tequilaOS/platform_system_security
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
9338 commits 1 branch 0 tags 12 MiB
Commit graph

9338 commits

This branch
This branch
All branches
Author SHA1 Message Date
Android Build Coastguard Worker
9553099297 Merge cherrypicks of ['android-review.googlesource.com/2977823'] into 24Q2-release. 
Change-Id: I760516eba72ea9e90eb6a9409258241fc4c1027c
 2024-03-13 00:40:44 +00:00
Rajesh Nyamagoud
9753c6fe55 Updated the logic to determine the VSR API level for device ID 
attestation tests.

The following order of precedence is used to determine the VSR API level:
1. If the `ro.vendor.api_level` property is present, then use it as the
   VSR API level.
2. Otherwise, determine the VSR API level with the following logic:
  - Get the vendor API level using the `ro.board.api_level` property if
    present; otherwise, use the `ro.board.first_api_level` property.
  - Get the product API level using the `ro.product.first_api_level`
    property if present; otherwise, use the `ro.build.version.sdk`
    property.
  - If it is unable to determine the vendor API level, then use the
    product API level as the VSR API level.
  - If both the vendor API level and product API level are available,
    then use the minimum of `vendor_api_level` and `product_api_level`
    as the VSR API level.
  - Otherwise, the vendor API level will be used as the VSR API level.

Bug: 326675646
Test: atest keystore2_client_tests
(cherry picked from https://android-review.googlesource.com/q/commit:3f6c8a250de737a3cc9571b047ff8a156c2b4754)
Merged-In: I3aa48d05f367fafab5151fa7eb6dd447840dae0d
Change-Id: I3aa48d05f367fafab5151fa7eb6dd447840dae0d
 2024-03-13 00:33:49 +00:00
Android Build Coastguard Worker
2f57a862d6 Snap for 11551442 from 3e426b7fdd to 24Q3-release 
Change-Id: Ic3a1b179217a4f3d449225a096601f97cd17f47c
 2024-03-09 02:24:36 +00:00
Markus Vill
3e426b7fdd Merge "Migrate structured logging for audit logging to the Rust macro." into main am: e2ce4fd642 am: f164d5cfc3 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2939900

Change-Id: I89552feff3130b1b38421cb1c6d4d3c8c7098201
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-08 09:46:39 +00:00
Markus Vill
f164d5cfc3 Merge "Migrate structured logging for audit logging to the Rust macro." into main am: e2ce4fd642 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2939900

Change-Id: I9d04a8eebe288efe3e4cf0f4bb5772b9fa089f3e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-08 09:02:06 +00:00
Markus Vill
e2ce4fd642 Merge "Migrate structured logging for audit logging to the Rust macro." into main 2024-03-08 08:18:26 +00:00
Android Build Coastguard Worker
b5bc04e9da Merge cherrypicks of ['android-review.googlesource.com/2989155'] into 24Q2-release. 
Change-Id: I51085efe41968ae4288476049a33ee5f249b5e5e
 2024-03-07 20:57:19 +00:00
Rajesh Nyamagoud
3d77c55ce3 Added not_multi_abi configuration for keystore2_client_tests module. 
Changes made to avoid running keystore2_client_tests of armeabi-v7a
builds on arm64-v8a platforms.

Bug: 322112515
Test: run vts -m keystore2_client_tests
(cherry picked from https://android-review.googlesource.com/q/commit:a8cf68ef41c1f7949bb028db31e22b6cc621ac92)
Merged-In: Ic7205ecc80146cdd36b1a618c9c5cde114b98e71
Change-Id: Ic7205ecc80146cdd36b1a618c9c5cde114b98e71
 2024-03-07 20:51:04 +00:00
Markus Vill
fdf431762f Migrate structured logging for audit logging to the Rust macro. 
This uses the new macro for structured logging that simplifies the usage
of structured logging.

Bug: 290589708

Test: Run keystore client and checked the log
Change-Id: I4d941d8b03c09d0541cf1159c38f4eba60e07292
 2024-03-07 16:56:22 +00:00
Android Build Coastguard Worker
7760ebaea0 Snap for 11540345 from f2843b6095 to 24Q3-release 
Change-Id: I8fa3e76eeb1899f2550d544260f66886829525ff
 2024-03-07 02:13:56 +00:00
Treehugger Robot
f2843b6095 Merge "Added not_multi_abi configuration for keystore2_client_tests module." into main am: 90eadc655f am: e4cc28c5b3 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2989155

Change-Id: Iaf2e81b7a7cfe28ffedd516f2dbf841311f9a6df
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 22:28:26 +00:00
Treehugger Robot
e4cc28c5b3 Merge "Added not_multi_abi configuration for keystore2_client_tests module." into main am: 90eadc655f 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2989155

Change-Id: I5f259f44a3c9b4c10e59e836299c0885eabc8933
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 21:18:39 +00:00
Treehugger Robot
90eadc655f Merge "Added not_multi_abi configuration for keystore2_client_tests module." into main 2024-03-06 20:37:33 +00:00
Shaquille Johnson
d22b93603e Merge "Update authorization log to be more clear" into main am: b484dc1ce5 am: 0c15221bf4 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2982595

