tequilaOS/platform_system_security
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Fix warnings in preparation for Rust 1.53.0"

Browse source
This commit is contained in:
Treehugger Robot 2021-07-27 20:35:22 +00:00 committed by Gerrit Code Review
commit 04f835ad2f
3 changed files with 32 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
keystore2/src/boot_level_keys.rs
View file

@ -243,40 +243,40 @@ mod test {
fn test_output_is_consistent() -> Result<()> {
let initial_key = b"initial key";
let mut blkc = BootLevelKeyCache::new(ZVec::try_from(initial_key as &[u8])?);
assert_eq!(true, blkc.level_accessible(0));
assert_eq!(true, blkc.level_accessible(9));
assert_eq!(true, blkc.level_accessible(10));
assert_eq!(true, blkc.level_accessible(100));
assert!(blkc.level_accessible(0));
assert!(blkc.level_accessible(9));
assert!(blkc.level_accessible(10));
assert!(blkc.level_accessible(100));
let v0 = blkc.aes_key(0).unwrap().unwrap();
let v10 = blkc.aes_key(10).unwrap().unwrap();
assert_eq!(Some(&v0), blkc.aes_key(0)?.as_ref());
assert_eq!(Some(&v10), blkc.aes_key(10)?.as_ref());
blkc.advance_boot_level(5)?;
assert_eq!(false, blkc.level_accessible(0));
assert_eq!(true, blkc.level_accessible(9));
assert_eq!(true, blkc.level_accessible(10));
assert_eq!(true, blkc.level_accessible(100));
assert!(!blkc.level_accessible(0));
assert!(blkc.level_accessible(9));
assert!(blkc.level_accessible(10));
assert!(blkc.level_accessible(100));
assert_eq!(None, blkc.aes_key(0)?);
assert_eq!(Some(&v10), blkc.aes_key(10)?.as_ref());
blkc.advance_boot_level(10)?;
assert_eq!(false, blkc.level_accessible(0));
assert_eq!(false, blkc.level_accessible(9));
assert_eq!(true, blkc.level_accessible(10));
assert_eq!(true, blkc.level_accessible(100));
assert!(!blkc.level_accessible(0));
assert!(!blkc.level_accessible(9));
assert!(blkc.level_accessible(10));
assert!(blkc.level_accessible(100));
assert_eq!(None, blkc.aes_key(0)?);
assert_eq!(Some(&v10), blkc.aes_key(10)?.as_ref());
blkc.advance_boot_level(0)?;
assert_eq!(false, blkc.level_accessible(0));
assert_eq!(false, blkc.level_accessible(9));
assert_eq!(true, blkc.level_accessible(10));
assert_eq!(true, blkc.level_accessible(100));
assert!(!blkc.level_accessible(0));
assert!(!blkc.level_accessible(9));
assert!(blkc.level_accessible(10));
assert!(blkc.level_accessible(100));
assert_eq!(None, blkc.aes_key(0)?);
assert_eq!(Some(v10), blkc.aes_key(10)?);
blkc.finish();
assert_eq!(false, blkc.level_accessible(0));
assert_eq!(false, blkc.level_accessible(9));
assert_eq!(false, blkc.level_accessible(10));
assert_eq!(false, blkc.level_accessible(100));
assert!(!blkc.level_accessible(0));
assert!(!blkc.level_accessible(9));
assert!(!blkc.level_accessible(10));
assert!(!blkc.level_accessible(100));
assert_eq!(None, blkc.aes_key(0)?);
assert_eq!(None, blkc.aes_key(10)?);
Ok(())

8
keystore2/src/database.rs
View file

@ -388,12 +388,12 @@ impl DateTime {
}
/// Returns unix epoch time in milliseconds.
pub fn to_millis_epoch(&self) -> i64 {
pub fn to_millis_epoch(self) -> i64 {
self.0
}
/// Returns unix epoch time in seconds.
pub fn to_secs_epoch(&self) -> i64 {
pub fn to_secs_epoch(self) -> i64 {
self.0 / 1000
}
}
@ -2227,7 +2227,7 @@ impl KeystoreDB {
/// fields, and rebinds the given alias to the new key.
/// The boolean returned is a hint for the garbage collector. If true, a key was replaced,
/// is now unreferenced and needs to be collected.
#[allow(clippy::clippy::too_many_arguments)]
#[allow(clippy::too_many_arguments)]
pub fn store_new_key(
&mut self,
key: &KeyDescriptor,
@ -3466,7 +3466,7 @@ mod tests {
load_attestation_key_pool(&mut db, expiration_date, namespace, base_byte)?;
let chain =
db.retrieve_attestation_key_and_cert_chain(Domain::APP, namespace, &KEYSTORE_UUID)?;
assert_eq!(true, chain.is_some());
assert!(chain.is_some());
let cert_chain = chain.unwrap();
assert_eq!(cert_chain.private_key.to_vec(), loaded_values.priv_key);
assert_eq!(cert_chain.batch_cert, loaded_values.batch_cert);

20
keystore2/src/permission.rs
View file

@ -158,7 +158,7 @@ macro_rules! implement_permission_aidl {
impl $name {
/// Returns a string representation of the permission as required by
/// `selinux::check_access`.
pub fn to_selinux(&self) -> &'static str {
pub fn to_selinux(self) -> &'static str {
match self {
Self($aidl_name::$def_name) => stringify!($def_selinux_name),
$(Self($aidl_name::$element_name) => stringify!($selinux_name),)*
@ -266,7 +266,7 @@ macro_rules! implement_permission {
impl $name {
/// Returns a string representation of the permission as required by
/// `selinux::check_access`.
pub fn to_selinux(&self) -> &'static str {
pub fn to_selinux(self) -> &'static str {
match self {
Self::$def_name => stringify!($def_selinux_name),
$(Self::$element_name => stringify!($selinux_name),)*
@ -852,23 +852,19 @@ mod tests {
blob: None,
};
assert!(check_key_permission(0, &sctx, KeyPerm::use_(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::delete(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::get_info(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::rebind(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::update(), &key, &None).is_ok());
if is_su {
assert!(check_key_permission(0, &sctx, KeyPerm::use_(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::delete(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::get_info(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::rebind(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::update(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::grant(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::manage_blob(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::use_dev_id(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::gen_unique_id(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::req_forced_op(), &key, &None).is_ok());
} else {
assert!(check_key_permission(0, &sctx, KeyPerm::use_(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::delete(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::get_info(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::rebind(), &key, &None).is_ok());
assert!(check_key_permission(0, &sctx, KeyPerm::update(), &key, &None).is_ok());
assert_perm_failed!(check_key_permission(0, &sctx, KeyPerm::grant(), &key, &None));
assert_perm_failed!(check_key_permission(
0,