Merge "Add VM ID database and maintenance functionality" into main
diff --git a/java/framework/src/android/system/virtualmachine/VirtualMachine.java b/java/framework/src/android/system/virtualmachine/VirtualMachine.java
index 9a38acf..a5c8062 100644
--- a/java/framework/src/android/system/virtualmachine/VirtualMachine.java
+++ b/java/framework/src/android/system/virtualmachine/VirtualMachine.java
@@ -852,11 +852,11 @@
VirtualMachineConfig vmConfig = getConfig();
VirtualMachineAppConfig appConfig =
vmConfig.toVsConfig(mContext.getPackageManager());
+ appConfig.instanceImage =
+ ParcelFileDescriptor.open(mInstanceFilePath, MODE_READ_WRITE);
appConfig.name = mName;
if (mInstanceIdPath != null) {
appConfig.instanceId = Files.readAllBytes(mInstanceIdPath.toPath());
- appConfig.instanceImage =
- ParcelFileDescriptor.open(mInstanceFilePath, MODE_READ_WRITE);
} else {
// FEATURE_LLPVM_CHANGES is disabled, instance_id is not used.
appConfig.instanceId = new byte[64];
@@ -1298,7 +1298,9 @@
try {
return new VirtualMachineDescriptor(
ParcelFileDescriptor.open(mConfigFilePath, MODE_READ_ONLY),
- ParcelFileDescriptor.open(mInstanceIdPath, MODE_READ_ONLY),
+ mInstanceIdPath != null
+ ? ParcelFileDescriptor.open(mInstanceIdPath, MODE_READ_ONLY)
+ : null,
ParcelFileDescriptor.open(mInstanceFilePath, MODE_READ_ONLY),
mEncryptedStoreFilePath != null
? ParcelFileDescriptor.open(mEncryptedStoreFilePath, MODE_READ_ONLY)
diff --git a/microdroid_manager/src/dice.rs b/microdroid_manager/src/dice.rs
index a8b88aa..2469325 100644
--- a/microdroid_manager/src/dice.rs
+++ b/microdroid_manager/src/dice.rs
@@ -14,11 +14,11 @@
use crate::dice_driver::DiceDriver;
use crate::instance::{ApexData, ApkData};
-use crate::{is_debuggable, MicrodroidData};
+use crate::{is_debuggable, is_strict_boot, MicrodroidData};
use anyhow::{bail, Context, Result};
use ciborium::{cbor, Value};
use coset::CborSerializable;
-use diced_open_dice::OwnedDiceArtifacts;
+use diced_open_dice::{Hidden, OwnedDiceArtifacts, HIDDEN_SIZE};
use microdroid_metadata::PayloadMetadata;
use openssl::sha::{sha512, Sha512};
use std::iter::once;
@@ -53,10 +53,37 @@
let debuggable = is_debuggable()?;
// Send the details to diced
- let hidden = instance_data.salt.clone().try_into().unwrap();
+ let hidden = if cfg!(llpvm_changes) {
+ hidden_input_from_instance_id()?
+ } else {
+ instance_data.salt.clone().try_into().unwrap()
+ };
dice.derive(code_hash, &config_descriptor, authority_hash, debuggable, hidden)
}
+// Get the "Hidden input" for DICE derivation.
+// This provides differentiation of secrets for different VM instances with same payload.
+fn hidden_input_from_instance_id() -> Result<Hidden> {
+ // For protected VM: this is all 0s, pvmfw ensures differentiation is added early in secrets.
+ // For non-protected VM: this is derived from instance_id of the VM instance.
+ let hidden_input = if !is_strict_boot() {
+ if let Some(id) = super::get_instance_id()? {
+ sha512(&id)
+ } else {
+ // TODO(b/325094712): Absence of instance_id occurs due to missing DT in some
+ // x86_64 test devices (such as Cuttlefish). From security perspective, this is
+ // acceptable for non-protected VM.
