A compilation failure is not related to the security aspect of the
TOCTOU test, but it will skip one iteration of security testing. This CL
allows the compilation to fail with GENERAL_FAILURE in TOCTOU tests, and
issues a retry once it happens to ensure enough test coverage.
Bug: 157489048
Test: 1.2/1.3 VTS
Change-Id: Idc88e0365c5d2799187093b6fd7b4abf8f8b463d
Merged-In: Idc88e0365c5d2799187093b6fd7b4abf8f8b463d
(cherry picked from commit 362dfd64d5)
Key derivation for session encryption and MACing now involves mixing
in SessionTranscriptBytes. Update docs, default implementation, and
VTS tests to reflect this.
Also, the standard changed such that instead of DeviceAuthentication
being MACed or signed, it's instead DeviceAuthenticationBytes which is
defined as #6.24(bstr .cbor DeviceAuthentication). The same also for
ReaderAuthentication, now ReaderAuthenticationBytes is the CBOR which
is signed by the reader.
Also update the URL for CDDL since it's now a published RFC.
Bug: 159482543
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I73fc7eb48ffb71e00a8b54849266ed814295fa39
Introduce minor version increment to ILazy for testing lazy HAL
inheritance.
Bug: 157451814
Bug: 158606505
Test: hidl_lazy_test
Change-Id: Ib418bc002e834edf5eae53043875dcb351b3eaf2
The VTS test was dynamically linking some libraries not normally
present on an Android system. Statically link these libraries instead.
Bug: 158150767
Test: atest VtsHalIdentityTargetTest
Change-Id: Ib93620c36b0ff7f5c9f239ff8861a11196605881
The VTS test was dynamically linking some libraries not normally
present on an Android system. Statically link these libraries instead.
Bug: 158150767
Test: atest VtsHalIdentityTargetTest
Change-Id: Ida85ca8835d0243c47f451ccdfa0d11d29ec1bdb
VtsHalRadioV1_5TargetTest.PerInstance/RadioHidlTest_v1_5#
sendCdmaSmsExpectMore/0_slot1
Sendcdmasexpectmoreresponse to the request sendcdmasexpectmore
did not accept the return parameter responseinfo, which caused
the VTS system to wait for a response until it exceeded 60 seconds,
and the VTS determined No test results.
so we can add parameters to receive the parameters of
sendcdmasexpectmoreresponse,and then make subsequent judgment.
Bug: 158542706
Test: run vts -m VtsHalRadioV1_5TargetTest
Change-Id: I1d6214f58850d707520b80634cb93d0e0cc712bb
These updates are based on input/experiences implementing this
HAL. There are no API changes.
- Specify that the validity for credentialKey certificate shall be
from current time and expire at the same time as the attestation
batch certificate.
- Require challenge passed to getAttestationCertificate() is
non-empty.
- Fix bug in VTS tests where the startPersonlization() result was not
checked.
- Remove verifyStartPersonalizationZero test since it cannot be
completed.
- Ensure secureUserId is non-zero if user authentication is needed.
- Specify format for signingKeyBlob in generateSigningKeyPair() same
way we do for credentialData in finishAddingEntries().
- Modify EndToEndTest to decrypt/unpack credentialData to obtain
credentialPrivKey and storageKey and do cross-checks on these.
- Modify EndToEndTest to decrypt/unpack signingKeyBlob to obtain
signingKeyPriv and check it matches the public key in the returned
certificate.
- Add new VTS tests for user and reader authentication.
- Relax unnecessary requirements about SessionTranscript structure -
just require it has X and Y of the ephemeral key created earlier.
- Allow calls in VTS tests to v2 HAL to fail - this should allow
these VTS tests to pass on a compliant v1 HAL.
Bug: 156911917
Bug: 158107945
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I11b79dbd57b1830609c70301fea9c99f9e5080cb
Add checks that all returned output dimensions must be at
least as fully specified as the union of the information about the
corresponding operand in the model and in the request.
