Age | Commit message (Collapse) | Author |
|
|
|
Looks like the DB was moved out of SQLite in aosp/1699645 but the
connection-holding type was missed.
Bug: 333894699
Test: TreeHugger
Change-Id: I4b87690343bc890cb1aa1c6e1595ac4b42c11670
|
|
|
|
|
|
On a rkp-only device it is not possible to generate an attestation
on a bare key generation (attestations can only be generated if an
ATTEST_KEY is provided).
Bug: 329409739
Test: keystore2_legacy_blobs_test
Change-Id: Icdc4037466ab32366c34feeb42b58822ea110ebf
|
|
Bug: 333427576
Test: TreeHugger
Change-Id: I549be37c37e99b4a73da2a12758675ad3191716b
|
|
|
|
error: initializer for `thread_local` value can be made `const`
--> system/security/keystore2/src/database.rs:5022:47
|
5022 | static RANDOM_COUNTER: RefCell<i64> = RefCell::new(0);
| ^^^^^^^^^^^^^^^ help: replace with: `const { RefCell::new(0) }`
|
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#thread_local_initializer_can_be_made_const
= note: `-D clippy::thread-local-initializer-can-be-made-const` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(clippy::thread_local_initializer_can_be_made_const)]`
error: aborting due to 1 previous error
Bug: http://b/330185853
Test: ./test_compiler.py --prebuilt-path dist/rust-dev.tar.xz --target aosp_cf_x86_64_phone --image
Change-Id: Ic583a76f7ea7fc27ce6c214b3247748d7dbaa1b4
|
|
|
|
... because there can be many many inputs for fsverity manifest
generator.
Bug: 330282551
Test: m aosp_cf_system_x86_64
Change-Id: Ic84205342a07002f2a72a2b412a14e7e01b46af3
|
|
|
|
Test: Build
Change-Id: If61f49d36ea954f8385012172d454cc803141a60
|
|
|
|
error: field `0` is never read
--> system/security/keystore2/src/database.rs:848:31
|
848 | pub struct PerBootDbKeepAlive(Connection);
| ------------------ ^^^^^^^^^^
| |
| field in this struct
|
= note: `-D dead-code` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(dead_code)]`
help: consider changing the field to be of unit type to suppress this warning wh
ile preserving the field numbering, or remove the field
|
848 | pub struct PerBootDbKeepAlive(());
| ~~
error: aborting due to 1 previous error
Bug: 330185853
./test_compiler.py --prebuilt-path dist/rust-dev.tar.xz --target aosp_cf_x86_64_phone --image
Test: m rust
Change-Id: I4cb81c955372c4f8f50b940b389f2d7cfc5d3ce9
|
|
|
|
IKeystoreAuthorization already has @SensitiveData.
Bug: 176110256
Test: N/A
Change-Id: Ia59bb2d9e2154c51b5ab7568a321359ff096c59f
|
|
into main
|
|
Remove IKeystoreMaintenance#onDeviceOffBody(), as it's no longer called.
In addition, remove the code that tried to enforce the AllowWhileOnBody
key parameter. This code was broken during the rewrite of Keystore in
Android 12, and as a result, AllowWhileOnBody has no user-visible
effect. AllowWhileOnBody is *supposed* to cause the key's
authentication timeout, if it has one, to automatically expire when the
device is removed from the user's body. (A better name for it might
have been something like UserAuthenticationExpiresWhenRemovedFromBody.)
Android 11 Keystore implemented this behavior; see
https://android.googlesource.com/platform/system/security/+/refs/heads/android11-release/keystore/auth_token_table.cpp#165
Android 12 Keystore changed AllowWhileOnBody to have no effect.
Apparently due to a misunderstanding, the (incorrect) behavior that was
attempted to be implemented was "The key may be used after
authentication timeout if device is still on-body". But what was
actually implemented was that the Keystore daemon stopped enforcing
authentication timeouts for AllowWhileOnBody keys entirely, except after
a wearable device was removed from the body in which case the timeout is
enforced for any earlier authentications. Yet, this has no user-visible
effect because KeyMint still enforces the authentication timeout as
usual. So, AllowWhileOnBody has really been a no-op since Android 12.
We can always bring this code back, fixed and with tests, if this
feature comes back. But for now there is no reason to keep it around.
Bug: 289849354
Test: atest -p --include-subdirs system/security/keystore2
Test: atest CtsKeystoreTestCases
Change-Id: I4a7b3a90b56dacbb5316e30a30bf3fabc0debe48
|
|
main
|
|
This uses the new macro for structured logging that simplifies the usage
of structured logging.
Bug: 290589708
Test: Run keystore client and checked the log
Change-Id: I4d941d8b03c09d0541cf1159c38f4eba60e07292
|
|
module." into main
|
|
|
|
|
|
attestation tests." into main
|
|
Changes made to avoid running keystore2_client_tests of armeabi-v7a
builds on arm64-v8a platforms.
Bug: 322112515
Test: run vts -m keystore2_client_tests
Change-Id: Ic7205ecc80146cdd36b1a618c9c5cde114b98e71
|
|
Based on examinations in go/keystore-error-logs-overhaul
we want to update the logs to allow keystore errors
to be properly routed.
