summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBill Richardson <wfrichar@chromium.org>2014-08-27 16:17:04 -0700
committerchrome-internal-fetch <chrome-internal-fetch@google.com>2014-08-29 21:55:46 +0000
commit78d59bffec45da47b4e8a763186723192dd24f87 (patch)
tree66ede5905f2a1e326828b3b4e25af79d2fe9fc9b
parent631c661be0f08a7e4770b7e767b9d57ddf0ba600 (diff)
downloadvboot-78d59bffec45da47b4e8a763186723192dd24f87.tar.gz
cleanup: remove ancient tests that haven't been run in years
There are a number of tests that haven't even been compiled in a LOOOONG time. Let's get them out of the way. We can always put them back later. I'm adding a comment to this CL in the Makefile. BUG=none BRANCH=ToT TEST=make runalltests Change-Id: Id2d9f0b71fc40e4a260f54cf919c6af5e0ff85c5 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/214610 Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat
-rw-r--r--Makefile32
-rw-r--r--tests/big_firmware_tests.c75
-rw-r--r--tests/big_kernel_tests.c77
-rw-r--r--tests/firmware_image_tests.c119
-rw-r--r--tests/firmware_rollback_tests.c92
-rw-r--r--tests/firmware_splicing_tests.c83
-rw-r--r--tests/firmware_verify_benchmark.c139
-rw-r--r--tests/kernel_image_tests.c141
-rw-r--r--tests/kernel_rollback_tests.c156
-rw-r--r--tests/kernel_splicing_tests.c85
-rw-r--r--tests/kernel_verify_benchmark.c159
-rw-r--r--tests/rollback_index_test.c770
-rwxr-xr-xtests/run_image_verification_tests.sh81
-rw-r--r--tests/verify_firmware_fuzz_driver.c66
-rw-r--r--tests/verify_kernel_fuzz_driver.c57
-rw-r--r--utility/load_firmware_test.c250
16 files changed, 3 insertions, 2379 deletions
diff --git a/Makefile b/Makefile
index 70cf79dd..2cdecc03 100644
--- a/Makefile
+++ b/Makefile
@@ -623,24 +623,6 @@ TEST_NAMES += \
endif
-# TODO: port these tests to new API, if not already eqivalent
-# functionality in other tests. These don't even compile at present.
-#
-# big_firmware_tests
-# big_kernel_tests
-# firmware_image_tests
-# firmware_rollback_tests
-# firmware_splicing_tests
-# firmware_verify_benchmark
-# kernel_image_tests
-# kernel_rollback_tests
-# kernel_splicing_tests
-# kernel_verify_benchmark
-# rollback_index_test
-# verify_firmware_fuzz_driver
-# verify_kernel_fuzz_driver
-# utility/load_firmware_test
-
# And a few more...
TLCL_TEST_NAMES = \
tests/tpm_lite/tpmtest_earlyextend \
@@ -1034,9 +1016,6 @@ ${BUILD}/tests/vboot_audio_tests: \
${BUILD}/firmware/lib/vboot_audio_for_test.o
ALL_OBJS += ${BUILD}/firmware/lib/vboot_audio_for_test.o
-${BUILD}/tests/rollback_index_test: INCLUDES += -I/usr/include
-${BUILD}/tests/rollback_index_test: LIBS += -ltlcl
-
TLCL_TEST_BINS = $(addprefix ${BUILD}/,${TLCL_TEST_NAMES})
${TLCL_TEST_BINS}: OBJS += ${BUILD}/tests/tpm_lite/tlcl_tests.o
${TLCL_TEST_BINS}: ${BUILD}/tests/tpm_lite/tlcl_tests.o
@@ -1170,14 +1149,9 @@ endif
tests/run_preamble_tests.sh --all
tests/run_vbutil_tests.sh --all
-# TODO: tests to run when ported to new API
-# ./run_image_verification_tests.sh
-# # Splicing tests
-# ${BUILD}/tests/firmware_splicing_tests
-# ${BUILD}/tests/kernel_splicing_tests
-# # Rollback Tests
-# ${BUILD}/tests/firmware_rollback_tests
-# ${BUILD}/tests/kernel_rollback_tests
+# TODO: There were a number of ancient tests that hadn't been run in years.
+# They were removed with https://chromium-review.googlesource.com/#/c/214610/
+# Some day it might be nice to see what they were supposed to do.
.PHONY: runalltests
runalltests: runtests runfutiltests runlongtests
diff --git a/tests/big_firmware_tests.c b/tests/big_firmware_tests.c
deleted file mode 100644
index efb81d14..00000000
--- a/tests/big_firmware_tests.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Tests if firmware image library deals with very large firmware. This
- * is a quick and dirty test for detecting integer overflow issues.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "firmware_image.h"
-#include "test_common.h"
-#include "utility.h"
-
-/* Choose a firmware size greater than the range of 32-bits unsigned. */
-#define BIG_FIRMWARE_SIZE (0x100000000ULL)
-
-#define ROOT_KEY_BASE_NAME "testkeys/key_rsa8192"
-#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa1024"
-
-const char* kRootKeyPublicFile = ROOT_KEY_BASE_NAME ".keyb";
-const char* kRootKeyFile = ROOT_KEY_BASE_NAME ".pem";
-const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
-const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
-
-int BigFirmwareTest(void) {
- int error_code = 0;
- uint64_t len;
- uint8_t* firmware_blob = NULL;
- RSAPublicKey* root_key = RSAPublicKeyFromFile(kRootKeyPublicFile);
- uint8_t* root_key_blob = BufferFromFile(kRootKeyPublicFile, &len);
- uint8_t* firmware_sign_key_buf= BufferFromFile(kFirmwareKeyPublicFile, &len);
- VBDEBUG(("Generating Big FirmwareImage..."));
- FirmwareImage* image =
- GenerateTestFirmwareImage(0, /* RSA1024/SHA1 */
- firmware_sign_key_buf,
- 1, /* Firmware Key Version. */
- 1, /* Firmware Version */
- BIG_FIRMWARE_SIZE,
- kRootKeyFile,
- kFirmwareKeyFile,
- 'F'); /* Firmware data fill. */
- if (!root_key || !root_key_blob || !firmware_sign_key_buf || !image) {
- error_code = 1;
- goto cleanup;
- }
- VBDEBUG(("Done.\n"));
- TEST_EQ(VerifyFirmwareImage(root_key, image),
- VERIFY_FIRMWARE_SUCCESS,
- "Big FirmwareImage Verification");
- firmware_blob = GetFirmwareBlob(image, &len);
- TEST_EQ(VerifyFirmware(root_key_blob, image->firmware_data, firmware_blob),
- VERIFY_FIRMWARE_SUCCESS,
- "Big Firmware Blob Verification");
-
- cleanup:
- Free(firmware_blob);
- FirmwareImageFree(image);
- Free(firmware_sign_key_buf);
- RSAPublicKeyFree(root_key);
- return error_code;
-}
-
-int main(int argc, char* argv[1])
-{
- int error_code = 0;
- error_code = BigFirmwareTest();
- if (!gTestSuccess)
- error_code = 255;
- return error_code;
-}
diff --git a/tests/big_kernel_tests.c b/tests/big_kernel_tests.c
deleted file mode 100644
index 6d83aae4..00000000
--- a/tests/big_kernel_tests.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Tests if firmware image library deals with very large firmware. This
- * is a quick and dirty test for detecting integer overflow issues.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "kernel_image.h"
-#include "test_common.h"
-#include "utility.h"
-
-/* Choose a kernel size greater than the range of 32-bits unsigned. */
-#define BIG_KERNEL_SIZE (0x100000000ULL)
-
-#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa2048"
-#define KERNEL_KEY_BASE_NAME "testkeys/key_rsa1024"
-
-const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
-const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
-const char* kKernelKeyPublicFile = KERNEL_KEY_BASE_NAME ".keyb";
-const char* kKernelKeyFile = KERNEL_KEY_BASE_NAME ".pem";
-
-int BigKernelTest() {
- int error_code = 0;
- uint64_t len;
- uint8_t* kernel_blob = NULL;
- RSAPublicKey* firmware_key = RSAPublicKeyFromFile(kFirmwareKeyPublicFile);
- uint8_t* firmware_key_blob = BufferFromFile(kFirmwareKeyPublicFile, &len);
- uint8_t* kernel_sign_key_buf = BufferFromFile(kKernelKeyPublicFile, &len);
- VBDEBUG(("Generating Big KernelImage..."));
- KernelImage* image =
- GenerateTestKernelImage(3, /* RSA2048/SHA1 */
- 0, /* RSA1024/SHA1 */
- kernel_sign_key_buf,
- 1, /* Kernel Key Version. */
- 1, /* Kernel Version */
- BIG_KERNEL_SIZE,
- kFirmwareKeyFile,
- kKernelKeyFile,
- 'K'); /* Kernel Data Fill. */
- if (!firmware_key || !firmware_key_blob || !kernel_sign_key_buf || !image) {
- error_code = 1;
- goto cleanup;
- }
- VBDEBUG(("Done.\n"));
- TEST_EQ(VerifyKernelImage(firmware_key, image, 0),
- VERIFY_KERNEL_SUCCESS,
- "Big KernelImage Verification");
- kernel_blob = GetKernelBlob(image, &len);
- TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, 0),
- VERIFY_KERNEL_SUCCESS,
- "Big Kernel Blob Verification");
-
-cleanup:
- Free(kernel_blob);
- KernelImageFree(image);
- Free(kernel_sign_key_buf);
- Free(firmware_key_blob);
- RSAPublicKeyFree(firmware_key);
- return error_code;
-}
-
-int main(int argc, char* argv[1])
-{
- int error_code = 0;
- error_code = BigKernelTest();
- if (!gTestSuccess)
- error_code = 255;
- return error_code;
-}
diff --git a/tests/firmware_image_tests.c b/tests/firmware_image_tests.c
deleted file mode 100644
index 6201d473..00000000
--- a/tests/firmware_image_tests.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Tests for firmware image library.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "firmware_image.h"
-#include "test_common.h"
-#include "utility.h"
-
-/* Normal Firmware Blob Verification Tests. */
-void VerifyFirmwareTest(uint8_t* verification_header,
- uint8_t* firmware_data,
- uint8_t* root_key_blob) {
- TEST_EQ(VerifyFirmware(root_key_blob,
- verification_header,
- firmware_data),
- VERIFY_FIRMWARE_SUCCESS,
- "Normal Firmware Blob Verification");
-}
-
-/* Normal FirmwareImage Verification Tests. */
-void VerifyFirmwareImageTest(FirmwareImage* image,
- RSAPublicKey* root_key) {
- TEST_EQ(VerifyFirmwareImage(root_key, image),