Change-Id: I66ee66e3cf5c687d64034ac38f06cce36e8fda58
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 16:02:33 +00:00
Shaquille Johnson
e31e5a2f8d Merge "Update globals to log security levels on fail" into main am: dae62efa2c am: fc14547a89 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2983611

Change-Id: Ia85dee7be61250d15d048b472da98efe2a9e5f19
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 16:02:09 +00:00
Shaquille Johnson
0c15221bf4 Merge "Update authorization log to be more clear" into main am: b484dc1ce5 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2982595

Change-Id: Ic24ce4afdcadf9dd4ae91c375a117e1edaae13a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 15:21:01 +00:00
Shaquille Johnson
fc14547a89 Merge "Update globals to log security levels on fail" into main am: dae62efa2c 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2983611

Change-Id: I6e18941c1de762e6330188e57bf2ef9d9582656e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 15:20:29 +00:00
Shaquille Johnson
b484dc1ce5 Merge "Update authorization log to be more clear" into main 2024-03-06 14:42:56 +00:00
Shaquille Johnson
dae62efa2c Merge "Update globals to log security levels on fail" into main 2024-03-06 14:40:26 +00:00
Eran Messeri
a51b7cdb47 Merge "Updated the logic to determine the VSR API level for device ID attestation tests." into main am: 15a04c4d1f am: bcefcf2a13 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2977823

Change-Id: I67201f726dfd8d33f13bf11529cf7058f3fe6a87
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 13:28:07 +00:00
Eran Messeri
bcefcf2a13 Merge "Updated the logic to determine the VSR API level for device ID attestation tests." into main am: 15a04c4d1f 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2977823

Change-Id: I557f7153dbc015e054455c2b93be624247230860
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-06 12:47:06 +00:00
Eran Messeri
15a04c4d1f Merge "Updated the logic to determine the VSR API level for device ID attestation tests." into main 2024-03-06 11:54:17 +00:00
Rajesh Nyamagoud
a8cf68ef41 Added not_multi_abi configuration for keystore2_client_tests module. 
Changes made to avoid running keystore2_client_tests of armeabi-v7a
builds on arm64-v8a platforms.

Bug: 322112515
Test: run vts -m keystore2_client_tests
Change-Id: Ic7205ecc80146cdd36b1a618c9c5cde114b98e71
 2024-03-05 18:37:12 +00:00
Shaquille Johnson
a4d10dbee0 Update authorization log to be more clear 
Based on examinations in go/keystore-error-logs-overhaul
we want to update the logs to allow keystore errors
to be properly routed.

Test: atest keystore2_test
Change-Id: I704ca5bdeaf32acdd6a619ca778b04b3df72bcfd
 2024-03-05 12:39:58 +00:00
Android Build Coastguard Worker
6362a215a4 Snap for 11517216 from 3ae9de9fe3 to 24Q3-release 
Change-Id: Ica8eba5b665d0082354bab41c2b7c7f023c8b215
 2024-03-01 00:24:51 +00:00
Android Build Coastguard Worker
ead0c22be1 Snap for 11517367 from 3ae9de9fe3 to 24Q2-release 
Change-Id: I5b386390814f94a7dd9c550986dbaf6bf7078497
 2024-03-01 00:24:31 +00:00
Rajesh Nyamagoud
3f6c8a250d Updated the logic to determine the VSR API level for device ID 
attestation tests.

The following order of precedence is used to determine the VSR API level:
1. If the `ro.vendor.api_level` property is present, then use it as the
   VSR API level.
2. Otherwise, determine the VSR API level with the following logic:
  - Get the vendor API level using the `ro.board.api_level` property if
    present; otherwise, use the `ro.board.first_api_level` property.
  - Get the product API level using the `ro.product.first_api_level`
    property if present; otherwise, use the `ro.build.version.sdk`
    property.
  - If it is unable to determine the vendor API level, then use the
    product API level as the VSR API level.
  - If both the vendor API level and product API level are available,
    then use the minimum of `vendor_api_level` and `product_api_level`
    as the VSR API level.
  - Otherwise, the vendor API level will be used as the VSR API level.

Bug: 326675646
Test: atest keystore2_client_tests
Change-Id: I3aa48d05f367fafab5151fa7eb6dd447840dae0d
 2024-02-29 19:02:11 +00:00
Shaquille Johnson
3ae9de9fe3 Merge "Change the log level from error to warn" into main am: a83982159f am: 972ca7c73e 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2972492

Change-Id: Ia7e0d8ddfc436a2ffca4d33cdb2ac1706f9aec52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 15:52:55 +00:00
Shaquille Johnson
972ca7c73e Merge "Change the log level from error to warn" into main am: a83982159f 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2972492

Change-Id: I8acbcfaf3c288167d4e02d15276c93ae3ef270c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 15:12:13 +00:00
Shaquille Johnson
a83982159f Merge "Change the log level from error to warn" into main 2024-02-29 14:26:44 +00:00
Treehugger Robot
85afec8c32 Merge "Fix style warnings for rustc 1.76.0" into main am: d25c50c909 am: 840a062c1f 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2983289

Change-Id: I42f921cbc44851904b422d3c42799438c05e802d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 02:26:52 +00:00
Treehugger Robot
840a062c1f Merge "Fix style warnings for rustc 1.76.0" into main am: d25c50c909 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2983289

Change-Id: I56a4c76b182c34152fdc7f83145c07b11dd23ac3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 01:44:48 +00:00
Treehugger Robot
d25c50c909 Merge "Fix style warnings for rustc 1.76.0" into main 2024-02-29 01:05:11 +00:00
Shaquille Johnson
69c92a092e Update globals to log security levels on fail 
Per go/keystore-error-logs-overhaul we are updating
the logs in keystore to be more clear. This adds
logging around the security level when the Hardware
type error is sent to the caller.

