Gitiles
Code Review Sign In
review.coreboot.org / coreboot / 2751d2922f7c87a6acf901a0008ac131bf7245db / . / tests / lib / cbfs-verification-test.c
blob: b1a39bcaacb9a326ab0e54f893571055d57301e3 [file] [log] [blame]
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]1/* SPDX-License-Identifier: GPL-2.0-only */
2
3#include <cbfs.h>
Julius Werner9f376472021-08-11 18:20:11 -0700[diff] [blame]4#include <commonlib/bsd/cbfs_private.h>
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]5#include <commonlib/region.h>
6#include <string.h>
7#include <tests/lib/cbfs_util.h>
8#include <tests/test.h>
9
10
11/* Mocks */
12
13static struct cbfs_boot_device cbd;
14
15const struct cbfs_boot_device *cbfs_get_boot_device(bool force_ro)
16{
17 check_expected(force_ro);
18 return &cbd;
19}
20
21size_t vb2_digest_size(enum vb2_hash_algorithm hash_alg)
22{
23 if (hash_alg != VB2_HASH_SHA256) {
24 fail_msg("Unsupported hash algorithm: %d\n", hash_alg);
25 return 0;
26 }
27
28 return VB2_SHA256_DIGEST_SIZE;
29}
30
Julius Wernerd96ca242022-08-08 18:08:35 -0700[diff] [blame]31vb2_error_t vb2_hash_verify(bool allow_hwcrypto, const void *buf, uint32_t size,
32 const struct vb2_hash *hash)
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]33{
Julius Wernerd96ca242022-08-08 18:08:35 -0700[diff] [blame]34 assert_true(allow_hwcrypto);
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]35 check_expected_ptr(buf);
36 check_expected(size);
37 assert_int_equal(hash->algo, VB2_HASH_SHA256);
38
39 if (!memcmp(hash->sha256, good_hash, sizeof(good_hash)))
40 return VB2_SUCCESS;
41
42 if (!memcmp(hash->sha256, bad_hash, sizeof(bad_hash)))
43 return VB2_ERROR_SHA_MISMATCH;
44
45 fail_msg("%s called with bad hash", __func__);
46 return VB2_ERROR_SHA_MISMATCH;
47}
48
49size_t ulzman(const void *src, size_t srcn, void *dst, size_t dstn)
50{
51 fail_msg("Unexpected call to %s", __func__);
52 return 0;
53}
54
55size_t ulz4fn(const void *src, size_t srcn, void *dst, size_t dstn)
56{
57 fail_msg("Unexpected call to %s", __func__);
58 return 0;
59}
60
Julius Wernerd96ca242022-08-08 18:08:35 -0700[diff] [blame]61vb2_error_t vb2_digest_init(struct vb2_digest_context *dc, bool allow_hwcrypto,
62 enum vb2_hash_algorithm hash_alg, uint32_t data_size)
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]63{
64 if (hash_alg != VB2_HASH_SHA256) {
65 fail_msg("Unsupported hash algorithm: %d\n", hash_alg);
66 return VB2_ERROR_SHA_INIT_ALGORITHM;
67 }
68
69 return VB2_SUCCESS;
70}
71
72vb2_error_t vb2_digest_extend(struct vb2_digest_context *dc, const uint8_t *buf, uint32_t size)
73{
74 check_expected(buf);
75 check_expected(size);
76 return VB2_SUCCESS;
77}
78
79vb2_error_t vb2_digest_finalize(struct vb2_digest_context *dc, uint8_t *digest, uint32_t size)
80{
81 memcpy(digest, mock_ptr_type(void *), size);
82 return VB2_SUCCESS;
83}
84
85/* Original function alias created by test framework. Used for call wrapping in mock below. */
Julius Werner69cc5572022-03-04 17:49:56 -0800[diff] [blame]86enum cb_err __real_cbfs_lookup(cbfs_dev_t dev, const char *name, union cbfs_mdata *mdata_out,
87 size_t *data_offset_out, struct vb2_hash *metadata_hash);
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]88
Julius Werner69cc5572022-03-04 17:49:56 -0800[diff] [blame]89enum cb_err cbfs_lookup(cbfs_dev_t dev, const char *name, union cbfs_mdata *mdata_out,
90 size_t *data_offset_out, struct vb2_hash *metadata_hash)
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]91{
Julius Werner69cc5572022-03-04 17:49:56 -0800[diff] [blame]92 const enum cb_err err =
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]93 __real_cbfs_lookup(dev, name, mdata_out, data_offset_out, metadata_hash);
Julius Werner69cc5572022-03-04 17:49:56 -0800[diff] [blame]94 assert_int_equal(mock_type(enum cb_err), err);