- VERIFY_FIRMWARE_SUCCESS,
- "Normal FirmwareImage Verification");
-}
-
-/* Tampered FirmwareImage Verification Tests. */
-void VerifyFirmwareImageTamperTest(FirmwareImage* image,
- RSAPublicKey* root_key) {
- image->firmware_version = 0;
- TEST_EQ(VerifyFirmwareImage(root_key, image),
- VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED,
- "FirmwareImage Preamble Tamper Verification");
- image->firmware_version = 1;
-
- image->firmware_data[0] = 'T';
- TEST_EQ(VerifyFirmwareImage(root_key, image),
- VERIFY_FIRMWARE_SIGNATURE_FAILED,
- "FirmwareImage Data Tamper Verification");
- image->firmware_data[0] = 'F';
-
- image->firmware_key_signature[0] = 0xFF;
- image->firmware_key_signature[1] = 0x00;
- TEST_EQ(VerifyFirmwareImage(root_key, image),
- VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED,
- "FirmwareImage Root Signature Tamper Verification");
-}
-
-int main(int argc, char* argv[]) {
- uint64_t len;
- const char* root_key_file = NULL;
- const char* firmware_key_file = NULL;
- uint8_t* firmware_sign_key_buf = NULL;
- uint8_t* root_key_blob = NULL;
- uint8_t* firmware_blob = NULL;
- uint64_t firmware_blob_len = 0;
- FirmwareImage* image = NULL;
- RSAPublicKey* root_key_pub = NULL;
- int error_code = 0;
- int algorithm;
- if(argc != 6) {
- fprintf(stderr, "Usage: %s <algorithm> <root key> <processed root pubkey>"
- " <signing key> <processed signing key>\n", argv[0]);
- return -1;
- }
-
- /* Read verification keys and create a test image. */
- algorithm = atoi(argv[1]);
- root_key_pub = RSAPublicKeyFromFile(argv[3]);
- root_key_blob = BufferFromFile(argv[3], &len);
- firmware_sign_key_buf = BufferFromFile(argv[5], &len);
- root_key_file = argv[2];
- firmware_key_file = argv[4];
- image = GenerateTestFirmwareImage(algorithm,
- firmware_sign_key_buf,
- 1, /* Firmware Key Version. */
- 1, /* Firmware Version. */
- 1000, /* Firmware length. */
- root_key_file,
- firmware_key_file,
- 'F');
-
- if (!root_key_pub || !firmware_sign_key_buf || !image) {
- error_code = 1;
- goto failure;
- }
- firmware_blob = GetFirmwareBlob(image, &firmware_blob_len);
-
- /* Test Firmware blob verify operations. */
- VerifyFirmwareTest(firmware_blob,
- image->firmware_data,
- root_key_blob);
-
- /* Test FirmwareImage verify operations. */
- VerifyFirmwareImageTest(image, root_key_pub);
- VerifyFirmwareImageTamperTest(image, root_key_pub);
-
- if (!gTestSuccess)
- error_code = 255;
-
-failure:
- Free(firmware_blob);
- FirmwareImageFree(image);
- Free(firmware_sign_key_buf);
- Free(root_key_blob);
- RSAPublicKeyFree(root_key_pub);
-
- return error_code;
-}
diff --git a/tests/firmware_rollback_tests.c b/tests/firmware_rollback_tests.c
deleted file mode 100644
index 09673a39..00000000
--- a/tests/firmware_rollback_tests.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Tests for checking firmware rollback-prevention logic.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "firmware_image.h"
-#include "utility.h"
-#include "rollback_index.h"
-#include "test_common.h"
-
-const char* kRootKeyPublicFile = "testkeys/key_rsa8192.keyb";
-uint8_t kValidFirmwareData[1] = { 'F' };
-uint8_t kCorruptFirmwareData[1] = { 'X' };
-
-/* Tests that check for correctness of the VerifyFirmwareDriver_f() logic
- * and rollback prevention. */
-void VerifyFirmwareDriverTest(void) {
- uint8_t* verification_blobA = NULL;
- uint8_t* verification_blobB = NULL;
- uint64_t len;
- uint8_t* root_key_pub = BufferFromFile(kRootKeyPublicFile, &len);
-
- /* Initialize rollback index state. */
- g_firmware_key_version = 1;
- g_firmware_version = 1;
-
- verification_blobA = GenerateRollbackTestVerificationBlob(1, 1);
- verification_blobB = GenerateRollbackTestVerificationBlob(1, 1);
-
- TEST_EQ(VerifyFirmwareDriver_f(root_key_pub,
- verification_blobA,
- kValidFirmwareData,
- verification_blobB,
- kValidFirmwareData),
- BOOT_FIRMWARE_A_CONTINUE,
- "Firmware A (Valid with current version), "
- "Firmware B (Valid with current version)");
- TEST_EQ(VerifyFirmwareDriver_f(root_key_pub,
- verification_blobA,
- kCorruptFirmwareData,
- verification_blobB,
- kValidFirmwareData),
- BOOT_FIRMWARE_B_CONTINUE,
- "Firmware A (Corrupt with current version), "
- "Firmware B (Valid with current version)");
- TEST_EQ(VerifyFirmwareDriver_f(root_key_pub,
- verification_blobA,
- kValidFirmwareData,
- verification_blobB,
- kCorruptFirmwareData),
- BOOT_FIRMWARE_A_CONTINUE,
- "Firmware A (Valid with current version), "
- "Firmware B (Corrupt with current version)");
- TEST_EQ(VerifyFirmwareDriver_f(root_key_pub,
- verification_blobA,
- kCorruptFirmwareData,
- verification_blobB,
- kCorruptFirmwareData),
- BOOT_FIRMWARE_RECOVERY_CONTINUE,
- "Firmware A (Corrupt with current version), "
- "Firmware B (Corrupt with current version");
- g_firmware_key_version = 2;
- g_firmware_version = 2;
- TEST_EQ(VerifyFirmwareDriver_f(root_key_pub,
- verification_blobA,
- kValidFirmwareData,
- verification_blobB,
- kValidFirmwareData),
- BOOT_FIRMWARE_RECOVERY_CONTINUE,
- "Firmware A (Valid with old version), "
- "Old Firmware B (Valid with old version)");
-
- Free(root_key_pub);
- Free(verification_blobA);
- Free(verification_blobB);
-}
-
-int main(int argc, char* argv[]) {
- int error_code = 0;
- VerifyFirmwareDriverTest();
- if (!gTestSuccess)
- error_code = 255;
- return error_code;
-}
diff --git a/tests/firmware_splicing_tests.c b/tests/firmware_splicing_tests.c
deleted file mode 100644
index 17c327f4..00000000
--- a/tests/firmware_splicing_tests.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Splicing tests for the firmware image verification library.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "firmware_image.h"
-#include "test_common.h"
-#include "utility.h"
-
-#define ROOT_KEY_BASE_NAME "testkeys/key_rsa8192"
-#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa1024"
-
-const char* kRootKeyPublicFile = ROOT_KEY_BASE_NAME ".keyb";
-const char* kRootKeyFile = ROOT_KEY_BASE_NAME ".pem";
-const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
-const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
-
-void VerifyFirmwareSplicingTest()
-{
- uint64_t len;
- FirmwareImage* image1 = NULL;
- FirmwareImage* image2 = NULL;
- uint8_t* firmware_blob = NULL;
- uint8_t* firmware_sign_key_buf = NULL;
- RSAPublicKey* root_key = RSAPublicKeyFromFile(kRootKeyPublicFile);
- uint8_t* root_key_blob = BufferFromFile(kRootKeyPublicFile, &len);
- firmware_sign_key_buf= BufferFromFile(kFirmwareKeyPublicFile, &len);
- image1 = GenerateTestFirmwareImage(0, /* RSA1024/SHA1 */
- firmware_sign_key_buf,
- 1, /* Firmware Key Version. */
- 1, /* Firmware Version */
- 1000,
- kRootKeyFile,
- kFirmwareKeyFile,
- 'F'); /* Firmware data fill. */
- image2 = GenerateTestFirmwareImage(0, /* RSA1024/SHA1 */
- firmware_sign_key_buf,
- 1, /* Firmware Key Version. */
- 2, /* Firmware Version */
- 1000,
- kRootKeyFile,
- kFirmwareKeyFile,
- 'G'); /* Different Firmware data fill. */
- /* Verify that the originals verify. */
- TEST_EQ(VerifyFirmwareImage(root_key, image1),
- VERIFY_FIRMWARE_SUCCESS,
- "FirmwareImage firmware_data Original");
- TEST_EQ(VerifyFirmwareImage(root_key, image2),
- VERIFY_FIRMWARE_SUCCESS,
- "FirmwareImage firmware_data Original");
-
- /* Splice firmware_data + firmware signature from [image1]
- * and put it into [image2]. */
- Memcpy(image2->firmware_signature, image1->firmware_signature,
- siglen_map[0]);
- Memcpy(image2->firmware_data, image1->firmware_data,
- image2->firmware_len);
-
- TEST_EQ(VerifyFirmwareImage(root_key, image2),
- VERIFY_FIRMWARE_SIGNATURE_FAILED,
- "FirmwareImage firmware_data Splicing");
- firmware_blob = GetFirmwareBlob(image2, &len);
- TEST_EQ(VerifyFirmware(root_key_blob, firmware_blob, image2->firmware_data),
- VERIFY_FIRMWARE_SIGNATURE_FAILED,
- "Firmware Blob firmware_data Splicing");
-}
-
-int main(int argc, char* argv[])
-{
- int error_code = 0;
- VerifyFirmwareSplicingTest();
- if (!gTestSuccess)
- error_code = 255;
- return error_code;
-}
diff --git a/tests/firmware_verify_benchmark.c b/tests/firmware_verify_benchmark.c
deleted file mode 100644
index 3cdceff8..00000000
--- a/tests/firmware_verify_benchmark.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Timing benchmark for verifying a firmware image.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "firmware_image.h"
-#include "test_common.h"
-#include "timer_utils.h"
-#include "utility.h"
-
-#define FILE_NAME_SIZE 128
-#define NUM_OPERATIONS 100 /* Number of verify operations to time. */
-
-#define FIRMWARE_SIZE_SMALL 512000
-#define FIRMWARE_SIZE_MEDIUM 1024000
-#define FIRMWARE_SIZE_LARGE 4096000
-const uint64_t g_firmware_sizes_to_test[] = {
- FIRMWARE_SIZE_SMALL,
- FIRMWARE_SIZE_MEDIUM,
- FIRMWARE_SIZE_LARGE
-};
-const char* g_firmware_size_labels[] = {
- "small",
- "medium",
- "large"
-};
-#define NUM_SIZES_TO_TEST (sizeof(g_firmware_sizes_to_test) / \
- sizeof(g_firmware_sizes_to_test[0]))
-
-int SpeedTestAlgorithm(int algorithm) {
