Merge "Fix docs for SecurityLevel::TRUSTED_ENVIRONMENT"

This commit is contained in:
David Drysdale 2021-03-05 06:48:51 +00:00 committed by Gerrit Code Review
commit e88878c71d

View file

@ -44,13 +44,15 @@ enum SecurityLevel {
/**
* The TRUSTED_ENVIRONMENT security level represents a KeyMint implementation that runs in an
* Android process, or a tag enforced by such an implementation. An attacker who completely
* compromises Android, including the Linux kernel, does not have the ability to subvert it. At
* attacker who can find an exploit that gains them control of the trusted environment, or who
* has access to the physical device and can mount a sophisticated hardware attack, may be able
* to defeat it.
* isolated execution environment that is securely isolated from the code running on the kernel
* and above, and which satisfies the requirements specified in CDD 9.11.1 [C-1-2]. An attacker
* who completely compromises Android, including the Linux kernel, does not have the ability to
* subvert it. An attacker who can find an exploit that gains them control of the trusted
* environment, or who has access to the physical device and can mount a sophisticated hardware
* attack, may be able to defeat it.
*/
TRUSTED_ENVIRONMENT = 1,
/**
* The STRONGBOX security level represents a KeyMint implementation that runs in security
* hardware that satisfies the requirements specified in CDD 9.11.2. Roughly speaking, these