Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / cc8ce0e3b11ac76412c26c687d11140cbe18ad91 / . / delta_performer_integration_test.cc
blob: eddce9c756ca0d0e8ba4a30cb8bed72c8c75cca9 [file] [log] [blame]
Sen Jianga4365d62015-09-25 10:52:25 -0700[diff] [blame]1//
2// Copyright (C) 2012 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17#include "update_engine/delta_performer.h"
18
19#include <inttypes.h>
20#include <sys/mount.h>
21
22#include <algorithm>
23#include <string>
24#include <vector>
25
26#include <base/files/file_path.h>
27#include <base/files/file_util.h>
28#include <base/strings/stringprintf.h>
29#include <base/strings/string_util.h>
30#include <google/protobuf/repeated_field.h>
31#include <gtest/gtest.h>
32
33#include "update_engine/constants.h"
34#include "update_engine/fake_hardware.h"
35#include "update_engine/fake_system_state.h"
36#include "update_engine/mock_prefs.h"
37#include "update_engine/payload_constants.h"
38#include "update_engine/payload_generator/delta_diff_generator.h"
39#include "update_engine/payload_generator/payload_signer.h"
40#include "update_engine/payload_verifier.h"
41#include "update_engine/test_utils.h"
42#include "update_engine/update_metadata.pb.h"
43#include "update_engine/utils.h"
44
45namespace chromeos_update_engine {
46
47using std::string;
48using std::vector;
49using testing::Return;
50using testing::_;
51using test_utils::kRandomString;
52using test_utils::ScopedLoopMounter;
53using test_utils::System;
54
55extern const char* kUnittestPrivateKeyPath;
56extern const char* kUnittestPublicKeyPath;
57extern const char* kUnittestPrivateKey2Path;
58extern const char* kUnittestPublicKey2Path;
59
60static const int kDefaultKernelSize = 4096; // Something small for a test
61static const uint8_t kNewData[] = {'T', 'h', 'i', 's', ' ', 'i', 's', ' ',
62 'n', 'e', 'w', ' ', 'd', 'a', 't', 'a', '.'};
63
64namespace {
65struct DeltaState {
66 string a_img;
67 string b_img;
68 string result_img;
69 size_t image_size;
70
71 string delta_path;
72 uint64_t metadata_size;
73
74 string old_kernel;
75 chromeos::Blob old_kernel_data;
76
77 string new_kernel;
78 chromeos::Blob new_kernel_data;
79
80 string result_kernel;
81 chromeos::Blob result_kernel_data;
82 size_t kernel_size;
83
84 // The in-memory copy of delta file.
85 chromeos::Blob delta;
86
87 // The mock system state object with which we initialize the
88 // delta performer.
89 FakeSystemState fake_system_state;
90};
91
92enum SignatureTest {
93 kSignatureNone, // No payload signing.
94 kSignatureGenerator, // Sign the payload at generation time.
95 kSignatureGenerated, // Sign the payload after it's generated.
96 kSignatureGeneratedPlaceholder, // Insert placeholder signatures, then real.
97 kSignatureGeneratedPlaceholderMismatch, // Insert a wrong sized placeholder.
98 kSignatureGeneratedShell, // Sign the generated payload through shell cmds.
99 kSignatureGeneratedShellBadKey, // Sign with a bad key through shell cmds.
100 kSignatureGeneratedShellRotateCl1, // Rotate key, test client v1
101 kSignatureGeneratedShellRotateCl2, // Rotate key, test client v2
102};
103
104enum OperationHashTest {
105 kInvalidOperationData,
106 kValidOperationData,
107};
108
109} // namespace
110
111class DeltaPerformerIntegrationTest : public ::testing::Test {
112 public:
113 static void SetSupportedVersion(DeltaPerformer* performer,
114 uint64_t minor_version) {
115 performer->supported_minor_version_ = minor_version;
116 }
117};
118
119static void CompareFilesByBlock(const string& a_file, const string& b_file,
120 size_t image_size) {
121 EXPECT_EQ(0, image_size % kBlockSize);
122
123 chromeos::Blob a_data, b_data;
124 EXPECT_TRUE(utils::ReadFile(a_file, &a_data)) << "file failed: " << a_file;
125 EXPECT_TRUE(utils::ReadFile(b_file, &b_data)) << "file failed: " << b_file;
126
127 EXPECT_GE(a_data.size(), image_size);
128 EXPECT_GE(b_data.size(), image_size);
129 for (size_t i = 0; i < image_size; i += kBlockSize) {
130 EXPECT_EQ(0, i % kBlockSize);
131 chromeos::Blob a_sub(&a_data[i], &a_data[i + kBlockSize]);
132 chromeos::Blob b_sub(&b_data[i], &b_data[i + kBlockSize]);
133 EXPECT_TRUE(a_sub == b_sub) << "Block " << (i/kBlockSize) << " differs";
134 }
135 if (::testing::Test::HasNonfatalFailure()) {
136 LOG(INFO) << "Compared filesystems with size " << image_size
137 << ", partition A " << a_file << " size: " << a_data.size()
138 << ", partition B " << b_file << " size: " << b_data.size();
139 }
140}
141
142static bool WriteSparseFile(const string& path, off_t size) {
143 int fd = open(path.c_str(), O_CREAT | O_TRUNC | O_WRONLY, 0644);
144 TEST_AND_RETURN_FALSE_ERRNO(fd >= 0);
145 ScopedFdCloser fd_closer(&fd);
146 off_t rc = lseek(fd, size + 1, SEEK_SET);
147 TEST_AND_RETURN_FALSE_ERRNO(rc != static_cast<off_t>(-1));
148 int return_code = ftruncate(fd, size);
