tequilaOS/platform_system_security
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
9159 commits 1 branch 0 tags 12 MiB
Commit graph

9159 commits

This branch
This branch
All branches
Author SHA1 Message Date
Rajesh Nyamagoud
9753c6fe55 Updated the logic to determine the VSR API level for device ID 
attestation tests.

The following order of precedence is used to determine the VSR API level:
1. If the `ro.vendor.api_level` property is present, then use it as the
   VSR API level.
2. Otherwise, determine the VSR API level with the following logic:
  - Get the vendor API level using the `ro.board.api_level` property if
    present; otherwise, use the `ro.board.first_api_level` property.
  - Get the product API level using the `ro.product.first_api_level`
    property if present; otherwise, use the `ro.build.version.sdk`
    property.
  - If it is unable to determine the vendor API level, then use the
    product API level as the VSR API level.
  - If both the vendor API level and product API level are available,
    then use the minimum of `vendor_api_level` and `product_api_level`
    as the VSR API level.
  - Otherwise, the vendor API level will be used as the VSR API level.

Bug: 326675646
Test: atest keystore2_client_tests
(cherry picked from https://android-review.googlesource.com/q/commit:3f6c8a250de737a3cc9571b047ff8a156c2b4754)
Merged-In: I3aa48d05f367fafab5151fa7eb6dd447840dae0d
Change-Id: I3aa48d05f367fafab5151fa7eb6dd447840dae0d
 2024-03-13 00:33:49 +00:00
Android Build Coastguard Worker
b5bc04e9da Merge cherrypicks of ['android-review.googlesource.com/2989155'] into 24Q2-release. 
Change-Id: I51085efe41968ae4288476049a33ee5f249b5e5e
 2024-03-07 20:57:19 +00:00
Rajesh Nyamagoud
3d77c55ce3 Added not_multi_abi configuration for keystore2_client_tests module. 
Changes made to avoid running keystore2_client_tests of armeabi-v7a
builds on arm64-v8a platforms.

Bug: 322112515
Test: run vts -m keystore2_client_tests
(cherry picked from https://android-review.googlesource.com/q/commit:a8cf68ef41c1f7949bb028db31e22b6cc621ac92)
Merged-In: Ic7205ecc80146cdd36b1a618c9c5cde114b98e71
Change-Id: Ic7205ecc80146cdd36b1a618c9c5cde114b98e71
 2024-03-07 20:51:04 +00:00
Android Build Coastguard Worker
ead0c22be1 Snap for 11517367 from 3ae9de9fe3 to 24Q2-release 
Change-Id: I5b386390814f94a7dd9c550986dbaf6bf7078497
 2024-03-01 00:24:31 +00:00
Shaquille Johnson
3ae9de9fe3 Merge "Change the log level from error to warn" into main am: a83982159f am: 972ca7c73e 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2972492

Change-Id: Ia7e0d8ddfc436a2ffca4d33cdb2ac1706f9aec52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 15:52:55 +00:00
Shaquille Johnson
972ca7c73e Merge "Change the log level from error to warn" into main am: a83982159f 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2972492

Change-Id: I8acbcfaf3c288167d4e02d15276c93ae3ef270c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 15:12:13 +00:00
Shaquille Johnson
a83982159f Merge "Change the log level from error to warn" into main 2024-02-29 14:26:44 +00:00
Treehugger Robot
85afec8c32 Merge "Fix style warnings for rustc 1.76.0" into main am: d25c50c909 am: 840a062c1f 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2983289

Change-Id: I42f921cbc44851904b422d3c42799438c05e802d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 02:26:52 +00:00
Treehugger Robot
840a062c1f Merge "Fix style warnings for rustc 1.76.0" into main am: d25c50c909 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2983289

Change-Id: I56a4c76b182c34152fdc7f83145c07b11dd23ac3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-29 01:44:48 +00:00
Treehugger Robot
d25c50c909 Merge "Fix style warnings for rustc 1.76.0" into main 2024-02-29 01:05:11 +00:00
James Farrell
efe1a2fb73 Fix style warnings for rustc 1.76.0 
Test: Built with test_compiler.py
Bug: 327204642
Change-Id: I95f8965cb1db564fb3c86b4529aa707d1b75fd78
 2024-02-28 21:53:07 +00:00
Shaquille Johnson
89106b8e6e Change the log level from error to warn 
This log is said to be ignored so it should not
be at the level of an error as that could confuse
people.

