From 4f8cac2b798597d532ccf35ca10a9e1c3a47f48d Mon Sep 17 00:00:00 2001
From: Selene Huang <seleneh@google.com>
Date: Thu, 27 Aug 2020 01:58:04 -0700
Subject: keymaster_defs: Add missing tags added in KM 4.1 and earlier.

Test: N/A
Change-Id: Ie01cbc50d9bc77150adc46962d06cda2a7c1544a
Merged-In: Ie01cbc50d9bc77150adc46962d06cda2a7c1544a
---
 include/hardware/keymaster_defs.h | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/include/hardware/keymaster_defs.h b/include/hardware/keymaster_defs.h
index 2fbfe46d..d4b62b7e 100644
--- a/include/hardware/keymaster_defs.h
+++ b/include/hardware/keymaster_defs.h
@@ -115,8 +115,10 @@ typedef enum {
     KM_TAG_ALLOW_WHILE_ON_BODY = KM_BOOL | 506, /* Allow key to be used after authentication timeout
                                                  * if device is still on-body (requires secure
                                                  * on-body sensor. */
+    KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED = KM_BOOL | 507,/* Require test of user presence
+                                                           * to use this key. */
     KM_TAG_TRUSTED_CONFIRMATION_REQUIRED = KM_BOOL | 508, /* Require user confirmation through a
-                                                           * trusted UI to use this key */
+                                                           * trusted UI to use this key. */
     KM_TAG_UNLOCKED_DEVICE_REQUIRED = KM_BOOL | 509, /* Require the device screen to be unlocked if the
                                                       * key is used. */
 
@@ -162,10 +164,14 @@ typedef enum {
                                                             attestation */
     KM_TAG_ATTESTATION_ID_MODEL = KM_BYTES | 717,  /* Used to provide the device's model name to be
                                                       included in attestation */
-    KM_TAG_DEVICE_UNIQUE_ATTESTATION = KM_BOOL | 720,  /* Indicates StrongBox device-unique attestation
-                                                          is requested. */
+    KM_TAG_VENDOR_PATCHLEVEL =  KM_UINT | 718,     /* specifies the vendor image security patch
+                                                      level with which the key may be used */
+    KM_TAG_BOOT_PATCHLEVEL =  KM_UINT | 719,       /* specifies the boot image (kernel) security
+                                                      patch level with which the key may be used */
+    KM_TAG_DEVICE_UNIQUE_ATTESTATION = KM_BOOL | 720,  /* Indicates StrongBox device-unique
+                                                          attestation is requested. */
     KM_TAG_IDENTITY_CREDENTIAL_KEY = KM_BOOL | 721, /* This is an identity credential key */
-
+    KM_TAG_STORAGE_KEY = KM_BOOL | 722,             /* storage encryption key */
 
     /* Tags used only to provide data to or receive data from operations */
     KM_TAG_ASSOCIATED_DATA = KM_BYTES | 1000, /* Used to provide associated data for AEAD modes. */
@@ -177,8 +183,12 @@ typedef enum {
                                                * bits. */
 
     KM_TAG_RESET_SINCE_ID_ROTATION = KM_BOOL | 1004, /* Whether the device has beeen factory reset
-                                                        since the last unique ID rotation.  Used for
-                                                        key attestation. */
+                                                        since the last unique ID rotation.  Used
+                                                        for key attestation. */
+
+    KM_TAG_CONFIRMATION_TOKEN = KM_BYTES | 1005,     /* used to deliver a cryptographic token
+                                                        proving that the user confirmed a signing
+                                                        request. */
 } keymaster_tag_t;
 
 /**
-- 
cgit v1.2.3