Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / c7323026f406ae54d5f1b523dbf7d1ee064c0a1c / . / pvmfw / avb / tests / api_test.rs
blob: 2f45d77c0af1c6f71212487e5fdd77b42d8f2bb0 [file] [log] [blame]
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]1/*
2 * Copyright (C) 2022 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]17mod utils;
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]18
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]19use anyhow::{anyhow, Result};
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]20use avb_bindgen::{AvbFooter, AvbVBMetaImageHeader};
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]21use pvmfw_avb::{
22 verify_payload, AvbIOError, AvbSlotVerifyError, Capability, DebugLevel, VerifiedBootData,
23};
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]24use std::{fs, mem::size_of, ptr};
25use utils::*;
26
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]27const TEST_IMG_WITH_ONE_HASHDESC_PATH: &str = "test_image_with_one_hashdesc.img";
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]28const TEST_IMG_WITH_PROP_DESC_PATH: &str = "test_image_with_prop_desc.img";
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]29const TEST_IMG_WITH_SERVICE_VM_PROP_PATH: &str = "test_image_with_service_vm_prop.img";
30const TEST_IMG_WITH_UNKNOWN_VM_TYPE_PROP_PATH: &str = "test_image_with_unknown_vm_type_prop.img";
31const TEST_IMG_WITH_MULTIPLE_PROPS_PATH: &str = "test_image_with_multiple_props.img";
32const TEST_IMG_WITH_DUPLICATED_CAP_PATH: &str = "test_image_with_duplicated_capability.img";
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]33const TEST_IMG_WITH_NON_INITRD_HASHDESC_PATH: &str = "test_image_with_non_initrd_hashdesc.img";
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]34const TEST_IMG_WITH_INITRD_AND_NON_INITRD_DESC_PATH: &str =
35 "test_image_with_initrd_and_non_initrd_desc.img";
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]36const UNSIGNED_TEST_IMG_PATH: &str = "unsigned_test.img";
37
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]38const RANDOM_FOOTER_POS: usize = 30;
39
40/// This test uses the Microdroid payload compiled on the fly to check that
41/// the latest payload can be verified successfully.
42#[test]
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]43fn latest_normal_payload_passes_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]44 assert_latest_payload_verification_passes(
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]45 &load_latest_initrd_normal()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]46 b"initrd_normal",
47 DebugLevel::None,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]48 )
49}
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]50
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]51#[test]
52fn latest_debug_payload_passes_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]53 assert_latest_payload_verification_passes(
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]54 &load_latest_initrd_debug()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]55 b"initrd_debug",
56 DebugLevel::Full,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]57 )
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]58}
59
60#[test]
61fn payload_expecting_no_initrd_passes_verification_with_no_initrd() -> Result<()> {
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]62 let public_key = load_trusted_public_key()?;
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]63 let verified_boot_data = verify_payload(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]64 &fs::read(TEST_IMG_WITH_ONE_HASHDESC_PATH)?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]65 /*initrd=*/ None,
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]66 &public_key,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]67 )
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]68 .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
69
Pierre-Clément Tosi81ca0802023-02-14 10:41:38 +0000[diff] [blame]70 let kernel_digest = hash(&[&hex::decode("1111")?, &fs::read(UNSIGNED_TEST_IMG_PATH)?]);
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]71 let expected_boot_data = VerifiedBootData {
72 debug_level: DebugLevel::None,
73 kernel_digest,
74 initrd_digest: None,
75 public_key: &public_key,
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]76 capabilities: vec![],
Pierre-Clément Tosif58f3a32023-02-02 16:24:23 +0000[diff] [blame]77 };
Pierre-Clément Tosi81ca0802023-02-14 10:41:38 +0000[diff] [blame]78 assert_eq!(expected_boot_data, verified_boot_data);
79
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]80 Ok(())
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]81}
82
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]83#[test]
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]84fn payload_with_non_initrd_descriptor_fails_verification_with_no_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]85 assert_payload_verification_fails(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]86 &fs::read(TEST_IMG_WITH_NON_INITRD_HASHDESC_PATH)?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]87 /*initrd=*/ None,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]88 &load_trusted_public_key()?,
Alice Wang14973b22023-05-22 14:54:16 +0000[diff] [blame]89 AvbSlotVerifyError::InvalidDescriptors(AvbIOError::NoSuchPartition),
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]90 )
91}
92
93#[test]
94fn payload_with_non_initrd_descriptor_fails_verification_with_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]95 assert_payload_verification_with_initrd_fails(
Alice Wangf2752862023-01-18 11:51:25 +0000[diff] [blame]96 &fs::read(TEST_IMG_WITH_INITRD_AND_NON_INITRD_DESC_PATH)?,
97 &load_latest_initrd_normal()?,
98 &load_trusted_public_key()?,
Alice Wang14973b22023-05-22 14:54:16 +0000[diff] [blame]99 AvbSlotVerifyError::InvalidDescriptors(AvbIOError::NoSuchPartition),
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]100 )
101}
102
103#[test]
