactors the code a bit to follow DRY, while also increasing the testability of the logic that determines if provisioning is needed. Bug: 223489842 Test: atest RemoteProvisionerUnitTests Change-Id: Idbd767202c30a24e3522ff431dec2d66d2ef631b
2022-02-19Snap for 8202755 from 05562f409106c9a17cebca6698f902bb73178188 to tm-releaseAndroid Build Coastguard Worker
Change-Id: I91ce2b66764aecc8d1b23e6673c56e9317108e11
2022-02-18Fixing test to comply with new expiration pruning. am: 2c708c67a2 am: ↵Max Bires
ff9e6f3751 am: 0351446add Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1989054 Change-Id: I43747905963aba53529b340258df006fa7f335e7
2022-02-18Fixing test to comply with new expiration pruning. am: 2c708c67a2 am: ff9e6f3751Max Bires
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1989054 Change-Id: I0831c611933781273e1c4c4996d39f6294da4b3f
2022-02-18Fixing test to comply with new expiration pruning. am: 2c708c67a2Max Bires
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1989054 Change-Id: I4da448dc73e1d19e799d43a2eb874553f3605e77
2022-02-16Fixing test to comply with new expiration pruning.Max Bires
The expired certificate pruning is more aggressive now, both pruning on access to attestation keys and with a significant look ahead buffer of twenty seconds to make sure the attestation certs are still valid when they hit a relying party's servers. Bug: 220065678 Test: atest RemoteProvisionerUnitTests Change-Id: Ie1d158ab7858aa2013b898e68a5c4a18b1ef4f98
2022-02-12Snap for 8176975 from 6b7939b76fd8212fa63d311e50ba220bcaeadd22 to tm-releaseAndroid Build Coastguard Worker
Change-Id: I93218e5c7c2be2f918d8a1ef282a359a647c8688
2022-02-11[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8084891 am: 0391397888 -s ours am: e7842cfb3b -s ours am skip reason: Merged-In If87f3b5438697b5a5eaa52cda71d6960176a9e91 with SHA-1 c8a7ae45dc is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/16843721 Change-Id: I947e2d373e06f336d982024d57799d1da4bf917a
2022-02-11[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8084891 am: 0391397888 -s ours am skip reason: Merged-In If87f3b5438697b5a5eaa52cda71d6960176a9e91 with SHA-1 c8a7ae45dc is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/16843721 Change-Id: I07b15369e8d4731e395e2d27d0dcd0c537f3e482
2022-02-11Empty merge of sc-v2-dev-plus-aosp-without-vendor@8084891Xin Li
Bug: 214455710 Merged-In: If87f3b5438697b5a5eaa52cda71d6960176a9e91 Change-Id: Icbe663361e2fb4a2d0faab0e558e7591c68f5885
2022-01-29Snap for 8130893 from 4ed3607f7cdef979f9fbe7c16aa407b5544cce53 to tm-releaseAndroid Build Coastguard Worker
Change-Id: I44ee4dabbaebd2a7b07cb619975bd17f2e7fcbb4
2022-01-28Switching the WorkTask to a unique registration am: 11ea457dce am: ↵Max Bires
ad3096f97c am: d1775071c1 am: 2f18188660 Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1960035 Change-Id: Iafc3d5e1135278c56139ee47f104a708c9406a84
2022-01-28Switching the WorkTask to a unique registration am: 11ea457dce am: ↵Max Bires
ad3096f97c am: d1775071c1 Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1960035 Change-Id: Ia634af1cf955ae5eaef52a654d327f1e91ed3aa1
2022-01-28Switching the WorkTask to a unique registration am: 11ea457dce am: ad3096f97cMax Bires
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1960035 Change-Id: I6cb7f83dd6f0079c3506e65eb643230f90d82ad9
2022-01-27Switching the WorkTask to a unique registration am: 11ea457dceMax Bires
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1960035 Change-Id: Ifceb021a5e246bbb6378f35f7326fc8b1cfa470e
2022-01-25Switching the WorkTask to a unique registrationandroid-t-preview-2android-t-preview-1android-t-beta-3android-s-v2-beta-3android-s-qpr3-beta-1android-t-preview-1android-s-v2-beta-3android-s-qpr3-beta-1Max Bires
This change fixes a bug in which multiple instances of the PeriodicProvisioner Task could be scheduled, due to the enqueue method on boot not specifying a unique task. The task replacement policy is set such that a new task will always run on boot and then replace the old task in the scheduler. Test: "adb shell dumpsys jobscheduler" and check for the job Change-Id: I6e05d0057fa9be7cfea25a4cc3424ce90d7ddbaf
2021-12-23Snap for 8023588 from 4c651b26091686d1d5a4ef4bd54efa36324bc156 to tm-releaseAndroid Build Coastguard Worker
Change-Id: If6522bcf2ea47de4a7b65ecc29b0a7864d73a42b
2021-12-22Replacing JobScheduler with WorkManager am: c8a7ae45dc am: 02e313b4be am: ↵Max Bires
1895e95a3b am: 75553e050e Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1927880 Change-Id: I4bb04344c9700afc39a96bf5c2b3cf524871184d
2021-12-22Replacing JobScheduler with WorkManager am: c8a7ae45dc am: 02e313b4be am: ↵Max Bires
1895e95a3b Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1927880 Change-Id: Idd057d7b8c4c19a4c725bbb00a3e948adf998270
2021-12-22Replacing JobScheduler with WorkManager am: c8a7ae45dc am: 02e313b4beMax Bires
Original change: https://android-review.googlesource.com/c/platform/packages/apps/RemoteProvisioner/+/1927880 Change-Id: I9f91c76302cd3bb9bfab5f8031b1186398614e77
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 02:33:56 +0000