Revert "pVM to use Secretkeeper protected secrets"
Revert submission 2705357-sk_vm
Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/builds/quarterdeck?branch=git_aosp-main-with-phones&target=aosp_oriole-trunk_staging-userdebug&lkgb=11221468&lkbb=11221626&fkbb=11221480
Reverted changes: /q/submissionid:2705357-sk_vm
Bug: 316391577
Change-Id: I8ba23154f91edd3bd239b8eb3a1240adbcb452ff
diff --git a/microdroid_manager/src/main.rs b/microdroid_manager/src/main.rs
index c94a937..9e167a4 100644
--- a/microdroid_manager/src/main.rs
+++ b/microdroid_manager/src/main.rs
@@ -105,6 +105,7 @@
MicrodroidError::PayloadInvalidConfig(msg) => {
(ErrorCode::PAYLOAD_INVALID_CONFIG, msg.to_string())
}
+
// Connection failure won't be reported to VS; return the default value
MicrodroidError::FailedToConnectToVirtualizationService(msg) => {
(ErrorCode::UNKNOWN, msg.to_string())
@@ -281,8 +282,7 @@
// To minimize the exposure to untrusted data, derive dice profile as soon as possible.
info!("DICE derivation for payload");
let dice_artifacts = dice_derivation(dice, &instance_data, &payload_metadata)?;
- let vm_secret =
- VmSecret::new(dice_artifacts, service).context("Failed to create VM secrets")?;
+ let vm_secret = VmSecret::new(dice_artifacts).context("Failed to create VM secrets")?;
if cfg!(dice_changes) {
// Now that the DICE derivation is done, it's ok to allow payload code to run.