Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 2174d411d3735e03e00bfa4650db4795cc595545 / . / pvmfw / avb / tests / api_test.rs
blob: e7e4dccdccc16cdb97758e6967a40d3f6058373f [file] [log] [blame]
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]1/*
2 * Copyright (C) 2022 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]17mod utils;
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]18
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]19use anyhow::{anyhow, Result};
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]20use avb_bindgen::{AvbFooter, AvbVBMetaImageHeader};
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]21use pvmfw_avb::{verify_payload, Capability, DebugLevel, PvmfwVerifyError, VerifiedBootData};
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]22use std::{fs, mem::size_of, ptr};
23use utils::*;
24
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]25const TEST_IMG_WITH_ONE_HASHDESC_PATH: &str = "test_image_with_one_hashdesc.img";
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]26const TEST_IMG_WITH_PROP_DESC_PATH: &str = "test_image_with_prop_desc.img";
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]27const TEST_IMG_WITH_SERVICE_VM_PROP_PATH: &str = "test_image_with_service_vm_prop.img";
28const TEST_IMG_WITH_UNKNOWN_VM_TYPE_PROP_PATH: &str = "test_image_with_unknown_vm_type_prop.img";
29const TEST_IMG_WITH_MULTIPLE_PROPS_PATH: &str = "test_image_with_multiple_props.img";
30const TEST_IMG_WITH_DUPLICATED_CAP_PATH: &str = "test_image_with_duplicated_capability.img";
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]31const TEST_IMG_WITH_NON_INITRD_HASHDESC_PATH: &str = "test_image_with_non_initrd_hashdesc.img";
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]32const TEST_IMG_WITH_INITRD_AND_NON_INITRD_DESC_PATH: &str =
33 "test_image_with_initrd_and_non_initrd_desc.img";
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]34const UNSIGNED_TEST_IMG_PATH: &str = "unsigned_test.img";
35
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]36const RANDOM_FOOTER_POS: usize = 30;
37
38/// This test uses the Microdroid payload compiled on the fly to check that
39/// the latest payload can be verified successfully.
40#[test]
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]41fn latest_normal_payload_passes_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]42 assert_latest_payload_verification_passes(
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]43 &load_latest_initrd_normal()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]44 b"initrd_normal",
45 DebugLevel::None,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]46 )
47}
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]48
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]49#[test]
50fn latest_debug_payload_passes_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]51 assert_latest_payload_verification_passes(
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]52 &load_latest_initrd_debug()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]53 b"initrd_debug",
54 DebugLevel::Full,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]55 )
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]56}
57
58#[test]
59fn payload_expecting_no_initrd_passes_verification_with_no_initrd() -> Result<()> {
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]60 let public_key = load_trusted_public_key()?;
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]61 let verified_boot_data = verify_payload(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]62 &fs::read(TEST_IMG_WITH_ONE_HASHDESC_PATH)?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]63 /*initrd=*/ None,
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]64 &public_key,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]65 )
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]66 .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
67
Pierre-Clément Tosi81ca0802023-02-14 10:41:38 +0000[diff] [blame]68 let kernel_digest = hash(&[&hex::decode("1111")?, &fs::read(UNSIGNED_TEST_IMG_PATH)?]);
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]69 let expected_boot_data = VerifiedBootData {
70 debug_level: DebugLevel::None,
71 kernel_digest,
72 initrd_digest: None,
73 public_key: &public_key,
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]74 capabilities: vec![],
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]75 };
Pierre-Clément Tosi81ca0802023-02-14 10:41:38 +0000[diff] [blame]76 assert_eq!(expected_boot_data, verified_boot_data);
77
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]78 Ok(())
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]79}
80
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]81#[test]
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]82fn payload_with_non_initrd_descriptor_fails_verification_with_no_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]83 assert_payload_verification_fails(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]84 &fs::read(TEST_IMG_WITH_NON_INITRD_HASHDESC_PATH)?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]85 /*initrd=*/ None,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]86 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]87 PvmfwVerifyError::InvalidDescriptors(avb::IoError::NoSuchPartition),
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]88 )
89}
90
91#[test]
92fn payload_with_non_initrd_descriptor_fails_verification_with_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]93 assert_payload_verification_with_initrd_fails(
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]94 &fs::read(TEST_IMG_WITH_INITRD_AND_NON_INITRD_DESC_PATH)?,
95 &load_latest_initrd_normal()?,
96 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]97 PvmfwVerifyError::InvalidDescriptors(avb::IoError::NoSuchPartition),
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]98 )
99}
100
101#[test]
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]102fn payload_expecting_no_initrd_passes_verification_with_service_vm_prop() -> Result<()> {
103 let public_key = load_trusted_public_key()?;