+ log::warn!(
+ "Instance Id missing, this may lead to 2 non protected VMs having same secrets"
+ );
+ [0u8; HIDDEN_SIZE]
+ }
+ } else {
+ [0u8; HIDDEN_SIZE]
+ };
+ Ok(hidden_input)
+}
+
struct Subcomponent {
name: String,
version: u64,
diff --git a/microdroid_manager/src/instance.rs b/microdroid_manager/src/instance.rs
index 7a9f0e0..f42b86d 100644
--- a/microdroid_manager/src/instance.rs
+++ b/microdroid_manager/src/instance.rs
@@ -273,6 +273,8 @@
#[derive(Debug, Serialize, Deserialize, PartialEq, Eq)]
pub struct MicrodroidData {
+ // `salt` is obsolete, it was used as a differentiator for non-protected VM instances running
+ // same payload. Instance-id (present in DT) is used for that now.
pub salt: Vec<u8>, // Should be [u8; 64] but that isn't serializable.
pub apk_data: ApkData,
pub extra_apks_data: Vec<ApkData>,
diff --git a/microdroid_manager/src/main.rs b/microdroid_manager/src/main.rs
index 0d67632..e8017e8 100644
--- a/microdroid_manager/src/main.rs
+++ b/microdroid_manager/src/main.rs
@@ -42,7 +42,7 @@
use keystore2_crypto::ZVec;
use libc::VMADDR_CID_HOST;
use log::{error, info};
-use microdroid_metadata::PayloadMetadata;
+use microdroid_metadata::{Metadata, PayloadMetadata};
use microdroid_payload_config::{ApkConfig, OsConfig, Task, TaskType, VmPayloadConfig};
use nix::sys::signal::Signal;
use payload::load_metadata;
@@ -236,16 +236,12 @@
}
}
-fn try_run_payload(
- service: &Strong<dyn IVirtualMachineService>,
- vm_payload_service_fd: OwnedFd,
-) -> Result<i32> {
- let metadata = load_metadata().context("Failed to load payload metadata")?;
- let dice = DiceDriver::new(Path::new("/dev/open-dice0")).context("Failed to load DICE")?;
-
+fn verify_payload_with_instance_img(
+ metadata: &Metadata,
+ dice: &DiceDriver,
+) -> Result<MicrodroidData> {
let mut instance = InstanceDisk::new().context("Failed to load instance.img")?;
- let saved_data =
- instance.read_microdroid_data(&dice).context("Failed to read identity data")?;
+ let saved_data = instance.read_microdroid_data(dice).context("Failed to read identity data")?;
if is_strict_boot() {
// Provisioning must happen on the first boot and never again.
@@ -265,7 +261,7 @@
}
// Verify the payload before using it.
- let extracted_data = verify_payload(&metadata, saved_data.as_ref())
+ let extracted_data = verify_payload(metadata, saved_data.as_ref())
.context("Payload verification failed")
.map_err(|e| MicrodroidError::PayloadVerificationFailed(e.to_string()))?;
@@ -289,10 +285,28 @@
} else {
info!("Saving verified data.");
instance
- .write_microdroid_data(&extracted_data, &dice)
+ .write_microdroid_data(&extracted_data, dice)
.context("Failed to write identity data")?;
extracted_data
};
+ Ok(instance_data)
+}
+
+fn try_run_payload(
+ service: &Strong<dyn IVirtualMachineService>,
+ vm_payload_service_fd: OwnedFd,
+) -> Result<i32> {
+ let metadata = load_metadata().context("Failed to load payload metadata")?;
+ let dice = DiceDriver::new(Path::new("/dev/open-dice0")).context("Failed to load DICE")?;
+
+ // TODO(b/291306122): Checking with host about Secretkeeper support multiple times introduces
+ // a whole range of security vulnerability since host can give different answers. Guest should
+ // check only once and the same answer should be known to pVM Firmware and Microdroid.
+ let instance_data = if let Some(_sk) = vm_secret::is_sk_supported(service)? {
+ verify_payload(&metadata, None)?
+ } else {
+ verify_payload_with_instance_img(&metadata, &dice)?