- int i, j, key_size, error_code = 0;
- ClockTimerState ct;
- double msecs;
- uint64_t len;
- uint8_t* firmware_sign_key = NULL;
- uint8_t* root_key_blob = NULL;
- char firmware_sign_key_file[FILE_NAME_SIZE];
- char file_name[FILE_NAME_SIZE];
- char* sha_strings[] = { /* Maps algorithm->SHA algorithm. */
- "sha1", "sha256", "sha512", /* RSA-1024 */
- "sha1", "sha256", "sha512", /* RSA-2048 */
- "sha1", "sha256", "sha512", /* RSA-4096 */
- "sha1", "sha256", "sha512", /* RSA-8192 */
- };
- uint8_t* verification_blobs[NUM_SIZES_TO_TEST];
- uint8_t* firmware_blobs[NUM_SIZES_TO_TEST];
- for (i = 0; i < NUM_SIZES_TO_TEST; ++i)
- firmware_blobs[i] = NULL;
-
- key_size = siglen_map[algorithm] * 8; /* in bits. */
- snprintf(firmware_sign_key_file, FILE_NAME_SIZE, "testkeys/key_rsa%d.pem",
- key_size);
-
- snprintf(file_name, FILE_NAME_SIZE, "testkeys/key_rsa%d.keyb", key_size);
- firmware_sign_key = BufferFromFile(file_name, &len);
- if (!firmware_sign_key) {
- VBDEBUG(("Couldn't read pre-processed firmware signing key.\n"));
- error_code = 1;
- goto cleanup;
- }
-
- /* Generate test images. */
- for (i = 0; i < NUM_SIZES_TO_TEST; ++i) {
- firmware_blobs[i] = (uint8_t*) malloc(g_firmware_sizes_to_test[i]);
- Memset(firmware_blobs[i], 'F', g_firmware_sizes_to_test[i]);
- verification_blobs[i] = GenerateTestVerificationBlob(
- algorithm,
- firmware_sign_key,
- 1, /* firmware key version. */
- 1, /* firmware version. */
- g_firmware_sizes_to_test[i],
- "testkeys/key_rsa8192.pem",
- firmware_sign_key_file);
- if (!firmware_blobs[i]) {
- VBDEBUG(("Couldn't generate test firmware images.\n"));
- error_code = 1;
- goto cleanup;
- }
- }
-
- /* Get pre-processed key used for verification. */
- root_key_blob = BufferFromFile("testkeys/key_rsa8192.keyb", &len);
- if (!root_key_blob) {
- VBDEBUG(("Couldn't read pre-processed rootkey.\n"));
- error_code = 1;
- goto cleanup;
- }
-
- /* Now run the timing tests. */
- for (i = 0; i < NUM_SIZES_TO_TEST; ++i) {
- StartTimer(&ct);
- for (j = 0; j < NUM_OPERATIONS; ++j) {
- if (VERIFY_FIRMWARE_SUCCESS !=
- VerifyFirmware(root_key_blob,
- verification_blobs[i],
- firmware_blobs[i]))
- VBDEBUG(("Warning: Firmware Verification Failed.\n"));
- }
- StopTimer(&ct);
- msecs = (float) GetDurationMsecs(&ct) / NUM_OPERATIONS;
- fprintf(stderr,
- "# Firmware (%s, Algo = %s):"
- "\t%.02f ms/verification\n",
- g_firmware_size_labels[i],
- algo_strings[algorithm],
- msecs);
- fprintf(stdout, "ms_firmware_%s_rsa%d_%s:%.02f\n",
- g_firmware_size_labels[i],
- key_size,
- sha_strings[algorithm],
- msecs);
- }
-
- cleanup:
- for (i = 0; i < NUM_SIZES_TO_TEST; i++) {
- free(firmware_blobs[i]);
- free(verification_blobs[i]);
- }
- free(root_key_blob);
- return error_code;
-}
-
-
-int main(int argc, char* argv[]) {
- int i, error_code = 0;
- for (i = 0; i < kNumAlgorithms; ++i) {
- if (0 != (error_code = SpeedTestAlgorithm(i)))
- return error_code;
- }
- return 0;
-}
diff --git a/tests/kernel_image_tests.c b/tests/kernel_image_tests.c
deleted file mode 100644
index 8125e681..00000000
--- a/tests/kernel_image_tests.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Tests for kernel image library.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "kernel_image.h"
-#include "test_common.h"
-#include "utility.h"
-
-/* Normal Kernel Blob Verification Tests. */
-void VerifyKernelTest(uint8_t* kernel_blob, uint8_t* firmware_key_blob) {
- TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal Kernel Blob Verification (Dev Mode)");
-
- TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, DEV_MODE_DISABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal Kernel Blob Verification (Trusted)");
-}
-
-
-/* Normal KernelImage Verification Tests. */
-void VerifyKernelImageTest(KernelImage* image,
- RSAPublicKey* firmware_key) {
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal KernelImage Verification (Dev Mode)");
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal KernelImage Verification (Trusted)");
-}
-
-/* Tampered KernelImage Verification Tests. */
-void VerifyKernelImageTamperTest(KernelImage* image,
- RSAPublicKey* firmware_key) {
- image->bootloader_offset ^= 0xFF;
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_PREAMBLE_SIGNATURE_FAILED,
- "KernelImage Config Tamper Verification (Dev Mode)");
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_PREAMBLE_SIGNATURE_FAILED,
- "KernelImage Config Tamper Verification (Trusted)");
- image->bootloader_offset ^= 0xFF;
-
- image->kernel_data[0] = 'T';
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SIGNATURE_FAILED,
- "KernelImage Tamper Verification (Dev Mode)");
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_SIGNATURE_FAILED,
- "KernelImage Tamper Verification (Trusted)");
- image->kernel_data[0] = 'K';
-
- image->kernel_key_signature[0] = 0xFF;
- image->kernel_key_signature[1] = 0x00;
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SUCCESS,
- "KernelImage Key Signature Tamper Verification (Dev Mode)");
- TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_KEY_SIGNATURE_FAILED,
- "KernelImage Key Signature Tamper Verification (Trusted)");
-}
-
-int main(int argc, char* argv[]) {
- uint64_t len;
- const char* firmware_key_file = NULL;
- const char* kernel_key_file = NULL;
- uint8_t* kernel_sign_key_buf = NULL;
- uint8_t* firmware_key_blob = NULL;
- uint8_t* kernel_blob = NULL;
- uint64_t kernel_blob_len = 0;
- KernelImage* image = NULL;
- RSAPublicKey* firmware_key = NULL;
- int error_code = 0;
-
- if(argc != 7) {
- fprintf(stderr, "Usage: %s <firmware signing algorithm> " /* argv[1] */
- "<kernel signing algorithm> " /* argv[2] */
- "<firmware key> " /* argv[3] */
- "<processed firmware pubkey> " /* argv[4] */
- "<kernel signing key> " /* argv[5] */
- "<processed kernel signing key>\n", /* argv[6] */
- argv[0]);
- return -1;
- }
-
- /* Read verification keys and create a test image. */
- firmware_key = RSAPublicKeyFromFile(argv[4]);
- firmware_key_blob = BufferFromFile(argv[4], &len);
- kernel_sign_key_buf = BufferFromFile(argv[6], &len);
- firmware_key_file = argv[3];
- kernel_key_file = argv[5];
-
- if (!firmware_key || !kernel_sign_key_buf || !kernel_sign_key_buf) {
- error_code = 1;
- goto failure;
- }
-
- image = GenerateTestKernelImage(atoi(argv[1]),
- atoi(argv[2]),
- kernel_sign_key_buf,
- 1, /* Kernel Key Version */
- 1, /* Kernel Version */
- 1000, /* Kernel Size */
- firmware_key_file,
- kernel_key_file,
- 'K');
- if (!image) {
- error_code = 1;
- goto failure;
- }
-
- kernel_blob = GetKernelBlob(image, &kernel_blob_len);
-
- /* Test Kernel blob verify operations. */
- VerifyKernelTest(kernel_blob, firmware_key_blob);
-
- /* Test KernelImage verify operations. */
- VerifyKernelImageTest(image, firmware_key);
- VerifyKernelImageTamperTest(image, firmware_key);
-
- if (!gTestSuccess)
- error_code = 255;
-
-failure:
- Free(kernel_blob);
- KernelImageFree(image);
- Free(kernel_sign_key_buf);
- Free(firmware_key_blob);
- RSAPublicKeyFree(firmware_key);
-
- return error_code;
-}
diff --git a/tests/kernel_rollback_tests.c b/tests/kernel_rollback_tests.c
deleted file mode 100644
index 2ecb05fc..00000000
--- a/tests/kernel_rollback_tests.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Tests for checking kernel rollback-prevention logic.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "kernel_image.h"
-#include "rollback_index.h"
-#include "test_common.h"
-#include "utility.h"
-
-const char* kFirmwareKeyPublicFile = "testkeys/key_rsa1024.keyb";
-
-/* Tests that check for correctness of the VerifyFirmwareDriver_f() logic
- * and rollback prevention. */
-void VerifyKernelDriverTest(void) {
- uint64_t len;
- uint8_t* firmware_key_pub = BufferFromFile(kFirmwareKeyPublicFile, &len);
-
- /* TODO(gauravsh): Rebase this to use LoadKernel() (maybe by making
- * it a part of load_kernel_test.c */
-#if 0
- /* Initialize kernel blobs, including their associated parition
- * table attributed. */
- kernel_entry valid_kernelA = {
- GenerateRollbackTestKernelBlob(1, 1, 0),
- 15, /* Highest Priority. */
- 5, /* Enough for tests. */
- 0 /* Assume we haven't boot off it yet. */
- };
- kernel_entry corrupt_kernelA = {
- GenerateRollbackTestKernelBlob(1, 1, 1),
- 15, /* Highest Priority. */
- 5, /* Enough for tests. */
- 0 /* Assume we haven't boot off it yet. */
- };
- kernel_entry valid_kernelB = {
- GenerateRollbackTestKernelBlob(1, 1, 0),
- 1, /* Lower Priority. */
- 5, /* Enough for tests. */
- 0 /* Assume we haven't boot off it yet. */
- };
- kernel_entry corrupt_kernelB = {
- GenerateRollbackTestKernelBlob(1, 1, 1),
- 1, /* Lower Priority. */
- 5, /* Enough for tests. */
- 0 /* Assume we haven't boot off it yet. */
- };
-
- /* Initialize rollback index state. */
- g_kernel_key_version = 1;
- g_kernel_version = 1;
-
- /* Note: This test just checks the rollback prevention mechanism and not
- * the full blown kernel boot logic. Updates to the kernel attributes
- * in the paritition table are not tested.
