Merge "Added VTS tests for clearing operation slots after service death."

am: fd877b5479 Change-Id: I6cffe618012a38bc4b62943eb3d20edffe09ceee
2019-10-01 10:10:38 -07:00 · 2019-10-01 10:10:38 -07:00 · 2b3640a442
commit 2b3640a442
parent 06b758a918 fd877b5479
3 changed files with 101 additions and 5 deletions
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
@ -48,10 +48,11 @@ uint32_t KeymasterHidlTest::os_patch_level_;
 SecurityLevel KeymasterHidlTest::securityLevel_;
 hidl_string KeymasterHidlTest::name_;
 hidl_string KeymasterHidlTest::author_;
+string KeymasterHidlTest::service_name_;

-void KeymasterHidlTest::SetUpTestCase() {
-    string service_name = KeymasterHidlEnvironment::Instance()->getServiceName<IKeymasterDevice>();
-    keymaster_ = ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(service_name);
+void KeymasterHidlTest::InitializeKeymaster() {
+    service_name_ = KeymasterHidlEnvironment::Instance()->getServiceName<IKeymasterDevice>();
+    keymaster_ = ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(service_name_);
    ASSERT_NE(keymaster_, nullptr);

    ASSERT_TRUE(keymaster_
@ -62,18 +63,22 @@ void KeymasterHidlTest::SetUpTestCase() {
                        author_ = author;
                    })
                    .isOk());
+}
+
+void KeymasterHidlTest::SetUpTestCase() {
+
+    InitializeKeymaster();

    os_version_ = ::keymaster::GetOsVersion();
    os_patch_level_ = ::keymaster::GetOsPatchlevel();

    auto service_manager = android::hidl::manager::V1_0::IServiceManager::getService();
    ASSERT_NE(nullptr, service_manager.get());
-
    all_keymasters_.push_back(keymaster_);
    service_manager->listByInterface(
        IKeymasterDevice::descriptor, [&](const hidl_vec<hidl_string>& names) {
            for (auto& name : names) {
-                if (name == service_name) continue;
+                if (name == service_name_) continue;
                auto keymaster =
                    ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(name);
                ASSERT_NE(keymaster, nullptr);
@ -269,6 +274,13 @@ ErrorCode KeymasterHidlTest::GetCharacteristics(const HidlBuf& key_blob,
    return GetCharacteristics(key_blob, client_id, app_data, key_characteristics);
 }

+ErrorCode KeymasterHidlTest::GetDebugInfo(DebugInfo* debug_info) {
+    EXPECT_TRUE(keymaster_->getDebugInfo([&](const DebugInfo& hidl_debug_info) {
+      *debug_info = hidl_debug_info;
+    }).isOk());
+    return ErrorCode::OK;
+}
+
 ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const HidlBuf& key_blob,
                                   const AuthorizationSet& in_params, AuthorizationSet* out_params,
                                   OperationHandle* op_handle) {
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.h
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.h
@ -37,6 +37,7 @@ namespace test {

 using ::android::sp;
 using ::std::string;
+using hidl::base::V1_0::DebugInfo;

 class HidlBuf : public hidl_vec<uint8_t> {
    typedef hidl_vec<uint8_t> super;
@ -95,6 +96,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {

    // SetUpTestCase runs only once per test case, not once per test.
    static void SetUpTestCase();
+    static void InitializeKeymaster();
    static void TearDownTestCase() {
        keymaster_.clear();
        all_keymasters_.clear();
@ -140,6 +142,8 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
                                 const HidlBuf& app_data, KeyCharacteristics* key_characteristics);
    ErrorCode GetCharacteristics(const HidlBuf& key_blob, KeyCharacteristics* key_characteristics);

+    ErrorCode GetDebugInfo(DebugInfo* debug_info);
+
    ErrorCode Begin(KeyPurpose purpose, const HidlBuf& key_blob, const AuthorizationSet& in_params,
                    AuthorizationSet* out_params, OperationHandle* op_handle);
    ErrorCode Begin(KeyPurpose purpose, const AuthorizationSet& in_params,
@ -235,6 +239,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
    static SecurityLevel securityLevel_;
    static hidl_string name_;
    static hidl_string author_;
+    static string service_name_;
 };

 }  // namespace test
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@ -18,6 +18,7 @@
 #include <cutils/log.h>

 #include <iostream>
+#include <signal.h>

 #include <openssl/evp.h>
 #include <openssl/mem.h>
@ -4456,6 +4457,84 @@ TEST_F(UpgradeKeyTest, UpgradeKey) {
    EXPECT_EQ(result, std::make_pair(ErrorCode::OK, HidlBuf()));
 }

+
+using ClearOperationsTest = KeymasterHidlTest;
+
+/*
+ * ClearSlotsTest.TooManyOperations
+ *
+ * Verifies that TOO_MANY_OPERATIONS is returned after the max number of
+ * operations are started without being finished or aborted. Also verifies
+ * that aborting the operations clears the operations.
+ *
+ */
+TEST_F(ClearOperationsTest, TooManyOperations) {
+    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+                                             .Authorization(TAG_NO_AUTH_REQUIRED)
+                                             .RsaEncryptionKey(2048, 65537)
+                                             .Padding(PaddingMode::NONE)));
+
+    auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE);
+    int max_operations = SecLevel() == SecurityLevel::STRONGBOX ? 4 : 16;
+    OperationHandle op_handles[max_operations];
+    AuthorizationSet out_params;
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &(op_handles[i])));
+    }
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    // Try again just in case there's a weird overflow bug
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Abort(op_handles[i]));
+    }
+    EXPECT_EQ(ErrorCode::OK,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    AbortIfNeeded();
+}
+
+/*
+ * ClearSlotsTest.ServiceDeath
+ *
+ * Verifies that the service is restarted after death and the ongoing
+ * operations are cleared.
+ */
+TEST_F(ClearOperationsTest, ServiceDeath) {
+
+    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+                                             .Authorization(TAG_NO_AUTH_REQUIRED)
+                                             .RsaEncryptionKey(2048, 65537)
+                                             .Padding(PaddingMode::NONE)));
+
+    auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE);
+    int max_operations = SecLevel() == SecurityLevel::STRONGBOX ? 4 : 16;
+    OperationHandle op_handles[max_operations];
+    AuthorizationSet out_params;
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &(op_handles[i])));
+    }
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+
+    DebugInfo debug_info;
+    GetDebugInfo(&debug_info);
+    kill(debug_info.pid, SIGKILL);
+    // wait 1 second for keymaster to restart
+    sleep(1);
+    InitializeKeymaster();
+
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &(op_handles[i])));
+    }
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Abort(op_handles[i]));
+    }
+}
+
+
 }  // namespace test
 }  // namespace V4_0
 }  // namespace keymaster