init/quirks/soc/mtk_trustkernel.cpp

@@ -9,7 +9,6 @@
 
 #include <cstdlib>
 #include <filesystem>
-#include <map>
 #include <optional>
 #include <string>
 #include <utility>
@@ -19,11 +18,6 @@ using namespace std;
 #define AVB_PROP_OS_VERSION "com.android.build.boot.os_version"
 #define AVB_PROP_SPL "com.android.build.boot.security_patch"
 
-map<int, string> api_to_version{
-    {30, "11"}, {31, "12"}, {32, "12L"},
-    {33, "13"}, {34, "14"}
-};
-
 optional<pair<string, string>> try_get_spl() {
     string boot_part = "/dev/block/by-name/boot" + android::base::GetProperty("ro.boot.slot_suffix", "");
 
@@ -56,7 +50,9 @@ optional<pair<string, string>> try_get_spl() {
 class MtkTkQuirk : DeviceQuirk {
 public:
     bool ShouldRun() {
-        return filesystem::exists("/proc/tkcore/tkcore_log");
+        return filesystem::exists("/proc/tkcore/tkcore_log")
+                 // No longer an issue after MediaTek upgraded to KeyMint AIDL services
+                 && !filesystem::exists("/vendor/bin/hw/android.hardware.security.keymint-service.trustkernel");
     }
 
     void Run() {
@@ -65,27 +61,13 @@ public:
         android::base::SetProperty("ro.keymaster.brn", "Android");
         android::base::SetProperty("ro.keymaster.mod", "AOSP on ARM64");
 
-	string release = android::base::GetProperty("ro.vendor.build.version.release", "11");
-	string spl = android::base::GetProperty("ro.vendor.build.version.security_patch", "2023-01-05");
         auto res = try_get_spl();
 
         if (res) {
-            release = res->first;
+            android::base::SetProperty("ro.keymaster.xxx.release", res->first);
-            spl = res->second;
+            android::base::SetProperty("ro.keymaster.xxx.security_patch", res->second);
         }
 
-        // With GRF, release version from vendor or boot may not be what we need
-        int first_api_level = android::base::GetIntProperty("ro.product.first_api_level", 30);
-        if (api_to_version.count(first_api_level) > 0) {
-            string release_from_first_api = api_to_version[first_api_level];
-            if (stoi(release_from_first_api) >= stoi(release)) {
-                release = release_from_first_api;
-            }
-        }
-
-        android::base::SetProperty("ro.keymaster.xxx.release", release);
-        android::base::SetProperty("ro.keymaster.xxx.security_patch", spl);
-
         android::base::SetProperty("ctl.restart", "teed");
     }
 };

sepolicy/private/keymaster.te

@@ -1,9 +1,7 @@
 # Access to fake keymaster SPL/Android version props -- from TrebleDroid
 get_prop(hal_keymaster, default_prop);
-get_prop(hal_keymint, default_prop);
 get_prop(tee, default_prop);
 
 get_prop(hal_keymaster, system_prop);
-get_prop(hal_keymint, system_prop);
 
 get_prop(hal_gatekeeper, system_prop);