149 TEST_AND_RETURN_FALSE_ERRNO(return_code == 0);
150 return true;
151}
152
153static size_t GetSignatureSize(const string& private_key_path) {
154 const chromeos::Blob data(1, 'x');
155 chromeos::Blob hash;
156 EXPECT_TRUE(OmahaHashCalculator::RawHashOfData(data, &hash));
157 chromeos::Blob signature;
158 EXPECT_TRUE(PayloadSigner::SignHash(hash,
159 private_key_path,
160 &signature));
161 return signature.size();
162}
163
164static bool InsertSignaturePlaceholder(int signature_size,
165 const string& payload_path,
166 uint64_t* out_metadata_size) {
167 vector<chromeos::Blob> signatures;
168 signatures.push_back(chromeos::Blob(signature_size, 0));
169
170 return PayloadSigner::AddSignatureToPayload(
171 payload_path,
172 signatures,
173 payload_path,
174 out_metadata_size);
175}
176
177static void SignGeneratedPayload(const string& payload_path,
178 uint64_t* out_metadata_size) {
179 int signature_size = GetSignatureSize(kUnittestPrivateKeyPath);
180 chromeos::Blob hash;
181 ASSERT_TRUE(PayloadSigner::HashPayloadForSigning(
182 payload_path,
183 vector<int>(1, signature_size),
184 &hash));
185 chromeos::Blob signature;
186 ASSERT_TRUE(PayloadSigner::SignHash(hash,
187 kUnittestPrivateKeyPath,
188 &signature));
189 ASSERT_TRUE(PayloadSigner::AddSignatureToPayload(
190 payload_path,
191 vector<chromeos::Blob>(1, signature),
192 payload_path,
193 out_metadata_size));
194 EXPECT_TRUE(PayloadVerifier::VerifySignedPayload(
195 payload_path,
Alex Deymob552a682015-09-30 09:36:49 -0700[diff] [blame]196 kUnittestPublicKeyPath));
Sen Jianga4365d62015-09-25 10:52:25 -0700[diff] [blame]197}
198
199static void SignGeneratedShellPayload(SignatureTest signature_test,
200 const string& payload_path) {
201 string private_key_path = kUnittestPrivateKeyPath;
202 if (signature_test == kSignatureGeneratedShellBadKey) {
203 ASSERT_TRUE(utils::MakeTempFile("key.XXXXXX",
204 &private_key_path,
205 nullptr));
206 } else {
207 ASSERT_TRUE(signature_test == kSignatureGeneratedShell ||
208 signature_test == kSignatureGeneratedShellRotateCl1 ||
209 signature_test == kSignatureGeneratedShellRotateCl2);
210 }
211 ScopedPathUnlinker key_unlinker(private_key_path);
212 key_unlinker.set_should_remove(signature_test ==
213 kSignatureGeneratedShellBadKey);
214 // Generates a new private key that will not match the public key.
215 if (signature_test == kSignatureGeneratedShellBadKey) {
216 LOG(INFO) << "Generating a mismatched private key.";
217 ASSERT_EQ(0, System(base::StringPrintf(
218 "openssl genrsa -out %s 2048", private_key_path.c_str())));
219 }
220 int signature_size = GetSignatureSize(private_key_path);
221 string hash_file;
222 ASSERT_TRUE(utils::MakeTempFile("hash.XXXXXX", &hash_file, nullptr));
223 ScopedPathUnlinker hash_unlinker(hash_file);
224 string signature_size_string;
225 if (signature_test == kSignatureGeneratedShellRotateCl1 ||
226 signature_test == kSignatureGeneratedShellRotateCl2)
227 signature_size_string = base::StringPrintf("%d:%d",
228 signature_size, signature_size);
229 else
230 signature_size_string = base::StringPrintf("%d", signature_size);
231 ASSERT_EQ(0,
232 System(base::StringPrintf(
233 "./delta_generator -in_file=%s -signature_size=%s "
234 "-out_hash_file=%s",
235 payload_path.c_str(),
236 signature_size_string.c_str(),
237 hash_file.c_str())));
238
239 // Pad the hash
240 chromeos::Blob hash;
241 ASSERT_TRUE(utils::ReadFile(hash_file, &hash));
242 ASSERT_TRUE(PayloadVerifier::PadRSA2048SHA256Hash(&hash));
243 ASSERT_TRUE(test_utils::WriteFileVector(hash_file, hash));
244
245 string sig_file;
246 ASSERT_TRUE(utils::MakeTempFile("signature.XXXXXX", &sig_file, nullptr));
247 ScopedPathUnlinker sig_unlinker(sig_file);
248 ASSERT_EQ(0,
249 System(base::StringPrintf(
250 "openssl rsautl -raw -sign -inkey %s -in %s -out %s",
251 private_key_path.c_str(),
252 hash_file.c_str(),
253 sig_file.c_str())));
254 string sig_file2;
255 ASSERT_TRUE(utils::MakeTempFile("signature.XXXXXX", &sig_file2, nullptr));
256 ScopedPathUnlinker sig2_unlinker(sig_file2);
257 if (signature_test == kSignatureGeneratedShellRotateCl1 ||
258 signature_test == kSignatureGeneratedShellRotateCl2) {
259 ASSERT_EQ(0,
260 System(base::StringPrintf(
261 "openssl rsautl -raw -sign -inkey %s -in %s -out %s",
262 kUnittestPrivateKey2Path,
263 hash_file.c_str(),
264 sig_file2.c_str())));
265 // Append second sig file to first path
266 sig_file += ":" + sig_file2;
267 }
268
269 ASSERT_EQ(0,
270 System(base::StringPrintf(
271 "./delta_generator -in_file=%s -signature_file=%s "
272 "-out_file=%s",
273 payload_path.c_str(),
274 sig_file.c_str(),
275 payload_path.c_str())));
276 int verify_result =
277 System(base::StringPrintf(
278 "./delta_generator -in_file=%s -public_key=%s -public_key_version=%d",
279 payload_path.c_str(),
280 signature_test == kSignatureGeneratedShellRotateCl2 ?
