summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-02Backporting of fix for listing key aliases.android-13.0.0_r82android-13.0.0_r81android-13.0.0_r80android-13.0.0_r74android-13.0.0_r73android-13.0.0_r72android-13.0.0_r66android-13.0.0_r65android-13.0.0_r64android-13.0.0_r60android-13.0.0_r59android-13.0.0_r58android13-qpr3-c-s8-releaseandroid13-qpr3-c-s7-releaseandroid13-qpr3-c-s6-releaseandroid13-qpr3-c-s5-releaseandroid13-qpr3-c-s4-releaseandroid13-qpr3-c-s3-releaseandroid13-qpr3-c-s2-releaseandroid13-qpr3-c-s12-releaseandroid13-qpr3-c-s11-releaseandroid13-qpr3-c-s10-releaseandroid13-qpr3-c-s1-releaseRajesh Nyamagoud
Limit the number of key descriptors sent back. Backporting - Ported https://r.android.com/2381494 Merged-In: I5e8543a25dd9f1bb504fbc23f35779da0a0153b0 Bug: 267270741 Test: Manual: Generate 2500 keys with a 200 characters name each. Change-Id: I6d370651441b4186b28cfed243975e64e3e8c85f
2022-10-04Add prng_seeder.rc to start PRNG seeder daemon from early init.Pete Bentley
Bug: 243933553 Test: Manual - same as https://r.android.com/2215051 Change-Id: Ie195f05476ff5eee5e589d6f4a3f631c2802fa6a Merged-In: Ie195f05476ff5eee5e589d6f4a3f631c2802fa6a (cherry picked from commit 812307d2706c8fcd315486d25ddf54b965b8fbe7)
2022-10-03If setup fails, hang foreverPaul Crowley
Without this init will repeatedly try to start this daemon, causing logspam. Also: * wait until just before tokio conversion to set O_NONBLOCK * ensure logging code reflects source example * log at info and higher * use contexts for better logging * fall back to println to work around logging problems * remove wrong copy-pasted comment in Android.bp Bug: 249531229 Fixes: 249566340 Test: in permissive mode, rm /dev/hw_random before start Change-Id: Ib70cbcb048f33dca789151622d98c6d56270fa37 Merged-In: Ib70cbcb048f33dca789151622d98c6d56270fa37 (cherry picked from commit 021cf557e6cdf1ff0779e87834532c0e0e893ef8)
2022-10-03Add prng_seeder utilityPaul Crowley
This binary seeds a FIPS-approved DRBG from /dev/hw_random and then serves seeds to other processes on the system using a socket (/dev/socket/prng_seeder) that is passed in by init. This cherry-pick for tm-qpr-dev omits the command line support to avoid a dependency problem. Bug: 243933553 Test: Started under init and verified correct operation using strace Merged-In: Id4461a402d1ac92180a54cc4b241a2720b94d8de Change-Id: Id4461a402d1ac92180a54cc4b241a2720b94d8de (cherry picked from commit d21b00001d40f735105c01cd794c62a353aed6f5)
2022-09-29Add OWNERS filePaul Crowley
Test: N/A Merged-In: I7fc63b385ea866ca13b04b4bccbc6e851340da49 Change-Id: I7fc63b385ea866ca13b04b4bccbc6e851340da49 (cherry picked from commit 0faf1f9fd994c3527a521b19ffe9bea1bfd40840)
2022-09-28Support upgrade key for software-emulated keys.Vikram Gaur
Currently software-emulated keys do not have any update mechanism. Any software key that is created in previous versions cannot be used once the device is upgraded. With this change, keys now can be upgraded and used by the latest keystore. Change-Id: Ic791baeedd7775df7eafca405440e645b19ec2bc Test: TreeHugger Fixes: 223376764 Fixes: 249021523 Merged-In: Ic791baeedd7775df7eafca405440e645b19ec2bc Ignore-AOSP-First: Cherry-picking to tm-qpr-dev.
