Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 03b8dbcf41cd5b88d2a29da06ff6de10d18606fb^2..03b8dbcf41cd5b88d2a29da06ff6de10d18606fb / .
commit03b8dbcf41cd5b88d2a29da06ff6de10d18606fb[log] [tgz]
authorMikhail Naganov <mnaganov@google.com>Tue Sep 19 17:08:27 2023 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Tue Sep 19 17:08:27 2023 +0000
treea95ba9016ea4a990a30ce77c5b4ed92d2a3bb4ac
parent4d787e55b9330ec9ccb6498fc3059cdcb32a1e8a [diff]
parent426b8762667d296fcb4e48b08c4c822875ddbca6 [diff]
Merge changes from topic "cherrypicker-L47600000963081744:N22400001405878786" into udc-qpr-dev

* changes:
  audio: Improve testing of point-to-point connections
  audio: Mitigate double receiving of the "exit" command
  Audio : Add 3 VTS test cases for remote submix module
  r_submix : Fix minor issues in AIDL implementation
  Avoid sub_overflow_minimal in AIDL effects VTS
  audio: Properly support external device port with static configs
  Remove unused file EffectWorker.h
  Remove the limitation of max open streams
  audio: Make IConfig.getSurroundSound default implementation more robust

diff --git a/security/keymint/aidl/vts/functional/AuthTest.cpp b/security/keymint/aidl/vts/functional/AuthTest.cpp
index 78c88f4..6499f14 100644
--- a/security/keymint/aidl/vts/functional/AuthTest.cpp
+++ b/security/keymint/aidl/vts/functional/AuthTest.cpp

@@ -329,14 +329,14 @@
 
     // Wait for long enough that the hardware auth token expires.
     sleep(timeout_secs + 1);
-    if (!timestamp_token_required_) {
-        // KeyMint implementation has its own clock, and can immediately detect timeout.
-        EXPECT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED,
-                  Begin(KeyPurpose::ENCRYPT, keyblob, params, &out_params, hat));
-    } else {
-        // KeyMint implementation has no clock, so only detects timeout via timestamp token provided
-        // on update()/finish().
-        ASSERT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, keyblob, params, &out_params, hat));
+
+    auto begin_result = Begin(KeyPurpose::ENCRYPT, keyblob, params, &out_params, hat);
+    if (begin_result == ErrorCode::OK) {
+        // If begin() succeeds despite the out-of-date HAT, that must mean that the KeyMint
+        // device doesn't have its own clock.  In that case, it only detects timeout via a
+        // timestamp token provided on update()/finish()
+        ASSERT_TRUE(timestamp_token_required_);
+
         secureclock::TimeStampToken time_token;
         EXPECT_EQ(ErrorCode::OK,
                   GetReturnErrorCode(clock_->generateTimeStamp(challenge_, &time_token)));
@@ -344,6 +344,9 @@
         string output;
         EXPECT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED,
                   Finish(message, {} /* signature */, &output, hat, time_token));
+    } else {
+        // The KeyMint implementation may have its own clock that can immediately detect timeout.
+        ASSERT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED, begin_result);
     }
 }