Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
| 2 | |
| 3 | #include <cbfs.h> |
Julius Werner | 9f37647 | 2021-08-11 18:20:11 -0700 | [diff] [blame] | 4 | #include <commonlib/bsd/cbfs_private.h> |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 5 | #include <commonlib/region.h> |
| 6 | #include <string.h> |
| 7 | #include <tests/lib/cbfs_util.h> |
| 8 | #include <tests/test.h> |
| 9 | |
| 10 | |
| 11 | /* Mocks */ |
| 12 | |
| 13 | static struct cbfs_boot_device cbd; |
| 14 | |
| 15 | const struct cbfs_boot_device *cbfs_get_boot_device(bool force_ro) |
| 16 | { |
| 17 | check_expected(force_ro); |
| 18 | return &cbd; |
| 19 | } |
| 20 | |
| 21 | size_t vb2_digest_size(enum vb2_hash_algorithm hash_alg) |
| 22 | { |
| 23 | if (hash_alg != VB2_HASH_SHA256) { |
| 24 | fail_msg("Unsupported hash algorithm: %d\n", hash_alg); |
| 25 | return 0; |
| 26 | } |
| 27 | |
| 28 | return VB2_SHA256_DIGEST_SIZE; |
| 29 | } |
| 30 | |
Julius Werner | d96ca24 | 2022-08-08 18:08:35 -0700 | [diff] [blame] | 31 | vb2_error_t vb2_hash_verify(bool allow_hwcrypto, const void *buf, uint32_t size, |
| 32 | const struct vb2_hash *hash) |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 33 | { |
Julius Werner | d96ca24 | 2022-08-08 18:08:35 -0700 | [diff] [blame] | 34 | assert_true(allow_hwcrypto); |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 35 | check_expected_ptr(buf); |
| 36 | check_expected(size); |
| 37 | assert_int_equal(hash->algo, VB2_HASH_SHA256); |
| 38 | |
| 39 | if (!memcmp(hash->sha256, good_hash, sizeof(good_hash))) |
| 40 | return VB2_SUCCESS; |
| 41 | |
| 42 | if (!memcmp(hash->sha256, bad_hash, sizeof(bad_hash))) |
| 43 | return VB2_ERROR_SHA_MISMATCH; |
| 44 | |
| 45 | fail_msg("%s called with bad hash", __func__); |
| 46 | return VB2_ERROR_SHA_MISMATCH; |
| 47 | } |
| 48 | |
| 49 | size_t ulzman(const void *src, size_t srcn, void *dst, size_t dstn) |
| 50 | { |
| 51 | fail_msg("Unexpected call to %s", __func__); |
| 52 | return 0; |
| 53 | } |
| 54 | |
| 55 | size_t ulz4fn(const void *src, size_t srcn, void *dst, size_t dstn) |
| 56 | { |
| 57 | fail_msg("Unexpected call to %s", __func__); |
| 58 | return 0; |
| 59 | } |
| 60 | |
Julius Werner | d96ca24 | 2022-08-08 18:08:35 -0700 | [diff] [blame] | 61 | vb2_error_t vb2_digest_init(struct vb2_digest_context *dc, bool allow_hwcrypto, |
| 62 | enum vb2_hash_algorithm hash_alg, uint32_t data_size) |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 63 | { |
| 64 | if (hash_alg != VB2_HASH_SHA256) { |
| 65 | fail_msg("Unsupported hash algorithm: %d\n", hash_alg); |
| 66 | return VB2_ERROR_SHA_INIT_ALGORITHM; |
| 67 | } |
| 68 | |
| 69 | return VB2_SUCCESS; |
| 70 | } |
| 71 | |
| 72 | vb2_error_t vb2_digest_extend(struct vb2_digest_context *dc, const uint8_t *buf, uint32_t size) |
| 73 | { |
| 74 | check_expected(buf); |
| 75 | check_expected(size); |
| 76 | return VB2_SUCCESS; |
| 77 | } |
| 78 | |
| 79 | vb2_error_t vb2_digest_finalize(struct vb2_digest_context *dc, uint8_t *digest, uint32_t size) |
| 80 | { |
| 81 | memcpy(digest, mock_ptr_type(void *), size); |
| 82 | return VB2_SUCCESS; |
| 83 | } |
| 84 | |
| 85 | /* Original function alias created by test framework. Used for call wrapping in mock below. */ |
Julius Werner | 69cc557 | 2022-03-04 17:49:56 -0800 | [diff] [blame] | 86 | enum cb_err __real_cbfs_lookup(cbfs_dev_t dev, const char *name, union cbfs_mdata *mdata_out, |
| 87 | size_t *data_offset_out, struct vb2_hash *metadata_hash); |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 88 | |
Julius Werner | 69cc557 | 2022-03-04 17:49:56 -0800 | [diff] [blame] | 89 | enum cb_err cbfs_lookup(cbfs_dev_t dev, const char *name, union cbfs_mdata *mdata_out, |
| 90 | size_t *data_offset_out, struct vb2_hash *metadata_hash) |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 91 | { |
Julius Werner | 69cc557 | 2022-03-04 17:49:56 -0800 | [diff] [blame] | 92 | const enum cb_err err = |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 93 | __real_cbfs_lookup(dev, name, mdata_out, data_offset_out, metadata_hash); |
Julius Werner | 69cc557 | 2022-03-04 17:49:56 -0800 | [diff] [blame] | 94 | assert_int_equal(mock_type(enum cb_err), err); |
Jakub Czapiga | 6f3fd63 | 2021-07-22 08:52:46 +0200 | [diff] [blame] | 95 | return err; |
| 96 | } |
| 97 | |
| 98 | /* Tests */ |
