Update comment for the placeholder security version in microdroid
Bug: 378813154
Test: Only comment update
Change-Id: I8eb31e15d657ea13cd153ac8afe64042e94248dd
diff --git a/guest/microdroid_manager/src/dice.rs b/guest/microdroid_manager/src/dice.rs
index bf89358..dd5375f 100644
--- a/guest/microdroid_manager/src/dice.rs
+++ b/guest/microdroid_manager/src/dice.rs
@@ -153,7 +153,11 @@
subcomponents.into_iter().map(Subcomponent::into_value).collect::<Result<Vec<_>>>()?;
map.push((cbor!(-71002)?, cbor!(values)?));
}
- // Add a placeholder security version as it is required by the open-dice profile "Android.16"
+ // Add a placeholder security version as it is required by the open-dice profile "Android.16".
+ // Note: The DICE certificate derived in microdroid_manager primarily describes the APKs/APEXs
+ // loaded by microdroid_manager. Each APK/APEX is described separately with its own security
+ // version as a subcomponent within the certificate's config descriptor.
+ // Therefore, the global security version below (for the entire certificate) is unused.
map.push((cbor!(-70005)?, cbor!(0)?));
Ok(Value::Map(map).to_vec()?)
}