Add new CertificateType for the RKP VM
The RKP VM is part of the Android Virtualization Framework. It will be
uniquely authenticated by the RKP server, and therefore needs its own
certificate type.
Bug: 300624493
Change-Id: Ice586ad85ae43235dd80a5d220603e7394c1c49b
diff --git a/security/rkp/README.md b/security/rkp/README.md
index 15ea817..71f70cb 100644
--- a/security/rkp/README.md
+++ b/security/rkp/README.md
@@ -190,3 +190,30 @@
* [RpcHardwareInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl)
* [DeviceInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/DeviceInfo.aidl)
+### Support for Android Virtualization Framework
+
+The Android Virtualization Framwork (AVF) relies on RKP to provision keys for VMs. A
+privileged vm, the RKP VM, is reponsible for generating and managing the keys for client
+VMs that run virtualized workloads. See the following for more background information on the
+RKP VM:
+* [rkp-vm]: https://android.googlesource.com/platform/packages/modules/Virtualization/+/main/service_vm/README.md#rkp-vm-remote-key-provisioning-virtual-machine
+* [rkp-service]: https://source.android.com/docs/core/ota/modular-system/remote-key-provisioning#stack-architecture
+
+It is important to distinquish the RKP VM from other components, such as KeyMint. An
+[RKP VM marker](https://pigweed.googlesource.com/open-dice/+/HEAD/docs/android.md#configuration-descriptor)
+(key `-70006) is used for this purpose. The existence or absence of this marker is used to
+identify the type of component decribed by a given DICE chain.
+
+The following describes which certificate types may be request based on the RKP VM marker:
+1. "rkp-vm": If a DICE chain has zero or more certificates without the RKP VM
+ marker followed by one or more certificates with the marker, then that chain
+ describes an RKP VM. If there are further certificates without the RKP VM
+ marker, then the chain does not describe an RKP VM.
+
+ Implementations must include the first RPK VM marker as early as possible
+ after the point of divergence between TEE and non-TEE components in the DICE
+ chain, prior to loading the Android Bootloader (ABL).
+2. "widevine" or "keymint": If there are no certificates with the RKP VM
+ marker then it describes a TEE component.
+3. None: Any component described by a DICE chain that does not match the above
+ two categories.
\ No newline at end of file
diff --git a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
index 61404d4..3c43238 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
+++ b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
@@ -14,8 +14,9 @@
; be extended without requiring a version bump of the HAL. Custom certificate types may
; be used, but the provisioning server may reject the request for an unknown certificate
; type. The currently defined certificate types are:
-; - "widevine"
-; - "keymint"
+; * "widevine" -- Widevine content protection system
+; * "keymint" -- KeyMint HAL
+; * "rkp-vm" -- See "Support for Android Virtualization Framework" in the README.md file.
CertificateType = tstr
KeysToSign = [ * PublicKey ] ; Please see PublicKey.cddl for the PublicKey definition.
@@ -112,6 +113,7 @@
? -70003 : int / tstr, ; Component version
? -70004 : null, ; Resettable
? -70005 : uint, ; Security version
+ ? -70006 : null, ; RKP VM marker
}
; Each entry in the DICE chain is a DiceChainEntryPayload signed by the key from the previous