Merge "Note the relationship of patchlevels with keymint" am: 58686e5882 am: 0eaa396dc0 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2496162 Change-Id: I8c906d4722e3830beb900c892ba5a0890cd21675 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

commit: e68cc7b3e828c3da515403aeffc06e69474e9a85 [log] [tgz]
author: Seth Moore <sethmo@google.com> Mon Mar 20 18:46:29 2023 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Mon Mar 20 18:46:29 2023 +0000
tree: d3afdb25c74d229f40748512a0a24f65ef76d922
parent: c6a975ee1fd9cb5b50c56e1b8296a4924fe488cc [diff]
parent: 0eaa396dc0e8a01e16d0302de959f984bbe58460 [diff]
diff --git a/security/rkp/aidl/android/hardware/security/keymint/DeviceInfo.aidl b/security/rkp/aidl/android/hardware/security/keymint/DeviceInfo.aidl
index bd27882..8456148 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/DeviceInfo.aidl
+++ b/security/rkp/aidl/android/hardware/security/keymint/DeviceInfo.aidl

@@ -48,9 +48,9 @@
      *         ? "os_version" : tstr,                         ; Same as
      *                                                        ; android.os.Build.VERSION.release
      *                                                        ; Not optional for TEE.
-     *         "system_patch_level" : uint,                   ; YYYYMM
-     *         "boot_patch_level" : uint,                     ; YYYYMMDD
-     *         "vendor_patch_level" : uint,                   ; YYYYMMDD
+     *         "system_patch_level" : uint,     ; YYYYMM, must match KeyMint OS_PATCHLEVEL
+     *         "boot_patch_level" : uint,       ; YYYYMMDD, must match KeyMint BOOT_PATCHLEVEL
+     *         "vendor_patch_level" : uint,     ; YYYYMMDD, must match KeyMint VENDOR_PATCHLEVEL
      *         "security_level" : "tee" / "strongbox",
      *         "fused": 1 / 0,  ; 1 if secure boot is enforced for the processor that the IRPC
      *                          ; implementation is contained in. 0 otherwise.
@@ -71,9 +71,9 @@
      *         ? "os_version" : tstr,                         ; Same as
      *                                                        ; android.os.Build.VERSION.release
      *                                                        ; Not optional for TEE.
-     *         "system_patch_level" : uint,                   ; YYYYMM
-     *         "boot_patch_level" : uint,                     ; YYYYMMDD
-     *         "vendor_patch_level" : uint,                   ; YYYYMMDD
+     *         "system_patch_level" : uint,     ; YYYYMM, must match KeyMint OS_PATCHLEVEL
+     *         "boot_patch_level" : uint,       ; YYYYMMDD, must match KeyMint BOOT_PATCHLEVEL
+     *         "vendor_patch_level" : uint,     ; YYYYMMDD, must match KeyMint VENDOR_PATCHLEVEL
      *         "version" : 2,                                 ; The CDDL schema version.
      *         "security_level" : "tee" / "strongbox",
      *         "fused": 1 / 0,  ; 1 if secure boot is enforced for the processor that the IRPC
@@ -93,9 +93,9 @@
      *         ? "vbmeta_digest": bstr,                       ; Taken from the AVB values
      *         ? "os_version" : tstr,                         ; Same as
      *                                                        ; android.os.Build.VERSION.release
-     *         ? "system_patch_level" : uint,                 ; YYYYMM
-     *         ? "boot_patch_level" : uint,                   ; YYYYMMDD
-     *         ? "vendor_patch_level" : uint,                 ; YYYYMMDD
+     *         ? "system_patch_level" : uint,     ; YYYYMM, must match KeyMint OS_PATCHLEVEL
+     *         ? "boot_patch_level" : uint,       ; YYYYMMDD, must match KeyMint BOOT_PATCHLEVEL
+     *         ? "vendor_patch_level" : uint,     ; YYYYMMDD, must match KeyMint VENDOR_PATCHLEVEL
      *         "version" : 1,                                 ; The CDDL schema version.
      *         "security_level" : "tee" / "strongbox"
      *         "att_id_state": "locked" / "open",  ; Attestation IDs State. If "locked", this
commit	e68cc7b3e828c3da515403aeffc06e69474e9a85	[log] [tgz]
author	Seth Moore <sethmo@google.com>	Mon Mar 20 18:46:29 2023 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Mon Mar 20 18:46:29 2023 +0000
tree	d3afdb25c74d229f40748512a0a24f65ef76d922
parent	c6a975ee1fd9cb5b50c56e1b8296a4924fe488cc [diff]
parent	0eaa396dc0e8a01e16d0302de959f984bbe58460 [diff]