Merge "Add Attestation IDs State to DeviceInfo" into sc-dev am: e35b1427e6 am: a62785d479

Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/15098340

Change-Id: Ia5db9c283c658e25083c970d4db97473faf6735a
diff --git a/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
index 32d69cd..b0761bf 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
@@ -44,6 +44,12 @@
      *         ? "vendor_patch_level" : uint,                   // YYYYMMDD
      *         "version" : 1,                      // The CDDL schema version.
      *         "security_level" : "tee" / "strongbox"
+     *         "att_id_state": "locked" / "open",  // Attestation IDs State. If "locked", this
+     *                                             // indicates a device's attestable IDs are
+     *                                             // factory-locked and immutable. If "open",
+     *                                             // this indicates the device is still in a
+     *                                             // provisionable state and the attestable IDs
+     *                                             // are not yet frozen.
      *     }
      */
     byte[] deviceInfo;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
index 31dbb28..24cdbc1 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
@@ -158,20 +158,7 @@
      *         payload: bstr .cbor BccPayload
      *     ]
      *
-     *     VerifiedDeviceInfo = {
-     *         ? "brand" : tstr,
-     *         ? "manufacturer" : tstr,
-     *         ? "product" : tstr,
-     *         ? "model" : tstr,
-     *         ? "board" : tstr,
-     *         ? "device" : tstr,
-     *         ? "vb_state" : "green" / "yellow" / "orange",
-     *         ? "bootloader_state" : "locked" / "unlocked",
-     *         ? "os_version" : tstr,
-     *         ? "system_patch_level" : uint,        // YYYYMMDD
-     *         ? "boot_patch_level" : uint,          // YYYYMMDD
-     *         ? "vendor_patch_level" : uint,        // YYYYMMDD
-     *     }
+     *     VerifiedDeviceInfo = DeviceInfo  // See DeviceInfo.aidl
      *
      *     PubKeyX25519 = {                 // COSE_Key
      *          1 : 1,                      // Key type : Octet Key Pair