- */
- VBDEBUG(("Kernel A boot priority(15) > Kernel B boot priority(1)\n"));
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &valid_kernelA, &valid_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_A_CONTINUE,
- "(Valid Kernel A (current version)\n"
- " Valid Kernel B (current version) runs A):");
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &corrupt_kernelA, &valid_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_B_CONTINUE,
- "(Corrupt Kernel A (current version)\n"
- " Valid Kernel B (current version) runs B):");
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &valid_kernelA, &corrupt_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_A_CONTINUE,
- "(Valid Kernel A (current version)\n"
- " Corrupt Kernel B (current version) runs A):");
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &corrupt_kernelA, &corrupt_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_RECOVERY_CONTINUE,
- "(Corrupt Kernel A (current version)\n"
- " Corrupt Kernel B (current version) runs Recovery):");
-
- VBDEBUG(("\nSwapping boot priorities...\n"
- "Kernel B boot priority(15) > Kernel A boot priority(1)\n"));
- valid_kernelA.boot_priority = corrupt_kernelA.boot_priority = 1;
- valid_kernelB.boot_priority = corrupt_kernelB.boot_priority = 15;
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &valid_kernelA, &valid_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_B_CONTINUE,
- "(Valid Kernel A (current version)\n"
- " Valid Kernel B (current version) runs B):");
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &corrupt_kernelA, &valid_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_B_CONTINUE,
- "(Corrupt Kernel A (current version)\n"
- " Valid Kernel B (current version) runs B):");
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &valid_kernelA, &corrupt_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_A_CONTINUE,
- "(Valid Kernel A (current version)\n"
- " Corrupt Kernel B (current version) runs A):");
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &corrupt_kernelA, &corrupt_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_RECOVERY_CONTINUE,
- "(Corrupt Kernel A (current version)\n"
- " Corrupt Kernel B (current version) runs Recovery):");
-
- VBDEBUG(("\nUpdating stored version information. Obsoleting "
- "exiting kernel images.\n"));
- g_kernel_key_version = 2;
- g_kernel_version = 2;
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &valid_kernelA, &valid_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_RECOVERY_CONTINUE,
- "(Valid Kernel A (old version)\n"
- " Valid Kernel B (old version) runs Recovery):");
-
- VBDEBUG(("\nGenerating updated Kernel A blob with "
- "new version.\n"));
- Free(valid_kernelA.kernel_blob);
- valid_kernelA.kernel_blob = GenerateRollbackTestKernelBlob(3, 3, 0);
- TEST_EQ(VerifyKernelDriver_f(firmware_key_pub,
- &valid_kernelA, &valid_kernelB,
- DEV_MODE_DISABLED),
- BOOT_KERNEL_A_CONTINUE,
- "(Valid Kernel A (new version)\n"
- " Valid Kernel B (old version) runs A):");
- Free(valid_kernelA.kernel_blob);
- Free(valid_kernelB.kernel_blob);
- Free(corrupt_kernelA.kernel_blob);
- Free(corrupt_kernelB.kernel_blob);
-#endif
-
- Free(firmware_key_pub);
-}
-
-int main(int argc, char* argv[]) {
- int error_code = 0;
- VerifyKernelDriverTest();
- if (!gTestSuccess)
- error_code = 255;
- return error_code;
-}
diff --git a/tests/kernel_splicing_tests.c b/tests/kernel_splicing_tests.c
deleted file mode 100644
index 296af473..00000000
--- a/tests/kernel_splicing_tests.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Splicing tests for the kernel image verification library.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "kernel_image.h"
-#include "test_common.h"
-#include "utility.h"
-
-#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa2048"
-#define KERNEL_KEY_BASE_NAME "testkeys/key_rsa1024"
-
-const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
-const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
-const char* kKernelKeyPublicFile = KERNEL_KEY_BASE_NAME ".keyb";
-const char* kKernelKeyFile = KERNEL_KEY_BASE_NAME ".pem";
-
-void VerifyKernelSplicingTest()
-{
- uint64_t len;
- KernelImage* image1 = NULL;
- KernelImage* image2 = NULL;
- uint8_t* kernel_blob = NULL;
- uint8_t* kernel_sign_key_buf = NULL;
- RSAPublicKey* firmware_key = RSAPublicKeyFromFile(kFirmwareKeyPublicFile);
- uint8_t* firmware_key_blob = BufferFromFile(kFirmwareKeyPublicFile, &len);
- kernel_sign_key_buf= BufferFromFile(kKernelKeyPublicFile, &len);
- image1 = GenerateTestKernelImage(3, /* RSA2048/SHA1 */
- 0, /* RSA1024/SHA1 */
- kernel_sign_key_buf,
- 1, /* Kernel Key Version. */
- 1, /* Kernel Version */
- 1000, /* Kernel Size. */
- kFirmwareKeyFile,
- kKernelKeyFile,
- 'K'); /* Kernel data fill. */
- image2 = GenerateTestKernelImage(3, /* RSA2058/SHA1 */
- 0, /* RSA1024/SHA1 */
- kernel_sign_key_buf,
- 1, /* Kernel Key Version. */
- 2, /* Kernel Version */
- 1000, /* Kernel Size */
- kFirmwareKeyFile,
- kKernelKeyFile,
- 'L'); /* Different Kernel data fill. */
- /* Make sure the originals verify. */
- TEST_EQ(VerifyKernelImage(firmware_key, image1, 0),
- VERIFY_KERNEL_SUCCESS,
- "KernelImage kernel_data Original");
- TEST_EQ(VerifyKernelImage(firmware_key, image2, 0),
- VERIFY_KERNEL_SUCCESS,
- "KernelImage kernel_data Original");
-
- /* Splice kernel_data + kernel signature from [image1]
- * and put it into [image2]. */
- Memcpy(image2->kernel_signature, image1->kernel_signature,
- siglen_map[0]);
- Memcpy(image2->kernel_data, image1->kernel_data,
- image2->kernel_len);
-
- TEST_NEQ(VerifyKernelImage(firmware_key, image2, 0),
- VERIFY_KERNEL_SUCCESS,
- "KernelImage kernel_data Splicing");
- kernel_blob = GetKernelBlob(image2, &len);
- TEST_NEQ(VerifyKernel(firmware_key_blob, kernel_blob, 0),
- VERIFY_KERNEL_SUCCESS,
- "Kernel Blob kernel_data Splicing");
-}
-
-int main(int argc, char* argv[])
-{
- int error_code = 0;
- VerifyKernelSplicingTest();
- if (!gTestSuccess)
- error_code = 255;
- return error_code;
-}
diff --git a/tests/kernel_verify_benchmark.c b/tests/kernel_verify_benchmark.c
deleted file mode 100644
index 3ba113c5..00000000
--- a/tests/kernel_verify_benchmark.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Timing benchmark for verifying a firmware image.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptolib.h"
-#include "file_keys.h"
-#include "kernel_image.h"
-#include "test_common.h"
-#include "timer_utils.h"
-#include "utility.h"
-
-#define FILE_NAME_SIZE 128
-
-#define NUM_OPERATIONS 30 /* Number of verify operations to time.
- * We use a smaller number here (30 vs. 100)
- * since there are many more cases to consider
- * (one for each combination of firmware and kernel
- * signature algorithm.
- */
-
-#define KERNEL_SIZE_SMALL 512000
-#define KERNEL_SIZE_MEDIUM 1024000
-#define KERNEL_SIZE_LARGE 4096000
-const uint64_t g_kernel_sizes_to_test[] = {
- KERNEL_SIZE_SMALL,
- KERNEL_SIZE_MEDIUM,
- KERNEL_SIZE_LARGE
-};
-const char* g_kernel_size_labels[] = {
- "small",
- "medium",
- "large"
-};
-#define NUM_SIZES_TO_TEST (sizeof(g_kernel_sizes_to_test) / \
- sizeof(g_kernel_sizes_to_test[0]))
-
-int SpeedTestAlgorithm(int firmware_sign_algorithm,
- int kernel_sign_algorithm) {
- int i, j, error_code = 0;
- int firmware_key_size, kernel_key_size;
- ClockTimerState ct;
- double msecs;
- uint64_t len;
- uint8_t* kernel_sign_key = NULL;
- uint8_t* firmware_key_blob = NULL;
- char firmware_sign_key_file[FILE_NAME_SIZE];
- char kernel_sign_key_file[FILE_NAME_SIZE];
- char file_name[FILE_NAME_SIZE]; /* Temp to hold a constructed file name */
- char* sha_strings[] = { /* Maps algorithm->SHA algorithm. */
- "sha1", "sha256", "sha512", /* RSA-1024 */
- "sha1", "sha256", "sha512", /* RSA-2048 */
- "sha1", "sha256", "sha512", /* RSA-4096 */
- "sha1", "sha256", "sha512", /* RSA-8192 */
- };
- uint8_t* kernel_blobs[NUM_SIZES_TO_TEST];
- for (i = 0; i < NUM_SIZES_TO_TEST; ++i)
- kernel_blobs[i] = NULL;
-
- /* Get all needed test keys. */
- firmware_key_size = siglen_map[firmware_sign_algorithm] * 8; /* in bits. */
- kernel_key_size = siglen_map[kernel_sign_algorithm] * 8; /* in bits. */
- snprintf(firmware_sign_key_file, FILE_NAME_SIZE, "testkeys/key_rsa%d.pem",
- firmware_key_size);
- snprintf(kernel_sign_key_file, FILE_NAME_SIZE, "testkeys/key_rsa%d.pem",
- kernel_key_size);
- snprintf(file_name, FILE_NAME_SIZE, "testkeys/key_rsa%d.keyb",
- kernel_key_size);
- kernel_sign_key = BufferFromFile(file_name, &len);
- if (!kernel_sign_key) {
- VBDEBUG(("Couldn't read pre-processed public kernel signing key.\n"));
- error_code = 1;
- goto cleanup;
- }
-
- /* Generate test images. */
- for (i = 0; i < NUM_SIZES_TO_TEST; ++i) {
- kernel_blobs[i] = GenerateTestKernelBlob(firmware_sign_algorithm,
- kernel_sign_algorithm,
- kernel_sign_key,
- 1, /* kernel key version. */
- 1, /* kernel version. */
- g_kernel_sizes_to_test[i],
- firmware_sign_key_file,
- kernel_sign_key_file);
- if (!kernel_blobs[i]) {
- VBDEBUG(("Couldn't generate test firmware images.\n"));
- error_code = 1;
- goto cleanup;
- }
- }
-
- /* Get pre-processed key used for verification. */
- snprintf(file_name, FILE_NAME_SIZE, "testkeys/key_rsa%d.keyb",
- firmware_key_size);
- firmware_key_blob = BufferFromFile(file_name, &len);
- if (!firmware_key_blob) {
- VBDEBUG(("Couldn't read pre-processed firmware public key.\n"));
- error_code = 1;
- goto cleanup;
- }
-
- /* Now run the timing tests. */
- for (i = 0; i < NUM_SIZES_TO_TEST; ++i) {
- StartTimer(&ct);
- for (j = 0; j < NUM_OPERATIONS; ++j) {
- if (VERIFY_KERNEL_SUCCESS !=
- VerifyKernel(firmware_key_blob, kernel_blobs[i], 0))
- VBDEBUG(("Warning: Kernel Verification Failed.\n"));
- }
- StopTimer(&ct);
- msecs = (float) GetDurationMsecs(&ct) / NUM_OPERATIONS;
- fprintf(stderr,
- "# Kernel (%s, Algo = %s / %s):"
- "\t%.02f ms/verification\n",
- g_kernel_size_labels[i],
- algo_strings[firmware_sign_algorithm],
- algo_strings[kernel_sign_algorithm],
- msecs);
- fprintf(stdout, "ms_kernel_%s_rsa%d_%s_rsa%d_%s:%.02f\n",
- g_kernel_size_labels[i],
- firmware_key_size,
- sha_strings[firmware_sign_algorithm],
- kernel_key_size,
- sha_strings[kernel_sign_algorithm],
- msecs);
- }
-
- cleanup:
- for (i = 0; i < NUM_SIZES_TO_TEST; ++i)
- Free(kernel_blobs[i]);
- Free(firmware_key_blob);
- Free(kernel_sign_key);
- return error_code;
-}
-
-
-int main(int argc, char* argv[]) {
- int i, j, error_code = 0;
- for (i = 0; i < kNumAlgorithms; ++i) { /* Firmware Signing Algorithm. */
- for (j = 0; j < kNumAlgorithms; ++j) { /* Kernel Signing Algorithm. */
- /* Only measure if the kernel signing algorithm is weaker or equal to
- * the firmware signing algorithm. */
- if (siglen_map[j] > siglen_map[i])
- continue;
- if (siglen_map[j] == siglen_map[i] && hash_size_map[j] > hash_size_map[i])
- continue;
- if (0 != (error_code = SpeedTestAlgorithm(i, j)))
- return error_code;
- }
- }
- return 0;
-}
diff --git a/tests/rollback_index_test.c b/tests/rollback_index_test.c
deleted file mode 100644
index d84b8ea2..00000000
--- a/tests/rollback_index_test.c
+++ /dev/null
@@ -1,770 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- */
-
-/* Exhaustive testing for correctness and integrity of TPM locking code from
- * all interesting initial conditions.
- *
- * This program iterates through a large number of initial states of the TPM at
- * power on, and executes the code related to initialing the TPM and managing
- * the anti-rollback indices.