281 kUnittestPublicKey2Path : kUnittestPublicKeyPath,
282 signature_test == kSignatureGeneratedShellRotateCl2 ? 2 : 1));
283 if (signature_test == kSignatureGeneratedShellBadKey) {
284 ASSERT_NE(0, verify_result);
285 } else {
286 ASSERT_EQ(0, verify_result);
287 }
288}
289
290static void GenerateDeltaFile(bool full_kernel,
291 bool full_rootfs,
292 bool noop,
293 ssize_t chunk_size,
294 SignatureTest signature_test,
295 DeltaState *state,
296 uint32_t minor_version) {
297 EXPECT_TRUE(utils::MakeTempFile("a_img.XXXXXX", &state->a_img, nullptr));
298 EXPECT_TRUE(utils::MakeTempFile("b_img.XXXXXX", &state->b_img, nullptr));
299
300 // result_img is used in minor version 2. Instead of applying the update
301 // in-place on A, we apply it to a new image, result_img.
302 EXPECT_TRUE(
303 utils::MakeTempFile("result_img.XXXXXX", &state->result_img, nullptr));
304 test_utils::CreateExtImageAtPath(state->a_img, nullptr);
305
306 state->image_size = utils::FileSize(state->a_img);
307
308 // Extend the "partitions" holding the file system a bit.
309 EXPECT_EQ(0, HANDLE_EINTR(truncate(state->a_img.c_str(),
310 state->image_size + 1024 * 1024)));
311 EXPECT_EQ(state->image_size + 1024 * 1024, utils::FileSize(state->a_img));
312
313 // Create ImageInfo A & B
314 ImageInfo old_image_info;
315 ImageInfo new_image_info;
316
317 if (!full_rootfs) {
318 old_image_info.set_channel("src-channel");
319 old_image_info.set_board("src-board");
320 old_image_info.set_version("src-version");
321 old_image_info.set_key("src-key");
322 old_image_info.set_build_channel("src-build-channel");
323 old_image_info.set_build_version("src-build-version");
324 }
325
326 new_image_info.set_channel("test-channel");
327 new_image_info.set_board("test-board");
328 new_image_info.set_version("test-version");
329 new_image_info.set_key("test-key");
330 new_image_info.set_build_channel("test-build-channel");
331 new_image_info.set_build_version("test-build-version");
332
333 // Make some changes to the A image.
334 {
335 string a_mnt;
336 ScopedLoopMounter b_mounter(state->a_img, &a_mnt, 0);
337
338 chromeos::Blob hardtocompress;
339 while (hardtocompress.size() < 3 * kBlockSize) {
340 hardtocompress.insert(hardtocompress.end(),
341 std::begin(kRandomString), std::end(kRandomString));
342 }
343 EXPECT_TRUE(utils::WriteFile(base::StringPrintf("%s/hardtocompress",
344 a_mnt.c_str()).c_str(),
345 hardtocompress.data(),
346 hardtocompress.size()));
347
348 chromeos::Blob zeros(16 * 1024, 0);
349 EXPECT_EQ(zeros.size(),
350 base::WriteFile(base::FilePath(base::StringPrintf(
351 "%s/move-to-sparse", a_mnt.c_str())),
352 reinterpret_cast<const char*>(zeros.data()),
353 zeros.size()));
354
355 EXPECT_TRUE(
356 WriteSparseFile(base::StringPrintf("%s/move-from-sparse",
357 a_mnt.c_str()), 16 * 1024));
358
359 EXPECT_EQ(0,
360 System(base::StringPrintf("dd if=/dev/zero of=%s/move-semi-sparse"
361 " bs=1 seek=4096 count=1 status=none",
362 a_mnt.c_str()).c_str()));
363
364 // Write 1 MiB of 0xff to try to catch the case where writing a bsdiff
365 // patch fails to zero out the final block.
366 chromeos::Blob ones(1024 * 1024, 0xff);
367 EXPECT_TRUE(utils::WriteFile(base::StringPrintf("%s/ones",
368 a_mnt.c_str()).c_str(),
369 ones.data(),
370 ones.size()));
371 }
372
373 if (noop) {
374 EXPECT_TRUE(base::CopyFile(base::FilePath(state->a_img),
375 base::FilePath(state->b_img)));
376 old_image_info = new_image_info;
377 } else {
378 if (minor_version == kSourceMinorPayloadVersion) {
379 // Create a result image with image_size bytes of garbage, followed by
380 // zeroes after the rootfs, like image A and B have.
381 chromeos::Blob ones(state->image_size, 0xff);
382 ones.insert(ones.end(), 1024 * 1024, 0);
383 EXPECT_TRUE(utils::WriteFile(state->result_img.c_str(),
384 ones.data(),
385 ones.size()));
386 EXPECT_EQ(utils::FileSize(state->a_img),
387 utils::FileSize(state->result_img));
388 }
389
390 test_utils::CreateExtImageAtPath(state->b_img, nullptr);
391 EXPECT_EQ(0, HANDLE_EINTR(truncate(state->b_img.c_str(),
392 state->image_size + 1024 * 1024)));
393 EXPECT_EQ(state->image_size + 1024 * 1024, utils::FileSize(state->b_img));
394
395 // Make some changes to the B image.
