Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 4c2b041a32d3ff32c8d01f2ed15d217757ee38c1^! / .
commit4c2b041a32d3ff32c8d01f2ed15d217757ee38c1[log] [tgz]
authorJanis Danisevskis <jdanis@google.com>Wed Mar 10 14:48:48 2021 -0800
committerJanis Danisevskis <jdanis@google.com>Wed Mar 17 08:17:12 2021 -0700
treeeb816b1c2204a9912b6e25e83f4b76712d24e491
parent7cbd32b2ac622d3971242ff6be357dfe43db81be [diff]
Keystore 2.0: Start keystore2 unconditionally.

Bug: 170144267
Test: N/A
Merged-In: Ia942a494c2af96a55d83a2495f4e5fba9eb77dff
Change-Id: Ia942a494c2af96a55d83a2495f4e5fba9eb77dff

diff --git a/identity/Credential.cpp b/identity/Credential.cpp
index 23e144f..bfc68bf 100644
--- a/identity/Credential.cpp
+++ b/identity/Credential.cpp

@@ -37,7 +37,6 @@
 #include <aidl/android/hardware/security/secureclock/TimeStampToken.h>
 #include <aidl/android/security/authorization/AuthorizationTokens.h>
 #include <aidl/android/security/authorization/IKeystoreAuthorization.h>
-#include <android/sysprop/Keystore2Properties.sysprop.h>
 
 #include "Credential.h"
 #include "CredentialData.h"
@@ -53,7 +52,6 @@
 using std::tuple;
 
 using android::security::keystore::IKeystoreService;
-using namespace android::sysprop;
 
 using ::android::hardware::identity::IWritableIdentityCredential;
 
@@ -429,7 +427,7 @@
         // not a guarantee and it's also not required.
         //
 
-        auto keystore2_status = Keystore2Properties::keystore2_enabled();
+        std::optional<bool> keystore2_status = {true};
         if (keystore2_status.has_value() && keystore2_status.value()) {
             if (!getTokensFromKeystore2(selectedChallenge_, data->getSecureUserId(),
                                         authTokenMaxAgeMillis, aidlAuthToken,

diff --git a/keystore2/keystore2.rc b/keystore2/keystore2.rc
index 2d1f05a..82bf3b8 100644
--- a/keystore2/keystore2.rc
+++ b/keystore2/keystore2.rc

@@ -6,14 +6,8 @@
 #
 # See system/core/init/README.md for information on the init.rc language.
 
-# Start Keystore 2 conditionally
-# TODO b/171563717 Remove when Keystore 2 migration is complete.
-on property:persist.android.security.keystore2.enable=true
-    enable keystore2
-
 service keystore2 /system/bin/keystore2 /data/misc/keystore
     class early_hal
     user keystore
     group keystore readproc log
     writepid /dev/cpuset/foreground/tasks
-    disabled