commit 7fd57ddbbf2664689e1581387671e166dc963fb5
author Matt Gilbride <mattgilbride@google.com> Thu Dec 05 18:56:26 2024 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Thu Dec 05 18:56:26 2024 +0000
tree caa089a0de4f395e5a4b2d2fd7453e92d19c60db
parent 589b2d687822394f55b35a10e4c718f8ad097e80
parent ac7db22cc715269cea41018f8ea49b13fb3b5f01

Merge "Only interact with secretkeeper in updatable VMs" into main am: 2673be1565 am: ac7db22cc7

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Virtualization/+/3391444

Change-Id: If0346112463a2f3a12c7e4b3ab27e9b4654e5959
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

android/virtmgr/src/aidl.rs

diff --git a/android/virtmgr/src/aidl.rs b/android/virtmgr/src/aidl.rs
index 0f81f3d..e9074c6 100644
--- a/android/virtmgr/src/aidl.rs
+++ b/android/virtmgr/src/aidl.rs
@@ -889,34 +889,18 @@
         .context("Failed to extract vendor hashtree digest")
         .or_service_specific_exception(-1)?;
 
-    let vendor_hashtree_digest = if let Some(ref vendor_hashtree_digest) = vendor_hashtree_digest {
+    let mut trusted_props = if let Some(ref vendor_hashtree_digest) = vendor_hashtree_digest {
         info!(
             "Passing vendor hashtree digest to pvmfw. This will be rejected if it doesn't \
                 match the trusted digest in the pvmfw config, causing the VM to fail to start."
         );
-        Some((cstr!("vendor_hashtree_descriptor_root_digest"), vendor_hashtree_digest.as_slice()))
+        vec![(cstr!("vendor_hashtree_descriptor_root_digest"), vendor_hashtree_digest.as_slice())]
     } else {
-        None
+        vec![]
     };
 
-    let key_material;
-    let secretkeeper_public_key = if is_secretkeeper_supported() {
-        let sk: Strong<dyn ISecretkeeper> = binder::wait_for_interface(SECRETKEEPER_IDENTIFIER)?;
-        if sk.getInterfaceVersion()? >= 2 {
-            let PublicKey { keyMaterial } = sk.getSecretkeeperIdentity()?;
-            key_material = keyMaterial;
-            Some((cstr!("secretkeeper_public_key"), key_material.as_slice()))
-        } else {
-            None
-        }
-    } else {
-        None
-    };
-
-    let trusted_props: Vec<(&CStr, &[u8])> =
-        vec![vendor_hashtree_digest, secretkeeper_public_key].into_iter().flatten().collect();
-
     let instance_id;
+    let key_material;
     let mut untrusted_props = Vec::with_capacity(2);
     if cfg!(llpvm_changes) {
         instance_id = extract_instance_id(config);
@@ -925,7 +909,14 @@
         if want_updatable && is_secretkeeper_supported() {
             // Let guest know that it can defer rollback protection to Secretkeeper by setting
             // an empty property in untrusted node in DT. This enables Updatable VMs.
-            untrusted_props.push((cstr!("defer-rollback-protection"), &[]))
+            untrusted_props.push((cstr!("defer-rollback-protection"), &[]));
+            let sk: Strong<dyn ISecretkeeper> =
+                binder::wait_for_interface(SECRETKEEPER_IDENTIFIER)?;
+            if sk.getInterfaceVersion()? >= 2 {
+                let PublicKey { keyMaterial } = sk.getSecretkeeperIdentity()?;
+                key_material = keyMaterial;
+                trusted_props.push((cstr!("secretkeeper_public_key"), key_material.as_slice()));
+            }
         }
     }