microdroid_manager: Zero DICE hidden input As we assume that instance.img entries can't be individually modified without it being detected (thanks to the avf,new-instance flag), there is no need to generate a random salt for DICE in microdroid_manager if pvmfw has run (i.e. avf,strict-boot is received) so use a zero value if one isn't found in the instance.img. This makes pvmfw the only source of per-instance secret uniqueness, enabling end-to-end tests to validate that functionality of pvmfw. Bug: 268307476 Test: atest MicrodroidTestApp Change-Id: Ia1c4f056b8106ddae4f2fd753fbc19e4c203b65a

commit: cecb0aa3a6a020ca35bcf1c8bc586546b7f7296e [log] [tgz]
author: Pierre-Clément Tosi <ptosi@google.com> Wed Feb 08 16:57:54 2023 +0000
committer: Pierre-Clément Tosi <ptosi@google.com> Sat Feb 25 13:15:19 2023 +0000
tree: ac2e3c2192314245ea37cf56def72bb73dcc36b5
parent: b2d8aa7c723456e8ca4a42880b6746f65bddd002 [diff]
diff --git a/microdroid_manager/src/main.rs b/microdroid_manager/src/main.rs
index 1148c31..a464163 100644
--- a/microdroid_manager/src/main.rs
+++ b/microdroid_manager/src/main.rs

@@ -721,6 +721,9 @@
     // Use the salt from a verified instance, or generate a salt for a new instance.
     let salt = if let Some(saved_data) = saved_data {
         saved_data.salt.clone()
+    } else if is_strict_boot() {
+        // No need to add more entropy as a previous stage must have used a new, random salt.
+        vec![0u8; 64]
     } else {
         let mut salt = vec![0u8; 64];
         salt.as_mut_slice().try_fill(&mut rand::thread_rng())?;
commit	cecb0aa3a6a020ca35bcf1c8bc586546b7f7296e	[log] [tgz]
author	Pierre-Clément Tosi <ptosi@google.com>	Wed Feb 08 16:57:54 2023 +0000
committer	Pierre-Clément Tosi <ptosi@google.com>	Sat Feb 25 13:15:19 2023 +0000
tree	ac2e3c2192314245ea37cf56def72bb73dcc36b5
parent	b2d8aa7c723456e8ca4a42880b6746f65bddd002 [diff]