Skip updating policy if existing one is same
There is no need of updating the sealing policy entry in Secretkeeper if
current one is the same.
Test: Builds
Bug: 331417880
Change-Id: I82b060413cf047fab01f75092c562ea8715b8cc7
diff --git a/core/src/store.rs b/core/src/store.rs
index 8341ba7..c768769 100644
--- a/core/src/store.rs
+++ b/core/src/store.rs
@@ -133,15 +133,17 @@
// Replace the entry with updated_sealing_policy.
if let Some(updated_sealing_policy) = updated_sealing_policy {
- chain_matches_policy(dice_chain, &updated_sealing_policy)
- .map_err(policy_err)?;
- let new_entry = Entry {
- secret: entry.secret.clone(),
- sealing_policy: updated_sealing_policy,
+ if entry.sealing_policy != updated_sealing_policy {
+ chain_matches_policy(dice_chain, &updated_sealing_policy)
+ .map_err(policy_err)?;
+ let new_entry = Entry {
+ secret: entry.secret.clone(),
+ sealing_policy: updated_sealing_policy,
+ }
+ .to_vec()
+ .map_err(serial_err)?;
+ self.secure_store.store(id, &new_entry).map_err(unexpected_err)?;
}
- .to_vec()
- .map_err(serial_err)?;
- self.secure_store.store(id, &new_entry).map_err(unexpected_err)?;
}
Ok(entry.secret)
}