Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / ff9179099e2f43dfc040fb98db8b3073986d5578^1..ff9179099e2f43dfc040fb98db8b3073986d5578 / .
commitff9179099e2f43dfc040fb98db8b3073986d5578[log] [tgz]
authorAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Thu Dec 19 09:25:04 2019 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Thu Dec 19 09:25:04 2019 +0000
tree5391ddb74a36a8ccc3be243f7e7f65ebd341c524
parent2406c41f21888f0263a512f54e55c54b22af74e9 [diff]
parent051f044853a7e8a4d3d114a471fd9060218a9977 [diff]
Merge "Adding sanity check for VBMeta device state" am: 63cc8d12a5 am: 051f044853

Change-Id: Ied69a536dedf1f4a2d64af1d0680c0706435a994

diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index 35a2fb1..0b02554 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp

@@ -423,27 +423,33 @@
     EXPECT_EQ(ErrorCode::OK, error);
 
     if (avb_verification_enabled()) {
-        property_get("ro.boot.vbmeta.digest", property_value, "nogood");
-        EXPECT_NE(strcmp(property_value, "nogood"), 0);
+        EXPECT_NE(property_get("ro.boot.vbmeta.digest", property_value, ""), 0);
         string prop_string(property_value);
         EXPECT_EQ(prop_string.size(), 64);
         EXPECT_EQ(prop_string, bin2hex(verified_boot_hash));
 
-        property_get("ro.boot.vbmeta.device_state", property_value, "nogood");
-        EXPECT_NE(strcmp(property_value, "nogood"), 0);
+        EXPECT_NE(property_get("ro.boot.vbmeta.device_state", property_value, ""), 0);
         if (!strcmp(property_value, "unlocked")) {
             EXPECT_FALSE(device_locked);
         } else {
             EXPECT_TRUE(device_locked);
         }
+
+        // Check that the expected result from VBMeta matches the build type. Only a user build
+        // should have AVB reporting the device is locked.
+        EXPECT_NE(property_get("ro.build.type", property_value, ""), 0);
+        if (!strcmp(property_value, "user")) {
+            EXPECT_TRUE(device_locked);
+        } else {
+            EXPECT_FALSE(device_locked);
+        }
     }
 
     // Verified boot key should be all 0's if the boot state is not verified or self signed
     std::string empty_boot_key(32, '\0');
     std::string verified_boot_key_str((const char*)verified_boot_key.data(),
                                       verified_boot_key.size());
-    property_get("ro.boot.verifiedbootstate", property_value, "nogood");
-    EXPECT_NE(property_value, "nogood");
+    EXPECT_NE(property_get("ro.boot.verifiedbootstate", property_value, ""), 0);
     if (!strcmp(property_value, "green")) {
         EXPECT_EQ(verified_boot_state, KM_VERIFIED_BOOT_VERIFIED);
         EXPECT_NE(0, memcmp(verified_boot_key.data(), empty_boot_key.data(),