| 99 | |
| 100 | static int setup_test_cbfs(void **state) |
| 101 | { |
| 102 | memset(&cbd, 0, sizeof(cbd)); |
| 103 | return 0; |
| 104 | } |
| 105 | |
| 106 | static void test_cbfs_map_no_hash(void **state) |
| 107 | { |
| 108 | void *mapping = NULL; |
| 109 | assert_int_equal(0, rdev_chain_mem(&cbd.rdev, &file_no_hash, sizeof(file_no_hash))); |
| 110 | |
| 111 | if (CONFIG(CBFS_VERIFICATION)) { |
| 112 | /* File with no hash. No hash causes hash mismatch by default, |
| 113 | so mapping will not be completed successfully. */ |
| 114 | expect_value(cbfs_get_boot_device, force_ro, false); |
| 115 | will_return(cbfs_lookup, CB_SUCCESS); |
| 116 | mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL); |
| 117 | assert_null(mapping); |
| 118 | } else { |
| 119 | expect_value(cbfs_get_boot_device, force_ro, false); |
| 120 | will_return(cbfs_lookup, CB_SUCCESS); |
| 121 | mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL); |
| 122 | assert_ptr_equal(mapping, file_no_hash.attrs_and_data); |
| 123 | } |
| 124 | } |
| 125 | |
| 126 | static void test_cbfs_map_valid_hash(void **state) |
| 127 | { |
| 128 | void *mapping = NULL; |
| 129 | assert_int_equal(0, |
| 130 | rdev_chain_mem(&cbd.rdev, &file_valid_hash, sizeof(file_valid_hash))); |
| 131 | |
| 132 | if (CONFIG(CBFS_VERIFICATION)) { |
| 133 | expect_value(cbfs_get_boot_device, force_ro, false); |
| 134 | expect_value(vb2_hash_verify, buf, |
| 135 | &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]); |
| 136 | expect_value(vb2_hash_verify, size, TEST_DATA_1_SIZE); |
| 137 | will_return(cbfs_lookup, CB_SUCCESS); |
| 138 | mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL); |
| 139 | assert_ptr_equal(mapping, &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]); |
| 140 | } else { |
| 141 | expect_value(cbfs_get_boot_device, force_ro, false); |
| 142 | will_return(cbfs_lookup, CB_SUCCESS); |
| 143 | mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL); |
| 144 | assert_ptr_equal(mapping, &file_valid_hash.attrs_and_data[HASH_ATTR_SIZE]); |
| 145 | } |
| 146 | } |
| 147 | |
| 148 | static void test_cbfs_map_invalid_hash(void **state) |
| 149 | { |
| 150 | void *mapping = NULL; |
| 151 | assert_int_equal( |
| 152 | 0, rdev_chain_mem(&cbd.rdev, &file_broken_hash, sizeof(file_broken_hash))); |
| 153 | |
| 154 | if (CONFIG(CBFS_VERIFICATION)) { |
| 155 | expect_value(cbfs_get_boot_device, force_ro, false); |
| 156 | expect_value(vb2_hash_verify, buf, |
| 157 | &file_broken_hash.attrs_and_data[HASH_ATTR_SIZE]); |
| 158 | expect_value(vb2_hash_verify, size, TEST_DATA_1_SIZE); |
| 159 | will_return(cbfs_lookup, CB_SUCCESS); |
| 160 | mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL); |
| 161 | assert_null(mapping); |
| 162 | } else { |
| 163 | expect_value(cbfs_get_boot_device, force_ro, false); |
| 164 | will_return(cbfs_lookup, CB_SUCCESS); |
| 165 | mapping = cbfs_map(TEST_DATA_1_FILENAME, NULL); |
| 166 | assert_ptr_equal(mapping, &file_broken_hash.attrs_and_data[HASH_ATTR_SIZE]); |
| 167 | } |
| 168 | } |
| 169 | |
| 170 | void test_init_boot_device_verify(void **state) |
| 171 | { |
| 172 | struct vb2_hash hash = {.algo = VB2_HASH_SHA256}; |
| 173 | const uint8_t hash_value[VB2_SHA256_DIGEST_SIZE] = {0}; |
| 174 | memset(&cbd, 0, sizeof(cbd)); |
| 175 | assert_int_equal(0, |
| 176 | rdev_chain_mem(&cbd.rdev, &file_valid_hash, sizeof(file_valid_hash))); |
| 177 | |
| 178 | if (CONFIG(CBFS_VERIFICATION)) { |
| 179 | expect_memory(vb2_digest_extend, buf, &file_valid_hash, |
| 180 | be32_to_cpu(file_valid_hash.header.offset)); |
| 181 | expect_value(vb2_digest_extend, size, |
| 182 | be32_to_cpu(file_valid_hash.header.offset)); |
| 183 | will_return(vb2_digest_finalize, hash_value); |
| 184 | } |
| 185 | |
| 186 | assert_int_equal(CB_SUCCESS, cbfs_init_boot_device(&cbd, &hash)); |
| 187 | } |
| 188 | |
| 189 | int main(void) |
| 190 | { |
| 191 | const struct CMUnitTest tests[] = { |
| 192 | cmocka_unit_test_setup(test_cbfs_map_no_hash, setup_test_cbfs), |
| 193 | cmocka_unit_test_setup(test_cbfs_map_valid_hash, setup_test_cbfs), |
| 194 | cmocka_unit_test_setup(test_cbfs_map_invalid_hash, setup_test_cbfs), |
| 195 | |
| 196 | cmocka_unit_test(test_init_boot_device_verify), |
| 197 | }; |
| 198 | |
| 199 | return cb_run_group_tests(tests, NULL, NULL); |
| 200 | } |