Merge "Added VTS tests for clearing operation slots after service death." am: fd877b5479 am: 2b3640a442 am: 89cd80c9da

am: f610e72c81 Change-Id: Ie2c68f4195d494a1c5af712234f6a7d98c98892e
author: Rob Barnes <robbarnes@google.com> 2019-10-01 10:28:23 -0700
committer: android-build-merger <android-build-merger@google.com> 2019-10-01 10:28:23 -0700
commit: 1b598f5da32561463e37806615cd07f80d3f9105 (patch)
tree: ff33e34850e847b1f15aa1fc2c8e0f460cee0a3f /keymaster
parent: 3ff65f3ff4db4b1c52c95a0f214099f43edd47af (diff)
parent: f610e72c81a8703e03b09555ee04308707bfc5c3 (diff)
download: platform_hardware_interfaces-1b598f5da32561463e37806615cd07f80d3f9105.tar.gz
platform_hardware_interfaces-1b598f5da32561463e37806615cd07f80d3f9105.tar.bz2
platform_hardware_interfaces-1b598f5da32561463e37806615cd07f80d3f9105.zip
3 files changed, 101 insertions, 5 deletions
diff --git a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
index 3af1df32d3..132ce17d41 100644
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
@@ -48,10 +48,11 @@ uint32_t KeymasterHidlTest::os_patch_level_;
 SecurityLevel KeymasterHidlTest::securityLevel_;
 hidl_string KeymasterHidlTest::name_;
 hidl_string KeymasterHidlTest::author_;
+string KeymasterHidlTest::service_name_;
 
-void KeymasterHidlTest::SetUpTestCase() {
-    string service_name = KeymasterHidlEnvironment::Instance()->getServiceName<IKeymasterDevice>();
-    keymaster_ = ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(service_name);
+void KeymasterHidlTest::InitializeKeymaster() {
+    service_name_ = KeymasterHidlEnvironment::Instance()->getServiceName<IKeymasterDevice>();
+    keymaster_ = ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(service_name_);
     ASSERT_NE(keymaster_, nullptr);
 
     ASSERT_TRUE(keymaster_
@@ -62,18 +63,22 @@ void KeymasterHidlTest::SetUpTestCase() {
                         author_ = author;
                     })
                     .isOk());
+}
+
+void KeymasterHidlTest::SetUpTestCase() {
+
+    InitializeKeymaster();
 
     os_version_ = ::keymaster::GetOsVersion();
     os_patch_level_ = ::keymaster::GetOsPatchlevel();
 
     auto service_manager = android::hidl::manager::V1_0::IServiceManager::getService();
     ASSERT_NE(nullptr, service_manager.get());
-
     all_keymasters_.push_back(keymaster_);
     service_manager->listByInterface(
         IKeymasterDevice::descriptor, [&](const hidl_vec<hidl_string>& names) {
             for (auto& name : names) {
-                if (name == service_name) continue;
+                if (name == service_name_) continue;
                 auto keymaster =
                     ::testing::VtsHalHidlTargetTestBase::getService<IKeymasterDevice>(name);
                 ASSERT_NE(keymaster, nullptr);
@@ -269,6 +274,13 @@ ErrorCode KeymasterHidlTest::GetCharacteristics(const HidlBuf& key_blob,
     return GetCharacteristics(key_blob, client_id, app_data, key_characteristics);
 }
 
+ErrorCode KeymasterHidlTest::GetDebugInfo(DebugInfo* debug_info) {
+    EXPECT_TRUE(keymaster_->getDebugInfo([&](const DebugInfo& hidl_debug_info) {
+      *debug_info = hidl_debug_info;
+    }).isOk());
+    return ErrorCode::OK;
+}
+
 ErrorCode KeymasterHidlTest::Begin(KeyPurpose purpose, const HidlBuf& key_blob,
                                    const AuthorizationSet& in_params, AuthorizationSet* out_params,
                                    OperationHandle* op_handle) {
diff --git a/keymaster/4.0/vts/functional/KeymasterHidlTest.h b/keymaster/4.0/vts/functional/KeymasterHidlTest.h
index 015fc43752..7ad8fb1817 100644
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.h
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.h
@@ -37,6 +37,7 @@ namespace test {
 
 using ::android::sp;
 using ::std::string;
+using hidl::base::V1_0::DebugInfo;
 
 class HidlBuf : public hidl_vec<uint8_t> {
     typedef hidl_vec<uint8_t> super;
@@ -95,6 +96,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
 
