Home
Главная
Xiaomi
Смартфон
Redmi Note 8 Pro 64Gb+6Gb Dual LTE
Руководство по эксплуатации Страница: 123

Xiaomi Redmi Note 8 Pro 64Gb+6Gb Dual LTE [123/132] Keys and credentials

implementations support the feature, they:

[C-1-1] MUST declare the platform feature flag android.software.verified_boot .

[C-1-2] MUST perform verification on every boot sequence.

[C-1-3] MUST start verification from an immutable hardware key that is the root of trust

and go all the way up to the system partition.

[C-1-4] MUST implement each stage of verification to check the integrity and authenticity

of all the bytes in the next stage before executing the code in the next stage.

[C-1-5] MUST use verification algorithms as strong as current recommendations from

NIST for hashing algorithms (SHA-256) and public key sizes (RSA-2048).

[C-1-6] MUST NOT allow boot to complete when system verification fails, unless the user

consents to attempt booting anyway, in which case the data from any non-verified storage

blocks MUST not be used.

[C-1-7] MUST NOT allow verified partitions on the device to be modified unless the user

has explicitly unlocked the bootloader.

[C-SR] If there are multiple discrete chips in the device (e.g. radio, specialized image

processor), the boot process of each of those chips is STRONGLY RECOMMENDED to

verify every stage upon booting.

[C-1-8] MUST use tamper-evident storage: for storing whether the bootloader is unlocked.

Tamper-evident storage means that the bootloader can detect if the storage has been

tampered with from inside Android.

[C-1-9] MUST prompt the user, while using the device, and require physical confirmation

before allowing a transition from bootloader locked mode to bootloader unlocked mode.

[C-1-10] MUST implement rollback protection for partitions used by Android (e.g. boot,

system partitions) and use tamper-evident storage for storing the metadata used for

determining the minimum allowable OS version.

[C-SR] Are STRONGLY RECOMMENDED to verify all privileged app APK files with a chain

of trust rooted in /system , which is protected by Verified Boot.

[C-SR] Are STRONGLY RECOMMENDED to verify any executable artifacts loaded by a

privileged app from outside its APK file (such as dynamically loaded code or compiled

code) before executing them or STRONGLY RECOMMENDED not to execute them at all.

SHOULD implement rollback protection for any component with persistent firmware (e.g.

modem, camera) and SHOULD use tamper-evident storage for storing the metadata used

for determining the minimum allowable version.

If device implementations are already launched without supporting C-1-8 through C-1-10 on an

earlier version of Android and can not add support for these requirements with a system software

update, they MAY be exempted from the requirements.

The upstream Android Open Source Project provides a preferred implementation of this feature in the

external/avb/ repository, which can be integrated into the bootloader used for loading Android.

Device implementations:

[C-R] Are RECOMMENDED to support the Android Protected Confirmation API .

If device implementations support the Android Protected Confirmation API they:

[C-3-1] MUST report true for the ConfirmationPrompt.isSupported() API.

[C-3-2] MUST ensure that secure hardware takes full control of display in such a way that

Android OS cannot block it without detection by the secure hardware.

[C-3-3] MUST ensure that secure hardware takes full control of the touch screen.

9.11. Keys and Credentials

Page 123 of 132

Xiaomi Redmi Note 8 Pro 64Gb+6Gb Dual LTE [123/132] Keys and credentials

Содержание

Похожие устройства