Merge "Fix CryptoPlugin use after free vulnerability." into sc-dev
diff --git a/audio/core/all-versions/default/Device.cpp b/audio/core/all-versions/default/Device.cpp
index 70a1a4d..130dfba 100644
--- a/audio/core/all-versions/default/Device.cpp
+++ b/audio/core/all-versions/default/Device.cpp
@@ -360,18 +360,43 @@
return Result::NOT_SUPPORTED;
}
-Return<void> Device::getAudioPort(const AudioPort& port, getAudioPort_cb _hidl_cb) {
- audio_port halPort;
- HidlUtils::audioPortToHal(port, &halPort);
- Result retval = analyzeStatus("get_audio_port", mDevice->get_audio_port(mDevice, &halPort));
+template <typename HalPort>
+Return<void> Device::getAudioPortImpl(const AudioPort& port, getAudioPort_cb _hidl_cb,
+ int (*halGetter)(audio_hw_device_t*, HalPort*),
+ const char* halGetterName) {
+ HalPort halPort;
+ if (status_t status = HidlUtils::audioPortToHal(port, &halPort); status != NO_ERROR) {
+ _hidl_cb(analyzeStatus("audioPortToHal", status), port);
+ return Void();
+ }
+ Result retval = analyzeStatus(halGetterName, halGetter(mDevice, &halPort));
AudioPort resultPort = port;
if (retval == Result::OK) {
- HidlUtils::audioPortFromHal(halPort, &resultPort);
+ if (status_t status = HidlUtils::audioPortFromHal(halPort, &resultPort);
+ status != NO_ERROR) {
+ _hidl_cb(analyzeStatus("audioPortFromHal", status), port);
+ return Void();
+ }
}
_hidl_cb(retval, resultPort);
return Void();
}
+#if MAJOR_VERSION <= 6
+Return<void> Device::getAudioPort(const AudioPort& port, getAudioPort_cb _hidl_cb) {
+ return getAudioPortImpl(port, _hidl_cb, mDevice->get_audio_port, "get_audio_port");
+}
+#else
+Return<void> Device::getAudioPort(const AudioPort& port, getAudioPort_cb _hidl_cb) {
+ if (version() >= AUDIO_DEVICE_API_VERSION_3_2) {
+ // get_audio_port_v7 is mandatory if legacy HAL support this API version.
+ return getAudioPortImpl(port, _hidl_cb, mDevice->get_audio_port_v7, "get_audio_port_v7");
+ } else {
+ return getAudioPortImpl(port, _hidl_cb, mDevice->get_audio_port, "get_audio_port");
+ }
+}
+#endif
+
Return<Result> Device::setAudioPortConfig(const AudioPortConfig& config) {
if (version() >= AUDIO_DEVICE_API_VERSION_3_0) {
struct audio_port_config halPortConfig;
diff --git a/audio/core/all-versions/default/include/core/default/Device.h b/audio/core/all-versions/default/include/core/default/Device.h
index 5851fc9..94cad53 100644
--- a/audio/core/all-versions/default/include/core/default/Device.h
+++ b/audio/core/all-versions/default/include/core/default/Device.h
@@ -153,6 +153,10 @@
std::tuple<Result, AudioPatchHandle> createOrUpdateAudioPatch(
AudioPatchHandle patch, const hidl_vec<AudioPortConfig>& sources,
const hidl_vec<AudioPortConfig>& sinks);
+ template <typename HalPort>
+ Return<void> getAudioPortImpl(const AudioPort& port, getAudioPort_cb _hidl_cb,
+ int (*halGetter)(audio_hw_device_t*, HalPort*),
+ const char* halGetterName);
// Methods from ParametersUtil.
char* halGetParameters(const char* keys) override;
diff --git a/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp b/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
index 657b42d..0b3098b 100644
--- a/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
+++ b/audio/core/all-versions/vts/functional/7.0/AudioPrimaryHidlHalTest.cpp
@@ -580,12 +580,19 @@
// Starting / resuming of streams is asynchronous at HAL level.
// Sometimes HAL doesn't have enough information until the audio data actually gets
// consumed by the hardware.
- do {
+ bool timedOut = false;
+ res = Result::INVALID_STATE;
+ for (android::base::Timer elapsed;
+ res != Result::OK && !writer.hasError() &&
+ !(timedOut = (elapsed.duration() >= kPositionChangeTimeout));) {
+ usleep(kWriteDurationUs);
ASSERT_OK(stream->getPresentationPosition(returnIn(res, framesInitial, ts)));
ASSERT_RESULT(okOrInvalidState, res);
- } while (res != Result::OK);
+ }
+ ASSERT_FALSE(writer.hasError());
+ ASSERT_FALSE(timedOut);
+
uint64_t frames = framesInitial;
- bool timedOut = false;
for (android::base::Timer elapsed;
frames <= framesInitial && !writer.hasError() &&
!(timedOut = (elapsed.duration() >= kPositionChangeTimeout));) {
@@ -666,11 +673,18 @@
allParams.begin(), allParams.end(), std::back_inserter(pcmParams), [](auto cfg) {
const auto& flags = std::get<PARAM_FLAGS>(cfg);
return xsd::isLinearPcm(std::get<PARAM_CONFIG>(cfg).base.format)
- // MMAP NOIRQ profiles use different reading protocol.
+ // MMAP NOIRQ profiles use different reading protocol,
+ // reading h/w hotword might require Soundtrigger to be active.
&&
- std::find(flags.begin(), flags.end(),
- toString(xsd::AudioInOutFlag::AUDIO_INPUT_FLAG_MMAP_NOIRQ)) ==
- flags.end() &&
+ std::find_if(
+ flags.begin(), flags.end(),
+ [](const auto& flag) {
+ return flag == toString(
+ xsd::AudioInOutFlag::
+ AUDIO_INPUT_FLAG_MMAP_NOIRQ) ||
+ flag == toString(xsd::AudioInOutFlag::
+ AUDIO_INPUT_FLAG_HW_HOTWORD);
+ }) == flags.end() &&
!getCachedPolicyConfig()
.getAttachedSourceDeviceForMixPort(
std::get<PARAM_DEVICE_NAME>(
@@ -690,6 +704,15 @@
InputStreamTest::TearDown();
}
+ bool canQueryCapturePosition() const {
+ auto maybeSourceAddress = getCachedPolicyConfig().getSourceDeviceForMixPort(
+ getDeviceName(), getMixPortName());
+ // Returning 'true' when no source is found so the test can fail later with a more clear
+ // problem description.
+ return !maybeSourceAddress.has_value() ||
+ !xsd::isTelephonyDevice(maybeSourceAddress.value().deviceType);
+ }
+
void createPatchIfNeeded() {
auto maybeSourceAddress = getCachedPolicyConfig().getSourceDeviceForMixPort(
getDeviceName(), getMixPortName());
@@ -714,6 +737,7 @@
EXPECT_OK(stream->setDevices({maybeSourceAddress.value()}));
}
}
+
void releasePatchIfNeeded() {
if (areAudioPatchesSupported()) {
if (mHasPatch) {
@@ -724,7 +748,42 @@
EXPECT_OK(stream->setDevices({address}));
}
}
- const std::string& getMixPortName() const { return std::get<PARAM_PORT_NAME>(GetParam()); }
+
+ void waitForCapturePositionAdvance(StreamReader& reader, uint64_t* firstPosition = nullptr,
+ uint64_t* lastPosition = nullptr) {
+ static constexpr int kReadDurationUs = 50 * 1000;
+ static constexpr std::chrono::milliseconds kPositionChangeTimeout{10000};
+ uint64_t framesInitial, ts;
+ // Starting / resuming of streams is asynchronous at HAL level.
+ // Sometimes HAL doesn't have enough information until the audio data actually has been
+ // produced by the hardware. Legacy HALs might return NOT_SUPPORTED when they actually
+ // mean INVALID_STATE.
+ bool timedOut = false;
+ res = Result::INVALID_STATE;
+ for (android::base::Timer elapsed;
+ res != Result::OK && !reader.hasError() &&
+ !(timedOut = (elapsed.duration() >= kPositionChangeTimeout));) {
+ usleep(kReadDurationUs);
+ ASSERT_OK(stream->getCapturePosition(returnIn(res, framesInitial, ts)));
+ ASSERT_RESULT(okOrInvalidStateOrNotSupported, res);
+ }
+ ASSERT_FALSE(reader.hasError());
+ ASSERT_FALSE(timedOut);
+
+ uint64_t frames = framesInitial;
+ for (android::base::Timer elapsed;
+ frames <= framesInitial && !reader.hasError() &&
+ !(timedOut = (elapsed.duration() >= kPositionChangeTimeout));) {
+ usleep(kReadDurationUs);
+ ASSERT_OK(stream->getCapturePosition(returnIn(res, frames, ts)));
+ ASSERT_RESULT(Result::OK, res);
+ }
+ EXPECT_FALSE(timedOut);
+ EXPECT_FALSE(reader.hasError());
+ EXPECT_GT(frames, framesInitial);
+ if (firstPosition) *firstPosition = framesInitial;
+ if (lastPosition) *lastPosition = frames;
+ }
private:
AudioPatchHandle mPatchHandle = {};
@@ -740,47 +799,36 @@
TEST_P(PcmOnlyConfigInputStreamTest, CapturePositionAdvancesWithReads) {
doc::test("Check that the capture position advances with reads");
+ if (!canQueryCapturePosition()) {
+ GTEST_SKIP() << "Capture position retrieval is not possible";
+ }
ASSERT_NO_FATAL_FAILURE(createPatchIfNeeded());
StreamReader reader(stream.get(), stream->getBufferSize());
ASSERT_TRUE(reader.start());
EXPECT_TRUE(reader.waitForAtLeastOneCycle());
-
- uint64_t framesInitial, ts;
- ASSERT_OK(stream->getCapturePosition(returnIn(res, framesInitial, ts)));
- ASSERT_RESULT(Result::OK, res);
-
- EXPECT_TRUE(reader.waitForAtLeastOneCycle());
-
- uint64_t frames;
- ASSERT_OK(stream->getCapturePosition(returnIn(res, frames, ts)));
- ASSERT_RESULT(Result::OK, res);
- EXPECT_GT(frames, framesInitial);
-
- reader.stop();
- releasePatchIfNeeded();
+ ASSERT_NO_FATAL_FAILURE(waitForCapturePositionAdvance(reader));
}
TEST_P(PcmOnlyConfigInputStreamTest, CapturePositionPreservedOnStandby) {
doc::test("Check that the capture position does not reset on standby");
+ if (!canQueryCapturePosition()) {
+ GTEST_SKIP() << "Capture position retrieval is not possible";
+ }
ASSERT_NO_FATAL_FAILURE(createPatchIfNeeded());
StreamReader reader(stream.get(), stream->getBufferSize());
ASSERT_TRUE(reader.start());
EXPECT_TRUE(reader.waitForAtLeastOneCycle());
- uint64_t framesInitial, ts;
- ASSERT_OK(stream->getCapturePosition(returnIn(res, framesInitial, ts)));
- ASSERT_RESULT(Result::OK, res);
-
+ uint64_t framesInitial;
+ ASSERT_NO_FATAL_FAILURE(waitForCapturePositionAdvance(reader, nullptr, &framesInitial));
reader.pause();
ASSERT_OK(stream->standby());
reader.resume();
- EXPECT_FALSE(reader.hasError());
uint64_t frames;
- ASSERT_OK(stream->getCapturePosition(returnIn(res, frames, ts)));
- ASSERT_RESULT(Result::OK, res);
+ ASSERT_NO_FATAL_FAILURE(waitForCapturePositionAdvance(reader, &frames, nullptr));
EXPECT_GT(frames, framesInitial);
reader.stop();
diff --git a/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h b/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
index ae1467d..aa7fd8e 100644
--- a/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
+++ b/audio/core/all-versions/vts/functional/AudioPrimaryHidlHalTest.h
@@ -1194,7 +1194,17 @@
#if MAJOR_VERSION <= 6
address.device = AudioDevice::IN_DEFAULT;
#elif MAJOR_VERSION >= 7
- address.deviceType = toString(xsd::AudioDevice::AUDIO_DEVICE_IN_DEFAULT);
+ auto maybeSourceAddress = getCachedPolicyConfig().getSourceDeviceForMixPort(
+ getDeviceName(), getMixPortName());
+ if (maybeSourceAddress.has_value() &&
+ !xsd::isTelephonyDevice(maybeSourceAddress.value().deviceType)) {
+ address = maybeSourceAddress.value();
+ auto& metadata = initMetadata.tracks[0];
+ metadata.source = toString(xsd::AudioSource::AUDIO_SOURCE_UNPROCESSED);
+ metadata.channelMask = getConfig().base.channelMask;
+ } else {
+ address.deviceType = toString(xsd::AudioDevice::AUDIO_DEVICE_IN_DEFAULT);
+ }
#endif
const AudioConfig& config = getConfig();
auto flags = getInputFlags();
@@ -1212,7 +1222,8 @@
#elif MAJOR_VERSION >= 4 && MAJOR_VERSION <= 6
const SinkMetadata initMetadata = {{ {.source = AudioSource::DEFAULT, .gain = 1 } }};
#elif MAJOR_VERSION >= 7
- const SinkMetadata initMetadata = {
+ const std::string& getMixPortName() const { return std::get<PARAM_PORT_NAME>(GetParam()); }
+ SinkMetadata initMetadata = {
{{.source = toString(xsd::AudioSource::AUDIO_SOURCE_DEFAULT),
.gain = 1,
.tags = {},
diff --git a/audio/core/all-versions/vts/functional/tests/streamworker_tests.cpp b/audio/core/all-versions/vts/functional/tests/streamworker_tests.cpp
index 75116af..925fd33 100644
--- a/audio/core/all-versions/vts/functional/tests/streamworker_tests.cpp
+++ b/audio/core/all-versions/vts/functional/tests/streamworker_tests.cpp
@@ -33,12 +33,6 @@
// Use nullptr to test error reporting from the worker thread.
explicit TestWorker(TestStream* stream) : mStream(stream) {}
- void ensureWorkerCycled() {
- const size_t cyclesBefore = mWorkerCycles;
- while (mWorkerCycles == cyclesBefore && !hasError()) {
- sched_yield();
- }
- }
size_t getWorkerCycles() const { return mWorkerCycles; }
bool hasWorkerCycleCalled() const { return mWorkerCycles != 0; }
bool hasNoWorkerCycleCalled(useconds_t usec) {
@@ -131,21 +125,21 @@
TEST_P(StreamWorkerTest, Start) {
ASSERT_TRUE(worker.start());
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_FALSE(worker.hasError());
}
TEST_P(StreamWorkerTest, WorkerError) {
ASSERT_TRUE(worker.start());
stream.error = true;
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_TRUE(worker.hasError());
EXPECT_TRUE(worker.hasNoWorkerCycleCalled(kWorkerIdleCheckTime));
}
TEST_P(StreamWorkerTest, PauseResume) {
ASSERT_TRUE(worker.start());
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_FALSE(worker.hasError());
worker.pause();
EXPECT_TRUE(worker.hasNoWorkerCycleCalled(kWorkerIdleCheckTime));
@@ -159,7 +153,7 @@
TEST_P(StreamWorkerTest, StopPaused) {
ASSERT_TRUE(worker.start());
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_FALSE(worker.hasError());
worker.pause();
worker.stop();
@@ -169,7 +163,7 @@
TEST_P(StreamWorkerTest, PauseAfterErrorIgnored) {
ASSERT_TRUE(worker.start());
stream.error = true;
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_TRUE(worker.hasError());
worker.pause();
EXPECT_TRUE(worker.hasNoWorkerCycleCalled(kWorkerIdleCheckTime));
@@ -179,7 +173,7 @@
TEST_P(StreamWorkerTest, ResumeAfterErrorIgnored) {
ASSERT_TRUE(worker.start());
stream.error = true;
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_TRUE(worker.hasError());
worker.resume();
EXPECT_TRUE(worker.hasNoWorkerCycleCalled(kWorkerIdleCheckTime));
@@ -188,14 +182,14 @@
TEST_P(StreamWorkerTest, WorkerErrorOnResume) {
ASSERT_TRUE(worker.start());
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_FALSE(worker.hasError());
worker.pause();
EXPECT_FALSE(worker.hasError());
stream.error = true;
EXPECT_FALSE(worker.hasError());
worker.resume();
- worker.ensureWorkerCycled();
+ worker.waitForAtLeastOneCycle();
EXPECT_TRUE(worker.hasError());
EXPECT_TRUE(worker.hasNoWorkerCycleCalled(kWorkerIdleCheckTime));
}
diff --git a/audio/effect/all-versions/default/util/EffectUtils.cpp b/audio/effect/all-versions/default/util/EffectUtils.cpp
index b4382dc..1156d21 100644
--- a/audio/effect/all-versions/default/util/EffectUtils.cpp
+++ b/audio/effect/all-versions/default/util/EffectUtils.cpp
@@ -25,8 +25,6 @@
#include "util/EffectUtils.h"
-#define ARRAY_SIZE(a) (sizeof(a) / sizeof(*(a)))
-
using ::android::hardware::audio::common::CPP_VERSION::implementation::HidlUtils;
using ::android::hardware::audio::common::CPP_VERSION::implementation::UuidUtils;
using ::android::hardware::audio::common::utils::EnumBitfield;
@@ -154,6 +152,29 @@
return result;
}
+template <std::size_t N>
+inline hidl_string charBufferFromHal(const char (&halBuf)[N]) {
+ // Even if the original field contains a non-terminated string, hidl_string
+ // adds a NUL terminator.
+ return hidl_string(halBuf, strnlen(halBuf, N));
+}
+
+template <std::size_t N>
+inline status_t charBufferToHal(const hidl_string& str, char (&halBuf)[N], const char* fieldName) {
+ static_assert(N > 0);
+ const size_t halBufChars = N - 1; // Reserve one character for terminating NUL.
+ status_t result = NO_ERROR;
+ size_t strSize = str.size();
+ if (strSize > halBufChars) {
+ ALOGE("%s is too long: %zu (%zu max)", fieldName, strSize, halBufChars);
+ strSize = halBufChars;
+ result = BAD_VALUE;
+ }
+ strncpy(halBuf, str.c_str(), strSize);
+ halBuf[strSize] = '\0';
+ return result;
+}
+
status_t EffectUtils::effectDescriptorFromHal(const effect_descriptor_t& halDescriptor,
EffectDescriptor* descriptor) {
UuidUtils::uuidFromHal(halDescriptor.type, &descriptor->type);
@@ -166,9 +187,8 @@
memcpy(descriptor->implementor.data(), halDescriptor.implementor,
descriptor->implementor.size());
#else
- descriptor->name = hidl_string(halDescriptor.name, ARRAY_SIZE(halDescriptor.name));
- descriptor->implementor =
- hidl_string(halDescriptor.implementor, ARRAY_SIZE(halDescriptor.implementor));
+ descriptor->name = charBufferFromHal(halDescriptor.name);
+ descriptor->implementor = charBufferFromHal(halDescriptor.implementor);
#endif
return NO_ERROR;
}
@@ -186,25 +206,11 @@
memcpy(halDescriptor->implementor, descriptor.implementor.data(),
descriptor.implementor.size());
#else
- // According to 'dumpEffectDescriptor' 'name' and 'implementor' must be NUL-terminated.
- size_t nameSize = descriptor.name.size();
- if (nameSize >= ARRAY_SIZE(halDescriptor->name)) {
- ALOGE("effect name is too long: %zu (%zu max)", nameSize,
- ARRAY_SIZE(halDescriptor->name) - 1);
- nameSize = ARRAY_SIZE(halDescriptor->name) - 1;
- result = BAD_VALUE;
- }
- strncpy(halDescriptor->name, descriptor.name.c_str(), nameSize);
- halDescriptor->name[nameSize] = '\0';
- size_t implementorSize = descriptor.implementor.size();
- if (implementorSize >= ARRAY_SIZE(halDescriptor->implementor)) {
- ALOGE("effect implementor is too long: %zu (%zu max)", implementorSize,
- ARRAY_SIZE(halDescriptor->implementor) - 1);
- implementorSize = ARRAY_SIZE(halDescriptor->implementor) - 1;
- result = BAD_VALUE;
- }
- strncpy(halDescriptor->implementor, descriptor.implementor.c_str(), implementorSize);
- halDescriptor->implementor[implementorSize] = '\0';
+ // According to 'dumpEffectDescriptor', 'name' and 'implementor' must be NUL-terminated.
+ CONVERT_CHECKED(charBufferToHal(descriptor.name, halDescriptor->name, "effect name"), result);
+ CONVERT_CHECKED(charBufferToHal(descriptor.implementor, halDescriptor->implementor,
+ "effect implementor"),
+ result);
#endif
return result;
}
diff --git a/audio/effect/all-versions/default/util/tests/effectutils_tests.cpp b/audio/effect/all-versions/default/util/tests/effectutils_tests.cpp
index f3651de..d021fa0 100644
--- a/audio/effect/all-versions/default/util/tests/effectutils_tests.cpp
+++ b/audio/effect/all-versions/default/util/tests/effectutils_tests.cpp
@@ -154,3 +154,20 @@
EXPECT_EQ(NO_ERROR, EffectUtils::effectDescriptorFromHal(halDesc, &descBack));
EXPECT_EQ(desc, descBack);
}
+
+TEST(EffectUtils, ConvertNameAndImplementor) {
+ for (size_t i = 0; i < EFFECT_STRING_LEN_MAX; ++i) {
+ effect_descriptor_t halDesc{};
+ for (size_t c = 0; c < i; ++c) { // '<' to accommodate NUL terminator.