396 string b_mnt;
397 ScopedLoopMounter b_mounter(state->b_img, &b_mnt, 0);
398
399 EXPECT_EQ(0, System(base::StringPrintf("cp %s/hello %s/hello2",
400 b_mnt.c_str(),
401 b_mnt.c_str()).c_str()));
402 EXPECT_EQ(0, System(base::StringPrintf("rm %s/hello",
403 b_mnt.c_str()).c_str()));
404 EXPECT_EQ(0, System(base::StringPrintf("mv %s/hello2 %s/hello",
405 b_mnt.c_str(),
406 b_mnt.c_str()).c_str()));
407 EXPECT_EQ(0, System(base::StringPrintf("echo foo > %s/foo",
408 b_mnt.c_str()).c_str()));
409 EXPECT_EQ(0, System(base::StringPrintf("touch %s/emptyfile",
410 b_mnt.c_str()).c_str()));
411 EXPECT_TRUE(WriteSparseFile(base::StringPrintf("%s/fullsparse",
412 b_mnt.c_str()),
413 1024 * 1024));
414
415 EXPECT_TRUE(
416 WriteSparseFile(base::StringPrintf("%s/move-to-sparse", b_mnt.c_str()),
417 16 * 1024));
418
419 chromeos::Blob zeros(16 * 1024, 0);
420 EXPECT_EQ(zeros.size(),
421 base::WriteFile(base::FilePath(base::StringPrintf(
422 "%s/move-from-sparse", b_mnt.c_str())),
423 reinterpret_cast<const char*>(zeros.data()),
424 zeros.size()));
425
426 EXPECT_EQ(0, System(base::StringPrintf("dd if=/dev/zero "
427 "of=%s/move-semi-sparse "
428 "bs=1 seek=4096 count=1 status=none",
429 b_mnt.c_str()).c_str()));
430
431 EXPECT_EQ(0, System(base::StringPrintf("dd if=/dev/zero "
432 "of=%s/partsparse bs=1 "
433 "seek=4096 count=1 status=none",
434 b_mnt.c_str()).c_str()));
435 EXPECT_EQ(0, System(base::StringPrintf("cp %s/srchardlink0 %s/tmp && "
436 "mv %s/tmp %s/srchardlink1",
437 b_mnt.c_str(),
438 b_mnt.c_str(),
439 b_mnt.c_str(),
440 b_mnt.c_str()).c_str()));
441 EXPECT_EQ(0, System(
442 base::StringPrintf("rm %s/boguslink && echo foobar > %s/boguslink",
443 b_mnt.c_str(), b_mnt.c_str()).c_str()));
444
445 chromeos::Blob hardtocompress;
446 while (hardtocompress.size() < 3 * kBlockSize) {
447 hardtocompress.insert(hardtocompress.end(),
448 std::begin(kRandomString), std::end(kRandomString));
449 }
450 EXPECT_TRUE(utils::WriteFile(base::StringPrintf("%s/hardtocompress",
451 b_mnt.c_str()).c_str(),
452 hardtocompress.data(),
453 hardtocompress.size()));
454 }
455
456 string old_kernel;
457 EXPECT_TRUE(utils::MakeTempFile("old_kernel.XXXXXX",
458 &state->old_kernel,
459 nullptr));
460
461 string new_kernel;
462 EXPECT_TRUE(utils::MakeTempFile("new_kernel.XXXXXX",
463 &state->new_kernel,
464 nullptr));
465
466 string result_kernel;
467 EXPECT_TRUE(utils::MakeTempFile("result_kernel.XXXXXX",
468 &state->result_kernel,
469 nullptr));
470
471 state->kernel_size = kDefaultKernelSize;
472 state->old_kernel_data.resize(kDefaultKernelSize);
473 state->new_kernel_data.resize(state->old_kernel_data.size());
474 state->result_kernel_data.resize(state->old_kernel_data.size());
475 test_utils::FillWithData(&state->old_kernel_data);
476 test_utils::FillWithData(&state->new_kernel_data);
477 test_utils::FillWithData(&state->result_kernel_data);
478
479 // change the new kernel data
480 std::copy(std::begin(kNewData), std::end(kNewData),
481 state->new_kernel_data.begin());
482
483 if (noop) {
484 state->old_kernel_data = state->new_kernel_data;
485 }
486
487 // Write kernels to disk
488 EXPECT_TRUE(utils::WriteFile(state->old_kernel.c_str(),
489 state->old_kernel_data.data(),
490 state->old_kernel_data.size()));
491 EXPECT_TRUE(utils::WriteFile(state->new_kernel.c_str(),
492 state->new_kernel_data.data(),
493 state->new_kernel_data.size()));
494 EXPECT_TRUE(utils::WriteFile(state->result_kernel.c_str(),
495 state->result_kernel_data.data(),
496 state->result_kernel_data.size()));
497
498 EXPECT_TRUE(utils::MakeTempFile("delta.XXXXXX",
499 &state->delta_path,
500 nullptr));
501 LOG(INFO) << "delta path: " << state->delta_path;
502 {
503 const string private_key =
504 signature_test == kSignatureGenerator ? kUnittestPrivateKeyPath : "";
505
506 PayloadGenerationConfig payload_config;
507 payload_config.is_delta = !full_rootfs;
508 payload_config.hard_chunk_size = chunk_size;
509 payload_config.rootfs_partition_size = kRootFSPartitionSize;
510 payload_config.major_version = kChromeOSMajorPayloadVersion;
511 payload_config.minor_version = minor_version;
512 if (!full_rootfs) {
513 payload_config.source.rootfs.path = state->a_img;
514 if (!full_kernel)
515 payload_config.source.kernel.path = state->old_kernel;
516 payload_config.source.image_info = old_image_info;
517 EXPECT_TRUE(payload_config.source.LoadImageSize());
518 EXPECT_TRUE(payload_config.source.rootfs.OpenFilesystem());
519 EXPECT_TRUE(payload_config.source.kernel.OpenFilesystem());
520 } else {
521 if (payload_config.hard_chunk_size == -1)
522 // Use 1 MiB chunk size for the full unittests.
