diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-06-03 18:16:17 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-06-03 18:16:17 +0000 |
commit | 1e996d7d2332033bcbc60d1465bf5c0ddac9af2a (patch) | |
tree | 9194ea173d28ec1e64a3791bb6b5351c8664eccf | |
parent | 9d10a07d20b2dee4cb9ed36ceadf2194b7b9cda0 (diff) | |
parent | d337c7727196f42af70aa93ab84f7c8b48cd9486 (diff) | |
download | security-1e996d7d2332033bcbc60d1465bf5c0ddac9af2a.tar.gz |
Snap for 8680285 from d337c7727196f42af70aa93ab84f7c8b48cd9486 to mainline-go-permission-release
Change-Id: I34017eba836ad90439ff1ac847997ee3d5372108
-rw-r--r-- | keystore2/src/database.rs | 16 | ||||
-rw-r--r-- | ondevice-signing/odsign_main.cpp | 6 |
2 files changed, 13 insertions, 9 deletions
diff --git a/keystore2/src/database.rs b/keystore2/src/database.rs index 6b74e3c8..a3979bd5 100644 --- a/keystore2/src/database.rs +++ b/keystore2/src/database.rs @@ -2893,33 +2893,33 @@ impl KeystoreDB { "DELETE FROM persistent.keymetadata WHERE keyentryid IN ( SELECT id FROM persistent.keyentry - WHERE domain = ? AND namespace = ? AND key_type = ? + WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?) );", - params![domain.0, namespace, KeyType::Client], + params![domain.0, namespace, KeyType::Client, KeyType::Attestation], ) .context("Trying to delete keymetadata.")?; tx.execute( "DELETE FROM persistent.keyparameter WHERE keyentryid IN ( SELECT id FROM persistent.keyentry - WHERE domain = ? AND namespace = ? AND key_type = ? + WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?) );", - params![domain.0, namespace, KeyType::Client], + params![domain.0, namespace, KeyType::Client, KeyType::Attestation], ) .context("Trying to delete keyparameters.")?; tx.execute( "DELETE FROM persistent.grant WHERE keyentryid IN ( SELECT id FROM persistent.keyentry - WHERE domain = ? AND namespace = ? AND key_type = ? + WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?) );", - params![domain.0, namespace, KeyType::Client], + params![domain.0, namespace, KeyType::Client, KeyType::Attestation], ) .context("Trying to delete grants.")?; tx.execute( "DELETE FROM persistent.keyentry - WHERE domain = ? AND namespace = ? AND key_type = ?;", - params![domain.0, namespace, KeyType::Client], + WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?);", + params![domain.0, namespace, KeyType::Client, KeyType::Attestation], ) .context("Trying to delete keyentry.")?; Ok(()).need_gc() diff --git a/ondevice-signing/odsign_main.cpp b/ondevice-signing/odsign_main.cpp index 04679a59..c45e3085 100644 --- a/ondevice-signing/odsign_main.cpp +++ b/ondevice-signing/odsign_main.cpp @@ -374,7 +374,11 @@ art::odrefresh::ExitCode CheckCompOsPendingArtifacts(const SigningKey& signing_k if (!directoryHasContent(kCompOsPendingArtifactsDir)) { // No pending CompOS artifacts, all that matters is the current ones. - return checkArtifacts(); + art::odrefresh::ExitCode odrefresh_status = checkArtifacts(); + if (odrefresh_status == art::odrefresh::ExitCode::kOkay) { + compos_check_record->current_artifacts_ok = true; + } + return odrefresh_status; } compos_check_record->comp_os_pending_artifacts_exists = true; |