Revert^2 "Make salt in Microdroid's instance img obsolete" Salt has been used to provide differentiation of secrets of 2 non-protected VMs (as hidden input in DICE). Have hidden input be derived from instance_id of the (non protected) VM. In all other cases, it will be all 0s. Test: Microdroid tests use this code path. Bug: 291306122 Re-revert: The reason for failures was a different issue(b/291306122), this patch is harmless. Change-Id: I86727ce5361b2cf4e9be59b2f8c0c5e76af9d2e8

commit: f15e027de346185bc8b8c42b1b7a573f7b054f0d [log] [tgz]
author: Shikha Panwar <shikhapanwar@google.com> Tue Mar 12 22:35:09 2024 +0000
committer: Shikha Panwar <shikhapanwar@google.com> Wed Mar 20 11:07:01 2024 +0000
tree: e6508156412e819c79bca14c5d258a18851b9266
parent: 185ba932943f83b6c6f7920069ea92d21478b2e4 [diff] [blame]
diff --git a/microdroid_manager/src/instance.rs b/microdroid_manager/src/instance.rs
index 888c451..2d39cd8 100644
--- a/microdroid_manager/src/instance.rs
+++ b/microdroid_manager/src/instance.rs

@@ -273,6 +273,8 @@
 
 #[derive(Debug, Serialize, Deserialize, PartialEq, Eq)]
 pub struct MicrodroidData {
+    // `salt` is obsolete, it was used as a differentiator for non-protected VM instances running
+    // same payload. Instance-id (present in DT) is used for that now.
     pub salt: Vec<u8>, // Should be [u8; 64] but that isn't serializable.
     pub apk_data: ApkData,
     pub extra_apks_data: Vec<ApkData>,
commit	f15e027de346185bc8b8c42b1b7a573f7b054f0d	[log] [tgz]
author	Shikha Panwar <shikhapanwar@google.com>	Tue Mar 12 22:35:09 2024 +0000
committer	Shikha Panwar <shikhapanwar@google.com>	Wed Mar 20 11:07:01 2024 +0000
tree	e6508156412e819c79bca14c5d258a18851b9266
parent	185ba932943f83b6c6f7920069ea92d21478b2e4 [diff] [blame]