+ halDesc.name[c] = halDesc.implementor[c] = 'A' + static_cast<char>(c);
+ }
+ EffectDescriptor desc;
+ EXPECT_EQ(NO_ERROR, EffectUtils::effectDescriptorFromHal(halDesc, &desc));
+ effect_descriptor_t halDescBack;
+ EXPECT_EQ(NO_ERROR, EffectUtils::effectDescriptorToHal(desc, &halDescBack));
+ EXPECT_EQ(i, strlen(halDescBack.name));
+ EXPECT_EQ(i, strlen(halDescBack.implementor));
+ EXPECT_EQ(0, strcmp(halDesc.name, halDescBack.name));
+ EXPECT_EQ(0, strcmp(halDesc.implementor, halDescBack.implementor));
+ }
+}
diff --git a/automotive/audiocontrol/aidl/default/Android.bp b/automotive/audiocontrol/aidl/default/Android.bp
index 878bee1..7694bdf 100644
--- a/automotive/audiocontrol/aidl/default/Android.bp
+++ b/automotive/audiocontrol/aidl/default/Android.bp
@@ -27,10 +27,8 @@
init_rc: ["audiocontrol-default.rc"],
vintf_fragments: ["audiocontrol-default.xml"],
vendor: true,
- generated_headers: ["audio_policy_configuration_V7_0"],
- generated_sources: ["audio_policy_configuration_V7_0"],
- header_libs: ["libxsdc-utils"],
shared_libs: [
+ "android.hardware.audio.common@7.0-enums",
"android.frameworks.automotive.powerpolicy-V1-ndk_platform",
"android.hardware.automotive.audiocontrol-V1-ndk_platform",
"libbase",
@@ -38,7 +36,6 @@
"libcutils",
"liblog",
"libpowerpolicyclient",
- "libxml2",
],
srcs: [
"AudioControl.cpp",
diff --git a/automotive/audiocontrol/aidl/default/AudioControl.cpp b/automotive/audiocontrol/aidl/default/AudioControl.cpp
index b076d01..c0bc796 100644
--- a/automotive/audiocontrol/aidl/default/AudioControl.cpp
+++ b/automotive/audiocontrol/aidl/default/AudioControl.cpp
@@ -14,6 +14,9 @@
* limitations under the License.
*/
+#define LOG_TAG "AudioControl"
+// #define LOG_NDEBUG 0
+
#include "AudioControl.h"
#include <aidl/android/hardware/automotive/audiocontrol/AudioFocusChange.h>
@@ -24,7 +27,7 @@
#include <android-base/parseint.h>
#include <android-base/strings.h>
-#include <android_audio_policy_configuration_V7_0.h>
+#include <android_audio_policy_configuration_V7_0-enums.h>
#include <private/android_filesystem_config.h>
#include <stdio.h>
@@ -33,6 +36,7 @@
using ::android::base::EqualsIgnoreCase;
using ::android::base::ParseInt;
+using ::std::shared_ptr;
using ::std::string;
namespace xsd {
@@ -68,7 +72,7 @@
const shared_ptr<IFocusListener>& in_listener) {
LOG(DEBUG) << "registering focus listener";
- if (in_listener.get()) {
+ if (in_listener) {
std::atomic_store(&mFocusListener, in_listener);
} else {
LOG(ERROR) << "Unexpected nullptr for listener resulting in no-op.";
@@ -80,9 +84,10 @@
if (isValidValue(value)) {
// Just log in this default mock implementation
LOG(INFO) << "Balance set to " << value;
- } else {
- LOG(ERROR) << "Balance value out of range -1 to 1 at " << value;
+ return ndk::ScopedAStatus::ok();
}
+
+ LOG(ERROR) << "Balance value out of range -1 to 1 at " << value;
return ndk::ScopedAStatus::ok();
}
@@ -90,9 +95,10 @@
if (isValidValue(value)) {
// Just log in this default mock implementation
LOG(INFO) << "Fader set to " << value;
- } else {
- LOG(ERROR) << "Fader value out of range -1 to 1 at " << value;
+ return ndk::ScopedAStatus::ok();
}
+
+ LOG(ERROR) << "Fader value out of range -1 to 1 at " << value;
return ndk::ScopedAStatus::ok();
}
@@ -194,7 +200,7 @@
}
string usage = string(args[1]);
- if (xsd::stringToAudioUsage(usage) == xsd::AudioUsage::UNKNOWN) {
+ if (xsd::isUnknownAudioUsage(usage)) {
dprintf(fd,
"Unknown usage provided: %s. Please see audio_policy_configuration.xsd V7_0 "
"for supported values\n",
@@ -236,7 +242,7 @@
}
string usage = string(args[1]);
- if (xsd::stringToAudioUsage(usage) == xsd::AudioUsage::UNKNOWN) {
+ if (xsd::isUnknownAudioUsage(usage)) {
dprintf(fd,
"Unknown usage provided: %s. Please see audio_policy_configuration.xsd V7_0 "
"for supported values\n",
diff --git a/automotive/audiocontrol/aidl/default/AudioControl.h b/automotive/audiocontrol/aidl/default/AudioControl.h
index ab0b1b3..cca9c44 100644
--- a/automotive/audiocontrol/aidl/default/AudioControl.h
+++ b/automotive/audiocontrol/aidl/default/AudioControl.h
@@ -23,8 +23,6 @@
namespace aidl::android::hardware::automotive::audiocontrol {
-using ::std::shared_ptr;
-
class AudioControl : public BnAudioControl {
public:
ndk::ScopedAStatus onAudioFocusChange(const std::string& in_usage, int32_t in_zoneId,
@@ -34,7 +32,7 @@
ndk::ScopedAStatus onDevicesToMuteChange(
const std::vector<MutingInfo>& in_mutingInfos) override;
ndk::ScopedAStatus registerFocusListener(
- const shared_ptr<IFocusListener>& in_listener) override;
+ const std::shared_ptr<IFocusListener>& in_listener) override;
ndk::ScopedAStatus setBalanceTowardRight(float in_value) override;
ndk::ScopedAStatus setFadeTowardFront(float in_value) override;
binder_status_t dump(int fd, const char** args, uint32_t numArgs) override;
@@ -44,7 +42,7 @@
// a single instance of CarAudioService. As such, it doesn't have explicit serialization.
// If a different AudioControl implementation were to have multiple threads leveraging this
// listener, then it should also include mutexes or make the listener atomic.
- shared_ptr<IFocusListener> mFocusListener;
+ std::shared_ptr<IFocusListener> mFocusListener;
binder_status_t cmdHelp(int fd) const;
binder_status_t cmdRequestFocus(int fd, const char** args, uint32_t numArgs);
diff --git a/automotive/vehicle/2.0/default/impl/vhal_v2_0/DefaultConfig.h b/automotive/vehicle/2.0/default/impl/vhal_v2_0/DefaultConfig.h
index 9d0b9ec..19b0a35 100644
--- a/automotive/vehicle/2.0/default/impl/vhal_v2_0/DefaultConfig.h
+++ b/automotive/vehicle/2.0/default/impl/vhal_v2_0/DefaultConfig.h
@@ -1149,6 +1149,22 @@
{
.config =
{
+ .prop = toInt(VehicleProperty::UNIX_TIME),
+ .access = VehiclePropertyAccess::READ_WRITE,
+ .changeMode = VehiclePropertyChangeMode::ON_CHANGE,
+ },
+ },
+ {
+ .config =
+ {
+ .prop = toInt(VehicleProperty::STORAGE_ENCRYPTION_BINDING_SEED),
+ .access = VehiclePropertyAccess::READ_WRITE,
+ .changeMode = VehiclePropertyChangeMode::ON_CHANGE,
+ },
+ },
+ {
+ .config =
+ {
.prop = toInt(VehicleProperty::WATCHDOG_ALIVE),
.access = VehiclePropertyAccess::WRITE,
.changeMode = VehiclePropertyChangeMode::ON_CHANGE,
@@ -1206,7 +1222,7 @@
{
.config =
{
- .prop = toInt(VehicleProperty::CLUSTER_NAVIGATION_STATE_LEGACY),
+ .prop = toInt(VehicleProperty::CLUSTER_NAVIGATION_STATE),
.access = VehiclePropertyAccess::WRITE,
.changeMode = VehiclePropertyChangeMode::ON_CHANGE,
},
diff --git a/automotive/vehicle/2.0/types.hal b/automotive/vehicle/2.0/types.hal
index 9ecb2d5..1fe4bac 100644
--- a/automotive/vehicle/2.0/types.hal
+++ b/automotive/vehicle/2.0/types.hal
@@ -1348,6 +1348,48 @@
| VehicleArea:GLOBAL),
/**
+ * Current date and time, encoded as Unix time (in milliseconds).
+ * This value denotes the number of milliseconds seconds that have
+ * elapsed since 1/1/1970 UTC.
+ *
+ * Reading this value will give you the system’s time. This can be
+ * useful to synchronize other vehicle systems (dash clock etc).
+ *
+ * Writing this value will update the ‘ExternalTimeSuggestion’
+ * value (if enabled). This value may be consumed by the “Time
+ * Detector Service”, if other sources do not have a higher
+ * priority. For information on how to adjust time source
+ * priorities see Time Detector Service documentation.
+ *
+ * @change_mode VehiclePropertyChangeMode:ON_CHANGE
+ * @access VehiclePropertyAccess:READ_WRITE
+ * @unit VehicleUnit:MILLI_SECS
+ */
+ UNIX_TIME = (
+ 0x0606
+ | VehiclePropertyGroup:SYSTEM
+ | VehiclePropertyType:INT64
+ | VehicleArea:GLOBAL),
+
+ /**
+ * External encryption binding seed.
+ *
+ * This value is mixed with the local key storage encryption key.
+ * This property holds 16 bytes, and is expected to be persisted on an ECU separate from
+ * the IVI. The property is initially set by AAOS, who generates it using a CSRNG.
+ * AAOS will then read the property on subsequent boots. The binding seed is expected to be
+ * reliably persisted. Any loss of the seed results in a factory reset of the IVI.
+ *
+ * @change_mode VehiclePropertyChangeMode:ON_CHANGE
+ * @access VehiclePropertyAccess:READ_WRITE
+ */
+ STORAGE_ENCRYPTION_BINDING_SEED = (
+ 0x0607
+ | VehiclePropertyGroup:SYSTEM
+ | VehiclePropertyType:BYTES
+ | VehicleArea:GLOBAL),
+
+ /**
* Outside temperature
*
* @change_mode VehiclePropertyChangeMode:CONTINUOUS
@@ -3159,7 +3201,7 @@
* @change_mode VehiclePropertyChangeMode:ON_CHANGE
* @access VehiclePropertyAccess:WRITE
*/
- CLUSTER_NAVIGATION_STATE_LEGACY = (
+ CLUSTER_NAVIGATION_STATE = (
0x0F38
| VehiclePropertyGroup:SYSTEM
| VehiclePropertyType:BYTES
@@ -3623,6 +3665,7 @@
US_GALLON = 0x42,
IMPERIAL_GALLON = 0x43,
NANO_SECS = 0x50,
+ MILLI_SECS = 0x51,
SECS = 0x53,
YEAR = 0x59,
diff --git a/biometrics/face/aidl/android/hardware/biometrics/face/ISession.aidl b/biometrics/face/aidl/android/hardware/biometrics/face/ISession.aidl
index f9c13e6..9734873 100644
--- a/biometrics/face/aidl/android/hardware/biometrics/face/ISession.aidl
+++ b/biometrics/face/aidl/android/hardware/biometrics/face/ISession.aidl
@@ -213,6 +213,7 @@
* 1) Any face is detected and the framework is notified via
* ISessionCallback#onInteractiondetected
* 2) The operation was cancelled by the framework (see ICancellationSignal)
+ * 3) An error occurred, for example ERROR::TIMEOUT
*
* Note that if the operation is canceled, the implementation must notify the framework via
* ISessionCallback#onError with Error::CANCELED.
diff --git a/biometrics/fingerprint/aidl/default/Fingerprint.cpp b/biometrics/fingerprint/aidl/default/Fingerprint.cpp
index 734ff60..fbfa52f 100644
--- a/biometrics/fingerprint/aidl/default/Fingerprint.cpp
+++ b/biometrics/fingerprint/aidl/default/Fingerprint.cpp
@@ -22,7 +22,7 @@
namespace {
constexpr size_t MAX_WORKER_QUEUE_SIZE = 5;
constexpr int SENSOR_ID = 1;
-constexpr common::SensorStrength SENSOR_STRENGTH = common::SensorStrength::WEAK;
+constexpr common::SensorStrength SENSOR_STRENGTH = common::SensorStrength::STRONG;
constexpr int MAX_ENROLLMENTS_PER_USER = 5;
constexpr FingerprintSensorType SENSOR_TYPE = FingerprintSensorType::REAR;
constexpr bool SUPPORTS_NAVIGATION_GESTURES = true;
diff --git a/bluetooth/1.0/vts/functional/VtsHalBluetoothV1_0TargetTest.cpp b/bluetooth/1.0/vts/functional/VtsHalBluetoothV1_0TargetTest.cpp
index 76777dc..8ea1ddd 100644
--- a/bluetooth/1.0/vts/functional/VtsHalBluetoothV1_0TargetTest.cpp
+++ b/bluetooth/1.0/vts/functional/VtsHalBluetoothV1_0TargetTest.cpp
@@ -179,7 +179,7 @@
bluetooth_cb->SetWaitTimeout(kCallbackNameScoEventReceived,
WAIT_FOR_SCO_DATA_TIMEOUT);
- EXPECT_TRUE(
+ ASSERT_TRUE(
bluetooth_cb->WaitForCallback(kCallbackNameInitializationComplete)
.no_timeout);
@@ -289,7 +289,7 @@
void BluetoothHidlTest::handle_no_ops() {
while (event_queue.size() > 0) {
hidl_vec<uint8_t> event = event_queue.front();
- EXPECT_GE(event.size(),
+ ASSERT_GE(event.size(),
static_cast<size_t>(EVENT_COMMAND_COMPLETE_STATUS_BYTE));
bool event_is_no_op =
(event[EVENT_CODE_BYTE] == EVENT_COMMAND_COMPLETE) &&
@@ -327,7 +327,7 @@
bluetooth_cb->WaitForCallback(kCallbackNameHciEventReceived).no_timeout;
EXPECT_TRUE(no_timeout || !timeout_is_error);
if (no_timeout && timeout_is_error) {
- EXPECT_LT(static_cast<size_t>(0), event_queue.size());
+ ASSERT_LT(static_cast<size_t>(0), event_queue.size());
}
if (event_queue.size() == 0) {
// WaitForCallback timed out.
@@ -343,12 +343,12 @@
hidl_vec<uint8_t> event = event_queue.front();
event_queue.pop();
- EXPECT_GT(event.size(),
+ ASSERT_GT(event.size(),
static_cast<size_t>(EVENT_COMMAND_COMPLETE_STATUS_BYTE));
- EXPECT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
- EXPECT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
- EXPECT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
- EXPECT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
+ ASSERT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
+ ASSERT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
+ ASSERT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
+ ASSERT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
}
// Send the command to read the controller's buffer sizes.
@@ -362,10 +362,10 @@
hidl_vec<uint8_t> event = event_queue.front();
event_queue.pop();
- EXPECT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
- EXPECT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
- EXPECT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
- EXPECT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
+ ASSERT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
+ ASSERT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
+ ASSERT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
+ ASSERT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
max_acl_data_packet_length =
event[EVENT_COMMAND_COMPLETE_STATUS_BYTE + 1] +
@@ -415,10 +415,10 @@
size_t compare_length =
(cmd.size() > static_cast<size_t>(0xff) ? static_cast<size_t>(0xff)
: cmd.size());
- EXPECT_GT(event.size(), compare_length + EVENT_FIRST_PAYLOAD_BYTE - 1);
+ ASSERT_GT(event.size(), compare_length + EVENT_FIRST_PAYLOAD_BYTE - 1);
- EXPECT_EQ(EVENT_LOOPBACK_COMMAND, event[EVENT_CODE_BYTE]);
- EXPECT_EQ(compare_length, event[EVENT_LENGTH_BYTE]);
+ ASSERT_EQ(EVENT_LOOPBACK_COMMAND, event[EVENT_CODE_BYTE]);
+ ASSERT_EQ(compare_length, event[EVENT_LENGTH_BYTE]);
// Don't compare past the end of the event.
if (compare_length + EVENT_FIRST_PAYLOAD_BYTE > event.size()) {
@@ -455,12 +455,12 @@
bluetooth->sendScoData(sco_vector);
// Check the loopback of the SCO packet
- EXPECT_TRUE(bluetooth_cb->WaitForCallback(kCallbackNameScoEventReceived)
+ ASSERT_TRUE(bluetooth_cb->WaitForCallback(kCallbackNameScoEventReceived)
.no_timeout);
hidl_vec<uint8_t> sco_loopback = sco_queue.front();
sco_queue.pop();
- EXPECT_EQ(sco_packet.size(), sco_loopback.size());
+ ASSERT_EQ(sco_packet.size(), sco_loopback.size());
size_t successful_bytes = 0;
for (size_t i = 0; i < sco_packet.size(); i++) {
@@ -474,7 +474,7 @@
break;
}
}
- EXPECT_EQ(sco_packet.size(), successful_bytes + 1);
+ ASSERT_EQ(sco_packet.size(), successful_bytes + 1);
}
logger.setTotalBytes(num_packets * size * 2);
}
@@ -500,26 +500,15 @@
bluetooth->sendAclData(acl_vector);
// Check the loopback of the ACL packet
- EXPECT_TRUE(bluetooth_cb->WaitForCallback(kCallbackNameAclEventReceived)
+ ASSERT_TRUE(bluetooth_cb->WaitForCallback(kCallbackNameAclEventReceived)
.no_timeout);
hidl_vec<uint8_t> acl_loopback = acl_queue.front();
acl_queue.pop();
EXPECT_EQ(acl_packet.size(), acl_loopback.size());
- size_t successful_bytes = 0;
-
- for (size_t i = 0; i < acl_packet.size(); i++) {
- if (acl_packet[i] == acl_loopback[i]) {
- successful_bytes = i;
- } else {
- ALOGE("Miscompare at %d (expected %x, got %x)", static_cast<int>(i),
- acl_packet[i], acl_loopback[i]);
- ALOGE("At %d (expected %x, got %x)", static_cast<int>(i + 1),
- acl_packet[i + 1], acl_loopback[i + 1]);
- break;
- }
+ for (size_t i = 0; i < acl_packet.size() && i < acl_loopback.size(); i++) {
+ EXPECT_EQ(acl_packet[i], acl_loopback[i]) << " at byte number " << i;
}
- EXPECT_EQ(acl_packet.size(), successful_bytes + 1);
}
logger.setTotalBytes(num_packets * size * 2);
}
@@ -560,22 +549,22 @@
wait_for_event(false);
if (event_queue.size() == 0) {
// Fail if there was no event received or no connections completed.
- EXPECT_TRUE(command_complete_received);
- EXPECT_LT(0, connection_event_count);
+ ASSERT_TRUE(command_complete_received);
+ ASSERT_LT(0, connection_event_count);
return;
}
hidl_vec<uint8_t> event = event_queue.front();
event_queue.pop();
- EXPECT_GT(event.size(),
+ ASSERT_GT(event.size(),
static_cast<size_t>(EVENT_COMMAND_COMPLETE_STATUS_BYTE));
if (event[EVENT_CODE_BYTE] == EVENT_CONNECTION_COMPLETE) {
- EXPECT_GT(event.size(),
+ ASSERT_GT(event.size(),
static_cast<size_t>(EVENT_CONNECTION_COMPLETE_TYPE));
- EXPECT_EQ(event[EVENT_LENGTH_BYTE],
+ ASSERT_EQ(event[EVENT_LENGTH_BYTE],
EVENT_CONNECTION_COMPLETE_PARAM_LENGTH);
uint8_t connection_type = event[EVENT_CONNECTION_COMPLETE_TYPE];
- EXPECT_TRUE(connection_type == EVENT_CONNECTION_COMPLETE_TYPE_SCO ||
+ ASSERT_TRUE(connection_type == EVENT_CONNECTION_COMPLETE_TYPE_SCO ||
connection_type == EVENT_CONNECTION_COMPLETE_TYPE_ACL);
// Save handles
@@ -590,10 +579,10 @@
event[EVENT_CONNECTION_COMPLETE_TYPE], handle);
connection_event_count++;
} else {
- EXPECT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
- EXPECT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
- EXPECT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
- EXPECT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
+ ASSERT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
+ ASSERT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
+ ASSERT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
+ ASSERT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
command_complete_received = true;
}
}
@@ -620,15 +609,15 @@
hidl_vec<uint8_t> event = event_queue.front();
event_queue.pop();
- EXPECT_GT(event.size(), static_cast<size_t>(EVENT_LOCAL_LMP_VERSION_BYTE));
+ ASSERT_GT(event.size(), static_cast<size_t>(EVENT_LOCAL_LMP_VERSION_BYTE));
- EXPECT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
- EXPECT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
- EXPECT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
- EXPECT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
+ ASSERT_EQ(EVENT_COMMAND_COMPLETE, event[EVENT_CODE_BYTE]);
+ ASSERT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
+ ASSERT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
+ ASSERT_EQ(HCI_STATUS_SUCCESS, event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
- EXPECT_LE(HCI_MINIMUM_HCI_VERSION, event[EVENT_LOCAL_HCI_VERSION_BYTE]);
- EXPECT_LE(HCI_MINIMUM_LMP_VERSION, event[EVENT_LOCAL_LMP_VERSION_BYTE]);
+ ASSERT_LE(HCI_MINIMUM_HCI_VERSION, event[EVENT_LOCAL_HCI_VERSION_BYTE]);
+ ASSERT_LE(HCI_MINIMUM_LMP_VERSION, event[EVENT_LOCAL_LMP_VERSION_BYTE]);
}
// Send an unknown HCI command and wait for the error message.