- *
- * This program must be run on a system with "TPM-agnostic" BIOS: that is, the
- * system must have a TPM (as of this date, the emulator isn't good enough,
- * because it doesn't support bGlobalLock), but the firmware should not issue a
- * TPM_Startup. In addition, the TPM drivers must be loaded (tpm_tis, tpm, and
- * tpm_bios) but tcsd should NOT be running. However, tcsd must be installed,
- * as well as the command tpm_takeownership from the TPM tools, and tpm-nvtool
- * from third-party/tpm.
- *
- * This program must be run as root. It issues multiple reboots, saving and
- * restoring the state from a file. Typically it works in two phases: on one
- * reboot it sets the TPM to a certain state, and in the next reboot it runs
- * the test.
- *
- * This program may take a long time to complete.
- *
- * A companion upstart file rbtest.conf contains test setup instructions. Look
- * around for it.
- */
-
-#include "rollback_index.h"
-#include "tlcl.h"
-#include "tss_constants.h"
-#include "utility.h"
-
-#include <stdarg.h>
-#include <stdint.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <syslog.h>
-#include <unistd.h>
-
-#define RETURN_ON_FAILURE(tpm_command) do { \
- uint32_t result; \
- if ((result = (tpm_command)) != TPM_SUCCESS) { \
- return result; \
- } \
- } while (0)
-
-#define WRITE_BUCKET_NV_INDEX 0x1050
-#define STATEPATH "/var/spool/rbtest.state"
-#define TPM_ANY_FAILURE (-1)
-
-#define TPM_MAX_NV_WRITE_NOOWNER 64
-#define MAX_NV_WRITES_AT_BOOT 18 /* see comment below */
-#define INITIALIZATION_NV_WRITES 11 /* see below */
-
-const int high_writecount = TPM_MAX_NV_WRITE_NOOWNER;
-/* The -1 below is to make sure there is at least one case when we don't hit
- * the write limit. It is probably unnecessary, but we pay this cost to avoid
- * an off-by-one error.
- */
-const int low_writecount = TPM_MAX_NV_WRITE_NOOWNER - MAX_NV_WRITES_AT_BOOT - 1;
-const int low_writecount_when_initialized = TPM_MAX_NV_WRITE_NOOWNER
- - MAX_NV_WRITES_AT_BOOT + INITIALIZATION_NV_WRITES;
-
-/*
- * This structure contains all TPM states of interest, and other testing
- * states. It is saved and restored from a file across all reboots.
- *
- * OWNED/UNOWNED
- * ACTIVATED/DEACTIVATED
- * ENABLED/DISABLED
- * WRITE COUNT
- *
- * The write count tests hitting the write limit with an unowned TPM. After
- * resetting the TPM we reset the write count to zero, then we perform
- * |writecount| writes to bring the count to the desired number.
- *
- * Low write counts are not interesting, because we know they cannot cause the
- * code to hit the limit during a single boot. There are a total of N
- * SafeWrite and SafeDefineSpace call sites, where N = MAX_NV_WRITES_AT_BOOT.
- * Every call site can be reached at most once at every boot (there are no
- * loops or multiple nested calls). So we only need to test N + 1 different
- * initial values of the NVRAM write count (between 64 - (N + 1)) and 64).
- *
- * A number of calls happen at initialization, so when the TPM_IS_INITIALIZED
- * space exists, we only need to start checking at TPM_MAX_NV_WRITE_NOOWNER -
- * MAX_NV_WRITES_AT_BOOT + INITIALIZATION_NV_WRITES.
- *
- * TPM_IS_INITIALIZED space exists/does not exist
- * KERNEL_MUST_USE_BACKUP = 0 or 1
- * KERNEL_VERSIONS exists/does not
- * KERNEL_VERSIONS space has wrong permissions
- * KERNEL_VERSIONS does not contain the replacement-prevention value
- * KERNEL_VERSIONS and KERNEL_VERSIONS_BACKUP are the same/are not
- * DEVELOPER_MODE_NV_INDEX = 0 or 1
- *
- * developer switch on/off
- * recovery switch on/off
- */
-
-typedef struct RBTState {
- /* Internal testing state */
- int advancing; /* this is 1 if we are setting the TPM to the next initial
- state, 0 if we are running the test. */
-
- /* TPM state */
- int writecount;
- int owned;
- int disable;
- int deactivated;
- int TPM_IS_INITIALIZED_exists;
- int KERNEL_MUST_USE_BACKUP;
- int KERNEL_VERSIONS_exists;
- int KERNEL_VERSIONS_wrong_permissions;
- int KERNEL_VERSIONS_wrong_value;
- int KERNEL_VERSIONS_same_as_backup;
- int DEVELOPER_MODE; /* content of DEVELOPER_MODE space */
- int developer; /* setting of developer mode switch */
- int recovery; /* booting in recovery mode */
-} RBTState;
-
-RBTState RBTS;
-
-/* Set to 1 if the TPM was cleared in this run, to avoid clearing it again
- * before we set the write count.
- */
-int tpm_was_just_cleared = 0;
-
-const char* RBTS_format =
- "advancing=%d, owned=%d, disable=%d, activated=%d, "
- "writecount=%d, TII_exists=%d, KMUB=%d, "
- "KV_exists=%d, KV_wp=%d, KV_wv=%d, KV_sab=%d, DM=%d, dm=%d, rm=%d";
-
-static void Log(const char* format, ...) {
- va_list ap;
- va_start(ap, format);
- vsyslog(LOG_INFO, format, ap);
- va_end(ap);
- va_start(ap, format);
- vfprintf(stderr, format, ap);
- va_end(ap);
- fprintf(stderr, "\n");
-}
-
-static void reboot(void) {
- int status;
- Log("requesting reboot");
- status = system("/sbin/reboot");
- if (status != 0) {
- Log("reboot failed with status %d", status);
- exit(1);
- }
-}
-
-static uint32_t SafeWrite(uint32_t index, uint8_t* data, uint32_t length) {
- uint32_t result = TlclWrite(index, data, length);
- if (result == TPM_E_MAXNVWRITES) {
- RETURN_ON_FAILURE(TPMClearAndReenable());
- result = TlclWrite(index, data, length);
- tpm_was_just_cleared = 0;
- }
- return result;
-}
-
-static uint32_t SafeDefineSpace(uint32_t index, uint32_t perm, uint32_t size) {
- uint32_t result = TlclDefineSpace(index, perm, size);
- if (result == TPM_E_MAXNVWRITES) {
- RETURN_ON_FAILURE(TPMClearAndReenable());
- result = TlclDefineSpace(index, perm, size);
- tpm_was_just_cleared = 0;
- }
- return result;
-}
-
-static void RollbackTest_SaveState(FILE* file) {
- rewind(file);
- fprintf(file, RBTS_format,
- RBTS.advancing,
- RBTS.owned,
- RBTS.disable,
- RBTS.deactivated,
- RBTS.writecount,
- RBTS.TPM_IS_INITIALIZED_exists,
- RBTS.KERNEL_MUST_USE_BACKUP,
- RBTS.KERNEL_VERSIONS_exists,
- RBTS.KERNEL_VERSIONS_wrong_permissions,
- RBTS.KERNEL_VERSIONS_wrong_value,
- RBTS.KERNEL_VERSIONS_same_as_backup,
- RBTS.DEVELOPER_MODE,
- RBTS.developer,
- RBTS.recovery);
-}
-
-static void RollbackTest_RestoreState(FILE* file) {
- if (fscanf(file, RBTS_format,
- &RBTS.advancing,
- &RBTS.owned,
- &RBTS.disable,
- &RBTS.deactivated,
- &RBTS.writecount,
- &RBTS.TPM_IS_INITIALIZED_exists,
- &RBTS.KERNEL_MUST_USE_BACKUP,
- &RBTS.KERNEL_VERSIONS_exists,
- &RBTS.KERNEL_VERSIONS_wrong_permissions,
- &RBTS.KERNEL_VERSIONS_wrong_value,
- &RBTS.KERNEL_VERSIONS_same_as_backup,
- &RBTS.DEVELOPER_MODE,
- &RBTS.developer,
- &RBTS.recovery) != sizeof(RBTS)/sizeof(int)) {
- Log("failed to restore state");
- exit(1);
- }
-}
-
-static void RollbackTest_LogState(void) {
- Log(RBTS_format,
- RBTS.advancing,
- RBTS.owned,
- RBTS.disable,
- RBTS.deactivated,
- RBTS.writecount,
- RBTS.TPM_IS_INITIALIZED_exists,
- RBTS.KERNEL_MUST_USE_BACKUP,
- RBTS.KERNEL_VERSIONS_exists,
- RBTS.KERNEL_VERSIONS_wrong_permissions,
- RBTS.KERNEL_VERSIONS_wrong_value,
- RBTS.KERNEL_VERSIONS_same_as_backup,
- RBTS.DEVELOPER_MODE,
- RBTS.developer,
- RBTS.recovery);
-}
-
-/* Executes a TPM command from the shell.
- */
-static void RollbackTest_TPMShellCommand(char* command) {
- int status;
- TlclCloseDevice();
- status = system("/usr/sbin/tcsd");
- if (status != 0) {
- Log("could not start tcsd");
- exit(1);
- }
- status = system("/usr/bin/sleep 0.1");
- status = system(command);
- if (status != 0) {
- Log("command %s returned 0x%x", command, status);
- exit(1);
- }
- status = system("/usr/bin/pkill tcsd");
- if (status != 0) {
- Log("could not kill tcsd, status 0x%x", status);
- exit(1);
- }
- status = system("/usr/bin/sleep 0.1");
- TlclOpenDevice();
-}
-
-/* Sets or clears ownership.
- */
-static uint32_t RollbackTest_SetOwnership(int ownership) {
- if (ownership) {
- /* Requesting owned state */
- int owned = TlclIsOwned();
- if (!owned) {
- Log("acquiring ownership");
- RollbackTest_TPMShellCommand("/usr/sbin/tpm_takeownership -y -z");
- Log("ownership acquired");
- }
- } else {
- /* Requesting unowned state */
- Log("clearing TPM");
- RETURN_ON_FAILURE(TPMClearAndReenable());
- tpm_was_just_cleared = 1;
- }
- return TPM_SUCCESS;
-}
-
-/* Removes a space. This is a huge pain, because spaces can be removed only
- * when the TPM is owned.
- */
-static uint32_t RollbackTest_RemoveSpace(uint32_t index) {
- char command[1024];
- RollbackTest_SetOwnership(1);
- snprintf(command, sizeof(command),
- "/usr/bin/tpm-nvtool --release --index 0x%x --owner_password \"\"",
- index);
- Log("releasing space %x with command: %s", index, command);
- RollbackTest_TPMShellCommand(command);
- Log("space %x released", index);
- return TPM_SUCCESS;
-}
-
-/* Checks if the TPM is disabled/deactivated, and optionally enables/activates.
- * Does not disable/deactivate here because it might interfere with other
- * operations.
- */
-static uint32_t RollbackTest_PartiallyAdjustFlags(uint8_t* disable,
- uint8_t* deactivated) {
- RETURN_ON_FAILURE(TlclGetFlags(disable, deactivated));
-
- if (*deactivated && !RBTS.deactivated) {
- /* Needs to enable before we can activate. */
- RETURN_ON_FAILURE(TlclSetEnable());
- *disable = 0;
- /* Needs to reboot after activating. */
- RETURN_ON_FAILURE(TlclSetDeactivated(0));
- reboot();
- }
- /* We disable and deactivate at the end, if needed. */
-
- if (*disable && !RBTS.disable) {
- RETURN_ON_FAILURE(TlclSetEnable());
- }
- return TPM_SUCCESS;
-}
-
-/* Removes or creates the TPM_IS_INITIALIZED space.
