Loading security/see/hwcrypto/aidl/vts/functional/Android.bp 0 → 100644 +83 −0 Original line number Diff line number Diff line // Copyright (C) 2024 The Android Open-Source Project // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package { default_applicable_licenses: ["Android-Apache-2.0"], } rust_defaults { name: "hw_crypto_hal_aidl_rust_defaults", enabled: false, rustlibs: [ "libbinder_rs", "android.hardware.security.see.hwcrypto-V1-rust", "liblogger", "liblog_rust", "libanyhow", "libvsock", "librpcbinder_rs", "librustutils", ], arch: { x86_64: { enabled: true, }, }, } rust_library { name: "libhwcryptohal_vts_test", crate_name: "hwcryptohal_vts_test", srcs: [ "lib.rs", ], defaults: [ "hw_crypto_hal_aidl_rust_defaults", ], } rust_binary { name: "wait_hw_crypto", prefer_rlib: true, defaults: [ "hw_crypto_hal_aidl_rust_defaults", ], srcs: ["wait_service.rs"], rustlibs: [ "libhwcryptohal_vts_test", "liblogger", "liblog_rust", "libanyhow", "libclap", ], } rust_test { name: "VtsAidlHwCryptoConnTest", srcs: ["connection_test.rs"], require_root: true, defaults: [ "hw_crypto_hal_aidl_rust_defaults", ], rustlibs: [ "libhwcryptohal_vts_test", ], data: [ ":trusty_test_vm_elf", ":trusty_test_vm_config", ":trusty_vm_launcher_sh", ":trusty_wait_ready_sh", ":wait_hw_crypto", ], } security/see/hwcrypto/aidl/vts/functional/AndroidTest.xml 0 → 100644 +56 −0 Original line number Diff line number Diff line <?xml version="1.0" encoding="utf-8"?> <!-- Copyright 2025 The Android Open Source Project Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <configuration description="Runs {MODULE}"> <!-- object type="module_controller" class="com.android.tradefed.testtype.suite.module.CommandSuccessModuleController" --> <!--Skip the test when trusty VM is not enabled. --> <!--option name="run-command" value="getprop trusty.test_vm.nonsecure_vm_ready | grep 1" /--> <!--/object--> <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer" /> <!-- Target Preparers - Run Shell Commands --> <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer"> <option name="cleanup" value="true" /> <option name="push-file" key="trusty-vm-launcher.sh" value="/data/local/tmp/trusty_test_vm/trusty-vm-launcher.sh" /> <option name="push-file" key="trusty-wait-ready.sh" value="/data/local/tmp/trusty_test_vm/trusty-wait-ready.sh" /> <option name="push-file" key="wait_hw_crypto" value="/data/local/tmp/trusty_test_vm/wait_hw_crypto" /> <option name="push-file" key="trusty-test_vm-config.json" value="/data/local/tmp/trusty_test_vm/trusty-test_vm-config.json" /> <option name="push-file" key="trusty_test_vm_elf" value="/data/local/tmp/trusty_test_vm/trusty_test_vm_elf" /> <option name="push-file" key="VtsAidlHwCryptoConnTest" value="/data/local/tmp/VtsAidlHwCryptoConnTest" /> </target_preparer> <target_preparer class="com.android.tradefed.targetprep.RunCommandTargetPreparer"> <option name="throw-if-cmd-fail" value="true" /> <!--Note: the first run-command shall not expect the background command to have started --> <option name="run-bg-command" value="sh /data/local/tmp/trusty_test_vm/trusty-vm-launcher.sh" /> <option name="run-command" value="sh /data/local/tmp/trusty_test_vm/trusty-wait-ready.sh" /> <option name="run-bg-command" value="start trusty-hwcryptohal" /> <option name="run-command" value="/data/local/tmp/trusty_test_vm/wait_hw_crypto" /> <option name="run-command" value="start storageproxyd_test_system" /> <option name="teardown-command" value="stop storageproxyd_test_system" /> <option name="teardown-command" value="stop trusty-hwcryptohal" /> <option name="teardown-command" value="killall storageproxyd_test_system || true" /> <option name="teardown-command" value="stop trusty-hwcryptohal" /> <option name="teardown-command" value="killall trusty || true" /> </target_preparer> <test class="com.android.tradefed.testtype.rust.RustBinaryTest" > <option name="test-device-path" value="/data/local/tmp" /> <option name="module-name" value="VtsAidlHwCryptoConnTest" /> <!