@@ -642,18 +631,18 @@
hidl_vec<uint8_t> event = event_queue.front();
event_queue.pop();
- EXPECT_GT(event.size(),
+ ASSERT_GT(event.size(),
static_cast<size_t>(EVENT_COMMAND_COMPLETE_STATUS_BYTE));
if (event[EVENT_CODE_BYTE] == EVENT_COMMAND_COMPLETE) {
- EXPECT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
- EXPECT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
- EXPECT_EQ(HCI_STATUS_UNKNOWN_HCI_COMMAND,
+ ASSERT_EQ(cmd[0], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE]);
+ ASSERT_EQ(cmd[1], event[EVENT_COMMAND_COMPLETE_OPCODE_LSBYTE + 1]);
+ ASSERT_EQ(HCI_STATUS_UNKNOWN_HCI_COMMAND,
event[EVENT_COMMAND_COMPLETE_STATUS_BYTE]);
} else {
- EXPECT_EQ(EVENT_COMMAND_STATUS, event[EVENT_CODE_BYTE]);
- EXPECT_EQ(cmd[0], event[EVENT_COMMAND_STATUS_OPCODE_LSBYTE]);
- EXPECT_EQ(cmd[1], event[EVENT_COMMAND_STATUS_OPCODE_LSBYTE + 1]);
- EXPECT_EQ(HCI_STATUS_UNKNOWN_HCI_COMMAND,
+ ASSERT_EQ(EVENT_COMMAND_STATUS, event[EVENT_CODE_BYTE]);
+ ASSERT_EQ(cmd[0], event[EVENT_COMMAND_STATUS_OPCODE_LSBYTE]);
+ ASSERT_EQ(cmd[1], event[EVENT_COMMAND_STATUS_OPCODE_LSBYTE + 1]);
+ ASSERT_EQ(HCI_STATUS_UNKNOWN_HCI_COMMAND,
event[EVENT_COMMAND_STATUS_STATUS_BYTE]);
}
}
@@ -678,7 +667,7 @@
// This should work, but breaks on some current platforms. Figure out how to
// grandfather older devices but test new ones.
if (0 && sco_connection_handles.size() > 0) {
- EXPECT_LT(0, max_sco_data_packet_length);
+ ASSERT_LT(0, max_sco_data_packet_length);
sendAndCheckSCO(1, max_sco_data_packet_length, sco_connection_handles[0]);
int sco_packets_sent = 1;
int completed_packets =
@@ -690,7 +679,7 @@
}
if (acl_connection_handles.size() > 0) {
- EXPECT_LT(0, max_acl_data_packet_length);
+ ASSERT_LT(0, max_acl_data_packet_length);
sendAndCheckACL(1, max_acl_data_packet_length, acl_connection_handles[0]);
int acl_packets_sent = 1;
int completed_packets =
@@ -715,7 +704,7 @@
// This should work, but breaks on some current platforms. Figure out how to
// grandfather older devices but test new ones.
if (0 && sco_connection_handles.size() > 0) {
- EXPECT_LT(0, max_sco_data_packet_length);
+ ASSERT_LT(0, max_sco_data_packet_length);
sendAndCheckSCO(NUM_SCO_PACKETS_BANDWIDTH, max_sco_data_packet_length,
sco_connection_handles[0]);
int sco_packets_sent = NUM_SCO_PACKETS_BANDWIDTH;
@@ -728,7 +717,7 @@
}
if (acl_connection_handles.size() > 0) {
- EXPECT_LT(0, max_acl_data_packet_length);
+ ASSERT_LT(0, max_acl_data_packet_length);
sendAndCheckACL(NUM_ACL_PACKETS_BANDWIDTH, max_acl_data_packet_length,
acl_connection_handles[0]);
int acl_packets_sent = NUM_ACL_PACKETS_BANDWIDTH;
diff --git a/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp b/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp
index b2fd402..ed3b1fa 100644
--- a/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp
+++ b/camera/provider/2.4/vts/functional/VtsHalCameraProviderV2_4TargetTest.cpp
@@ -125,6 +125,7 @@
using ::android::hardware::camera::metadata::V3_4::
CameraMetadataEnumAndroidSensorInfoColorFilterArrangement;
using ::android::hardware::camera::metadata::V3_4::CameraMetadataTag;
+using ::android::hardware::camera::metadata::V3_6::CameraMetadataEnumAndroidSensorPixelMode;
using ::android::hardware::camera::provider::V2_4::ICameraProvider;
using ::android::hardware::camera::provider::V2_4::ICameraProviderCallback;
using ::android::hardware::camera::provider::V2_6::CameraIdAndStreamCombination;
@@ -767,6 +768,8 @@
sp<device::V3_7::ICameraDeviceSession> *session3_7 /*out*/);
void castDevice(const sp<device::V3_2::ICameraDevice> &device, int32_t deviceVersion,
sp<device::V3_5::ICameraDevice> *device3_5/*out*/);
+ void castDevice3_7(const sp<device::V3_2::ICameraDevice>& device, int32_t deviceVersion,
+ sp<device::V3_7::ICameraDevice>* device3_7 /*out*/);
void createStreamConfiguration(const ::android::hardware::hidl_vec<V3_2::Stream>& streams3_2,
StreamConfigurationMode configMode,
::android::hardware::camera::device::V3_2::StreamConfiguration *config3_2,
@@ -785,6 +788,16 @@
sp<DeviceCb> *outCb /*out*/,
uint32_t *jpegBufferSize /*out*/,
bool *useHalBufManager /*out*/);
+ void configureStreams3_7(const std::string& name, int32_t deviceVersion,
+ sp<ICameraProvider> provider, PixelFormat format,
+ sp<device::V3_7::ICameraDeviceSession>* session3_7 /*out*/,
+ V3_2::Stream* previewStream /*out*/,
+ device::V3_6::HalStreamConfiguration* halStreamConfig /*out*/,
+ bool* supportsPartialResults /*out*/,
+ uint32_t* partialResultCount /*out*/, bool* useHalBufManager /*out*/,
+ sp<DeviceCb>* outCb /*out*/, uint32_t streamConfigCounter,
+ bool maxResolution);
+
void configurePreviewStreams3_4(const std::string &name, int32_t deviceVersion,
sp<ICameraProvider> provider,
const AvailableStream *previewThreshold,
@@ -846,6 +859,10 @@
hidl_vec<int32_t> streamIds, sp<DeviceCb> cb,
uint32_t streamConfigCounter = 0);
+ void verifyBuffersReturned(sp<device::V3_7::ICameraDeviceSession> session,
+ hidl_vec<int32_t> streamIds, sp<DeviceCb> cb,
+ uint32_t streamConfigCounter = 0);
+
void verifySessionReconfigurationQuery(sp<device::V3_5::ICameraDeviceSession> session3_5,
camera_metadata* oldSessionParams, camera_metadata* newSessionParams);
@@ -853,12 +870,15 @@
static bool isDepthOnly(const camera_metadata_t* staticMeta);
- static Status getAvailableOutputStreams(const camera_metadata_t *staticMeta,
- std::vector<AvailableStream> &outputStreams,
- const AvailableStream *threshold = nullptr);
+ static bool isUltraHighResolution(const camera_metadata_t* staticMeta);
+
+ static Status getAvailableOutputStreams(const camera_metadata_t* staticMeta,
+ std::vector<AvailableStream>& outputStreams,
+ const AvailableStream* threshold = nullptr,
+ bool maxResolution = false);
static Status getMaxOutputSizeForFormat(const camera_metadata_t* staticMeta, PixelFormat format,
- Size* size);
+ Size* size, bool maxResolution = false);
static Status getMandatoryConcurrentStreams(const camera_metadata_t* staticMeta,
std::vector<AvailableStream>* outputStreams);
@@ -4841,6 +4861,184 @@
}
}
+// Generate and verify an ultra high resolution capture request
+TEST_P(CameraHidlTest, processUltraHighResolutionRequest) {
+ hidl_vec<hidl_string> cameraDeviceNames = getCameraDeviceNames(mProvider);
+ uint64_t bufferId = 1;
+ uint32_t frameNumber = 1;
+ ::android::hardware::hidl_vec<uint8_t> settings;
+
+ for (const auto& name : cameraDeviceNames) {
+ int deviceVersion = getCameraDeviceVersion(name, mProviderType);
+ if (deviceVersion < CAMERA_DEVICE_API_VERSION_3_7) {
+ continue;
+ }
+ std::string version, deviceId;
+ ASSERT_TRUE(::matchDeviceName(name, mProviderType, &version, &deviceId));
+ camera_metadata_t* staticMeta;
+ Return<void> ret;
+ sp<ICameraDeviceSession> session;
+ openEmptyDeviceSession(name, mProvider, &session, &staticMeta);
+ if (!isUltraHighResolution(staticMeta)) {
+ free_camera_metadata(staticMeta);
+ ret = session->close();
+ ASSERT_TRUE(ret.isOk());
+ continue;
+ }
+ android::hardware::camera::common::V1_0::helper::CameraMetadata defaultSettings;
+ ret = session->constructDefaultRequestSettings(
+ RequestTemplate::STILL_CAPTURE,
+ [&defaultSettings](auto status, const auto& req) mutable {
+ ASSERT_EQ(Status::OK, status);
+
+ const camera_metadata_t* metadata =
+ reinterpret_cast<const camera_metadata_t*>(req.data());
+ size_t expectedSize = req.size();
+ int result = validate_camera_metadata_structure(metadata, &expectedSize);
+ ASSERT_TRUE((result == 0) || (result == CAMERA_METADATA_VALIDATION_SHIFTED));
+
+ size_t entryCount = get_camera_metadata_entry_count(metadata);
+ ASSERT_GT(entryCount, 0u);
+ defaultSettings = metadata;
+ });
+ ASSERT_TRUE(ret.isOk());
+ uint8_t sensorPixelMode =
+ static_cast<uint8_t>(ANDROID_SENSOR_PIXEL_MODE_MAXIMUM_RESOLUTION);
+ ASSERT_EQ(::android::OK,
+ defaultSettings.update(ANDROID_SENSOR_PIXEL_MODE, &sensorPixelMode, 1));
+
+ const camera_metadata_t* settingsBuffer = defaultSettings.getAndLock();
+ settings.setToExternal(
+ reinterpret_cast<uint8_t*>(const_cast<camera_metadata_t*>(settingsBuffer)),
+ get_camera_metadata_size(settingsBuffer));
+
+ free_camera_metadata(staticMeta);
+ ret = session->close();
+ ASSERT_TRUE(ret.isOk());
+ V3_6::HalStreamConfiguration halStreamConfig;
+ bool supportsPartialResults = false;
+ bool useHalBufManager = false;
+ uint32_t partialResultCount = 0;
+ V3_2::Stream previewStream;
+ sp<device::V3_7::ICameraDeviceSession> session3_7;
+ sp<DeviceCb> cb;
+ std::list<PixelFormat> pixelFormats = {PixelFormat::YCBCR_420_888, PixelFormat::RAW16};
+ for (PixelFormat format : pixelFormats) {
+ configureStreams3_7(name, deviceVersion, mProvider, format, &session3_7, &previewStream,
+ &halStreamConfig, &supportsPartialResults, &partialResultCount,
+ &useHalBufManager, &cb, 0, /*maxResolution*/ true);
+ ASSERT_NE(session3_7, nullptr);
+
+ std::shared_ptr<ResultMetadataQueue> resultQueue;
+ auto resultQueueRet = session3_7->getCaptureResultMetadataQueue(
+ [&resultQueue](const auto& descriptor) {
+ resultQueue = std::make_shared<ResultMetadataQueue>(descriptor);
+ if (!resultQueue->isValid() || resultQueue->availableToWrite() <= 0) {
+ ALOGE("%s: HAL returns empty result metadata fmq,"
+ " not use it",
+ __func__);
+ resultQueue = nullptr;
+ // Don't use the queue onwards.
+ }
+ });
+ ASSERT_TRUE(resultQueueRet.isOk());
+
+ std::vector<hidl_handle> graphicBuffers;
+ graphicBuffers.reserve(halStreamConfig.streams.size());
+ ::android::hardware::hidl_vec<StreamBuffer> outputBuffers;
+ outputBuffers.resize(halStreamConfig.streams.size());
+ InFlightRequest inflightReq = {static_cast<ssize_t>(halStreamConfig.streams.size()),
+ false,
+ supportsPartialResults,
+ partialResultCount,
+ std::unordered_set<std::string>(),
+ resultQueue};
+
+ size_t k = 0;
+ for (const auto& halStream : halStreamConfig.streams) {
+ hidl_handle buffer_handle;
+ if (useHalBufManager) {
+ outputBuffers[k] = {halStream.v3_4.v3_3.v3_2.id,
+ 0,
+ buffer_handle,
+ BufferStatus::OK,
+ nullptr,
+ nullptr};
+ } else {
+ allocateGraphicBuffer(
+ previewStream.width, previewStream.height,
+ android_convertGralloc1To0Usage(halStream.v3_4.v3_3.v3_2.producerUsage,
+ halStream.v3_4.v3_3.v3_2.consumerUsage),
+ halStream.v3_4.v3_3.v3_2.overrideFormat, &buffer_handle);
+ graphicBuffers.push_back(buffer_handle);
+ outputBuffers[k] = {halStream.v3_4.v3_3.v3_2.id,
+ bufferId,
+ buffer_handle,
+ BufferStatus::OK,
+ nullptr,
+ nullptr};
+ bufferId++;
+ }
+ k++;
+ }
+
+ StreamBuffer emptyInputBuffer = {-1, 0, nullptr, BufferStatus::ERROR, nullptr, nullptr};
+ V3_4::CaptureRequest request3_4;
+ request3_4.v3_2.frameNumber = frameNumber;
+ request3_4.v3_2.fmqSettingsSize = 0;
+ request3_4.v3_2.settings = settings;
+ request3_4.v3_2.inputBuffer = emptyInputBuffer;
+ request3_4.v3_2.outputBuffers = outputBuffers;
+ V3_7::CaptureRequest request3_7;
+ request3_7.v3_4 = request3_4;
+ request3_7.inputWidth = 0;
+ request3_7.inputHeight = 0;
+
+ {
+ std::unique_lock<std::mutex> l(mLock);
+ mInflightMap.clear();
+ mInflightMap.add(frameNumber, &inflightReq);
+ }
+
+ Status stat = Status::INTERNAL_ERROR;
+ uint32_t numRequestProcessed = 0;
+ hidl_vec<BufferCache> cachesToRemove;
+ Return<void> returnStatus = session3_7->processCaptureRequest_3_7(
+ {request3_7}, cachesToRemove,
+ [&stat, &numRequestProcessed](auto s, uint32_t n) {
+ stat = s;
+ numRequestProcessed = n;
+ });
+ ASSERT_TRUE(returnStatus.isOk());
+ ASSERT_EQ(Status::OK, stat);
+ ASSERT_EQ(numRequestProcessed, 1u);
+
+ {
+ std::unique_lock<std::mutex> l(mLock);
+ while (!inflightReq.errorCodeValid &&
+ ((0 < inflightReq.numBuffersLeft) || (!inflightReq.haveResultMetadata))) {
+ auto timeout = std::chrono::system_clock::now() +
+ std::chrono::seconds(kStreamBufferTimeoutSec);
+ ASSERT_NE(std::cv_status::timeout, mResultCondition.wait_until(l, timeout));
+ }
+
+ ASSERT_FALSE(inflightReq.errorCodeValid);
+ ASSERT_NE(inflightReq.resultOutputBuffers.size(), 0u);
+ }
+ if (useHalBufManager) {
+ hidl_vec<int32_t> streamIds(halStreamConfig.streams.size());
+ for (size_t i = 0; i < streamIds.size(); i++) {
+ streamIds[i] = halStreamConfig.streams[i].v3_4.v3_3.v3_2.id;
+ }
+ verifyBuffersReturned(session3_7, streamIds, cb);
+ }
+
+ ret = session3_7->close();
+ ASSERT_TRUE(ret.isOk());
+ }
+ }
+}
+
// Generate and verify a burst containing alternating sensor sensitivity values
TEST_P(CameraHidlTest, processCaptureRequestBurstISO) {
hidl_vec<hidl_string> cameraDeviceNames = getCameraDeviceNames(mProvider);
@@ -5537,21 +5735,26 @@
// Retrieve all valid output stream resolutions from the camera
// static characteristics.
-Status CameraHidlTest::getAvailableOutputStreams(const camera_metadata_t *staticMeta,
- std::vector<AvailableStream> &outputStreams,
- const AvailableStream *threshold) {
+Status CameraHidlTest::getAvailableOutputStreams(const camera_metadata_t* staticMeta,
+ std::vector<AvailableStream>& outputStreams,
+ const AvailableStream* threshold,
+ bool maxResolution) {
AvailableStream depthPreviewThreshold = {kMaxPreviewWidth, kMaxPreviewHeight,
static_cast<int32_t>(PixelFormat::Y16)};
if (nullptr == staticMeta) {
return Status::ILLEGAL_ARGUMENT;
}
+ int scalerTag = maxResolution
+ ? ANDROID_SCALER_AVAILABLE_STREAM_CONFIGURATIONS_MAXIMUM_RESOLUTION
+ : ANDROID_SCALER_AVAILABLE_STREAM_CONFIGURATIONS;
+ int depthTag = maxResolution
+ ? ANDROID_DEPTH_AVAILABLE_DEPTH_STREAM_CONFIGURATIONS_MAXIMUM_RESOLUTION
+ : ANDROID_DEPTH_AVAILABLE_DEPTH_STREAM_CONFIGURATIONS;
camera_metadata_ro_entry scalarEntry;
camera_metadata_ro_entry depthEntry;
- int foundScalar = find_camera_metadata_ro_entry(staticMeta,
- ANDROID_SCALER_AVAILABLE_STREAM_CONFIGURATIONS, &scalarEntry);
- int foundDepth = find_camera_metadata_ro_entry(staticMeta,
- ANDROID_DEPTH_AVAILABLE_DEPTH_STREAM_CONFIGURATIONS, &depthEntry);
+ int foundScalar = find_camera_metadata_ro_entry(staticMeta, scalerTag, &scalarEntry);
+ int foundDepth = find_camera_metadata_ro_entry(staticMeta, depthTag, &depthEntry);
if ((0 != foundScalar || (0 != (scalarEntry.count % 4))) &&
(0 != foundDepth || (0 != (depthEntry.count % 4)))) {
return Status::ILLEGAL_ARGUMENT;
@@ -5619,9 +5822,12 @@
}
Status CameraHidlTest::getMaxOutputSizeForFormat(const camera_metadata_t* staticMeta,
- PixelFormat format, Size* size) {
+ PixelFormat format, Size* size,
+ bool maxResolution) {
std::vector<AvailableStream> outputStreams;
- if (size == nullptr || getAvailableOutputStreams(staticMeta, outputStreams) != Status::OK) {
+ if (size == nullptr ||
+ getAvailableOutputStreams(staticMeta, outputStreams,
+ /*threshold*/ nullptr, maxResolution) != Status::OK) {
return Status::ILLEGAL_ARGUMENT;
}
Size maxSize;
@@ -6065,6 +6271,148 @@
*config3_2 = {streams3_2, configMode};
}
+// Configure streams
+void CameraHidlTest::configureStreams3_7(
+ const std::string& name, int32_t deviceVersion, sp<ICameraProvider> provider,
+ PixelFormat format, sp<device::V3_7::ICameraDeviceSession>* session3_7 /*out*/,
+ V3_2::Stream* previewStream /*out*/,
+ device::V3_6::HalStreamConfiguration* halStreamConfig /*out*/,
+ bool* supportsPartialResults /*out*/, uint32_t* partialResultCount /*out*/,
+ bool* useHalBufManager /*out*/, sp<DeviceCb>* outCb /*out*/, uint32_t streamConfigCounter,
+ bool maxResolution) {
+ ASSERT_NE(nullptr, session3_7);
+ ASSERT_NE(nullptr, halStreamConfig);
+ ASSERT_NE(nullptr, previewStream);
+ ASSERT_NE(nullptr, supportsPartialResults);
+ ASSERT_NE(nullptr, partialResultCount);
+ ASSERT_NE(nullptr, useHalBufManager);
+ ASSERT_NE(nullptr, outCb);
+
+ std::vector<AvailableStream> outputStreams;
+ ::android::sp<ICameraDevice> device3_x;
+ ALOGI("configureStreams: Testing camera device %s", name.c_str());
+ Return<void> ret;
+ ret = provider->getCameraDeviceInterface_V3_x(name, [&](auto status, const auto& device) {
+ ALOGI("getCameraDeviceInterface_V3_x returns status:%d", (int)status);
+ ASSERT_EQ(Status::OK, status);
+ ASSERT_NE(device, nullptr);
+ device3_x = device;
+ });
+ ASSERT_TRUE(ret.isOk());
+
+ camera_metadata_t* staticMeta;
+ ret = device3_x->getCameraCharacteristics([&](Status s, CameraMetadata metadata) {
+ ASSERT_EQ(Status::OK, s);
+ staticMeta =
+ clone_camera_metadata(reinterpret_cast<const camera_metadata_t*>(metadata.data()));
+ ASSERT_NE(nullptr, staticMeta);
+ });
+ ASSERT_TRUE(ret.isOk());
+
+ camera_metadata_ro_entry entry;
+ auto status =
+ find_camera_metadata_ro_entry(staticMeta, ANDROID_REQUEST_PARTIAL_RESULT_COUNT, &entry);
+ if ((0 == status) && (entry.count > 0)) {
+ *partialResultCount = entry.data.i32[0];
+ *supportsPartialResults = (*partialResultCount > 1);
+ }
+
+ sp<DeviceCb> cb = new DeviceCb(this, deviceVersion, staticMeta);
+ sp<ICameraDeviceSession> session;
+ ret = device3_x->open(cb, [&session](auto status, const auto& newSession) {
+ ALOGI("device::open returns status:%d", (int)status);
+ ASSERT_EQ(Status::OK, status);
+ ASSERT_NE(newSession, nullptr);
+ session = newSession;
+ });
+ ASSERT_TRUE(ret.isOk());
+ *outCb = cb;
+
+ sp<device::V3_3::ICameraDeviceSession> session3_3;
+ sp<device::V3_4::ICameraDeviceSession> session3_4;
+ sp<device::V3_5::ICameraDeviceSession> session3_5;
+ sp<device::V3_6::ICameraDeviceSession> session3_6;
+ castSession(session, deviceVersion, &session3_3, &session3_4, &session3_5, &session3_6,
+ session3_7);
+ ASSERT_NE(nullptr, (*session3_7).get());
+
+ *useHalBufManager = false;
+ status = find_camera_metadata_ro_entry(
+ staticMeta, ANDROID_INFO_SUPPORTED_BUFFER_MANAGEMENT_VERSION, &entry);
+ if ((0 == status) && (entry.count == 1)) {
+ *useHalBufManager = (entry.data.u8[0] ==
+ ANDROID_INFO_SUPPORTED_BUFFER_MANAGEMENT_VERSION_HIDL_DEVICE_3_5);
+ }
+
+ outputStreams.clear();
+ Size maxSize;
+ auto rc = getMaxOutputSizeForFormat(staticMeta, format, &maxSize, maxResolution);
+ ASSERT_EQ(Status::OK, rc);
+ free_camera_metadata(staticMeta);
+
+ ::android::hardware::hidl_vec<V3_7::Stream> streams3_7(1);
+ streams3_7[0].groupId = -1;
+ streams3_7[0].sensorPixelModesUsed = {
+ CameraMetadataEnumAndroidSensorPixelMode::ANDROID_SENSOR_PIXEL_MODE_MAXIMUM_RESOLUTION};
+ streams3_7[0].v3_4.bufferSize = 0;
+ streams3_7[0].v3_4.v3_2.id = 0;
+ streams3_7[0].v3_4.v3_2.streamType = StreamType::OUTPUT;
+ streams3_7[0].v3_4.v3_2.width = static_cast<uint32_t>(maxSize.width);
+ streams3_7[0].v3_4.v3_2.height = static_cast<uint32_t>(maxSize.height);
+ streams3_7[0].v3_4.v3_2.format = static_cast<PixelFormat>(format);
+ streams3_7[0].v3_4.v3_2.usage = GRALLOC1_CONSUMER_USAGE_CPU_READ;
+ streams3_7[0].v3_4.v3_2.dataSpace = 0;
+ streams3_7[0].v3_4.v3_2.rotation = StreamRotation::ROTATION_0;
+
+ ::android::hardware::camera::device::V3_7::StreamConfiguration config3_7;
+ config3_7.streams = streams3_7;
+ config3_7.operationMode = StreamConfigurationMode::NORMAL_MODE;
+ config3_7.streamConfigCounter = streamConfigCounter;
+ config3_7.multiResolutionInputImage = false;
+ RequestTemplate reqTemplate = RequestTemplate::STILL_CAPTURE;
+ ret = (*session3_7)
+ ->constructDefaultRequestSettings(reqTemplate,
+ [&config3_7](auto status, const auto& req) {
+ ASSERT_EQ(Status::OK, status);
+ config3_7.sessionParams = req;
+ });
+ ASSERT_TRUE(ret.isOk());
+
+ ASSERT_TRUE(deviceVersion >= CAMERA_DEVICE_API_VERSION_3_7);
+ sp<device::V3_7::ICameraDevice> cameraDevice3_7 = nullptr;
+ castDevice3_7(device3_x, deviceVersion, &cameraDevice3_7);
+ ASSERT_NE(cameraDevice3_7, nullptr);
+ bool supported = false;
+ ret = cameraDevice3_7->isStreamCombinationSupported_3_7(
+ config3_7, [&supported](Status s, bool combStatus) {
+ ASSERT_TRUE((Status::OK == s) || (Status::METHOD_NOT_SUPPORTED == s));
+ if (Status::OK == s) {
+ supported = combStatus;
+ }
+ });
+ ASSERT_TRUE(ret.isOk());
+ ASSERT_EQ(supported, true);
+
+ if (*session3_7 != nullptr) {
+ ret = (*session3_7)
+ ->configureStreams_3_7(
+ config3_7,
+ [&](Status s, device::V3_6::HalStreamConfiguration halConfig) {
+ ASSERT_EQ(Status::OK, s);
+ *halStreamConfig = halConfig;
+ if (*useHalBufManager) {
+ hidl_vec<V3_4::Stream> streams(1);
+ hidl_vec<V3_2::HalStream> halStreams(1);
+ streams[0] = streams3_7[0].v3_4;
+ halStreams[0] = halConfig.streams[0].v3_4.v3_3.v3_2;
+ cb->setCurrentStreamConfig(streams, halStreams);
+ }
+ });
+ }
+ *previewStream = streams3_7[0].v3_4.v3_2;
+ ASSERT_TRUE(ret.isOk());
+}
+
// Configure multiple preview streams using different physical ids.