+ };
let payload_metadata = metadata.payload.ok_or_else(|| {
MicrodroidError::PayloadInvalidConfig("No payload config in metadata".to_string())
diff --git a/microdroid_manager/src/verify.rs b/microdroid_manager/src/verify.rs
index 445c1ae..65c32b0 100644
--- a/microdroid_manager/src/verify.rs
+++ b/microdroid_manager/src/verify.rs
@@ -169,13 +169,14 @@
// verified is consistent with the root hash) or because we have the saved APK data which will
// be checked as identical to the data we have verified.
- // Use the salt from a verified instance, or generate a salt for a new instance.
- let salt = if let Some(saved_data) = saved_data {
- saved_data.salt.clone()
- } else if is_strict_boot() {
- // No need to add more entropy as a previous stage must have used a new, random salt.
+ let salt = if cfg!(llpvm_changes) || is_strict_boot() {
+ // Salt is obsolete with llpvm_changes.
vec![0u8; 64]
+ } else if let Some(saved_data) = saved_data {
+ // Use the salt from a verified instance.
+ saved_data.salt.clone()
} else {
+ // Generate a salt for a new instance.
let mut salt = vec![0u8; 64];
salt.as_mut_slice().try_fill(&mut rand::thread_rng())?;
salt
diff --git a/microdroid_manager/src/vm_secret.rs b/microdroid_manager/src/vm_secret.rs
index 4ead211..91f5abd 100644
--- a/microdroid_manager/src/vm_secret.rs
+++ b/microdroid_manager/src/vm_secret.rs
@@ -268,9 +268,9 @@
anyhow!("{:?}", err)
}
-// Get the secretkeeper connection if supported. Host can be consulted whether the device supports
-// secretkeeper but that should be used with caution for protected VM.
-fn is_sk_supported(
+/// Get the secretkeeper connection if supported. Host can be consulted whether the device supports
+/// secretkeeper but that should be used with caution for protected VM.
+pub fn is_sk_supported(
host: &Strong<dyn IVirtualMachineService>,
) -> Result<Option<Strong<dyn ISecretkeeper>>> {
let sk = if cfg!(llpvm_changes) {
diff --git a/service_vm/demo_apk/src/main.rs b/service_vm/demo_apk/src/main.rs
index 0d1efb0..8ea4e65 100644
--- a/service_vm/demo_apk/src/main.rs
+++ b/service_vm/demo_apk/src/main.rs
@@ -23,10 +23,10 @@
result,
};
use vm_payload_bindgen::{
- attestation_status_t, AVmAttestationResult, AVmAttestationResult_free,
- AVmAttestationResult_getCertificateAt, AVmAttestationResult_getCertificateCount,
- AVmAttestationResult_getPrivateKey, AVmAttestationResult_resultToString,
- AVmAttestationResult_sign, AVmPayload_requestAttestation,
+ AVmAttestationResult, AVmAttestationResult_free, AVmAttestationResult_getCertificateAt,
+ AVmAttestationResult_getCertificateCount, AVmAttestationResult_getPrivateKey,
+ AVmAttestationResult_sign, AVmAttestationStatus, AVmAttestationStatus_toString,
+ AVmPayload_requestAttestation,
};
/// Entry point of the Service VM client.
@@ -56,7 +56,7 @@
ensure!(res.is_err());
let status = res.unwrap_err();
ensure!(
- status == attestation_status_t::ATTESTATION_ERROR_INVALID_CHALLENGE,
+ status == AVmAttestationStatus::ATTESTATION_ERROR_INVALID_CHALLENGE,
"Unexpected status: {:?}",
status
);
@@ -89,7 +89,7 @@
struct AttestationResult(NonNull<AVmAttestationResult>);
impl AttestationResult {
- fn request_attestation(challenge: &[u8]) -> result::Result<Self, attestation_status_t> {
+ fn request_attestation(challenge: &[u8]) -> result::Result<Self, AVmAttestationStatus> {
let mut res: *mut AVmAttestationResult = ptr::null_mut();
// SAFETY: It is safe as we only read the challenge within its bounds and the
// function does not retain any reference to it.