-- Rust tests are run in parallel by default. Run these ones single-threaded, so that one test's secrets don't affect the behaviour of a different test. --> <option name="native-test-flag" value="--test-threads=1" /> </test> </configuration> security/see/hwcrypto/aidl/vts/functional/connection_test.rs 0 → 100644 +23 −0 Original line number Diff line number Diff line /* * Copyright (C) 2024 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ //! HwCrypto Connection tests. #[test] fn test_hwcrypto_key_connection() { let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey(); assert!(hw_crypto_key.is_ok(), "Couldn't get back a hwcryptokey binder object"); } security/see/hwcrypto/aidl/vts/functional/lib.rs 0 → 100644 +57 −0 Original line number Diff line number Diff line /* * Copyright (C) 2024 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ //! VTS test library for HwCrypto functionality. //! It provides the base clases necessaries to write HwCrypto VTS tests use anyhow::{Context, Result}; use binder::{ExceptionCode, FromIBinder, IntoBinderResult, ParcelFileDescriptor}; use rpcbinder::RpcSession; use vsock::VsockStream; use std::os::fd::{FromRawFd, IntoRawFd}; use std::fs::File; use std::io::Read; use rustutils::system_properties; use android_hardware_security_see_hwcrypto::aidl::android::hardware::security::see::hwcrypto::IHwCryptoKey::IHwCryptoKey; const HWCRYPTO_SERVICE_PORT: u32 = 4; /// Local function to connect to service pub fn connect_service<T: FromIBinder + ?Sized>( cid: u32, port: u32, ) -> Result<binder::Strong<T>, binder::StatusCode> { RpcSession::new().setup_preconnected_client(|| { let mut stream = VsockStream::connect_with_cid_port(cid, port).ok()?; let mut buffer = [0]; let _ = stream.read(&mut buffer); // SAFETY: ownership is transferred from stream to f let f = unsafe { File::from_raw_fd(stream.into_raw_fd()) }; Some(ParcelFileDescriptor::new(f).into_raw_fd()) }) } /// Get a HwCryptoKey binder service object pub fn get_hwcryptokey() -> Result<binder::Strong<dyn IHwCryptoKey>, binder::Status> { let cid = system_properties::read("trusty.test_vm.vm_cid") .context("couldn't get vm cid") .or_binder_exception(ExceptionCode::ILLEGAL_STATE)? .ok_or(ExceptionCode::ILLEGAL_STATE)? .parse::<u32>() .context("couldn't parse vm cid") .or_binder_exception(ExceptionCode::ILLEGAL_ARGUMENT)?; Ok(connect_service(cid, HWCRYPTO_SERVICE_PORT)?) } security/see/hwcrypto/aidl/vts/functional/wait_service.rs 0 → 100644 +47 −0 Original line number Diff line number Diff line // Copyright 2025, The Android Open Source Project // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //! Small utility to wait for hwcrypto service to be up use anyhow::{/*Context,*/ Result}; use clap::Parser; use log::info; use std::{thread, time}; #[derive(Parser)] /// Collection of CLI for trusty_security_vm_launcher pub struct Args { /// Number of repetitions for the wait #[arg(long, default_value_t = 20)] number_repetitions: u32, /// Delay between repetitiond #[arg(long, default_value_t = 2)] delay_between_repetitions: u32, } fn main() -> Result<()> { let args = Args::parse(); info!("Waiting for hwcrypto service"); let delay = time::Duration::new(args.delay_between_repetitions.into(), 0); for _ in 0..args.number_repetitions { let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey(); if hw_crypto_key.is_ok() { break; } thread::sleep(delay); } Ok(()) } Loading