523 payload_config.hard_chunk_size = 1024 * 1024;
524 }
525 payload_config.target.rootfs.path = state->b_img;
526 payload_config.target.kernel.path = state->new_kernel;
527 payload_config.target.image_info = new_image_info;
528 EXPECT_TRUE(payload_config.target.LoadImageSize());
529 EXPECT_TRUE(payload_config.target.rootfs.OpenFilesystem());
530 EXPECT_TRUE(payload_config.target.kernel.OpenFilesystem());
531
532 EXPECT_TRUE(payload_config.Validate());
533 EXPECT_TRUE(
534 GenerateUpdatePayloadFile(
535 payload_config,
536 state->delta_path,
537 private_key,
538 &state->metadata_size));
539 }
540
541 if (signature_test == kSignatureGeneratedPlaceholder ||
542 signature_test == kSignatureGeneratedPlaceholderMismatch) {
543 int signature_size = GetSignatureSize(kUnittestPrivateKeyPath);
544 LOG(INFO) << "Inserting placeholder signature.";
545 ASSERT_TRUE(InsertSignaturePlaceholder(signature_size, state->delta_path,
546 &state->metadata_size));
547
548 if (signature_test == kSignatureGeneratedPlaceholderMismatch) {
549 signature_size -= 1;
550 LOG(INFO) << "Inserting mismatched placeholder signature.";
551 ASSERT_FALSE(InsertSignaturePlaceholder(signature_size, state->delta_path,
552 &state->metadata_size));
553 return;
554 }
555 }
556
557 if (signature_test == kSignatureGenerated ||
558 signature_test == kSignatureGeneratedPlaceholder ||
559 signature_test == kSignatureGeneratedPlaceholderMismatch) {
560 // Generate the signed payload and update the metadata size in state to
561 // reflect the new size after adding the signature operation to the
562 // manifest.
563 LOG(INFO) << "Signing payload.";
564 SignGeneratedPayload(state->delta_path, &state->metadata_size);
565 } else if (signature_test == kSignatureGeneratedShell ||
566 signature_test == kSignatureGeneratedShellBadKey ||
567 signature_test == kSignatureGeneratedShellRotateCl1 ||
568 signature_test == kSignatureGeneratedShellRotateCl2) {
569 SignGeneratedShellPayload(signature_test, state->delta_path);
570 }
571}
572
573static void ApplyDeltaFile(bool full_kernel, bool full_rootfs, bool noop,
574 SignatureTest signature_test, DeltaState* state,
575 bool hash_checks_mandatory,
576 OperationHashTest op_hash_test,
577 DeltaPerformer** performer,
578 uint32_t minor_version) {
579 // Check the metadata.
580 {
581 DeltaArchiveManifest manifest;
582 EXPECT_TRUE(PayloadVerifier::LoadPayload(state->delta_path,
583 &state->delta,
584 &manifest,
585 &state->metadata_size));
586 LOG(INFO) << "Metadata size: " << state->metadata_size;
587
588
589
590 if (signature_test == kSignatureNone) {
591 EXPECT_FALSE(manifest.has_signatures_offset());
592 EXPECT_FALSE(manifest.has_signatures_size());
593 } else {
594 EXPECT_TRUE(manifest.has_signatures_offset());
595 EXPECT_TRUE(manifest.has_signatures_size());
596 Signatures sigs_message;
597 EXPECT_TRUE(sigs_message.ParseFromArray(
598 &state->delta[state->metadata_size + manifest.signatures_offset()],
599 manifest.signatures_size()));
600 if (signature_test == kSignatureGeneratedShellRotateCl1 ||
601 signature_test == kSignatureGeneratedShellRotateCl2)
602 EXPECT_EQ(2, sigs_message.signatures_size());
603 else
604 EXPECT_EQ(1, sigs_message.signatures_size());
605 const Signatures_Signature& signature = sigs_message.signatures(0);
606 EXPECT_EQ(1, signature.version());
607
608 uint64_t expected_sig_data_length = 0;
609 vector<string> key_paths{kUnittestPrivateKeyPath};
610 if (signature_test == kSignatureGeneratedShellRotateCl1 ||
611 signature_test == kSignatureGeneratedShellRotateCl2) {
612 key_paths.push_back(kUnittestPrivateKey2Path);
613 }
614 EXPECT_TRUE(PayloadSigner::SignatureBlobLength(
615 key_paths,
616 &expected_sig_data_length));
617 EXPECT_EQ(expected_sig_data_length, manifest.signatures_size());
618 EXPECT_FALSE(signature.data().empty());
619 }
620
621 if (noop) {
622 EXPECT_EQ(0, manifest.install_operations_size());
623 EXPECT_EQ(1, manifest.kernel_install_operations_size());
624 }
625
626 if (full_kernel) {
627 EXPECT_FALSE(manifest.has_old_kernel_info());
628 } else {
629 EXPECT_EQ(state->old_kernel_data.size(),
630 manifest.old_kernel_info().size());
631 EXPECT_FALSE(manifest.old_kernel_info().hash().empty());
632 }
633
634 EXPECT_EQ(manifest.new_image_info().channel(), "test-channel");
635 EXPECT_EQ(manifest.new_image_info().board(), "test-board");
636 EXPECT_EQ(manifest.new_image_info().version(), "test-version");
637 EXPECT_EQ(manifest.new_image_info().key(), "test-key");
638 EXPECT_EQ(manifest.new_image_info().build_channel(), "test-build-channel");