Test: N/A
Change-Id: I561fc8c16337de9d40714d87d3525f432f5afad7
 2024-02-28 20:43:17 +00:00
Android Build Coastguard Worker
4488d3d789 Snap for 11504324 from 92e62bcfbf to 24Q2-release 
Change-Id: Iad9222ab7c19618596359483bb640b6754b17d55
 2024-02-28 00:24:46 +00:00
Treehugger Robot
92e62bcfbf Merge "Grant SYS_NICE for odsign" into main am: 94646d7d19 am: 6163cfb24c 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2978554

Change-Id: I0b9175194058daf9bf91663ae5b32e212f5c0815
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-27 17:30:16 +00:00
Treehugger Robot
6163cfb24c Merge "Grant SYS_NICE for odsign" into main am: 94646d7d19 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2978554

Change-Id: I3a048996462d0cff6073b709d68a88d4b00c0c33
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-27 16:48:25 +00:00
Treehugger Robot
94646d7d19 Merge "Grant SYS_NICE for odsign" into main 2024-02-27 15:50:00 +00:00
David Dai
c8e0cac014 Grant SYS_NICE for odsign 
Grant sys_nice capabilities to odsign so that it can spawn
VMs with sys_nice enabled which is used by compos_verify.

Bug:326557850
Test: atest odsign_e2e_tests_full
Change-Id: I9f502b997123faf9bc5a8e04f416726ea8001e41
Signed-off-by: David Dai <davidai@google.com>
 2024-02-26 15:58:02 -08:00
Android Build Coastguard Worker
3e6321a1e4 Snap for 11479893 from 080aae8869 to 24Q2-release 
Change-Id: I50fb436607d5901f1eece96bed953ed151d7aebd
 2024-02-22 00:25:06 +00:00
Ronish Kalia
080aae8869 Merge "Migrate Test Targets to New Android Ownership Model" into main am: cbae97c988 am: 0bd02381ce 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2945375

Change-Id: I4dcc759b514bc1d626b35c065e4451c1a37dfa94
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-21 11:37:18 +00:00
Ronish Kalia
0bd02381ce Merge "Migrate Test Targets to New Android Ownership Model" into main am: cbae97c988 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2945375

Change-Id: I36c59bd1f847852537f4f0b59400e02c41e53d2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-21 10:57:22 +00:00
Ronish Kalia
cbae97c988 Merge "Migrate Test Targets to New Android Ownership Model" into main 2024-02-21 10:22:33 +00:00
Android Build Coastguard Worker
ed88c565fe Snap for 11473031 from 962427d5e5 to 24Q2-release 
Change-Id: Ica961e9bf83ad937ce4e7505212c1ab5bbad083c
 2024-02-21 00:24:58 +00:00
Treehugger Robot
962427d5e5 Merge "Fixes for the issues found while running Keystore2 client tests on a device with keymaster implementation." into main am: 3dfac14787 am: 4a45b25beb 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942748

Change-Id: I0c8d292d1fc1a73fb97f1e1699aeab4334e298b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-20 14:34:19 +00:00
Treehugger Robot
4a45b25beb Merge "Fixes for the issues found while running Keystore2 client tests on a device with keymaster implementation." into main am: 3dfac14787 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942748

Change-Id: I2f6ff524e35991966684d63696b860593eed46f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-20 13:53:51 +00:00
Treehugger Robot
3dfac14787 Merge "Fixes for the issues found while running Keystore2 client tests on a device with keymaster implementation." into main 2024-02-20 13:16:46 +00:00
Rajesh Nyamagoud
7620921a7f Fixes for the issues found while running Keystore2 client tests on a 
device with keymaster implementation.