@@ -100,7 +100,7 @@
&mut res,
)
};
- if status == attestation_status_t::ATTESTATION_OK {
+ if status == AVmAttestationStatus::ATTESTATION_OK {
info!("Attestation succeeds. Status: {:?}", status_to_cstr(status));
let res = NonNull::new(res).expect("The attestation result is null");
Ok(Self(res))
@@ -219,11 +219,11 @@
Ok(signature.into_boxed_slice())
}
-fn status_to_cstr(status: attestation_status_t) -> &'static CStr {
+fn status_to_cstr(status: AVmAttestationStatus) -> &'static CStr {
// SAFETY: The function only reads the given enum status and returns a pointer to a
// static string.
- let message = unsafe { AVmAttestationResult_resultToString(status) };
- // SAFETY: The pointer returned by `AVmAttestationResult_resultToString` is guaranteed to
+ let message = unsafe { AVmAttestationStatus_toString(status) };
+ // SAFETY: The pointer returned by `AVmAttestationStatus_toString` is guaranteed to
// point to a valid C String that lives forever.
unsafe { CStr::from_ptr(message) }
}
diff --git a/service_vm/test_apk/src/native/main.rs b/service_vm/test_apk/src/native/main.rs
index d5d599d..199b45c 100644
--- a/service_vm/test_apk/src/native/main.rs
+++ b/service_vm/test_apk/src/native/main.rs
@@ -31,10 +31,10 @@
sync::{Arc, Mutex},
};
use vm_payload_bindgen::{
- attestation_status_t, AIBinder, AVmAttestationResult, AVmAttestationResult_free,
+ AIBinder, AVmAttestationResult, AVmAttestationResult_free,
AVmAttestationResult_getCertificateAt, AVmAttestationResult_getCertificateCount,
- AVmAttestationResult_getPrivateKey, AVmAttestationResult_resultToString,
- AVmAttestationResult_sign, AVmPayload_notifyPayloadReady,
+ AVmAttestationResult_getPrivateKey, AVmAttestationResult_sign, AVmAttestationStatus,
+ AVmAttestationStatus_toString, AVmPayload_notifyPayloadReady,
AVmPayload_requestAttestationForTesting, AVmPayload_runVsockRpcServer,
};
@@ -116,7 +116,7 @@
unsafe impl Send for AttestationResult {}
impl AttestationResult {
- fn request_attestation(challenge: &[u8]) -> result::Result<Self, attestation_status_t> {
+ fn request_attestation(challenge: &[u8]) -> result::Result<Self, AVmAttestationStatus> {
let mut res: *mut AVmAttestationResult = ptr::null_mut();
// SAFETY: It is safe as we only read the challenge within its bounds and the
// function does not retain any reference to it.
@@ -127,7 +127,7 @@
&mut res,
)
};
- if status == attestation_status_t::ATTESTATION_OK {
+ if status == AVmAttestationStatus::ATTESTATION_OK {
info!("Attestation succeeds. Status: {:?}", status_to_cstr(status));
let res = NonNull::new(res).expect("The attestation result is null");
Ok(Self(res))
@@ -261,11 +261,11 @@
Ok(signature.into_boxed_slice())
}
-fn status_to_cstr(status: attestation_status_t) -> &'static CStr {
+fn status_to_cstr(status: AVmAttestationStatus) -> &'static CStr {
// SAFETY: The function only reads the given enum status and returns a pointer to a
// static string.
- let message = unsafe { AVmAttestationResult_resultToString(status) };
- // SAFETY: The pointer returned by `AVmAttestationResult_resultToString` is guaranteed to
+ let message = unsafe { AVmAttestationStatus_toString(status) };
+ // SAFETY: The pointer returned by `AVmAttestationStatus_toString` is guaranteed to
// point to a valid C String that lives forever.
unsafe { CStr::from_ptr(message) }
}
diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 3b8b4ac..51aace4 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
@@ -1070,6 +1070,10 @@
})
public void instancesOfSameVmHaveDifferentCdis() throws Exception {
assumeSupportedDevice();
+ // TODO(b/325094712): VMs on CF with same payload have the same secret. This is because
+ // `instance-id` which is input to DICE is contained in DT which is missing in CF.