security/see/hwcrypto/aidl/vts/functional/Android.bp 0 → 100644 +83 −0 Original line number Diff line number Diff line // Copyright (C) 2024 The Android Open-Source Project // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package { default_applicable_licenses: ["Android-Apache-2.0"], } rust_defaults { name: "hw_crypto_hal_aidl_rust_defaults", enabled: false, rustlibs: [ "libbinder_rs", "android.hardware.security.see.hwcrypto-V1-rust", "liblogger", "liblog_rust", "libanyhow", "libvsock", "librpcbinder_rs", "librustutils", ], arch: { x86_64: { enabled: true, }, }, } rust_library { name: "libhwcryptohal_vts_test", crate_name: "hwcryptohal_vts_test", srcs: [ "lib.rs", ], defaults: [ "hw_crypto_hal_aidl_rust_defaults", ], } rust_binary { name: "wait_hw_crypto", prefer_rlib: true, defaults: [ "hw_crypto_hal_aidl_rust_defaults", ], srcs: ["wait_service.rs"], rustlibs: [ "libhwcryptohal_vts_test", "liblogger", "liblog_rust", "libanyhow", "libclap", ], } rust_test { name: "VtsAidlHwCryptoConnTest", srcs: ["connection_test.rs"], require_root: true, defaults: [ "hw_crypto_hal_aidl_rust_defaults", ], rustlibs: [ "libhwcryptohal_vts_test", ], data: [ ":trusty_test_vm_elf", ":trusty_test_vm_config", ":trusty_vm_launcher_sh", ":trusty_wait_ready_sh", ":wait_hw_crypto", ], }
security/see/hwcrypto/aidl/vts/functional/AndroidTest.xml 0 → 100644 +56 −0 Original line number Diff line number Diff line <?xml version="1.0" encoding="utf-8"?> <!-- Copyright 2025 The Android Open Source Project Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <configuration description="Runs {MODULE}"> <!-- object type="module_controller" class="com.android.tradefed.testtype.suite.module.CommandSuccessModuleController" --> <!--Skip the test when trusty VM is not enabled. --> <!--option name="run-command" value="getprop trusty.test_vm.nonsecure_vm_ready | grep 1" /--> <!--/object--> <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer" /> <!-- Target Preparers - Run Shell Commands --> <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer"> <option name="cleanup" value="true" /> <option name="push-file" key="trusty-vm-launcher.sh" value="/data/local/tmp/trusty_test_vm/trusty-vm-launcher.sh" /> <option name="push-file" key="trusty-wait-ready.sh" value="/data/local/tmp/trusty_test_vm/trusty-wait-ready.sh" /> <option name="push-file" key="wait_hw_crypto" value="/data/local/tmp/trusty_test_vm/wait_hw_crypto" /> <option name="push-file" key="trusty-test_vm-config.json" value="/data/local/tmp/trusty_test_vm/trusty-test_vm-config.json" /> <option name="push-file" key="trusty_test_vm_elf" value="/data/local/tmp/trusty_test_vm/trusty_test_vm_elf" /> <option name="push-file" key="VtsAidlHwCryptoConnTest" value="/data/local/tmp/VtsAidlHwCryptoConnTest" /> </target_preparer> <target_preparer class="com.android.tradefed.targetprep.RunCommandTargetPreparer"> <option name="throw-if-cmd-fail" value="true" /> <!--Note: the first run-command shall not expect the background command to have started --> <option name="run-bg-command" value="sh /data/local/tmp/trusty_test_vm/trusty-vm-launcher.sh" /> <option name="run-command" value="sh /data/local/tmp/trusty_test_vm/trusty-wait-ready.sh" /> <option name="run-bg-command" value="start trusty-hwcryptohal" /> <option name="run-command" value="/data/local/tmp/trusty_test_vm/wait_hw_crypto" /> <option name="run-command" value="start storageproxyd_test_system" /> <option name="teardown-command" value="stop storageproxyd_test_system" /> <option name="teardown-command" value="stop trusty-hwcryptohal" /> <option name="teardown-command" value="killall storageproxyd_test_system || true" /> <option name="teardown-command" value="stop trusty-hwcryptohal" /> <option name="teardown-command" value="killall trusty || true" /> </target_preparer> <test class="com.android.tradefed.testtype.rust.RustBinaryTest" > <option name="test-device-path" value="/data/local/tmp" /> <option name="module-name" value="VtsAidlHwCryptoConnTest" /> <!-- Rust tests are run in parallel by default. Run these ones single-threaded, so that one test's secrets don't affect the behaviour of a different test. --> <option name="native-test-flag" value="--test-threads=1" /> </test> </configuration>
