diff options
author | Eran Messeri <eranm@google.com> | 2024-03-06 11:54:17 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2024-03-06 11:54:17 +0000 |
commit | 15a04c4d1f72870cdb5e722fe05f48ed8f8bcb3f (patch) | |
tree | 8ebd32ff51ae766302d7be66a1ec0ef2f60fa21f | |
parent | 972ca7c73e8f9a1c32ab5f508dcde438fec89f46 (diff) | |
parent | 3f6c8a250de737a3cc9571b047ff8a156c2b4754 (diff) | |
download | security-15a04c4d1f72870cdb5e722fe05f48ed8f8bcb3f.tar.gz |
Merge "Updated the logic to determine the VSR API level for device ID attestation tests." into main
-rw-r--r-- | keystore2/tests/keystore2_client_test_utils.rs | 42 |
1 files changed, 31 insertions, 11 deletions
diff --git a/keystore2/tests/keystore2_client_test_utils.rs b/keystore2/tests/keystore2_client_test_utils.rs index f270297c..7534da3a 100644 --- a/keystore2/tests/keystore2_client_test_utils.rs +++ b/keystore2/tests/keystore2_client_test_utils.rs @@ -95,14 +95,11 @@ pub fn skip_device_id_attest_tests() -> bool { // only system update and not vendor update, newly added attestation properties // (ro.product.*_for_attestation) reading logic would not be available for such devices // hence skipping this test for such scenario. - let api_level = std::str::from_utf8(&get_system_prop("ro.board.first_api_level")) - .unwrap() - .parse::<i32>() - .unwrap(); + // This file is only present on GSI builds. - let path_buf = PathBuf::from("/system/system_ext/etc/init/init.gsi.rc"); + let gsi_marker = PathBuf::from("/system/system_ext/etc/init/init.gsi.rc"); - api_level < 34 && path_buf.as_path().is_file() + get_vsr_api_level() < 34 && gsi_marker.as_path().is_file() } #[macro_export] @@ -514,15 +511,38 @@ pub fn get_system_prop(name: &str) -> Vec<u8> { } } +fn get_integer_system_prop(name: &str) -> Option<i32> { + let val = get_system_prop(name); + if val.is_empty() { + return None; + } + let val = std::str::from_utf8(&val).ok()?; + val.parse::<i32>().ok() +} + +pub fn get_vsr_api_level() -> i32 { + if let Some(api_level) = get_integer_system_prop("ro.vendor.api_level") { + return api_level; + } + + let vendor_api_level = get_integer_system_prop("ro.board.api_level") + .or_else(|| get_integer_system_prop("ro.board.first_api_level")); + let product_api_level = get_integer_system_prop("ro.product.first_api_level") + .or_else(|| get_integer_system_prop("ro.build.version.sdk")); + + match (vendor_api_level, product_api_level) { + (Some(v), Some(p)) => std::cmp::min(v, p), + (Some(v), None) => v, + (None, Some(p)) => p, + _ => panic!("Could not determine VSR API level"), + } +} + /// Determines whether the SECOND-IMEI can be used as device attest-id. pub fn is_second_imei_id_attestation_required( keystore2: &binder::Strong<dyn IKeystoreService>, ) -> bool { - let api_level = std::str::from_utf8(&get_system_prop("ro.vendor.api_level")) - .unwrap() - .parse::<i32>() - .unwrap(); - keystore2.getInterfaceVersion().unwrap() >= 3 && api_level > 33 + keystore2.getInterfaceVersion().unwrap() >= 3 && get_vsr_api_level() > 33 } /// Run a service command and collect the output. |