Commit graph

1981 commits

Author SHA1 Message Date
Bill Yi
3255773023 Merge android10-qpr2-s3-release to aosp/master - DO NOT MERGE
Change-Id: Ic781131f8d6c84feacd1df31c5dbdd5533c3f24c
2020-05-04 20:39:43 -07:00
Bob Badour
e3541e4d06 Merge "Add METADATA to system/security: Apache2+BSD=NOTICE" 2020-05-04 20:59:03 +00:00
Bob Badour
79e967ba2a Add METADATA to system/security: Apache2+BSD=NOTICE
Bug: 68860345
Bug: 69058154
Bug: 151953481

Test: no code changes
Change-Id: I786f81a9f28b8e86062031d0479310fd432e9851
2020-05-04 13:15:58 -07:00
Treehugger Robot
572c579ee3 Merge "Allow attest to device properties" 2020-05-04 15:31:19 +00:00
Dorin Drimus
4b7a7fb5f8 Allow attest to device properties
Attesting (only) to device properties is allowed without special
permission (android.permission.READ_PRIVILEGED_PHONE_STATE) since
base device properties should be accessible to everyone. For
unique identifying IDs attestation the permission is still needed.

Test: atest CtsKeystoreTestCases
Bug: 152945378
Change-Id: I8395e0c18cfc91916a172d20dd6049c7c027e8d9
2020-05-01 16:45:29 +00:00
David Zeuthen
50678f526b Merge "credstore: Pass additional information to Identity Credential HAL." 2020-04-29 23:41:41 +00:00
David Zeuthen
e2a78a48c0 credstore: Pass additional information to Identity Credential HAL.
Without this extra information passed upfront it's not practical to
implement a HAL which incrementally builds up cryptographically
authenticated data.

This information is conveyed by using two new methods on version 2 of
the Identity Credential HAL. If these methods are not implemented (if
a version 1 HAL is running) the invocation fails and we handle this
gracefully by just ignoring the error.

Bug: 154631410
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts

Change-Id: I17d516e41e800f58daa4c11dcca0305c80740d5b
2020-04-29 09:52:51 -04:00
Treehugger Robot
da132924a0 Merge "Also load fs-verity cert from /system/etc/security/fsverity/" 2020-04-14 22:50:59 +00:00
Victor Hsieh
753ac2a34b Also load fs-verity cert from /system/etc/security/fsverity/
Bug: 153112812
Test: able to use the new cert after reboot
Change-Id: I01085913f81898592a3a1edcaa97aff6dc8ac89c
2020-04-03 15:30:09 -07:00
android-build-team Robot
bbbd112dfb Merge cherrypicks of [10745155, 10743283, 10746098, 10735615, 10743284, 10745369, 10745156, 10745157, 10746136, 10746137, 10745215, 10746138, 10745216, 10745217, 10746139, 10745218, 10743285, 10746118, 10746119, 10745827, 10745158, 10745159, 10743224, 10743225, 10745492] into qt-qpr2-release
Change-Id: I16583efcd9db10fd33938f0dbf4cf3adf6a98a18
2020-03-19 04:53:27 +00:00
Janis Danisevskis
1642dc0039 Add permission check on onKeyguardVisibilityChanged
Without this permission check any app can toggle the locked state of
keymaster once it has been unlocked for the first time.

Bug: 144285084
Test: Manually tested with debugger that the requred code paths are
      run.

Merged-In: Idb8a200dc2963e1085e9fddd0c565c5172465e65
Change-Id: Idb8a200dc2963e1085e9fddd0c565c5172465e65
(cherry picked from commit 21f452c372)
(cherry picked from commit aad9178b57)
2020-03-19 04:53:04 +00:00
Treehugger Robot
21b6c38fa0 Merge "Stop reading fs-verity certificate from keystore" 2020-03-09 19:42:41 +00:00
Treehugger Robot
4b6865baa0 Merge "Revert "Make keystore a core service"" 2020-03-09 19:41:43 +00:00
Automerger Merge Worker
567cff88a1 Merge "credstore: signingKeyBlob was moved from finishRetrieval() to startRetrieval()." am: 37d5b94d14
Change-Id: I955a93741dd2eea92e2d13822b6d982029ea7355
2020-02-28 15:22:35 +00:00
Treehugger Robot
37d5b94d14 Merge "credstore: signingKeyBlob was moved from finishRetrieval() to startRetrieval()." 2020-02-28 15:08:41 +00:00
David Zeuthen
55975ecbcf credstore: signingKeyBlob was moved from finishRetrieval() to startRetrieval().
The implementation of the Identity Credential TA in constrained
environments may need to incrementally update the HMAC-SHA256 of
DeviceAuthencation CBOR to avoid keeping the entire CBOR structure in
memory. To do this they need to calculate the derived key before
starting to build the CBOR so they need access to the signingKey
earlier on. Update credstore to pass the signingKey earlier.