void CameraHidlTest::configurePreviewStreams3_4(const std::string &name, int32_t deviceVersion,
sp<ICameraProvider> provider,
@@ -6362,6 +6710,21 @@
ASSERT_TRUE(ret.isOk());
}
+bool CameraHidlTest::isUltraHighResolution(const camera_metadata_t* staticMeta) {
+ camera_metadata_ro_entry scalarEntry;
+ int rc = find_camera_metadata_ro_entry(staticMeta, ANDROID_REQUEST_AVAILABLE_CAPABILITIES,
+ &scalarEntry);
+ if (rc == 0) {
+ for (uint32_t i = 0; i < scalarEntry.count; i++) {
+ if (scalarEntry.data.u8[i] ==
+ ANDROID_REQUEST_AVAILABLE_CAPABILITIES_ULTRA_HIGH_RESOLUTION_SENSOR) {
+ return true;
+ }
+ }
+ }
+ return false;
+}
+
bool CameraHidlTest::isDepthOnly(const camera_metadata_t* staticMeta) {
camera_metadata_ro_entry scalarEntry;
camera_metadata_ro_entry depthEntry;
@@ -6590,6 +6953,17 @@
ASSERT_TRUE(ret.isOk());
}
+void CameraHidlTest::castDevice3_7(const sp<device::V3_2::ICameraDevice>& device,
+ int32_t deviceVersion,
+ sp<device::V3_7::ICameraDevice>* device3_7 /*out*/) {
+ ASSERT_NE(nullptr, device3_7);
+ if (deviceVersion >= CAMERA_DEVICE_API_VERSION_3_7) {
+ auto castResult = device::V3_7::ICameraDevice::castFrom(device);
+ ASSERT_TRUE(castResult.isOk());
+ *device3_7 = castResult;
+ }
+}
+
void CameraHidlTest::castDevice(const sp<device::V3_2::ICameraDevice> &device,
int32_t deviceVersion, sp<device::V3_5::ICameraDevice> *device3_5/*out*/) {
ASSERT_NE(nullptr, device3_5);
@@ -7303,6 +7677,13 @@
cb->waitForBuffersReturned();
}
+void CameraHidlTest::verifyBuffersReturned(sp<device::V3_7::ICameraDeviceSession> session3_7,
+ hidl_vec<int32_t> streamIds, sp<DeviceCb> cb,
+ uint32_t streamConfigCounter) {
+ session3_7->signalStreamFlush(streamIds, /*streamConfigCounter*/ streamConfigCounter);
+ cb->waitForBuffersReturned();
+}
+
void CameraHidlTest::verifyLogicalCameraResult(const camera_metadata_t* staticMetadata,
const ::android::hardware::camera::common::V1_0::helper::CameraMetadata& resultMetadata) {
std::unordered_set<std::string> physicalIds;
diff --git a/gnss/common/utils/default/NmeaFixInfo.cpp b/gnss/common/utils/default/NmeaFixInfo.cpp
index 43e008b..c7ee134 100644
--- a/gnss/common/utils/default/NmeaFixInfo.cpp
+++ b/gnss/common/utils/default/NmeaFixInfo.cpp
@@ -202,8 +202,15 @@
uint32_t fixId = 0;
double lastTimeStamp = 0;
for (const auto& line : nmeaRecords) {
+ if (line.compare(0, strlen(GPGA_RECORD_TAG), GPGA_RECORD_TAG) != 0 &&
+ line.compare(0, strlen(GPRMC_RECORD_TAG), GPRMC_RECORD_TAG) != 0) {
+ continue;
+ }
std::vector<std::string> sentenceValues;
splitStr(line, COMMA_SEPARATOR, sentenceValues);
+ if (sentenceValues.size() < MIN_COL_NUM) {
+ continue;
+ }
double currentTimeStamp = std::stof(sentenceValues[1]);
// If see a new timestamp, report correct location.
if ((currentTimeStamp - lastTimeStamp) > TIMESTAMP_EPSILON &&
diff --git a/gnss/common/utils/default/include/NmeaFixInfo.h b/gnss/common/utils/default/include/NmeaFixInfo.h
index 06eae7e..c96eece 100644
--- a/gnss/common/utils/default/include/NmeaFixInfo.h
+++ b/gnss/common/utils/default/include/NmeaFixInfo.h
@@ -32,6 +32,7 @@
constexpr char LINE_SEPARATOR = '\n';
constexpr char COMMA_SEPARATOR = ',';
constexpr double TIMESTAMP_EPSILON = 0.001;
+constexpr int MIN_COL_NUM = 13;
/** Helper class to parse and store the GNSS fix details information. */
class NmeaFixInfo {
diff --git a/gnss/common/utils/default/include/v2_1/GnssTemplate.h b/gnss/common/utils/default/include/v2_1/GnssTemplate.h
index 79c78c3..a6e8f58 100644
--- a/gnss/common/utils/default/include/v2_1/GnssTemplate.h
+++ b/gnss/common/utils/default/include/v2_1/GnssTemplate.h
@@ -196,6 +196,7 @@
return nullptr;
}
while (true) {
+ memset(inputBuffer, 0, INPUT_BUFFER_SIZE);
bytes_read = read(mGnssFd, &inputBuffer, INPUT_BUFFER_SIZE);
if (bytes_read <= 0) {
break;
@@ -218,9 +219,14 @@
auto svStatus = filterBlocklistedSatellitesV2_1(Utils::getMockSvInfoListV2_1());
this->reportSvStatus(svStatus);
auto currentLocation = getLocationFromHW();
- if (mGnssFd != -1 && currentLocation != nullptr) {
+ if (mGnssFd != -1) {
// Only report location if the return from hardware is valid
- this->reportLocation(*currentLocation);
+ // note that we can not merge these two "if" together, if didn't
+ // get location from hardware, we shouldn't report location, not
+ // report the "default" one.
+ if (currentLocation != nullptr) {
+ this->reportLocation(*currentLocation);
+ }
} else {
if (sGnssCallback_2_1 != nullptr || sGnssCallback_2_0 != nullptr) {
const auto location = Utils::getMockLocationV2_0();
@@ -259,6 +265,7 @@
if (mGnssFd != -1) {
close(mGnssFd);
mGnssFd = -1;
+ mHardwareModeChecked = false;
}
return true;
}
diff --git a/graphics/composer/2.1/utils/hal/include/composer-hal/2.1/ComposerClient.h b/graphics/composer/2.1/utils/hal/include/composer-hal/2.1/ComposerClient.h
index 3d74af4..46f5d6e 100644
--- a/graphics/composer/2.1/utils/hal/include/composer-hal/2.1/ComposerClient.h
+++ b/graphics/composer/2.1/utils/hal/include/composer-hal/2.1/ComposerClient.h
@@ -98,7 +98,7 @@
// display change and thus the framework may want to reallocate buffers. We
// need to free all cached handles, since they are holding a strong reference
// to the underlying buffers.
- cleanDisplayResources(display);
+ cleanDisplayResources(display, mResources, mHal);
mResources->removeDisplay(display);
}
mResources->addPhysicalDisplay(display);
@@ -125,56 +125,6 @@
Hal* const mHal;
const sp<IComposerCallback> mCallback;
ComposerResources* const mResources;
-
- void cleanDisplayResources(Display display) {
- size_t cacheSize;
- Error err = mResources->getDisplayClientTargetCacheSize(display, &cacheSize);
- if (err == Error::NONE) {
- for (int slot = 0; slot < cacheSize; slot++) {
- ComposerResources::ReplacedHandle replacedBuffer(/*isBuffer*/ true);
- // Replace the buffer slots with NULLs. Keep the old handle until it is
- // replaced in ComposerHal, otherwise we risk leaving a dangling pointer.
- const native_handle_t* clientTarget = nullptr;
- err = mResources->getDisplayClientTarget(display, slot, /*useCache*/ true,
- /*rawHandle*/ nullptr, &clientTarget,
- &replacedBuffer);
- if (err != Error::NONE) {
- continue;
- }
- const std::vector<hwc_rect_t> damage;
- err = mHal->setClientTarget(display, clientTarget, /*fence*/ -1, 0, damage);
- ALOGE_IF(err != Error::NONE,
- "Can't clean slot %d of the client target buffer"
- "cache for display %" PRIu64,
- slot, display);
- }
- } else {
- ALOGE("Can't clean client target cache for display %" PRIu64, display);
- }
-
- err = mResources->getDisplayOutputBufferCacheSize(display, &cacheSize);
- if (err == Error::NONE) {
- for (int slot = 0; slot < cacheSize; slot++) {
- // Replace the buffer slots with NULLs. Keep the old handle until it is
- // replaced in ComposerHal, otherwise we risk leaving a dangling pointer.
- ComposerResources::ReplacedHandle replacedBuffer(/*isBuffer*/ true);
- const native_handle_t* outputBuffer = nullptr;
- err = mResources->getDisplayOutputBuffer(display, slot, /*useCache*/ true,
- /*rawHandle*/ nullptr, &outputBuffer,
- &replacedBuffer);
- if (err != Error::NONE) {
- continue;
- }
- err = mHal->setOutputBuffer(display, outputBuffer, /*fence*/ -1);
- ALOGE_IF(err != Error::NONE,
- "Can't clean slot %d of the output buffer cache"
- "for display %" PRIu64,
- slot, display);
- }
- } else {
- ALOGE("Can't clean output buffer cache for display %" PRIu64, display);
- }
- }
};
Return<void> registerCallback(const sp<IComposerCallback>& callback) override {
@@ -380,6 +330,57 @@
return std::make_unique<ComposerCommandEngine>(mHal, mResources.get());
}
+ static void cleanDisplayResources(Display display, ComposerResources* const resources,
+ Hal* const hal) {
+ size_t cacheSize;
+ Error err = resources->getDisplayClientTargetCacheSize(display, &cacheSize);
+ if (err == Error::NONE) {
+ for (int slot = 0; slot < cacheSize; slot++) {
+ ComposerResources::ReplacedHandle replacedBuffer(/*isBuffer*/ true);
+ // Replace the buffer slots with NULLs. Keep the old handle until it is
+ // replaced in ComposerHal, otherwise we risk leaving a dangling pointer.
+ const native_handle_t* clientTarget = nullptr;
+ err = resources->getDisplayClientTarget(display, slot, /*useCache*/ true,
+ /*rawHandle*/ nullptr, &clientTarget,
+ &replacedBuffer);
+ if (err != Error::NONE) {
+ continue;
+ }
+ const std::vector<hwc_rect_t> damage;
+ err = hal->setClientTarget(display, clientTarget, /*fence*/ -1, 0, damage);
+ ALOGE_IF(err != Error::NONE,
+ "Can't clean slot %d of the client target buffer"
+ "cache for display %" PRIu64,
+ slot, display);
+ }
+ } else {
+ ALOGE("Can't clean client target cache for display %" PRIu64, display);
+ }
+
+ err = resources->getDisplayOutputBufferCacheSize(display, &cacheSize);
+ if (err == Error::NONE) {
+ for (int slot = 0; slot < cacheSize; slot++) {
+ // Replace the buffer slots with NULLs. Keep the old handle until it is
+ // replaced in ComposerHal, otherwise we risk leaving a dangling pointer.
+ ComposerResources::ReplacedHandle replacedBuffer(/*isBuffer*/ true);
+ const native_handle_t* outputBuffer = nullptr;
+ err = resources->getDisplayOutputBuffer(display, slot, /*useCache*/ true,
+ /*rawHandle*/ nullptr, &outputBuffer,
+ &replacedBuffer);
+ if (err != Error::NONE) {
+ continue;
+ }
+ err = hal->setOutputBuffer(display, outputBuffer, /*fence*/ -1);
+ ALOGE_IF(err != Error::NONE,
+ "Can't clean slot %d of the output buffer cache"
+ "for display %" PRIu64,
+ slot, display);
+ }
+ } else {
+ ALOGE("Can't clean output buffer cache for display %" PRIu64, display);
+ }
+ }
+
void destroyResources() {
// We want to call hwc2_close here (and move hwc2_open to the
// constructor), with the assumption that hwc2_close would
diff --git a/graphics/composer/2.4/utils/hal/include/composer-hal/2.4/ComposerClient.h b/graphics/composer/2.4/utils/hal/include/composer-hal/2.4/ComposerClient.h
index c889069..3464342 100644
--- a/graphics/composer/2.4/utils/hal/include/composer-hal/2.4/ComposerClient.h
+++ b/graphics/composer/2.4/utils/hal/include/composer-hal/2.4/ComposerClient.h
@@ -45,12 +45,21 @@
class HalEventCallback : public Hal::EventCallback_2_4 {
public:
- HalEventCallback(const sp<IComposerCallback> callback,
+ HalEventCallback(Hal* hal, const sp<IComposerCallback> callback,
V2_1::hal::ComposerResources* resources)
- : mCallback(callback), mResources(resources) {}
+ : mHal(hal), mCallback(callback), mResources(resources) {}
void onHotplug(Display display, IComposerCallback::Connection connected) override {
if (connected == IComposerCallback::Connection::CONNECTED) {
+ if (mResources->hasDisplay(display)) {
+ // This is a subsequent hotplug "connected" for a display. This signals a
+ // display change and thus the framework may want to reallocate buffers. We
+ // need to free all cached handles, since they are holding a strong reference
+ // to the underlying buffers.
+ V2_1::hal::detail::ComposerClientImpl<Interface, Hal>::cleanDisplayResources(
+ display, mResources, mHal);
+ mResources->removeDisplay(display);
+ }
mResources->addPhysicalDisplay(display);
} else if (connected == IComposerCallback::Connection::DISCONNECTED) {
mResources->removeDisplay(display);
@@ -91,13 +100,15 @@
}
protected:
+ Hal* const mHal;
const sp<IComposerCallback> mCallback;
V2_1::hal::ComposerResources* const mResources;
};
Return<void> registerCallback_2_4(const sp<IComposerCallback>& callback) override {
// no locking as we require this function to be called only once
- mHalEventCallback_2_4 = std::make_unique<HalEventCallback>(callback, mResources.get());
+ mHalEventCallback_2_4 =
+ std::make_unique<HalEventCallback>(mHal, callback, mResources.get());
mHal->registerEventCallback_2_4(mHalEventCallback_2_4.get());
return Void();
}
diff --git a/identity/TEST_MAPPING b/identity/TEST_MAPPING
new file mode 100644
index 0000000..f35f4b7
--- /dev/null
+++ b/identity/TEST_MAPPING
@@ -0,0 +1,13 @@
+{
+ "presubmit": [
+ {
+ "name": "CtsIdentityTestCases"
+ },
+ {
+ "name": "VtsHalIdentityTargetTest"
+ },
+ {
+ "name": "android.hardware.identity-support-lib-test"
+ }
+ ]
+}
diff --git a/light/2.0/default/Light.cpp b/light/2.0/default/Light.cpp
index 5484d2d..3febf6b 100644
--- a/light/2.0/default/Light.cpp
+++ b/light/2.0/default/Light.cpp
@@ -140,7 +140,7 @@
ret = hwModule->methods->open(hwModule, name,
reinterpret_cast<hw_device_t**>(&lightDevice));
if (ret != 0) {
- ALOGE("light_open %s %s failed: %d", LIGHTS_HARDWARE_MODULE_ID, name, ret);
+ ALOGI("light_open %s %s failed: %d", LIGHTS_HARDWARE_MODULE_ID, name, ret);
}
} else {
ALOGE("hw_get_module %s %s failed: %d", LIGHTS_HARDWARE_MODULE_ID, name, ret);
diff --git a/neuralnetworks/1.2/utils/src/ExecutionBurstUtils.cpp b/neuralnetworks/1.2/utils/src/ExecutionBurstUtils.cpp
index ca3a52c..1bdde1e 100644
--- a/neuralnetworks/1.2/utils/src/ExecutionBurstUtils.cpp
+++ b/neuralnetworks/1.2/utils/src/ExecutionBurstUtils.cpp
@@ -520,6 +520,8 @@
}
return packet;
}
+
+ std::this_thread::yield();
}
// If we get to this point, we either stopped polling because it was taking too long or polling
@@ -665,6 +667,8 @@
}
return packet;
}
+
+ std::this_thread::yield();
}
// If we get to this point, we either stopped polling because it was taking too long or polling
diff --git a/neuralnetworks/1.3/utils/src/Conversions.cpp b/neuralnetworks/1.3/utils/src/Conversions.cpp
index 9788fe1..8b45f71 100644
--- a/neuralnetworks/1.3/utils/src/Conversions.cpp
+++ b/neuralnetworks/1.3/utils/src/Conversions.cpp
@@ -244,7 +244,7 @@
return BufferRole{
.modelIndex = bufferRole.modelIndex,
.ioIndex = bufferRole.ioIndex,
- .frequency = bufferRole.frequency,
+ .probability = bufferRole.frequency,
};
}
@@ -577,7 +577,7 @@
return BufferRole{
.modelIndex = bufferRole.modelIndex,
.ioIndex = bufferRole.ioIndex,
- .frequency = bufferRole.frequency,
+ .frequency = bufferRole.probability,
};
}
diff --git a/neuralnetworks/aidl/aidl_api/android.hardware.neuralnetworks/current/android/hardware/neuralnetworks/BufferRole.aidl b/neuralnetworks/aidl/aidl_api/android.hardware.neuralnetworks/current/android/hardware/neuralnetworks/BufferRole.aidl
index f18e92a..10a6b75 100644
--- a/neuralnetworks/aidl/aidl_api/android.hardware.neuralnetworks/current/android/hardware/neuralnetworks/BufferRole.aidl
+++ b/neuralnetworks/aidl/aidl_api/android.hardware.neuralnetworks/current/android/hardware/neuralnetworks/BufferRole.aidl
@@ -36,5 +36,5 @@
parcelable BufferRole {
int modelIndex;
int ioIndex;
- float frequency;
+ float probability;
}
diff --git a/neuralnetworks/aidl/android/hardware/neuralnetworks/BufferRole.aidl b/neuralnetworks/aidl/android/hardware/neuralnetworks/BufferRole.aidl
index 0d7f678..c444851 100644
--- a/neuralnetworks/aidl/android/hardware/neuralnetworks/BufferRole.aidl
+++ b/neuralnetworks/aidl/android/hardware/neuralnetworks/BufferRole.aidl
@@ -35,5 +35,5 @@
* used in the specified role. This is provided as a hint to optimize the case when multiple
* roles prefer different buffer locations or data layouts.
