Merge "Fix docs for SecurityLevel::TRUSTED_ENVIRONMENT" am: e88878c71d am: 9c20468bc9 am: 88506e39b8 am: 40601880c6

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1614580

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I98e5291596a14d292b22e845b247e740cdf80bf0
This commit is contained in:
David Drysdale 2021-03-05 08:59:58 +00:00 committed by Automerger Merge Worker
commit f3eeb55ed5

View file

@ -44,13 +44,15 @@ enum SecurityLevel {
/** /**
* The TRUSTED_ENVIRONMENT security level represents a KeyMint implementation that runs in an * The TRUSTED_ENVIRONMENT security level represents a KeyMint implementation that runs in an
* Android process, or a tag enforced by such an implementation. An attacker who completely * isolated execution environment that is securely isolated from the code running on the kernel
* compromises Android, including the Linux kernel, does not have the ability to subvert it. At * and above, and which satisfies the requirements specified in CDD 9.11.1 [C-1-2]. An attacker
* attacker who can find an exploit that gains them control of the trusted environment, or who * who completely compromises Android, including the Linux kernel, does not have the ability to
* has access to the physical device and can mount a sophisticated hardware attack, may be able * subvert it. An attacker who can find an exploit that gains them control of the trusted
* to defeat it. * environment, or who has access to the physical device and can mount a sophisticated hardware
* attack, may be able to defeat it.
*/ */
TRUSTED_ENVIRONMENT = 1, TRUSTED_ENVIRONMENT = 1,
/** /**
* The STRONGBOX security level represents a KeyMint implementation that runs in security * The STRONGBOX security level represents a KeyMint implementation that runs in security
* hardware that satisfies the requirements specified in CDD 9.11.2. Roughly speaking, these * hardware that satisfies the requirements specified in CDD 9.11.2. Roughly speaking, these