tequilaOS/platform_system_security
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
9338 commits 1 branch 0 tags 12 MiB
Commit graph

9338 commits

This branch
This branch
All branches
Author SHA1 Message Date
Cindy Lin
6ec3c2b64f Implement mls-rs-crypto-traits backed by BoringSSL. 
Fix: 302021139
Test: Presubmit
Change-Id: Iaefa21d3fb69f92d735875778f3f96e1878d0876
 2024-05-28 13:29:16 +00:00
David Drysdale
1db2e8c725 Merge "Add debugging info for transactions" into main am: 95b8309b2f am: 09005dc0fe 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3103180

Change-Id: I29eabe616e1e81b12ae671ea2a9e621def6993a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-28 07:57:21 +00:00
David Drysdale
8eea31fa9f Merge "Add/use watchdog with standard timeout" into main am: de2ac5cf7d am: f023c1593a 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3099837

Change-Id: I31267a95a70469c2fc37516525d9e1f7418f38c4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-28 07:56:51 +00:00
David Drysdale
09005dc0fe Merge "Add debugging info for transactions" into main am: 95b8309b2f 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3103180

Change-Id: Ibb1072d25d9abcd5bce5be7a9d18def3be33a20d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-28 07:49:55 +00:00
David Drysdale
95b8309b2f Merge "Add debugging info for transactions" into main 2024-05-28 07:44:21 +00:00
David Drysdale
f023c1593a Merge "Add/use watchdog with standard timeout" into main am: de2ac5cf7d 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3099837

Change-Id: I4e500d63f23e924bc7b08a835490bdd175a01387
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-28 07:42:01 +00:00
David Drysdale
de2ac5cf7d Merge "Add/use watchdog with standard timeout" into main 2024-05-28 07:17:08 +00:00
Xin Li
109d4d5b3f Mark 2024-06 Release (ab/AP2A.240605.024) as merged in aosp-main-future 
Bug: 343100748
Merged-In: I3aa48d05f367fafab5151fa7eb6dd447840dae0d
Change-Id: I5800fdf210100e25c977b53b60a870a3126c3d69
 2024-05-27 22:54:48 -07:00
Android Build Coastguard Worker
83d360bed2 Snap for 11889377 from 0da99ca967 to 24Q3-release 
Change-Id: I3d08c7c0ff17e746e1dc994ce1cb5b1f704f4d4e
 2024-05-25 03:24:56 +00:00
David Drysdale
7b9ca23b18 Add debugging info for transactions 
Pass around information about which code is performing an exclusive
database transaction, and run an additional watchdog inside the
transaction closure.

Bug: 319563050
Test: CtsKeystoreTestCases
Change-Id: Ib54f1f4c0c37f9d7392d21d9ccb880d066029945
 2024-05-24 15:42:24 +01:00
David Drysdale
0da99ca967 Merge "Remove unused code" into main am: 5b257c6923 am: bfe6762a42 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2812718

Change-Id: Iffd5e04fd0ae5e6cab8ec1af483e6c6910e3ba62
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-24 10:25:44 +00:00
David Drysdale
bfe6762a42 Merge "Remove unused code" into main am: 5b257c6923 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2812718

Change-Id: I494f2f49d56ff406d046e08e0cfd09e874e2b262
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-24 10:06:16 +00:00
David Drysdale
5b257c6923 Merge "Remove unused code" into main 2024-05-24 09:33:26 +00:00
Android Build Coastguard Worker
92956af823 Snap for 11881322 from 3b98d44dce to 24Q3-release 
Change-Id: If566f8e81415504c0e880e6fa7631e16d2aea6df
 2024-05-23 23:24:40 +00:00
David Drysdale
541846b93c Add/use watchdog with standard timeout 
Almost all uses of the watchdog use the same 500ms timeout, so add a new
method that assumes that.

