blob: 8633f7e74e646ab065b0bf77cf4b21520cb5603e [file] [log] [blame]
Furquan Shaikhf2743602015-05-21 14:39:11 -07001/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Tests for vboot_api_kernel.c
6 */
7
8#include <stdint.h>
9#include <stdio.h>
10#include <stdlib.h>
11#include <string.h>
12
Randall Spangler13b10972016-10-14 11:04:27 -070013#include "2sysincludes.h"
14#include "2common.h"
15#include "2rsa.h"
Furquan Shaikhf2743602015-05-21 14:39:11 -070016#include "gbb_header.h"
17#include "host_common.h"
18#include "load_kernel_fw.h"
19#include "test_common.h"
Randall Spangler13b10972016-10-14 11:04:27 -070020#include "vb2_common.h"
Furquan Shaikhf2743602015-05-21 14:39:11 -070021#include "vboot_api.h"
22#include "vboot_common.h"
23#include "vboot_kernel.h"
24#include "vboot_nvstorage.h"
25#include "vboot_struct.h"
26
27/* Mock data */
28static VbCommonParams cparams;
29static VbSelectAndLoadKernelParams kparams;
30static uint8_t shared_data[VB_SHARED_DATA_MIN_SIZE];
31static VbSharedDataHeader *shared = (VbSharedDataHeader *)shared_data;
32static GoogleBinaryBlockHeader gbb;
33
34static uint8_t kernel_buffer[80000];
35static int key_block_verify_fail; /* 0=ok, 1=sig, 2=hash */
36static int preamble_verify_fail;
37static int verify_data_fail;
Randall Spangler13b10972016-10-14 11:04:27 -070038static int unpack_key_fail;
Furquan Shaikhf2743602015-05-21 14:39:11 -070039
40static VbNvContext vnc;
41static VbKeyBlockHeader kbh;
42static VbKernelPreambleHeader kph;
43
44static int hash_only_check;
45
46/**
47 * Reset mock data (for use before each test)
48 */
49static void ResetMocks(void)
50{
Randall Spangler664096b2016-10-13 16:16:41 -070051 memset(&cparams, 0, sizeof(cparams));
Furquan Shaikhf2743602015-05-21 14:39:11 -070052 cparams.shared_data_size = sizeof(shared_data);
53 cparams.shared_data_blob = shared_data;
54 cparams.gbb_data = &gbb;
55 cparams.gbb_size = sizeof(gbb);
56
Randall Spangler664096b2016-10-13 16:16:41 -070057 memset(&kparams, 0, sizeof(kparams));
Furquan Shaikhf2743602015-05-21 14:39:11 -070058
Randall Spangler664096b2016-10-13 16:16:41 -070059 memset(&gbb, 0, sizeof(gbb));
Furquan Shaikhf2743602015-05-21 14:39:11 -070060 gbb.major_version = GBB_MAJOR_VER;
61 gbb.minor_version = GBB_MINOR_VER;
62 gbb.flags = 0;
63
64 memset(&vnc, 0, sizeof(vnc));
65 VbNvSetup(&vnc);
66 VbNvTeardown(&vnc); /* So CRC gets generated */
67
68 memset(&shared_data, 0, sizeof(shared_data));
69 VbSharedDataInit(shared, sizeof(shared_data));
70
71 key_block_verify_fail = 0;
72 preamble_verify_fail = 0;
73 verify_data_fail = 0;
74
Furquan Shaikhf2743602015-05-21 14:39:11 -070075 memset(&kbh, 0, sizeof(kbh));
76 kbh.data_key.key_version = 2;
77 kbh.key_block_flags = -1;
78 kbh.key_block_size = sizeof(kbh);
79
80 memset(&kph, 0, sizeof(kph));
81 kph.kernel_version = 1;
82 kph.preamble_size = 4096 - kbh.key_block_size;
83 kph.body_signature.data_size = 70144;
84 kph.bootloader_address = 0xbeadd008;
85 kph.bootloader_size = 0x1234;
86
87 memcpy(kernel_buffer, &kbh, sizeof(kbh));
88 memcpy((kernel_buffer + kbh.key_block_size), &kph, sizeof(kph));
89
90 hash_only_check = -1;
91}
92
93static void copy_kbh(void)
94{
95 memcpy(kernel_buffer, &kbh, sizeof(kbh));
96}
97
98/* Mocks */
Randall Spangler13b10972016-10-14 11:04:27 -070099int vb2_unpack_key(struct vb2_public_key *key,
100 const uint8_t *buf,
101 uint32_t size)
102{
103 if (--unpack_key_fail == 0)
104 return VB2_ERROR_MOCK;
105
106 return VB2_SUCCESS;
107}
108
109int vb2_verify_keyblock(struct vb2_keyblock *block,
110 uint32_t size,
111 const struct vb2_public_key *key,
112 const struct vb2_workbuf *wb)
113{
114 hash_only_check = 0;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700115
116 if (key_block_verify_fail)
Randall Spangler13b10972016-10-14 11:04:27 -0700117 return VB2_ERROR_MOCK;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700118