+ assumeFalse(
+ "Cuttlefish doesn't support device tree under /proc/device-tree", isCuttlefish());
grantPermission(VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION);
VirtualMachineConfig normalConfig =
@@ -1504,6 +1508,10 @@
@CddTest(requirements = {"9.17/C-1-1"})
public void encryptedStorageIsInaccessibleToDifferentVm() throws Exception {
assumeSupportedDevice();
+ // TODO(b/325094712): VMs on CF with same payload have the same secret. This is because
+ // `instance-id` which is input to DICE is contained in DT which is missing in CF.
+ assumeFalse(
+ "Cuttlefish doesn't support device tree under /proc/device-tree", isCuttlefish());
VirtualMachineConfig config =
newVmConfigBuilderWithPayloadBinary("MicrodroidTestNativeLib.so")
diff --git a/vm_payload/Android.bp b/vm_payload/Android.bp
index a745fd6..80d289b 100644
--- a/vm_payload/Android.bp
+++ b/vm_payload/Android.bp
@@ -34,7 +34,7 @@
source_stem: "bindings",
bindgen_flags: [
"--default-enum-style rust",
- "--allowlist-type=attestation_status_t",
+ "--allowlist-type=AVmAttestationStatus",
],
visibility: [":__subpackages__"],
}
diff --git a/vm_payload/include-restricted/vm_payload_restricted.h b/vm_payload/include-restricted/vm_payload_restricted.h
index d7324a8..5dd12ad 100644
--- a/vm_payload/include-restricted/vm_payload_restricted.h
+++ b/vm_payload/include-restricted/vm_payload_restricted.h
@@ -72,7 +72,7 @@
* succeeds. The result remains valid until it is freed with
* `AVmPayload_freeAttestationResult`.
*/
-attestation_status_t AVmPayload_requestAttestationForTesting(
+AVmAttestationStatus AVmPayload_requestAttestationForTesting(
const void* _Nonnull challenge, size_t challenge_size,
struct AVmAttestationResult* _Nullable* _Nonnull result) __INTRODUCED_IN(__ANDROID_API_V__);
diff --git a/vm_payload/include/vm_payload.h b/vm_payload/include/vm_payload.h
index af755c9..5e15607 100644
--- a/vm_payload/include/vm_payload.h
+++ b/vm_payload/include/vm_payload.h
@@ -25,20 +25,19 @@
__BEGIN_DECLS
-struct AIBinder;
typedef struct AIBinder AIBinder;
/**
* Introduced in API 35.
* Remote attestation result if the attestation succeeds.
*/
-struct AVmAttestationResult;
+typedef struct AVmAttestationResult AVmAttestationResult;
/**
* Introduced in API 35.
* Remote attestation status types returned from remote attestation functions.
*/
-typedef enum attestation_status_t : int32_t {
+typedef enum AVmAttestationStatus : int32_t {
/** The remote attestation completes successfully. */
ATTESTATION_OK = 0,
@@ -50,7 +49,7 @@
/** Remote attestation is not supported in the current environment. */
ATTESTATION_ERROR_UNSUPPORTED = -10003,
-} attestation_status_t;
+} AVmAttestationStatus;
/**
* Notifies the host that the payload is ready.
@@ -151,9 +150,10 @@
*
* \return ATTESTATION_OK upon successful attestation.
*/
-attestation_status_t AVmPayload_requestAttestation(
- const void* _Nonnull challenge, size_t challenge_size,
- struct AVmAttestationResult* _Nullable* _Nonnull result) __INTRODUCED_IN(__ANDROID_API_V__);
+AVmAttestationStatus AVmPayload_requestAttestation(const void* _Nonnull challenge,
+ size_t challenge_size,
+ AVmAttestationResult* _Nullable* _Nonnull result)
+ __INTRODUCED_IN(__ANDROID_API_V__);
/**
* Converts the return value from `AVmPayload_requestAttestation` to a text string
@@ -162,7 +162,7 @@
* \return a constant string value representing the status code. The string should not
* be deleted or freed by the application and remains valid for the lifetime of the VM.