- Ignore INVALID tag in generated key characteristics if keymaster
  implementation is present.
- RSA_OAEP_MGF_DIGEST, ATTEST_KEY, USAGE_COUNT_LIMIT are not expected in
  generated key characteristics if keymaster implementation is present.
- Corrected device attest ids names.
- Skip device id attestation on device with GSI image and device
  first_api_level is less than 34.
- When the DEVICE_UNIQUE_ATTESTATION tag is used in key generation,
  root certificate signature verification is ignored during cert-chain
  verification.

Bug: 322118247
Test: atest keystore2_client_tests
Change-Id: I42d339a7797114d9139c64bc4d397889b965cb48
 2024-02-19 20:24:47 +00:00
Android Build Coastguard Worker
6c02873d0d Snap for 11466562 from ca3ec2b58b to 24Q2-release 
Change-Id: If57335ee7a4739962ef4331b106407b3a0d28ac0
 2024-02-18 22:24:32 +00:00
Shaquille Johnson
ca3ec2b58b Merge "Update typo and add blob id to log" into main am: ea9fe60bf5 am: c81370b5cc 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2960905

Change-Id: Iaf761d2358f7108239dc8bb0cf91ecbc6772072d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-17 21:00:28 +00:00
Shaquille Johnson
c81370b5cc Merge "Update typo and add blob id to log" into main am: ea9fe60bf5 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2960905

Change-Id: I017b7d478829aa746655f55a45db899616571f97
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-17 20:17:17 +00:00
Shaquille Johnson
ea9fe60bf5 Merge "Update typo and add blob id to log" into main 2024-02-17 19:35:20 +00:00
Android Build Coastguard Worker
f51eaec37d Snap for 11449429 from 7d36b7ab86 to 24Q2-release 
Change-Id: I16b21ecc80128f28a1fcf47ae515c3a62087b928
 2024-02-15 00:24:29 +00:00
Treehugger Robot
7d36b7ab86 Merge "Prefer .first() to .get(0)" into main am: b4e19af8c7 am: 1ce40098c8 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2956141

Change-Id: I36ca2098e630dc45401e3d38802f7f044def54d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-13 23:04:14 +00:00
Treehugger Robot
1ce40098c8 Merge "Prefer .first() to .get(0)" into main am: b4e19af8c7 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2956141

Change-Id: I52d1d4cef2f2b5db1badd22b479107ab29dcbff7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-13 22:22:52 +00:00
Treehugger Robot
b4e19af8c7 Merge "Prefer .first() to .get(0)" into main 2024-02-13 21:41:07 +00:00
Shaquille Johnson
f23fc9489b Update typo and add blob id to log 
The logs were missing a word and also this will
add the blob id into the logs when a query fails
to delete the blob.

Test: atest keystore2_test
Change-Id: Ieff6e9266837744d16633c93df0b6da27871eca7
 2024-02-13 17:01:29 +00:00
Aditya Choudhary
d987e9b327 Migrate Test Targets to New Android Ownership Model 
This CL is created as a best effort to migrate test targets to the new Android ownership model.
It is based on historical data from repository history and insights from git blame.
Given the nature of this effort, there may be instances of incorrect attribution. If you find incorrect or unnecessary
attribution in this CL, please create a new CL to fix that.

For detailed guidelines and further information on the migration please refer to the link below,
go/new-android-ownership-model

Bug: 304529413
Test: N/A
Change-Id: Ia06fe7f4d0518d03cebf52d34ca9b1434011d272
 2024-02-13 00:24:32 +00:00
Stephen Hines
4d23482d7e Prefer .first() to .get(0) 
```
error: accessing first element with `key_descriptors.get(0)`
   -->
system/security/keystore2/tests/keystore2_client_list_entries_tests.rs:143:27
    |
143 |                 let key = key_descriptors.get(0).unwrap();
    |                           ^^^^^^^^^^^^^^^^^^^^^^ help: try:
`key_descriptors.first()`
    |
    = help: for further information visit
https://rust-lang.github.io/rust-clippy/master/index.html#get_first
    = note: `-D clippy::get-first` implied by `-D warnings`
    = help: to override `-D warnings` add `#[allow(clippy::get_first)]`
```

