blob: 2156e91940200f66736dda6f5cf5b9e83491fc26 [file] [log] [blame]
Randall Spangler18030682014-06-11 16:01:08 -07001/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Tests for misc library
6 */
7
8#include <stdio.h>
9
10#include "2sysincludes.h"
11#include "2api.h"
12#include "2common.h"
13#include "2misc.h"
14#include "2nvstorage.h"
Vadim Bendeburyc1a96b02015-04-07 17:07:33 -070015#include "2rsa.h"
Randall Spangler18030682014-06-11 16:01:08 -070016#include "2secdata.h"
Randall Spangler6f1b82a2014-12-03 12:29:37 -080017#include "vb2_common.h"
Randall Spangler18030682014-06-11 16:01:08 -070018#include "test_common.h"
19
20/* Common context for tests */
21static uint8_t workbuf[VB2_WORKBUF_RECOMMENDED_SIZE]
Bill Richardson73e5eb32015-01-26 12:18:25 -080022 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
Randall Spangler18030682014-06-11 16:01:08 -070023static struct vb2_context cc;
24static struct vb2_shared_data *sd;
25
26/* Mocked function data */
27
28static struct {
29 struct vb2_gbb_header h;
30 struct vb2_packed_key rootkey;
31 char rootkey_data[32];
32} mock_gbb;
33
34static struct {
35 /* Keyblock */
36 struct {
37 struct vb2_keyblock kb;
38 char data_key_data[16];
39 uint8_t kbdata[128];
40 } k;
41 /* Preamble follows keyblock */
42 struct {
43 struct vb2_fw_preamble pre;
44 uint8_t predata[128];
45 } p;
46
47} mock_vblock;
48
49static int mock_read_res_fail_on_call;
50static int mock_unpack_key_retval;
51static int mock_verify_keyblock_retval;
52static int mock_verify_preamble_retval;
53
54/* Type of test to reset for */
55enum reset_type {
56 FOR_KEYBLOCK,
57 FOR_PREAMBLE
58};
59
60static void reset_common_data(enum reset_type t)
61{
62 struct vb2_keyblock *kb = &mock_vblock.k.kb;
63 struct vb2_fw_preamble *pre = &mock_vblock.p.pre;
64
65 memset(workbuf, 0xaa, sizeof(workbuf));
66
67 memset(&cc, 0, sizeof(cc));
68 cc.workbuf = workbuf;
69 cc.workbuf_size = sizeof(workbuf);
70
71 vb2_init_context(&cc);
72 sd = vb2_get_sd(&cc);
73
74 vb2_nv_init(&cc);
75
76 vb2_secdata_create(&cc);
77 vb2_secdata_init(&cc);
78
79 mock_read_res_fail_on_call = 0;
80 mock_unpack_key_retval = VB2_SUCCESS;
81 mock_verify_keyblock_retval = VB2_SUCCESS;
82 mock_verify_preamble_retval = VB2_SUCCESS;
83
84 /* Set up mock data for verifying keyblock */
Julius Werner21aedee2015-01-29 14:49:17 -080085 sd->fw_version_secdata = 0x20002;
86 vb2_secdata_set(&cc, VB2_SECDATA_VERSIONS, sd->fw_version_secdata);
Randall Spangler18030682014-06-11 16:01:08 -070087
88 sd->gbb_rootkey_offset = vb2_offset_of(&mock_gbb, &mock_gbb.rootkey);
89 sd->gbb_rootkey_size = sizeof(mock_gbb.rootkey_data);
90 sd->last_fw_result = VB2_FW_RESULT_SUCCESS;
91
92 mock_gbb.rootkey.algorithm = 11;
93 mock_gbb.rootkey.key_offset =
94 vb2_offset_of(&mock_gbb.rootkey,
95 &mock_gbb.rootkey_data);
96 mock_gbb.rootkey.key_size = sizeof(mock_gbb.rootkey_data);
97
98 kb->keyblock_size = sizeof(mock_vblock.k);
99 kb->data_key.algorithm = 7;
100 kb->data_key.key_version = 2;
101 kb->data_key.key_offset =
102 vb2_offset_of(&mock_vblock.k, &mock_vblock.k.data_key_data) -
103 vb2_offset_of(&mock_vblock.k, &kb->data_key);
104 kb->data_key.key_size = sizeof(mock_vblock.k.data_key_data);
105 strcpy(mock_vblock.k.data_key_data, "data key data!!");
106
107 pre->preamble_size = sizeof(mock_vblock.p);
108 pre->firmware_version = 2;
109
110 /* If verifying preamble, verify keyblock first to set up data key */
111 if (t == FOR_PREAMBLE)
Randall Spanglerf18038b2014-10-23 15:55:21 -0700112 vb2_load_fw_keyblock(&cc);
Randall Spangler18030682014-06-11 16:01:08 -0700113};
114
115/* Mocked functions */
116
117int vb2ex_read_resource(struct vb2_context *ctx,
118 enum vb2_resource_index index,
119 uint32_t offset,
120 void *buf,
121 uint32_t size)
122{
123 uint8_t *rptr;
124 uint32_t rsize;
125
126 if (--mock_read_res_fail_on_call == 0)