     // SetUpTestCase runs only once per test case, not once per test.
     static void SetUpTestCase();
+    static void InitializeKeymaster();
     static void TearDownTestCase() {
         keymaster_.clear();
         all_keymasters_.clear();
@@ -140,6 +142,8 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
                                  const HidlBuf& app_data, KeyCharacteristics* key_characteristics);
     ErrorCode GetCharacteristics(const HidlBuf& key_blob, KeyCharacteristics* key_characteristics);
 
+    ErrorCode GetDebugInfo(DebugInfo* debug_info);
+
     ErrorCode Begin(KeyPurpose purpose, const HidlBuf& key_blob, const AuthorizationSet& in_params,
                     AuthorizationSet* out_params, OperationHandle* op_handle);
     ErrorCode Begin(KeyPurpose purpose, const AuthorizationSet& in_params,
@@ -235,6 +239,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
     static SecurityLevel securityLevel_;
     static hidl_string name_;
     static hidl_string author_;
+    static string service_name_;
 };
 
 }  // namespace test
diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index 9e6cce7e97..2fd85f7e38 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -18,6 +18,7 @@
 #include <cutils/log.h>
 
 #include <iostream>
+#include <signal.h>
 
 #include <openssl/evp.h>
 #include <openssl/mem.h>
@@ -4456,6 +4457,84 @@ TEST_F(UpgradeKeyTest, UpgradeKey) {
     EXPECT_EQ(result, std::make_pair(ErrorCode::OK, HidlBuf()));
 }
 
+
+using ClearOperationsTest = KeymasterHidlTest;
+
+/*
+ * ClearSlotsTest.TooManyOperations
+ *
+ * Verifies that TOO_MANY_OPERATIONS is returned after the max number of
+ * operations are started without being finished or aborted. Also verifies
+ * that aborting the operations clears the operations.
+ *
+ */
+TEST_F(ClearOperationsTest, TooManyOperations) {
+    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+                                             .Authorization(TAG_NO_AUTH_REQUIRED)
+                                             .RsaEncryptionKey(2048, 65537)
+                                             .Padding(PaddingMode::NONE)));
+
+    auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE);
+    int max_operations = SecLevel() == SecurityLevel::STRONGBOX ? 4 : 16;
+    OperationHandle op_handles[max_operations];
+    AuthorizationSet out_params;
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &(op_handles[i])));
+    }
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    // Try again just in case there's a weird overflow bug
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Abort(op_handles[i]));
+    }
+    EXPECT_EQ(ErrorCode::OK,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    AbortIfNeeded();
+}
+
+/*
+ * ClearSlotsTest.ServiceDeath
+ *
+ * Verifies that the service is restarted after death and the ongoing
+ * operations are cleared.
+ */
+TEST_F(ClearOperationsTest, ServiceDeath) {
+
+    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
+                                             .Authorization(TAG_NO_AUTH_REQUIRED)
+                                             .RsaEncryptionKey(2048, 65537)
+                                             .Padding(PaddingMode::NONE)));
+
+    auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE);
+    int max_operations = SecLevel() == SecurityLevel::STRONGBOX ? 4 : 16;
+    OperationHandle op_handles[max_operations];
+    AuthorizationSet out_params;
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &(op_handles[i])));
+    }
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+
+    DebugInfo debug_info;
+    GetDebugInfo(&debug_info);
+    kill(debug_info.pid, SIGKILL);
+    // wait 1 second for keymaster to restart
+    sleep(1);
+    InitializeKeymaster();
+
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &(op_handles[i])));
+    }
+    EXPECT_EQ(ErrorCode::TOO_MANY_OPERATIONS,
+         Begin(KeyPurpose::ENCRYPT, key_blob_, params, &out_params, &op_handle_));
+    for(int i=0; i<max_operations; i++) {
+        EXPECT_EQ(ErrorCode::OK, Abort(op_handles[i]));
+    }
+}
+
+
 }  // namespace test
 }  // namespace V4_0
 }  // namespace keymaster
author	Rob Barnes <robbarnes@google.com>	2019-10-01 10:28:23 -0700
committer	android-build-merger <android-build-merger@google.com>	2019-10-01 10:28:23 -0700
commit	1b598f5da32561463e37806615cd07f80d3f9105 (patch)
tree	ff33e34850e847b1f15aa1fc2c8e0f460cee0a3f /keymaster
parent	3ff65f3ff4db4b1c52c95a0f214099f43edd47af (diff)
parent	f610e72c81a8703e03b09555ee04308707bfc5c3 (diff)
download	platform_hardware_interfaces-1b598f5da32561463e37806615cd07f80d3f9105.tar.gz platform_hardware_interfaces-1b598f5da32561463e37806615cd07f80d3f9105.tar.bz2 platform_hardware_interfaces-1b598f5da32561463e37806615cd07f80d3f9105.zip