commit 6c9bdb839f86874ccff3b8d16c9275e02087b4fc
author David Drysdale <drysdale@google.com> Tue Jan 23 09:32:04 2024 +0000
committer David Drysdale <drysdale@google.com> Tue Jan 23 10:05:55 2024 +0000
tree 0d2ab1566e6c43b5e13e1980a71c4c5d3f95281b
parent 17300d699cf638cdefd27adab91666d4ca0c6e50

KeyMint: test HAL version matches feature

Test: VtsAidlKeyMintTargetTest
Bug: 304309651
Change-Id: I7e38c2ab3ff4f6b5f9035af865ca5ebe6ff24cc1

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index d3f6ae3..087f763 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -64,6 +64,13 @@
 
 namespace {
 
+// Possible values for the feature version.  Assumes that future KeyMint versions
+// will continue with the 100 * AIDL_version numbering scheme.
+//
+// Must be kept in numerically increasing order.
+const int32_t kFeatureVersions[] = {10,  11,  20,  30,  40,  41,  100, 200,
+                                    300, 400, 500, 600, 700, 800, 900};
+
 // Invalid value for a patchlevel (which is of form YYYYMMDD).
 const uint32_t kInvalidPatchlevel = 99998877;
 
@@ -2278,6 +2285,43 @@
     return hasFeature;
 }
 
+// Return the numeric value associated with a feature.
+std::optional<int32_t> keymint_feature_value(bool strongbox) {
+    std::string name = strongbox ? FEATURE_STRONGBOX_KEYSTORE : FEATURE_HARDWARE_KEYSTORE;
+    ::android::String16 name16(name.c_str());
+    ::android::sp<::android::IServiceManager> sm(::android::defaultServiceManager());
+    ::android::sp<::android::IBinder> binder(
+            sm->waitForService(::android::String16("package_native")));
+    if (binder == nullptr) {
+        GTEST_LOG_(ERROR) << "waitForService package_native failed";
+        return std::nullopt;
+    }
+    ::android::sp<::android::content::pm::IPackageManagerNative> packageMgr =
+            ::android::interface_cast<::android::content::pm::IPackageManagerNative>(binder);
+    if (packageMgr == nullptr) {
+        GTEST_LOG_(ERROR) << "Cannot find package manager";
+        return std::nullopt;
+    }
+
+    // Package manager has no mechanism to retrieve the version of a feature,
+    // only to indicate whether a certain version or above is present.
+    std::optional<int32_t> result = std::nullopt;
+    for (auto version : kFeatureVersions) {
+        bool hasFeature = false;
+        auto status = packageMgr->hasSystemFeature(name16, version, &hasFeature);
+        if (!status.isOk()) {
+            GTEST_LOG_(ERROR) << "hasSystemFeature('" << name << "', " << version
+                              << ") failed: " << status;
+            return result;
+        } else if (hasFeature) {
+            result = version;
+        } else {
+            break;
+        }
+    }
+    return result;
+}
+
 }  // namespace test
 
 }  // namespace aidl::android::hardware::security::keymint