639 EXPECT_EQ(manifest.new_image_info().build_version(), "test-build-version");
640
641 if (!full_rootfs) {
642 if (noop) {
643 EXPECT_EQ(manifest.old_image_info().channel(), "test-channel");
644 EXPECT_EQ(manifest.old_image_info().board(), "test-board");
645 EXPECT_EQ(manifest.old_image_info().version(), "test-version");
646 EXPECT_EQ(manifest.old_image_info().key(), "test-key");
647 EXPECT_EQ(manifest.old_image_info().build_channel(),
648 "test-build-channel");
649 EXPECT_EQ(manifest.old_image_info().build_version(),
650 "test-build-version");
651 } else {
652 EXPECT_EQ(manifest.old_image_info().channel(), "src-channel");
653 EXPECT_EQ(manifest.old_image_info().board(), "src-board");
654 EXPECT_EQ(manifest.old_image_info().version(), "src-version");
655 EXPECT_EQ(manifest.old_image_info().key(), "src-key");
656 EXPECT_EQ(manifest.old_image_info().build_channel(),
657 "src-build-channel");
658 EXPECT_EQ(manifest.old_image_info().build_version(),
659 "src-build-version");
660 }
661 }
662
663
664 if (full_rootfs) {
665 EXPECT_FALSE(manifest.has_old_rootfs_info());
666 EXPECT_FALSE(manifest.has_old_image_info());
667 EXPECT_TRUE(manifest.has_new_image_info());
668 } else {
669 EXPECT_EQ(state->image_size, manifest.old_rootfs_info().size());
670 EXPECT_FALSE(manifest.old_rootfs_info().hash().empty());
671 }
672
673 EXPECT_EQ(state->new_kernel_data.size(), manifest.new_kernel_info().size());
674 EXPECT_EQ(state->image_size, manifest.new_rootfs_info().size());
675
676 EXPECT_FALSE(manifest.new_kernel_info().hash().empty());
677 EXPECT_FALSE(manifest.new_rootfs_info().hash().empty());
678 }
679
680 MockPrefs prefs;
681 EXPECT_CALL(prefs, SetInt64(kPrefsManifestMetadataSize,
682 state->metadata_size)).WillOnce(Return(true));
683 EXPECT_CALL(prefs, SetInt64(kPrefsUpdateStateNextOperation, _))
684 .WillRepeatedly(Return(true));
685 EXPECT_CALL(prefs, GetInt64(kPrefsUpdateStateNextOperation, _))
686 .WillOnce(Return(false));
687 EXPECT_CALL(prefs, SetInt64(kPrefsUpdateStateNextDataOffset, _))
688 .WillRepeatedly(Return(true));
689 EXPECT_CALL(prefs, SetInt64(kPrefsUpdateStateNextDataLength, _))
690 .WillRepeatedly(Return(true));
691 EXPECT_CALL(prefs, SetString(kPrefsUpdateStateSHA256Context, _))
692 .WillRepeatedly(Return(true));
693 if (op_hash_test == kValidOperationData && signature_test != kSignatureNone) {
694 EXPECT_CALL(prefs, SetString(kPrefsUpdateStateSignedSHA256Context, _))
695 .WillOnce(Return(true));
696 EXPECT_CALL(prefs, SetString(kPrefsUpdateStateSignatureBlob, _))
697 .WillOnce(Return(true));
698 }
699
700 // Update the A image in place.
701 InstallPlan install_plan;
702 install_plan.hash_checks_mandatory = hash_checks_mandatory;
703 install_plan.metadata_size = state->metadata_size;
704 install_plan.is_full_update = full_kernel && full_rootfs;
705 install_plan.source_path = state->a_img.c_str();
706 install_plan.kernel_source_path = state->old_kernel.c_str();
707
708 LOG(INFO) << "Setting payload metadata size in Omaha = "
709 << state->metadata_size;
710 ASSERT_TRUE(PayloadSigner::GetMetadataSignature(
711 state->delta.data(),
712 state->metadata_size,
713 kUnittestPrivateKeyPath,
714 &install_plan.metadata_signature));
715 EXPECT_FALSE(install_plan.metadata_signature.empty());
716
717 *performer = new DeltaPerformer(&prefs,
718 &state->fake_system_state,
719 &install_plan);
720 EXPECT_TRUE(utils::FileExists(kUnittestPublicKeyPath));
721 (*performer)->set_public_key_path(kUnittestPublicKeyPath);
722 DeltaPerformerIntegrationTest::SetSupportedVersion(*performer, minor_version);
723
724 EXPECT_EQ(state->image_size,
725 OmahaHashCalculator::RawHashOfFile(
726 state->a_img,
727 state->image_size,
728 &install_plan.source_rootfs_hash));
729 EXPECT_TRUE(OmahaHashCalculator::RawHashOfData(
730 state->old_kernel_data,
731 &install_plan.source_kernel_hash));
732
733 // With minor version 2, we want the target to be the new image, result_img,
734 // but with version 1, we want to update A in place.
735 if (minor_version == kSourceMinorPayloadVersion) {
736 EXPECT_EQ(0, (*performer)->Open(state->result_img.c_str(), 0, 0));
737 EXPECT_TRUE((*performer)->OpenKernel(state->result_kernel.c_str()));
738 } else {
739 EXPECT_EQ(0, (*performer)->Open(state->a_img.c_str(), 0, 0));
740 EXPECT_TRUE((*performer)->OpenKernel(state->old_kernel.c_str()));
741 }
742
743
744 ErrorCode expected_error, actual_error;
745 bool continue_writing;
746 switch (op_hash_test) {
747 case kInvalidOperationData: {
748 // Muck with some random offset post the metadata size so that
749 // some operation hash will result in a mismatch.
