Fix documentation of EARLY_BOOT_ONLY tag in KeyMint Change-Id: Ib49ee844e43fc10d83e0dd8d3b3b92914059f6f8 Test: VtsAidlKeyMintTargetTest

commit: 1f71f2c4128e4970524508945c337535aa2d93fa [log] [tgz]
author: Shawn Willden <swillden@google.com> Tue Mar 23 12:29:04 2021 +0000
committer: Shawn Willden <swillden@google.com> Tue Mar 23 12:29:09 2021 +0000
tree: aa544f265d1467769f2b94d7ccccaa7913086f6b
parent: 2d56123a87a461dc4ef58fbfa51bb3a4294410dd [diff]
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index 6243bb9..cde1fc0 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl

@@ -249,8 +249,11 @@
     HARDWARE_TYPE = (1 << 28) /* TagType:ENUM */ | 304,
 
     /**
-     * Keys tagged with EARLY_BOOT_ONLY may only be used, or created, during early boot, until
-     * IKeyMintDevice::earlyBootEnded() is called.
+     * Keys tagged with EARLY_BOOT_ONLY may only be used during early boot, until
+     * IKeyMintDevice::earlyBootEnded() is called.  Early boot keys may be created after
+     * early boot.  Early boot keys may not be imprted at all, if Tag::EARLY_BOOT_ONLY is
+     * provided to IKeyMintDevice::importKey, the import must fail with
+     * ErrorCode::INVALID_ARGUMENT.
      */
     EARLY_BOOT_ONLY = (7 << 28) /* TagType:BOOL */ | 305,
commit	1f71f2c4128e4970524508945c337535aa2d93fa	[log] [tgz]
author	Shawn Willden <swillden@google.com>	Tue Mar 23 12:29:04 2021 +0000
committer	Shawn Willden <swillden@google.com>	Tue Mar 23 12:29:09 2021 +0000
tree	aa544f265d1467769f2b94d7ccccaa7913086f6b
parent	2d56123a87a461dc4ef58fbfa51bb3a4294410dd [diff]