2022-07-27identity: Fix buildSessionTranscript() from a zero leading P-256 EC Public Key.Joseph Jang
Properly encode an sessiontranscript from P-256 EC Public Key, in particular ensure that the resulting sessiontranscript which includes an valid P-256 EC public key is expected. Was able to reproduce this with about 1% failures running a test. After the fix didn't get a failure in 1,000 runs. This bug is similar with AOSP patch "identity: Fix uncompressed form encoding of P-256 EC Public Key." Bug: 239857653 Test: atest --rerun-until-failure 1000 android.security.identity.cts.ReaderAuthTest#readerAuth Change-Id: Id5ce46977cf3b6ce6c43beda657cd26b24969fe5 (cherry picked from commit e678b870a286cec6c54950440ce733fd6725effb) Merged-In: Id5ce46977cf3b6ce6c43beda657cd26b24969fe5
2022-06-21Do not use RKP for DEVICE_UNIQUE_ATTESTATION. am: 7409f7c8dd am: 3c25576222Max Bires
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/19021559 Change-Id: I2cc99f76d6b861a297e838c6a3f7a54447b66b21 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-21Do not use RKP for DEVICE_UNIQUE_ATTESTATION. am: 7409f7c8ddMax Bires
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/19021559 Change-Id: I31e52f39fdab46fe028291efed004f0757e66d98 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-21Do not use RKP for DEVICE_UNIQUE_ATTESTATION.android13-devMax Bires
Keystore2 previously did not process the DEVICE_UNIQUE_ATTESTATION tag. This was an unnecessary step when there was no ability to select the attestation key provided to the backing Keymaster instance. Now, however, Keystore2 does need to process generateKey requests for this tag. This is because it will pass in an RKP key by default and append those certificates to the result if RKP is present. This change alters Keystore2 behavior during attestation key selection. If the DEVICE_UNIQUE_ATTESTATION tag is present, it will no longer attempt to select an RKP key and will instead pass nothing in the attestKey argument for KM. Bug: 234413909 Test: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement Ignore-AOSP-First: Cherry-pick from AOSP Change-Id: Ib81fb65570a4e9eb7e7b051f9791071ee78dc02f Merged-In: Ib81fb65570a4e9eb7e7b051f9791071ee78dc02f
2022-06-07keystore2: transfer RootOfTrust from TEE to SB am: ccce73d1e1 am: 9bad7b34d4David Drysdale
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18751588 Change-Id: I7a616425143c24239213cd3b503c89004a4dae7b Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-07keystore2: transfer RootOfTrust from TEE to SB am: ccce73d1e1David Drysdale
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18751588 Change-Id: I1a3e0741c8e936418f155c2261549d431439dac4 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-06-06keystore2: transfer RootOfTrust from TEE to SBDavid Drysdale
Bug: 219076736 Test: manual, RoT between locally modified KeyMints Change-Id: Iad3f14afc9d853e91cc7f7810fd6e592b48cab2d Merged-In: Iad3f14afc9d853e91cc7f7810fd6e592b48cab2d Ignore-AOSP-First: manual cp from aosp/2031823
2022-05-28Unbind Attestation keys when freeing up namespace. am: d337c77271 am: 2feb0d0801Vikram Gaur
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18638770 Change-Id: I2c3cde2a21a62f08d18ef25102de037851dc17d0 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-05-28Unbind Attestation keys when freeing up namespace. am: d337c77271Vikram Gaur
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18638770 Change-Id: Ic15ad66faf5a55a93e4cada08e1a55623c9a510d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-05-27Unbind Attestation keys when freeing up namespace.Vikram Gaur
In https://android-review.googlesource.com/c/platform/system/security/+/1698833 we added a check only for client keys. However, this means that on application deletion only the keystore keys related to the application are unbound and the attestation keys get orphaned. Through this change, I am planning to unbind the attestation keys related to the application as well. Change-Id: I1c9d1ac6d6943cc53f5d74653e3da72cd4f2adf7 Merged-In: I1c9d1ac6d6943cc53f5d74653e3da72cd4f2adf7 Test: atest keystore2_test BUG: 232534682 Ignore-AOSP-First: Picking from AOSP
2022-05-24Merge "[Compos Telemetry] Fix current_artifacts_ok in the pushed atom" into ↵TreeHugger Robot