Bug: 150390415
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Change-Id: If2479a10f80fba748591c30aa7b8662e1063787e
2020-02-27 14:32:55 -05:00
Victor Hsieh
2bcd5376ec Stop reading fs-verity certificate from keystore
We punting support for extra certificate to S.

Test: boot
Bug: 112038744
Change-Id: I3bc342a7df0c47c02494ef6fdae24e7ad00a8507
2020-02-26 12:39:15 -08:00
Victor Hsieh
19f1caefba Revert "Make keystore a core service"
This reverts commit 7fd8e853e9.

Test: still see keystore process running
Bug: 112038744
Bug: 150267620
Change-Id: I4fe3c6aeecf960377671d11be0a4dc9fa60dfb18
2020-02-26 12:37:41 -08:00
Automerger Merge Worker
4f0fd48c01 Merge "Revert "Making software km implementation both backup and default"" am: 24dce34ad5
Change-Id: I19932e3111b573ec45d7a36e145bbdb804f043b5
2020-02-20 14:16:40 +00:00
Wale Ogunwale
24dce34ad5 Merge "Revert "Making software km implementation both backup and default"" 2020-02-20 14:05:52 +00:00
Wale Ogunwale
ba61bbbc0b Revert "Making software km implementation both backup and default"
This reverts commit cfc8b73b67.

Reason for revert: Causing pre-submit failure with window manager
Bug: 148773266
Bug: 149892576

Change-Id: I1acd288aa1a1cb004d1118b7db775511a2cda344
2020-02-20 12:35:36 +00:00
Automerger Merge Worker
4718a821b3 Merge "Port credstore to IdentityCredential AIDL." am: c092adeb2b
Change-Id: Ie497c7c1f9e38a88411ba7acab83f4ee85ddbb84
2020-02-19 22:23:14 +00:00
David Zeuthen
c092adeb2b Merge "Port credstore to IdentityCredential AIDL." 2020-02-19 21:14:41 +00:00
Automerger Merge Worker
803b6971a7 Merge "Making software km implementation both backup and default" am: 67be8d72bf
Change-Id: Ie1a107c4904e8bcd507ec5d25cb61f98fe09f0b5
2020-02-19 18:32:18 +00:00
Treehugger Robot
67be8d72bf Merge "Making software km implementation both backup and default" 2020-02-19 18:20:06 +00:00
Max Bires
cfc8b73b67 Making software km implementation both backup and default
If there were no secure keymasters on a device, but software keymasters
offered, then keystore would shuffle the software keymaster to the
TRUSTED_ENVIRONMENT securityLevel keymaster slot and generate a software
fallback keymaster. This change lets the software keymaster slot occupy
both the default and software slot. A fallback keymaster implementation
should only be invoked if there actually is no other keymaster
implementation.

Bug: 148773266
Test: atest KeyChainTests:com.android.keychain.tests.BasicKeyChainServiceTest#testAttestKeySucceedsOnGeneratedKey -- --abi x86
Change-Id: Ia845b6d8be85dcd6dfd3aecbb1dbda972e9cfff2
2020-02-16 15:24:34 -08:00
David Zeuthen
a6f9fba382 Port credstore to IdentityCredential AIDL.
Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: I338b35f57f2bb7345c3f8f0c608c7a6213a0dc6b
2020-02-14 13:41:52 -05:00
Automerger Merge Worker
840fd26eb0 Merge "Update keystore to use KM4.1." am: c0ef4595c8
Change-Id: I8cbe2f5d03cf10879417504446db80b38de10157
2020-02-12 01:06:53 +00:00
Treehugger Robot
c0ef4595c8 Merge "Update keystore to use KM4.1." 2020-02-12 00:56:18 +00:00
Shawn Willden
a97aea4040 Update keystore to use KM4.1.
This is the first part of the update, adjusting keystore to use the
KM4.1 interface, but not call any of the new methods.  That will come
in a subsequent CL.

Test: CtsKeystoreTestCases
Change-Id: Ib7486aad46c144471a1607eec31b8df1059a511d
Merged-In: Ib7486aad46c144471a1607eec31b8df1059a511d
2020-02-11 15:51:04 -07:00
Automerger Merge Worker
4097e10a1c Merge "Factor keystore_attestation_id into library and also use this in credstore." am: fc1fc88195
Change-Id: Id22f54a8b432c352ce92fb9d6c1d514baad9ba46
2020-02-04 21:49:42 +00:00
Treehugger Robot
fc1fc88195 Merge "Factor keystore_attestation_id into library and also use this in credstore." 2020-02-04 21:31:31 +00:00
David Zeuthen
f2a28671b0 Factor keystore_attestation_id into library and also use this in credstore.
This was needed because credstore needs to generate and pass the
generated AttestationApplicationId to the Identity Credential HAL.

Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityCredentialTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: Id22b85ca083e23c7e1fbd3459910fba37a5db137
2020-01-31 16:23:30 -05:00
Automerger Merge Worker
b3f237c8a8 Merge "Fixed bug in APC rate limiting fix." am: a3c549fe9c
Change-Id: I80195a6c87be2e2f67fdea7ad608c92369e9dcda
2020-01-30 23:59:00 +00:00
Treehugger Robot
a3c549fe9c Merge "Fixed bug in APC rate limiting fix." 2020-01-30 23:48:18 +00:00
Janis Danisevskis
16ae65c2ab Fixed bug in APC rate limiting fix.
Cancelling an APC request from the app side must lead to a callback to
unblock the caller.

Bug: 138655142
Bug: 148411844
Test: atest confirmationui_invocation_test
Change-Id: If71ffc7d3d75dde6f0217ccdb003569149947ec8
2020-01-30 13:39:36 -08:00
Greg Kaiser
2f5ce9939d Merge "identity/Util: Fix file write check"
am: 61e8fb9442

Change-Id: I5d45df957adaf81edddfbdf2e13ddf6f8480ac5f
2020-01-27 10:19:32 -08:00
Treehugger Robot
61e8fb9442 Merge "identity/Util: Fix file write check" 2020-01-27 18:01:34 +00:00
Automerger Merge Worker
9d79917068 Merge "Confirmationui Rate Limiting App Abort Bug Fix" am: 2d5b18b9b7
Change-Id: I1095ce1686fd8a85c195b387406d965aa743c8cb
2020-01-24 17:51:22 +00:00
Treehugger Robot
2d5b18b9b7 Merge "Confirmationui Rate Limiting App Abort Bug Fix" 2020-01-24 17:37:58 +00:00
Cindy Zhou
b3bf30bb1f Confirmationui Rate Limiting App Abort Bug Fix
Increment the rate limiting counter when the application sends an abort
message.

Bug: 138655142
Test: Ran keystore_unit_tests and manually checked behavior of
keystore application with confimrationui.
Merged-In: I5f3af166391a32748a26f7709d30a5ac718499c0
Change-Id: I5f3af166391a32748a26f7709d30a5ac718499c0
2020-01-24 08:47:36 -08:00
Max Bires
7664a53479 Merge "Revert "Fixing security vuln by tightening race condition window.""
am: fbe01199cb

Change-Id: I3cbf27926ade31d0d902d69900c44453c678c40d
2020-01-23 11:04:38 -08:00
Treehugger Robot
fbe01199cb Merge "Revert "Fixing security vuln by tightening race condition window."" 2020-01-23 19:00:24 +00:00
Greg Kaiser
c8966aa0da identity/Util: Fix file write check
The results of TEMP_FAILURE_RETRY can be negative in an error
case.  But we were assigning it to an unsigned size_t, and
thus our check to see if it was negative would always be false.

We switch to storing this result in a signed ssize_t, so we'll
properly handle a negative return value.  As long as we're
never writing more than 2GB (ssize_t max on a 32-bit system),
this shouldn't be a problem.

Test: TreeHugger
Change-Id: I3d417fab7c3ee7557221f9757567379d1b8cb6da
2020-01-21 07:09:51 -08:00
David Zeuthen
b781cc2399 Merge "credstore: update credstore.rc to use correct class, user, and group."
am: 662e346347

Change-Id: I3580b33c5bbe91c9d985a093605728b070c210e1
2020-01-21 06:40:26 -08:00
Treehugger Robot
662e346347 Merge "credstore: update credstore.rc to use correct class, user, and group." 2020-01-21 14:35:52 +00:00
David Zeuthen
13de6a9fe4 credstore: update credstore.rc to use correct class, user, and group.
Bug: 111446262
Test: Manually inspected
Change-Id: If99f55fcd6034e059d8d7100a94ec59fb6c66a72
2020-01-17 16:52:01 -05:00
Automerger Merge Worker
b5e1b4aba1 Merge "Add credstore system daemon." am: 704895de56
Change-Id: Ib0998d5a9139577b2dd6f30e33d11f2ae4838e4f
2020-01-17 03:19:01 +00:00
Treehugger Robot
704895de56 Merge "Add credstore system daemon." 2020-01-16 23:07:35 +00:00
David Zeuthen
ab3e565511 Add credstore system daemon.
The credstore system daemon is sitting below the Identity Credential
Framework APIs and on top of the Identity Credential HALs. Its main
job is to store credential data and provide a way for applications to
communicate with the secure hardware abstracted by the HAL.

This daemon runs as an unprivileged user, credstore.

The auth-tokens needed by credstore are supplied by keystore and this
CL includes the requisite changes to keystore for this to work.

Bug: 111446262
Test: CTS tests for Framework APIs
Change-Id: Ieb4d59852a143482436a1c418c25ed96e25c0047
2020-01-16 13:05:48 -05:00