Only require RKP on T+ chipsets
It turns out we had a bug (b/263844771) in how RKP support was
detected, and that was fixed. However, due to this bug, some S chipests
shipped without RKP support which is now required by the tests.
This change drops the RKP requirement from S chipsets. There should be
no new S chipsets, so this effectively grandfathers in the previous
ones that were skipped by the RKP VTS tests.
T+ tests (both VTS and other suites) will verify that RKP support is
there, so there is no gap introduced by this change.
Bug: 297139913
Test: VtsAidlKeyMintTargetTest
Change-Id: I387e5f058ada698747aac103c1745682291f2d1c
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 9f8593c..5f8ec0e 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -1300,15 +1300,12 @@
}
bool KeyMintAidlTestBase::IsRkpSupportRequired() const {
- if (get_vsr_api_level() >= __ANDROID_API_T__) {
- return true;
- }
-
- if (get_vsr_api_level() >= __ANDROID_API_S__) {
- return SecLevel() != SecurityLevel::STRONGBOX;
- }
-
- return false;
+ // This is technically not a match to the requirements for S chipsets,
+ // however when S shipped there was a bug in the test that skipped the
+ // tests if KeyMint 2 was not on the system. So we allowed many chipests
+ // to ship without RKP support. In T we hardened the requirements around
+ // support for RKP, so relax the test to match.
+ return get_vsr_api_level() >= __ANDROID_API_T__;
}
vector<uint32_t> KeyMintAidlTestBase::ValidKeySizes(Algorithm algorithm) {