*/
- float frequency;
+ float probability;
}
diff --git a/neuralnetworks/aidl/utils/src/Conversions.cpp b/neuralnetworks/aidl/utils/src/Conversions.cpp
index c47ba0e..45bc005 100644
--- a/neuralnetworks/aidl/utils/src/Conversions.cpp
+++ b/neuralnetworks/aidl/utils/src/Conversions.cpp
@@ -472,7 +472,7 @@
return BufferRole{
.modelIndex = static_cast<uint32_t>(bufferRole.modelIndex),
.ioIndex = static_cast<uint32_t>(bufferRole.ioIndex),
- .frequency = bufferRole.frequency,
+ .probability = bufferRole.probability,
};
}
@@ -718,7 +718,7 @@
return BufferRole{
.modelIndex = static_cast<int32_t>(bufferRole.modelIndex),
.ioIndex = static_cast<int32_t>(bufferRole.ioIndex),
- .frequency = bufferRole.frequency,
+ .probability = bufferRole.probability,
};
}
diff --git a/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp b/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp
index 2dd02dd..1440429 100644
--- a/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp
+++ b/neuralnetworks/aidl/vts/functional/GeneratedTestHarness.cpp
@@ -102,7 +102,7 @@
ASSERT_NE(result, nullptr);
// Prepare arguments.
- BufferRole role = {.modelIndex = 0, .ioIndex = index, .frequency = 1.0f};
+ BufferRole role = {.modelIndex = 0, .ioIndex = index, .probability = 1.0f};
std::vector<BufferRole> inputRoles, outputRoles;
if constexpr (ioType == IOType::INPUT) {
inputRoles = {role};
diff --git a/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp b/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp
index 627c26a..596f8ae 100644
--- a/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp
+++ b/neuralnetworks/aidl/vts/functional/MemoryDomainTests.cpp
@@ -337,18 +337,18 @@
const std::shared_ptr<IPreparedModel>& model2) {
validateAllocate({
.preparedModels = {model1, model2},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f},
- {.modelIndex = 1, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f},
+ {.modelIndex = 1, .ioIndex = 0, .probability = 1.0f}},
});
validateAllocate({
.preparedModels = {model1, model2},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
- .outputRoles = {{.modelIndex = 1, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
+ .outputRoles = {{.modelIndex = 1, .ioIndex = 0, .probability = 1.0f}},
});
validateAllocate({
.preparedModels = {model1, model2},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f},
- {.modelIndex = 1, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f},
+ {.modelIndex = 1, .ioIndex = 0, .probability = 1.0f}},
});
}
};
@@ -370,13 +370,13 @@
// Test with nullptr prepared model as input role.
validateAllocate({
.preparedModels = {nullptr},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
// Test with nullptr prepared model as output role.
validateAllocate({
.preparedModels = {nullptr},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
}
@@ -387,13 +387,13 @@
// Test with invalid prepared model as input role.
validateAllocate({
.preparedModels = {invalidPreparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
// Test with invalid prepared model as output role.
validateAllocate({
.preparedModels = {invalidPreparedModel},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
}
@@ -404,13 +404,13 @@
// This should fail, because the model index is out of bound.
validateAllocate({
.preparedModels = {preparedModel},
- .inputRoles = {{.modelIndex = 1, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 1, .ioIndex = 0, .probability = 1.0f}},
});
// This should fail, because the model index is out of bound.
validateAllocate({
.preparedModels = {preparedModel},
- .outputRoles = {{.modelIndex = 1, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 1, .ioIndex = 0, .probability = 1.0f}},
});
}
@@ -421,30 +421,30 @@
// This should fail, because the model only has one input.
validateAllocate({
.preparedModels = {preparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 1, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 1, .probability = 1.0f}},
});
// This should fail, because the model only has one output.
validateAllocate({
.preparedModels = {preparedModel},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 1, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 1, .probability = 1.0f}},
});
}
-TEST_P(MemoryDomainAllocateTest, InvalidFrequency) {
+TEST_P(MemoryDomainAllocateTest, InvalidProbability) {
auto preparedModel = createConvPreparedModel(kTestOperand);
if (preparedModel == nullptr) return;
for (float invalidFreq : {10.0f, 0.0f, -0.5f}) {
- // Test with invalid frequency for input roles.
+ // Test with invalid probability for input roles.
validateAllocate({
.preparedModels = {preparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = invalidFreq}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = invalidFreq}},
});
- // Test with invalid frequency for output roles.
+ // Test with invalid probability for output roles.
validateAllocate({
.preparedModels = {preparedModel},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = invalidFreq}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = invalidFreq}},
});
}
}
@@ -456,25 +456,25 @@
// Same role with same model index.
validateAllocate({
.preparedModels = {preparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f},
- {.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f},
+ {.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
validateAllocate({
.preparedModels = {preparedModel},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f},
- {.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f},
+ {.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
// Different model indexes, but logically referring to the same role.
validateAllocate({
.preparedModels = {preparedModel, preparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f},
- {.modelIndex = 1, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f},
+ {.modelIndex = 1, .ioIndex = 0, .probability = 1.0f}},
});
validateAllocate({
.preparedModels = {preparedModel, preparedModel},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f},
- {.modelIndex = 1, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f},
+ {.modelIndex = 1, .ioIndex = 0, .probability = 1.0f}},
});
}
@@ -553,12 +553,12 @@
validateAllocate({
.dimensions = badDimensions,
.preparedModels = {preparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
validateAllocate({
.dimensions = badDimensions,
.preparedModels = {preparedModel},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
}
@@ -572,12 +572,12 @@
validateAllocate({
.dimensions = badDimensions,
.preparedModels = {preparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
validateAllocate({
.dimensions = badDimensions,
.preparedModels = {preparedModel},
- .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .frequency = 1.0f}},
+ .outputRoles = {{.modelIndex = 0, .ioIndex = 0, .probability = 1.0f}},
});
}
@@ -590,7 +590,7 @@
validateAllocate({
.dimensions = {1},
.preparedModels = {preparedModel},
- .inputRoles = {{.modelIndex = 0, .ioIndex = 2, .frequency = 1.0f}},
+ .inputRoles = {{.modelIndex = 0, .ioIndex = 2, .probability = 1.0f}},
});
}
@@ -624,7 +624,7 @@
std::vector<BufferRole> inputRoles(inputIndexes.size()), outputRoles(outputIndexes.size());
auto trans = [](int32_t ind) -> BufferRole {
- return {.modelIndex = 0, .ioIndex = ind, .frequency = 1.0f};
+ return {.modelIndex = 0, .ioIndex = ind, .probability = 1.0f};
};
std::transform(inputIndexes.begin(), inputIndexes.end(), inputRoles.begin(), trans);
std::transform(outputIndexes.begin(), outputIndexes.end(), outputRoles.begin(), trans);
diff --git a/power/stats/aidl/Android.bp b/power/stats/aidl/Android.bp
index 454c69a..0dbf9b4 100644
--- a/power/stats/aidl/Android.bp
+++ b/power/stats/aidl/Android.bp
@@ -41,4 +41,5 @@
enabled: true,
},
},
+ host_supported: true,
}
diff --git a/power/stats/aidl/default/PowerStats.cpp b/power/stats/aidl/default/PowerStats.cpp
index 7cf591e..4b771a8 100644
--- a/power/stats/aidl/default/PowerStats.cpp
+++ b/power/stats/aidl/default/PowerStats.cpp
@@ -32,15 +32,19 @@
}
int32_t id = mPowerEntityInfos.size();
+ auto info = p->getInfo();
- for (const auto& [entityName, states] : p->getInfo()) {
+ size_t index = mStateResidencyDataProviders.size();
+ mStateResidencyDataProviders.emplace_back(std::move(p));
+
+ for (const auto& [entityName, states] : info) {
PowerEntity i = {
.id = id++,
.name = entityName,
.states = states,
};
mPowerEntityInfos.emplace_back(i);
- mStateResidencyDataProviders.emplace_back(std::move(p));
+ mStateResidencyDataProviderIndex.emplace_back(index);
}
}
@@ -92,7 +96,8 @@
// Check to see if we already have data for the given id
std::string powerEntityName = mPowerEntityInfos[id].name;
if (stateResidencies.find(powerEntityName) == stateResidencies.end()) {
- mStateResidencyDataProviders[id]->getStateResidencies(&stateResidencies);
+ mStateResidencyDataProviders.at(mStateResidencyDataProviderIndex.at(id))
+ ->getStateResidencies(&stateResidencies);
}
// Append results if we have them
diff --git a/power/stats/aidl/default/PowerStats.h b/power/stats/aidl/default/PowerStats.h
index f4c5e69..91d272d 100644
--- a/power/stats/aidl/default/PowerStats.h
+++ b/power/stats/aidl/default/PowerStats.h
@@ -73,6 +73,8 @@
private:
std::vector<std::unique_ptr<IStateResidencyDataProvider>> mStateResidencyDataProviders;
std::vector<PowerEntity> mPowerEntityInfos;
+ /* Index that maps each power entity id to an entry in mStateResidencyDataProviders */
+ std::vector<size_t> mStateResidencyDataProviderIndex;
std::vector<std::unique_ptr<IEnergyConsumer>> mEnergyConsumers;
std::vector<EnergyConsumer> mEnergyConsumerInfos;
diff --git a/radio/1.6/vts/functional/radio_hidl_hal_api.cpp b/radio/1.6/vts/functional/radio_hidl_hal_api.cpp
index e060dae..6cf4567 100644
--- a/radio/1.6/vts/functional/radio_hidl_hal_api.cpp
+++ b/radio/1.6/vts/functional/radio_hidl_hal_api.cpp
@@ -158,6 +158,9 @@
{::android::hardware::radio::V1_6::RadioError::NONE,
::android::hardware::radio::V1_6::RadioError::RADIO_NOT_AVAILABLE,
::android::hardware::radio::V1_6::RadioError::OP_NOT_ALLOWED_BEFORE_REG_TO_NW}));
+ if (radioRsp_v1_6->setupDataCallResult.trafficDescriptors.size() <= 0) {
+ return;
+ }
EXPECT_EQ(optionalTrafficDescriptor.value().osAppId.value().osAppId,
radioRsp_v1_6->setupDataCallResult.trafficDescriptors[0].osAppId.value().osAppId);
}
@@ -818,7 +821,7 @@
/*
* Test IRadio.updateSimPhonebookRecords() for the response returned.
*/
-TEST_F(RadioHidlTest_v1_6, updateSimPhonebookRecords) {
+TEST_P(RadioHidlTest_v1_6, updateSimPhonebookRecords) {
serial = GetRandomSerialNumber();
radio_v1_6->getSimPhonebookCapacity(serial);
EXPECT_EQ(std::cv_status::no_timeout, wait());
diff --git a/security/keymint/aidl/OWNERS b/security/keymint/aidl/OWNERS
index 5c79db8..a93b171 100644
--- a/security/keymint/aidl/OWNERS
+++ b/security/keymint/aidl/OWNERS
@@ -1,3 +1,4 @@
+jbires@google.com
jdanis@google.com
seleneh@google.com
swillden@google.com
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index 17aab25..5aa3070 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -321,8 +321,8 @@
* but `attestationKey` is non-null, the IKeyMintDevice must return
* ErrorCode::INVALID_ARGUMENT. If the provided AttestationKey does not contain a key
* blob containing an asymmetric key with KeyPurpose::ATTEST_KEY, the IKeyMintDevice must
- * return ErrorCode::INVALID_PURPOSE. If the provided AttestationKey has an empty issuer
- * subject name, the IKeyMintDevice must return ErrorCode::INVALID_ARGUMENT.
+ * return ErrorCode::INCOMPATIBLE_PURPOSE. If the provided AttestationKey has an empty
+ * issuer subject name, the IKeyMintDevice must return ErrorCode::INVALID_ARGUMENT.
*
* @return The result of key creation. See KeyCreationResult.aidl.
*/
@@ -360,8 +360,8 @@
* but `attestationKey` is non-null, the IKeyMintDevice must return
* ErrorCode::INVALID_ARGUMENT. If the provided AttestationKey does not contain a key
* blob containing an asymmetric key with KeyPurpose::ATTEST_KEY, the IKeyMintDevice must
- * return ErrorCode::INVALID_PURPOSE. If the provided AttestationKey has an empty issuer
- * subject name, the IKeyMintDevice must return ErrorCode::INVALID_ARGUMENT.
+ * return ErrorCode::INCOMPATIBLE_PURPOSE. If the provided AttestationKey has an empty
+ * issuer subject name, the IKeyMintDevice must return ErrorCode::INVALID_ARGUMENT.
*
* @return The result of key creation. See KeyCreationResult.aidl.
*/
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
index 1cb50ba..1ae6762 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
@@ -202,7 +202,7 @@
* 2 : bstr // KID : EEK ID
* 3 : -25, // Algorithm : ECDH-ES + HKDF-256
* -1 : 4, // Curve : X25519
- * -2 : bstr // Ed25519 public key
+ * -2 : bstr // X25519 public key
* }
*
* EekSignatureInput = [
@@ -221,7 +221,7 @@
* in the chain, which implies that it must not attempt to validate the signature.
*
* If testMode is false, the method must validate the chain signatures, and must verify
- * that the public key in the root certifictate is in its pre-configured set of
+ * that the public key in the root certificate is in its pre-configured set of
* authorized EEK root keys. If the public key is not in the database, or if signature
* verification fails, the method must return STATUS_INVALID_EEK.
*
diff --git a/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
index c589ca1..f3c5477 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl
@@ -53,13 +53,36 @@
/**
* If the generated/imported key is an asymmetric key, `certificateChain` will contain a chain
- * of one or more certificates. If the key parameters provided to the generate/import method
- * contains Tag::ATTESTATION_CHALLENGE the first certificate will contain an attestation
- * extension, and will be signed by a factory-installed attestation key and followed by a chain
- * of certificates leading to an authoritative root. If there is no attestation challenge, only
- * one certificate will be returned, and it will be self-signed or contain a fake signature,
- * depending on whether the key has KeyPurpose::SIGN. If the generated key is symmetric,
- * certificateChain will be empty.
+ * of one or more certificates.
+ *
+ * There are a few variations in what is contained in `certificateChain`, depending on whether
+ * the caller requested attestation, whether they provided an attestation key (via the
+ * `attestationKey` parameter of `generateKey()`, `importKey()` or `importWrappedKey()`), and in
+ * the non-attestaion case, whether the key can self-sign.
+ *
+ * 1. Attestation with factory key. If Tag::ATTESTATION_CHALLENGE is provided and the
+ * `attestationKey` parameter on the generate/import call is null, the returned certificate
+ * chain must contain an attestation certificate signed with a factory-provisioned
+ * attestation key, and the full certificate chain for that factory-provisioned attestation
+ * key.
+ *
+ * 2. Attestation with caller-provided key. If Tag::ATTESTATION_CHALLENGE is provided and the
+ * `attestationKey` parameter on the generat/import call is non-null and contains the key
+ * blob of a key with KeyPurpose::ATTEST_KEY, the returned certificate chain must contain
+ * only an attestation certificate signed with the specified key. The caller must know the
+ * certificate chain for the provided key.
+ *
+ * 3. Non-attestation with signing key. If Tag::ATTESTATION_CHALLENGE is not provided and the
+ * generated/imported key has KeyPurpose::SIGN, then the returned certificate chain must
+ * contain only a single self-signed certificate with no attestation extension.
+ *
+ * 4. Non-attestation with non-signing key. If TAG::ATTESTATION_CHALLENGE is not provided and
+ * the generated/imported key does not have KeyPurpose::SIGN, then the returned certificate
+ * chain must contain only a single certificate with an empty signature and no attestation
+ * extension.
+ *
+ * 5. Symmetric key. If the generated/imported key is symmetric, the certificate chain must be
+ * empty.
*/
Certificate[] certificateChain;
}
diff --git a/security/keymint/aidl/android/hardware/security/keymint/MacedPublicKey.aidl b/security/keymint/aidl/android/hardware/security/keymint/MacedPublicKey.aidl
index a26094c..62a48e9 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/MacedPublicKey.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/MacedPublicKey.aidl
@@ -26,7 +26,7 @@
/**
* key is a COSE_Mac0 structure containing the new public key. It's MACed by a key available
* only to the secure environment, as proof that the public key was generated by that
- * environment. In CDDL, assuming the contained key is an Ed25519 public key:
+ * environment. In CDDL, assuming the contained key is a P-256 public key:
*
* MacedPublicKey = [ // COSE_Mac0
* protected: bstr .cbor { 1 : 5}, // Algorithm : HMAC-256
@@ -36,10 +36,11 @@
* ]
*
* PublicKey = { // COSE_Key
- * 1 : 1, // Key type : octet key pair
- * 3 : -8 // Algorithm : EdDSA
- * -1 : 6, // Curve : Ed25519
+ * 1 : 2, // Key type : EC2
+ * 3 : -8 // Algorithm : ES256
+ * -1 : 6, // Curve : P256
* -2 : bstr // X coordinate, little-endian
+ * -3 : bstr // Y coordinate, little-endian
* ? -70000 : nil // Presence indicates this is a test key. If set, K_mac is
* // all zeros.
* },
@@ -51,7 +52,7 @@
* payload : bstr .cbor PublicKey
* ]
*
- * if a non-Ed25519 public key were contained, the contents of the PublicKey map would change a
+ * if a non-P256 public key were contained, the contents of the PublicKey map would change a
* little; see RFC 8152 for details.
*/
byte[] macedKey;
diff --git a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
index 44f316f..5199062 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl
@@ -33,7 +33,7 @@
* unprotected: {
* 5 : bstr .size 12 // IV
* },
- * ciphertext: bstr, // AES-GCM-128(K, .cbor ProtectedDataPayload)
+ * ciphertext: bstr, // AES-GCM-256(K, .cbor ProtectedDataPayload)
* recipients : [
* [ // COSE_Recipient
* protected : bstr .cbor {
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index 6243bb9..cde1fc0 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
@@ -249,8 +249,11 @@
HARDWARE_TYPE = (1 << 28) /* TagType:ENUM */ | 304,
/**
- * Keys tagged with EARLY_BOOT_ONLY may only be used, or created, during early boot, until
- * IKeyMintDevice::earlyBootEnded() is called.
+ * Keys tagged with EARLY_BOOT_ONLY may only be used during early boot, until
+ * IKeyMintDevice::earlyBootEnded() is called. Early boot keys may be created after
+ * early boot. Early boot keys may not be imprted at all, if Tag::EARLY_BOOT_ONLY is
+ * provided to IKeyMintDevice::importKey, the import must fail with
+ * ErrorCode::INVALID_ARGUMENT.
*/
EARLY_BOOT_ONLY = (7 << 28) /* TagType:BOOL */ | 305,
diff --git a/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp b/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp
index 4dbaa05..5b02729 100644
--- a/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp
+++ b/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp
@@ -46,6 +46,14 @@
namespace {
+// Hard-coded set of acceptable public keys that can act as roots of EEK chains.
+inline const vector<bytevec> kAuthorizedEekRoots = {
+ // TODO(drysdale): replace this random value with real root pubkey(s).
+ {0x5c, 0xea, 0x4b, 0xd2, 0x31, 0x27, 0x15, 0x5e, 0x62, 0x94, 0x70,
+ 0x53, 0x94, 0x43, 0x0f, 0x9a, 0x89, 0xd5, 0xc5, 0x0f, 0x82, 0x9b,
+ 0xcd, 0x10, 0xe0, 0x79, 0xef, 0xf3, 0xfa, 0x40, 0xeb, 0x0a},
+};
+
constexpr auto STATUS_FAILED = RemotelyProvisionedComponent::STATUS_FAILED;
constexpr auto STATUS_INVALID_EEK = RemotelyProvisionedComponent::STATUS_INVALID_EEK;
constexpr auto STATUS_INVALID_MAC = RemotelyProvisionedComponent::STATUS_INVALID_MAC;
@@ -135,6 +143,13 @@
"Failed to validate EEK chain: " + cosePubKey.moveMessage());
}
lastPubKey = *std::move(cosePubKey);
+
+ // In prod mode the first pubkey should match a well-known Google public key.
+ if (!testMode && i == 0 &&
+ std::find(kAuthorizedEekRoots.begin(), kAuthorizedEekRoots.end(), lastPubKey) ==
+ kAuthorizedEekRoots.end()) {
+ return Status(STATUS_INVALID_EEK, "Unrecognized root of EEK chain");
+ }
}
auto eek = CoseKey::parseX25519(lastPubKey, true /* requireKid */);
@@ -343,12 +358,13 @@
bcc = bcc_.clone();
}
- deviceInfo->deviceInfo = createDeviceInfo();
+ std::unique_ptr<cppbor::Map> deviceInfoMap = createDeviceInfo();
+ deviceInfo->deviceInfo = deviceInfoMap->encode();
auto signedMac = constructCoseSign1(devicePrivKey /* Signing key */, //
ephemeralMacKey /* Payload */,
cppbor::Array() /* AAD */
.add(challenge)
- .add(deviceInfo->deviceInfo)
+ .add(std::move(deviceInfoMap))
.encode());
if (!signedMac) return Status(signedMac.moveMessage());
@@ -394,8 +410,24 @@
return result;
}
-bytevec RemotelyProvisionedComponent::createDeviceInfo() const {
- return cppbor::Map().encode();
+std::unique_ptr<cppbor::Map> RemotelyProvisionedComponent::createDeviceInfo() const {
+ auto result = std::make_unique<cppbor::Map>(cppbor::Map());
+
+ // The following placeholders show how the DeviceInfo map would be populated.