119 /* Use this as an opportunity to override the key block */
120 memcpy((void *)block, &kbh, sizeof(kbh));
Randall Spangler13b10972016-10-14 11:04:27 -0700121 return VB2_SUCCESS;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700122}
123
Randall Spangler13b10972016-10-14 11:04:27 -0700124int vb2_verify_keyblock_hash(const struct vb2_keyblock *block,
125 uint32_t size,
126 const struct vb2_workbuf *wb)
Furquan Shaikhf2743602015-05-21 14:39:11 -0700127{
Randall Spangler13b10972016-10-14 11:04:27 -0700128 hash_only_check = 1;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700129
Randall Spangler13b10972016-10-14 11:04:27 -0700130 if (key_block_verify_fail)
131 return VB2_ERROR_MOCK;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700132
Randall Spangler13b10972016-10-14 11:04:27 -0700133 /* Use this as an opportunity to override the key block */
134 memcpy((void *)block, &kbh, sizeof(kbh));
135 return VB2_SUCCESS;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700136}
137
Randall Spangler13b10972016-10-14 11:04:27 -0700138int vb2_verify_kernel_preamble(struct vb2_kernel_preamble *preamble,
139 uint32_t size,
140 const struct vb2_public_key *key,
141 const struct vb2_workbuf *wb)
Furquan Shaikhf2743602015-05-21 14:39:11 -0700142{
143 if (preamble_verify_fail)
Randall Spangler13b10972016-10-14 11:04:27 -0700144 return VB2_ERROR_MOCK;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700145
146 /* Use this as an opportunity to override the preamble */
147 memcpy((void *)preamble, &kph, sizeof(kph));
Randall Spangler13b10972016-10-14 11:04:27 -0700148 return VB2_SUCCESS;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700149}
150
Randall Spangler13b10972016-10-14 11:04:27 -0700151int vb2_verify_data(const uint8_t *data,
152 uint32_t size,
153 struct vb2_signature *sig,
154 const struct vb2_public_key *key,
155 const struct vb2_workbuf *wb)
Furquan Shaikhf2743602015-05-21 14:39:11 -0700156{
157 if (verify_data_fail)
Randall Spangler13b10972016-10-14 11:04:27 -0700158 return VB2_ERROR_MOCK;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700159
Randall Spangler13b10972016-10-14 11:04:27 -0700160 return VB2_SUCCESS;
Furquan Shaikhf2743602015-05-21 14:39:11 -0700161}
162
Furquan Shaikh55484552015-10-28 13:01:27 -0700163VbError_t VbExNvStorageRead(uint8_t *buf)
164{
Randall Spangler664096b2016-10-13 16:16:41 -0700165 memcpy(buf, vnc.raw, sizeof(vnc.raw));
Furquan Shaikh55484552015-10-28 13:01:27 -0700166 return VBERROR_SUCCESS;
167}
168
Furquan Shaikhf2743602015-05-21 14:39:11 -0700169static void VerifyMemoryBootImageTest(void)
170{
171 uint32_t u;
172
173 int kernel_body_offset;
174 int kernel_body_size;
175 uintptr_t kernel_body_start;
176 size_t kernel_buffer_size = sizeof(kernel_buffer);
177
178 ResetMocks();
179
180 kernel_body_offset = kbh.key_block_size + kph.preamble_size;
181 kernel_body_size = sizeof(kernel_buffer) - kernel_body_offset;
182 kernel_body_start = (uintptr_t)kernel_buffer + kernel_body_offset;
183
184 u = VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
185 kernel_buffer_size);
186 TEST_EQ(u, 0, "Image good");
187 TEST_EQ(kparams.partition_number, 0, " part num");
188 TEST_EQ(kparams.bootloader_address, 0xbeadd008, " bootloader addr");
189 TEST_EQ(kparams.bootloader_size, 0x1234, " bootloader size");
190 TEST_PTR_EQ(kparams.kernel_buffer, (void *)(kernel_body_start),
191 " kernel buffer");
192 TEST_EQ(kparams.kernel_buffer_size, kernel_body_size,
193 " kernel buffer size");
194
195 /* Empty image buffer. */
196 ResetMocks();
197 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, NULL,
198 kernel_buffer_size),
199 VBERROR_INVALID_PARAMETER, "Empty image");
200
201 /* Illegal image size. */
202 ResetMocks();
203 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer, 0),