750 int some_offset = state->metadata_size + 300;
751 LOG(INFO) << "Tampered value at offset: " << some_offset;
752 state->delta[some_offset]++;
753 expected_error = ErrorCode::kDownloadOperationHashMismatch;
754 continue_writing = false;
755 break;
756 }
757
758 case kValidOperationData:
759 default:
760 // no change.
761 expected_error = ErrorCode::kSuccess;
762 continue_writing = true;
763 break;
764 }
765
766 // Write at some number of bytes per operation. Arbitrarily chose 5.
767 const size_t kBytesPerWrite = 5;
768 for (size_t i = 0; i < state->delta.size(); i += kBytesPerWrite) {
769 size_t count = std::min(state->delta.size() - i, kBytesPerWrite);
770 bool write_succeeded = ((*performer)->Write(&state->delta[i],
771 count,
772 &actual_error));
773 // Normally write_succeeded should be true every time and
774 // actual_error should be ErrorCode::kSuccess. If so, continue the loop.
775 // But if we seeded an operation hash error above, then write_succeeded
776 // will be false. The failure may happen at any operation n. So, all
777 // Writes until n-1 should succeed and the nth operation will fail with
778 // actual_error. In this case, we should bail out of the loop because
779 // we cannot proceed applying the delta.
780 if (!write_succeeded) {
781 LOG(INFO) << "Write failed. Checking if it failed with expected error";
782 EXPECT_EQ(expected_error, actual_error);
783 if (!continue_writing) {
784 LOG(INFO) << "Cannot continue writing. Bailing out.";
785 break;
786 }
787 }
788
789 EXPECT_EQ(ErrorCode::kSuccess, actual_error);
790 }
791
792 // If we had continued all the way through, Close should succeed.
793 // Otherwise, it should fail. Check appropriately.
794 bool close_result = (*performer)->Close();
795 if (continue_writing)
796 EXPECT_EQ(0, close_result);
797 else
798 EXPECT_LE(0, close_result);
799}
800
801void VerifyPayloadResult(DeltaPerformer* performer,
802 DeltaState* state,
803 ErrorCode expected_result,
804 uint32_t minor_version) {
805 if (!performer) {
806 EXPECT_TRUE(!"Skipping payload verification since performer is null.");
807 return;
808 }
809
810 int expected_times = (expected_result == ErrorCode::kSuccess) ? 1 : 0;
811 EXPECT_CALL(*(state->fake_system_state.mock_payload_state()),
812 DownloadComplete()).Times(expected_times);
813
814 LOG(INFO) << "Verifying payload for expected result "
815 << expected_result;
816 EXPECT_EQ(expected_result, performer->VerifyPayload(
817 OmahaHashCalculator::OmahaHashOfData(state->delta),
818 state->delta.size()));
819 LOG(INFO) << "Verified payload.";
820
821 if (expected_result != ErrorCode::kSuccess) {
822 // no need to verify new partition if VerifyPayload failed.
823 return;
824 }
825
826 chromeos::Blob updated_kernel_partition;
827 if (minor_version == kSourceMinorPayloadVersion) {
828 CompareFilesByBlock(state->result_kernel, state->new_kernel,
829 state->kernel_size);
830 CompareFilesByBlock(state->result_img, state->b_img,
831 state->image_size);
832 EXPECT_TRUE(utils::ReadFile(state->result_kernel,
833 &updated_kernel_partition));
834 } else {
835 CompareFilesByBlock(state->old_kernel, state->new_kernel,
836 state->kernel_size);
837 CompareFilesByBlock(state->a_img, state->b_img,
838 state->image_size);
839 EXPECT_TRUE(utils::ReadFile(state->old_kernel, &updated_kernel_partition));
840 }
841
842 ASSERT_GE(updated_kernel_partition.size(), arraysize(kNewData));
843 EXPECT_TRUE(std::equal(std::begin(kNewData), std::end(kNewData),
844 updated_kernel_partition.begin()));
845
846 uint64_t new_kernel_size;
847 chromeos::Blob new_kernel_hash;
848 uint64_t new_rootfs_size;
849 chromeos::Blob new_rootfs_hash;
850 EXPECT_TRUE(performer->GetNewPartitionInfo(&new_kernel_size,
851 &new_kernel_hash,
852 &new_rootfs_size,
853 &new_rootfs_hash));
854 EXPECT_EQ(kDefaultKernelSize, new_kernel_size);
855 chromeos::Blob expected_new_kernel_hash;
856 EXPECT_TRUE(OmahaHashCalculator::RawHashOfData(state->new_kernel_data,
857 &expected_new_kernel_hash));
858 EXPECT_TRUE(expected_new_kernel_hash == new_kernel_hash);
859 EXPECT_EQ(state->image_size, new_rootfs_size);
860 chromeos::Blob expected_new_rootfs_hash;
861 EXPECT_EQ(state->image_size,
862 OmahaHashCalculator::RawHashOfFile(state->b_img,
863 state->image_size,
864 &expected_new_rootfs_hash));
865 EXPECT_TRUE(expected_new_rootfs_hash == new_rootfs_hash);
866}
867
868void VerifyPayload(DeltaPerformer* performer,
869 DeltaState* state,
870 SignatureTest signature_test,
871 uint32_t minor_version) {
872 ErrorCode expected_result = ErrorCode::kSuccess;
873 switch (signature_test) {
874 case kSignatureNone:
875 expected_result = ErrorCode::kSignedDeltaPayloadExpectedError;
876 break;
877 case kSignatureGeneratedShellBadKey:
878 expected_result = ErrorCode::kDownloadPayloadPubKeyVerificationError;
879 break;
880 default: break; // appease gcc
881 }
882
883 VerifyPayloadResult(performer, state, expected_result, minor_version);
884}
885
886void DoSmallImageTest(bool full_kernel, bool full_rootfs, bool noop,
