diff options
| author | Seth Moore <sethmo@google.com> | 2022-04-20 14:34:34 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-04-20 14:34:34 +0000 |
| commit | 517e9b48b609e26225df8737d8fc73044ef228b6 (patch) | |
| tree | fa411119f67d3597e25350c97c0eeb6ab4dea79b | |
| parent | 7c22c650e087bb53aac68796c985567dea457c76 (diff) | |
| parent | bb485e4000ae58aa81a44986baf7ef55bb465a15 (diff) | |
| download | security-517e9b48b609e26225df8737d8fc73044ef228b6.tar.gz | |
Merge "Ensure that "rkp only" forces checks for rkp keys" am: cd6b6a7ff8 am: f16fb9f3a8 am: a454b17334 am: bb485e4000
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831
Change-Id: Ieb853ce55bc51613a61c0c1b5caf81504f04e6ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
| -rw-r--r-- | keystore2/src/remote_provisioning.rs | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/keystore2/src/remote_provisioning.rs b/keystore2/src/remote_provisioning.rs index afbf475c..8837d1c0 100644 --- a/keystore2/src/remote_provisioning.rs +++ b/keystore2/src/remote_provisioning.rs @@ -102,6 +102,9 @@ impl RemProvState { /// server, so unfortunately caching the presence or absence of the HAL is not enough to fully /// make decisions about the state of remote provisioning during runtime. fn check_rem_prov_enabled(&self, db: &mut KeystoreDB) -> Result<bool> { + if self.is_rkp_only { + return Ok(true); + } if !self.is_hal_present.load(Ordering::Relaxed) || get_remotely_provisioned_component(&self.security_level).is_err() { |