tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "KeyMint VTS: option to skip BOOT_PATCHLEVEL check" am: 8aeb7ef2b4

Browse source 
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1907696

Change-Id: Ic844b4eed120931d6c852547f359da95662f4db7
This commit is contained in:
David Drysdale 2021-12-02 18:30:09 +00:00 committed by Automerger Merge Worker
commit 8a2977f698
1 changed files with 17 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
security/keymint/aidl/vts/functional/KeyMintTest.cpp
View file

@ -69,6 +69,9 @@ namespace aidl::android::hardware::security::keymint::test {
namespace {
// Whether to check that BOOT_PATCHLEVEL is populated.
bool check_boot_pl = true;
// The maximum number of times we'll attempt to verify that corruption
// of an encrypted blob results in an error. Retries are necessary as there
// is a small (roughly 1/256) chance that corrupting ciphertext still results
@ -527,12 +530,17 @@ class NewKeyGenerationTest : public KeyMintAidlTestBase {
EXPECT_TRUE(os_pl);
EXPECT_EQ(*os_pl, os_patch_level());
// Should include vendor and boot patchlevels.
// Should include vendor patchlevel.
auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL);
EXPECT_TRUE(vendor_pl);
EXPECT_EQ(*vendor_pl, vendor_patch_level());
auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);
EXPECT_TRUE(boot_pl);
// Should include boot patchlevel (but there are some test scenarios where this is not
// possible).
if (check_boot_pl) {
auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);
EXPECT_TRUE(boot_pl);
}
return auths;
}
@ -6871,6 +6879,12 @@ int main(int argc, char** argv) {
} else {
std::cout << "NOT dumping attestations" << std::endl;
}
if (std::string(argv[i]) == "--skip_boot_pl_check") {
// Allow checks of BOOT_PATCHLEVEL to be disabled, so that the tests can
// be run in emulated environments that don't have the normal bootloader
// interactions.
aidl::android::hardware::security::keymint::test::check_boot_pl = false;
}
}
}
return RUN_ALL_TESTS();