• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2 * Copyright (C) 2025 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 
17 //! # Integration tests for the trusty service_manager lib.
18 //!
19 //!
20 //! ## Test components
21 //!
22 //! ### ISMTestService
23 //! The AIDL definition for the test service we use in this test suite.
24 //!
25 //! ### service_manager_test_service
26 //! This is a trusty user space app that implements ISMTestService.
27 //! It exposes "com.android.trusty.test_service.ISMTestService/direct" which, allows direct
28 //! access to the test service.
29 //!
30 //! ### fake_accessor
31 //! This is a trusty user space app that implements a binder ITrustyAccessor interface that returns
32 //! a pre-connected fd to the service_manager_test_service. It exposes this accessor implementation
33 //! on "com.android.trusty.test_service.ISMTestService/through_accessor".
34 //!
35 //! fake_accessor also exposes "com.android.trusty.test_service.ISMTestService/expect_mismatch" that
36 //! intentionally has a different instance name than the port on which it is served. This allows us
37 //! to cover this error condition in our integration tests.
38 //!
39 
40 #[cfg(test)]
41 mod tests {
42     use service_manager::*;
43     use service_manager_test_service::binder;
44     use service_manager_test_service::aidl::com::android::trusty::test_service::ISMTestService::ISMTestService;
45     use android_hardware_security_see_storage::aidl::android::hardware::security::see::storage::ISecureStorage::ISecureStorage;
46     use test::{expect, expect_eq};
47 
48     test::init!();
49 
50     #[test]
test_wait_for_interface_direct()51     fn test_wait_for_interface_direct() {
52         let test_service: Result<binder::Strong<dyn ISMTestService>, binder::StatusCode> =
53             wait_for_interface("com.android.trusty.test_service.ISMTestService/direct");
54         expect!(test_service.is_ok());
55         expect!(test_service.unwrap().hello().is_ok());
56     }
57 
58     #[test]
test_wait_for_interface_through_accessor()59     fn test_wait_for_interface_through_accessor() {
60         let test_service: Result<binder::Strong<dyn ISMTestService>, binder::StatusCode> =
61             wait_for_interface("com.android.trusty.test_service.ISMTestService/accessor");
62         expect!(test_service.is_ok());
63         expect!(test_service.unwrap().hello().is_ok());
64     }
65 
66     #[test]
test_accessor_mismatch()67     fn test_accessor_mismatch() {
68         let test_service: Result<binder::Strong<dyn ISMTestService>, binder::StatusCode> =
69             wait_for_interface("com.android.trusty.test_service.ISMTestService/mismatch");
70         expect_eq!(test_service, Err(binder::StatusCode::NAME_NOT_FOUND));
71     }
72 
73     #[test]
test_connection_failure()74     fn test_connection_failure() {
75         // tipc::Handle::connect will block forever on a non-existent port so a good way to
76         // get a connection failure is to connect to a real port that we don't have permissions for.
77         let test_service: Result<binder::Strong<dyn ISMTestService>, binder::StatusCode> =
78             wait_for_interface("com.android.trusty.test_service.ISMTestService/eperm");
79 
80         expect_eq!(test_service, Err(binder::StatusCode::PERMISSION_DENIED));
81     }
82 
83     #[test]
test_wrong_direct_interface_requested()84     fn test_wrong_direct_interface_requested() {
85         let test_service: Result<binder::Strong<dyn ISecureStorage>, binder::StatusCode> =
86             wait_for_interface("com.android.trusty.test_service.ISMTestService/direct");
87         expect_eq!(test_service, Err(binder::StatusCode::BAD_TYPE));
88     }
89 
90     #[test]
test_wrong_interface_requested_through_accessor()91     fn test_wrong_interface_requested_through_accessor() {
92         let test_service: Result<binder::Strong<dyn ISecureStorage>, binder::StatusCode> =
93             wait_for_interface("com.android.trusty.test_service.ISMTestService/accessor");
94         expect_eq!(test_service, Err(binder::StatusCode::BAD_TYPE));
95     }
96 
97     #[test]
test_service_name_to_trusty_port_under_max()98     fn test_service_name_to_trusty_port_under_max() {
99         expect_eq!(
100             service_name_to_trusty_port("foo.bar.ok.IShortService/default"),
101             Ok("foo.bar.ok.IShortService/default.bnd".to_owned())
102         )
103     }
104 
105     #[test]
test_service_name_to_trusty_port_too_long_known_prefix()106     fn test_service_name_to_trusty_port_too_long_known_prefix() {
107         expect_eq!(
108             service_name_to_trusty_port(
109                 "android.hardware.security.see.authmgr.IAuthMgrAuthorization/default"
110             ),
111             Ok("ahss.authmgr.IAuthMgrAuthorization/default.bnd".to_owned()),
112         )
113     }
114 
115     #[test]
test_service_name_to_trusty_port_too_long_invalid()116     fn test_service_name_to_trusty_port_too_long_invalid() {
117         expect_eq!(
118             service_name_to_trusty_port(
119                 "unknown.prefix.so.we.dont.handle.it.for.now.ILongServiceName/default"
120             ),
121             Err(binder::StatusCode::BAD_VALUE),
122         )
123     }
124 }
125