Remove direct access to the sealing CDI from the payload Change the API from offering the raw sealing CDI to offering VM instance secrets that happend to be derived from the sealing CDI. This makes it harder for the payload to leak its sealing CDI and losing the ability to have secrets in the VM. Bug: 243514248 Test: atest MicrodroidTests Test: atest ComposHostTestCases Change-Id: I0e72dabe7daca4d72a35788412d2ee19a3b446a5

commit: 102067a6462747e2132421286f1bc065d833b766 [log] [tgz]
author: Andrew Scull <ascull@google.com> Fri Oct 07 00:34:40 2022 +0000
committer: Andrew Scull <ascull@google.com> Sun Oct 09 10:10:16 2022 +0000
tree: 27f37a8a914f4cdb9a6d2da939a2a64e444f1d96
parent: 3b80c9b14bd28c06f675f583e8b12693d9063705 [diff] [blame]
diff --git a/microdroid/vm_payload/src/lib.rs b/microdroid/vm_payload/src/lib.rs
index e3da227..74dd8f4 100644
--- a/microdroid/vm_payload/src/lib.rs
+++ b/microdroid/vm_payload/src/lib.rs

@@ -17,6 +17,6 @@
 mod vm_service;
 
 pub use vm_service::{
-    get_dice_attestation_cdi, get_dice_attestation_chain, get_dice_sealing_cdi,
+    get_dice_attestation_cdi, get_dice_attestation_chain, get_vm_instance_secret,
     notify_payload_ready,
 };
commit	102067a6462747e2132421286f1bc065d833b766	[log] [tgz]
author	Andrew Scull <ascull@google.com>	Fri Oct 07 00:34:40 2022 +0000
committer	Andrew Scull <ascull@google.com>	Sun Oct 09 10:10:16 2022 +0000
tree	27f37a8a914f4cdb9a6d2da939a2a64e444f1d96
parent	3b80c9b14bd28c06f675f583e8b12693d9063705 [diff] [blame]