+/*
+ * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file ckm_helpers.cpp
+ * @author Mateusz Cegielka (m.cegielka@samsung.com)
+ * @version 1.0
+ * @brief Utilities common to ckm and ckm-integration tests
+ */
+
+#include <ckm_helpers.h>
+
+#include <iostream>
+
+#include <ckmc/ckmc-manager.h>
+
+void detectCkmBugTrustzoneLeak()
+{
+#ifdef TZ_BACKEND
+ const char* alias = "detect-bug-trustzone-leak";
+ unsigned char data[] = {0};
+
+ ckmc_raw_buffer_s buffer;
+ buffer.data = data;
+ buffer.size = sizeof(data) / sizeof(data[0]);
+ ckmc_policy_s policy;
+ policy.password = nullptr;
+ policy.extractable = true;
+
+ int ret = ckmc_save_data(alias, buffer, policy);
+ ckmc_remove_alias(alias);
+
+ if (ret == CKMC_ERROR_SERVER_ERROR) {
+ std::cerr << "\x1B[1;33m"
+ "### Warning #############################################################\n"
+ "# TrustZone may have ran out of memory due to running CKM tests #\n"
+ "# multiple times. This happens because ckmc_remove_user_data is not #\n"
+ "# able to remove individual objects stored in TrustZone, as the user #\n"
+ "# database may be encrypted. If that happens, tests that use TrustZone #\n"
+ "# backend will start failing, and you will need to somehow restore #\n"
+ "# TrustZone and key-manager to an earlier state, before the memory was #\n"
+ "# exhausted. #\n"
+ "# #\n"
+ "# If you're working with a Tizen emulator and tef-simulator, there are #\n"
+ "# two ways to do this. The simpler way to do so are QEMU snapshots. You #\n"
+ "# should have access to `make snapshot-restore` and #\n"
+ "# `make snapshot-push` commands in the same directory where you run #\n"
+ "# `run.sh`, and a snapshot with a clean image is available by default. #\n"
+ "# The second, faster way to do this is to run `rm -r #\n"
+ "# /opt/usr/apps/ta_sdk/data/* /opt/data/ckm/{db*,key*,removed*} && #\n"
+ "# systemctl restart central-key-manager tef-simulator. #\n"
+ "#########################################################################\n"
+ "\x1B[0m\n";
+ }
+#endif
+}