+ // result->add(cppbor::Tstr("brand"), cppbor::Tstr("Google"));
+ // result->add(cppbor::Tstr("manufacturer"), cppbor::Tstr("Google"));
+ // result->add(cppbor::Tstr("product"), cppbor::Tstr("Fake"));
+ // result->add(cppbor::Tstr("model"), cppbor::Tstr("Imaginary"));
+ // result->add(cppbor::Tstr("board"), cppbor::Tstr("Chess"));
+ // result->add(cppbor::Tstr("vb_state"), cppbor::Tstr("orange"));
+ // result->add(cppbor::Tstr("bootloader_state"), cppbor::Tstr("unlocked"));
+ // result->add(cppbor::Tstr("os_version"), cppbor::Tstr("SC"));
+ // result->add(cppbor::Tstr("system_patch_level"), cppbor::Uint(20210331));
+ // result->add(cppbor::Tstr("boot_patch_level"), cppbor::Uint(20210331));
+ // result->add(cppbor::Tstr("vendor_patch_level"), cppbor::Uint(20210331));
+
+ result->canonicalize();
+ return result;
}
std::pair<bytevec /* privKey */, cppbor::Array /* BCC */>
@@ -417,8 +449,8 @@
.add(1 /* Issuer */, "Issuer")
.add(2 /* Subject */, "Subject")
.add(-4670552 /* Subject Pub Key */, coseKey)
- .add(-4670553 /* Key Usage */,
- std::vector<uint8_t>(0x05) /* Big endian order */)
+ .add(-4670553 /* Key Usage (little-endian order) */,
+ std::vector<uint8_t>{0x20} /* keyCertSign = 1<<5 */)
.canonicalize()
.encode();
auto coseSign1 = constructCoseSign1(privKey, /* signing key */
diff --git a/security/keymint/aidl/default/RemotelyProvisionedComponent.h b/security/keymint/aidl/default/RemotelyProvisionedComponent.h
index 65b1bbc..8185e26 100644
--- a/security/keymint/aidl/default/RemotelyProvisionedComponent.h
+++ b/security/keymint/aidl/default/RemotelyProvisionedComponent.h
@@ -45,7 +45,7 @@
private:
// TODO(swillden): Move these into an appropriate Context class.
std::vector<uint8_t> deriveBytesFromHbk(const std::string& context, size_t numBytes) const;
- std::vector<uint8_t> createDeviceInfo() const;
+ std::unique_ptr<cppbor::Map> createDeviceInfo() const;
std::pair<std::vector<uint8_t>, cppbor::Array> generateBcc();
std::vector<uint8_t> macKey_ = deriveBytesFromHbk("Key to MAC public keys", 32);
diff --git a/security/keymint/aidl/vts/functional/Android.bp b/security/keymint/aidl/vts/functional/Android.bp
index 991d77a..c1affa6 100644
--- a/security/keymint/aidl/vts/functional/Android.bp
+++ b/security/keymint/aidl/vts/functional/Android.bp
@@ -94,11 +94,14 @@
],
static_libs: [
"android.hardware.security.keymint-V1-ndk_platform",
+ "android.hardware.security.secureclock-V1-ndk_platform",
"libcppcose",
"libgmock_ndk",
- "libremote_provisioner",
"libkeymint",
+ "libkeymint_support",
"libkeymint_remote_prov_support",
+ "libkeymint_vts_test_utils",
+ "libremote_provisioner",
],
test_suites: [
"general-tests",
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 7e7a466..daa3e18 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
@@ -26,29 +26,6 @@
namespace {
-vector<uint8_t> make_name_from_str(const string& name) {
- X509_NAME_Ptr x509_name(X509_NAME_new());
- EXPECT_TRUE(x509_name.get() != nullptr);
- if (!x509_name) return {};
-
- EXPECT_EQ(1, X509_NAME_add_entry_by_txt(x509_name.get(), //
- "CN", //
- MBSTRING_ASC,
- reinterpret_cast<const uint8_t*>(name.c_str()),
- -1, // len
- -1, // loc
- 0 /* set */));
-
- int len = i2d_X509_NAME(x509_name.get(), nullptr /* only return length */);
- EXPECT_GT(len, 0);
-
- vector<uint8_t> retval(len);
- uint8_t* p = retval.data();
- i2d_X509_NAME(x509_name.get(), &p);
-
- return retval;
-}
-
bool IsSelfSigned(const vector<Certificate>& chain) {
if (chain.size() != 1) return false;
return ChainSignaturesAreValid(chain);
@@ -230,6 +207,36 @@
}
}
+TEST_P(AttestKeyTest, AttestWithNonAttestKey) {
+ // Create non-attestaton key.
+ AttestationKey non_attest_key;
+ vector<KeyCharacteristics> non_attest_key_characteristics;
+ vector<Certificate> non_attest_key_cert_chain;
+ ASSERT_EQ(
+ ErrorCode::OK,
+ GenerateKey(
+ AuthorizationSetBuilder().EcdsaSigningKey(EcCurve::P_256).SetDefaultValidity(),
+ {} /* attestation siging key */, &non_attest_key.keyBlob,
+ &non_attest_key_characteristics, &non_attest_key_cert_chain));
+
+ EXPECT_EQ(non_attest_key_cert_chain.size(), 1);
+ EXPECT_TRUE(IsSelfSigned(non_attest_key_cert_chain));
+
+ // Attempt to sign attestation with non-attest key.
+ vector<uint8_t> attested_key_blob;
+ vector<KeyCharacteristics> attested_key_characteristics;
+ vector<Certificate> attested_key_cert_chain;
+ EXPECT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
+ GenerateKey(AuthorizationSetBuilder()
+ .EcdsaSigningKey(EcCurve::P_256)
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AttestationChallenge("foo")
+ .AttestationApplicationId("bar")
+ .SetDefaultValidity(),
+ non_attest_key, &attested_key_blob, &attested_key_characteristics,
+ &attested_key_cert_chain));
+}
+
INSTANTIATE_KEYMINT_AIDL_TEST(AttestKeyTest);
} // namespace aidl::android::hardware::security::keymint::test
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 3e87b6b..ce6f67a 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -811,30 +811,6 @@
return (found == key_characteristics.end()) ? kEmptyAuthList : found->authorizations;
}
-AuthorizationSet KeyMintAidlTestBase::HwEnforcedAuthorizations(
- const vector<KeyCharacteristics>& key_characteristics) {
- AuthorizationSet authList;
- for (auto& entry : key_characteristics) {
- if (entry.securityLevel == SecurityLevel::STRONGBOX ||
- entry.securityLevel == SecurityLevel::TRUSTED_ENVIRONMENT) {
- authList.push_back(AuthorizationSet(entry.authorizations));
- }
- }
- return authList;
-}
-
-AuthorizationSet KeyMintAidlTestBase::SwEnforcedAuthorizations(
- const vector<KeyCharacteristics>& key_characteristics) {
- AuthorizationSet authList;
- for (auto& entry : key_characteristics) {
- if (entry.securityLevel == SecurityLevel::SOFTWARE ||
- entry.securityLevel == SecurityLevel::KEYSTORE) {
- authList.push_back(AuthorizationSet(entry.authorizations));
- }
- }
- return authList;
-}
-
ErrorCode KeyMintAidlTestBase::UseAesKey(const vector<uint8_t>& aesKeyBlob) {
auto [result, ciphertext] = ProcessMessage(
aesKeyBlob, KeyPurpose::ENCRYPT, "1234567890123456",
@@ -1046,6 +1022,28 @@
return retval;
}
+AuthorizationSet HwEnforcedAuthorizations(const vector<KeyCharacteristics>& key_characteristics) {
+ AuthorizationSet authList;
+ for (auto& entry : key_characteristics) {
+ if (entry.securityLevel == SecurityLevel::STRONGBOX ||
+ entry.securityLevel == SecurityLevel::TRUSTED_ENVIRONMENT) {
+ authList.push_back(AuthorizationSet(entry.authorizations));
+ }
+ }
+ return authList;
+}
+
+AuthorizationSet SwEnforcedAuthorizations(const vector<KeyCharacteristics>& key_characteristics) {
+ AuthorizationSet authList;
+ for (auto& entry : key_characteristics) {
+ if (entry.securityLevel == SecurityLevel::SOFTWARE ||
+ entry.securityLevel == SecurityLevel::KEYSTORE) {
+ authList.push_back(AuthorizationSet(entry.authorizations));
+ }
+ }
+ return authList;
+}
+
AssertionResult ChainSignaturesAreValid(const vector<Certificate>& chain) {
std::stringstream cert_data;
@@ -1097,6 +1095,29 @@
return X509_Ptr(d2i_X509(nullptr /* allocate new */, &p, blob.size()));
}
+vector<uint8_t> make_name_from_str(const string& name) {
+ X509_NAME_Ptr x509_name(X509_NAME_new());
+ EXPECT_TRUE(x509_name.get() != nullptr);
+ if (!x509_name) return {};
+
+ EXPECT_EQ(1, X509_NAME_add_entry_by_txt(x509_name.get(), //
+ "CN", //
+ MBSTRING_ASC,
+ reinterpret_cast<const uint8_t*>(name.c_str()),
+ -1, // len
+ -1, // loc
+ 0 /* set */));
+
+ int len = i2d_X509_NAME(x509_name.get(), nullptr /* only return length */);
+ EXPECT_GT(len, 0);
+
+ vector<uint8_t> retval(len);
+ uint8_t* p = retval.data();
+ i2d_X509_NAME(x509_name.get(), &p);
+
+ return retval;
+}
+
} // namespace test
} // namespace aidl::android::hardware::security::keymint
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
index 0aef81b..4d97ea9 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
@@ -252,10 +252,6 @@
const vector<KeyParameter>& SecLevelAuthorizations(
const vector<KeyCharacteristics>& key_characteristics, SecurityLevel securityLevel);
- AuthorizationSet HwEnforcedAuthorizations(
- const vector<KeyCharacteristics>& key_characteristics);
- AuthorizationSet SwEnforcedAuthorizations(
- const vector<KeyCharacteristics>& key_characteristics);
ErrorCode UseAesKey(const vector<uint8_t>& aesKeyBlob);
ErrorCode UseHmacKey(const vector<uint8_t>& hmacKeyBlob);
ErrorCode UseRsaKey(const vector<uint8_t>& rsaKeyBlob);
@@ -280,12 +276,16 @@
const vector<uint8_t>& attestation_cert);
string bin2hex(const vector<uint8_t>& data);
X509_Ptr parse_cert_blob(const vector<uint8_t>& blob);
+vector<uint8_t> make_name_from_str(const string& name);
+AuthorizationSet HwEnforcedAuthorizations(const vector<KeyCharacteristics>& key_characteristics);
+AuthorizationSet SwEnforcedAuthorizations(const vector<KeyCharacteristics>& key_characteristics);
::testing::AssertionResult ChainSignaturesAreValid(const vector<Certificate>& chain);
#define INSTANTIATE_KEYMINT_AIDL_TEST(name) \
INSTANTIATE_TEST_SUITE_P(PerInstance, name, \
testing::ValuesIn(KeyMintAidlTestBase::build_params()), \
- ::android::PrintInstanceNameToString)
+ ::android::PrintInstanceNameToString); \
+ GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(name);
} // namespace test
diff --git a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
index 9b797de..57bc27a 100644
--- a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -17,18 +17,21 @@
#define LOG_TAG "VtsRemotelyProvisionableComponentTests"
#include <RemotelyProvisionedComponent.h>
-#include <aidl/Gtest.h>
-#include <aidl/Vintf.h>
#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h>
#include <aidl/android/hardware/security/keymint/SecurityLevel.h>
#include <android/binder_manager.h>
#include <cppbor_parse.h>
#include <cppcose/cppcose.h>
#include <gmock/gmock.h>
-#include <gtest/gtest.h>
#include <keymaster/keymaster_configuration.h>
+#include <keymint_support/authorization_set.h>
+#include <openssl/ec.h>
+#include <openssl/ec_key.h>
+#include <openssl/x509.h>
#include <remote_prov/remote_prov_utils.h>
+#include "KeyMintAidlTestBase.h"
+
namespace aidl::android::hardware::security::keymint::test {
using ::std::string;
@@ -52,6 +55,214 @@
return bytevec(p, p + strlen(s));
}
+void p256_pub_key(const vector<uint8_t>& coseKeyData, EVP_PKEY_Ptr* signingKey) {
+ // Extract x and y affine coordinates from the encoded Cose_Key.
+ auto [parsedPayload, __, payloadParseErr] = cppbor::parse(coseKeyData);
+ ASSERT_TRUE(parsedPayload) << "Key parse failed: " << payloadParseErr;
+ auto coseKey = parsedPayload->asMap();
+ const std::unique_ptr<cppbor::Item>& xItem = coseKey->get(cppcose::CoseKey::PUBKEY_X);
+ ASSERT_NE(xItem->asBstr(), nullptr);
+ vector<uint8_t> x = xItem->asBstr()->value();
+ const std::unique_ptr<cppbor::Item>& yItem = coseKey->get(cppcose::CoseKey::PUBKEY_Y);
+ ASSERT_NE(yItem->asBstr(), nullptr);
+ vector<uint8_t> y = yItem->asBstr()->value();
+
+ // Concatenate: 0x04 (uncompressed form marker) | x | y
+ vector<uint8_t> pubKeyData{0x04};
+ pubKeyData.insert(pubKeyData.end(), x.begin(), x.end());
+ pubKeyData.insert(pubKeyData.end(), y.begin(), y.end());
+
+ EC_KEY_Ptr ecKey = EC_KEY_Ptr(EC_KEY_new());
+ ASSERT_NE(ecKey, nullptr);
+ EC_GROUP_Ptr group = EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ ASSERT_NE(group, nullptr);
+ ASSERT_EQ(EC_KEY_set_group(ecKey.get(), group.get()), 1);
+ EC_POINT_Ptr point = EC_POINT_Ptr(EC_POINT_new(group.get()));
+ ASSERT_NE(point, nullptr);
+ ASSERT_EQ(EC_POINT_oct2point(group.get(), point.get(), pubKeyData.data(), pubKeyData.size(),
+ nullptr),
+ 1);
+ ASSERT_EQ(EC_KEY_set_public_key(ecKey.get(), point.get()), 1);
+
+ EVP_PKEY_Ptr pubKey = EVP_PKEY_Ptr(EVP_PKEY_new());
+ ASSERT_NE(pubKey, nullptr);
+ EVP_PKEY_assign_EC_KEY(pubKey.get(), ecKey.release());
+ *signingKey = std::move(pubKey);
+}
+
+void check_cose_key(const vector<uint8_t>& data, bool testMode) {
+ auto [parsedPayload, __, payloadParseErr] = cppbor::parse(data);
+ ASSERT_TRUE(parsedPayload) << "Key parse failed: " << payloadParseErr;
+
+ // The following check assumes that canonical CBOR encoding is used for the COSE_Key.
+ if (testMode) {
+ EXPECT_THAT(cppbor::prettyPrint(parsedPayload.get()),
+ MatchesRegex("{\n"
+ " 1 : 2,\n" // kty: EC2
+ " 3 : -7,\n" // alg: ES256
+ " -1 : 1,\n" // EC id: P256
+ // The regex {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}} matches a
+ // sequence of 32 hexadecimal bytes, enclosed in braces and
+ // separated by commas. In this case, some Ed25519 public key.
+ " -2 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n" // pub_x: data
+ " -3 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n" // pub_y: data
+ " -70000 : null,\n" // test marker
+ "}"));
+ } else {
+ EXPECT_THAT(cppbor::prettyPrint(parsedPayload.get()),
+ MatchesRegex("{\n"
+ " 1 : 2,\n" // kty: EC2
+ " 3 : -7,\n" // alg: ES256
+ " -1 : 1,\n" // EC id: P256
+ // The regex {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}} matches a
+ // sequence of 32 hexadecimal bytes, enclosed in braces and
+ // separated by commas. In this case, some Ed25519 public key.
+ " -2 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n" // pub_x: data
+ " -3 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n" // pub_y: data
+ "}"));
+ }
+}
+
+void check_maced_pubkey(const MacedPublicKey& macedPubKey, bool testMode,
+ vector<uint8_t>* payload_value) {
+ auto [coseMac0, _, mac0ParseErr] = cppbor::parse(macedPubKey.macedKey);
+ ASSERT_TRUE(coseMac0) << "COSE Mac0 parse failed " << mac0ParseErr;
+
+ ASSERT_NE(coseMac0->asArray(), nullptr);
+ ASSERT_EQ(coseMac0->asArray()->size(), kCoseMac0EntryCount);
+
+ auto protParms = coseMac0->asArray()->get(kCoseMac0ProtectedParams)->asBstr();
+ ASSERT_NE(protParms, nullptr);
+
+ // Header label:value of 'alg': HMAC-256
+ ASSERT_EQ(cppbor::prettyPrint(protParms->value()), "{\n 1 : 5,\n}");
+
+ auto unprotParms = coseMac0->asArray()->get(kCoseMac0UnprotectedParams)->asMap();
+ ASSERT_NE(unprotParms, nullptr);
+ ASSERT_EQ(unprotParms->size(), 0);
+
+ // The payload is a bstr holding an encoded COSE_Key
+ auto payload = coseMac0->asArray()->get(kCoseMac0Payload)->asBstr();
+ ASSERT_NE(payload, nullptr);
+ check_cose_key(payload->value(), testMode);
+
+ auto coseMac0Tag = coseMac0->asArray()->get(kCoseMac0Tag)->asBstr();
+ ASSERT_TRUE(coseMac0Tag);
+ auto extractedTag = coseMac0Tag->value();
+ EXPECT_EQ(extractedTag.size(), 32U);
+
+ // Compare with tag generated with kTestMacKey. Should only match in test mode
+ auto testTag = cppcose::generateCoseMac0Mac(remote_prov::kTestMacKey, {} /* external_aad */,
+ payload->value());
+ ASSERT_TRUE(testTag) << "Tag calculation failed: " << testTag.message();
+
+ if (testMode) {
+ EXPECT_EQ(*testTag, extractedTag);
+ } else {
+ EXPECT_NE(*testTag, extractedTag);
+ }
+ if (payload_value != nullptr) {
+ *payload_value = payload->value();
+ }
+}
+
+ErrMsgOr<MacedPublicKey> corrupt_maced_key(const MacedPublicKey& macedPubKey) {
+ auto [coseMac0, _, mac0ParseErr] = cppbor::parse(macedPubKey.macedKey);
+ if (!coseMac0 || coseMac0->asArray()->size() != kCoseMac0EntryCount) {
+ return "COSE Mac0 parse failed";
+ }
+ auto protParams = coseMac0->asArray()->get(kCoseMac0ProtectedParams)->asBstr();
+ auto unprotParams = coseMac0->asArray()->get(kCoseMac0UnprotectedParams)->asMap();
+ auto payload = coseMac0->asArray()->get(kCoseMac0Payload)->asBstr();
+ auto tag = coseMac0->asArray()->get(kCoseMac0Tag)->asBstr();
+ if (!protParams || !unprotParams || !payload || !tag) {
+ return "Invalid COSE_Sign1: missing content";
+ }
+ auto corruptMac0 = cppbor::Array();
+ corruptMac0.add(protParams->clone());
+ corruptMac0.add(unprotParams->clone());
+ corruptMac0.add(payload->clone());
+ vector<uint8_t> tagData = tag->value();
+ tagData[0] ^= 0x08;
+ tagData[tagData.size() - 1] ^= 0x80;
+ corruptMac0.add(cppbor::Bstr(tagData));
+
+ return MacedPublicKey{corruptMac0.encode()};
+}
+
+ErrMsgOr<cppbor::Array> corrupt_sig(const cppbor::Array* coseSign1) {
+ if (coseSign1->size() != kCoseSign1EntryCount) {
+ return "Invalid COSE_Sign1, wrong entry count";
+ }
+ const cppbor::Bstr* protectedParams = coseSign1->get(kCoseSign1ProtectedParams)->asBstr();
+ const cppbor::Map* unprotectedParams = coseSign1->get(kCoseSign1UnprotectedParams)->asMap();
+ const cppbor::Bstr* payload = coseSign1->get(kCoseSign1Payload)->asBstr();
+ const cppbor::Bstr* signature = coseSign1->get(kCoseSign1Signature)->asBstr();
+ if (!protectedParams || !unprotectedParams || !payload || !signature) {
+ return "Invalid COSE_Sign1: missing content";
+ }
+
+ auto corruptSig = cppbor::Array();
+ corruptSig.add(protectedParams->clone());
+ corruptSig.add(unprotectedParams->clone());
+ corruptSig.add(payload->clone());
+ vector<uint8_t> sigData = signature->value();
+ sigData[0] ^= 0x08;
+ corruptSig.add(cppbor::Bstr(sigData));
+
+ return std::move(corruptSig);
+}
+
+ErrMsgOr<EekChain> corrupt_sig_chain(const EekChain& eek, int which) {
+ auto [chain, _, parseErr] = cppbor::parse(eek.chain);
+ if (!chain || !chain->asArray()) {
+ return "EekChain parse failed";
+ }
+
+ cppbor::Array* eekChain = chain->asArray();
+ if (which >= eekChain->size()) {
+ return "selected sig out of range";
+ }
+ auto corruptChain = cppbor::Array();
+
+ for (int ii = 0; ii < eekChain->size(); ++ii) {
+ if (ii == which) {
+ auto sig = corrupt_sig(eekChain->get(which)->asArray());
+ if (!sig) {
+ return "Failed to build corrupted signature" + sig.moveMessage();
+ }
+ corruptChain.add(sig.moveValue());
+ } else {
+ corruptChain.add(eekChain->get(ii)->clone());
+ }
+ }
+ return EekChain{corruptChain.encode(), eek.last_pubkey, eek.last_privkey};
+}
+
+string device_suffix(const string& name) {
+ size_t pos = name.find('/');
+ if (pos == string::npos) {
+ return name;
+ }
+ return name.substr(pos + 1);
+}
+
+bool matching_keymint_device(const string& rp_name, std::shared_ptr<IKeyMintDevice>* keyMint) {
+ string rp_suffix = device_suffix(rp_name);
+
+ vector<string> km_names = ::android::getAidlHalInstanceNames(IKeyMintDevice::descriptor);
+ for (const string& km_name : km_names) {
+ // If the suffix of the KeyMint instance equals the suffix of the
+ // RemotelyProvisionedComponent instance, assume they match.