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]104fn payload_expecting_no_initrd_passes_verification_with_service_vm_prop() -> Result<()> {
105 let public_key = load_trusted_public_key()?;
106 let verified_boot_data = verify_payload(
107 &fs::read(TEST_IMG_WITH_SERVICE_VM_PROP_PATH)?,
108 /*initrd=*/ None,
109 &public_key,
110 )
111 .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
112
113 let kernel_digest = hash(&[&hex::decode("2131")?, &fs::read(UNSIGNED_TEST_IMG_PATH)?]);
114 let expected_boot_data = VerifiedBootData {
115 debug_level: DebugLevel::None,
116 kernel_digest,
117 initrd_digest: None,
118 public_key: &public_key,
119 capabilities: vec![Capability::RemoteAttest],
120 };
121 assert_eq!(expected_boot_data, verified_boot_data);
122
123 Ok(())
124}
125
126#[test]
127fn payload_with_unknown_vm_type_fails_verification_with_no_initrd() -> Result<()> {
128 assert_payload_verification_fails(
129 &fs::read(TEST_IMG_WITH_UNKNOWN_VM_TYPE_PROP_PATH)?,
130 /*initrd=*/ None,
131 &load_trusted_public_key()?,
132 AvbSlotVerifyError::UnknownVbmetaProperty,
133 )
134}
135
136#[test]
137fn payload_with_multiple_props_fails_verification_with_no_initrd() -> Result<()> {
138 assert_payload_verification_fails(
139 &fs::read(TEST_IMG_WITH_MULTIPLE_PROPS_PATH)?,
140 /*initrd=*/ None,
141 &load_trusted_public_key()?,
142 AvbSlotVerifyError::InvalidDescriptors(AvbIOError::Io),
143 )
144}
145
146#[test]
147fn payload_with_duplicated_capability_fails_verification_with_no_initrd() -> Result<()> {
148 assert_payload_verification_fails(
149 &fs::read(TEST_IMG_WITH_DUPLICATED_CAP_PATH)?,
150 /*initrd=*/ None,
151 &load_trusted_public_key()?,
152 AvbSlotVerifyError::InvalidMetadata,
153 )
154}
155
156#[test]
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]157fn payload_with_prop_descriptor_fails_verification_with_no_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]158 assert_payload_verification_fails(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]159 &fs::read(TEST_IMG_WITH_PROP_DESC_PATH)?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]160 /*initrd=*/ None,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]161 &load_trusted_public_key()?,
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]162 AvbSlotVerifyError::UnknownVbmetaProperty,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]163 )
164}
165
166#[test]
167fn payload_expecting_initrd_fails_verification_with_no_initrd() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]168 assert_payload_verification_fails(
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]169 &load_latest_signed_kernel()?,
Alice Wang2925b0a2023-01-19 10:44:24 +0000[diff] [blame]170 /*initrd=*/ None,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]171 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]172 AvbSlotVerifyError::InvalidMetadata,
Alice Wang86383df2023-01-11 10:03:56 +0000[diff] [blame]173 )
174}
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]175
176#[test]
177fn payload_with_empty_public_key_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]178 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]179 &load_latest_signed_kernel()?,
180 &load_latest_initrd_normal()?,
181 /*trusted_public_key=*/ &[0u8; 0],
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]182 AvbSlotVerifyError::PublicKeyRejected,
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]183 )
184}
185
186#[test]
187fn payload_with_an_invalid_public_key_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]188 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]189 &load_latest_signed_kernel()?,
190 &load_latest_initrd_normal()?,
191 /*trusted_public_key=*/ &[0u8; 512],
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]192 AvbSlotVerifyError::PublicKeyRejected,
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]193 )
194}
195
196#[test]
197fn payload_with_a_different_valid_public_key_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]198 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]199 &load_latest_signed_kernel()?,
200 &load_latest_initrd_normal()?,
201 &fs::read(PUBLIC_KEY_RSA2048_PATH)?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]202 AvbSlotVerifyError::PublicKeyRejected,
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]203 )
204}
205
206#[test]
Alice Wang5c1a7562023-01-13 17:19:57 +0000[diff] [blame]207fn payload_with_an_invalid_initrd_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]208 assert_payload_verification_with_initrd_fails(
Alice Wang5c1a7562023-01-13 17:19:57 +0000[diff] [blame]209 &load_latest_signed_kernel()?,
210 /*initrd=*/ &fs::read(UNSIGNED_TEST_IMG_PATH)?,
211 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]212 AvbSlotVerifyError::Verification,
Alice Wang5c1a7562023-01-13 17:19:57 +0000[diff] [blame]213 )
214}
215
216#[test]
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]217fn unsigned_kernel_fails_verification() -> Result<()> {
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]218 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]219 &fs::read(UNSIGNED_TEST_IMG_PATH)?,
220 &load_latest_initrd_normal()?,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]221 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]222 AvbSlotVerifyError::Io,
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]223 )
224}
225
226#[test]
227fn tampered_kernel_fails_verification() -> Result<()> {
228 let mut kernel = load_latest_signed_kernel()?;
229 kernel[1] = !kernel[1]; // Flip the bits
230
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]231 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]232 &kernel,
233 &load_latest_initrd_normal()?,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]234 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]235 AvbSlotVerifyError::Verification,
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]236 )
237}
238
239#[test]
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]240fn kernel_footer_with_vbmeta_offset_overwritten_fails_verification() -> Result<()> {
241 // Arrange.
