| Alan Stokes | 9b8b8ec | 2023-10-13 15:58:11 +0100 | [diff] [blame] | 1 | ; Configuration Descriptor used in the DICE node that describes the payload of a Microdroid virtual |
| 2 | ; machine. |
| 3 | ; |
| 4 | ; See the Open DICE specification |
| 5 | ; https://pigweed.googlesource.com/open-dice/+/HEAD/docs/specification.md, |
| 6 | ; and the Android Profile for DICE |
| 7 | ; https://pigweed.googlesource.com/open-dice/+/HEAD/docs/android.md. |
| 8 | ; |
| 9 | ; CDDL for the normal Configuration Descriptor can be found at |
| 10 | ; https://cs.android.com/android/platform/superproject/main/+/main:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl |
| 11 | |
| 12 | ; The configuration descriptor node for a Microdroid VM, with extensions to describe the contents |
| 13 | ; of the VM payload. |
| 14 | VmConfigDescriptor = { |
| 15 | -70002 : "Microdroid payload", ; Component name |
| 16 | (? -71000: tstr // ; Path to the payload config file |
| 17 | ? -71001: PayloadConfig), |
| 18 | ? -71002: [+ SubcomponentDescriptor], |
| 19 | } |
| 20 | |
| 21 | PayloadConfig = { |
| 22 | 1: tstr ; Path to the binary file where payload execution starts |
| 23 | } |
| 24 | |
| 25 | ; Describes a unit of code (e.g. an APK or an APEX) present inside the VM. |
| 26 | SubcomponentDescriptor = { |
| 27 | 1: tstr, ; Component name |
| 28 | 2: uint, ; Security version |
| 29 | ? 3: bstr, ; Code hash |
| 30 | 4: bstr, ; Authority hash |
| 31 | } |