diff options
| author | Unsuk Jung <unsuk@google.com> | 2015-06-09 19:28:54 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2015-06-09 19:28:54 +0000 |
| commit | 633fd6a9124f7b891774210d71d95fdca7a365cc (patch) | |
| tree | 5793e870690342f751ed87b9165f5b5575c2a030 | |
| parent | 25fd4e7a1d70540965c930ecebc4e37b1988abaa (diff) | |
| parent | 49f01bbf99743564090dd539e70dc28b47a5cdfd (diff) | |
| download | source.android.com-633fd6a9124f7b891774210d71d95fdca7a365cc.tar.gz | |
Merge "Docs: Clarify the definition of 'verified boot'" into lmp-mr1-dev
| -rw-r--r-- | src/compatibility/5.1/android-5.1-cdd.html | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/src/compatibility/5.1/android-5.1-cdd.html b/src/compatibility/5.1/android-5.1-cdd.html index 6a0a9d66..ef2cd351 100644 --- a/src/compatibility/5.1/android-5.1-cdd.html +++ b/src/compatibility/5.1/android-5.1-cdd.html @@ -4250,13 +4250,27 @@ feature dm-crypt.</p> <h2 id="9_10_verified_boot">9.10. Verified Boot</h2> +<p> +Verified boot is a feature that guarantees the integrity of the device software. +If a device implementation supports the feature, it MUST: +<ul> +<li>Declare the platform feature flag android.software.verified_boot</li> +<li>Perform verification on every boot sequence</li> +<li>Start verification from a hardware key that is the root of trust, and go +all the way up to the system partition</li> +<li>Implement each stage of verification to check the integrity and authenticity +of all the bytes in the next stage before executing the code in the next stage</li> +<li>Use verification algorithms as strong as current recommendations +from NIST for hashing algorithms (SHA-256) and public key sizes (RSA-2048)</li> +</ul> +</p> -<p>Device implementations SHOULD support verified boot for device integrity, and -if the feature is supported it MUST declare the platform feature flag -android.software.verified_boot. While this requirement is stated as SHOULD for -this version of the Android platform, it is <strong>very strongly RECOMMENDED</strong> as we expect this to change to MUST in the future versions of Android. The -upstream Android Open Source Project provides a preferred implementation of -this feature based on the linux kernel feature dm-verity.</p> +<p>Device implementations SHOULD support verified boot for device integrity. +While this requirement is SHOULD for this version of the Android platform, +it is <strong>strongly RECOMMENDED</strong> as we expect this to change to MUST +in future versions of Android. The upstream Android Open Source Project provides +a preferred implementation of this feature based on the linux kernel feature dm-verity. +</p> <h1 id="10_software_compatibility_testing">10. Software Compatibility Testing</h1> |