127 return VB2_ERROR_EX_READ_RESOURCE_INDEX;
128
129 switch(index) {
130 case VB2_RES_GBB:
131 rptr = (uint8_t *)&mock_gbb;
132 rsize = sizeof(mock_gbb);
133 break;
134 case VB2_RES_FW_VBLOCK:
135 rptr = (uint8_t *)&mock_vblock;
136 rsize = sizeof(mock_vblock);
137 break;
138 default:
139 return VB2_ERROR_EX_READ_RESOURCE_INDEX;
140 }
141
142 if (offset > rsize || offset + size > rsize)
143 return VB2_ERROR_EX_READ_RESOURCE_SIZE;
144
145 memcpy(buf, rptr + offset, size);
146 return VB2_SUCCESS;
147}
148
Randall Spangler6e3931d2016-10-18 15:09:21 -0700149int vb2_unpack_key_buffer(struct vb2_public_key *key,
Randall Spangler18030682014-06-11 16:01:08 -0700150 const uint8_t *buf,
151 uint32_t size)
152{
Vadim Bendeburyc1a96b02015-04-07 17:07:33 -0700153 key->arrsize = 0;
Randall Spangler18030682014-06-11 16:01:08 -0700154 return mock_unpack_key_retval;
155}
156
157int vb2_verify_keyblock(struct vb2_keyblock *block,
158 uint32_t size,
159 const struct vb2_public_key *key,
Randall Spanglera063a432014-11-04 16:45:37 -0800160 const struct vb2_workbuf *wb)
Randall Spangler18030682014-06-11 16:01:08 -0700161{
162 return mock_verify_keyblock_retval;
163}
164
165int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
166 uint32_t size,
167 const struct vb2_public_key *key,
Randall Spanglera063a432014-11-04 16:45:37 -0800168 const struct vb2_workbuf *wb)
Randall Spangler18030682014-06-11 16:01:08 -0700169{
170 return mock_verify_preamble_retval;
171}
172
173/* Tests */
174
175static void verify_keyblock_tests(void)
176{
177 struct vb2_keyblock *kb = &mock_vblock.k.kb;
178 struct vb2_packed_key *k;
179 int wb_used_before;
180
181 /* Test successful call */
182 reset_common_data(FOR_KEYBLOCK);
183 wb_used_before = cc.workbuf_used;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700184 TEST_SUCC(vb2_load_fw_keyblock(&cc), "keyblock verify");
Randall Spangler18030682014-06-11 16:01:08 -0700185 TEST_EQ(sd->fw_version, 0x20000, "keyblock version");
186 TEST_EQ(sd->vblock_preamble_offset, sizeof(mock_vblock.k),
187 "preamble offset");
188 TEST_EQ(sd->workbuf_data_key_offset,
189 (wb_used_before + (VB2_WORKBUF_ALIGN - 1)) &
190 ~(VB2_WORKBUF_ALIGN - 1),
191 "keyblock data key offset");
192 TEST_EQ(cc.workbuf_used,
193 sd->workbuf_data_key_offset + sd->workbuf_data_key_size,
194 "workbuf used");
195
196 /* Make sure data key was properly saved */
197 k = (struct vb2_packed_key *)(cc.workbuf + sd->workbuf_data_key_offset);
198 TEST_EQ(k->algorithm, 7, "data key algorithm");
199 TEST_EQ(k->key_version, 2, "data key version");
200 TEST_EQ(k->key_size, sizeof(mock_vblock.k.data_key_data),
201 "data key size");
202 TEST_EQ(memcmp(cc.workbuf + sd->workbuf_data_key_offset +
203 k->key_offset, mock_vblock.k.data_key_data,
204 sizeof(mock_vblock.k.data_key_data)),
205 0, "data key data");
206 TEST_EQ(cc.workbuf_used,
207 sd->workbuf_data_key_offset + sd->workbuf_data_key_size,
208 "workbuf used after");
209
210 /* Test failures */
211 reset_common_data(FOR_KEYBLOCK);
212 cc.workbuf_used = cc.workbuf_size - sd->gbb_rootkey_size + 8;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700213 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700214 VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY,
215 "keyblock not enough workbuf for root key");
216
217 reset_common_data(FOR_KEYBLOCK);
218 sd->gbb_rootkey_size = sizeof(mock_gbb);
Randall Spanglerf18038b2014-10-23 15:55:21 -0700219 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700220 VB2_ERROR_EX_READ_RESOURCE_SIZE,
221 "keyblock read root key");
222
223 reset_common_data(FOR_KEYBLOCK);
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700224 mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700225 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700226 VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
Randall Spangler18030682014-06-11 16:01:08 -0700227 "keyblock unpack root key");