*/
-const char* _Nonnull AVmAttestationResult_resultToString(attestation_status_t status)
+const char* _Nonnull AVmAttestationStatus_toString(AVmAttestationStatus status)
__INTRODUCED_IN(__ANDROID_API_V__);
/**
@@ -173,7 +173,7 @@
*
* \param result A pointer to the attestation result.
*/
-void AVmAttestationResult_free(struct AVmAttestationResult* _Nullable result)
+void AVmAttestationResult_free(AVmAttestationResult* _Nullable result)
__INTRODUCED_IN(__ANDROID_API_V__);
/**
@@ -192,7 +192,7 @@
*
* [RFC 5915 s3]: https://datatracker.ietf.org/doc/html/rfc5915#section-3
*/
-size_t AVmAttestationResult_getPrivateKey(const struct AVmAttestationResult* _Nonnull result,
+size_t AVmAttestationResult_getPrivateKey(const AVmAttestationResult* _Nonnull result,
void* _Nullable data, size_t size)
__INTRODUCED_IN(__ANDROID_API_V__);
@@ -215,7 +215,7 @@
*
* [RFC 6979]: https://datatracker.ietf.org/doc/html/rfc6979
*/
-size_t AVmAttestationResult_sign(const struct AVmAttestationResult* _Nonnull result,
+size_t AVmAttestationResult_sign(const AVmAttestationResult* _Nonnull result,
const void* _Nonnull message, size_t message_size,
void* _Nullable data, size_t size)
__INTRODUCED_IN(__ANDROID_API_V__);
@@ -232,7 +232,7 @@
*
* \return The number of certificates in the certificate chain.
*/
-size_t AVmAttestationResult_getCertificateCount(const struct AVmAttestationResult* _Nonnull result)
+size_t AVmAttestationResult_getCertificateCount(const AVmAttestationResult* _Nonnull result)
__INTRODUCED_IN(__ANDROID_API_V__);
/**
@@ -256,7 +256,7 @@
*
* \return The total size of the certificate at the given `index`.
*/
-size_t AVmAttestationResult_getCertificateAt(const struct AVmAttestationResult* _Nonnull result,
+size_t AVmAttestationResult_getCertificateAt(const AVmAttestationResult* _Nonnull result,
size_t index, void* _Nullable data, size_t size)
__INTRODUCED_IN(__ANDROID_API_V__);
diff --git a/vm_payload/libvm_payload.map.txt b/vm_payload/libvm_payload.map.txt
index caf8f84..3daad00 100644
--- a/vm_payload/libvm_payload.map.txt
+++ b/vm_payload/libvm_payload.map.txt
@@ -12,7 +12,7 @@
AVmAttestationResult_getPrivateKey; # systemapi introduced=VanillaIceCream
AVmAttestationResult_sign; # systemapi introduced=VanillaIceCream
AVmAttestationResult_free; # systemapi introduced=VanillaIceCream
- AVmAttestationResult_resultToString; # systemapi introduced=VanillaIceCream
+ AVmAttestationStatus_toString; # systemapi introduced=VanillaIceCream
AVmAttestationResult_getCertificateCount; # systemapi introduced=VanillaIceCream
AVmAttestationResult_getCertificateAt; # systemapi introduced=VanillaIceCream
local:
diff --git a/vm_payload/src/lib.rs b/vm_payload/src/lib.rs
index 6188b21..5cc4431 100644
--- a/vm_payload/src/lib.rs
+++ b/vm_payload/src/lib.rs
@@ -37,7 +37,7 @@
atomic::{AtomicBool, Ordering},
Mutex,
};
-use vm_payload_status_bindgen::attestation_status_t;
+use vm_payload_status_bindgen::AVmAttestationStatus;
/// Maximum size of an ECDSA signature for EC P-256 key is 72 bytes.
