Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / vboot_reference / f3dd1a6784780b36736d2ddbd3b79b4f804906ea / . / tests / kernel_rollback_tests.c
blob: c821ee8e98907498d8f796b1739387878f50a23f [file] [log] [blame]
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]1/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Tests for checking kernel rollback-prevention logic.
6 */
7
8#include <stdio.h>
9#include <stdlib.h>
10
Gaurav Shah5411c7a2010-03-31 10:56:49 -0700[diff] [blame]11#include "cryptolib.h"
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]12#include "file_keys.h"
13#include "kernel_image.h"
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]14#include "rollback_index.h"
15#include "test_common.h"
16#include "utility.h"
17
Gaurav Shahe450be42010-03-29 21:27:08 -0700[diff] [blame]18const char* kFirmwareKeyPublicFile = "testkeys/key_rsa1024.keyb";
19
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]20/* Tests that check for correctness of the VerifyFirmwareDriver_f() logic
21 * and rollback prevention. */
22void VerifyKernelDriverTest(void) {
23 uint64_t len;
Gaurav Shahe450be42010-03-29 21:27:08 -0700[diff] [blame]24 uint8_t* firmware_key_pub = BufferFromFile(kFirmwareKeyPublicFile, &len);
25
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]26 /* Initialize kernel blobs, including their associated parition
27 * table attributed. */
28 kernel_entry valid_kernelA = {
29 GenerateRollbackTestKernelBlob(1, 1, 0),
30 15, /* Highest Priority. */
31 5, /* Enough for tests. */
32 0 /* Assume we haven't boot off it yet. */
33 };
34 kernel_entry corrupt_kernelA = {
35 GenerateRollbackTestKernelBlob(1, 1, 1),
36 15, /* Highest Priority. */
37 5, /* Enough for tests. */
38 0 /* Assume we haven't boot off it yet. */
39 };
40 kernel_entry valid_kernelB = {
41 GenerateRollbackTestKernelBlob(1, 1, 0),
42 1, /* Lower Priority. */
43 5, /* Enough for tests. */
44 0 /* Assume we haven't boot off it yet. */
45 };
46 kernel_entry corrupt_kernelB = {
47 GenerateRollbackTestKernelBlob(1, 1, 1),
48 1, /* Lower Priority. */
49 5, /* Enough for tests. */
50 0 /* Assume we haven't boot off it yet. */
51 };
52
53 /* Initialize rollback index state. */
54 g_kernel_key_version = 1;
55 g_kernel_version = 1;
56
57 /* Note: This test just checks the rollback prevention mechanism and not
58 * the full blown kernel boot logic. Updates to the kernel attributes
59 * in the paritition table are not tested.
60 */
Gaurav Shahf3dd1a62010-04-05 15:50:00 -0700[diff] [blame^]61 debug("Kernel A boot priority(15) > Kernel B boot priority(1)\n");
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]62 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
63 &valid_kernelA, &valid_kernelB,
64 DEV_MODE_DISABLED),
65 BOOT_KERNEL_A_CONTINUE,
66 "(Valid Kernel A (current version)\n"
67 " Valid Kernel B (current version) runs A):");
68 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
69 &corrupt_kernelA, &valid_kernelB,
70 DEV_MODE_DISABLED),
71 BOOT_KERNEL_B_CONTINUE,
72 "(Corrupt Kernel A (current version)\n"
73 " Valid Kernel B (current version) runs B):");
74 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
75 &valid_kernelA, &corrupt_kernelB,
76 DEV_MODE_DISABLED),
77 BOOT_KERNEL_A_CONTINUE,
78 "(Valid Kernel A (current version)\n"
79 " Corrupt Kernel B (current version) runs A):");
80 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
81 &corrupt_kernelA, &corrupt_kernelB,
82 DEV_MODE_DISABLED),
83 BOOT_KERNEL_RECOVERY_CONTINUE,
84 "(Corrupt Kernel A (current version)\n"
85 " Corrupt Kernel B (current version) runs Recovery):");
86
Gaurav Shahf3dd1a62010-04-05 15:50:00 -0700[diff] [blame^]87 debug("\nSwapping boot priorities...\n"
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]88 "Kernel B boot priority(15) > Kernel A boot priority(1)\n");
89 valid_kernelA.boot_priority = corrupt_kernelA.boot_priority = 1;
90 valid_kernelB.boot_priority = corrupt_kernelB.boot_priority = 15;
91 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
92 &valid_kernelA, &valid_kernelB,
93 DEV_MODE_DISABLED),
94 BOOT_KERNEL_B_CONTINUE,
95 "(Valid Kernel A (current version)\n"
96 " Valid Kernel B (current version) runs B):");
97 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
98 &corrupt_kernelA, &valid_kernelB,
99 DEV_MODE_DISABLED),
100 BOOT_KERNEL_B_CONTINUE,
101 "(Corrupt Kernel A (current version)\n"
102 " Valid Kernel B (current version) runs B):");
103 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
104 &valid_kernelA, &corrupt_kernelB,
105 DEV_MODE_DISABLED),
106 BOOT_KERNEL_A_CONTINUE,
107 "(Valid Kernel A (current version)\n"
108 " Corrupt Kernel B (current version) runs A):");
109 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
110 &corrupt_kernelA, &corrupt_kernelB,
111 DEV_MODE_DISABLED),
112 BOOT_KERNEL_RECOVERY_CONTINUE,
113 "(Corrupt Kernel A (current version)\n"
114 " Corrupt Kernel B (current version) runs Recovery):");
115
Gaurav Shahf3dd1a62010-04-05 15:50:00 -0700[diff] [blame^]116 debug("\nUpdating stored version information. Obsoleting "
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]117 "exiting kernel images.\n");
118 g_kernel_key_version = 2;
119 g_kernel_version = 2;
120 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
121 &valid_kernelA, &valid_kernelB,
122 DEV_MODE_DISABLED),
123 BOOT_KERNEL_RECOVERY_CONTINUE,
124 "(Valid Kernel A (old version)\n"
125 " Valid Kernel B (old version) runs Recovery):");
126
Gaurav Shahf3dd1a62010-04-05 15:50:00 -0700[diff] [blame^]127 debug("\nGenerating updated Kernel A blob with "
Gaurav Shaha82bf262010-03-26 10:38:08 -0700[diff] [blame]128 "new version.\n");
129 Free(valid_kernelA.kernel_blob);
130 valid_kernelA.kernel_blob = GenerateRollbackTestKernelBlob(3, 3, 0);
131 TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
132 &valid_kernelA, &valid_kernelB,
133 DEV_MODE_DISABLED),
134 BOOT_KERNEL_A_CONTINUE,
135 "(Valid Kernel A (new version)\n"
136 " Valid Kernel B (old version) runs A):");
137
138 Free(firmware_key_pub);
139 Free(valid_kernelA.kernel_blob);
140 Free(valid_kernelB.kernel_blob);
141 Free(corrupt_kernelA.kernel_blob);
142 Free(corrupt_kernelB.kernel_blob);
143}
144
145int main(int argc, char* argv[]) {
146 int error_code = 0;
147 VerifyKernelDriverTest();
148 if (!gTestSuccess)
149 error_code = 255;
150 return error_code;
151}