Making software km implementation both backup and default If there were no secure keymasters on a device, but software keymasters offered, then keystore would shuffle the software keymaster to the TRUSTED_ENVIRONMENT securityLevel keymaster slot and generate a software fallback keymaster. This change lets the software keymaster slot occupy both the default and software slot. A fallback keymaster implementation should only be invoked if there actually is no other keymaster implementation. Bug: 148773266 Test: atest KeyChainTests:com.android.keychain.tests.BasicKeyChainServiceTest#testAttestKeySucceedsOnGeneratedKey -- --abi x86 Change-Id: Ia845b6d8be85dcd6dfd3aecbb1dbda972e9cfff2

commit: cfc8b73b67b365c3c02b0d8a4ed1c0e7d031d4a9 [log] [tgz]
author: Max Bires <jbires@google.com> Sun Feb 16 15:19:06 2020 -0800
committer: Max Bires <jbires@google.com> Sun Feb 16 15:24:34 2020 -0800
tree: 13be3c257ac82194fc7069962c595e25bf70d855
parent: a3c549fe9cfe65b18b27491508196a4626390fee [diff]
diff --git a/keystore/keystore_main.cpp b/keystore/keystore_main.cpp
index 91ebd12..8e9c699 100644
--- a/keystore/keystore_main.cpp
+++ b/keystore/keystore_main.cpp

@@ -114,7 +114,6 @@
         LOG(WARNING) << "No secure Keymaster implementation found, but device offers insecure"
                         " Keymaster HAL. Using as default.";
         result[SecurityLevel::TRUSTED_ENVIRONMENT] = result[SecurityLevel::SOFTWARE];
-        result[SecurityLevel::SOFTWARE] = nullptr;
     }
     if (!result[SecurityLevel::SOFTWARE]) {
         auto fbdev = android::keystore::makeSoftwareKeymasterDevice();
commit	cfc8b73b67b365c3c02b0d8a4ed1c0e7d031d4a9	[log] [tgz]
author	Max Bires <jbires@google.com>	Sun Feb 16 15:19:06 2020 -0800
committer	Max Bires <jbires@google.com>	Sun Feb 16 15:24:34 2020 -0800
tree	13be3c257ac82194fc7069962c595e25bf70d855
parent	a3c549fe9cfe65b18b27491508196a4626390fee [diff]