Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dbbbe2ea authored by David Drysdale's avatar David Drysdale
Browse files

KeyMint VTS: option to skip BOOT_PATCHLEVEL check 

The KeyMint spec requires that all generated keys include the
BOOT_PATCHLEVEL for the device.

However, the VTS test sometimes gets run in an environment where this
is not possible; specifically the Trusty QEMU tests don't have the
bootloader -> KeyMint communication that is needed to populate this
information.

Add a command line flag that disables checks for BOOT_PATCHLEVEL to
cope with these scenarios, making sure that it defaults to having the
checks enabled.

Test: VtsAidlKeyMintTargetTest
Change-Id: I215c8a18afbd68af199d49f74b977ad7cac6b805
parent 2edfc467

security/keymint/aidl/vts/functional/KeyMintTest.cpp

+17 −3
Original line number Original line Diff line number Diff line
@@ -69,6 +69,9 @@ namespace aidl::android::hardware::security::keymint::test { 




namespace {

namespace {





// Whether to check that BOOT_PATCHLEVEL is populated.

bool check_boot_pl = true;



// The maximum number of times we'll attempt to verify that corruption

// The maximum number of times we'll attempt to verify that corruption

// of an ecrypted blob results in an error. Retries are necessary as there

// of an ecrypted blob results in an error. Retries are necessary as there

// is a small (roughly 1/256) chance that corrupting ciphertext still results

// is a small (roughly 1/256) chance that corrupting ciphertext still results
@@ -527,12 +530,17 @@ class NewKeyGenerationTest : public KeyMintAidlTestBase { 
        EXPECT_TRUE(os_pl);

        EXPECT_TRUE(os_pl);

        EXPECT_EQ(*os_pl, os_patch_level());

        EXPECT_EQ(*os_pl, os_patch_level());





        // Should include vendor and boot patchlevels.

        // Should include vendor patchlevel.

        auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL);

        auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL);

        EXPECT_TRUE(vendor_pl);

        EXPECT_TRUE(vendor_pl);

        EXPECT_EQ(*vendor_pl, vendor_patch_level());

        EXPECT_EQ(*vendor_pl, vendor_patch_level());



        // Should include boot patchlevel (but there are some test scenarios where this is not

        // possible).

        if (check_boot_pl) {

            auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);

            auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);

            EXPECT_TRUE(boot_pl);

            EXPECT_TRUE(boot_pl);

        }





        return auths;

        return auths;

    }

    }
@@ -6871,6 +6879,12 @@ int main(int argc, char** argv) { 
            } else {

            } else {

                std::cout << "NOT dumping attestations" << std::endl;

                std::cout << "NOT dumping attestations" << std::endl;

            }

            }

            if (std::string(argv[i]) == "--skip_boot_pl_check") {

                // Allow checks of BOOT_PATCHLEVEL to be disabled, so that the tests can

                // be run in emulated environments that don't have the normal bootloader

                // interactions.

                aidl::android::hardware::security::keymint::test::check_boot_pl = false;

            }

        }

        }

    }

    }

    return RUN_ALL_TESTS();

    return RUN_ALL_TESTS();