104 let verified_boot_data = verify_payload(
105 &fs::read(TEST_IMG_WITH_SERVICE_VM_PROP_PATH)?,
106 /*initrd=*/ None,
107 &public_key,
108 )
109 .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
110
111 let kernel_digest = hash(&[&hex::decode("2131")?, &fs::read(UNSIGNED_TEST_IMG_PATH)?]);
112 let expected_boot_data = VerifiedBootData {
113 debug_level: DebugLevel::None,
114 kernel_digest,
115 initrd_digest: None,
116 public_key: &public_key,
117 capabilities: vec![Capability::RemoteAttest],
118 };
119 assert_eq!(expected_boot_data, verified_boot_data);
120
121 Ok(())
122}
123
124#[test]
125fn payload_with_unknown_vm_type_fails_verification_with_no_initrd() -> Result<()> {
126 assert_payload_verification_fails(
127 &fs::read(TEST_IMG_WITH_UNKNOWN_VM_TYPE_PROP_PATH)?,
128 /*initrd=*/ None,
129 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]130 PvmfwVerifyError::UnknownVbmetaProperty,
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]131 )
132}
133
134#[test]
135fn payload_with_multiple_props_fails_verification_with_no_initrd() -> Result<()> {
136 assert_payload_verification_fails(
137 &fs::read(TEST_IMG_WITH_MULTIPLE_PROPS_PATH)?,
138 /*initrd=*/ None,
139 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]140 PvmfwVerifyError::InvalidDescriptors(avb::IoError::Io),
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]141 )
142}
143
144#[test]
145fn payload_with_duplicated_capability_fails_verification_with_no_initrd() -> Result<()> {
146 assert_payload_verification_fails(
147 &fs::read(TEST_IMG_WITH_DUPLICATED_CAP_PATH)?,
148 /*initrd=*/ None,
149 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]150 avb::SlotVerifyError::InvalidMetadata.into(),
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]151 )
152}
153
154#[test]
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]155fn payload_with_prop_descriptor_fails_verification_with_no_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]156 assert_payload_verification_fails(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]157 &fs::read(TEST_IMG_WITH_PROP_DESC_PATH)?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]158 /*initrd=*/ None,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]159 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]160 PvmfwVerifyError::UnknownVbmetaProperty,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]161 )
162}
163
164#[test]
165fn payload_expecting_initrd_fails_verification_with_no_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]166 assert_payload_verification_fails(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]167 &load_latest_signed_kernel()?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]168 /*initrd=*/ None,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]169 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]170 avb::SlotVerifyError::InvalidMetadata.into(),
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]171 )
172}
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]173
174#[test]
175fn payload_with_empty_public_key_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]176 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]177 &load_latest_signed_kernel()?,
178 &load_latest_initrd_normal()?,
179 /*trusted_public_key=*/ &[0u8; 0],
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]180 avb::SlotVerifyError::PublicKeyRejected.into(),
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]181 )
182}
183
184#[test]
185fn payload_with_an_invalid_public_key_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]186 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]187 &load_latest_signed_kernel()?,
188 &load_latest_initrd_normal()?,
189 /*trusted_public_key=*/ &[0u8; 512],
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]190 avb::SlotVerifyError::PublicKeyRejected.into(),
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]191 )
192}
193
194#[test]
195fn payload_with_a_different_valid_public_key_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]196 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]197 &load_latest_signed_kernel()?,
198 &load_latest_initrd_normal()?,
199 &fs::read(PUBLIC_KEY_RSA2048_PATH)?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]200 avb::SlotVerifyError::PublicKeyRejected.into(),
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]201 )
202}
203
204#[test]
Alice Wang5c1a7562023-01-13 17:19:57 +0000[diff] [blame]205fn payload_with_an_invalid_initrd_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]206 assert_payload_verification_with_initrd_fails(
Alice Wang5c1a7562023-01-13 17:19:57 +0000[diff] [blame]207 &load_latest_signed_kernel()?,
208 /*initrd=*/ &fs::read(UNSIGNED_TEST_IMG_PATH)?,
209 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]210 avb::SlotVerifyError::Verification.into(),
Alice Wang5c1a7562023-01-13 17:19:57 +0000[diff] [blame]211 )
212}
213
214#[test]
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]215fn unsigned_kernel_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]216 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]217 &fs::read(UNSIGNED_TEST_IMG_PATH)?,
218 &load_latest_initrd_normal()?,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]219 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]220 avb::SlotVerifyError::Io.into(),
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]221 )
222}
223
224#[test]
225fn tampered_kernel_fails_verification() -> Result<()> {
226 let mut kernel = load_latest_signed_kernel()?;
227 kernel[1] = !kernel[1]; // Flip the bits
228
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]229 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]230 &kernel,
231 &load_latest_initrd_normal()?,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]232 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]233 avb::SlotVerifyError::Verification.into(),
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]234 )
235}
236
237#[test]
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]238fn kernel_footer_with_vbmeta_offset_overwritten_fails_verification() -> Result<()> {
239 // Arrange.
