ADD_DEFINITIONS(${SYS_FRAMEWORK_TEST_OTHER_CFLAGS})
+OPTION("TZ_BACKEND" OFF)
+IF(TZ_BACKEND)
+ ADD_DEFINITIONS("-DTZ_BACKEND")
+ENDIF(TZ_BACKEND)
+
include(framework/config.cmake)
SET(DPL_FRAMEWORK_TEST_LIBRARY "dpl-test-framework")
/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2015 - 2020 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* @version 1.0
*/
#include <dpl/test/test_runner.h>
+#include <ckm_helpers.h>
int main (int argc, char *argv[]) {
- return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+ int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+
+ detectCkmBugTrustzoneLeak();
+
+ return exitCode;
}
-# Copyright (c) 2013-2019 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2013-2020 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
ADD_DEFINITIONS("-DCKM_TEST_DIR=\"${CKM_TEST_DIR}\"")
ADD_DEFINITIONS("-DCKM_RW_DATA_DIR=\"${CKM_RW_DATA_DIR}\"")
-OPTION("TZ_BACKEND" OFF)
-IF(TZ_BACKEND)
- ADD_DEFINITIONS("-DTZ_BACKEND")
-ENDIF(TZ_BACKEND)
-
-OPTION("TZ_BACKEND" OFF)
-IF(TZ_BACKEND)
- ADD_DEFINITIONS("-DTZ_BACKEND")
-ENDIF(TZ_BACKEND)
PKG_CHECK_MODULES(CKM_TEST_COMMON_DEP
REQUIRED
#include <scoped-app-context.h>
#include <ckm-common.h>
#include <ckm-privileged-common.h>
+#include <ckm_helpers.h>
#include <ckm/ckm-manager.h>
#include <ckm/ckm-control.h>
std::cerr << argv[0] << " should be executed as root. Aborting" << std::endl;
return -1;
}
- return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+ int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+
+ detectCkmBugTrustzoneLeak();
+
+ return exitCode;
}
#include <tests_common.h>
#include <test-certs.h>
+#include <ckm_helpers.h>
#include <ckm-common.h>
#include <ckm/ckm-manager.h>
return -1;
}
- return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+ int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+
+ detectCkmBugTrustzoneLeak();
+
+ return exitCode;
}
cynara-creds-sd-bus
security-manager
security-privilege-manager
+ key-manager
REQUIRED
)
${PROJECT_SOURCE_DIR}/src/common/tzplatform.cpp
${PROJECT_SOURCE_DIR}/src/common/privilege_manager.cpp
${PROJECT_SOURCE_DIR}/src/common/scoped_process_label.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/ckm_helpers.cpp
)
#system and local includes
--- /dev/null
+/*
+ * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file ckm_helpers.cpp
+ * @author Mateusz Cegielka (m.cegielka@samsung.com)
+ * @version 1.0
+ * @brief Utilities common to ckm and ckm-integration tests
+ */
+
+#include <ckm_helpers.h>
+
+#include <iostream>
+
+#include <ckmc/ckmc-manager.h>
+
+void detectCkmBugTrustzoneLeak()
+{
+#ifdef TZ_BACKEND
+ const char* alias = "detect-bug-trustzone-leak";
+ unsigned char data[] = {0};
+
+ ckmc_raw_buffer_s buffer;
+ buffer.data = data;
+ buffer.size = sizeof(data) / sizeof(data[0]);
+ ckmc_policy_s policy;
+ policy.password = nullptr;
+ policy.extractable = true;
+
+ int ret = ckmc_save_data(alias, buffer, policy);
+ ckmc_remove_alias(alias);
+
+ if (ret == CKMC_ERROR_SERVER_ERROR) {
+ std::cerr << "\x1B[1;33m"
+ "### Warning #############################################################\n"
+ "# TrustZone may have ran out of memory due to running CKM tests #\n"
+ "# multiple times. This happens because ckmc_remove_user_data is not #\n"
+ "# able to remove individual objects stored in TrustZone, as the user #\n"
+ "# database may be encrypted. If that happens, tests that use TrustZone #\n"
+ "# backend will start failing, and you will need to somehow restore #\n"
+ "# TrustZone and key-manager to an earlier state, before the memory was #\n"
+ "# exhausted. #\n"
+ "# #\n"
+ "# If you're working with a Tizen emulator and tef-simulator, there are #\n"
+ "# two ways to do this. The simpler way to do so are QEMU snapshots. You #\n"
+ "# should have access to `make snapshot-restore` and #\n"
+ "# `make snapshot-push` commands in the same directory where you run #\n"
+ "# `run.sh`, and a snapshot with a clean image is available by default. #\n"
+ "# The second, faster way to do this is to run `rm -r #\n"
+ "# /opt/usr/apps/ta_sdk/data/* /opt/data/ckm/{db*,key*,removed*} && #\n"
+ "# systemctl restart central-key-manager tef-simulator. #\n"
+ "#########################################################################\n"
+ "\x1B[0m\n";
+ }
+#endif
+}
--- /dev/null
+/*
+ * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file ckm_helpers.h
+ * @author Mateusz Cegielka (m.cegielka@samsung.com)
+ * @version 1.0
+ * @brief Utilities common to ckm and ckm-integration tests
+ */
+
+#pragma once
+
+void detectCkmBugTrustzoneLeak();
projects / platform / core / test / security-tests.git / commitdiff