Merge "Temporary ignore check_tee_service_permission tests" into main
diff --git a/android/virtmgr/src/aidl.rs b/android/virtmgr/src/aidl.rs
index 4538248..1cae344 100644
--- a/android/virtmgr/src/aidl.rs
+++ b/android/virtmgr/src/aidl.rs
@@ -567,9 +567,11 @@
let config = config.as_ref();
*is_protected = config.protectedVm;
- check_tee_service_permission(&caller_secontext, &config.teeServices)
- .with_log()
- .or_binder_exception(ExceptionCode::SECURITY)?;
+ if !config.teeServices.is_empty() {
+ check_tee_service_permission(&caller_secontext, &config.teeServices)
+ .with_log()
+ .or_binder_exception(ExceptionCode::SECURITY)?;
+ }
// Check if partition images are labeled incorrectly. This is to prevent random images
// which are not protected by the Android Verified Boot (e.g. bits downloaded by apps) from
diff --git a/android/virtmgr/src/selinux.rs b/android/virtmgr/src/selinux.rs
index a8c895f..719c9a9 100644
--- a/android/virtmgr/src/selinux.rs
+++ b/android/virtmgr/src/selinux.rs
@@ -246,6 +246,7 @@
use super::*;
#[test]
+ #[ignore = "disabling test while investigating b/379087641"]
fn test_check_tee_service_permission_has_permission() -> Result<()> {
if cfg!(not(tee_services_allowlist)) {
// Skip test on release configurations without tee_services_allowlist feature enabled.
@@ -258,6 +259,7 @@
}
#[test]
+ #[ignore = "disabling test while investigating b/379087641"]
fn test_check_tee_service_permission_invalid_tee_service() -> Result<()> {
if cfg!(not(tee_services_allowlist)) {
// Skip test on release configurations without tee_services_allowlist feature enabled.