Google Git
Sign in
pigweed / open-dice / 90ce0250e8fa4af1ee8c725e92de8b574cfadef8^! / .
commit90ce0250e8fa4af1ee8c725e92de8b574cfadef8[log] [tgz]
authorAlan Stokes <alanstokes@google.com>Tue Nov 21 16:12:33 2023 +0000
committerCQ Bot Account <pigweed-scoped@luci-project-accounts.iam.gserviceaccount.com>Tue Nov 21 16:12:33 2023 +0000
treeb4bc9e8872791d7680cb75cc3115143622a1391a
parent9c7394cad96a0a22793ec334fe520cd39277ab3b [diff]
Document the RKP VM marker

Bug: 312171054
Change-Id: I82ddb89aa0cb616ed9aef2a878eba973e449a6b5
Reviewed-on: https://pigweed-review.googlesource.com/c/open-dice/+/181691
Reviewed-by: Andrew Scull <ascull@google.com>
Commit-Queue: Alan Stokes <alanstokes@google.com>
Presubmit-Verified: CQ Bot Account <pigweed-scoped@luci-project-accounts.iam.gserviceaccount.com>

diff --git a/docs/android.md b/docs/android.md
index fd65f12..6398996 100644
--- a/docs/android.md
+++ b/docs/android.md

@@ -82,6 +82,29 @@
 Component&nbsp;version | -70003 | int&nbsp;/&nbsp;tstr | Version of the component
 Resettable             | -70004 | null                 | If present, key changes on factory reset
 Security&nbsp;version  | -70005 | uint                 | Machine-comparable, monotonically increasing version of the component where a greater value indicates a newer version, for example, the anti-rollback counter
+[RKP&nbsp;VM][rkp-vm]&nbsp;marker | -70006 | null      | If present, the component can take part in running a VM that can receive an attestation certificate from an [RKP Service][rkp-service].
+
+[rkp-vm]: https://android.googlesource.com/platform/packages/modules/Virtualization/+/main/service_vm/README.md#rkp-vm-remote-key-provisioning-virtual-machine
+[rkp-service]: https://source.android.com/docs/core/ota/modular-system/remote-key-provisioning#stack-architecture
+
+### RKP VM
+
+The RKP VM marker is used to distinguish the RKP VM from other components.
+
+When parsing a DICE chain compliant with this profile, there are multiple types
+of components that may be described by a given chain:
+1. RKP VM: If a DICE chain has zero or more certificates without the RKP VM
+   marker followed by one or more certificates with the marker, then that chain
+   describes an RKP VM. If there are further certificates without the RKP VM
+   marker, then the chain does not describe an RKP VM.
+
+   Implementations must include the first RPK VM marker as early as possible
+   after the point of divergence between TEE and non-TEE components in the DICE
+   chain, prior to loading the Android Bootloader (ABL).
+2. A TEE Component (e.g. KeyMint): If there are no certificates with the RKP VM
+   marker then it describes a TEE component.
+3. Other: Any component described by a DICE chain that does not match the above
+   two categories.
 
 ### Versions