240 let mut kernel = load_latest_signed_kernel()?;
241 let total_len = kernel.len() as u64;
242 let footer = extract_avb_footer(&kernel)?;
243 assert!(footer.vbmeta_offset < total_len);
Alan Stokes196192b2023-07-24 11:44:08 +0100[diff] [blame]244 // TODO: use core::mem::offset_of once stable.
245 let footer_addr = ptr::addr_of!(footer) as *const u8;
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]246 let vbmeta_offset_addr = ptr::addr_of!(footer.vbmeta_offset) as *const u8;
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]247 let vbmeta_offset_start =
Alan Stokes196192b2023-07-24 11:44:08 +0100[diff] [blame]248 // SAFETY:
249 // - both raw pointers `vbmeta_offset_addr` and `footer_addr` are not null;
250 // - they are both derived from the `footer` object;
251 // - the offset is known from the struct definition to be a small positive number of bytes.
252 unsafe { vbmeta_offset_addr.offset_from(footer_addr) };
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]253 let footer_start = kernel.len() - size_of::<AvbFooter>();
254 let vbmeta_offset_start = footer_start + usize::try_from(vbmeta_offset_start)?;
255
256 let wrong_offsets = [total_len, u64::MAX];
257 for &wrong_offset in wrong_offsets.iter() {
258 // Act.
259 kernel[vbmeta_offset_start..(vbmeta_offset_start + size_of::<u64>())]
260 .copy_from_slice(&wrong_offset.to_be_bytes());
261
262 // Assert.
Inseob Kim8ebf1da2023-01-27 18:12:57 +0900[diff] [blame]263 let footer = extract_avb_footer(&kernel)?;
264 // footer is unaligned; copy vbmeta_offset to local variable
265 let vbmeta_offset = footer.vbmeta_offset;
266 assert_eq!(wrong_offset, vbmeta_offset);
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]267 assert_payload_verification_with_initrd_fails(
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]268 &kernel,
269 &load_latest_initrd_normal()?,
270 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]271 avb::SlotVerifyError::Io.into(),
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]272 )?;
273 }
274 Ok(())
275}
276
277#[test]
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]278fn tampered_kernel_footer_fails_verification() -> Result<()> {
279 let mut kernel = load_latest_signed_kernel()?;
280 let avb_footer_index = kernel.len() - size_of::<AvbFooter>() + RANDOM_FOOTER_POS;
281 kernel[avb_footer_index] = !kernel[avb_footer_index];
282
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]283 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]284 &kernel,
285 &load_latest_initrd_normal()?,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]286 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]287 avb::SlotVerifyError::InvalidMetadata.into(),
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]288 )
289}
290
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]291#[test]
Alice Wang75d05632023-01-25 13:31:18 +0000[diff] [blame]292fn extended_initrd_fails_verification() -> Result<()> {
293 let mut initrd = load_latest_initrd_normal()?;
294 initrd.extend(b"androidboot.vbmeta.digest=1111");
295
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]296 assert_payload_verification_with_initrd_fails(
Alice Wang75d05632023-01-25 13:31:18 +0000[diff] [blame]297 &load_latest_signed_kernel()?,
298 &initrd,
299 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]300 avb::SlotVerifyError::Verification.into(),
Alice Wang75d05632023-01-25 13:31:18 +0000[diff] [blame]301 )
302}
303
304#[test]
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]305fn tampered_vbmeta_fails_verification() -> Result<()> {
306 let mut kernel = load_latest_signed_kernel()?;
307 let footer = extract_avb_footer(&kernel)?;
308 let vbmeta_index: usize = (footer.vbmeta_offset + 1).try_into()?;
309
310 kernel[vbmeta_index] = !kernel[vbmeta_index]; // Flip the bits
311
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]312 assert_payload_verification_with_initrd_fails(
