diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2012-03-15 10:00:41 -0700 |
|---|---|---|
| committer | Gerrit <chrome-bot@google.com> | 2012-03-15 12:00:24 -0700 |
| commit | bde0696234c2c665aec56fa4de768d8414af9621 (patch) | |
| tree | b628fcecbeea9dfad8471f0aa6277ca88996e468 | |
| parent | c8b9ca685610397a0748677778ac8416b160d46e (diff) | |
| download | vboot-bde0696234c2c665aec56fa4de768d8414af9621.tar.gz | |
Make vbutil_kernel use correct size when verifying headers.
Added a test to demonstrate the fix.
BUG=none
TEST=manual
make
make runtests
Change-Id: I06e85b993cbe21088641a62d55a3d3ddb696ba76
Reviewed-on: https://gerrit.chromium.org/gerrit/18240
Commit-Ready: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
| -rw-r--r-- | tests/Makefile | 1 | ||||
| -rwxr-xr-x | tests/run_vbutil_kernel_arg_tests.sh | 96 | ||||
| -rw-r--r-- | utility/vbutil_kernel.c | 5 |
3 files changed, 99 insertions, 3 deletions
diff --git a/tests/Makefile b/tests/Makefile index fc4041d5..54129811 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -167,6 +167,7 @@ runmisctests: runfuzztests: ./gen_fuzz_test_cases.sh ./run_preamble_tests.sh + ./run_vbutil_kernel_arg_tests.sh # Run bmpblk_utility tests runbmptests: diff --git a/tests/run_vbutil_kernel_arg_tests.sh b/tests/run_vbutil_kernel_arg_tests.sh new file mode 100755 index 00000000..bba3b488 --- /dev/null +++ b/tests/run_vbutil_kernel_arg_tests.sh @@ -0,0 +1,96 @@ +#!/bin/bash -u +# +# Copyright (c) 2012 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. +# +# Quick test of vbutil_kernel args, to make sure we can pack and unpack +# less-than-full-sized components. +# + +# Load common constants and variables for tests. +. "$(dirname "$0")/common.sh" + +# directories +DATA_DIR="${SCRIPT_DIR}/preamble_tests/data" +TMPDIR="${TEST_DIR}/vbutil_kernel_arg_tests_dir" +[ -d "${TMPDIR}" ] || mkdir -p "${TMPDIR}" + +# Arbitrarily chosen keys and config file. +KEYBLOCK="${DATA_DIR}/kb_0_0.keyblock" +SIGNPRIVATE="${DATA_DIR}/data_0.vbprivk" +SIGNPUBLIC="${DATA_DIR}/root_0.vbpubk" +CONFIG="${DATA_DIR}/dummy_config.txt" + +# Create some big and little files for the kernel and bootloader +BIG="${TMPDIR}/big.bin" +dd if=/dev/urandom bs=32768 count=1 of="${BIG}" 2>/dev/null +SMALL="${TMPDIR}/small.bin" +dd if=/dev/urandom bs=16 count=1 of="${SMALL}" 2>/dev/null + +declare -a KERN_VALS +declare -a BOOT_VALS +KERN_VALS=("--vmlinuz=${BIG}" "--vmlinuz=${SMALL}") +BOOT_VALS=("--bootloader=${BIG}" "--bootloader=${SMALL}") + +tests=0 +errs=0 + +# Pack a bunch of stuff +k=0 +while [ "$k" -lt "${#KERN_VALS[*]}" ]; do + b=0 + while [ "$b" -lt "${#BOOT_VALS[*]}" ]; do + echo -n "pack kern_${k}_${b}.vblock ... " + : $(( tests++ )) + ${UTIL_DIR}/vbutil_kernel --pack "${TMPDIR}/kern_${k}_${b}.vblock" \ + --keyblock "${KEYBLOCK}" \ + --signprivate "${SIGNPRIVATE}" \ + --version 1 \ + --arch arm \ + --config "${CONFIG}" \ + "${KERN_VALS[$k]}" \ + "${BOOT_VALS[$k]}" >/dev/null + if [ "$?" -ne 0 ]; then + echo -e "${COL_RED}FAILED${COL_STOP}" + : $(( errs++ )) + else + echo -e "${COL_GREEN}PASSED${COL_STOP}" + fi + : $(( b++ )) + done + : $(( k++ )) +done + +# Now unpack it +for v in ${TMPDIR}/kern_*.vblock; do + : $(( tests++ )) + vv=$(basename "$v") + echo -n "verify $vv ... " + "${UTIL_DIR}/vbutil_kernel" --verify "$v" >/dev/null + if [ "$?" -ne 0 ]; then + echo -e "${COL_RED}FAILED${COL_STOP}" + : $(( errs++ )) + else + echo -e "${COL_GREEN}PASSED${COL_STOP}" + fi + : $(( tests++ )) + echo -n "verify $vv signed ... " + "${UTIL_DIR}/vbutil_kernel" --verify "$v" \ + --signpubkey "${SIGNPUBLIC}" >/dev/null + if [ "$?" -ne 0 ]; then + echo -e "${COL_RED}FAILED${COL_STOP}" + : $(( errs++ )) + else + echo -e "${COL_GREEN}PASSED${COL_STOP}" + fi +done + +# Summary +ME=$(basename "$0") +if [ "$errs" -ne 0 ]; then + echo -e "${COL_RED}${ME}: ${errs}/${tests} tests failed${COL_STOP}" + exit 1 +fi +happy "${ME}: All ${tests} tests passed" +exit 0 diff --git a/utility/vbutil_kernel.c b/utility/vbutil_kernel.c index f2bd6bad..688d57a1 100644 --- a/utility/vbutil_kernel.c +++ b/utility/vbutil_kernel.c @@ -719,7 +719,7 @@ static int Verify(const char* infile, const char* signpubkey, int verbose, /* Verify key block */ key_block = bp->key_block; - if (0 != KeyBlockVerify(key_block, bp->kern_blob_size, sign_key, + if (0 != KeyBlockVerify(key_block, key_block->key_block_size, sign_key, (sign_key ? 0 : 1))) { VbExError("Error verifying key block.\n"); goto verify_exit; @@ -778,8 +778,7 @@ static int Verify(const char* infile, const char* signpubkey, int verbose, /* Verify preamble */ preamble = bp->preamble; - if (0 != VerifyKernelPreamble( - preamble, bp->kern_blob_size - key_block->key_block_size, rsa)) { + if (0 != VerifyKernelPreamble(preamble, preamble->preamble_size, rsa)) { VbExError("Error verifying preamble.\n"); goto verify_exit; } |