Grant VTS tests all permissions in keystore on userdebug/eng
Tests for bluetooth are being created. The test
is run as root and attempts various operations that directly
use the Keystore service. By default that test will not be
able to perform necessary actions such as creating keys for tests.
This change will enable the root user to perform all key
operations, but only on userdebug and eng builds.
Bug: 117993149
Test: Bluetooth tests pass
Change-Id: I7ac09562851a7dd8c275fd5606bbc99acb5f210e
Merged-In: Ic6eb5748e0e19b64a44c4bdf88a7074f7367db3d
diff --git a/keystore/Android.bp b/keystore/Android.bp
index 9ce00c2..8d095e1 100644
--- a/keystore/Android.bp
+++ b/keystore/Android.bp
@@ -76,6 +76,13 @@
pdk: {
enabled: false,
},
+ debuggable: {
+ cflags: [
+ // Allow VTS tests running as root to have
+ // additional permissions.
+ "-DGRANT_ROOT_ALL_PERMISSIONS",
+ ],
+ },
},
required: ["keystore_cli_v2"],
diff --git a/keystore/permissions.cpp b/keystore/permissions.cpp
index c86a02a..b297c59 100644
--- a/keystore/permissions.cpp
+++ b/keystore/permissions.cpp
@@ -69,7 +69,13 @@
{AID_VPN, static_cast<perm_t>(P_GET | P_SIGN | P_VERIFY)},
{AID_WIFI, static_cast<perm_t>(P_GET | P_SIGN | P_VERIFY)},
{AID_BLUETOOTH, static_cast<perm_t>(P_GET | P_INSERT | P_DELETE | P_EXIST | P_SIGN | P_VERIFY)},
+
+#ifdef GRANT_ROOT_ALL_PERMISSIONS
+ // Allow VTS tests running as root to perform all operations
+ {AID_ROOT, static_cast<perm_t>((uint32_t)(~0))},
+#else
{AID_ROOT, static_cast<perm_t>(P_GET)},
+#endif
};
static const perm_t DEFAULT_PERMS = static_cast<perm_t>(