Test: CtsKeystoreTestCases
Change-Id: Idf7852400a58ba954e4a71e5e2282734a0960072
 2024-05-23 13:23:22 +01:00
David Drysdale
8c4c4f3420 Remove unused code 
Test: TreeHugger
Change-Id: If7a4606f5a6a09c574574ed8ed04788435259fa8
 2024-05-23 12:58:15 +01:00
Max Bires
3b98d44dce Merge "Revert "Deprecating the aidl for Android Protected Confirmation"" into main am: ef518cbe49 am: cfc58edc40 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3093803

Change-Id: I056219826510013500365715fcad9439e7d24fd6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-23 04:19:11 +00:00
Max Bires
cfc58edc40 Merge "Revert "Deprecating the aidl for Android Protected Confirmation"" into main am: ef518cbe49 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3093803

Change-Id: I990db94ce94fac37e4c653e4076fb66bf7a70b6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-23 03:53:13 +00:00
Max Bires
ef518cbe49 Merge "Revert "Deprecating the aidl for Android Protected Confirmation"" into main 2024-05-23 03:32:38 +00:00
Android Build Coastguard Worker
7e43e08821 Snap for 11876238 from b57dff7718 to 24Q3-release 
Change-Id: I7d3b41cb9f6d3db695b7bb0077f4d2a101fdc8f5
 2024-05-22 23:26:02 +00:00
David Drysdale
b57dff7718 Merge "Give up on busy DB after a while" into main am: 99464340c4 am: 0937b119b2 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3041776

Change-Id: I8d1c8e53ebc4cd5fe22081886e12bf8b7a7a0061
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-22 10:52:06 +00:00
David Drysdale
0937b119b2 Merge "Give up on busy DB after a while" into main am: 99464340c4 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3041776

Change-Id: If06185f0003fed80d2772eee3d830de7166d9c49
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-22 10:32:31 +00:00
David Drysdale
99464340c4 Merge "Give up on busy DB after a while" into main 2024-05-22 10:18:24 +00:00
Max Bires
9535b1b443 Revert "Deprecating the aidl for Android Protected Confirmation" 
Revert submission 2864688-apc-deprecate

Reason for revert: fix inadvertent partial deprecation

Reverted changes: /q/submissionid:2864688-apc-deprecate

Change-Id: Id97e7ec533b630a22ea91db82ab75f14b0d32edc
 2024-05-22 05:13:36 +00:00
David Drysdale
115c4722f8 Give up on busy DB after a while 
Calls to `with_transaction(Immediate, ...)` act as an exclusive lock on
the Keystore database, because the sleep-loop does not release the
transaction.  That gives the potential for deadlock if any of the code
in the invoked callback takes some other lock without consideration
for lock inversions.

There isn't (yet) a smoking gun that definitively identifies a lock
inversion, but this CL adds timeout behaviour just in case.

Include a unit test that deadlocks without the code change, because
of an explicit lock inversion between the immediate-mode database and a
`KeyIdGuard` object (which acts like a `MutexGuard`).

Bug: 319563050
Bug: 315165314
Flag: android.security.keystore2.database_loop_timeout
Test: keystore2_test#database::tests::test_key_id_guard_immediate
Change-Id: I34fa044ce8e3185a89084b84c6f9ac880944982c
 2024-05-20 19:07:03 +01:00
Android Build Coastguard Worker
07eca51d46 Snap for 11859356 from 0efecbb9a4 to 24Q3-release 
Change-Id: I8974ed7a83f9d5f8461667f9bd044863dfb06983
 2024-05-18 03:25:17 +00:00
Treehugger Robot
0efecbb9a4 Merge "Use waitForService in rkp_factory_extraction_tool" into main am: 996710c4e3 am: 26c2712a40 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3079564

Change-Id: I8e7bbf280e9b0d158a7e91f6c062ef2d89c2e378
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-17 11:26:31 +00:00
Treehugger Robot
26c2712a40 Merge "Use waitForService in rkp_factory_extraction_tool" into main am: 996710c4e3 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3079564

Change-Id: I89ebf9d61d0996da1b48c70035353ace8af79d67
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-17 11:14:13 +00:00
Treehugger Robot
996710c4e3 Merge "Use waitForService in rkp_factory_extraction_tool" into main 2024-05-17 10:55:36 +00:00
Alice Wang
c1b568a0e9 Use waitForService in rkp_factory_extraction_tool 
The original getService doesn't start the AVF HAL if it is
not already running. waitForService is used here with a timeout
of 10 seconds as it starts a service lazily.

