This test does not account for potentially missing Sk HAL. Ideally, the
test should pass on those devices too (since Sk is an optional HAL at
the moment).
This test uses should_panic expecting the client code to panic on
processing the message, but that code is never executed because the
backend is not present & the method doesn't panic & the test fails.
As a mitigation, #ignore the test.
Bug: 317416663
Test: VTS show "IGNORED"
Change-Id: I2f1bb45361943f22d8cadc929059c65cb3120f3f
SecretId is a parameter in deleteIds() method, which will be invoked by
host (Android). Restrict the size to 64 bytes to avoid unnecessarily
large bytes making it to HAL & TA.
Test: atest VtsSecretkeeperTargetTest
Bug: 317374882
Change-Id: Ieb34fee4efd11636bee133fe9132c1d739d08a1c
aosp/2640754 adds a tuneFrontend call with testWithDemux enabled.
tuneFrontend() has some logic that calls DvrTests->openDvrInDemux()
which requires mDemux to be available, but mFrontendTests does not
have an associated demux. This CL adds a demux resource.
Bug: 317268814
Test: atest VtsHalTvTunerV1_1TargetTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e7c5595ee5cfe79eb181e60399d8d857526d1af7)
Merged-In: I62ad038829ca3ed0ecc077527197eec444a5eb12
Change-Id: I62ad038829ca3ed0ecc077527197eec444a5eb12
aosp/2640754 adds a tuneFrontend call with testWithDemux enabled.
tuneFrontend() has some logic that calls DvrTests->openDvrInDemux()
which requires mDemux to be available, but mFrontendTests does not
have an associated demux. This CL adds a demux resource.
Bug: 317268814
Test: atest VtsHalTvTunerTargetTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e75c56787a1a9cd6280ab758788bc810ff50cb58)
Merged-In: I3eb69d8dc10cd2cdbb2d3526317faee2909787f5
Change-Id: I3eb69d8dc10cd2cdbb2d3526317faee2909787f5
Various small wording changes to attempt to clarify some of the
details of the Secretkeeper API.
While I'm here: fix error code naming inconsistency.
Bug: 291224769
Test: N/A
Change-Id: I956b549bc5bf4d2b964dde9867430cb4778e445b
Add test coverage for replay protection in Secretkeeper. Test that:
1. Sk implementation encrypts/decrypts messages using correct
sequence_numbers.
2. Out of order messages are not accepted.
3. The sequence numbers are per-connection ie, new SeqNum is used for a
fresh connection.
Also, refactor code. SeqNumbers are maintained by
libsecretkeeper_client. Have sk_client use a handle to SkSession for
SecretManagement requests. Replay protection tests however require more
fine grained control of SeqNums. For these we have introduced
`secret_management_request_custom_aad()` method.
Bug: 316126411
Test: atest VtsSecretkeeperTargetTest
Change-Id: I385856c04e185d2b300d59a1b54cb8f09cbf836f
Introduce sequence number in Secretkeeper packets to prevent replay of
packets with a session.
Bug: 316126411
Test: VTS
Change-Id: I20a5d8489e988bdcbe9058495ab56ed18a07b946
Ensure the primary display power on before run the
SetDisplayBrightness test item.
Bug: 313794734
Test: atest VtsHalGraphicsComposer3_TargetTest:PerInstance/
GraphicsComposerAidlCommandTest#SetDisplayBrightness/
0_android_hardware_graphics_composer3_IComposer_default
-- --abi arm64-v8a
Change-Id: I94fb700704bcbd8543f2a608dd75b9e745e40e37
Merged-In: I94fb700704bcbd8543f2a608dd75b9e745e40e37
Previously the command was sent before the task handle is dropped. This
may cause race condition that the DeviceResetRsp may be consumed by the
reader created in open(). In this case, the
consume_device_reset_rsp_and_ntf will wait until timeout.
Bug: 316421259
Test: manual
Change-Id: I680d3ea79344f9b5f07a36877837bfc1b8e0532a
Calling binder::get_interface(name) for a name that isn't declared may
take multiple seconds before failing. Restrict to looking for instance
names that are declared.
Also add a rustfmt.toml file, copied from system/secretkeeper/
Bug: 291228655
Test: VtsSecretkeeperTargetTest on Cuttlefish and Pixel8
Change-Id: I9972bc782fe99f5dc5c2dc3b74fa12a0e000ea6c
There are currently no users of it. Enabling it will require adding rust
support for the android.os.Surface type that uses ANativeWindow
underneath.
Test: m
Bug: 315556623
Change-Id: Ib9954b1bf476b391919db994bc2dc1483d972670
When a LocalTa instance is used in a fuzzer, it gets dropped at the end
of processing each fuzz input. This makes the `mpsc::channel`s fail,
so update to cope with this.
Bug: 316075932
Test: run fuzzer on Cuttlefish
Change-Id: I069f441013e269f652cbe1ff3053606f9bcb2dfd
Move nonsecure implementation code out of main.rs and into a new
secretkeeper_nonsecure library, to allow re-use in both the nonsecure
service and the new fuzzer.
The fuzzer drops the `LocalTa` instance on each input, so adjust the
error path to cope with this happening (the channels will fail).
Test: build, fuzz
Bug: 291228655
Change-Id: Ibe2ca5db9a9c8eed129ac5a90de85b933ab256a0
On Cuttlefish, the implementation of the ISecretkeeper HAL runs
in-process in the HAL service, and so is deliberately marked as being
the /nonsecure instance to make that clear.
A real device that's running Secretkeeper inside a secure environment
should report that instance as being the /default instance.
So allow either in the compatibility matrix.
Bug: 306364873
Test: build, VtsAidlAuthGraphRoleTest, VtsSecretkeeperTargetTest
Change-Id: Ifb58d8bb9318707b714a345adc1b1b4198054f81
am skip reason: Merged-In Ibf599038b542d5d81a2af9ab2097f2f868be0447 with SHA-1 392d530a64 is already in history
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2635482
Change-Id: I97f3a44f69ef0b64ce3123d0e6480aaec663a680
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
