Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 77d1670c authored by Orlando Arbildo's avatar Orlando Arbildo
Browse files

hwcryptohal: Adding test 

Adding first hwcrypto hal service VTS test.

Bug: 393162614
Test: cf build/ manual service use test
Change-Id: Ied8f30629ad8ecae04ba7e34e799375e7ce5a622
parent db53d0a5

security/see/hwcrypto/aidl/vts/functional/Android.bp

0 → 100644
+83 −0
Original line number Diff line number Diff line 
// Copyright (C) 2024 The Android Open-Source Project

//

// Licensed under the Apache License, Version 2.0 (the "License");

// you may not use this file except in compliance with the License.

// You may obtain a copy of the License at

//

//      http://www.apache.org/licenses/LICENSE-2.0

//

// Unless required by applicable law or agreed to in writing, software

// distributed under the License is distributed on an "AS IS" BASIS,

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

// See the License for the specific language governing permissions and

// limitations under the License.



package {

    default_applicable_licenses: ["Android-Apache-2.0"],

}



rust_defaults {

    name: "hw_crypto_hal_aidl_rust_defaults",

    enabled: false,

    rustlibs: [

        "libbinder_rs",

        "android.hardware.security.see.hwcrypto-V1-rust",

        "liblogger",

        "liblog_rust",

        "libanyhow",

        "libvsock",

        "librpcbinder_rs",

        "librustutils",

    ],

    arch: {

        x86_64: {

            enabled: true,

        },

    },

}



rust_library {

    name: "libhwcryptohal_vts_test",

    crate_name: "hwcryptohal_vts_test",

    srcs: [

        "lib.rs",

    ],

    defaults: [

        "hw_crypto_hal_aidl_rust_defaults",

    ],

}



rust_binary {

    name: "wait_hw_crypto",

    prefer_rlib: true,

    defaults: [

        "hw_crypto_hal_aidl_rust_defaults",

    ],

    srcs: ["wait_service.rs"],

    rustlibs: [

        "libhwcryptohal_vts_test",

        "liblogger",

        "liblog_rust",

        "libanyhow",

        "libclap",

    ],

}



rust_test {

    name: "VtsAidlHwCryptoConnTest",

    srcs: ["connection_test.rs"],

    require_root: true,

    defaults: [

        "hw_crypto_hal_aidl_rust_defaults",

    ],

    rustlibs: [

        "libhwcryptohal_vts_test",

    ],

    data: [

        ":trusty_test_vm_elf",

        ":trusty_test_vm_config",

        ":trusty_vm_launcher_sh",

        ":trusty_wait_ready_sh",

        ":wait_hw_crypto",

    ],

}

security/see/hwcrypto/aidl/vts/functional/AndroidTest.xml

0 → 100644
+56 −0
Original line number Diff line number Diff line 
<?xml version="1.0" encoding="utf-8"?>

<!--

  Copyright 2025 The Android Open Source Project



  Licensed under the Apache License, Version 2.0 (the "License");

  you may not use this file except in compliance with the License.

  You may obtain a copy of the License at



       http://www.apache.org/licenses/LICENSE-2.0



  Unless required by applicable law or agreed to in writing, software

  distributed under the License is distributed on an "AS IS" BASIS,

  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  See the License for the specific language governing permissions and

  limitations under the License.

  -->

    <configuration description="Runs {MODULE}">

    <!-- object type="module_controller" class="com.android.tradefed.testtype.suite.module.CommandSuccessModuleController" -->

        <!--Skip the test when trusty VM is not enabled. -->

        <!--option name="run-command" value="getprop trusty.test_vm.nonsecure_vm_ready | grep 1" /-->

    <!--/object-->

    <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer" />

    <!-- Target Preparers - Run Shell Commands -->

    <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">

        <option name="cleanup" value="true" />

        <option name="push-file" key="trusty-vm-launcher.sh" value="/data/local/tmp/trusty_test_vm/trusty-vm-launcher.sh" />

        <option name="push-file" key="trusty-wait-ready.sh" value="/data/local/tmp/trusty_test_vm/trusty-wait-ready.sh" />

        <option name="push-file" key="wait_hw_crypto" value="/data/local/tmp/trusty_test_vm/wait_hw_crypto" />

        <option name="push-file" key="trusty-test_vm-config.json" value="/data/local/tmp/trusty_test_vm/trusty-test_vm-config.json" />

        <option name="push-file" key="trusty_test_vm_elf" value="/data/local/tmp/trusty_test_vm/trusty_test_vm_elf" />

        <option name="push-file" key="VtsAidlHwCryptoConnTest" value="/data/local/tmp/VtsAidlHwCryptoConnTest" />

    </target_preparer>

    <target_preparer class="com.android.tradefed.targetprep.RunCommandTargetPreparer">

        <option name="throw-if-cmd-fail" value="true" />

        <!--Note: the first run-command shall not expect the background command to have started -->

        <option name="run-bg-command" value="sh /data/local/tmp/trusty_test_vm/trusty-vm-launcher.sh" />