242 let mut kernel = load_latest_signed_kernel()?;
243 let total_len = kernel.len() as u64;
244 let footer = extract_avb_footer(&kernel)?;
245 assert!(footer.vbmeta_offset < total_len);
Alan Stokes196192b2023-07-24 11:44:08 +0100[diff] [blame]246 // TODO: use core::mem::offset_of once stable.
247 let footer_addr = ptr::addr_of!(footer) as *const u8;
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]248 let vbmeta_offset_addr = ptr::addr_of!(footer.vbmeta_offset) as *const u8;
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]249 let vbmeta_offset_start =
Alan Stokes196192b2023-07-24 11:44:08 +0100[diff] [blame]250 // SAFETY:
251 // - both raw pointers `vbmeta_offset_addr` and `footer_addr` are not null;
252 // - they are both derived from the `footer` object;
253 // - the offset is known from the struct definition to be a small positive number of bytes.
254 unsafe { vbmeta_offset_addr.offset_from(footer_addr) };
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]255 let footer_start = kernel.len() - size_of::<AvbFooter>();
256 let vbmeta_offset_start = footer_start + usize::try_from(vbmeta_offset_start)?;
257
258 let wrong_offsets = [total_len, u64::MAX];
259 for &wrong_offset in wrong_offsets.iter() {
260 // Act.
261 kernel[vbmeta_offset_start..(vbmeta_offset_start + size_of::<u64>())]
262 .copy_from_slice(&wrong_offset.to_be_bytes());
263
264 // Assert.
Inseob Kim8ebf1da2023-01-27 18:12:57 +0900[diff] [blame]265 let footer = extract_avb_footer(&kernel)?;
266 // footer is unaligned; copy vbmeta_offset to local variable
267 let vbmeta_offset = footer.vbmeta_offset;
268 assert_eq!(wrong_offset, vbmeta_offset);
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]269 assert_payload_verification_with_initrd_fails(
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]270 &kernel,
271 &load_latest_initrd_normal()?,
272 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]273 AvbSlotVerifyError::Io,
Alice Wangfaceff42023-01-19 09:54:38 +0000[diff] [blame]274 )?;
275 }
276 Ok(())
277}
278
279#[test]
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]280fn tampered_kernel_footer_fails_verification() -> Result<()> {
281 let mut kernel = load_latest_signed_kernel()?;
282 let avb_footer_index = kernel.len() - size_of::<AvbFooter>() + RANDOM_FOOTER_POS;
283 kernel[avb_footer_index] = !kernel[avb_footer_index];
284
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]285 assert_payload_verification_with_initrd_fails(
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]286 &kernel,
287 &load_latest_initrd_normal()?,
Alice Wang4e55dd92023-01-11 10:17:01 +0000[diff] [blame]288 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]289 AvbSlotVerifyError::InvalidMetadata,
Alice Wangbf7fadd2023-01-13 12:18:24 +0000[diff] [blame]290 )
291}
292
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]293#[test]
Alice Wang75d05632023-01-25 13:31:18 +0000[diff] [blame]294fn extended_initrd_fails_verification() -> Result<()> {
295 let mut initrd = load_latest_initrd_normal()?;
296 initrd.extend(b"androidboot.vbmeta.digest=1111");
297
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]298 assert_payload_verification_with_initrd_fails(
Alice Wang75d05632023-01-25 13:31:18 +0000[diff] [blame]299 &load_latest_signed_kernel()?,
300 &initrd,
301 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]302 AvbSlotVerifyError::Verification,
Alice Wang75d05632023-01-25 13:31:18 +0000[diff] [blame]303 )
304}
305
306#[test]
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]307fn tampered_vbmeta_fails_verification() -> Result<()> {
308 let mut kernel = load_latest_signed_kernel()?;
309 let footer = extract_avb_footer(&kernel)?;
310 let vbmeta_index: usize = (footer.vbmeta_offset + 1).try_into()?;
311
312 kernel[vbmeta_index] = !kernel[vbmeta_index]; // Flip the bits
313
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]314 assert_payload_verification_with_initrd_fails(