tm-dev am: 7b28cace73 am: fed9c4818d Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18580936 Change-Id: I617d8228fd22b28c4d0d6a5e07e4dfe9eaed7b63 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-05-24Merge "[Compos Telemetry] Fix current_artifacts_ok in the pushed atom" into ↵TreeHugger Robot
tm-dev am: 7b28cace73 Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18580936 Change-Id: I2469c38f0d2c374a85b6e38939d2010f7b3cfde4 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-05-24Merge "[Compos Telemetry] Fix current_artifacts_ok in the pushed atom" into ↵TreeHugger Robot
tm-dev
2022-05-24[Compos Telemetry] Fix current_artifacts_ok in the pushed atomShikha Panwar
In cases of no pending artifacts exist, current_artifacts_ok is not set in the pushed atom. Fix this by checking the returned value of checkArtifacts() Ignore-AOSP-First: Change is required for correct telemtry from Android T, I will backport this to aosp. Bug: 233740445 Test: build succeds Change-Id: I2d7ce37960c2c0f1adea15bde06d21947668b4a4
2022-05-12Log SecurityLevel with RkpErrorStats. am: adf6692b3e am: 81e091b28fHasini Gunasinghe
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18350667 Change-Id: I5c546c93fe907217c5590f0db546e745761e3aab Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-05-12Log SecurityLevel with RkpErrorStats. am: adf6692b3eHasini Gunasinghe
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18350667 Change-Id: I5208c7b964e0e1ab5255b952fbb47ee2556799b7 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-05-12Log SecurityLevel with RkpErrorStats.Hasini Gunasinghe
Bug: 230750270 Test: Local testing with statsd TestDrive script Ignore-AOSP-First: This targets T and will be cherry-picked to AOSP later. Change-Id: I8490e31df4a111ff6787ea67dd8a170b410566df (cherry picked from commit d675e225a798b2e2388a8bd2f93c61caaa87e295)
2022-04-21Merge "Do not cache rkp_only property" am: 4c348bd49f am: fb4ccc3172 am: ↵Seth Moore
2fcd798bc9 am: 8c6abf187f am: c7f77838bf Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036 Change-Id: I18abfe9bcf86ae3c14acef954fb67a6b9d27e6eb Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-21Merge "Do not cache rkp_only property" am: 4c348bd49f am: fb4ccc3172 am: ↵Seth Moore
2fcd798bc9 am: 8c6abf187f Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036 Change-Id: I89328a9d7b6348a75a3885225c268cf2d64acb54 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-21Merge "Do not cache rkp_only property" am: 4c348bd49f am: fb4ccc3172 am: ↵Seth Moore
2fcd798bc9 Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036 Change-Id: Ie43d58a109b751b1c84ae6fa0ead319488193422 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-21Merge "Do not cache rkp_only property" am: 4c348bd49f am: fb4ccc3172Seth Moore
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036 Change-Id: I7f2d3bcfbc68df85fa2345d791cff4e5e599d24e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-21Merge "Do not cache rkp_only property" am: 4c348bd49fSeth Moore
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036 Change-Id: I558b6fe40d513cbea5f4db80470ba386919a68ad Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-21Merge "Do not cache rkp_only property"Seth Moore
2022-04-20Do not cache rkp_only propertySeth Moore
To allow for testing, read the rkp_only properties every time instead of caching the value. This allows the RemoteProvisioner tests to alter the property, moving the device in and out of rkp-only mode. Test: RemoteProvisionerUnitTests Bug: 27306369 Change-Id: If9a616fd36095175f4aea07c897c67a11eb04bcf
2022-04-20Merge "Fix lints from Rust 1.60.0" am: 90c23a8c17 am: 62fd2a233d am: ↵Treehugger Robot
d12141441b am: 9f7c9943cb am: 285bb857a6 Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372 Change-Id: I9312a4f4f8659755e9d9c99eabadf7e8e2a81f58 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Merge "Fix lints from Rust 1.60.0" am: 90c23a8c17 am: 62fd2a233d am: ↵Treehugger Robot
d12141441b am: 9f7c9943cb Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372 Change-Id: I3bfcb20311ea498fe4a37b7341a78496d3886d51 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Merge "Fix lints from Rust 1.60.0" am: 90c23a8c17 am: 62fd2a233d am: d12141441bTreehugger Robot