- */
-static uint32_t RollbackTest_AdjustIsInitialized(void) {
- int initialized;
- RETURN_ON_FAILURE(GetSpacesInitialized(&initialized));
- if (RBTS.TPM_IS_INITIALIZED_exists && !initialized) {
- RETURN_ON_FAILURE(SafeDefineSpace(TPM_IS_INITIALIZED_NV_INDEX,
- TPM_NV_PER_PPWRITE, sizeof(uint32_t)));
- }
- if (!RBTS.TPM_IS_INITIALIZED_exists && initialized) {
- RETURN_ON_FAILURE(RollbackTest_RemoveSpace(TPM_IS_INITIALIZED_NV_INDEX));
- }
- return TPM_SUCCESS;
-}
-
-/* Sets or clears KERNEL_MUST_USE_BACKUP.
- */
-static uint32_t RollbackTest_AdjustMustUseBackup(void) {
- uint32_t must_use_backup;
- RETURN_ON_FAILURE(TlclRead(KERNEL_MUST_USE_BACKUP_NV_INDEX,
- (uint8_t*) &must_use_backup,
- sizeof(must_use_backup)));
- if (RBTS.KERNEL_MUST_USE_BACKUP != must_use_backup) {
- RETURN_ON_FAILURE(SafeWrite(KERNEL_MUST_USE_BACKUP_NV_INDEX,
- (uint8_t*) &must_use_backup,
- sizeof(must_use_backup)));
- }
- return TPM_SUCCESS;
-}
-
-/* Adjusts KERNEL_VERSIONS space.
- */
-static uint32_t RollbackTest_AdjustKernelVersions(int* wrong_value) {
- uint8_t kdata[KERNEL_SPACE_SIZE];
- int exists;
- uint32_t result;
-
- result = TlclRead(KERNEL_VERSIONS_NV_INDEX, kdata, sizeof(kdata));
- if (result != TPM_SUCCESS && result != TPM_E_BADINDEX) {
- return result;
- }
- *wrong_value = Memcmp(kdata + sizeof(uint32_t), KERNEL_SPACE_UID,
- KERNEL_SPACE_UID_SIZE); /* for later use */
- exists = result == TPM_SUCCESS;
- if (RBTS.KERNEL_VERSIONS_exists && !exists) {
- RETURN_ON_FAILURE(SafeDefineSpace(KERNEL_VERSIONS_NV_INDEX,
- TPM_NV_PER_PPWRITE, KERNEL_SPACE_SIZE));
- }
- if (!RBTS.KERNEL_VERSIONS_exists && exists) {
- RETURN_ON_FAILURE(RollbackTest_RemoveSpace(KERNEL_VERSIONS_NV_INDEX));
- }
- return TPM_SUCCESS;
-}
-
-/* Adjusts permissions of KERNEL_VERSIONS space. Updates |wrong_value| to
- * reflect that currently the space contains the wrong value (i.e. does not
- * contain the GRWL identifier).
- */
-static uint32_t RollbackTest_AdjustKernelPermissions(int* wrong_value) {
- uint32_t perms;
-
- /* Wrong permissions */
- RETURN_ON_FAILURE(TlclGetPermissions(KERNEL_VERSIONS_NV_INDEX, &perms));
- if (RBTS.KERNEL_VERSIONS_wrong_permissions && perms == TPM_NV_PER_PPWRITE) {
- /* Redefines with wrong permissions. */
- RETURN_ON_FAILURE(RollbackTest_RemoveSpace(KERNEL_VERSIONS_NV_INDEX));
- RETURN_ON_FAILURE(SafeDefineSpace(KERNEL_VERSIONS_NV_INDEX,
- TPM_NV_PER_PPWRITE |
- TPM_NV_PER_GLOBALLOCK,
- KERNEL_SPACE_SIZE));
- *wrong_value = 1;
- }
- if (!RBTS.KERNEL_VERSIONS_wrong_permissions &&
- perms != TPM_NV_PER_PPWRITE) {
- /* Redefines with right permissions. */
- RETURN_ON_FAILURE(SafeDefineSpace(KERNEL_VERSIONS_NV_INDEX,
- TPM_NV_PER_PPWRITE, 0));
- RETURN_ON_FAILURE(SafeDefineSpace(KERNEL_VERSIONS_NV_INDEX,
- TPM_NV_PER_PPWRITE,
- KERNEL_SPACE_SIZE));
- *wrong_value = 1;
- }
- return TPM_SUCCESS;
-}
-
-static uint32_t RollbackTest_AdjustKernelValue(int wrong_value) {
- if (!RBTS.KERNEL_VERSIONS_wrong_value && wrong_value) {
- RETURN_ON_FAILURE(SafeWrite(KERNEL_VERSIONS_NV_INDEX,
- KERNEL_SPACE_INIT_DATA, KERNEL_SPACE_SIZE));
- }
- if (RBTS.KERNEL_VERSIONS_wrong_value && !wrong_value) {
- RETURN_ON_FAILURE(SafeWrite(KERNEL_VERSIONS_NV_INDEX,
- (uint8_t*) "mickey mouse",
- KERNEL_SPACE_SIZE));
- }
- return TPM_SUCCESS;
-}
-
-/* Adjusts value of KERNEL_VERSIONS_BACKUP space.
- */
-static uint32_t RollbackTest_AdjustKernelBackup(void) {
- /* Same as backup */
- uint32_t kv, kvbackup;
- RETURN_ON_FAILURE(TlclRead(KERNEL_VERSIONS_NV_INDEX,
- (uint8_t*) &kv, sizeof(kv)));
- RETURN_ON_FAILURE(TlclRead(KERNEL_VERSIONS_BACKUP_NV_INDEX,
- (uint8_t*) &kvbackup, sizeof(kvbackup)));
- if (RBTS.KERNEL_VERSIONS_same_as_backup && kv != kvbackup) {
- kvbackup = kv;
- RETURN_ON_FAILURE(SafeWrite(KERNEL_VERSIONS_BACKUP_NV_INDEX,
- (uint8_t*) &kvbackup, sizeof(kvbackup)));
- }
- if (!RBTS.KERNEL_VERSIONS_same_as_backup && kv == kvbackup) {
- kvbackup = kv + 1;
- RETURN_ON_FAILURE(SafeWrite(KERNEL_VERSIONS_BACKUP_NV_INDEX,
- (uint8_t*) &kvbackup, sizeof(kvbackup)));
- }
- return TPM_SUCCESS;
-}
-
-/* Adjust the value in the developer mode transition space.
- */
-static uint32_t RollbackTest_AdjustDeveloperMode(void) {
- uint32_t dev;
- /* Developer mode transitions */
- RETURN_ON_FAILURE(TlclRead(DEVELOPER_MODE_NV_INDEX,
- (uint8_t*) &dev, sizeof(dev)));
-
- if (RBTS.developer != dev) {
- dev = RBTS.developer;
- RETURN_ON_FAILURE(SafeWrite(DEVELOPER_MODE_NV_INDEX,
- (uint8_t*) &dev, sizeof(dev)));
- }
- return TPM_SUCCESS;
-}
-
-/* Changes the unowned write count.
- */
-static uint32_t RollbackTest_AdjustWriteCount(void) {
- int i;
- if (!RBTS.owned) {
- /* Sets the unowned write count, but only if we think that it will make a
- * difference for the test. In other words: we're trying to reduce the
- * number if initial states with some reasoning that we hope is correct.
- */
- if (RBTS.writecount > low_writecount) {
- if (!tpm_was_just_cleared) {
- /* Unknown write count: must clear the TPM to reset to 0 */
- RETURN_ON_FAILURE(TPMClearAndReenable());
- }
- for (i = 0; i < RBTS.writecount; i++) {
- /* Changes the value to ensure that the TPM won't optimize away
- * writes.
- */
- uint8_t b = (uint8_t) i;
- RETURN_ON_FAILURE(SafeWrite(WRITE_BUCKET_NV_INDEX, &b, 1));
- }
- }
- }
- return TPM_SUCCESS;
-}
-
-/* Sets the TPM to the right state for the next test run.
- *
- * Functionally correct ordering is tricky. Optimal ordering is even trickier
- * (no claim to this). May succeed only partially and require a reboot to
- * continue (if the TPM was deactivated at boot).
- */
-static uint32_t RollbackTest_SetTPMState(int initialize) {
- uint8_t disable, deactivated;
- int wrong_value = 0;
-
- /* Initializes if needed */
- if (initialize) {
- TlclLibInit();
- /* Don't worry if we're already started. */
- (void) TlclStartup();
- RETURN_ON_FAILURE(TlclContinueSelfTest());
- RETURN_ON_FAILURE(TlclAssertPhysicalPresence());
- }
-
- RETURN_ON_FAILURE(RollbackTest_PartiallyAdjustFlags(&disable, &deactivated));
- RETURN_ON_FAILURE(RollbackTest_AdjustIsInitialized());
- RETURN_ON_FAILURE(RollbackTest_AdjustMustUseBackup());
- RETURN_ON_FAILURE(RollbackTest_AdjustKernelVersions(&wrong_value));
-
- if (RBTS.KERNEL_VERSIONS_exists) {
- /* Adjusting these states only makes sense when the kernel versions space
- * exists. */
- RETURN_ON_FAILURE(RollbackTest_AdjustKernelPermissions(&wrong_value));
- RETURN_ON_FAILURE(RollbackTest_AdjustKernelValue(wrong_value));
- RETURN_ON_FAILURE(RollbackTest_AdjustKernelBackup());
- }
-
- RETURN_ON_FAILURE(RollbackTest_AdjustDeveloperMode());
- RETURN_ON_FAILURE(RollbackTest_SetOwnership(RBTS.owned));
- /* Do not remove spaces between SetOwnership and AdjustWriteCount, as that
- * might change the ownership state. Also do not issue any writes from now
- * on, because AdjustWriteCount tries to avoid unneccessary clears, and after
- * that, any writes will obviously change the write count.
- */
- RETURN_ON_FAILURE(RollbackTest_AdjustWriteCount());
-
- /* Finally, disables and/or deactivates. Must deactivate before disabling
- */
- if (!deactivated && RBTS.deactivated) {
- RETURN_ON_FAILURE(TlclSetDeactivated(1));
- }
- /* It's better to do this last, even though most commands we use work with
- * the TPM disabled.
- */
- if (!disable && RBTS.disable) {
- RETURN_ON_FAILURE(TlclClearEnable());
- }
- return TPM_SUCCESS;
-}
-
-#define ADVANCE(rbts_field, min, max) do { \
- if (RBTS.rbts_field == max) { \
- RBTS.rbts_field = min; \
- } else { \
- RBTS.rbts_field++; \
- return 0; \
- } \
- } while (0)
-
-#define ADVANCEB(field) ADVANCE(field, 0, 1)
-
-static int RollbackTest_AdvanceState(void) {
- /* This is a generalized counter. It advances an element of the RTBS
- * structure, and when it hits its maximum value, it resets the element and
- * moves on to the next element, similar to the way a decimal counter
- * increases each digit from 0 to 9 and back to 0 with a carry.
- *
- * Tip: put the expensive state changes at the end.
