From 0bd88b03b32d83f4fb6abbcfe837bcb85e97101c Mon Sep 17 00:00:00 2001 From: David Drysdale Date: Tue, 19 Dec 2023 11:27:53 +0000 Subject: [PATCH] Secretkeeper VTS: check for declared instances Calling binder::get_interface(name) for a name that isn't declared may take multiple seconds before failing. Restrict to looking for instance names that are declared. Also add a rustfmt.toml file, copied from system/secretkeeper/ Bug: 291228655 Test: VtsSecretkeeperTargetTest on Cuttlefish and Pixel8 Change-Id: I9972bc782fe99f5dc5c2dc3b74fa12a0e000ea6c --- security/secretkeeper/aidl/vts/rustfmt.toml | 1 + .../secretkeeper/aidl/vts/secretkeeper_test_client.rs | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 120000 security/secretkeeper/aidl/vts/rustfmt.toml diff --git a/security/secretkeeper/aidl/vts/rustfmt.toml b/security/secretkeeper/aidl/vts/rustfmt.toml new file mode 120000 index 0000000000..ed2086b56b --- /dev/null +++ b/security/secretkeeper/aidl/vts/rustfmt.toml @@ -0,0 +1 @@ +../../../../../../build/soong/scripts/rustfmt.toml \ No newline at end of file diff --git a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs index 6a70d023eb..118a7b2e19 100644 --- a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs +++ b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs @@ -35,7 +35,7 @@ use secretkeeper_comm::data_types::response::Response; use secretkeeper_comm::data_types::packet::{ResponsePacket, ResponseType}; const SECRETKEEPER_SERVICE: &str = "android.hardware.security.secretkeeper.ISecretkeeper"; -const SECRETKEEPER_INSTANCES: [&'static str; 2] = ["nonsecure", "default"]; +const SECRETKEEPER_INSTANCES: [&'static str; 2] = ["default", "nonsecure"]; const CURRENT_VERSION: u64 = 1; // TODO(b/291238565): This will change once libdice_policy switches to Explicit-key DiceCertChain @@ -75,9 +75,16 @@ fn get_connection() -> Option<(binder::Strong, String)> { // Initialize logging (which is OK to call multiple times). logger::init(logger::Config::default().with_min_level(log::Level::Debug)); + // Determine which instances are available. + let available = binder::get_declared_instances(SECRETKEEPER_SERVICE).unwrap_or_default(); + // TODO: replace this with a parameterized set of tests that run for each available instance of // ISecretkeeper (rather than having a fixed set of instance names to look for). for instance in &SECRETKEEPER_INSTANCES { + if available.iter().find(|s| s == instance).is_none() { + // Skip undeclared instances. + continue; + } let name = format!("{SECRETKEEPER_SERVICE}/{instance}"); match binder::get_interface(&name) { Ok(sk) => { @@ -92,6 +99,7 @@ fn get_connection() -> Option<(binder::Strong, String)> { } } } + info!("no Secretkeeper instances in {SECRETKEEPER_INSTANCES:?} are declared and present"); None }