Blame - tests/kernel_rollback_tests.c - platform/external/vboot_reference

blob: c9563005d1f8fcc211f24e823f68762d9430effe [file] [log] [blame]

Gaurav Shah	a82bf26	2010-03-26 10:38:08 -0700	[diff] [blame^]	1	/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
				2	* Use of this source code is governed by a BSD-style license that can be
				3	* found in the LICENSE file.
				4	*
				5	* Tests for checking kernel rollback-prevention logic.
				6	*/
				7
				8	#include <stdio.h>
				9	#include <stdlib.h>
				10
				11	#include "file_keys.h"
				12	#include "kernel_image.h"
				13	#include "rsa_utility.h"
				14	#include "rollback_index.h"
				15	#include "test_common.h"
				16	#include "utility.h"
				17
				18	/* Tests that check for correctness of the VerifyFirmwareDriver_f() logic
				19	* and rollback prevention. */
				20	void VerifyKernelDriverTest(void) {
				21	uint64_t len;
				22	uint8_t* firmware_key_pub = BufferFromFile("testkeys/key_rsa1024.keyb",
				23	&len);
				24	/* Initialize kernel blobs, including their associated parition
				25	* table attributed. */
				26	kernel_entry valid_kernelA = {
				27	GenerateRollbackTestKernelBlob(1, 1, 0),
				28	15, /* Highest Priority. */
				29	5, /* Enough for tests. */
				30	0 /* Assume we haven't boot off it yet. */
				31	};
				32	kernel_entry corrupt_kernelA = {
				33	GenerateRollbackTestKernelBlob(1, 1, 1),
				34	15, /* Highest Priority. */
				35	5, /* Enough for tests. */
				36	0 /* Assume we haven't boot off it yet. */
				37	};
				38	kernel_entry valid_kernelB = {
				39	GenerateRollbackTestKernelBlob(1, 1, 0),
				40	1, /* Lower Priority. */
				41	5, /* Enough for tests. */
				42	0 /* Assume we haven't boot off it yet. */
				43	};
				44	kernel_entry corrupt_kernelB = {
				45	GenerateRollbackTestKernelBlob(1, 1, 1),
				46	1, /* Lower Priority. */
				47	5, /* Enough for tests. */
				48	0 /* Assume we haven't boot off it yet. */
				49	};
				50
				51	/* Initialize rollback index state. */
				52	g_kernel_key_version = 1;
				53	g_kernel_version = 1;
				54
				55	/* Note: This test just checks the rollback prevention mechanism and not
				56	* the full blown kernel boot logic. Updates to the kernel attributes
				57	* in the paritition table are not tested.
				58	*/
				59	fprintf(stderr, "Kernel A boot priority(15) > Kernel B boot priority(1)\n");
				60	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				61	&valid_kernelA, &valid_kernelB,
				62	DEV_MODE_DISABLED),
				63	BOOT_KERNEL_A_CONTINUE,
				64	"(Valid Kernel A (current version)\n"
				65	" Valid Kernel B (current version) runs A):");
				66	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				67	&corrupt_kernelA, &valid_kernelB,
				68	DEV_MODE_DISABLED),
				69	BOOT_KERNEL_B_CONTINUE,
				70	"(Corrupt Kernel A (current version)\n"
				71	" Valid Kernel B (current version) runs B):");
				72	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				73	&valid_kernelA, &corrupt_kernelB,
				74	DEV_MODE_DISABLED),
				75	BOOT_KERNEL_A_CONTINUE,
				76	"(Valid Kernel A (current version)\n"
				77	" Corrupt Kernel B (current version) runs A):");
				78	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				79	&corrupt_kernelA, &corrupt_kernelB,
				80	DEV_MODE_DISABLED),
				81	BOOT_KERNEL_RECOVERY_CONTINUE,
				82	"(Corrupt Kernel A (current version)\n"
				83	" Corrupt Kernel B (current version) runs Recovery):");
				84
				85	fprintf(stderr, "\nSwapping boot priorities...\n"
				86	"Kernel B boot priority(15) > Kernel A boot priority(1)\n");
				87	valid_kernelA.boot_priority = corrupt_kernelA.boot_priority = 1;
				88	valid_kernelB.boot_priority = corrupt_kernelB.boot_priority = 15;
				89	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				90	&valid_kernelA, &valid_kernelB,
				91	DEV_MODE_DISABLED),
				92	BOOT_KERNEL_B_CONTINUE,
				93	"(Valid Kernel A (current version)\n"
				94	" Valid Kernel B (current version) runs B):");
				95	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				96	&corrupt_kernelA, &valid_kernelB,
				97	DEV_MODE_DISABLED),
				98	BOOT_KERNEL_B_CONTINUE,
				99	"(Corrupt Kernel A (current version)\n"
				100	" Valid Kernel B (current version) runs B):");
				101	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				102	&valid_kernelA, &corrupt_kernelB,
				103	DEV_MODE_DISABLED),
				104	BOOT_KERNEL_A_CONTINUE,
				105	"(Valid Kernel A (current version)\n"
				106	" Corrupt Kernel B (current version) runs A):");
				107	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				108	&corrupt_kernelA, &corrupt_kernelB,
				109	DEV_MODE_DISABLED),
				110	BOOT_KERNEL_RECOVERY_CONTINUE,
				111	"(Corrupt Kernel A (current version)\n"
				112	" Corrupt Kernel B (current version) runs Recovery):");
				113
				114	fprintf(stderr, "\nUpdating stored version information. Obsoleting "
				115	"exiting kernel images.\n");
				116	g_kernel_key_version = 2;
				117	g_kernel_version = 2;
				118	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				119	&valid_kernelA, &valid_kernelB,
				120	DEV_MODE_DISABLED),
				121	BOOT_KERNEL_RECOVERY_CONTINUE,
				122	"(Valid Kernel A (old version)\n"
				123	" Valid Kernel B (old version) runs Recovery):");
				124
				125	fprintf(stderr, "\nGenerating updated Kernel A blob with "
				126	"new version.\n");
				127	Free(valid_kernelA.kernel_blob);
				128	valid_kernelA.kernel_blob = GenerateRollbackTestKernelBlob(3, 3, 0);
				129	TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
				130	&valid_kernelA, &valid_kernelB,
				131	DEV_MODE_DISABLED),
				132	BOOT_KERNEL_A_CONTINUE,
				133	"(Valid Kernel A (new version)\n"
				134	" Valid Kernel B (old version) runs A):");
				135
				136	Free(firmware_key_pub);
				137	Free(valid_kernelA.kernel_blob);
				138	Free(valid_kernelB.kernel_blob);
				139	Free(corrupt_kernelA.kernel_blob);
				140	Free(corrupt_kernelB.kernel_blob);
				141	}
				142
				143	int main(int argc, char* argv[]) {
				144	int error_code = 0;
				145	VerifyKernelDriverTest();
				146	if (!gTestSuccess)
				147	error_code = 255;
				148	return error_code;
				149	}