Jakub Czapiga6f3fd632021-07-22 08:52:46 +0200[diff] [blame]95 return err;
96}
97
98/* Tests */
99
100static int setup_test_cbfs(void **state)
101{
102 memset(&cbd, 0, sizeof(cbd));
103 return 0;
104}
105
106static void test_cbfs_map_no_hash(void **state)
107{
108 void *mapping = NULL;
109 assert_int_equal(0, rdev_chain_mem(&cbd.rdev, &file_no_hash, sizeof(file_no_hash)));
110
111 if (CONFIG(CBFS_VERIFICATION)) {
112 /* File with no hash. No hash causes hash mismatch by default,
113 so mapping will not be completed successfully. */
114 expect_value(cbfs_get_boot_device, force_ro, false);
115 will_return(cbfs_lookup, CB_SUCCESS);
116 mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
117 assert_null(mapping);
118 } else {
119 expect_value(cbfs_get_boot_device, force_ro, false);
120 will_return(cbfs_lookup, CB_SUCCESS);
121 mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
122 assert_ptr_equal(mapping, file_no_hash.attrs_and_data);
123 }
124}
125
126static void test_cbfs_map_valid_hash(void **state)
127{
128 void *mapping = NULL;
129 assert_int_equal(0,
130 rdev_chain_mem(&cbd.rdev, &file_valid_hash, sizeof(file_valid_hash)));
131
132 if (CONFIG(CBFS_VERIFICATION)) {
133 expect_value(cbfs_get_boot_device, force_ro, false);
134 expect_value(vb2_hash_verify, buf,
135 &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]);
136 expect_value(vb2_hash_verify, size, TEST_DATA_1_SIZE);
137 will_return(cbfs_lookup, CB_SUCCESS);
138 mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
139 assert_ptr_equal(mapping, &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]);
140 } else {
141 expect_value(cbfs_get_boot_device, force_ro, false);
142 will_return(cbfs_lookup, CB_SUCCESS);
143 mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
144 assert_ptr_equal(mapping, &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]);
145 }
146}
147
148static void test_cbfs_map_invalid_hash(void **state)
149{
150 void *mapping = NULL;
151 assert_int_equal(
152 0, rdev_chain_mem(&cbd.rdev, &file_broken_hash, sizeof(file_broken_hash)));
153
154 if (CONFIG(CBFS_VERIFICATION)) {
155 expect_value(cbfs_get_boot_device, force_ro, false);
156 expect_value(vb2_hash_verify, buf,
157 &file_broken_hash.attrs_and_data[HASH_ATTR_SIZE]);
158 expect_value(vb2_hash_verify, size, TEST_DATA_1_SIZE);
159 will_return(cbfs_lookup, CB_SUCCESS);
160 mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
161 assert_null(mapping);
162 } else {
163 expect_value(cbfs_get_boot_device, force_ro, false);
164 will_return(cbfs_lookup, CB_SUCCESS);
165 mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL);
166 assert_ptr_equal(mapping, &file_broken_hash.attrs_and_data[HASH_ATTR_SIZE]);
167 }
168}
169
170void test_init_boot_device_verify(void **state)
171{
172 struct vb2_hash hash = {.algo = VB2_HASH_SHA256};
173 const uint8_t hash_value[VB2_SHA256_DIGEST_SIZE] = {0};
174 memset(&cbd, 0, sizeof(cbd));
175 assert_int_equal(0,
176 rdev_chain_mem(&cbd.rdev, &file_valid_hash, sizeof(file_valid_hash)));
177
178 if (CONFIG(CBFS_VERIFICATION)) {
179 expect_memory(vb2_digest_extend, buf, &file_valid_hash,
180 be32_to_cpu(file_valid_hash.header.offset));
181 expect_value(vb2_digest_extend, size,
182 be32_to_cpu(file_valid_hash.header.offset));
183 will_return(vb2_digest_finalize, hash_value);
184 }
185
186 assert_int_equal(CB_SUCCESS, cbfs_init_boot_device(&cbd, &hash));
187}
188
189int main(void)
190{
191 const struct CMUnitTest tests[] = {
192 cmocka_unit_test_setup(test_cbfs_map_no_hash, setup_test_cbfs),
193 cmocka_unit_test_setup(test_cbfs_map_valid_hash, setup_test_cbfs),
194 cmocka_unit_test_setup(test_cbfs_map_invalid_hash, setup_test_cbfs),
195
196 cmocka_unit_test(test_init_boot_device_verify),
197 };
198
199 return cb_run_group_tests(tests, NULL, NULL);
200}