228
229 reset_common_data(FOR_KEYBLOCK);
230 cc.workbuf_used = cc.workbuf_size - sd->gbb_rootkey_size - 8;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700231 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700232 VB2_ERROR_FW_KEYBLOCK_WORKBUF_HEADER,
233 "keyblock not enough workbuf for header");
234
235 reset_common_data(FOR_KEYBLOCK);
236 mock_read_res_fail_on_call = 2;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700237 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700238 VB2_ERROR_EX_READ_RESOURCE_INDEX,
239 "keyblock read keyblock header");
240
241 reset_common_data(FOR_KEYBLOCK);
242 cc.workbuf_used = cc.workbuf_size - sd->gbb_rootkey_size
243 - sizeof(struct vb2_keyblock);
Randall Spanglerf18038b2014-10-23 15:55:21 -0700244 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700245 VB2_ERROR_FW_KEYBLOCK_WORKBUF,
246 "keyblock not enough workbuf for entire keyblock");
247
248 reset_common_data(FOR_KEYBLOCK);
249 kb->keyblock_size = sizeof(mock_vblock) + 1;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700250 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700251 VB2_ERROR_EX_READ_RESOURCE_SIZE,
252 "keyblock read keyblock");
253
254 reset_common_data(FOR_KEYBLOCK);
255 mock_verify_keyblock_retval = VB2_ERROR_KEYBLOCK_MAGIC;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700256 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700257 VB2_ERROR_KEYBLOCK_MAGIC,
258 "keyblock verify keyblock");
259
260 reset_common_data(FOR_KEYBLOCK);
261 kb->data_key.key_version = 0x10000;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700262 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700263 VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE,
264 "keyblock version range");
265
266 reset_common_data(FOR_KEYBLOCK);
267 kb->data_key.key_version = 1;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700268 TEST_EQ(vb2_load_fw_keyblock(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700269 VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK,
270 "keyblock rollback");
Julius Wernerfb4e4082015-05-15 12:50:07 -0700271
272 reset_common_data(FOR_KEYBLOCK);
273 kb->data_key.key_version = 1;
274 sd->gbb_flags |= VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK;
275 TEST_SUCC(vb2_load_fw_keyblock(&cc), "keyblock rollback with GBB flag");
Randall Spangler18030682014-06-11 16:01:08 -0700276}
277
278static void verify_preamble_tests(void)
279{
280 struct vb2_fw_preamble *pre = &mock_vblock.p.pre;
281 int wb_used_before;
282 uint32_t v;
283
284 /* Test successful call */
285 reset_common_data(FOR_PREAMBLE);
286 wb_used_before = cc.workbuf_used;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700287 TEST_SUCC(vb2_load_fw_preamble(&cc), "preamble good");
Randall Spangler18030682014-06-11 16:01:08 -0700288 TEST_EQ(sd->fw_version, 0x20002, "combined version");
289 TEST_EQ(sd->workbuf_preamble_offset,
290 (wb_used_before + (VB2_WORKBUF_ALIGN - 1)) &
291 ~(VB2_WORKBUF_ALIGN - 1),
292 "preamble offset");
293 TEST_EQ(sd->workbuf_preamble_size, pre->preamble_size, "preamble size");
294 TEST_EQ(cc.workbuf_used,
295 sd->workbuf_preamble_offset + sd->workbuf_preamble_size,
296 "workbuf used");
297
298 /* Expected failures */
299 reset_common_data(FOR_PREAMBLE);
300 sd->workbuf_data_key_size = 0;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700301 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700302 VB2_ERROR_FW_PREAMBLE2_DATA_KEY,
303 "preamble no data key");
304
305 reset_common_data(FOR_PREAMBLE);
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700306 mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700307 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700308 VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
Randall Spangler18030682014-06-11 16:01:08 -0700309 "preamble unpack data key");
