From 16e344296576f34c417ab6c78f4d672b3002f377 Mon Sep 17 00:00:00 2001
From: Alice Wang <aliceywang@google.com>
Date: Fri, 7 Jun 2024 12:41:22 +0000
Subject: [PATCH] Skip CSR generation for AVF RKP HAL when it is not supported

Test: Run `adb shell rkp_factory_extraction_tool
--output_format build+csr` on a device AVF RKP HAL is unsupported

Change-Id: I8f1ffa63710be6f566fb6f0800c45f3cfb907d69
---
 provisioner/rkp_factory_extraction_lib.cpp  | 14 ++++++++++++++
 provisioner/rkp_factory_extraction_lib.h    |  4 ++++
 provisioner/rkp_factory_extraction_tool.cpp |  5 +++++
 3 files changed, 23 insertions(+)

diff --git a/provisioner/rkp_factory_extraction_lib.cpp b/provisioner/rkp_factory_extraction_lib.cpp
index b7e1e340..ec70d086 100644
--- a/provisioner/rkp_factory_extraction_lib.cpp
+++ b/provisioner/rkp_factory_extraction_lib.cpp
@@ -267,3 +267,17 @@ CborResult<Array> getCsr(std::string_view componentName, IRemotelyProvisionedCom
         return getCsrV3(componentName, irpc, selfTest);
     }
 }
+
+bool isRemoteProvisioningSupported(IRemotelyProvisionedComponent* irpc) {
+    RpcHardwareInfo hwInfo;
+    auto status = irpc->getHardwareInfo(&hwInfo);
+    if (status.isOk()) {
+        return true;
+    }
+    if (status.getExceptionCode() == EX_UNSUPPORTED_OPERATION) {
+        return false;
+    }
+    std::cerr << "Unexpected error when getting hardware info. Description: "
+              << status.getDescription() << "." << std::endl;
+    exit(-1);
+}
diff --git a/provisioner/rkp_factory_extraction_lib.h b/provisioner/rkp_factory_extraction_lib.h
index ae8ea6b6..93c498ad 100644
--- a/provisioner/rkp_factory_extraction_lib.h
+++ b/provisioner/rkp_factory_extraction_lib.h
@@ -53,3 +53,7 @@ getCsr(std::string_view componentName,
 void selfTestGetCsr(
     std::string_view componentName,
     aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent* irpc);
+
+// Returns true if the given IRemotelyProvisionedComponent supports remote provisioning.
+bool isRemoteProvisioningSupported(
+    aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent* irpc);
diff --git a/provisioner/rkp_factory_extraction_tool.cpp b/provisioner/rkp_factory_extraction_tool.cpp
index 62d62cf3..1cb11448 100644
--- a/provisioner/rkp_factory_extraction_tool.cpp
+++ b/provisioner/rkp_factory_extraction_tool.cpp
@@ -78,6 +78,11 @@ void writeOutput(const std::string instance_name, const Array& csr) {
 }
 
 void getCsrForIRpc(const char* descriptor, const char* name, IRemotelyProvisionedComponent* irpc) {
+    // AVF RKP HAL is not always supported, so we need to check if it is supported before
+    // generating the CSR.
+    if (std::string(name) == "avf" && !isRemoteProvisioningSupported(irpc)) {
+        return;
+    }
     auto [request, errMsg] = getCsr(name, irpc, FLAGS_self_test);
     auto fullName = getFullServiceName(descriptor, name);
     if (!request) {