CDD: 9.10. Device Integrity: Change verified boot items from SR to MUST.
Change STRONGLY RECOMMENDED to MUST for verified boot items and slight
cleanup of language used:
- MUST use tamper-evident storage: for storing whether the bootloader
is unlocked. Tamper-evident storage means that the boot loader can
detect if the storage has been tampered with from inside Android.
- MUST prompt the user, while using the device, and require physical
confirmation before allowing a transition from boot loader locked
mode to boot loader unlocked mode.
- MUST implement rollback protection for the partitions used by
Android (e.g. boot, system partitions) and use tamper-evident
storage for storing the metadata used for determining the minimum
allowable OS version.
Test: n/a
Bug: 72919368
Change-Id: Ifcb0c994cb86f92a422dcde6fa6da1ca064d4ca0
1 file changed