- */
- ADVANCEB(developer);
- ADVANCEB(recovery);
- ADVANCEB(TPM_IS_INITIALIZED_exists);
- ADVANCEB(KERNEL_MUST_USE_BACKUP);
- if (RBTS.owned) {
- ADVANCEB(KERNEL_VERSIONS_exists);
- ADVANCEB(KERNEL_VERSIONS_wrong_permissions);
- ADVANCEB(KERNEL_VERSIONS_wrong_value);
- ADVANCEB(KERNEL_VERSIONS_same_as_backup);
- }
- ADVANCEB(DEVELOPER_MODE);
- /* The writecount is meaningful only when the TPM is not owned. */
- if (!RBTS.owned) {
- ADVANCE(writecount, low_writecount, high_writecount);
- if (RBTS.TPM_IS_INITIALIZED_exists) {
- /* We don't have to go through the full range in this case. */
- if (RBTS.writecount < low_writecount_when_initialized) {
- RBTS.writecount = low_writecount_when_initialized;
- }
- }
- }
- ADVANCEB(deactivated);
- ADVANCEB(disable);
- ADVANCEB(owned);
- if (RBTS.owned == 0) {
- /* overflow */
- return 1;
- }
- return 0;
-}
-
-static void RollbackTest_InitializeState(void) {
- FILE* file = fopen(STATEPATH, "w");
- if (file == NULL) {
- fprintf(stderr, "could not open %s for writing\n", STATEPATH);
- exit(1);
- }
- RBTS.writecount = low_writecount;
- RollbackTest_SaveState(file);
-}
-
-uint32_t RollbackTest_Test(void) {
- uint16_t key_version, version;
-
- if (RBTS.recovery) {
- if (RBTS.developer) {
- /* Developer Recovery mode */
- RETURN_ON_FAILURE(RollbackKernelRecovery(1));
- } else {
- /* Normal Recovery mode */
- RETURN_ON_FAILURE(RollbackKernelRecovery(0));
- }
- } else {
- if (RBTS.developer) {
- /* Developer mode */
- key_version = 0;
- version = 0;
- RETURN_ON_FAILURE(RollbackFirmwareSetup(1));
- RETURN_ON_FAILURE(RollbackFirmwareLock());
- } else {
- /* Normal mode */
- key_version = 0;
- version = 0;
- RETURN_ON_FAILURE(RollbackFirmwareSetup(0));
- RETURN_ON_FAILURE(RollbackFirmwareLock());
- RETURN_ON_FAILURE(RollbackKernelRead(&key_version, &version));
- RETURN_ON_FAILURE(RollbackKernelWrite(key_version, version));
- RETURN_ON_FAILURE(RollbackKernelLock());
- }
- }
- return TPM_SUCCESS;
-}
-
-/* One-time call to create the WRITE_BUCKET space.
- */
-static uint32_t RollbackTest_InitializeTPM(void) {
- TlclLibInit();
- RETURN_ON_FAILURE(TlclStartup());
- RETURN_ON_FAILURE(TlclContinueSelfTest());
- RETURN_ON_FAILURE(TlclAssertPhysicalPresence());
- RETURN_ON_FAILURE(SafeDefineSpace(WRITE_BUCKET_NV_INDEX,
- TPM_NV_PER_PPWRITE, 1));
- RETURN_ON_FAILURE(RollbackTest_SetTPMState(0));
- return TPM_SUCCESS;
-}
-
-static void RollbackTest_Initialize(void) {
- Log("initializing");
- RollbackTest_InitializeState();
- if (RollbackTest_InitializeTPM() != TPM_SUCCESS) {
- Log("couldn't initialize TPM");
- exit(1);
- }
-}
-
-/* Advances the desired TPM state and sets the TPM to the new state.
- */
-static void RollbackTest_Advance(FILE* file) {
- uint32_t result;
- Log("advancing state");
- if (RollbackTest_AdvanceState()) {
- Log("done");
- exit(0);
- }
- result = RollbackTest_SetTPMState(1);
- if (result == TPM_SUCCESS) {
- RBTS.advancing = 0;
- RollbackTest_SaveState(file);
- reboot();
- } else {
- Log("SetTPMState failed with 0x%x\n", result);
- exit(1);
- }
-}
-
-/* Performs the test for the current TPM state, and verify that the outcome
- * matches the expectations.
- */
-static void RollbackTest_RunOneTest(FILE* file) {
- uint32_t result;
- uint32_t expected_result = TPM_SUCCESS;
-
- if (!RBTS.KERNEL_VERSIONS_exists ||
- RBTS.KERNEL_VERSIONS_wrong_permissions ||
- RBTS.KERNEL_VERSIONS_wrong_value) {
- expected_result = TPM_E_CORRUPTED_STATE;
- }
-
- if (!RBTS.KERNEL_VERSIONS_exists && !RBTS.TPM_IS_INITIALIZED_exists) {
- /* The space will be recreated */
- expected_result = TPM_SUCCESS;
- }
-
- if ((!RBTS.TPM_IS_INITIALIZED_exists || !RBTS.KERNEL_VERSIONS_exists)
- && RBTS.owned) {
- /* Cannot create spaces without owner authorization */
- expected_result = TPM_E_OWNER_SET;
- }
-
- if (RBTS.TPM_IS_INITIALIZED_exists && !RBTS.KERNEL_VERSIONS_exists) {
- expected_result = TPM_ANY_FAILURE;
- }
-
- result = RollbackTest_Test();
-
- if (result == expected_result ||
- (result != TPM_SUCCESS && expected_result == TPM_ANY_FAILURE)) {
- Log("test succeeded with 0x%x\n", result);
- RBTS.advancing = 1;
- RollbackTest_SaveState(file);
- reboot();
- } else {
- Log("test failed with 0x%x, expecting 0x%x\n", result, expected_result);
- exit(1);
- }
-}
-
-static FILE* RollbackTest_OpenState(void) {
- FILE* file = fopen(STATEPATH, "r+");
- if (file == NULL) {
- Log("%s could not be opened", STATEPATH);
- exit(1);
- }
- return file;
-}
-
-/* Sync saved state with TPM state.
- */
-static void RollbackTest_Sync(void) {
- FILE *file = RollbackTest_OpenState();
- uint32_t result;
- RollbackTest_RestoreState(file);
- Log("Syncing state");
- result = RollbackTest_SetTPMState(1);
- if (result != TPM_SUCCESS) {
- Log("Sync failed with %x", result);
- exit(1);
- }
-}
-
-/* Runs one testing iteration and advances the testing state.
- */
-static void RollbackTest_Run(void) {
- FILE* file = RollbackTest_OpenState();
- RollbackTest_RestoreState(file);
- RollbackTest_LogState();
- if (RBTS.advancing) {
- RollbackTest_Advance(file);
- } else {
- RollbackTest_RunOneTest(file);
- }
-}
-
-int main(int argc, char** argv) {
-
- openlog("rbtest", LOG_CONS | LOG_PERROR, LOG_USER);
-
- if (geteuid() != 0) {
- fprintf(stderr, "rollback-test: must run as root\n");
- exit(1);
- }
-
- if (argc == 2 && strcmp(argv[1], "initialize") == 0) {
- RollbackTest_Initialize();
- } else if (argc == 2 && strcmp(argv[1], "sync") == 0) {
- RollbackTest_Sync();
- } else if (argc == 1) {
- RollbackTest_Run();
- } else {
- fprintf(stderr, "usage: rollback-test [ initialize ]\n");
- exit(1);
- }
- return 0;
-}
diff --git a/tests/run_image_verification_tests.sh b/tests/run_image_verification_tests.sh
deleted file mode 100755
index 025066a4..00000000
--- a/tests/run_image_verification_tests.sh
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-
-# Run verified boot firmware and kernel verification tests.
-
-# Load common constants and variables.
-. "$(dirname "$0")/common.sh"
-
-return_code=0
-
-function test_firmware_verification {
- algorithmcounter=0
- for keylen in ${key_lengths[@]}
- do
- for hashalgo in ${hash_algos[@]}
- do
- echo -e "For Root key ${COL_YELLOW}RSA-$keylen/$hashalgo${COL_STOP}:"
- ${TEST_DIR}/firmware_image_tests $algorithmcounter \
- ${TESTKEY_DIR}/key_rsa8192.pem \
- ${TESTKEY_DIR}/key_rsa8192.keyb \
- ${TESTKEY_DIR}/key_rsa${keylen}.pem \
- ${TESTKEY_DIR}/key_rsa${keylen}.keyb
- if [ $? -ne 0 ]
- then
- return_code=255
- fi
- let algorithmcounter=algorithmcounter+1
- done
- done
-}
-
-function test_kernel_verification {
-# Test for various combinations of firmware signing algorithm and
-# kernel signing algorithm
- firmware_algorithmcounter=0
- kernel_algorithmcounter=0
- for firmware_keylen in ${key_lengths[@]}
- do
- for firmware_hashalgo in ${hash_algos[@]}
- do
- let kernel_algorithmcounter=0
- for kernel_keylen in ${key_lengths[@]}
- do
- for kernel_hashalgo in ${hash_algos[@]}
- do
- echo -e "For ${COL_YELLOW}Firmware signing algorithm \
-RSA-${firmware_keylen}/${firmware_hashalgo}${COL_STOP} \
-and ${COL_YELLOW}Kernel signing algorithm RSA-${kernel_keylen}/\
-${kernel_hashalgo}${COL_STOP}"
- ${TEST_DIR}/kernel_image_tests \
- $firmware_algorithmcounter $kernel_algorithmcounter \
- ${TESTKEY_DIR}/key_rsa${firmware_keylen}.pem \
- ${TESTKEY_DIR}/key_rsa${firmware_keylen}.keyb \
- ${TESTKEY_DIR}/key_rsa${kernel_keylen}.pem \
- ${TESTKEY_DIR}/key_rsa${kernel_keylen}.keyb
- if [ $? -ne 0 ]
- then
- return_code=255
- fi
- let kernel_algorithmcounter=kernel_algorithmcounter+1
- done
- done
- let firmware_algorithmcounter=firmware_algorithmcounter+1
- done
- done
-}
-
-check_test_keys
-
-echo
-echo "Testing high-level firmware image verification..."
-test_firmware_verification
-
-echo
-echo "Testing high-level kernel image verification..."