Test: atest keystore2_test
Change-Id: I7d41f02832a02976b3e1b6535ba0df5ed3863e53
 2024-02-28 22:14:05 +00:00
James Farrell
efe1a2fb73 Fix style warnings for rustc 1.76.0 
Test: Built with test_compiler.py
Bug: 327204642
Change-Id: I95f8965cb1db564fb3c86b4529aa707d1b75fd78
 2024-02-28 21:53:07 +00:00
Shaquille Johnson
89106b8e6e Change the log level from error to warn 
This log is said to be ignored so it should not
be at the level of an error as that could confuse
people.

Test: N/A
Change-Id: I561fc8c16337de9d40714d87d3525f432f5afad7
 2024-02-28 20:43:17 +00:00
Android Build Coastguard Worker
913e1a4b44 Snap for 11504269 from 92e62bcfbf to 24Q3-release 
Change-Id: I611f6f39f3a7a6c9b9be9542a40e42223c0e247e
 2024-02-28 00:25:18 +00:00
Android Build Coastguard Worker
4488d3d789 Snap for 11504324 from 92e62bcfbf to 24Q2-release 
Change-Id: Iad9222ab7c19618596359483bb640b6754b17d55
 2024-02-28 00:24:46 +00:00
Treehugger Robot
92e62bcfbf Merge "Grant SYS_NICE for odsign" into main am: 94646d7d19 am: 6163cfb24c 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2978554

Change-Id: I0b9175194058daf9bf91663ae5b32e212f5c0815
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-27 17:30:16 +00:00
Treehugger Robot
6163cfb24c Merge "Grant SYS_NICE for odsign" into main am: 94646d7d19 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2978554

Change-Id: I3a048996462d0cff6073b709d68a88d4b00c0c33
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-27 16:48:25 +00:00
Treehugger Robot
94646d7d19 Merge "Grant SYS_NICE for odsign" into main 2024-02-27 15:50:00 +00:00
David Dai
c8e0cac014 Grant SYS_NICE for odsign 
Grant sys_nice capabilities to odsign so that it can spawn
VMs with sys_nice enabled which is used by compos_verify.

Bug:326557850
Test: atest odsign_e2e_tests_full
Change-Id: I9f502b997123faf9bc5a8e04f416726ea8001e41
Signed-off-by: David Dai <davidai@google.com>
 2024-02-26 15:58:02 -08:00
Android Build Coastguard Worker
3176545a69 Snap for 11479750 from 080aae8869 to 24Q3-release 
Change-Id: Iac40056c9512633883ccc3b5dd6220da12dfc622
 2024-02-22 00:25:18 +00:00
Android Build Coastguard Worker
3e6321a1e4 Snap for 11479893 from 080aae8869 to 24Q2-release 
Change-Id: I50fb436607d5901f1eece96bed953ed151d7aebd
 2024-02-22 00:25:06 +00:00
Ronish Kalia
080aae8869 Merge "Migrate Test Targets to New Android Ownership Model" into main am: cbae97c988 am: 0bd02381ce 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2945375

Change-Id: I4dcc759b514bc1d626b35c065e4451c1a37dfa94
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-21 11:37:18 +00:00
Ronish Kalia
0bd02381ce Merge "Migrate Test Targets to New Android Ownership Model" into main am: cbae97c988 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2945375

Change-Id: I36c59bd1f847852537f4f0b59400e02c41e53d2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-21 10:57:22 +00:00
Ronish Kalia
cbae97c988 Merge "Migrate Test Targets to New Android Ownership Model" into main 2024-02-21 10:22:33 +00:00
Android Build Coastguard Worker
70d9e540cc Snap for 11472972 from 962427d5e5 to 24Q3-release 
Change-Id: Ibddb9b35d1d31968c6402127b9dced662ac56021
 2024-02-21 00:25:32 +00:00
Android Build Coastguard Worker
ed88c565fe Snap for 11473031 from 962427d5e5 to 24Q2-release 
Change-Id: Ica961e9bf83ad937ce4e7505212c1ab5bbad083c
 2024-02-21 00:24:58 +00:00
Treehugger Robot
962427d5e5 Merge "Fixes for the issues found while running Keystore2 client tests on a device with keymaster implementation." into main am: 3dfac14787 am: 4a45b25beb 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942748

Change-Id: I0c8d292d1fc1a73fb97f1e1699aeab4334e298b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-20 14:34:19 +00:00