        <option name="run-command" value="sh /data/local/tmp/trusty_test_vm/trusty-wait-ready.sh" />

        <option name="run-bg-command" value="start trusty-hwcryptohal" />

        <option name="run-command" value="/data/local/tmp/trusty_test_vm/wait_hw_crypto" />

        <option name="run-command" value="start storageproxyd_test_system" />

        <option name="teardown-command" value="stop storageproxyd_test_system" />

        <option name="teardown-command" value="stop trusty-hwcryptohal" />

        <option name="teardown-command" value="killall storageproxyd_test_system || true" />

        <option name="teardown-command" value="stop trusty-hwcryptohal" />

        <option name="teardown-command" value="killall trusty || true" />

    </target_preparer>



    <test class="com.android.tradefed.testtype.rust.RustBinaryTest" >

        <option name="test-device-path" value="/data/local/tmp" />

        <option name="module-name" value="VtsAidlHwCryptoConnTest" />

        <!-- Rust tests are run in parallel by default. Run these ones

            single-threaded, so that one test's secrets don't affect

            the behaviour of a different test. -->

        <option name="native-test-flag" value="--test-threads=1" />

    </test>

    </configuration>

security/see/hwcrypto/aidl/vts/functional/connection_test.rs

0 → 100644
+23 −0
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



//! HwCrypto Connection tests.



#[test]

fn test_hwcrypto_key_connection() {

    let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey();

    assert!(hw_crypto_key.is_ok(), "Couldn't get back a hwcryptokey binder object");

}

security/see/hwcrypto/aidl/vts/functional/lib.rs

0 → 100644
+57 −0
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



//! VTS test library for HwCrypto functionality.

//! It provides the base clases necessaries to write HwCrypto VTS tests



use anyhow::{Context, Result};

use binder::{ExceptionCode, FromIBinder, IntoBinderResult, ParcelFileDescriptor};

use rpcbinder::RpcSession;

use vsock::VsockStream;

use std::os::fd::{FromRawFd, IntoRawFd};

use std::fs::File;

use std::io::Read;

use rustutils::system_properties;

use android_hardware_security_see_hwcrypto::aidl::android::hardware::security::see::hwcrypto::IHwCryptoKey::IHwCryptoKey;



const HWCRYPTO_SERVICE_PORT: u32 = 4;



/// Local function to connect to service

pub fn connect_service<T: FromIBinder + ?Sized>(

    cid: u32,

    port: u32,

) -> Result<binder::Strong<T>, binder::StatusCode> {

    RpcSession::new().setup_preconnected_client(|| {

        let mut stream = VsockStream::connect_with_cid_port(cid, port).ok()?;

        let mut buffer = [0];

        let _ = stream.read(&mut buffer);

        // SAFETY: ownership is transferred from stream to f

        let f = unsafe { File::from_raw_fd(stream.into_raw_fd()) };

        Some(ParcelFileDescriptor::new(f).into_raw_fd())

    })

}



/// Get a HwCryptoKey binder service object

pub fn get_hwcryptokey() -> Result<binder::Strong<dyn IHwCryptoKey>, binder::Status> {

    let cid = system_properties::read("trusty.test_vm.vm_cid")

        .context("couldn't get vm cid")

        .or_binder_exception(ExceptionCode::ILLEGAL_STATE)?

        .ok_or(ExceptionCode::ILLEGAL_STATE)?

        .parse::<u32>()

        .context("couldn't parse vm cid")

        .or_binder_exception(ExceptionCode::ILLEGAL_ARGUMENT)?;

    Ok(connect_service(cid, HWCRYPTO_SERVICE_PORT)?)

}

security/see/hwcrypto/aidl/vts/functional/wait_service.rs

0 → 100644
+47 −0
Original line number Diff line number Diff line 
// Copyright 2025, The Android Open Source Project

//

// Licensed under the Apache License, Version 2.0 (the "License");

// you may not use this file except in compliance with the License.

// You may obtain a copy of the License at

//

//     http://www.apache.org/licenses/LICENSE-2.0

//

// Unless required by applicable law or agreed to in writing, software

// distributed under the License is distributed on an "AS IS" BASIS,

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

// See the License for the specific language governing permissions and

// limitations under the License.



//! Small utility to wait for hwcrypto service to be up



use anyhow::{/*Context,*/ Result};

use clap::Parser;

use log::info;

use std::{thread, time};



#[derive(Parser)]

/// Collection of CLI for trusty_security_vm_launcher

pub struct Args {

    /// Number of repetitions for the wait

    #[arg(long, default_value_t = 20)]

    number_repetitions: u32,



    /// Delay between repetitiond

    #[arg(long, default_value_t = 2)]

    delay_between_repetitions: u32,

}



fn main() -> Result<()> {

    let args = Args::parse();



    info!("Waiting for hwcrypto service");

    let delay = time::Duration::new(args.delay_between_repetitions.into(), 0);

    for _ in 0..args.number_repetitions {

        let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey();

        if hw_crypto_key.is_ok() {

            break;

        }

        thread::sleep(delay);

    }

    Ok(())

}