Merge "build/debian: Several improvements to build scripts" into main
diff --git a/android/virtmgr/src/aidl.rs b/android/virtmgr/src/aidl.rs
index c2f7663..0f81f3d 100644
--- a/android/virtmgr/src/aidl.rs
+++ b/android/virtmgr/src/aidl.rs
@@ -53,6 +53,7 @@
};
use android_hardware_security_secretkeeper::aidl::android::hardware::security::secretkeeper::ISecretkeeper::{BnSecretkeeper, ISecretkeeper};
use android_hardware_security_secretkeeper::aidl::android::hardware::security::secretkeeper::SecretId::SecretId;
+use android_hardware_security_secretkeeper::aidl::android::hardware::security::secretkeeper::PublicKey::PublicKey;
use android_hardware_security_authgraph::aidl::android::hardware::security::authgraph::{
Arc::Arc as AuthgraphArc, IAuthGraphKeyExchange::IAuthGraphKeyExchange,
IAuthGraphKeyExchange::BnAuthGraphKeyExchange, Identity::Identity, KeInitResult::KeInitResult,
@@ -888,16 +889,33 @@
.context("Failed to extract vendor hashtree digest")
.or_service_specific_exception(-1)?;
- let trusted_props = if let Some(ref vendor_hashtree_digest) = vendor_hashtree_digest {
+ let vendor_hashtree_digest = if let Some(ref vendor_hashtree_digest) = vendor_hashtree_digest {
info!(
"Passing vendor hashtree digest to pvmfw. This will be rejected if it doesn't \
match the trusted digest in the pvmfw config, causing the VM to fail to start."
);
- vec![(cstr!("vendor_hashtree_descriptor_root_digest"), vendor_hashtree_digest.as_slice())]
+ Some((cstr!("vendor_hashtree_descriptor_root_digest"), vendor_hashtree_digest.as_slice()))
} else {
- vec![]
+ None
};
+ let key_material;
+ let secretkeeper_public_key = if is_secretkeeper_supported() {
+ let sk: Strong<dyn ISecretkeeper> = binder::wait_for_interface(SECRETKEEPER_IDENTIFIER)?;
+ if sk.getInterfaceVersion()? >= 2 {
+ let PublicKey { keyMaterial } = sk.getSecretkeeperIdentity()?;
+ key_material = keyMaterial;
+ Some((cstr!("secretkeeper_public_key"), key_material.as_slice()))
+ } else {
+ None
+ }
+ } else {
+ None
+ };
+
+ let trusted_props: Vec<(&CStr, &[u8])> =
+ vec![vendor_hashtree_digest, secretkeeper_public_key].into_iter().flatten().collect();
+
let instance_id;
let mut untrusted_props = Vec::with_capacity(2);
if cfg!(llpvm_changes) {
@@ -2042,6 +2060,14 @@
fn deleteAll(&self) -> binder::Result<()> {
self.0.deleteAll()
}
+
+ fn getSecretkeeperIdentity(&self) -> binder::Result<PublicKey> {
+ // SecretkeeperProxy is really a RPC binder service for PVM (It is called by
+ // MicrodroidManager). PVMs do not & must not (for security reason) rely on
+ // getSecretKeeperIdentity, so we throw an exception if someone attempts to
+ // use this API from the proxy.
+ Err(ExceptionCode::SECURITY.into())
+ }
}
struct AuthGraphKeyExchangeProxy(Strong<dyn IAuthGraphKeyExchange>);
diff --git a/android/virtualizationservice/aidl/Android.bp b/android/virtualizationservice/aidl/Android.bp
index 79a9d40..db7be71 100644
--- a/android/virtualizationservice/aidl/Android.bp
+++ b/android/virtualizationservice/aidl/Android.bp
@@ -111,7 +111,7 @@
name: "android.system.virtualmachineservice",
srcs: ["android/system/virtualmachineservice/**/*.aidl"],
imports: [
- "android.hardware.security.secretkeeper-V1",
+ "android.hardware.security.secretkeeper-V2",
"android.system.virtualizationcommon",
],
unstable: true,
diff --git a/android/virtualizationservice/src/maintenance.rs b/android/virtualizationservice/src/maintenance.rs
index 8e04075..87ba412 100644
--- a/android/virtualizationservice/src/maintenance.rs
+++ b/android/virtualizationservice/src/maintenance.rs
@@ -297,7 +297,9 @@
mod tests {
use super::*;
use android_hardware_security_authgraph::aidl::android::hardware::security::authgraph;
- use android_hardware_security_secretkeeper::aidl::android::hardware::security::secretkeeper;
+ use android_hardware_security_secretkeeper::aidl::android::hardware::security::secretkeeper::{
+ self, PublicKey::PublicKey,
+ };
use authgraph::IAuthGraphKeyExchange::IAuthGraphKeyExchange;
use secretkeeper::ISecretkeeper::BnSecretkeeper;
use std::sync::{Arc, Mutex};
@@ -335,6 +337,10 @@
self.history.lock().unwrap().push(SkOp::DeleteAll);
Ok(())
}
+
+ fn getSecretkeeperIdentity(&self) -> binder::Result<PublicKey> {
+ unimplemented!()
+ }
}
impl binder::Interface for FakeSk {}