security/see/hwcrypto/aidl/vts/functional/connection_test.rs 0 → 100644 +23 −0 Original line number Diff line number Diff line /* * Copyright (C) 2024 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ //! HwCrypto Connection tests. #[test] fn test_hwcrypto_key_connection() { let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey(); assert!(hw_crypto_key.is_ok(), "Couldn't get back a hwcryptokey binder object"); }
security/see/hwcrypto/aidl/vts/functional/lib.rs 0 → 100644 +57 −0 Original line number Diff line number Diff line /* * Copyright (C) 2024 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ //! VTS test library for HwCrypto functionality. //! It provides the base clases necessaries to write HwCrypto VTS tests use anyhow::{Context, Result}; use binder::{ExceptionCode, FromIBinder, IntoBinderResult, ParcelFileDescriptor}; use rpcbinder::RpcSession; use vsock::VsockStream; use std::os::fd::{FromRawFd, IntoRawFd}; use std::fs::File; use std::io::Read; use rustutils::system_properties; use android_hardware_security_see_hwcrypto::aidl::android::hardware::security::see::hwcrypto::IHwCryptoKey::IHwCryptoKey; const HWCRYPTO_SERVICE_PORT: u32 = 4; /// Local function to connect to service pub fn connect_service<T: FromIBinder + ?Sized>( cid: u32, port: u32, ) -> Result<binder::Strong<T>, binder::StatusCode> { RpcSession::new().setup_preconnected_client(|| { let mut stream = VsockStream::connect_with_cid_port(cid, port).ok()?; let mut buffer = [0]; let _ = stream.read(&mut buffer); // SAFETY: ownership is transferred from stream to f let f = unsafe { File::from_raw_fd(stream.into_raw_fd()) }; Some(ParcelFileDescriptor::new(f).into_raw_fd()) }) } /// Get a HwCryptoKey binder service object pub fn get_hwcryptokey() -> Result<binder::Strong<dyn IHwCryptoKey>, binder::Status> { let cid = system_properties::read("trusty.test_vm.vm_cid") .context("couldn't get vm cid") .or_binder_exception(ExceptionCode::ILLEGAL_STATE)? .ok_or(ExceptionCode::ILLEGAL_STATE)? .parse::<u32>() .context("couldn't parse vm cid") .or_binder_exception(ExceptionCode::ILLEGAL_ARGUMENT)?; Ok(connect_service(cid, HWCRYPTO_SERVICE_PORT)?) }
security/see/hwcrypto/aidl/vts/functional/wait_service.rs 0 → 100644 +47 −0 Original line number Diff line number Diff line // Copyright 2025, The Android Open Source Project // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //! Small utility to wait for hwcrypto service to be up use anyhow::{/*Context,*/ Result}; use clap::Parser; use log::info; use std::{thread, time}; #[derive(Parser)] /// Collection of CLI for trusty_security_vm_launcher pub struct Args { /// Number of repetitions for the wait #[arg(long, default_value_t = 20)] number_repetitions: u32, /// Delay between repetitiond #[arg(long, default_value_t = 2)] delay_between_repetitions: u32, } fn main() -> Result<()> { let args = Args::parse(); info!("Waiting for hwcrypto service"); let delay = time::Duration::new(args.delay_between_repetitions.into(), 0); for _ in 0..args.number_repetitions { let hw_crypto_key = hwcryptohal_vts_test::get_hwcryptokey(); if hw_crypto_key.is_ok() { break; } thread::sleep(delay); } Ok(()) }
