Add guest OS capability: SecretkeeperProtection
Not all guest OS are capable of interacting with Secretkeeper. Add a
capability "secretkeeper_protection" (which can be extracted from vbmeta
property "com.android.virt.cap"). Add this property to Microdroid
kernel.
pvmfw will have check if the guest OS has this capability & ensures the
rollback_index > 0 if the guest OS has it. Note that this will be
factored in while pvmfw check if updated guest OS should be accepted.
Bug: 291213374
Test: avbtool.py --info microdroid_kernel & check if property is
present.
Test: #payload_with_multiple_capabilities
Change-Id: I99c159d3d65005ec02729b47620ac05ab8d1ec5e
diff --git a/pvmfw/avb/tests/api_test.rs b/pvmfw/avb/tests/api_test.rs
index 46f5228..6344433 100644
--- a/pvmfw/avb/tests/api_test.rs
+++ b/pvmfw/avb/tests/api_test.rs
@@ -32,6 +32,7 @@
const TEST_IMG_WITH_NON_INITRD_HASHDESC_PATH: &str = "test_image_with_non_initrd_hashdesc.img";
const TEST_IMG_WITH_INITRD_AND_NON_INITRD_DESC_PATH: &str =
"test_image_with_initrd_and_non_initrd_desc.img";
+const TEST_IMG_WITH_MULTIPLE_CAPABILITIES: &str = "test_image_with_multiple_capabilities.img";
const UNSIGNED_TEST_IMG_PATH: &str = "unsigned_test.img";
const RANDOM_FOOTER_POS: usize = 30;
@@ -409,3 +410,18 @@
assert_eq!(expected_boot_data, verified_boot_data);
Ok(())
}
+
+#[test]
+fn payload_with_multiple_capabilities() -> Result<()> {
+ let public_key = load_trusted_public_key()?;
+ let verified_boot_data = verify_payload(
+ &fs::read(TEST_IMG_WITH_MULTIPLE_CAPABILITIES)?,
+ /* initrd= */ None,
+ &public_key,
+ )
+ .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
+
+ assert!(verified_boot_data.has_capability(Capability::RemoteAttest));
+ assert!(verified_boot_data.has_capability(Capability::SecretkeeperProtection));
+ Ok(())
+}