vboot/secdata: implement vboot2 FWMP support

Implement FWMP support in vboot2. Currently, the data structure is just accessed directly, checking to see whether its `flags` member contains particular flags. We'd like to change this to follow the same scheme as secdata_firmware and secdata_kernel. This CL also updates some functions, comments, and tests related to secdata_firmware and secdata_kernel to ensure consistency between code for the secdata spaces. BUG=b:124141368, chromium:972956 TEST=make clean && make runtests BRANCH=none Change-Id: Ia0d67532cc6e077e170ffb25d0bc587b1d53edf3 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1773088 Reviewed-by: Joel Kitching <kitching@chromium.org> Tested-by: Joel Kitching <kitching@chromium.org> Commit-Queue: Joel Kitching <kitching@chromium.org>
author: Joel Kitching <kitching@google.com> 2019-08-28 17:45:05 +0800
committer: Commit Bot <commit-bot@chromium.org> 2019-09-23 17:54:09 +0000
commit: 967ba853d88b7803c73f3adb94b8717d001a077b (patch)
tree: 2ce2dc70ead38a5f687f2c5b822a2d19d38469f2 /tests/vb2_secdata_firmware_tests.c
parent: aaf394335cc4e287a1ffb6332311559b2b29c41f (diff)
download: vboot-967ba853d88b7803c73f3adb94b8717d001a077b.tar.gz
1 files changed, 67 insertions, 50 deletions
diff --git a/tests/vb2_secdata_firmware_tests.c b/tests/vb2_secdata_firmware_tests.c
index 3564cfa5..d20ee709 100644
--- a/tests/vb2_secdata_firmware_tests.c
+++ b/tests/vb2_secdata_firmware_tests.c
@@ -14,6 +14,26 @@
 #include "test_common.h"
 #include "vboot_common.h"
 
+static uint8_t workbuf[VB2_FIRMWARE_WORKBUF_RECOMMENDED_SIZE]
+	__attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
+static struct vb2_context ctx;
+static struct vb2_shared_data *sd;
+static struct vb2_secdata_firmware *sec;
+
+static void reset_common_data(void)
+{
+	memset(workbuf, 0xaa, sizeof(workbuf));
+
+	memset(&ctx, 0, sizeof(ctx));
+	ctx.workbuf = workbuf;
+	ctx.workbuf_size = sizeof(workbuf);
+
+	vb2_init_context(&ctx);
+	sd = vb2_get_sd(&ctx);
+
+	sec = (struct vb2_secdata_firmware *)ctx.secdata_firmware;
+}
+
 static void test_changed(struct vb2_context *c, int changed, const char *why)
 {
 	if (changed)
@@ -28,118 +48,115 @@ static void test_changed(struct vb2_context *c, int changed, const char *why)
 
 static void secdata_firmware_test(void)
 {
-	uint8_t workbuf[VB2_FIRMWARE_WORKBUF_RECOMMENDED_SIZE]
-		__attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
-	struct vb2_context c = {
-		.flags = 0,
-		.workbuf = workbuf,
-		.workbuf_size = sizeof(workbuf),
-	};
-	struct vb2_secdata_firmware *sec =
-		(struct vb2_secdata_firmware *)c.secdata_firmware;
-	struct vb2_shared_data *sd = vb2_get_sd(&c);
 	uint32_t v = 1;
+	reset_common_data();
 
 	/* Check size constant */
 	TEST_EQ(VB2_SECDATA_FIRMWARE_SIZE, sizeof(struct vb2_secdata_firmware),
 		"Struct size constant");
 
 	/* Blank data is invalid */
-	memset(c.secdata_firmware, 0xa6, sizeof(c.secdata_firmware));
-	TEST_EQ(vb2api_secdata_firmware_check(&c),
+	memset(ctx.secdata_firmware, 0xa6, sizeof(ctx.secdata_firmware));
+	TEST_EQ(vb2api_secdata_firmware_check(&ctx),
 		VB2_ERROR_SECDATA_FIRMWARE_CRC, "Check blank CRC");
-	TEST_EQ(vb2_secdata_firmware_init(&c),
+	TEST_EQ(vb2_secdata_firmware_init(&ctx),
 		VB2_ERROR_SECDATA_FIRMWARE_CRC, "Init blank CRC");
 
 	/* Ensure zeroed buffers are invalid (coreboot relies on this) */
-	memset(c.secdata_firmware, 0, sizeof(c.secdata_firmware));
-	TEST_EQ(vb2_secdata_firmware_init(&c),
+	memset(ctx.secdata_firmware, 0, sizeof(ctx.secdata_firmware));
+	TEST_EQ(vb2_secdata_firmware_init(&ctx),
 		VB2_ERROR_SECDATA_FIRMWARE_VERSION,
 		"Zeroed buffer (invalid version)");
 