Bug: 339118043
Test: m rkp_factory_extraction_tool
Change-Id: I942f4c5e1aae8b529895a51f19b525033609d0aa
 2024-05-17 10:09:10 +00:00
Android Build Coastguard Worker
6b81f1ad56 Snap for 11840485 from 7a2b5019df to 24Q3-release 
Change-Id: I4bdfe8e1a446ce641d5fb4daa993738d74e6ad9d
 2024-05-14 23:25:23 +00:00
Treehugger Robot
7a2b5019df Merge "Clean up OWNERS" into main am: 134da755b0 am: 93b81ad680 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3084058

Change-Id: Iea315749b514a27e719b10b3c8e423cb970a23e9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-14 03:02:10 +00:00
Treehugger Robot
93b81ad680 Merge "Clean up OWNERS" into main am: 134da755b0 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3084058

Change-Id: I0e8867804ecb6bc883eb91b85607ec4d58b80b1e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-14 02:40:16 +00:00
Treehugger Robot
134da755b0 Merge "Clean up OWNERS" into main 2024-05-14 02:13:28 +00:00
Max Bires
a78e7c5727 Clean up OWNERS 
Remove OWNERS entry for person no longer working on the project.

Test: N/A
Change-Id: Icbfba05512e1e1c85593ed58ef88ff15b6673ecc
 2024-05-13 19:08:39 -07:00
Android Build Coastguard Worker
a1b84bf775 Snap for 11834877 from a17c771893 to 24Q3-release 
Change-Id: I04f5adbe9232479798dbcb3191cde8b3fe47ed1a
 2024-05-13 23:25:38 +00:00
Devin Moore
a17c771893 Create and use a death recipient cookie object 
It stores the service we want to notify on the death of the binder, and
it's deleted in the onUnlink callback.

Ignore-AOSP-First: b/319210610

Test: cd system/security/keystore2 && atest -p
Test: CTS-verifier app -> Security -> Protected Confirmation Test
Test: Start TEE test and kill confui HAL after linkToDeath
Test: adb shell kill -9 `pid \
               android.hardware.confirmationui-service.cuttlefish`
Bug: 319210610
Change-Id: I1c65c93577aee287e26fa23ded43d9e2efc90bf2
 2024-05-13 17:47:43 +00:00
Android Build Coastguard Worker
aa4e4604dc Snap for 11800966 from 89c50e70cc to 24Q3-release 
Change-Id: I0fab3f870cff65ccad476b2c4261b58f9c5a5925
 2024-05-04 01:25:19 +00:00
David Drysdale
89c50e70cc Merge "Adjust keystore2_client_tests" into main am: e85693c603 am: 8ab274bd3c 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3061757

Change-Id: I23beea25f87b922c736494df6698f6138975cd7b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-03 06:01:09 +00:00
David Drysdale
8ab274bd3c Merge "Adjust keystore2_client_tests" into main am: e85693c603 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3061757

Change-Id: I4a271bb5620d90cbb849cd6fab6123716c0fc316
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-03 05:46:35 +00:00
David Drysdale
e85693c603 Merge "Adjust keystore2_client_tests" into main 2024-05-03 05:28:28 +00:00
Devin Moore
95427c76cb Create and use a death recipient cookie object 
It stores the service we want to notify on the death of the binder, and
it's deleted in the onUnlink callback.