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]313 &kernel,
314 &load_latest_initrd_normal()?,
315 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]316 avb::SlotVerifyError::InvalidMetadata.into(),
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]317 )
318}
319
320#[test]
321fn vbmeta_with_public_key_overwritten_fails_verification() -> Result<()> {
322 let mut kernel = load_latest_signed_kernel()?;
323 let footer = extract_avb_footer(&kernel)?;
324 let vbmeta_header = extract_vbmeta_header(&kernel, &footer)?;
325 let public_key_offset = footer.vbmeta_offset as usize
326 + size_of::<AvbVBMetaImageHeader>()
327 + vbmeta_header.authentication_data_block_size as usize
328 + vbmeta_header.public_key_offset as usize;
329 let public_key_size: usize = vbmeta_header.public_key_size.try_into()?;
330 let empty_public_key = vec![0u8; public_key_size];
331
332 kernel[public_key_offset..(public_key_offset + public_key_size)]
333 .copy_from_slice(&empty_public_key);
334
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]335 assert_payload_verification_with_initrd_fails(
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]336 &kernel,
337 &load_latest_initrd_normal()?,
338 &empty_public_key,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]339 avb::SlotVerifyError::Verification.into(),
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]340 )?;
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]341 assert_payload_verification_with_initrd_fails(
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]342 &kernel,
343 &load_latest_initrd_normal()?,
344 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]345 avb::SlotVerifyError::Verification.into(),
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]346 )
347}
348
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]349#[test]
350fn vbmeta_with_verification_flag_disabled_fails_verification() -> Result<()> {
351 // From external/avb/libavb/avb_vbmeta_image.h
352 const AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED: u32 = 2;
353
354 // Arrange.
355 let mut kernel = load_latest_signed_kernel()?;
356 let footer = extract_avb_footer(&kernel)?;
357 let vbmeta_header = extract_vbmeta_header(&kernel, &footer)?;
Inseob Kim8ebf1da2023-01-27 18:12:57 +0900[diff] [blame]358
359 // vbmeta_header is unaligned; copy flags to local variable
360 let vbmeta_header_flags = vbmeta_header.flags;
361 assert_eq!(0, vbmeta_header_flags, "The disable flag should not be set in the latest kernel.");
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]362 let flags_addr = ptr::addr_of!(vbmeta_header.flags) as *const u8;
363 // SAFETY: It is safe as both raw pointers `flags_addr` and `vbmeta_header` are not null.
364 let flags_offset = unsafe { flags_addr.offset_from(ptr::addr_of!(vbmeta_header) as *const u8) };
365 let flags_offset = usize::try_from(footer.vbmeta_offset)? + usize::try_from(flags_offset)?;
366
367 // Act.
368 kernel[flags_offset..(flags_offset + size_of::<u32>())]
369 .copy_from_slice(&AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED.to_be_bytes());
370
371 // Assert.
Inseob Kim8ebf1da2023-01-27 18:12:57 +0900[diff] [blame]372 let vbmeta_header = extract_vbmeta_header(&kernel, &footer)?;
373 // vbmeta_header is unaligned; copy flags to local variable
374 let vbmeta_header_flags = vbmeta_header.flags;
375 assert_eq!(
376 AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED, vbmeta_header_flags,
377 "VBMeta verification flag should be disabled now."
378 );
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]379 assert_payload_verification_with_initrd_fails(
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]380 &kernel,
381 &load_latest_initrd_normal()?,
382 &load_trusted_public_key()?,
David Pursella7c727b2023-08-14 16:24:40 -0700[diff] [blame]383 avb::SlotVerifyError::Verification.into(),
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]384 )
385}