Revert "[avf][rkp] Allow virtualizationservice to register RKP H..."

Revert submission 2778549-expose-avf-rkp-hal

Reason for revert: SELinux denial
avc:  denied  { find } for pid=3400 uid=10085 name=android.hardware.security.keymint.IRemotelyProvisionedComponent/avf scontext=u:r:rkpdapp:s0:c85,c256,c512,c768 tcontext=u:object_r:avf_remotelyprovisionedcomponent_service:s0 tclass=service_manager permissive=0


Reverted changes: /q/submissionid:2778549-expose-avf-rkp-hal

Bug: 308596709
Change-Id: If8e448e745f2701cf00e7757d0a079d8700d43c0

build/soong/service_fuzzer_bindings.go

@@ -174,7 +174,6 @@ var (
 		"android.service.gatekeeper.IGateKeeperService":                   []string{"gatekeeperd_service_fuzzer"},
 		"android.system.composd":                                          EXCEPTION_NO_FUZZER,
 		// TODO(b/294158658): add fuzzer
-		"android.hardware.security.keymint.IRemotelyProvisionedComponent/avf": EXCEPTION_NO_FUZZER,
 		"android.system.virtualizationservice":                            EXCEPTION_NO_FUZZER,
 		"android.system.virtualizationservice_internal.IVfioHandler":      EXCEPTION_NO_FUZZER,
 		"ambient_context":                                                 EXCEPTION_NO_FUZZER,

private/compat/34.0/34.0.ignore.cil

@@ -6,7 +6,6 @@
 (typeattributeset new_objects
   ( new_objects
     archive_service
-    avf_remotelyprovisionedcomponent_service
     dtbo_block_device
     ota_build_prop
     snapuserd_log_data_file

private/service_contexts

@@ -91,7 +91,6 @@ android.hardware.radio.voice.IRadioVoice/slot3                       u:object_r:
 android.hardware.rebootescrow.IRebootEscrow/default                  u:object_r:hal_rebootescrow_service:s0
 android.hardware.security.keymint.IKeyMintDevice/default             u:object_r:hal_keymint_service:s0
 android.hardware.security.keymint.IRemotelyProvisionedComponent/default u:object_r:hal_remotelyprovisionedcomponent_service:s0
-android.hardware.security.keymint.IRemotelyProvisionedComponent/avf     u:object_r:avf_remotelyprovisionedcomponent_service:s0
 android.hardware.gatekeeper.IGatekeeper/default                      u:object_r:hal_gatekeeper_service:s0
 android.hardware.security.secureclock.ISecureClock/default             u:object_r:hal_secureclock_service:s0
 android.hardware.security.sharedsecret.ISharedSecret/default             u:object_r:hal_sharedsecret_service:s0

private/virtualizationservice.te

@@ -15,9 +15,6 @@ binder_use(virtualizationservice)
 # Let the virtualizationservice domain register the virtualization_service with ServiceManager.
 add_service(virtualizationservice, virtualization_service)
 
-# Allow registering as a remotely provisioned component for pVM remote attestation.
-add_service(virtualizationservice, avf_remotelyprovisionedcomponent_service)
-
 # Let virtualizationservice find and communicate with vfio_handler.
 allow virtualizationservice vfio_handler_service:service_manager find;
 binder_call(virtualizationservice, vfio_handler)

public/service.te

@@ -315,7 +315,6 @@ type hal_power_stats_service, protected_service, hal_service_type, service_manag
 type hal_radio_service, protected_service, hal_service_type, service_manager_type;
 type hal_rebootescrow_service, protected_service, hal_service_type, service_manager_type;
 type hal_remoteaccess_service, protected_service, hal_service_type, service_manager_type;
-type avf_remotelyprovisionedcomponent_service, protected_service, hal_service_type, service_manager_type;
 type hal_remotelyprovisionedcomponent_service, protected_service, hal_service_type, service_manager_type;
 type hal_sensors_service, protected_service, hal_service_type, service_manager_type;
 type hal_secureclock_service, protected_service, hal_service_type, service_manager_type;