+ if (device_suffix(km_name) == rp_suffix && AServiceManager_isDeclared(km_name.c_str())) {
+ ::ndk::SpAIBinder binder(AServiceManager_waitForService(km_name.c_str()));
+ *keyMint = IKeyMintDevice::fromBinder(binder);
+ return true;
+ }
+ }
+ return false;
+}
+
} // namespace
class VtsRemotelyProvisionedComponentTests : public testing::TestWithParam<std::string> {
@@ -78,7 +289,8 @@
INSTANTIATE_REM_PROV_AIDL_TEST(GenerateKeyTests);
/**
- * Generate and validate a production-mode key. MAC tag can't be verified.
+ * Generate and validate a production-mode key. MAC tag can't be verified, but
+ * the private key blob should be usable in KeyMint operations.
*/
TEST_P(GenerateKeyTests, generateEcdsaP256Key_prodMode) {
MacedPublicKey macedPubKey;
@@ -86,48 +298,72 @@
bool testMode = false;
auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &macedPubKey, &privateKeyBlob);
ASSERT_TRUE(status.isOk());
+ vector<uint8_t> coseKeyData;
+ check_maced_pubkey(macedPubKey, testMode, &coseKeyData);
+}
- auto [coseMac0, _, mac0ParseErr] = cppbor::parse(macedPubKey.macedKey);
- ASSERT_TRUE(coseMac0) << "COSE Mac0 parse failed " << mac0ParseErr;
+/**
+ * Generate and validate a production-mode key, then use it as a KeyMint attestation key.
+ */
+TEST_P(GenerateKeyTests, generateAndUseEcdsaP256Key_prodMode) {
+ // See if there is a matching IKeyMintDevice for this IRemotelyProvisionedComponent.
+ std::shared_ptr<IKeyMintDevice> keyMint;
+ if (!matching_keymint_device(GetParam(), &keyMint)) {
+ // No matching IKeyMintDevice.
+ GTEST_SKIP() << "Skipping key use test as no matching KeyMint device found";
+ return;
+ }
+ KeyMintHardwareInfo info;
+ ASSERT_TRUE(keyMint->getHardwareInfo(&info).isOk());
- ASSERT_NE(coseMac0->asArray(), nullptr);
- ASSERT_EQ(coseMac0->asArray()->size(), kCoseMac0EntryCount);
+ MacedPublicKey macedPubKey;
+ bytevec privateKeyBlob;
+ bool testMode = false;
+ auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &macedPubKey, &privateKeyBlob);
+ ASSERT_TRUE(status.isOk());
+ vector<uint8_t> coseKeyData;
+ check_maced_pubkey(macedPubKey, testMode, &coseKeyData);
- auto protParms = coseMac0->asArray()->get(kCoseMac0ProtectedParams)->asBstr();
- ASSERT_NE(protParms, nullptr);
- ASSERT_EQ(cppbor::prettyPrint(protParms->value()), "{\n 1 : 5,\n}");
+ AttestationKey attestKey;
+ attestKey.keyBlob = std::move(privateKeyBlob);
+ attestKey.issuerSubjectName = make_name_from_str("Android Keystore Key");
- auto unprotParms = coseMac0->asArray()->get(kCoseMac0UnprotectedParams)->asMap();
- ASSERT_NE(unprotParms, nullptr);
- ASSERT_EQ(unprotParms->size(), 0);
+ // Generate an ECDSA key that is attested by the generated P256 keypair.
+ AuthorizationSet keyDesc = AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .EcdsaSigningKey(256)
+ .AttestationChallenge("foo")
+ .AttestationApplicationId("bar")
+ .Digest(Digest::NONE)
+ .SetDefaultValidity();
+ KeyCreationResult creationResult;
+ auto result = keyMint->generateKey(keyDesc.vector_data(), attestKey, &creationResult);
+ ASSERT_TRUE(result.isOk());
+ vector<uint8_t> attested_key_blob = std::move(creationResult.keyBlob);
+ vector<KeyCharacteristics> attested_key_characteristics =
+ std::move(creationResult.keyCharacteristics);
+ vector<Certificate> attested_key_cert_chain = std::move(creationResult.certificateChain);
+ EXPECT_EQ(attested_key_cert_chain.size(), 1);
- auto payload = coseMac0->asArray()->get(kCoseMac0Payload)->asBstr();
- ASSERT_NE(payload, nullptr);
- auto [parsedPayload, __, payloadParseErr] = cppbor::parse(payload->value());
- ASSERT_TRUE(parsedPayload) << "Key parse failed: " << payloadParseErr;
- EXPECT_THAT(cppbor::prettyPrint(parsedPayload.get()),
- MatchesRegex("{\n"
- " 1 : 2,\n"
- " 3 : -7,\n"
- " -1 : 1,\n"
- // The regex {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}} matches a sequence of
- // 32 hexadecimal bytes, enclosed in braces and separated by commas.
- // In this case, some Ed25519 public key.
- " -2 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n"
- " -3 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n"
- "}"));
+ AuthorizationSet hw_enforced = HwEnforcedAuthorizations(attested_key_characteristics);
+ AuthorizationSet sw_enforced = SwEnforcedAuthorizations(attested_key_characteristics);
+ EXPECT_TRUE(verify_attestation_record("foo", "bar", sw_enforced, hw_enforced,
+ info.securityLevel,
+ attested_key_cert_chain[0].encodedCertificate));
- auto coseMac0Tag = coseMac0->asArray()->get(kCoseMac0Tag)->asBstr();
- ASSERT_TRUE(coseMac0Tag);
- auto extractedTag = coseMac0Tag->value();
- EXPECT_EQ(extractedTag.size(), 32U);
+ // Attestation by itself is not valid (last entry is not self-signed).
+ EXPECT_FALSE(ChainSignaturesAreValid(attested_key_cert_chain));
- // Compare with tag generated with kTestMacKey. Shouldn't match.
- auto testTag = cppcose::generateCoseMac0Mac(remote_prov::kTestMacKey, {} /* external_aad */,
- payload->value());
- ASSERT_TRUE(testTag) << "Tag calculation failed: " << testTag.message();
+ // The signature over the attested key should correspond to the P256 public key.
+ X509_Ptr key_cert(parse_cert_blob(attested_key_cert_chain[0].encodedCertificate));
+ ASSERT_TRUE(key_cert.get());
+ EVP_PKEY_Ptr signing_pubkey;
+ p256_pub_key(coseKeyData, &signing_pubkey);
+ ASSERT_TRUE(signing_pubkey.get());
- EXPECT_NE(*testTag, extractedTag);
+ ASSERT_TRUE(X509_verify(key_cert.get(), signing_pubkey.get()))
+ << "Verification of attested certificate failed "
+ << "OpenSSL error string: " << ERR_error_string(ERR_get_error(), NULL);
}
/**
@@ -140,56 +376,20 @@
auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &macedPubKey, &privateKeyBlob);
ASSERT_TRUE(status.isOk());
- auto [coseMac0, _, mac0ParseErr] = cppbor::parse(macedPubKey.macedKey);
- ASSERT_TRUE(coseMac0) << "COSE Mac0 parse failed " << mac0ParseErr;
-
- ASSERT_NE(coseMac0->asArray(), nullptr);
- ASSERT_EQ(coseMac0->asArray()->size(), kCoseMac0EntryCount);
-
- auto protParms = coseMac0->asArray()->get(kCoseMac0ProtectedParams)->asBstr();
- ASSERT_NE(protParms, nullptr);
- ASSERT_EQ(cppbor::prettyPrint(protParms->value()), "{\n 1 : 5,\n}");
-
- auto unprotParms = coseMac0->asArray()->get(kCoseMac0UnprotectedParams)->asMap();
- ASSERT_NE(unprotParms, nullptr);
- ASSERT_EQ(unprotParms->size(), 0);
-
- auto payload = coseMac0->asArray()->get(kCoseMac0Payload)->asBstr();
- ASSERT_NE(payload, nullptr);
- auto [parsedPayload, __, payloadParseErr] = cppbor::parse(payload->value());
- ASSERT_TRUE(parsedPayload) << "Key parse failed: " << payloadParseErr;
- EXPECT_THAT(cppbor::prettyPrint(parsedPayload.get()),
- MatchesRegex("{\n"
- " 1 : 2,\n"
- " 3 : -7,\n"
- " -1 : 1,\n"
- // The regex {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}} matches a sequence of
- // 32 hexadecimal bytes, enclosed in braces and separated by commas.
- // In this case, some Ed25519 public key.
- " -2 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n"
- " -3 : {(0x[0-9a-f]{2}, ){31}0x[0-9a-f]{2}},\n"
- " -70000 : null,\n"
- "}"));
-
- auto coseMac0Tag = coseMac0->asArray()->get(kCoseMac0Tag)->asBstr();
- ASSERT_TRUE(coseMac0);
- auto extractedTag = coseMac0Tag->value();
- EXPECT_EQ(extractedTag.size(), 32U);
-
- // Compare with tag generated with kTestMacKey. Should match.
- auto testTag = cppcose::generateCoseMac0Mac(remote_prov::kTestMacKey, {} /* external_aad */,
- payload->value());
- ASSERT_TRUE(testTag) << testTag.message();
-
- EXPECT_EQ(*testTag, extractedTag);
+ check_maced_pubkey(macedPubKey, testMode, nullptr);
}
class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
protected:
- CertificateRequestTest() : eekId_(string_to_bytevec("eekid")) {
- auto chain = generateEekChain(3, eekId_);
+ CertificateRequestTest() : eekId_(string_to_bytevec("eekid")), challenge_(randomBytes(32)) {
+ generateEek(3);
+ }
+
+ void generateEek(size_t eekLength) {
+ auto chain = generateEekChain(eekLength, eekId_);
EXPECT_TRUE(chain) << chain.message();
if (chain) eekChain_ = chain.moveValue();
+ eekLength_ = eekLength;
}
void generateKeys(bool testMode, size_t numKeys) {
@@ -201,21 +401,76 @@
auto status = provisionable_->generateEcdsaP256KeyPair(testMode, &key, &privateKeyBlob);
ASSERT_TRUE(status.isOk()) << status.getMessage();
- auto [parsedMacedKey, _, parseErr] = cppbor::parse(key.macedKey);
- ASSERT_TRUE(parsedMacedKey) << "Failed parsing MACed key: " << parseErr;
- ASSERT_TRUE(parsedMacedKey->asArray()) << "COSE_Mac0 not an array?";
- ASSERT_EQ(parsedMacedKey->asArray()->size(), kCoseMac0EntryCount);
-
- auto& payload = parsedMacedKey->asArray()->get(kCoseMac0Payload);
- ASSERT_TRUE(payload);
- ASSERT_TRUE(payload->asBstr());
-
- cborKeysToSign_.add(cppbor::EncodedItem(payload->asBstr()->value()));
+ vector<uint8_t> payload_value;
+ check_maced_pubkey(key, testMode, &payload_value);
+ cborKeysToSign_.add(cppbor::EncodedItem(payload_value));
}
}
+ void checkProtectedData(const DeviceInfo& deviceInfo, const cppbor::Array& keysToSign,
+ const bytevec& keysToSignMac, const ProtectedData& protectedData) {
+ auto [parsedProtectedData, _, protDataErrMsg] = cppbor::parse(protectedData.protectedData);
+ ASSERT_TRUE(parsedProtectedData) << protDataErrMsg;
+ ASSERT_TRUE(parsedProtectedData->asArray());
+ ASSERT_EQ(parsedProtectedData->asArray()->size(), kCoseEncryptEntryCount);
+
+ auto senderPubkey = getSenderPubKeyFromCoseEncrypt(parsedProtectedData);
+ ASSERT_TRUE(senderPubkey) << senderPubkey.message();
+ EXPECT_EQ(senderPubkey->second, eekId_);
+
+ auto sessionKey = x25519_HKDF_DeriveKey(eekChain_.last_pubkey, eekChain_.last_privkey,
+ senderPubkey->first, false /* senderIsA */);
+ ASSERT_TRUE(sessionKey) << sessionKey.message();
+
+ auto protectedDataPayload =
+ decryptCoseEncrypt(*sessionKey, parsedProtectedData.get(), bytevec{} /* aad */);
+ ASSERT_TRUE(protectedDataPayload) << protectedDataPayload.message();
+
+ auto [parsedPayload, __, payloadErrMsg] = cppbor::parse(*protectedDataPayload);
+ ASSERT_TRUE(parsedPayload) << "Failed to parse payload: " << payloadErrMsg;
+ ASSERT_TRUE(parsedPayload->asArray());
+ EXPECT_EQ(parsedPayload->asArray()->size(), 2U);
+
+ auto& signedMac = parsedPayload->asArray()->get(0);
+ auto& bcc = parsedPayload->asArray()->get(1);
+ ASSERT_TRUE(signedMac && signedMac->asArray());
+ ASSERT_TRUE(bcc && bcc->asArray());
+
+ // BCC is [ pubkey, + BccEntry]
+ auto bccContents = validateBcc(bcc->asArray());
+ ASSERT_TRUE(bccContents) << "\n" << bccContents.message() << "\n" << prettyPrint(bcc.get());
+ ASSERT_GT(bccContents->size(), 0U);
+
+ auto [deviceInfoMap, __2, deviceInfoErrMsg] = cppbor::parse(deviceInfo.deviceInfo);
+ ASSERT_TRUE(deviceInfoMap) << "Failed to parse deviceInfo: " << deviceInfoErrMsg;
+ ASSERT_TRUE(deviceInfoMap->asMap());
+
+ auto& signingKey = bccContents->back().pubKey;
+ auto macKey = verifyAndParseCoseSign1(/* ignore_signature = */ false, signedMac->asArray(),
+ signingKey,
+ cppbor::Array() // SignedMacAad
+ .add(challenge_)
+ .add(std::move(deviceInfoMap))
+ .encode());
+ ASSERT_TRUE(macKey) << macKey.message();
+
+ auto coseMac0 = cppbor::Array()
+ .add(cppbor::Map() // protected
+ .add(ALGORITHM, HMAC_256)
+ .canonicalize()
+ .encode())
+ .add(cppbor::Map()) // unprotected
+ .add(keysToSign.encode()) // payload (keysToSign)
+ .add(keysToSignMac); // tag
+
+ auto macPayload = verifyAndParseCoseMac0(&coseMac0, *macKey);
+ ASSERT_TRUE(macPayload) << macPayload.message();
+ }
+
bytevec eekId_;
+ size_t eekLength_;
EekChain eekChain_;
+ bytevec challenge_;
std::vector<MacedPublicKey> keysToSign_;
cppbor::Array cborKeysToSign_;
};
@@ -226,66 +481,20 @@
*/
TEST_P(CertificateRequestTest, EmptyRequest_testMode) {
bool testMode = true;
- bytevec keysToSignMac;
- DeviceInfo deviceInfo;
- ProtectedData protectedData;
- auto challenge = randomBytes(32);
- auto status = provisionable_->generateCertificateRequest(
- testMode, {} /* keysToSign */, eekChain_.chain, challenge, &deviceInfo, &protectedData,
- &keysToSignMac);
- ASSERT_TRUE(status.isOk()) << status.getMessage();
+ for (size_t eekLength : {2, 3, 7}) {
+ SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
+ generateEek(eekLength);
- auto [parsedProtectedData, _, protDataErrMsg] = cppbor::parse(protectedData.protectedData);
- ASSERT_TRUE(parsedProtectedData) << protDataErrMsg;
- ASSERT_TRUE(parsedProtectedData->asArray());
- ASSERT_EQ(parsedProtectedData->asArray()->size(), kCoseEncryptEntryCount);
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, {} /* keysToSign */, eekChain_.chain, challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
+ ASSERT_TRUE(status.isOk()) << status.getMessage();
- auto senderPubkey = getSenderPubKeyFromCoseEncrypt(parsedProtectedData);
- ASSERT_TRUE(senderPubkey) << senderPubkey.message();
- EXPECT_EQ(senderPubkey->second, eekId_);
-
- auto sessionKey = x25519_HKDF_DeriveKey(eekChain_.last_pubkey, eekChain_.last_privkey,
- senderPubkey->first, false /* senderIsA */);
- ASSERT_TRUE(sessionKey) << sessionKey.message();
-
- auto protectedDataPayload =
- decryptCoseEncrypt(*sessionKey, parsedProtectedData.get(), bytevec{} /* aad */);
- ASSERT_TRUE(protectedDataPayload) << protectedDataPayload.message();
-
- auto [parsedPayload, __, payloadErrMsg] = cppbor::parse(*protectedDataPayload);
- ASSERT_TRUE(parsedPayload) << "Failed to parse payload: " << payloadErrMsg;
- ASSERT_TRUE(parsedPayload->asArray());
- EXPECT_EQ(parsedPayload->asArray()->size(), 2U);
-
- auto& signedMac = parsedPayload->asArray()->get(0);
- auto& bcc = parsedPayload->asArray()->get(1);
- ASSERT_TRUE(signedMac && signedMac->asArray());
- ASSERT_TRUE(bcc && bcc->asArray());
-
- // BCC is [ pubkey, + BccEntry]
- auto bccContents = validateBcc(bcc->asArray());
- ASSERT_TRUE(bccContents) << "\n" << bccContents.message() << "\n" << prettyPrint(bcc.get());
- ASSERT_GT(bccContents->size(), 0U);
-
- auto& signingKey = bccContents->back().pubKey;
- auto macKey = verifyAndParseCoseSign1(testMode, signedMac->asArray(), signingKey,
- cppbor::Array() // DeviceInfo
- .add(challenge) //
- .add(cppbor::Map())
- .encode());
- ASSERT_TRUE(macKey) << macKey.message();
-
- auto coseMac0 = cppbor::Array()
- .add(cppbor::Map() // protected
- .add(ALGORITHM, HMAC_256)
- .canonicalize()
- .encode())
- .add(cppbor::Map()) // unprotected
- .add(cppbor::Array().encode()) // payload (keysToSign)
- .add(std::move(keysToSignMac)); // tag
-
- auto macPayload = verifyAndParseCoseMac0(&coseMac0, *macKey);
- ASSERT_TRUE(macPayload) << macPayload.message();
+ checkProtectedData(deviceInfo, cppbor::Array(), keysToSignMac, protectedData);
+ }
}
/**
@@ -297,15 +506,20 @@
*/
TEST_P(CertificateRequestTest, EmptyRequest_prodMode) {
bool testMode = false;
- bytevec keysToSignMac;
- DeviceInfo deviceInfo;
- ProtectedData protectedData;
- auto challenge = randomBytes(32);
- auto status = provisionable_->generateCertificateRequest(
- testMode, {} /* keysToSign */, eekChain_.chain, challenge, &deviceInfo, &protectedData,
- &keysToSignMac);
- ASSERT_FALSE(status.isOk());
- ASSERT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
+ for (size_t eekLength : {2, 3, 7}) {
+ SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
+ generateEek(eekLength);
+
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, {} /* keysToSign */, eekChain_.chain, challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
+ EXPECT_FALSE(status.isOk());
+ EXPECT_EQ(status.getServiceSpecificError(),
+ BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
+ }
}
/**
@@ -315,65 +529,20 @@
bool testMode = true;
generateKeys(testMode, 4 /* numKeys */);
- bytevec keysToSignMac;
- DeviceInfo deviceInfo;
- ProtectedData protectedData;
- auto challenge = randomBytes(32);
- auto status = provisionable_->generateCertificateRequest(testMode, keysToSign_, eekChain_.chain,
- challenge, &deviceInfo, &protectedData,
- &keysToSignMac);
- ASSERT_TRUE(status.isOk()) << status.getMessage();
+ for (size_t eekLength : {2, 3, 7}) {
+ SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
+ generateEek(eekLength);
- auto [parsedProtectedData, _, protDataErrMsg] = cppbor::parse(protectedData.protectedData);
- ASSERT_TRUE(parsedProtectedData) << protDataErrMsg;
- ASSERT_TRUE(parsedProtectedData->asArray());
- ASSERT_EQ(parsedProtectedData->asArray()->size(), kCoseEncryptEntryCount);
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, keysToSign_, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
+ &keysToSignMac);
+ ASSERT_TRUE(status.isOk()) << status.getMessage();
- auto senderPubkey = getSenderPubKeyFromCoseEncrypt(parsedProtectedData);
- ASSERT_TRUE(senderPubkey) << senderPubkey.message();
- EXPECT_EQ(senderPubkey->second, eekId_);
-
- auto sessionKey = x25519_HKDF_DeriveKey(eekChain_.last_pubkey, eekChain_.last_privkey,
- senderPubkey->first, false /* senderIsA */);
- ASSERT_TRUE(sessionKey) << sessionKey.message();
-
- auto protectedDataPayload =
- decryptCoseEncrypt(*sessionKey, parsedProtectedData.get(), bytevec{} /* aad */);
- ASSERT_TRUE(protectedDataPayload) << protectedDataPayload.message();
-
- auto [parsedPayload, __, payloadErrMsg] = cppbor::parse(*protectedDataPayload);
- ASSERT_TRUE(parsedPayload) << "Failed to parse payload: " << payloadErrMsg;
- ASSERT_TRUE(parsedPayload->asArray());
- EXPECT_EQ(parsedPayload->asArray()->size(), 2U);
-
- auto& signedMac = parsedPayload->asArray()->get(0);
- auto& bcc = parsedPayload->asArray()->get(1);
- ASSERT_TRUE(signedMac && signedMac->asArray());
- ASSERT_TRUE(bcc);
-
- auto bccContents = validateBcc(bcc->asArray());
- ASSERT_TRUE(bccContents) << "\n" << prettyPrint(bcc.get());
- ASSERT_GT(bccContents->size(), 0U);
-
- auto& signingKey = bccContents->back().pubKey;
- auto macKey = verifyAndParseCoseSign1(testMode, signedMac->asArray(), signingKey,
- cppbor::Array() // DeviceInfo
- .add(challenge) //
- .add(cppbor::Array())
- .encode());
- ASSERT_TRUE(macKey) << macKey.message();
-
- auto coseMac0 = cppbor::Array()
- .add(cppbor::Map() // protected
- .add(ALGORITHM, HMAC_256)
- .canonicalize()
- .encode())
- .add(cppbor::Map()) // unprotected
- .add(cborKeysToSign_.encode()) // payload
- .add(std::move(keysToSignMac)); // tag
-
- auto macPayload = verifyAndParseCoseMac0(&coseMac0, *macKey);
- ASSERT_TRUE(macPayload) << macPayload.message();
+ checkProtectedData(deviceInfo, cborKeysToSign_, keysToSignMac, protectedData);
+ }
}
/**
@@ -387,13 +556,117 @@
bool testMode = false;
generateKeys(testMode, 4 /* numKeys */);
+ for (size_t eekLength : {2, 3, 7}) {
+ SCOPED_TRACE(testing::Message() << "EEK of length " << eekLength);
+ generateEek(eekLength);
+
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, keysToSign_, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
+ &keysToSignMac);
+ EXPECT_FALSE(status.isOk());
+ EXPECT_EQ(status.getServiceSpecificError(),
+ BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
+ }
+}
+
+/**
+ * Generate a non-empty certificate request in test mode, but with the MAC corrupted on the keypair.
