Merge "RebootEscrow HAL: testing with secure implementations" into rvc-dev am: 2519e6d079 am: e5a3b46704

Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/11953060

Change-Id: Ia267bdb8301588eff7fedc994508bb9e66080f03

2 files changed, 29 insertions, 4 deletions

diff --git a/rebootescrow/aidl/vts/functional/README.md b/rebootescrow/aidl/vts/functional/README.md
new file mode 100644
index 0000000000..9ae5caffad
--- /dev/null
+++ b/rebootescrow/aidl/vts/functional/README.md
@@ -0,0 +1,7 @@
+Many of the tests in this directory may require that TEE Keymaster
+"EARLY_BOOT_ONLY" keys be usable when this test runs. In order to accomplish
+this, a build of "vold" that omits the call to "earlyBootEnded()" function
+should be made. Then these DISABLED tests may be run successfully.
+
+The CTS test ResumeOnRebootHostTests will test the functionality without a
+special build.
diff --git a/rebootescrow/aidl/vts/functional/VtsHalRebootEscrowTargetTest.cpp b/rebootescrow/aidl/vts/functional/VtsHalRebootEscrowTargetTest.cpp
index cd8cc3eaa1..809a3b502a 100644
--- a/rebootescrow/aidl/vts/functional/VtsHalRebootEscrowTargetTest.cpp
+++ b/rebootescrow/aidl/vts/functional/VtsHalRebootEscrowTargetTest.cpp
@@ -60,7 +60,10 @@ class RebootEscrowAidlTest : public testing::TestWithParam<std::string> {
     };
 };
 
-TEST_P(RebootEscrowAidlTest, StoreAndRetrieve_Success) {
+// This test assumes that it can retrieve keys immediately, but some
+// implementations use the TEE's EARLY_BOOT_ONLY keys. This means that the
+// earlyBootEnded() calls will need to be disabled to test this correctly.
+TEST_P(RebootEscrowAidlTest, DISABLED_StoreAndRetrieve_Success) {
     SKIP_UNSUPPORTED;
 
     ASSERT_TRUE(rebootescrow->storeKey(KEY_1).isOk());
@@ -70,7 +73,10 @@ TEST_P(RebootEscrowAidlTest, StoreAndRetrieve_Success) {
     EXPECT_EQ(actualKey, KEY_1);
 }
 
-TEST_P(RebootEscrowAidlTest, StoreAndRetrieve_SecondRetrieveSucceeds) {
+// This test assumes that it can retrieve keys immediately, but some
+// implementations use the TEE's EARLY_BOOT_ONLY keys. This means that the
+// earlyBootEnded() calls will need to be disabled to test this correctly.
+TEST_P(RebootEscrowAidlTest, DISABLED_StoreAndRetrieve_SecondRetrieveSucceeds) {
     SKIP_UNSUPPORTED;
 
     ASSERT_TRUE(rebootescrow->storeKey(KEY_1).isOk());
@@ -83,7 +89,10 @@ TEST_P(RebootEscrowAidlTest, StoreAndRetrieve_SecondRetrieveSucceeds) {
     EXPECT_EQ(actualKey, KEY_1);
 }
 
-TEST_P(RebootEscrowAidlTest, StoreTwiceOverwrites_Success) {
+// This test assumes that it can retrieve keys immediately, but some
+// implementations use the TEE's EARLY_BOOT_ONLY keys. This means that the
+// earlyBootEnded() calls will need to be disabled to test this correctly.
+TEST_P(RebootEscrowAidlTest, DISABLED_StoreTwiceOverwrites_Success) {
     SKIP_UNSUPPORTED;
 
     ASSERT_TRUE(rebootescrow->storeKey(KEY_1).isOk());
@@ -94,7 +103,10 @@ TEST_P(RebootEscrowAidlTest, StoreTwiceOverwrites_Success) {
     EXPECT_EQ(actualKey, KEY_2);
 }
 
-TEST_P(RebootEscrowAidlTest, StoreEmpty_AfterGetEmptyKey_Success) {
+// This test assumes that it can retrieve keys immediately, but some
+// implementations use the TEE's EARLY_BOOT_ONLY keys. This means that the
+// earlyBootEnded() calls will need to be disabled to test this correctly.
+TEST_P(RebootEscrowAidlTest, DISABLED_StoreEmpty_AfterGetEmptyKey_Success) {
     SKIP_UNSUPPORTED;
 
     rebootescrow->storeKey(KEY_1);
@@ -105,6 +117,12 @@ TEST_P(RebootEscrowAidlTest, StoreEmpty_AfterGetEmptyKey_Success) {
     EXPECT_EQ(actualKey, EMPTY_KEY);
 }
 
+TEST_P(RebootEscrowAidlTest, Store_Success) {
+    SKIP_UNSUPPORTED;
+
+    rebootescrow->storeKey(KEY_1);
+}
+
 INSTANTIATE_TEST_SUITE_P(
         RebootEscrow, RebootEscrowAidlTest,
         testing::ValuesIn(android::getAidlHalInstanceNames(IRebootEscrow::descriptor)),