-test_kernel_verification
-
-exit $return_code
diff --git a/tests/verify_firmware_fuzz_driver.c b/tests/verify_firmware_fuzz_driver.c
deleted file mode 100644
index 3868d74f..00000000
--- a/tests/verify_firmware_fuzz_driver.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Utility for aiding fuzz testing of firmware image verification code.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-
-#include "file_keys.h"
-#include "firmware_image.h"
-#include "utility.h"
-
-int VerifySignedFirmware(const char* root_key_file,
- const char* verification_file,
- const char* firmware_file) {
- int error, error_code = 0;
- uint64_t len;
- uint8_t* verification_blob = BufferFromFile(verification_file, &len);
- uint8_t* firmware_blob = BufferFromFile(firmware_file, &len);
- uint8_t* root_key_blob = BufferFromFile(root_key_file, &len);
-
- if (!root_key_blob) {
- fprintf(stderr, "Couldn't read pre-processed public root key.\n");
- error_code = 1;
- }
-
- if (!error_code && !firmware_blob) {
- fprintf(stderr, "Couldn't read firmware image.\n");
- error_code = 1;
- }
-
- if (!error_code && !verification_blob) {
- fprintf(stderr, "Couldn't read verification data image.\n");
- error_code = 1;
- }
-
- if (!error_code && (error = VerifyFirmware(root_key_blob,
- verification_blob,
- firmware_blob))) {
- fprintf(stderr, "%s\n", VerifyFirmwareErrorString(error));
- error_code = 1;
- }
- Free(root_key_blob);
- Free(firmware_blob);
- if (error_code)
- return 0;
- else
- return 1;
-}
-
-int main(int argc, char* argv[]) {
- if (argc != 4) {
- fprintf(stderr, "Usage: %s <verification blob> <image_to_verify> <root_keyb>"
- "\n", argv[0]);
- return -1;
- }
- if (VerifySignedFirmware(argv[3], argv[1], argv[2])) {
- fprintf(stderr, "Verification SUCCESS!\n");
- return 0;
- } else {
- fprintf(stderr, "Verification FAILURE!\n");
- return -1;
- }
-}
diff --git a/tests/verify_kernel_fuzz_driver.c b/tests/verify_kernel_fuzz_driver.c
deleted file mode 100644
index e429f5e0..00000000
--- a/tests/verify_kernel_fuzz_driver.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Utility for aiding fuzz testing of kernel image verification code.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-
-#include "file_keys.h"
-#include "kernel_image.h"
-#include "utility.h"
-
-int VerifySignedKernel(const char* image_file,
- const char* firmware_key_file) {
- int error, error_code = 0;
- uint64_t len;
- uint8_t* kernel_blob = BufferFromFile(image_file, &len);
- uint8_t* firmware_key_blob = BufferFromFile(firmware_key_file, &len);
-
- if (!firmware_key_blob) {
- fprintf(stderr, "Couldn't read pre-processed public firmware key.\n");
- error_code = 1;
- }
-
- if (!error_code && !kernel_blob) {
- fprintf(stderr, "Couldn't read kernel image or malformed image.\n");
- error_code = 1;
- }
-
- if (!error_code && (error = VerifyKernel(firmware_key_blob, kernel_blob,
- 0))) { /* Trusted Mode. */
- fprintf(stderr, "%s\n", VerifyKernelErrorString(error));
- error_code = 1;
- }
- Free(firmware_key_blob);
- Free(kernel_blob);
- if (error_code)
- return 0;
- return 1;
-}
-
-int main(int argc, char* argv[]) {
- if (argc != 3) {
- fprintf(stderr, "Usage: %s <image_to_verify> <firmware_keyb>\n", argv[0]);
- return -1;
- }
- if (VerifySignedKernel(argv[1], argv[2])) {
- fprintf(stderr, "Verification SUCCESS!\n");
- return 0;
- }
- else {
- fprintf(stderr, "Verification FAILURE!\n");
- return -1;
- }
-}
diff --git a/utility/load_firmware_test.c b/utility/load_firmware_test.c
deleted file mode 100644
index 062d8e75..00000000
--- a/utility/load_firmware_test.c
+++ /dev/null
@@ -1,250 +0,0 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Routines for verifying a firmware image's signature.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "fmap.h"
-#include "gbb_header.h"
-#include "host_common.h"
-#include "host_misc.h"
-#include "load_firmware_fw.h"
-
-
-typedef struct _CallerInternal {
- struct {
- uint8_t* fw;
- uint64_t size;
- } firmware[2];
-} CallerInternal;
-
-static char* progname = NULL;
-static char* image_path = NULL;
-
-
-/* wrapper of FmapAreaIndex; print error when not found */
-int FmapAreaIndexOrError(const FmapHeader* fh, const FmapAreaHeader* ah,
- const char* name);
-
-int GetFirmwareBody(LoadFirmwareParams* params, uint64_t firmware_index) {
- CallerInternal* ci = (CallerInternal*) params->caller_internal;
-
- if (firmware_index != 0 && firmware_index != 1)
- return 1;
-
-#if 0
- VbUpdateFirmwareBodyHash(params,
- ci->firmware[firmware_index].fw,
- ci->firmware[firmware_index].size);
-#endif
-
- return 0;
-}
-
-/* Get GBB
- *
- * Return pointer to GBB from firmware image, or NULL if not found.
- *
- * [base_of_rom] pointer to firmware image
- * [fmap] pointer to Flash Map of firmware image
- * [gbb_size] GBB size will be stored here if GBB is found
- */
-void* GetFirmwareGBB(const void* base_of_rom, const void* fmap,
- uint64_t* gbb_size) {
- const FmapHeader* fh = (const FmapHeader*) fmap;
- const FmapAreaHeader* ah = (const FmapAreaHeader*)
- (fmap + sizeof(FmapHeader));
- int i = FmapAreaIndexOrError(fh, ah, "GBB");
-
- if (i < 0)
- return NULL;
-
- *gbb_size = ah[i].area_size;
- return (void*)(base_of_rom + ah[i].area_offset);
-}
-
-/* Get verification block
- *
- * Return zero if succeed, or non-zero if failed
- *
- * [base_of_rom] pointer to firmware image
- * [fmap] pointer to Flash Map of firmware image
- * [index] index of verification block
- * [verification_block_ptr] pointer to storing the found verification block
- * [verification_size_ptr] pointer to store the found verification block size
- */
-int GetVerificationBlock(const void* base_of_rom, const void* fmap, int index,
- void** verification_block_ptr, uint64_t* verification_size_ptr) {
- const char* key_area_name[2] = {
- "VBLOCK_A",
- "VBLOCK_B"
- };
- const FmapHeader* fh = (const FmapHeader*) fmap;
- const FmapAreaHeader* ah = (const FmapAreaHeader*)
- (fmap + sizeof(FmapHeader));
- int i = FmapAreaIndexOrError(fh, ah, key_area_name[index]);
- const void* kb;
- const VbKeyBlockHeader* kbh;
- const VbFirmwarePreambleHeader* fph;
-
- if (i < 0)
- return 1;
-
- kb = base_of_rom + ah[i].area_offset;
- *verification_block_ptr = (void*) kb;
-
- kbh = (const VbKeyBlockHeader*) kb;
- fph = (const VbFirmwarePreambleHeader*) (kb + kbh->key_block_size);
-
- *verification_size_ptr = kbh->key_block_size + fph->preamble_size;
-
- return 0;
-}
-
-/* Return non-zero if not found */
-int GetFirmwareData(const void* base_of_rom, const void* fmap, int index,
- void *verification_block, uint8_t** body_ptr, uint64_t *size_ptr) {
- const char* data_area_name[2] = {
- "FW_MAIN_A",
- "FW_MAIN_B"
- };
- const FmapHeader* fh = (const FmapHeader*) fmap;
- const FmapAreaHeader* ah = (const FmapAreaHeader*)
- (fmap + sizeof(FmapHeader));
- const VbKeyBlockHeader* kbh = (const VbKeyBlockHeader*) verification_block;
- const VbFirmwarePreambleHeader* fph = (const VbFirmwarePreambleHeader*)
- (verification_block + kbh->key_block_size);
- int i = FmapAreaIndexOrError(fh, ah, data_area_name[index]);
-
- if (i < 0)
- return 1;
-
- *body_ptr = (uint8_t*) (base_of_rom + ah[i].area_offset);
- *size_ptr = (uint64_t) fph->body_signature.data_size;
- return 0;
-}
-
-/* Verify firmware image [base_of_rom] using [fmap] for looking up areas.
- * Return zero on success, non-zero on error
- *
- * [base_of_rom] pointer to start of firmware image
- * [fmap] pointer to start of Flash Map of firmware image
- */
-int DriveLoadFirmware(const void* base_of_rom, const void* fmap,
- const uint64_t boot_flags) {
- LoadFirmwareParams lfp;
- CallerInternal ci;
-
- VbError_t status;
- int index;
-
- void** vblock_ptr[2] = {
- &lfp.verification_block_0, &lfp.verification_block_1
- };
- uint64_t* vsize_ptr[2] = {
- &lfp.verification_size_0, &lfp.verification_size_1
- };
-
- /* Initialize LoadFirmwareParams lfp */
-
- lfp.caller_internal = &ci;
- lfp.gbb_data = GetFirmwareGBB(base_of_rom, fmap, &lfp.gbb_size);
- if (!lfp.gbb_data) {
- printf("ERROR: cannot get firmware GBB\n");
- return 1;
- }
-
- printf("firmware GBB at 0x%08" PRIx64 "\n",
- (uint64_t) (lfp.gbb_data - base_of_rom));
-
- /* Loop to initialize firmware key and data A / B */
- for (index = 0; index < 2; ++index) {
- if (GetVerificationBlock(base_of_rom, fmap, index,
- vblock_ptr[index], vsize_ptr[index])) {
- printf("ERROR: cannot get key block %d\n", index);
- return 1;
- }
-
- printf("verification block %d at 0x%08" PRIx64 "\n", index,
- (uint64_t) (*vblock_ptr[index] - base_of_rom));
- printf("verification block %d size is 0x%08" PRIx64 "\n", index,
- *vsize_ptr[index]);
-
- if (GetFirmwareData(base_of_rom, fmap, index, *vblock_ptr[index],
- &(ci.firmware[index].fw), &(ci.firmware[index].size))) {
- printf("ERROR: cannot get firmware body %d\n", index);
- return 1;
- }
-
- printf("firmware %c at 0x%08" PRIx64 "\n", "AB"[index],
- (uint64_t) ((void*) ci.firmware[index].fw - base_of_rom));
- printf("firmware %c size is 0x%08" PRIx64 "\n", "AB"[index],
- ci.firmware[index].size);
- }
-
- lfp.shared_data_blob = malloc(VB_SHARED_DATA_MIN_SIZE);
- lfp.shared_data_size = VB_SHARED_DATA_MIN_SIZE;
- printf("shared data size 0x%08" PRIx32 "\n", lfp.shared_data_size);
- /* TODO: load_firmware_test was broken in the wrapper API rewrite.
- * Nothing uses it, so we haven't noticed yet. Need to fix it. See
- * crosbug.com/17564. LoadFirmware() now assumes that VbInit() has
- * been called to set up the shared data structure, but that isn't
- * happening here. */
-
- status = LoadFirmware(&lfp);
- printf("LoadFirmware returned: 0x%x\n", (int)status);
-
- free(lfp.shared_data_blob);
-
- return 0;
-}
-
-/* wrap FmapAreaIndex; print error when not found */
-int FmapAreaIndexOrError(const FmapHeader* fh, const FmapAreaHeader* ah,
- const char* name) {
- int i = FmapAreaIndex(fh, ah, name);
- if (i < 0)
- fprintf(stderr, "%s: can't find %s in firmware image\n", progname, name);
- return i;
-}
-
-int main(int argc, char* argv[]) {
- int i;
- int retval = 0;
- const void* base_of_rom;
- const void* fmap;
- uint64_t boot_flags = 0, rom_size;
-
- progname = argv[0];
-
- if (argc < 2) {
- fprintf(stderr, "usage: %s [-b NUM] <firmware_image>\n", progname);
- exit(1);
- }
-
- for (i = 1; i < argc; i++) {
- if (!strcmp(argv[i], "-b") && i < argc - 1)
- boot_flags = strtoull(argv[++i], NULL, 0);
- else
- image_path = argv[i];
- }
-
- base_of_rom = ReadFile(image_path, &rom_size);
- if (base_of_rom == NULL) {
- fprintf(stderr, "%s: can not open %s\n", progname, image_path);
- exit(1);
- }
-
- fmap = FmapFind((char*) base_of_rom, rom_size);
-
- retval = DriveLoadFirmware(base_of_rom, fmap, boot_flags);
-
- free((void*) base_of_rom);
-
- return retval;
-}
View Lorry Controller Status