Keystore 2.0: Use preferred KM instance for level zero key. Prefer KM4.1 and higher over KM4.0 and lower, but prefer TEE over Strongbox if TEE meets the minimal requirements. Ignore-AOSP-First: No automerge path from AOSP. Bug: 187862706 Test: Manually tested by observing logs during boot. Merged-In: I1d27c80ef7c869b84b6d0c1a5d8eec287c242f6c Change-Id: I1d27c80ef7c869b84b6d0c1a5d8eec287c242f6c Merged-In: I1d27c80ef7c869b84b6d0c1a5d8eec287c242f6c

commit: 5c7482104f61d43b15f8421c3a5c546d16d0cd45 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Mon May 17 17:13:56 2021 -0700
committer: Janis Danisevskis <jdanis@google.com> Tue Jun 01 14:30:27 2021 -0700
tree: 33996d0771da7ed25f86b6ddbd5875b65eb13371
parent: 67f30564f44fa0b6c6e4e1b93b89f89b01f2d29e [diff] [blame]
diff --git a/keystore2/src/key_parameter.rs b/keystore2/src/key_parameter.rs
index 549f574..de142a7 100644
--- a/keystore2/src/key_parameter.rs
+++ b/keystore2/src/key_parameter.rs

@@ -825,6 +825,9 @@
     /// When deleted, the key is guaranteed to be permanently deleted and unusable
     #[key_param(tag = ROLLBACK_RESISTANCE, field = BoolValue)]
     RollbackResistance,
+    /// The Key shall only be used during the early boot stage
+    #[key_param(tag = EARLY_BOOT_ONLY, field = BoolValue)]
+    EarlyBootOnly,
     /// The date and time at which the key becomes active
     #[key_param(tag = ACTIVE_DATETIME, field = DateTime)]
     ActiveDateTime(i64),
commit	5c7482104f61d43b15f8421c3a5c546d16d0cd45	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Mon May 17 17:13:56 2021 -0700
committer	Janis Danisevskis <jdanis@google.com>	Tue Jun 01 14:30:27 2021 -0700
tree	33996d0771da7ed25f86b6ddbd5875b65eb13371
parent	67f30564f44fa0b6c6e4e1b93b89f89b01f2d29e [diff] [blame]