 	/* Try with bad version */
-	TEST_SUCC(vb2api_secdata_firmware_create(&c), "Create");
+	TEST_EQ(vb2api_secdata_firmware_create(&ctx), VB2_SECDATA_FIRMWARE_SIZE,
+		"Create");
 	sec->struct_version -= 1;
 	sec->crc8 = vb2_crc8(sec, offsetof(struct vb2_secdata_firmware, crc8));
-	TEST_EQ(vb2api_secdata_firmware_check(&c),
+	TEST_EQ(vb2api_secdata_firmware_check(&ctx),
 		VB2_ERROR_SECDATA_FIRMWARE_VERSION, "Check invalid version");
-	TEST_EQ(vb2_secdata_firmware_init(&c),
+	TEST_EQ(vb2_secdata_firmware_init(&ctx),
 		VB2_ERROR_SECDATA_FIRMWARE_VERSION, "Init invalid version");
 
 	/* Create good data */
-	TEST_SUCC(vb2api_secdata_firmware_create(&c), "Create");
-	TEST_SUCC(vb2api_secdata_firmware_check(&c), "Check created CRC");
-	TEST_SUCC(vb2_secdata_firmware_init(&c), "Init created CRC");
+	vb2api_secdata_firmware_create(&ctx);
+	TEST_SUCC(vb2api_secdata_firmware_check(&ctx), "Check created CRC");
+	TEST_SUCC(vb2_secdata_firmware_init(&ctx), "Init created CRC");
 	TEST_NEQ(sd->status & VB2_SD_STATUS_SECDATA_FIRMWARE_INIT, 0,
 		 "Init set SD status");
 	sd->status &= ~VB2_SD_STATUS_SECDATA_FIRMWARE_INIT;
-	test_changed(&c, 1, "Create changes data");
+	test_changed(&ctx, 1, "Create changes data");
 
 	/* Now corrupt it */
-	c.secdata_firmware[2]++;
-	TEST_EQ(vb2api_secdata_firmware_check(&c),
+	ctx.secdata_firmware[2]++;
+	TEST_EQ(vb2api_secdata_firmware_check(&ctx),
 		VB2_ERROR_SECDATA_FIRMWARE_CRC, "Check invalid CRC");
-	TEST_EQ(vb2_secdata_firmware_init(&c),
+	TEST_EQ(vb2_secdata_firmware_init(&ctx),
 		VB2_ERROR_SECDATA_FIRMWARE_CRC, "Init invalid CRC");
 
 	/* Read/write flags */
-	vb2api_secdata_firmware_create(&c);
-	vb2_secdata_firmware_init(&c);
-	c.flags = 0;
-	TEST_SUCC(vb2_secdata_firmware_get(&c, VB2_SECDATA_FIRMWARE_FLAGS, &v),
+	vb2api_secdata_firmware_create(&ctx);
+	vb2_secdata_firmware_init(&ctx);
+	ctx.flags = 0;
+	TEST_SUCC(vb2_secdata_firmware_get(&ctx, VB2_SECDATA_FIRMWARE_FLAGS,
+					   &v),
 		  "Get flags");
 	TEST_EQ(v, 0, "Flags created 0");
-	test_changed(&c, 0, "Get doesn't change data");
-	TEST_SUCC(vb2_secdata_firmware_set(&c, VB2_SECDATA_FIRMWARE_FLAGS,
+	test_changed(&ctx, 0, "Get doesn't change data");
+	TEST_SUCC(vb2_secdata_firmware_set(&ctx, VB2_SECDATA_FIRMWARE_FLAGS,
 					   0x12),
 		  "Set flags");
-	test_changed(&c, 1, "Set changes data");
-	TEST_SUCC(vb2_secdata_firmware_set(&c, VB2_SECDATA_FIRMWARE_FLAGS,
+	test_changed(&ctx, 1, "Set changes data");
+	TEST_SUCC(vb2_secdata_firmware_set(&ctx, VB2_SECDATA_FIRMWARE_FLAGS,
 					   0x12),
 		  "Set flags 2");
-	test_changed(&c, 0, "Set again doesn't change data");
-	TEST_SUCC(vb2_secdata_firmware_get(&c, VB2_SECDATA_FIRMWARE_FLAGS, &v),
+	test_changed(&ctx, 0, "Set again doesn't change data");
+	TEST_SUCC(vb2_secdata_firmware_get(&ctx, VB2_SECDATA_FIRMWARE_FLAGS,
+					   &v),
 		  "Get flags 2");
 	TEST_EQ(v, 0x12, "Flags changed");
-	TEST_EQ(vb2_secdata_firmware_set(&c, VB2_SECDATA_FIRMWARE_FLAGS, 0x100),
+	TEST_EQ(vb2_secdata_firmware_set(&ctx, VB2_SECDATA_FIRMWARE_FLAGS,
+					 0x100),
 		VB2_ERROR_SECDATA_FIRMWARE_SET_FLAGS, "Bad flags");
 
