Revert "[avf] Adjust IRPC VTS tests to handle AVF in unsupported env"

Revert submission 2778549-expose-avf-rkp-hal Reason for revert: SELinux denial avc: denied { find } for pid=3400 uid=10085 name=android.hardware.security.keymint.IRemotelyProvisionedComponent/avf scontext=u:r:rkpdapp:s0:c85,c256,c512,c768 tcontext=u:object_r:avf_remotelyprovisionedcomponent_service:s0 tclass=service_manager permissive=0 Reverted changes: /q/submissionid:2778549-expose-avf-rkp-hal Bug: 308596709 Change-Id: Id6a930d16949389048713cef20dfa06cdbb9ac95
2026-02-01 16:50:18 +00:00 · 2023-10-31 15:01:15 +00:00
parent 87f8dce549
commit cdf9d2c936
2 changed files with 2 additions and 22 deletions
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -520,15 +520,6 @@ ErrMsgOr<std::unique_ptr<cppbor::Map>> parseAndValidateDeviceInfo(
                   std::to_string(info.versionNumber) + ").";
        }
    }
-    // Bypasses the device info validation since the device info in AVF is currently
-    // empty. Check b/299256925 for more information.
-    //
-    // TODO(b/300911665): This check is temporary and will be replaced once the markers
-    // on the DICE chain become available. We need to determine if the CSR is from the
-    // RKP VM using the markers on the DICE chain.
-    if (info.uniqueId == "AVF Remote Provisioning 1") {
-        return std::move(parsed);
-    }

    std::string error;
    std::string tmp;
--- a/security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -55,8 +55,6 @@ constexpr int32_t VERSION_WITH_SUPPORTED_NUM_KEYS_IN_CSR = 3;

 constexpr uint8_t MIN_CHALLENGE_SIZE = 0;
 constexpr uint8_t MAX_CHALLENGE_SIZE = 64;
-const string RKP_VM_INSTANCE_NAME =
-        "android.hardware.security.keymint.IRemotelyProvisionedComponent/avf";

 #define INSTANTIATE_REM_PROV_AIDL_TEST(name)                                         \
    GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(name);                             \
@@ -183,12 +181,7 @@ class VtsRemotelyProvisionedComponentTests : public testing::TestWithParam<std::
            provisionable_ = IRemotelyProvisionedComponent::fromBinder(binder);
        }
        ASSERT_NE(provisionable_, nullptr);
-        auto status = provisionable_->getHardwareInfo(&rpcHardwareInfo);
-        if (GetParam() == RKP_VM_INSTANCE_NAME &&
-            status.getExceptionCode() == EX_UNSUPPORTED_OPERATION) {
-            GTEST_SKIP() << "The RKP VM is not supported on this system.";
-        }
-        ASSERT_TRUE(status.isOk());
+        ASSERT_TRUE(provisionable_->getHardwareInfo(&rpcHardwareInfo).isOk());
    }

    static vector<string> build_params() {
@@ -214,11 +207,7 @@ TEST(NonParameterizedTests, eachRpcHasAUniqueId) {
        ASSERT_NE(rpc, nullptr);

        RpcHardwareInfo hwInfo;
-        auto status = rpc->getHardwareInfo(&hwInfo);
-        if (hal == RKP_VM_INSTANCE_NAME && status.getExceptionCode() == EX_UNSUPPORTED_OPERATION) {
-            GTEST_SKIP() << "The RKP VM is not supported on this system.";
-        }
-        ASSERT_TRUE(status.isOk());
+        ASSERT_TRUE(rpc->getHardwareInfo(&hwInfo).isOk());

        if (hwInfo.versionNumber >= VERSION_WITH_UNIQUE_ID_SUPPORT) {
            ASSERT_TRUE(hwInfo.uniqueId);