204 VBERROR_INVALID_PARAMETER, "Illegal image size");
205
206 /* Key Block Verification Failure */
207 ResetMocks();
208 key_block_verify_fail = 1;
209 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
210 kernel_buffer_size),
211 VBERROR_INVALID_KERNEL_FOUND, "Key verify failed");
212 TEST_EQ(hash_only_check, 0, " hash check");
213
214 /* Key Block Hash Failure */
215 ResetMocks();
216 shared->flags = VBSD_BOOT_DEV_SWITCH_ON;
217 gbb.flags = GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP;
218 key_block_verify_fail = 1;
219 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
220 kernel_buffer_size),
221 VBERROR_INVALID_KERNEL_FOUND, "Key verify failed");
222 TEST_EQ(hash_only_check, 1, " hash check");
223
Furquan Shaikh55484552015-10-28 13:01:27 -0700224 /* Key Block Hash Failure -- VBNV */
225 ResetMocks();
226 shared->flags = VBSD_BOOT_DEV_SWITCH_ON;
227 key_block_verify_fail = 1;
228 VbNvSet(&vnc, VBNV_DEV_BOOT_FASTBOOT_FULL_CAP, 1);
229 VbNvTeardown(&vnc);
230 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
231 kernel_buffer_size),
232 VBERROR_INVALID_KERNEL_FOUND, "Key verify failed");
233 TEST_EQ(hash_only_check, 1, " hash check -- VBNV flag");
234
Furquan Shaikhf2743602015-05-21 14:39:11 -0700235 /* Developer flag mismatch - dev switch on */
236 ResetMocks();
237 kbh.key_block_flags = KEY_BLOCK_FLAG_DEVELOPER_0 |
238 KEY_BLOCK_FLAG_RECOVERY_1;
239 copy_kbh();
240 shared->flags = VBSD_BOOT_DEV_SWITCH_ON;
241 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
242 kernel_buffer_size),
243 VBERROR_INVALID_KERNEL_FOUND,
244 "Developer flag mismatch - dev switch on");
245
246 /* Developer flag mismatch - dev switch on with GBB override */
247 ResetMocks();
248 kbh.key_block_flags = KEY_BLOCK_FLAG_DEVELOPER_0 |
249 KEY_BLOCK_FLAG_RECOVERY_1;
250 copy_kbh();
251 gbb.flags = GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP;
252 shared->flags = VBSD_BOOT_DEV_SWITCH_ON;
253 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
254 kernel_buffer_size),
255 VBERROR_SUCCESS,
256 "Developer flag mismatch - dev switch on(gbb override)");
257
258 /* Recovery flag mismatch - dev switch on with GBB override */
259 ResetMocks();
260 kbh.key_block_flags = KEY_BLOCK_FLAG_DEVELOPER_0 |
261 KEY_BLOCK_FLAG_RECOVERY_0;
262 copy_kbh();
263 shared->flags = VBSD_BOOT_DEV_SWITCH_ON;
264 gbb.flags = GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP;
265 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
266 kernel_buffer_size),
267 VBERROR_SUCCESS,
268 "Recovery flag mismatch - dev switch on(gbb override)");
269
270 /* Developer flag mismatch - dev switch off */
271 ResetMocks();
272 kbh.key_block_flags = KEY_BLOCK_FLAG_DEVELOPER_1 |
273 KEY_BLOCK_FLAG_RECOVERY_1;
274 copy_kbh();
275 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
276 kernel_buffer_size),
277 VBERROR_INVALID_KERNEL_FOUND,
278 "Developer flag mismatch - dev switch off");
279
280 /* Recovery flag mismatch */
281 ResetMocks();
282 kbh.key_block_flags = KEY_BLOCK_FLAG_DEVELOPER_0 |
283 KEY_BLOCK_FLAG_RECOVERY_0;
284 shared->flags = 0;
285 copy_kbh();
286 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
287 kernel_buffer_size),
288 VBERROR_INVALID_KERNEL_FOUND, "Recovery flag mismatch");
289
290 /* Preamble verification */
291 ResetMocks();
292 preamble_verify_fail = 1;
293 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
294 kernel_buffer_size),
295 VBERROR_INVALID_KERNEL_FOUND, "Preamble verification");
296
297 /* Data verification */
298 ResetMocks();
299 verify_data_fail = 1;
300 TEST_EQ(VbVerifyMemoryBootImage(&cparams, &kparams, kernel_buffer,
301 kernel_buffer_size),
302 VBERROR_INVALID_KERNEL_FOUND, "Data verification");
303}
304
305int main(void)
306{
307 VerifyMemoryBootImageTest();
308
Furquan Shaikhf2743602015-05-21 14:39:11 -0700309 return gTestSuccess ? 0 : 255;
310}