tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Correct AttestKey test that checks Qualcomm's SPU waiver.

Browse source 
The test exempted KeyMint on the affected chips from having to implement
ATTEST_KEY if they have StrongBox in all Android releases from Android S
onwards, but the waiver was given only for Android S and T.  This CL
changes the test to reinstate the requirement after Android T.

Test: VtsAidlKeyMintTargetTest
Change-Id: I8481ae31de34aae220af7e7188632edcc2d391f0
This commit is contained in:
Shawn Willden 2023-02-22 14:15:34 -07:00
parent efd4cf71e5
commit 3a4a3a95b8
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
security/keymint/aidl/vts/functional/AttestKeyTest.cpp
View file

@ -142,11 +142,14 @@ class AttestKeyTest : public KeyMintAidlTestBase {
return false;
}
// Check if chipset has received a waiver allowing it to be launched with
// Android S (or later) with Keymaster 4.0 in StrongBox
// Check if chipset has received a waiver allowing it to be launched with Android S or T with
// Keymaster 4.0 in StrongBox.
bool is_chipset_allowed_km4_strongbox(void) const {
std::array<char, PROPERTY_VALUE_MAX> buffer;
const int32_t first_api_level = property_get_int32("ro.board.first_api_level", 0);
if (first_api_level <= 0 || first_api_level > __ANDROID_API_T__) return false;
auto res = property_get("ro.vendor.qti.soc_model", buffer.data(), nullptr);
if (res <= 0) return false;