310
311 reset_common_data(FOR_PREAMBLE);
312 cc.workbuf_used = cc.workbuf_size - sizeof(struct vb2_fw_preamble) + 8;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700313 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700314 VB2_ERROR_FW_PREAMBLE2_WORKBUF_HEADER,
315 "preamble not enough workbuf for header");
316
317 reset_common_data(FOR_PREAMBLE);
318 sd->vblock_preamble_offset = sizeof(mock_vblock);
Randall Spanglerf18038b2014-10-23 15:55:21 -0700319 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700320 VB2_ERROR_EX_READ_RESOURCE_SIZE,
321 "preamble read header");
322
323 reset_common_data(FOR_PREAMBLE);
324 cc.workbuf_used = cc.workbuf_size - sizeof(mock_vblock.p) + 8;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700325 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700326 VB2_ERROR_FW_PREAMBLE2_WORKBUF,
327 "preamble not enough workbuf");
328
329 reset_common_data(FOR_PREAMBLE);
330 pre->preamble_size = sizeof(mock_vblock);
Randall Spanglerf18038b2014-10-23 15:55:21 -0700331 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700332 VB2_ERROR_EX_READ_RESOURCE_SIZE,
333 "preamble read full");
334
335 reset_common_data(FOR_PREAMBLE);
336 mock_verify_preamble_retval = VB2_ERROR_PREAMBLE_SIG_INVALID;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700337 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700338 VB2_ERROR_PREAMBLE_SIG_INVALID,
339 "preamble verify");
340
341 reset_common_data(FOR_PREAMBLE);
342 pre->firmware_version = 0x10000;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700343 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler308d2542014-12-04 09:54:37 -0800344 VB2_ERROR_FW_PREAMBLE_VERSION_RANGE,
Randall Spangler18030682014-06-11 16:01:08 -0700345 "preamble version range");
346
347 reset_common_data(FOR_PREAMBLE);
348 pre->firmware_version = 1;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700349 TEST_EQ(vb2_load_fw_preamble(&cc),
Randall Spangler308d2542014-12-04 09:54:37 -0800350 VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK,
Randall Spangler18030682014-06-11 16:01:08 -0700351 "preamble version rollback");
352
353 reset_common_data(FOR_PREAMBLE);
Julius Wernerfb4e4082015-05-15 12:50:07 -0700354 pre->firmware_version = 1;
355 sd->gbb_flags |= VB2_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK;
356 TEST_SUCC(vb2_load_fw_preamble(&cc), "version rollback with GBB flag");
357
358 reset_common_data(FOR_PREAMBLE);
Randall Spangler18030682014-06-11 16:01:08 -0700359 pre->firmware_version = 3;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700360 TEST_SUCC(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700361 "preamble version roll forward");
362 vb2_secdata_get(&cc, VB2_SECDATA_VERSIONS, &v);
363 TEST_EQ(v, 0x20003, "roll forward");
364
365 /* Newer version without result success doesn't roll forward */
366 reset_common_data(FOR_PREAMBLE);
367 pre->firmware_version = 3;
368 sd->last_fw_result = VB2_FW_RESULT_UNKNOWN;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700369 TEST_SUCC(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700370 "preamble version no roll forward 1");
371 vb2_secdata_get(&cc, VB2_SECDATA_VERSIONS, &v);
372 TEST_EQ(v, 0x20002, "no roll forward");
373
374 /* Newer version with success but for other slot doesn't roll forward */
375 reset_common_data(FOR_PREAMBLE);
376 pre->firmware_version = 3;
377 sd->last_fw_slot = 1;
Randall Spanglerf18038b2014-10-23 15:55:21 -0700378 TEST_SUCC(vb2_load_fw_preamble(&cc),
Randall Spangler18030682014-06-11 16:01:08 -0700379 "preamble version no roll forward 2");
380 vb2_secdata_get(&cc, VB2_SECDATA_VERSIONS, &v);
381 TEST_EQ(v, 0x20002, "no roll forward");
382}
383
384int main(int argc, char* argv[])
385{
386 verify_keyblock_tests();
387 verify_preamble_tests();
388
389 return gTestSuccess ? 0 : 255;
390}