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]315 &kernel,
316 &load_latest_initrd_normal()?,
317 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]318 AvbSlotVerifyError::InvalidMetadata,
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]319 )
320}
321
322#[test]
323fn vbmeta_with_public_key_overwritten_fails_verification() -> Result<()> {
324 let mut kernel = load_latest_signed_kernel()?;
325 let footer = extract_avb_footer(&kernel)?;
326 let vbmeta_header = extract_vbmeta_header(&kernel, &footer)?;
327 let public_key_offset = footer.vbmeta_offset as usize
328 + size_of::<AvbVBMetaImageHeader>()
329 + vbmeta_header.authentication_data_block_size as usize
330 + vbmeta_header.public_key_offset as usize;
331 let public_key_size: usize = vbmeta_header.public_key_size.try_into()?;
332 let empty_public_key = vec![0u8; public_key_size];
333
334 kernel[public_key_offset..(public_key_offset + public_key_size)]
335 .copy_from_slice(&empty_public_key);
336
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]337 assert_payload_verification_with_initrd_fails(
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]338 &kernel,
339 &load_latest_initrd_normal()?,
340 &empty_public_key,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]341 AvbSlotVerifyError::Verification,
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]342 )?;
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]343 assert_payload_verification_with_initrd_fails(
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]344 &kernel,
345 &load_latest_initrd_normal()?,
346 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]347 AvbSlotVerifyError::Verification,
Alice Wang58dac082023-01-13 13:03:59 +0000[diff] [blame]348 )
349}
350
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]351#[test]
352fn vbmeta_with_verification_flag_disabled_fails_verification() -> Result<()> {
353 // From external/avb/libavb/avb_vbmeta_image.h
354 const AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED: u32 = 2;
355
356 // Arrange.
357 let mut kernel = load_latest_signed_kernel()?;
358 let footer = extract_avb_footer(&kernel)?;
359 let vbmeta_header = extract_vbmeta_header(&kernel, &footer)?;
Inseob Kim8ebf1da2023-01-27 18:12:57 +0900[diff] [blame]360
361 // vbmeta_header is unaligned; copy flags to local variable
362 let vbmeta_header_flags = vbmeta_header.flags;
363 assert_eq!(0, vbmeta_header_flags, "The disable flag should not be set in the latest kernel.");
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]364 let flags_addr = ptr::addr_of!(vbmeta_header.flags) as *const u8;
365 // SAFETY: It is safe as both raw pointers `flags_addr` and `vbmeta_header` are not null.
366 let flags_offset = unsafe { flags_addr.offset_from(ptr::addr_of!(vbmeta_header) as *const u8) };
367 let flags_offset = usize::try_from(footer.vbmeta_offset)? + usize::try_from(flags_offset)?;
368
369 // Act.
370 kernel[flags_offset..(flags_offset + size_of::<u32>())]
371 .copy_from_slice(&AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED.to_be_bytes());
372
373 // Assert.
Inseob Kim8ebf1da2023-01-27 18:12:57 +0900[diff] [blame]374 let vbmeta_header = extract_vbmeta_header(&kernel, &footer)?;
375 // vbmeta_header is unaligned; copy flags to local variable
376 let vbmeta_header_flags = vbmeta_header.flags;
377 assert_eq!(
378 AVB_VBMETA_IMAGE_FLAGS_VERIFICATION_DISABLED, vbmeta_header_flags,
379 "VBMeta verification flag should be disabled now."
380 );
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]381 assert_payload_verification_with_initrd_fails(
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]382 &kernel,
383 &load_latest_initrd_normal()?,
384 &load_trusted_public_key()?,
Alice Wang1f0add02023-01-23 16:22:53 +0000[diff] [blame]385 AvbSlotVerifyError::Verification,
Alice Wangf06bfd72023-01-19 09:24:21 +0000[diff] [blame]386 )
387}