 	/* Read/write versions */
-	TEST_SUCC(vb2_secdata_firmware_get(&c, VB2_SECDATA_FIRMWARE_VERSIONS,
+	TEST_SUCC(vb2_secdata_firmware_get(&ctx, VB2_SECDATA_FIRMWARE_VERSIONS,
 					   &v),
 		  "Get versions");
 	TEST_EQ(v, 0, "Versions created 0");
-	test_changed(&c, 0, "Get doesn't change data");
-	TEST_SUCC(vb2_secdata_firmware_set(&c, VB2_SECDATA_FIRMWARE_VERSIONS,
+	test_changed(&ctx, 0, "Get doesn't change data");
+	TEST_SUCC(vb2_secdata_firmware_set(&ctx, VB2_SECDATA_FIRMWARE_VERSIONS,
 					   0x123456ff),
 		  "Set versions");
-	test_changed(&c, 1, "Set changes data");
-	TEST_SUCC(vb2_secdata_firmware_set(&c, VB2_SECDATA_FIRMWARE_VERSIONS,
+	test_changed(&ctx, 1, "Set changes data");
+	TEST_SUCC(vb2_secdata_firmware_set(&ctx, VB2_SECDATA_FIRMWARE_VERSIONS,
 					   0x123456ff),
 		  "Set versions 2");
-	test_changed(&c, 0, "Set again doesn't change data");
-	TEST_SUCC(vb2_secdata_firmware_get(&c, VB2_SECDATA_FIRMWARE_VERSIONS, &v),
+	test_changed(&ctx, 0, "Set again doesn't change data");
+	TEST_SUCC(vb2_secdata_firmware_get(&ctx, VB2_SECDATA_FIRMWARE_VERSIONS,
+					   &v),
 		  "Get versions 2");
 	TEST_EQ(v, 0x123456ff, "Versions changed");
 
 	/* Invalid field fails */
-	TEST_EQ(vb2_secdata_firmware_get(&c, -1, &v),
+	TEST_EQ(vb2_secdata_firmware_get(&ctx, -1, &v),
 		VB2_ERROR_SECDATA_FIRMWARE_GET_PARAM, "Get invalid");
-	TEST_EQ(vb2_secdata_firmware_set(&c, -1, 456),
+	TEST_EQ(vb2_secdata_firmware_set(&ctx, -1, 456),
 		VB2_ERROR_SECDATA_FIRMWARE_SET_PARAM, "Set invalid");
-	test_changed(&c, 0, "Set invalid field doesn't change data");
+	test_changed(&ctx, 0, "Set invalid field doesn't change data");
 
 	/* Read/write uninitialized data fails */
 	sd->status &= ~VB2_SD_STATUS_SECDATA_FIRMWARE_INIT;
-	TEST_EQ(vb2_secdata_firmware_get(&c, VB2_SECDATA_FIRMWARE_VERSIONS, &v),
+	TEST_EQ(vb2_secdata_firmware_get(&ctx, VB2_SECDATA_FIRMWARE_VERSIONS,
+					 &v),
 		VB2_ERROR_SECDATA_FIRMWARE_GET_UNINITIALIZED,
 		"Get uninitialized");
-	test_changed(&c, 0, "Get uninitialized doesn't change data");
-	TEST_EQ(vb2_secdata_firmware_set(&c, VB2_SECDATA_FIRMWARE_VERSIONS,
+	test_changed(&ctx, 0, "Get uninitialized doesn't change data");
+	TEST_EQ(vb2_secdata_firmware_set(&ctx, VB2_SECDATA_FIRMWARE_VERSIONS,
 					 0x123456ff),
 		VB2_ERROR_SECDATA_FIRMWARE_SET_UNINITIALIZED,
 		"Set uninitialized");
-	test_changed(&c, 0, "Set uninitialized doesn't change data");
+	test_changed(&ctx, 0, "Set uninitialized doesn't change data");
 }
 
 int main(int argc, char* argv[])
author	Joel Kitching <kitching@google.com>	2019-08-28 17:45:05 +0800
committer	Commit Bot <commit-bot@chromium.org>	2019-09-23 17:54:09 +0000
commit	967ba853d88b7803c73f3adb94b8717d001a077b (patch)
tree	2ce2dc70ead38a5f687f2c5b822a2d19d38469f2 /tests/vb2_secdata_firmware_tests.c
parent	aaf394335cc4e287a1ffb6332311559b2b29c41f (diff)
download	vboot-967ba853d88b7803c73f3adb94b8717d001a077b.tar.gz