Loading cmds/statsd/src/atoms.proto +109 −0 Original line number Diff line number Diff line Loading @@ -365,6 +365,7 @@ message Atom { NetworkDhcpRenewReported network_dhcp_renew_reported = 291 [(log_from_module) = "network_stack"]; NetworkValidationReported network_validation_reported = 292 [(log_from_module) = "network_stack"]; NetworkStackQuirkReported network_stack_quirk_reported = 293 [(log_from_module) = "network_stack"]; KeystoreKeyEventReported keystore_key_event_reported = 302; NetworkTetheringReported network_tethering_reported = 303 [(log_from_module) = "network_tethering"]; } Loading Loading @@ -7903,3 +7904,111 @@ message SupportedRadioAccessFamily { // See android.telephony.TelephonyManager.NetworkTypeBitMask. optional int64 network_type_bitmask = 1; } /** * Logs: i) creation of different types of cryptographic keys in the keystore, * ii) operations performed using the keys, * iii) attestation of the keys * Logged from: system/security/keystore/key_event_log_handler.cpp */ message KeystoreKeyEventReported { enum Algorithm { /** Asymmetric algorithms. */ RSA = 1; // 2 removed, do not reuse. EC = 3; /** Block cipher algorithms */ AES = 32; TRIPLE_DES = 33; /** MAC algorithms */ HMAC = 128; }; /** Algorithm associated with the key */ optional Algorithm algorithm = 1; /** Size of the key */ optional int32 key_size = 2; enum KeyOrigin { /** Generated in keymaster. Should not exist outside the TEE. */ GENERATED = 0; /** Derived inside keymaster. Likely exists off-device. */ DERIVED = 1; /** Imported into keymaster. Existed as cleartext in Android. */ IMPORTED = 2; /** Keymaster did not record origin. */ UNKNOWN = 3; /** Securely imported into Keymaster. */ SECURELY_IMPORTED = 4; }; /* Logs whether the key was generated, imported, securely imported, or derived.*/ optional KeyOrigin key_origin = 3; enum HardwareAuthenticatorType { NONE = 0; PASSWORD = 1; FINGERPRINT = 2; // Additional entries must be powers of 2. }; /** * What auth types does this key require? If none, * then no auth required. */ optional HardwareAuthenticatorType user_auth_type = 4; /** * If user authentication is required, is the requirement time based? If it * is not time based then this field will not be used and the key is per * operation. Per operation keys must be user authenticated on each usage. */ optional int32 user_auth_key_timeout_secs = 5; /** * padding mode, digest, block_mode and purpose should ideally be repeated * fields. However, since statsd does not support repeated fields in * pushed atoms, they are represented using bitmaps. */ /** Track which padding mode is being used.*/ optional int32 padding_mode_bitmap = 6; /** Track which digest is being used. */ optional int32 digest_bitmap = 7; /** Track what block mode is being used (for encryption). */ optional int32 block_mode_bitmap = 8; /** Track what purpose is this key serving. */ optional int32 purpose_bitmap = 9; enum EcCurve { P_224 = 0; P_256 = 1; P_384 = 2; P_521 = 3; }; /** Which ec curve was selected if elliptic curve cryptography is in use **/ optional EcCurve ec_curve = 10; enum KeyBlobUsageRequirements { STANDALONE = 0; REQUIRES_FILE_SYSTEM = 1; }; /** Standalone or is a file system required */ optional KeyBlobUsageRequirements key_blob_usage_reqs = 11; enum Type { KEY_OPERATION = 0; KEY_CREATION = 1; KEY_ATTESTATION = 2; } /** Key creation event, operation event or attestation event? */ optional Type type = 12; /** Was the key creation, operation, or attestation successful? */ optional bool was_successful = 13; /** Response code or error code */ optional int32 error_code = 14; } Loading
cmds/statsd/src/atoms.proto +109 −0 Original line number Diff line number Diff line Loading @@ -365,6 +365,7 @@ message Atom { NetworkDhcpRenewReported network_dhcp_renew_reported = 291 [(log_from_module) = "network_stack"]; NetworkValidationReported network_validation_reported = 292 [(log_from_module) = "network_stack"]; NetworkStackQuirkReported network_stack_quirk_reported = 293 [(log_from_module) = "network_stack"]; KeystoreKeyEventReported keystore_key_event_reported = 302; NetworkTetheringReported network_tethering_reported = 303 [(log_from_module) = "network_tethering"]; } Loading Loading @@ -7903,3 +7904,111 @@ message SupportedRadioAccessFamily { // See android.telephony.TelephonyManager.NetworkTypeBitMask. optional int64 network_type_bitmask = 1; } /** * Logs: i) creation of different types of cryptographic keys in the keystore, * ii) operations performed using the keys, * iii) attestation of the keys * Logged from: system/security/keystore/key_event_log_handler.cpp */ message KeystoreKeyEventReported { enum Algorithm { /** Asymmetric algorithms. */ RSA = 1; // 2 removed, do not reuse. EC = 3; /** Block cipher algorithms */ AES = 32; TRIPLE_DES = 33; /** MAC algorithms */ HMAC = 128; }; /** Algorithm associated with the key */ optional Algorithm algorithm = 1; /** Size of the key */ optional int32 key_size = 2; enum KeyOrigin { /** Generated in keymaster. Should not exist outside the TEE. */ GENERATED = 0; /** Derived inside keymaster. Likely exists off-device. */ DERIVED = 1; /** Imported into keymaster. Existed as cleartext in Android. */ IMPORTED = 2; /** Keymaster did not record origin. */ UNKNOWN = 3; /** Securely imported into Keymaster. */ SECURELY_IMPORTED = 4; }; /* Logs whether the key was generated, imported, securely imported, or derived.*/ optional KeyOrigin key_origin = 3; enum HardwareAuthenticatorType { NONE = 0; PASSWORD = 1; FINGERPRINT = 2; // Additional entries must be powers of 2. }; /** * What auth types does this key require? If none, * then no auth required. */ optional HardwareAuthenticatorType user_auth_type = 4; /** * If user authentication is required, is the requirement time based? If it * is not time based then this field will not be used and the key is per * operation. Per operation keys must be user authenticated on each usage. */ optional int32 user_auth_key_timeout_secs = 5; /** * padding mode, digest, block_mode and purpose should ideally be repeated * fields. However, since statsd does not support repeated fields in * pushed atoms, they are represented using bitmaps. */ /** Track which padding mode is being used.*/ optional int32 padding_mode_bitmap = 6; /** Track which digest is being used. */ optional int32 digest_bitmap = 7; /** Track what block mode is being used (for encryption). */ optional int32 block_mode_bitmap = 8; /** Track what purpose is this key serving. */ optional int32 purpose_bitmap = 9; enum EcCurve { P_224 = 0; P_256 = 1; P_384 = 2; P_521 = 3; }; /** Which ec curve was selected if elliptic curve cryptography is in use **/ optional EcCurve ec_curve = 10; enum KeyBlobUsageRequirements { STANDALONE = 0; REQUIRES_FILE_SYSTEM = 1; }; /** Standalone or is a file system required */ optional KeyBlobUsageRequirements key_blob_usage_reqs = 11; enum Type { KEY_OPERATION = 0; KEY_CREATION = 1; KEY_ATTESTATION = 2; } /** Key creation event, operation event or attestation event? */ optional Type type = 12; /** Was the key creation, operation, or attestation successful? */ optional bool was_successful = 13; /** Response code or error code */ optional int32 error_code = 14; }
