diff options
| author | Unsuk Jung <unsuk@google.com> | 2015-06-09 20:21:51 +0000 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2015-06-09 20:21:51 +0000 |
| commit | 47968d066789c1ea6282f8c326463583342fc4bd (patch) | |
| tree | fac024a025487e802e290c6a9e9d02bffe46167f /src | |
| parent | 0450be7d8981d8bacad17c1a521be2231136c7de (diff) | |
| parent | 633fd6a9124f7b891774210d71d95fdca7a365cc (diff) | |
| download | source.android.com-47968d066789c1ea6282f8c326463583342fc4bd.tar.gz | |
am 633fd6a9: Merge "Docs: Clarify the definition of \'verified boot\'" into lmp-mr1-dev
* commit '633fd6a9124f7b891774210d71d95fdca7a365cc':
Docs: Clarify the definition of 'verified boot'
Diffstat (limited to 'src')
| -rw-r--r-- | src/compatibility/5.1/android-5.1-cdd.html | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/src/compatibility/5.1/android-5.1-cdd.html b/src/compatibility/5.1/android-5.1-cdd.html index 6a0a9d66..ef2cd351 100644 --- a/src/compatibility/5.1/android-5.1-cdd.html +++ b/src/compatibility/5.1/android-5.1-cdd.html @@ -4250,13 +4250,27 @@ feature dm-crypt.</p> <h2 id="9_10_verified_boot">9.10. Verified Boot</h2> +<p> +Verified boot is a feature that guarantees the integrity of the device software. +If a device implementation supports the feature, it MUST: +<ul> +<li>Declare the platform feature flag android.software.verified_boot</li> +<li>Perform verification on every boot sequence</li> +<li>Start verification from a hardware key that is the root of trust, and go +all the way up to the system partition</li> +<li>Implement each stage of verification to check the integrity and authenticity +of all the bytes in the next stage before executing the code in the next stage</li> +<li>Use verification algorithms as strong as current recommendations +from NIST for hashing algorithms (SHA-256) and public key sizes (RSA-2048)</li> +</ul> +</p> -<p>Device implementations SHOULD support verified boot for device integrity, and -if the feature is supported it MUST declare the platform feature flag -android.software.verified_boot. While this requirement is stated as SHOULD for -this version of the Android platform, it is <strong>very strongly RECOMMENDED</strong> as we expect this to change to MUST in the future versions of Android. The -upstream Android Open Source Project provides a preferred implementation of -this feature based on the linux kernel feature dm-verity.</p> +<p>Device implementations SHOULD support verified boot for device integrity. +While this requirement is SHOULD for this version of the Android platform, +it is <strong>strongly RECOMMENDED</strong> as we expect this to change to MUST +in future versions of Android. The upstream Android Open Source Project provides +a preferred implementation of this feature based on the linux kernel feature dm-verity. +</p> <h1 id="10_software_compatibility_testing">10. Software Compatibility Testing</h1> |