Bug: http://b/321303117
Test: toolchain/android_rust/test_compiler.py --prebuilt-path dist/rust-dev.tar.xz --target aosp_cf_x86_64_phone --all-rust
Change-Id: Ic278ca9ec8fc48e779741f43b1fd53702b54396f
 2024-02-09 15:39:25 -08:00
Android Build Coastguard Worker
b435fecc31 Snap for 11426397 from 768c7e230d to 24Q2-release 
Change-Id: I0ccd9e01cdbcd0d71ae24ca586bdfc0315e29f02
 2024-02-09 00:24:25 +00:00
Android Build Coastguard Worker
2af5b4c1c2 Snap for 11420186 from b6486ef636 to 24Q2-release 
Change-Id: Ibb25ceed042e0c0ae21ec2fcfd358fb2a676ec6d
 2024-02-08 00:25:32 +00:00
Eric Biggers
768c7e230d Merge "keystore2: rename MonotonicRawTime to BootTime" into main am: 3d4f5457af am: 56910d0a4d 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2940163

Change-Id: Ia0e4841640f8200170d7afba9bdfc41469ee8e5c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-07 21:42:27 +00:00
Eric Biggers
56910d0a4d Merge "keystore2: rename MonotonicRawTime to BootTime" into main am: 3d4f5457af 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2940163

Change-Id: I53489025aa43e2463fa61892e48dc2bb8c1858bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-07 21:01:39 +00:00
Eric Biggers
3d4f5457af Merge "keystore2: rename MonotonicRawTime to BootTime" into main 2024-02-07 20:22:55 +00:00
Treehugger Robot
b6486ef636 Merge "Replace use of deprecated logging functions" into main am: 5b9f6b70d2 am: eb58a7f2a0 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2952890

Change-Id: I3a7ae5af2bf905c3cc1e0b9ba69705b4b499509c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-07 17:29:14 +00:00
Treehugger Robot
eb58a7f2a0 Merge "Replace use of deprecated logging functions" into main am: 5b9f6b70d2 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2952890

Change-Id: Idf0918f9b8830a9d6c9a0e18fd8a7c635f8fab85
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-07 16:47:42 +00:00
Treehugger Robot
5b9f6b70d2 Merge "Replace use of deprecated logging functions" into main 2024-02-07 16:13:24 +00:00
Jeff Vander Stoep
153d1aaff4 Replace use of deprecated logging functions 
This is needed to upgrade the android_logger crate from 0.12.0
to 0.13.3.

with_max_level provides the same functionality as with_min_level.
The renaming is admittedly confusing, but the new name is accurate
and it makes sense that they deprecated and then removed the
previously poorly named with_min_level.

See crate documentation [1] and code [2].

[1]: https://docs.rs/android_logger/0.12.0/android_logger/struct.Config.html#method.with_min_level
[2]: https://docs.rs/android_logger/0.12.0/src/android_logger/lib.rs.html#227

Bug: 322718401
Test: build and run CF with the change.
Test: m aosp_cf_x86_64_phone
Change-Id: Ibd13989ffe52a93191dd2d5a1b8f5a651eecd91d
 2024-02-07 14:33:36 +01:00
Android Build Coastguard Worker
904263768e Snap for 11413328 from aeb4fce536 to 24Q2-release 
Change-Id: Ic46193f1827b7afa9fd1691aa04ee47fb3e65cf6
 2024-02-07 00:24:39 +00:00
Eran Messeri
aeb4fce536 Merge "Correcting permission check for App UIDs listing" into main am: b7e5421688 am: c7f9449a28 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2953647

Change-Id: I84fd23954f688720352d3c4883f76dc3929aa0f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-06 18:07:41 +00:00
Eran Messeri
c7f9449a28 Merge "Correcting permission check for App UIDs listing" into main am: b7e5421688 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2953647

Change-Id: I1e326e350db8fe3872d9cb69de9166ce9bbc767c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-02-06 17:21:34 +00:00
Eran Messeri
b7e5421688 Merge "Correcting permission check for App UIDs listing" into main 2024-02-06 16:40:03 +00:00