diff options
| author | Scott Lobdell <slobdell@google.com> | 2022-01-21 07:03:32 +0000 |
|---|---|---|
| committer | Scott Lobdell <slobdell@google.com> | 2022-01-21 07:15:05 +0000 |
| commit | 593bdf5548ac6f13053424a655423c0677e7cb2d (patch) | |
| tree | ebbbe99553ec26ed9088cf6cfef1aec2e5cc2ef0 /security/keymint/aidl/vts/functional/KeyMintTest.cpp | |
| parent | 78c23e4f5f9e8b61b8bace9a2b4cb691073ef906 (diff) | |
| parent | a0f5ebdbd3992e7a78517d13f568d9cbcbb71564 (diff) | |
Merge TP1A.211206.001
Change-Id: I8b3a43021a3328cf6afb4e7e157339d8e214ddbe
Diffstat (limited to 'security/keymint/aidl/vts/functional/KeyMintTest.cpp')
| -rw-r--r-- | security/keymint/aidl/vts/functional/KeyMintTest.cpp | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp index 919d79ff31..c99e1d02d3 100644 --- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -69,8 +69,11 @@ namespace aidl::android::hardware::security::keymint::test { namespace { +// Whether to check that BOOT_PATCHLEVEL is populated. +bool check_boot_pl = true; + // The maximum number of times we'll attempt to verify that corruption -// of an ecrypted blob results in an error. Retries are necessary as there +// of an encrypted blob results in an error. Retries are necessary as there // is a small (roughly 1/256) chance that corrupting ciphertext still results // in valid PKCS7 padding. constexpr size_t kMaxPaddingCorruptionRetries = 8; @@ -527,12 +530,17 @@ class NewKeyGenerationTest : public KeyMintAidlTestBase { EXPECT_TRUE(os_pl); EXPECT_EQ(*os_pl, os_patch_level()); - // Should include vendor and boot patchlevels. + // Should include vendor patchlevel. auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL); EXPECT_TRUE(vendor_pl); EXPECT_EQ(*vendor_pl, vendor_patch_level()); - auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL); - EXPECT_TRUE(boot_pl); + + // Should include boot patchlevel (but there are some test scenarios where this is not + // possible). + if (check_boot_pl) { + auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL); + EXPECT_TRUE(boot_pl); + } return auths; } @@ -6914,6 +6922,12 @@ int main(int argc, char** argv) { } else { std::cout << "NOT dumping attestations" << std::endl; } + if (std::string(argv[i]) == "--skip_boot_pl_check") { + // Allow checks of BOOT_PATCHLEVEL to be disabled, so that the tests can + // be run in emulated environments that don't have the normal bootloader + // interactions. + aidl::android::hardware::security::keymint::test::check_boot_pl = false; + } } } return RUN_ALL_TESTS(); |