Skip rollback protection in pvmfw for Trusty Security VM This cl introduces a new capability for the Trusty Security VM. It allows pvmfw to identify it and skips the existing rollback protection mechanism. Bug: 379868478 Test: atest libpvmfw_avb.integration_test Change-Id: Ice2118b940bd50d064617a3e99eba993ee9db6c8

commit: fe0b976b683f2b83a9c6a49159ece8a575d5c06e [log] [tgz]
author: Alice Wang <aliceywang@google.com> Thu Nov 21 14:47:54 2024 +0000
committer: Alice Wang <aliceywang@google.com> Thu Nov 21 16:14:13 2024 +0000
tree: dd7bfb47b1cf24f20d63e3a29eac70ddee5eb871
parent: 5ab9e58e840b199682636eb6fdfe4cb9b7b7b8c5 [diff] [blame]
diff --git a/guest/pvmfw/avb/tests/utils.rs b/guest/pvmfw/avb/tests/utils.rs
index 0e836d5..61bfbf2 100644
--- a/guest/pvmfw/avb/tests/utils.rs
+++ b/guest/pvmfw/avb/tests/utils.rs

@@ -143,6 +143,7 @@
     kernel: &[u8],
     salt: &[u8],
     expected_rollback_index: u64,
+    capabilities: Vec<Capability>,
 ) -> Result<()> {
     let public_key = load_trusted_public_key()?;
     let verified_boot_data = verify_payload(
@@ -160,7 +161,7 @@
         kernel_digest,
         initrd_digest: None,
         public_key: &public_key,
-        capabilities: vec![],
+        capabilities,
         rollback_index: expected_rollback_index,
     };
     assert_eq!(expected_boot_data, verified_boot_data);
commit	fe0b976b683f2b83a9c6a49159ece8a575d5c06e	[log] [tgz]
author	Alice Wang <aliceywang@google.com>	Thu Nov 21 14:47:54 2024 +0000
committer	Alice Wang <aliceywang@google.com>	Thu Nov 21 16:14:13 2024 +0000
tree	dd7bfb47b1cf24f20d63e3a29eac70ddee5eb871
parent	5ab9e58e840b199682636eb6fdfe4cb9b7b7b8c5 [diff] [blame]