Test: atest keystore2_test
Change-Id: I704ca5bdeaf32acdd6a619ca778b04b3df72bcfd
|
|
attestation tests.
The following order of precedence is used to determine the VSR API level:
1. If the `ro.vendor.api_level` property is present, then use it as the
VSR API level.
2. Otherwise, determine the VSR API level with the following logic:
- Get the vendor API level using the `ro.board.api_level` property if
present; otherwise, use the `ro.board.first_api_level` property.
- Get the product API level using the `ro.product.first_api_level`
property if present; otherwise, use the `ro.build.version.sdk`
property.
- If it is unable to determine the vendor API level, then use the
product API level as the VSR API level.
- If both the vendor API level and product API level are available,
then use the minimum of `vendor_api_level` and `product_api_level`
as the VSR API level.
- Otherwise, the vendor API level will be used as the VSR API level.
Bug: 326675646
Test: atest keystore2_client_tests
Change-Id: I3aa48d05f367fafab5151fa7eb6dd447840dae0d
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2972492
Change-Id: I8acbcfaf3c288167d4e02d15276c93ae3ef270c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2983289
Change-Id: I56a4c76b182c34152fdc7f83145c07b11dd23ac3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Per go/keystore-error-logs-overhaul we are updating
the logs in keystore to be more clear. This adds
logging around the security level when the Hardware
type error is sent to the caller.
Test: atest keystore2_test
Change-Id: I7d41f02832a02976b3e1b6535ba0df5ed3863e53
|
|
Test: Built with test_compiler.py
Bug: 327204642
Change-Id: I95f8965cb1db564fb3c86b4529aa707d1b75fd78
|
|
This log is said to be ignored so it should not
be at the level of an error as that could confuse
people.
Test: N/A
Change-Id: I561fc8c16337de9d40714d87d3525f432f5afad7
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2978554
Change-Id: I3a048996462d0cff6073b709d68a88d4b00c0c33
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Grant sys_nice capabilities to odsign so that it can spawn
VMs with sys_nice enabled which is used by compos_verify.
Bug:326557850
Test: atest odsign_e2e_tests_full
Change-Id: I9f502b997123faf9bc5a8e04f416726ea8001e41
Signed-off-by: David Dai <davidai@google.com>
|
|
cbae97c988
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2945375
Change-Id: I36c59bd1f847852537f4f0b59400e02c41e53d2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
device with keymaster implementation." into main am: 3dfac14787
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942748
Change-Id: I2f6ff524e35991966684d63696b860593eed46f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
device with keymaster implementation." into main
|
|
device with keymaster implementation.
- Ignore INVALID tag in generated key characteristics if keymaster
implementation is present.
- RSA_OAEP_MGF_DIGEST, ATTEST_KEY, USAGE_COUNT_LIMIT are not expected in
generated key characteristics if keymaster implementation is present.
- Corrected device attest ids names.
- Skip device id attestation on device with GSI image and device
first_api_level is less than 34.
- When the DEVICE_UNIQUE_ATTESTATION tag is used in key generation,
root certificate signature verification is ignored during cert-chain
verification.
Bug: 322118247
Test: atest keystore2_client_tests
Change-Id: I42d339a7797114d9139c64bc4d397889b965cb48
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2960905
Change-Id: I017b7d478829aa746655f55a45db899616571f97
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2956141
Change-Id: I52d1d4cef2f2b5db1badd22b479107ab29dcbff7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
The logs were missing a word and also this will
add the blob id into the logs when a query fails
to delete the blob.
Test: atest keystore2_test
Change-Id: Ieff6e9266837744d16633c93df0b6da27871eca7
|
|
This CL is created as a best effort to migrate test targets to the new Android ownership model.
It is based on historical data from repository history and insights from git blame.
Given the nature of this effort, there may be instances of incorrect attribution. If you find incorrect or unnecessary
attribution in this CL, please create a new CL to fix that.
For detailed guidelines and further information on the migration please refer to the link below,
go/new-android-ownership-model
Bug: 304529413
Test: N/A
Change-Id: Ia06fe7f4d0518d03cebf52d34ca9b1434011d272
|
|
```
error: accessing first element with `key_descriptors.get(0)`
-->
system/security/keystore2/tests/keystore2_client_list_entries_tests.rs:143:27
|
143 | let key = key_descriptors.get(0).unwrap();
| ^^^^^^^^^^^^^^^^^^^^^^ help: try:
`key_descriptors.first()`
|
= help: for further information visit
https://rust-lang.github.io/rust-clippy/master/index.html#get_first
= note: `-D clippy::get-first` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(clippy::get_first)]`
```
Bug: http://b/321303117
Test: toolchain/android_rust/test_compiler.py --prebuilt-path dist/rust-dev.tar.xz --target aosp_cf_x86_64_phone --all-rust
Change-Id: Ic278ca9ec8fc48e779741f43b1fd53702b54396f
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2940163
Change-Id: I53489025aa43e2463fa61892e48dc2bb8c1858bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|