diff options
author | Seth Moore <sethmo@google.com> | 2022-04-20 11:39:51 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-04-20 11:39:51 +0000 |
commit | 19ddad06e3fe0860944c448e47ef1d9b3a0ade3d (patch) | |
tree | fa411119f67d3597e25350c97c0eeb6ab4dea79b | |
parent | a547f9090ad0b8260af73fc96fbf01ead2fc021e (diff) | |
parent | 075dae43fecd2b6f8e2c7b5dc55c3414cbbaf273 (diff) | |
download | security-19ddad06e3fe0860944c448e47ef1d9b3a0ade3d.tar.gz |
Merge "Ensure that "rkp only" forces checks for rkp keys" am: cd6b6a7ff8 am: f16fb9f3a8 am: a454b17334 am: bb485e4000 am: 075dae43fe
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831
Change-Id: I8bb9a0d45c4cc04d02d50adddc778fa6d6984f13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | keystore2/src/remote_provisioning.rs | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/keystore2/src/remote_provisioning.rs b/keystore2/src/remote_provisioning.rs index afbf475c..8837d1c0 100644 --- a/keystore2/src/remote_provisioning.rs +++ b/keystore2/src/remote_provisioning.rs @@ -102,6 +102,9 @@ impl RemProvState { /// server, so unfortunately caching the presence or absence of the HAL is not enough to fully /// make decisions about the state of remote provisioning during runtime. fn check_rem_prov_enabled(&self, db: &mut KeystoreDB) -> Result<bool> { + if self.is_rkp_only { + return Ok(true); + } if !self.is_hal_present.load(Ordering::Relaxed) || get_remotely_provisioned_component(&self.security_level).is_err() { |