[go: nahoru, domu]
Google Git
Sign in
android / platform / compatibility / cdd / 0a6568fd22d9779a5bc9df8020f09196c305d424
commit0a6568fd22d9779a5bc9df8020f09196c305d424[log] [tgz]
authorDavid Zeuthen <zeuthen@google.com>Mon Jul 09 17:48:48 2018 -0400
committerXin Li <delphij@google.com>Wed Aug 01 18:33:04 2018 +0000
tree5b9823cfb22f4a76f498fdd13831e03feca89b0b
parent11164c5bc05ddabc2f33bb3f3848493280daaf6c [diff]
CDD: 9.10. Device Integrity: Change verified boot items from SR to MUST.

Change STRONGLY RECOMMENDED to MUST for verified boot items and slight
cleanup of language used:

 - MUST use tamper-evident storage: for storing whether the bootloader
   is unlocked. Tamper-evident storage means that the boot loader can
   detect if the storage has been tampered with from inside Android.

 - MUST prompt the user, while using the device, and require physical
   confirmation before allowing a transition from boot loader locked
   mode to boot loader unlocked mode.

 - MUST implement rollback protection for the partitions used by
   Android (e.g. boot, system partitions) and use tamper-evident
   storage for storing the metadata used for determining the minimum
   allowable OS version.

Test: n/a
Bug: 72919368
Change-Id: Ifcb0c994cb86f92a422dcde6fa6da1ca064d4ca0
1 file changed
tree: 5b9823cfb22f4a76f498fdd13831e03feca89b0b
  1. 10_software-compatibility-testing/
  2. 11_updatable-software/
  3. 12_document-changelog/
  4. 13_contact-us/
  5. 1_introduction/
  6. 2_device-types/
  7. 3_software/
  8. 4_application-packaging/
  9. 5_multimedia/
  10. 6_dev-tools-and-options/
  11. 7_hardware-compatibility/
  12. 8_performance-and-power/
  13. 9_security-model/
  14. source/
  15. cdd_gen.sh
  16. make_cdd.py
  17. OWNERS