Merge changes from topic "dice_chain_identity" into main
* changes:
Secretkeeper: Differentiate the VM ID based on salt
libdiced_open_dice: Visibility to Secretkeeper VTS
Use policy constructed from VM's dice chain
diff --git a/apex/Android.bp b/apex/Android.bp
index b09cf58..7c45cc5 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -99,6 +99,9 @@
"virtualizationservice",
],
filesystems: microdroid_filesystem_images,
+ prebuilts: [
+ "rialto_bin",
+ ],
},
x86_64: {
binaries: [
@@ -119,7 +122,6 @@
"microdroid_initrd_normal",
"microdroid.json",
"microdroid_kernel",
- "rialto_bin",
],
host_required: [
"vm_shell",
diff --git a/apex/sign_virt_apex.py b/apex/sign_virt_apex.py
index b21a355..74bccba 100644
--- a/apex/sign_virt_apex.py
+++ b/apex/sign_virt_apex.py
@@ -212,11 +212,26 @@
def LookUp(pairs, key):
return [v for (k, v) in pairs if k == key]
+# Extract properties from the descriptors of original vbmeta image,
+# append to command as parameter.
+def AppendPropArgument(cmd, descriptors):
+ for prop in LookUp(descriptors, 'Prop'):
+ cmd.append('--prop')
+ result = re.match(r"(.+) -> '(.+)'", prop)
+ cmd.append(result.group(1) + ":" + result.group(2))
+
+
+def check_no_size_change_on_resigned_image(image_path, original_image_info, resigned_image_info):
+ assert original_image_info is not None, f'no avbinfo on original image: {image_path}'
+ assert resigned_image_info is not None, f'no avbinfo on resigned image: {image_path}'
+ assert original_image_info['Header Block'] == resigned_image_info['Header Block'], f'header block size mismatch: {image_path}'
+ assert original_image_info['Authentication Block'] == resigned_image_info['Authentication Block'], f'authentication block size mismatch: {image_path}'
+ assert original_image_info['Auxiliary Block'] == resigned_image_info['Auxiliary Block'], f'auxiliary block size mismatch: {image_path}'
def AddHashFooter(args, key, image_path, partition_name, additional_descriptors=None):
if os.path.basename(image_path) in args.key_overrides:
key = args.key_overrides[os.path.basename(image_path)]
- info, _ = AvbInfo(args, image_path)
+ info, descriptors = AvbInfo(args, image_path)
if info:
image_size = ReadBytesSize(info['Image size'])
algorithm = info['Algorithm']
@@ -228,6 +243,7 @@
'--partition_name', partition_name,
'--partition_size', partition_size,
'--image', image_path]
+ AppendPropArgument(cmd, descriptors)
if args.signing_args:
cmd.extend(shlex.split(args.signing_args))
if additional_descriptors:
@@ -237,7 +253,8 @@
if 'Rollback Index' in info:
cmd.extend(['--rollback_index', info['Rollback Index']])
RunCommand(args, cmd)
-
+ resigned_info, _ = AvbInfo(args, image_path)
+ check_no_size_change_on_resigned_image(image_path, info, resigned_info)
def AddHashTreeFooter(args, key, image_path):
if os.path.basename(image_path) in args.key_overrides:
@@ -258,9 +275,12 @@
'--do_not_generate_fec',
'--hash_algorithm', hash_algorithm,
'--image', image_path]
+ AppendPropArgument(cmd, descriptors)
if args.signing_args:
cmd.extend(shlex.split(args.signing_args))
RunCommand(args, cmd)
+ resigned_info, _ = AvbInfo(args, image_path)
+ check_no_size_change_on_resigned_image(image_path, info, resigned_info)
def UpdateVbmetaBootconfig(args, initrds, vbmeta_img):
@@ -376,6 +396,8 @@
cmd.extend(shlex.split(args.signing_args))
RunCommand(args, cmd)
+ resigned_info, _ = AvbInfo(args, vbmeta_img)
+ check_no_size_change_on_resigned_image(vbmeta_img, info, resigned_info)
# libavb expects to be able to read the maximum vbmeta size, so we must provide a partition
# which matches this or the read will fail.
with open(vbmeta_img, 'a', encoding='utf8') as f:
@@ -422,6 +444,7 @@
'super.img': 'etc/fs/microdroid_super.img',
'initrd_normal.img': 'etc/microdroid_initrd_normal.img',
'initrd_debuggable.img': 'etc/microdroid_initrd_debuggable.img',
+ 'rialto': 'etc/rialto.bin',
}
def TargetFiles(input_dir):
@@ -512,6 +535,10 @@
f'gki-{ver}_initrd_normal.img',
f'gki-{ver}_initrd_debuggable.img')
+ # Re-sign rialto if it exists. Rialto only exists in arm64 environment.
+ if os.path.exists(files['rialto']):
+ Async(AddHashFooter, args, key, files['rialto'], partition_name='boot')
+
def VerifyVirtApex(args):
key = args.key
@@ -538,6 +565,9 @@
if IsInitrdImage(k):
# TODO(b/245277660): Verify that ramdisks contain the correct vbmeta digest
continue
+ if k == 'rialto' and not os.path.exists(f):
+ # Rialto only exists in arm64 environment.
+ continue
if k == 'super.img':
Async(check_avb_pubkey, system_a_img)
else:
diff --git a/microdroid/Android.bp b/microdroid/Android.bp
index ae89f79..233754a 100644
--- a/microdroid/Android.bp
+++ b/microdroid/Android.bp
@@ -391,7 +391,9 @@
],
soong_config_variables: {
release_avf_enable_vendor_modules: {
- partitions: ["microdroid_vendor"],
+ conditions_default: {
+ partitions: ["microdroid_vendor"],
+ },
},
},
}