Merge "Fix docs for SecurityLevel::TRUSTED_ENVIRONMENT" am: e88878c71d am: 9c20468bc9 am: 88506e39b8 am: 40601880c6

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1614580 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I98e5291596a14d292b22e845b247e740cdf80bf0
2021-03-05 08:59:58 +00:00 · 2021-03-05 08:59:58 +00:00 · f3eeb55ed5
commit f3eeb55ed5
parent 66c3828c88 40601880c6
1 changed files with 7 additions and 5 deletions
--- a/security/keymint/aidl/android/hardware/security/keymint/SecurityLevel.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/SecurityLevel.aidl
@ -44,13 +44,15 @@ enum SecurityLevel {

    /**
     * The TRUSTED_ENVIRONMENT security level represents a KeyMint implementation that runs in an
-     * Android process, or a tag enforced by such an implementation.  An attacker who completely
-     * compromises Android, including the Linux kernel, does not have the ability to subvert it.  At
-     * attacker who can find an exploit that gains them control of the trusted environment, or who
-     * has access to the physical device and can mount a sophisticated hardware attack, may be able
-     * to defeat it.
+     * isolated execution environment that is securely isolated from the code running on the kernel
+     * and above, and which satisfies the requirements specified in CDD 9.11.1 [C-1-2]. An attacker
+     * who completely compromises Android, including the Linux kernel, does not have the ability to
+     * subvert it.  An attacker who can find an exploit that gains them control of the trusted
+     * environment, or who has access to the physical device and can mount a sophisticated hardware
+     * attack, may be able to defeat it.
     */
    TRUSTED_ENVIRONMENT = 1,
+
    /**
     * The STRONGBOX security level represents a KeyMint implementation that runs in security
     * hardware that satisfies the requirements specified in CDD 9.11.2.  Roughly speaking, these