887 ssize_t chunk_size,
888 SignatureTest signature_test,
889 bool hash_checks_mandatory, uint32_t minor_version) {
890 DeltaState state;
891 DeltaPerformer *performer = nullptr;
892 GenerateDeltaFile(full_kernel, full_rootfs, noop, chunk_size,
893 signature_test, &state, minor_version);
894
895 ScopedPathUnlinker a_img_unlinker(state.a_img);
896 ScopedPathUnlinker b_img_unlinker(state.b_img);
897 ScopedPathUnlinker new_img_unlinker(state.result_img);
898 ScopedPathUnlinker delta_unlinker(state.delta_path);
899 ScopedPathUnlinker old_kernel_unlinker(state.old_kernel);
900 ScopedPathUnlinker new_kernel_unlinker(state.new_kernel);
901 ScopedPathUnlinker result_kernel_unlinker(state.result_kernel);
902 ApplyDeltaFile(full_kernel, full_rootfs, noop, signature_test,
903 &state, hash_checks_mandatory, kValidOperationData,
904 &performer, minor_version);
905 VerifyPayload(performer, &state, signature_test, minor_version);
906 delete performer;
907}
908
909void DoOperationHashMismatchTest(OperationHashTest op_hash_test,
910 bool hash_checks_mandatory) {
911 DeltaState state;
Alex Deymocbf09892015-09-11 16:13:16 -0700[diff] [blame]912 uint64_t minor_version = kFullPayloadMinorVersion;
Sen Jianga4365d62015-09-25 10:52:25 -0700[diff] [blame]913 GenerateDeltaFile(true, true, false, -1, kSignatureGenerated, &state,
914 minor_version);
915 ScopedPathUnlinker a_img_unlinker(state.a_img);
916 ScopedPathUnlinker b_img_unlinker(state.b_img);
917 ScopedPathUnlinker delta_unlinker(state.delta_path);
918 ScopedPathUnlinker old_kernel_unlinker(state.old_kernel);
919 ScopedPathUnlinker new_kernel_unlinker(state.new_kernel);
920 DeltaPerformer *performer = nullptr;
921 ApplyDeltaFile(true, true, false, kSignatureGenerated, &state,
922 hash_checks_mandatory, op_hash_test, &performer,
923 minor_version);
924 delete performer;
925}
926
927
928TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageTest) {
929 DoSmallImageTest(false, false, false, -1, kSignatureGenerator,
930 false, kInPlaceMinorPayloadVersion);
931}
932
933TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignaturePlaceholderTest) {
934 DoSmallImageTest(false, false, false, -1, kSignatureGeneratedPlaceholder,
935 false, kInPlaceMinorPayloadVersion);
936}
937
938TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignaturePlaceholderMismatchTest) {
939 DeltaState state;
940 GenerateDeltaFile(false, false, false, -1,
941 kSignatureGeneratedPlaceholderMismatch, &state,
942 kInPlaceMinorPayloadVersion);
943}
944
945TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageChunksTest) {
946 DoSmallImageTest(false, false, false, kBlockSize, kSignatureGenerator,
947 false, kInPlaceMinorPayloadVersion);
948}
949
950TEST(DeltaPerformerIntegrationTest, RunAsRootFullKernelSmallImageTest) {
951 DoSmallImageTest(true, false, false, -1, kSignatureGenerator,
952 false, kInPlaceMinorPayloadVersion);
953}
954
955TEST(DeltaPerformerIntegrationTest, RunAsRootFullSmallImageTest) {
956 DoSmallImageTest(true, true, false, -1, kSignatureGenerator,
Alex Deymocbf09892015-09-11 16:13:16 -0700[diff] [blame]957 true, kFullPayloadMinorVersion);
Sen Jianga4365d62015-09-25 10:52:25 -0700[diff] [blame]958}
959
960TEST(DeltaPerformerIntegrationTest, RunAsRootNoopSmallImageTest) {
961 DoSmallImageTest(false, false, true, -1, kSignatureGenerator,
962 false, kInPlaceMinorPayloadVersion);
963}
964
965TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignNoneTest) {
966 DoSmallImageTest(false, false, false, -1, kSignatureNone,
967 false, kInPlaceMinorPayloadVersion);
968}
969
970TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignGeneratedTest) {
971 DoSmallImageTest(false, false, false, -1, kSignatureGenerated,
972 true, kInPlaceMinorPayloadVersion);
973}
974
975TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignGeneratedShellTest) {
976 DoSmallImageTest(false, false, false, -1, kSignatureGeneratedShell,
977 false, kInPlaceMinorPayloadVersion);
978}
979
980TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignGeneratedShellBadKeyTest) {
981 DoSmallImageTest(false, false, false, -1, kSignatureGeneratedShellBadKey,
982 false, kInPlaceMinorPayloadVersion);
983}
984
985TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignGeneratedShellRotateCl1Test) {
986 DoSmallImageTest(false, false, false, -1, kSignatureGeneratedShellRotateCl1,
987 false, kInPlaceMinorPayloadVersion);
988}
989
990TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSignGeneratedShellRotateCl2Test) {
991 DoSmallImageTest(false, false, false, -1, kSignatureGeneratedShellRotateCl2,
992 false, kInPlaceMinorPayloadVersion);
993}
994
995TEST(DeltaPerformerIntegrationTest, RunAsRootSmallImageSourceOpsTest) {
996 DoSmallImageTest(false, false, false, -1, kSignatureGenerator,
997 false, kSourceMinorPayloadVersion);
998}
999
1000TEST(DeltaPerformerIntegrationTest, RunAsRootMandatoryOperationHashMismatchTest) {
1001 DoOperationHashMismatchTest(kInvalidOperationData, true);
1002}
1003
1004} // namespace chromeos_update_engine