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372 Change-Id: I833a6e2347b64b08f4c8bdef605698f241b637e0 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Merge "Ensure that "rkp only" forces checks for rkp keys" am: cd6b6a7ff8 am: ↵Seth Moore
f16fb9f3a8 am: a454b17334 am: bb485e4000 am: 075dae43fe Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831 Change-Id: I8bb9a0d45c4cc04d02d50adddc778fa6d6984f13 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours am: 23a1b57bb2 -s ours am: 42622d5034 -s ours am: 79edea66fd -s ours am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218 Change-Id: Ia2f24e6eeeb1dad97b533b772fbb4d00d88b0674 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Merge "Fix lints from Rust 1.60.0" am: 90c23a8c17 am: 62fd2a233dTreehugger Robot
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372 Change-Id: I4e1d5abaa7a401f077ae43bc2693665ee4a1b731 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Merge "Fix lints from Rust 1.60.0" am: 90c23a8c17Treehugger Robot
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372 Change-Id: I7e27a7dedc0d4252509cdb53a7ca1f2bb72c1a49 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Merge "Fix lints from Rust 1.60.0"Treehugger Robot
2022-04-20Merge "Ensure that "rkp only" forces checks for rkp keys" am: cd6b6a7ff8 am: ↵Seth Moore
f16fb9f3a8 am: a454b17334 am: bb485e4000 Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831 Change-Id: I939b4a3b355fd72c61cf0a804494a2f34cd775d0 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours am: 23a1b57bb2 -s ours am: 42622d5034 -s ours am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218 Change-Id: Ib1d716a17fbf5c9c97e68fb65f28401eb3d1be4c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Merge "Ensure that "rkp only" forces checks for rkp keys" am: cd6b6a7ff8 am: ↵Seth Moore
f16fb9f3a8 am: a454b17334 Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831 Change-Id: I6e027e7ad0fd0d280c488e1a8fcd0d7ceba9416d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours am: 23a1b57bb2 -s ours am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218 Change-Id: Ib42e70efda5ab061ddd74f84f9b480b823d4dd33 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-19Fix lints from Rust 1.60.0Chris Wailes
Bug: 222737227 Test: m rust Change-Id: I4f35c8e50a1837608ab69a7609caff9c485e8c85
2022-04-19Merge "Ensure that "rkp only" forces checks for rkp keys" am: cd6b6a7ff8 am: ↵Seth Moore
f16fb9f3a8 Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831 Change-Id: Ida19f5b72990311f8bfe1d19a765f1539804017c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-19Merge "Ensure that "rkp only" forces checks for rkp keys" am: cd6b6a7ff8Seth Moore
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831 Change-Id: I57e85c0f306b964d3e321eb3ad690ed5d4ec923c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-19Merge "Ensure that "rkp only" forces checks for rkp keys"Seth Moore
2022-04-19[automerger skipped] Empty merge of ↵Xin Li
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218 Change-Id: Iadad3bcbba5ae6cbc0a8bbbcf3435892809f724d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-18Ensure that "rkp only" forces checks for rkp keysSeth Moore
An empty key pool should not allow fallback to the batch key if the vendor indicates the system is rkp only. Additionally, if the system is misconfigured (e.g. marked as rkp only and has no remotely provisioned component hal) then we should insist on checking RKP keys anyway. This will result in the given system always returning OUT_OF_KEYS, which will fail various tests. Test: keystore2_test Test: RemoteProvisionerUnitTests Bug: 227306369 Change-Id: I027bc56ff167abf99b18be01dccf05f90dd07f2a
2022-04-18Empty merge of sc-v2-dev-plus-aosp-without-vendor@8433047Xin Li
Bug: 226662282 Merged-In: Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee Change-Id: Id87ce6ee433f6fc31d18ccdee5a2eb2bc62633e5
2022-04-16Merge "Turn on AFDO for keystore2" am: 678a6f5af4 am: 3e28b020d7 am: ↵Treehugger Robot
ad3d746a66 am: 2ebc418ad9 am: e0b398b566 Original change: https://android-review.googlesource.com/c/platform/system/security/+/1956047 Change-Id: I7e0af6a8461dfef039ea9a51855697cc0192f0c3 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 05:22:04 +0000