+ */
+TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_testMode) {
+ bool testMode = true;
+ generateKeys(testMode, 1 /* numKeys */);
+ MacedPublicKey keyWithCorruptMac = corrupt_maced_key(keysToSign_[0]).moveValue();
+
bytevec keysToSignMac;
DeviceInfo deviceInfo;
ProtectedData protectedData;
- auto challenge = randomBytes(32);
- auto status = provisionable_->generateCertificateRequest(testMode, keysToSign_, eekChain_.chain,
- challenge, &deviceInfo, &protectedData,
- &keysToSignMac);
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, {keyWithCorruptMac}, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
+ &keysToSignMac);
+ ASSERT_FALSE(status.isOk()) << status.getMessage();
+ EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_MAC);
+}
+
+/**
+ * Generate a non-empty certificate request in prod mode, but with the MAC corrupted on the keypair.
+ */
+TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_prodMode) {
+ bool testMode = true;
+ generateKeys(testMode, 1 /* numKeys */);
+ MacedPublicKey keyWithCorruptMac = corrupt_maced_key(keysToSign_[0]).moveValue();
+
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, {keyWithCorruptMac}, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
+ &keysToSignMac);
+ ASSERT_FALSE(status.isOk()) << status.getMessage();
+ auto rc = status.getServiceSpecificError();
+
+ // TODO(drysdale): drop the INVALID_EEK potential error code when a real GEEK is available.
+ EXPECT_TRUE(rc == BnRemotelyProvisionedComponent::STATUS_INVALID_EEK ||
+ rc == BnRemotelyProvisionedComponent::STATUS_INVALID_MAC);
+}
+
+/**
+ * Generate a non-empty certificate request in prod mode that has a corrupt EEK chain.
+ * Confirm that the request is rejected.
+ *
+ * TODO(drysdale): Update to use a valid GEEK, so that the test actually confirms that the
+ * implementation is checking signatures.
+ */
+TEST_P(CertificateRequestTest, NonEmptyCorruptEekRequest_prodMode) {
+ bool testMode = false;
+ generateKeys(testMode, 4 /* numKeys */);
+
+ for (size_t ii = 0; ii < eekLength_; ii++) {
+ auto chain = corrupt_sig_chain(eekChain_, ii);
+ ASSERT_TRUE(chain) << chain.message();
+ EekChain corruptEek = chain.moveValue();
+
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, keysToSign_, corruptEek.chain, challenge_, &deviceInfo, &protectedData,
+ &keysToSignMac);
+ ASSERT_FALSE(status.isOk());
+ ASSERT_EQ(status.getServiceSpecificError(),
+ BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
+ }
+}
+
+/**
+ * Generate a non-empty certificate request in prod mode that has an incomplete EEK chain.
+ * Confirm that the request is rejected.
+ *
+ * TODO(drysdale): Update to use a valid GEEK, so that the test actually confirms that the
+ * implementation is checking signatures.
+ */
+TEST_P(CertificateRequestTest, NonEmptyIncompleteEekRequest_prodMode) {
+ bool testMode = false;
+ generateKeys(testMode, 4 /* numKeys */);
+
+ // Build an EEK chain that omits the first self-signed cert.
+ auto truncatedChain = cppbor::Array();
+ auto [chain, _, parseErr] = cppbor::parse(eekChain_.chain);
+ ASSERT_TRUE(chain);
+ auto eekChain = chain->asArray();
+ ASSERT_NE(eekChain, nullptr);
+ for (size_t ii = 1; ii < eekChain->size(); ii++) {
+ truncatedChain.add(eekChain->get(ii)->clone());
+ }
+
+ bytevec keysToSignMac;
+ DeviceInfo deviceInfo;
+ ProtectedData protectedData;
+ auto status = provisionable_->generateCertificateRequest(
+ testMode, keysToSign_, truncatedChain.encode(), challenge_, &deviceInfo, &protectedData,
+ &keysToSignMac);
ASSERT_FALSE(status.isOk());
ASSERT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_EEK);
}
@@ -408,9 +681,8 @@
bytevec keysToSignMac;
DeviceInfo deviceInfo;
ProtectedData protectedData;
- auto challenge = randomBytes(32);
auto status = provisionable_->generateCertificateRequest(
- true /* testMode */, keysToSign_, eekChain_.chain, challenge, &deviceInfo,
+ true /* testMode */, keysToSign_, eekChain_.chain, challenge_, &deviceInfo,
&protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk());
ASSERT_EQ(status.getServiceSpecificError(),
@@ -428,8 +700,8 @@
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
- false /* testMode */, keysToSign_, eekChain_.chain, randomBytes(32) /* challenge */,
- &deviceInfo, &protectedData, &keysToSignMac);
+ false /* testMode */, keysToSign_, eekChain_.chain, challenge_, &deviceInfo,
+ &protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk());
ASSERT_EQ(status.getServiceSpecificError(),
BnRemotelyProvisionedComponent::STATUS_TEST_KEY_IN_PRODUCTION_REQUEST);
diff --git a/security/keymint/support/include/keymint_support/openssl_utils.h b/security/keymint/support/include/keymint_support/openssl_utils.h
index a0212aa..dee28ba 100644
--- a/security/keymint/support/include/keymint_support/openssl_utils.h
+++ b/security/keymint/support/include/keymint_support/openssl_utils.h
@@ -37,6 +37,7 @@
MAKE_OPENSSL_PTR_TYPE(BN_CTX)
MAKE_OPENSSL_PTR_TYPE(EC_GROUP)
MAKE_OPENSSL_PTR_TYPE(EC_KEY)
+MAKE_OPENSSL_PTR_TYPE(EC_POINT)
MAKE_OPENSSL_PTR_TYPE(EVP_PKEY)
MAKE_OPENSSL_PTR_TYPE(EVP_PKEY_CTX)
MAKE_OPENSSL_PTR_TYPE(RSA)
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 3e4f3f7..da10eb2 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -54,6 +54,8 @@
{} /* AAD */);
if (!coseSign1) return coseSign1.moveMessage();
eekChain.add(coseSign1.moveValue());
+
+ prev_priv_key = priv_key;
}
bytevec pub_key(X25519_PUBLIC_VALUE_LEN);
diff --git a/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp b/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp
index 9ca1ee8..31f4854 100644
--- a/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp
+++ b/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp
@@ -185,9 +185,11 @@
INSTANTIATE_TEST_SUITE_P(PerInstance, SecureClockAidlTest,
testing::ValuesIn(SecureClockAidlTest::build_params()),
::android::PrintInstanceNameToString);
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(SecureClockAidlTest);
+
} // namespace aidl::android::hardware::security::secureclock::test
int main(int argc, char** argv) {
::testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
-}
\ No newline at end of file
+}
diff --git a/tv/cec/1.0/vts/functional/Android.bp b/tv/cec/1.0/vts/functional/Android.bp
new file mode 100644
index 0000000..9a2c714
--- /dev/null
+++ b/tv/cec/1.0/vts/functional/Android.bp
@@ -0,0 +1,38 @@
+//
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+cc_test {
+ name: "VtsHalTvCecV1_0TargetTest",
+ defaults: ["VtsHalTargetTestDefaults"],
+ srcs: ["VtsHalTvCecV1_0TargetTest.cpp"],
+ static_libs: [
+ "android.hardware.tv.cec@1.0",
+ ],
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
+ disable_framework: true,
+}
diff --git a/tv/cec/1.0/vts/functional/README.md b/tv/cec/1.0/vts/functional/README.md
new file mode 100644
index 0000000..aecd6a6
--- /dev/null
+++ b/tv/cec/1.0/vts/functional/README.md
@@ -0,0 +1,30 @@
+# CEC VTS testing for Android TV devices
+
+Validate HDMI CEC VTS (android.hardware.tv.cec@1.0) functionality.
+
+### Setup:
+
+Running these CEC VTS tests requires an Android playback, TV or audio device connected to the host machine.
+
+
+
+### Building
+
+From the Android root folder, after choosing the lunch combo, use `make vts` to build VTS.
+
+### Automation
+
+On the host machine, ensure that the [software requirements](https://codelabs.developers.google.com/codelabs/android-lab/#2) for python SDK are met.
+
+Given the setup described above you can run tests with any of the following commands:
+
+1. Using vts-tradefed :
+```
+cd $ANDROID_BUILD_TOP/out/host/linux-x86/vts/android-vts/tools
+./vts-tradefed run commandAndExit vts -m VtsHalTvCecV1_0TargetTest
+```
+2. Using atest
+```
+atest VtsHalTvCecV1_0TargetTest
+```
+Note : atest internally handles building as well. To update the test use '-c' (clear cache) option
diff --git a/tv/cec/1.0/vts/functional/VtsHalTvCecV1_0TargetTest.cpp b/tv/cec/1.0/vts/functional/VtsHalTvCecV1_0TargetTest.cpp
new file mode 100644
index 0000000..7b42689
--- /dev/null
+++ b/tv/cec/1.0/vts/functional/VtsHalTvCecV1_0TargetTest.cpp
@@ -0,0 +1,209 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "HdmiCec_hal_test"
+#include <android-base/logging.h>
+
+#include <android/hardware/tv/cec/1.0/IHdmiCec.h>
+#include <android/hardware/tv/cec/1.0/types.h>
+#include <utils/Log.h>
+#include <sstream>
+#include <vector>
+
+#include <gtest/gtest.h>
+#include <hidl/GtestPrinter.h>
+#include <hidl/ServiceManagement.h>
+
+using ::android::sp;
+using ::android::hardware::hidl_death_recipient;
+using ::android::hardware::hidl_vec;
+using ::android::hardware::Return;
+using ::android::hardware::tv::cec::V1_0::CecDeviceType;
+using ::android::hardware::tv::cec::V1_0::CecLogicalAddress;
+using ::android::hardware::tv::cec::V1_0::CecMessage;
+using ::android::hardware::tv::cec::V1_0::HdmiPortInfo;
+using ::android::hardware::tv::cec::V1_0::HdmiPortType;
+using ::android::hardware::tv::cec::V1_0::IHdmiCec;
+using ::android::hardware::tv::cec::V1_0::OptionKey;
+using ::android::hardware::tv::cec::V1_0::Result;
+using ::android::hardware::tv::cec::V1_0::SendMessageResult;
+
+#define CEC_VERSION 0x05
+#define INCORRECT_VENDOR_ID 0x00
+#define TV_PHYSICAL_ADDRESS 0x0000
+
+// The main test class for TV CEC HAL.
+class HdmiCecTest : public ::testing::TestWithParam<std::string> {
+ public:
+ void SetUp() override {
+ hdmiCec = IHdmiCec::getService(GetParam());
+ ASSERT_NE(hdmiCec, nullptr);
+ ALOGI("%s: getService() for hdmiCec is %s", __func__,
+ hdmiCec->isRemote() ? "remote" : "local");
+
+ hdmiCec_death_recipient = new HdmiCecDeathRecipient();
+ ASSERT_NE(hdmiCec_death_recipient, nullptr);
+ ASSERT_TRUE(hdmiCec->linkToDeath(hdmiCec_death_recipient, 0).isOk());
+ }
+
+ std::vector<int> getDeviceTypes() {
+ std::vector<int> deviceTypes;
+ FILE* p = popen("getprop ro.hdmi.device_type", "re");
+ if (p) {
+ char* line = NULL;
+ size_t len = 0;
+ if (getline(&line, &len, p) > 0) {
+ std::istringstream stream(line);
+ std::string number{};
+ while (std::getline(stream, number, ',')) {
+ deviceTypes.push_back(stoi(number));
+ }
+ }
+ pclose(p);
+ }
+ return deviceTypes;
+ }
+
+ bool hasDeviceType(CecDeviceType type) {
+ std::vector<int> deviceTypes = getDeviceTypes();
+ for (auto deviceType = deviceTypes.begin(); deviceType != deviceTypes.end(); ++deviceType) {
+ if (*deviceType == (int)type) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ class HdmiCecDeathRecipient : public hidl_death_recipient {
+ public:
+ void serviceDied(uint64_t /*cookie*/,
+ const android::wp<::android::hidl::base::V1_0::IBase>& /*who*/) override {
+ FAIL();
+ }
+ };
+
+ sp<IHdmiCec> hdmiCec;
+ sp<HdmiCecDeathRecipient> hdmiCec_death_recipient;
+};
+
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(HdmiCecTest);
+INSTANTIATE_TEST_SUITE_P(
+ PerInstance, HdmiCecTest,
+ testing::ValuesIn(android::hardware::getAllHalInstanceNames(IHdmiCec::descriptor)),
+ android::hardware::PrintInstanceNameToString);
+
+TEST_P(HdmiCecTest, ClearAddLogicalAddress) {
+ hdmiCec->clearLogicalAddress();
+ Return<Result> ret = hdmiCec->addLogicalAddress(CecLogicalAddress::PLAYBACK_3);
+ EXPECT_EQ(ret, Result::SUCCESS);
+}
+
+TEST_P(HdmiCecTest, PhysicalAddress) {
+ Result result;
+ uint16_t addr;
+ Return<void> ret = hdmiCec->getPhysicalAddress([&result, &addr](Result res, uint16_t paddr) {
+ result = res;
+ addr = paddr;
+ });
+ EXPECT_TRUE(ret.isOk());
+ EXPECT_EQ(result, Result::SUCCESS);
+ if (!hasDeviceType(CecDeviceType::TV)) {
+ EXPECT_NE(addr, TV_PHYSICAL_ADDRESS);
+ }
+}
+
+TEST_P(HdmiCecTest, SendMessage) {
+ CecMessage message;
+ message.initiator = CecLogicalAddress::PLAYBACK_1;
+ message.destination = CecLogicalAddress::BROADCAST;
+ message.body.resize(1);
+ message.body[0] = 131;
+ SendMessageResult ret = hdmiCec->sendMessage(message);
+ EXPECT_EQ(ret, SendMessageResult::SUCCESS);
+}
+
+TEST_P(HdmiCecTest, CecVersion) {
+ Return<int32_t> ret = hdmiCec->getCecVersion();
+ EXPECT_GE(ret, CEC_VERSION);
+}
+
+TEST_P(HdmiCecTest, VendorId) {
+ Return<uint32_t> ret = hdmiCec->getVendorId();
+ EXPECT_NE(ret, INCORRECT_VENDOR_ID);
+}
+
+TEST_P(HdmiCecTest, GetPortInfo) {
+ hidl_vec<HdmiPortInfo> ports;
+ Return<void> ret =
+ hdmiCec->getPortInfo([&ports](hidl_vec<HdmiPortInfo> list) { ports = list; });
+ EXPECT_TRUE(ret.isOk());
+ bool cecSupportedOnDevice = false;
+ for (size_t i = 0; i < ports.size(); ++i) {
+ EXPECT_TRUE((ports[i].type == HdmiPortType::OUTPUT) ||
+ (ports[i].type == HdmiPortType::INPUT));
+ if (ports[i].portId == 0) {
+ ALOGW("%s: Port id should start from 1", __func__);
+ }
+ cecSupportedOnDevice = cecSupportedOnDevice | ports[i].cecSupported;
+ }
+ EXPECT_NE(cecSupportedOnDevice, false) << "At least one port should support CEC";
+}
+
+TEST_P(HdmiCecTest, SetOption) {
+ Return<void> ret;
+ ret = hdmiCec->setOption(OptionKey::WAKEUP, false);
+ EXPECT_TRUE(ret.isOk());
+ ret = hdmiCec->setOption(OptionKey::ENABLE_CEC, false);
+ EXPECT_TRUE(ret.isOk());
+ ret = hdmiCec->setOption(OptionKey::SYSTEM_CEC_CONTROL, true);
+ EXPECT_TRUE(ret.isOk());
+ // Restore option keys to their default values
+ ret = hdmiCec->setOption(OptionKey::WAKEUP, true);
+ EXPECT_TRUE(ret.isOk());
+ ret = hdmiCec->setOption(OptionKey::ENABLE_CEC, true);
+ EXPECT_TRUE(ret.isOk());
+ ret = hdmiCec->setOption(OptionKey::SYSTEM_CEC_CONTROL, false);
+ EXPECT_TRUE(ret.isOk());
+}
+
+TEST_P(HdmiCecTest, SetLanguage) {
+ Return<void> ret = hdmiCec->setLanguage("eng");
+ EXPECT_TRUE(ret.isOk());
+}
+
+TEST_P(HdmiCecTest, EnableAudioReturnChannel) {
+ hidl_vec<HdmiPortInfo> ports;
+ Return<void> ret =
+ hdmiCec->getPortInfo([&ports](hidl_vec<HdmiPortInfo> list) { ports = list; });
+ EXPECT_TRUE(ret.isOk());
+ for (size_t i = 0; i < ports.size(); ++i) {
+ if (ports[i].arcSupported) {
+ ret = hdmiCec->enableAudioReturnChannel(ports[i].portId, true);
+ EXPECT_TRUE(ret.isOk());
+ }
+ }
+}
+
+TEST_P(HdmiCecTest, IsConnected) {
+ hidl_vec<HdmiPortInfo> ports;
+ Return<void> ret =
+ hdmiCec->getPortInfo([&ports](hidl_vec<HdmiPortInfo> list) { ports = list; });
+ EXPECT_TRUE(ret.isOk());
+ for (size_t i = 0; i < ports.size(); ++i) {
+ Return<bool> ret = hdmiCec->isConnected(ports[i].portId);
+ EXPECT_TRUE(ret.isOk());
+ }
+}
diff --git a/tv/cec/1.0/vts/functional/setup.png b/tv/cec/1.0/vts/functional/setup.png
new file mode 100644
index 0000000..a64b86c
--- /dev/null
+++ b/tv/cec/1.0/vts/functional/setup.png
Binary files differ
diff --git a/tv/cec/1.1/vts/functional/VtsHalTvCecV1_1TargetTest.cpp b/tv/cec/1.1/vts/functional/VtsHalTvCecV1_1TargetTest.cpp
index 1eb4643..c5b4b2f 100644
--- a/tv/cec/1.1/vts/functional/VtsHalTvCecV1_1TargetTest.cpp
+++ b/tv/cec/1.1/vts/functional/VtsHalTvCecV1_1TargetTest.cpp
@@ -46,6 +46,7 @@
#define CEC_VERSION 0x05
#define INCORRECT_VENDOR_ID 0x00
+#define TV_PHYSICAL_ADDRESS 0x0000
// The main test class for TV CEC HAL.
class HdmiCecTest : public ::testing::TestWithParam<std::string> {
@@ -126,6 +127,19 @@
EXPECT_EQ(ret, Result::SUCCESS);
}
+TEST_P(HdmiCecTest, PhysicalAddress) {
+ Result result;
+ uint16_t addr;
+ Return<void> ret = hdmiCec->getPhysicalAddress([&result, &addr](Result res, uint16_t paddr) {
+ result = res;
+ addr = paddr;
+ });
+ EXPECT_EQ(result, Result::SUCCESS);
+ if (!hasDeviceType(CecDeviceType::TV)) {
+ EXPECT_NE(addr, TV_PHYSICAL_ADDRESS);
+ }
+}
+
TEST_P(HdmiCecTest, SendMessage) {
CecMessage message;
message.initiator = CecLogicalAddress::PLAYBACK_1;
@@ -196,4 +210,14 @@
ASSERT_TRUE(ret.isOk());
}
}
-}
\ No newline at end of file
+}
+
+TEST_P(HdmiCecTest, IsConnected) {
+ hidl_vec<HdmiPortInfo> ports;
+ Return<void> ret =
+ hdmiCec->getPortInfo([&ports](hidl_vec<HdmiPortInfo> list) { ports = list; });
+ for (size_t i = 0; i < ports.size(); ++i) {
+ Return<bool> ret = hdmiCec->isConnected(ports[i].portId);
+ EXPECT_TRUE(ret.isOk());
+ }
+}