const MAX_ECDSA_P256_SIGNATURE_SIZE: usize = 72;
@@ -283,7 +283,7 @@
challenge: *const u8,
challenge_size: usize,
res: &mut *mut AttestationResult,
-) -> attestation_status_t {
+) -> AVmAttestationStatus {
// SAFETY: The caller guarantees that `challenge` is valid for reads and `res` is valid
// for writes.
unsafe {
@@ -310,7 +310,7 @@
challenge: *const u8,
challenge_size: usize,
res: &mut *mut AttestationResult,
-) -> attestation_status_t {
+) -> AVmAttestationStatus {
// SAFETY: The caller guarantees that `challenge` is valid for reads and `res` is valid
// for writes.
unsafe {
@@ -337,11 +337,11 @@
challenge_size: usize,
test_mode: bool,
res: &mut *mut AttestationResult,
-) -> attestation_status_t {
+) -> AVmAttestationStatus {
initialize_logging();
const MAX_CHALLENGE_SIZE: usize = 64;
if challenge_size > MAX_CHALLENGE_SIZE {
- return attestation_status_t::ATTESTATION_ERROR_INVALID_CHALLENGE;
+ return AVmAttestationStatus::ATTESTATION_ERROR_INVALID_CHALLENGE;
}
let challenge = if challenge_size == 0 {
&[]
@@ -354,7 +354,7 @@
match service.requestAttestation(challenge, test_mode) {
Ok(attestation_res) => {
*res = Box::into_raw(Box::new(attestation_res));
- attestation_status_t::ATTESTATION_OK
+ AVmAttestationStatus::ATTESTATION_OK
}
Err(e) => {
error!("Remote attestation failed: {e:?}");
@@ -363,31 +363,29 @@
}
}
-fn binder_status_to_attestation_status(status: binder::Status) -> attestation_status_t {
+fn binder_status_to_attestation_status(status: binder::Status) -> AVmAttestationStatus {
match status.exception_code() {
- ExceptionCode::UNSUPPORTED_OPERATION => attestation_status_t::ATTESTATION_ERROR_UNSUPPORTED,
- _ => attestation_status_t::ATTESTATION_ERROR_ATTESTATION_FAILED,
+ ExceptionCode::UNSUPPORTED_OPERATION => AVmAttestationStatus::ATTESTATION_ERROR_UNSUPPORTED,
+ _ => AVmAttestationStatus::ATTESTATION_ERROR_ATTESTATION_FAILED,
}
}
/// Converts the return value from `AVmPayload_requestAttestation` to a text string
/// representing the error code.
#[no_mangle]
-pub extern "C" fn AVmAttestationResult_resultToString(
- status: attestation_status_t,
-) -> *const c_char {
+pub extern "C" fn AVmAttestationStatus_toString(status: AVmAttestationStatus) -> *const c_char {
let message = match status {
- attestation_status_t::ATTESTATION_OK => {
+ AVmAttestationStatus::ATTESTATION_OK => {
CStr::from_bytes_with_nul(b"The remote attestation completes successfully.\0").unwrap()
}
- attestation_status_t::ATTESTATION_ERROR_INVALID_CHALLENGE => {
+ AVmAttestationStatus::ATTESTATION_ERROR_INVALID_CHALLENGE => {
CStr::from_bytes_with_nul(b"The challenge size is not between 0 and 64.\0").unwrap()
}
- attestation_status_t::ATTESTATION_ERROR_ATTESTATION_FAILED => {
+ AVmAttestationStatus::ATTESTATION_ERROR_ATTESTATION_FAILED => {
CStr::from_bytes_with_nul(b"Failed to attest the VM. Please retry at a later time.\0")
.unwrap()
}
- attestation_status_t::ATTESTATION_ERROR_UNSUPPORTED => CStr::from_bytes_with_nul(
+ AVmAttestationStatus::ATTESTATION_ERROR_UNSUPPORTED => CStr::from_bytes_with_nul(
b"Remote attestation is not supported in the current environment.\0",
)
.unwrap(),