VM: Introduce writePayloadRpData/readPayloadRpData VM payload require an api to allow storing n bytes' data with confidentialty & tamper evidence integrity guarantees. Microdroid Manager implements this using the vm_secret module, which uses the payload's DICE chain to store/get secret from Secretkeeper. Additionally introduce a test that uses these api. Test: #rollbackProtectedDataOfPayload Bug: 378911776 Change-Id: Id39f5c6c626531029bf33ef5d28dc237881e40e6

commit: 0c3a2fa57a7b2ef98ebbeb354e98acb2a89d30e4 [log] [tgz]
author: Shikha Panwar <shikhapanwar@google.com> Fri Dec 06 18:38:06 2024 +0000
committer: Shikha Panwar <shikhapanwar@google.com> Wed Jan 08 11:17:47 2025 +0000
tree: 078849ad0a7dfcf2d16fd1a1dcf79fbb8330d96a
parent: 4d74fc0aee7610c6e5c902545f0e61ec97b35bc6 [diff] [blame]
diff --git a/libs/libvm_payload/libvm_payload.map.txt b/libs/libvm_payload/libvm_payload.map.txt
index 3daad00..0c6b56d 100644
--- a/libs/libvm_payload/libvm_payload.map.txt
+++ b/libs/libvm_payload/libvm_payload.map.txt

@@ -15,6 +15,8 @@
     AVmAttestationStatus_toString;       # systemapi introduced=VanillaIceCream
     AVmAttestationResult_getCertificateCount; # systemapi introduced=VanillaIceCream
     AVmAttestationResult_getCertificateAt; # systemapi introduced=VanillaIceCream
+    AVmPayload_writeRollbackProtectedSecret; # systemapi introduced=36
+    AVmPayload_readRollbackProtectedSecret; # systemapi introduced=36
   local:
     *;
 };
commit	0c3a2fa57a7b2ef98ebbeb354e98acb2a89d30e4	[log] [tgz]
author	Shikha Panwar <shikhapanwar@google.com>	Fri Dec 06 18:38:06 2024 +0000
committer	Shikha Panwar <shikhapanwar@google.com>	Wed Jan 08 11:17:47 2025 +0000
tree	078849ad0a7dfcf2d16fd1a1dcf79fbb8330d96a
parent	4d74fc0aee7610c6e5c902545f0e61ec97b35bc6 [diff] [blame]