Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 16:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "KeyMint VTS: option to skip BOOT_PATCHLEVEL check" am: 8aeb7ef2b4 am: 8a2977f698 am: 4f6428aada

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1907696

Change-Id: Ie04a421c549a5416aaf998bec27fb807c5ee802f
This commit is contained in:
David Drysdale
2021-12-02 19:11:19 +00:00
committed by Automerger Merge Worker
parent 8b035f0e23 4f6428aada
commit 8e2cc360ee
1 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
security/keymint/aidl/vts/functional/KeyMintTest.cpp
View File

@@ -69,6 +69,9 @@ namespace aidl::android::hardware::security::keymint::test {
namespace { namespace {
// Whether to check that BOOT_PATCHLEVEL is populated.
bool check_boot_pl = true;
// The maximum number of times we'll attempt to verify that corruption // The maximum number of times we'll attempt to verify that corruption
// of an encrypted blob results in an error. Retries are necessary as there // of an encrypted blob results in an error. Retries are necessary as there
// is a small (roughly 1/256) chance that corrupting ciphertext still results // is a small (roughly 1/256) chance that corrupting ciphertext still results
@@ -527,12 +530,17 @@ class NewKeyGenerationTest : public KeyMintAidlTestBase {
EXPECT_TRUE(os_pl); EXPECT_TRUE(os_pl);
EXPECT_EQ(*os_pl, os_patch_level()); EXPECT_EQ(*os_pl, os_patch_level());
// Should include vendor and boot patchlevels. // Should include vendor patchlevel.
auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL); auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL);
EXPECT_TRUE(vendor_pl); EXPECT_TRUE(vendor_pl);
EXPECT_EQ(*vendor_pl, vendor_patch_level()); EXPECT_EQ(*vendor_pl, vendor_patch_level());
auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);
EXPECT_TRUE(boot_pl); // Should include boot patchlevel (but there are some test scenarios where this is not
// possible).
if (check_boot_pl) {
auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);
EXPECT_TRUE(boot_pl);
}
return auths; return auths;
} }
@@ -6871,6 +6879,12 @@ int main(int argc, char** argv) {
} else { } else {
std::cout << "NOT dumping attestations" << std::endl; std::cout << "NOT dumping attestations" << std::endl;
} }
if (std::string(argv[i]) == "--skip_boot_pl_check") {
// Allow checks of BOOT_PATCHLEVEL to be disabled, so that the tests can
// be run in emulated environments that don't have the normal bootloader
// interactions.
aidl::android::hardware::security::keymint::test::check_boot_pl = false;
}
} }
} }
return RUN_ALL_TESTS(); return RUN_ALL_TESTS();