Ignore-AOSP-First: b/319210610

Test: cd system/security/keystore2 && atest -p
Test: CTS-verifier app -> Security -> Protected Confirmation Test
Test: Start TEE test and kill confui HAL after linkToDeath
Test: adb shell kill -9 `pid \
               android.hardware.confirmationui-service.cuttlefish`
Bug: 319210610
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ade978699c699f610a28455d8549c0243303767b)
Merged-In: I1c65c93577aee287e26fa23ded43d9e2efc90bf2
Change-Id: I1c65c93577aee287e26fa23ded43d9e2efc90bf2
 2024-05-01 23:56:16 +00:00
David Drysdale
40e41f1088 Adjust keystore2_client_tests 
Adjust the keystore2 client tests to cope with a wider variety of
underlying KeyMint / Keymaster devices.

A couple of these changes involve test modifications to match the
behaviour of the KeyMint VTS tests:

- `keystore2_gen_key_device_unique_attest_with_default_sec_level_unimplemented`:
  Allow an extra error code, to match
  `DeviceUniqueAttestationTest.EcdsaNonStrongBoxUnimplemented`.
- `keystore2_import_ec_key_success`: Skip the check that EC keys can be
  imported without an explicitly specified `EC_CURVE` on pre-VSR-V
  devices, to match the equivalent logic in the VTS tests
  (`ImportKeyTest.EcdsaSuccessCurveNotSpecified`).

The other two changes are:

- `keystore2_gen_key_auth_boot_loader_only_op_fail`: Drop this test, as
  it's the first/only place that exercises the optional
  `BOOTLOADER_ONLY` tag. (The KeyMint VTS tests would be the best place
  to exercise this for the first time.)
- `keystore2_ec_25519_generate_key_fail`: For now, skip the check that
  an Ed25519 key should reject use of any digest value other than `NONE`
  (on account of Ed25519 having its own internal digest). That behaviour
  isn't quite right, but which is not currently tested by the KeyMint
  VTS tests and so we can't require existing devices to be modified to
  pass the check.

Bug: 336695416
Test: keystore2_client_tests
Change-Id: I06e90c859f33d8b4125541a67709ec67e8898c60
 2024-05-01 18:16:46 +01:00
Android Build Coastguard Worker
3923437c0d Snap for 11784291 from c0cf308f1a to 24Q3-release 
Change-Id: I499b51b9d21889bf7b0f1601ca010b880a5ce85e
 2024-04-30 23:27:45 +00:00
Xin Li
c0cf308f1a [automerger skipped] Empty merge of Android 24Q2 Release (ab/11526283) to aosp-main-future am: e6defb965c -s ours 
am skip reason: Merged-In I619784b71c0a87574dc633d641aec91da1fc3475 with SHA-1 66cddfd4ba is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/27144772

Change-Id: Ibfe073e2c4abbfc683b15f49a137d3b357d21a89
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-29 23:13:01 +00:00
Xin Li
e6defb965c Empty merge of Android 24Q2 Release (ab/11526283) to aosp-main-future 
Bug: 337098550
Merged-In: I619784b71c0a87574dc633d641aec91da1fc3475
Change-Id: Ic602b2b32c98e650a405c15ce0454affe89adcf3
 2024-04-29 11:53:36 -07:00
Android Build Coastguard Worker
4d5cf7d383 Snap for 11717025 from a507b49ce3 to 24Q3-release 
Change-Id: Ie80c24fb61ec6de6313c009094ab6171aed886a9
 2024-04-15 23:26:28 +00:00
David Drysdale
a507b49ce3 Merge "Drop unused PerBootDbKeepAlive type" into main am: 98e175b6f8 am: a5ee446635 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3037727

Change-Id: Ic59d4aa63366033c2b7eaf21e58edf561ba1f438
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-15 06:09:50 +00:00
David Drysdale
a5ee446635 Merge "Drop unused PerBootDbKeepAlive type" into main am: 98e175b6f8 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/3037727

Change-Id: I90b4857dc4712c3b36873671b1a90c8177947a78
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-15 05:50:48 +00:00
David Drysdale
98e175b6f8 Merge "Drop unused PerBootDbKeepAlive type" into main 2024-04-15 05:35:59 +00:00