Bug: 154054474
Test: VTS
Change-Id: I934d084c7665160a98da9828604ce8297fef73b8
Merged-In: I934d084c7665160a98da9828604ce8297fef73b8
(cherry picked from commit d454751e00)
Bug: 152932559
Test: Boot and observe that Strongbox gets the message
Merged-In: I752b44f5cc20d85bf819188ccaaf0813a5607ba5
Change-Id: I752b44f5cc20d85bf819188ccaaf0813a5607ba5
VTS was running on a userdebug build GSI before Android 10.
Starting from Android 10, VTS is switched to running on top of a
user build GSI image, plus the device-specific boot-debug.img to
allow adb root.
https://source.android.com/compatibility/vts/vts-on-gsi
So 'ro.build.type' will be 'user' because the value comes from
/system/build.prop. Switching to using 'ro.debuggable' to decide
whether we should check the device is locked or not. Note that
'ro.debuggable' will be '1' for userdebug/eng images or when a
boot-debug.img is used.
Bug: 154449286
Test: atest VtsHalKeymasterV4_0TargetTest
Change-Id: If5a90d62f77489aa58f96e908553a052cf6d1e18
Also remove the tests of the mock property functions themselves, and
rely on the libcutils/libbase testing.
Bug: http://b/151789258
Test: treehugger
Change-Id: I455ef0c2e4f19f6e69b8f65a3b6d4595717c81cd
Clarify behaviour of the following ops in the case when inputs would
cause an output to have an empty shape:
* MEAN
* ARGMIN/ARGMAX
* STRIDED_SLICE
Bug: 155508675
Bug: 155660285
Bug: 155508675
Bug: 155238914
Test: VtsHalNeuralnetworksV1_3TargetTest
Change-Id: I92d1c3866a462a99b4eed7782b72f62bb6a076c6
Merged-In: I92d1c3866a462a99b4eed7782b72f62bb6a076c6
(cherry picked from commit d4bba83f6a)
- Also adds TEST_MAPPING filters here to make sure sample driver tests
are still being filtered out.
- There may still be failing tests, but should not cause OOM in test harness.
Bug: 156691406
Test: mm
Test: atest VtsHalNeuralnetworksV1_3TargetTest
Change-Id: Ie05350d71dede04967d94dad4147bd3ed3435f7d
Merged-In: Ie05350d71dede04967d94dad4147bd3ed3435f7d
(cherry picked from commit 338acf5c15)
Add a clarification on the behaviour of REDUCE_* ops when all dimensions
of an input tensor are reduced.
Bug: 155508675
Test: VtsHalNeuralnetworksV1_3TargetTest
Change-Id: I3a67225c3af80af40a11362ca5d0f55350cbfa05
Merged-In: I3a67225c3af80af40a11362ca5d0f55350cbfa05
(cherry picked from commit eec7d86b44)
- Also adds TEST_MAPPING filters here to make sure sample driver tests
are still being filtered out.
Bug: 155577050
Test: mm
Test: atest VtsHalNeuralnetworksV1_0TargetTest
Change-Id: Ic8f556a957e6af340d500e2c4696b41b2a6e8516
Merged-In: Ic8f556a957e6af340d500e2c4696b41b2a6e8516
(cherry picked from commit 8ebe2a04c5)
- Also adds TEST_MAPPING filters here to make sure sample driver tests
are still being filtered out.
Bug: 155674368
Test: mm
Test: atest VtsHalNeuralnetworksV1_2TargetTest
Change-Id: I5f5d272742d4cdd6a8cc87ec035b5e2508eaa98f
Merged-In: I5f5d272742d4cdd6a8cc87ec035b5e2508eaa98f
(cherry picked from commit f7c55d5f9b)
Bug: 154667790
Test: set slot to a
run SetActiveBootSlot/SetSlotAsUnbootable tests
fastboot reboot bootloader
fastboot getvar current-slot shoud be a
repeat on b slot
Change-Id: Icff45d3949d0ad76d22bdf8830c0903e81027b6e
