vboot/secdata: move permissions and uid check to ReadSpaceKernel

Relocate permissions and uid check from RollbackKernelRead to ReadSpaceKernel. Restructure test code to set default values in ResetMocks. BUG=b:124141368, chromium:972956 TEST=make clean && make runtests BRANCH=none Change-Id: I72c536042b89684c6db5099412344678e3d9d920 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1758146 Reviewed-by: Julius Werner <jwerner@chromium.org> Tested-by: Joel Kitching <kitching@chromium.org> Commit-Queue: Joel Kitching <kitching@chromium.org>
author: Joel Kitching <kitching@google.com> 2019-08-16 16:03:50 +0800
committer: Commit Bot <commit-bot@chromium.org> 2019-08-21 04:02:05 +0000
commit: 4bcb8ceb90fba5b15ab5fc650fb09314ded47d63 (patch)
tree: 614d6824af62e6ffd98d4f3218b0f5d2a5ff93f4 /tests
parent: 687e25f025a8801a2ad615d206b95ed813ef6ccb (diff)
download: vboot-4bcb8ceb90fba5b15ab5fc650fb09314ded47d63.tar.gz
1 files changed, 59 insertions, 39 deletions
diff --git a/tests/rollback_index2_tests.c b/tests/rollback_index2_tests.c
index a092406d..9df8b06d 100644
--- a/tests/rollback_index2_tests.c
+++ b/tests/rollback_index2_tests.c
@@ -75,9 +75,20 @@ static void ResetMocks(int fail_on_call, uint32_t fail_with_err)
 	fail_with_error = fail_with_err;
 
 	memset(&mock_pflags, 0, sizeof(mock_pflags));
+
 	memset(&mock_rsf, 0, sizeof(mock_rsf));
+	mock_rsf.struct_version = ROLLBACK_SPACE_FIRMWARE_VERSION;
+	mock_rsf.crc8 = vb2_crc8(&mock_rsf,
+				 offsetof(RollbackSpaceFirmware, crc8));
+
 	memset(&mock_rsk, 0, sizeof(mock_rsk));
-	mock_permissions = 0;
+	mock_rsk.uid = ROLLBACK_SPACE_KERNEL_UID;
+	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION;
+	mock_rsk.kernel_versions = 0x87654321;
+	mock_rsk.crc8 = vb2_crc8(&mock_rsk,
+				 offsetof(RollbackSpaceKernel, crc8));
+
+	mock_permissions = TPM_NV_PER_PPWRITE;
 
 	memset(mock_fwmp.buf, 0, sizeof(mock_fwmp.buf));
 	mock_fwmp.fwmp.struct_size = sizeof(mock_fwmp.fwmp);
@@ -250,31 +261,30 @@ static void FirmwareSpaceTest(void)
 {
 	RollbackSpaceFirmware rsf;
 
-	/* A read with old version should fail */
+	/* Old version, valid CRC */
 	ResetMocks(0, 0);
-	mock_rsf.struct_version = ROLLBACK_SPACE_FIRMWARE_VERSION - 1;
+	mock_rsf.struct_version -= 1;
+	mock_rsf.crc8 = vb2_crc8(&mock_rsf,
+				 offsetof(RollbackSpaceFirmware, crc8));
 	TEST_EQ(ReadSpaceFirmware(&rsf), TPM_E_STRUCT_VERSION,
 		"ReadSpaceFirmware(), old version");
 	TEST_STR_EQ(mock_calls,
 		    "TlclRead(0x1007, 10)\n",
 		    "tlcl calls");
 
-	/* A read with current version should fail on bad CRC */
+	/* Current version, bad CRC */
 	ResetMocks(0, 0);
-	mock_rsf.struct_version = ROLLBACK_SPACE_FIRMWARE_VERSION;
+	mock_rsf.crc8 = 0;
 	TEST_EQ(ReadSpaceFirmware(&rsf), TPM_E_CORRUPTED_STATE,
-		"ReadSpaceFirmware(), current version, bad CRC");
+		"ReadSpaceFirmware(), bad CRC");
 	TEST_STR_EQ(mock_calls,
 		    "TlclRead(0x1007, 10)\n",
 		    "tlcl calls");
 
-	/* Current version with valid CRC */
+	/* Current version, valid CRC */
 	ResetMocks(0, 0);
-	mock_rsf.struct_version = ROLLBACK_SPACE_FIRMWARE_VERSION;
-	mock_rsf.crc8 = vb2_crc8(&mock_rsf,
-				 offsetof(RollbackSpaceFirmware, crc8));
 	TEST_EQ(ReadSpaceFirmware(&rsf), 0,
-		"ReadSpaceFirmware(), current version, good CRC");
+		"ReadSpaceFirmware(), successful read");
 	TEST_STR_EQ(mock_calls,
 		    "TlclRead(0x1007, 10)\n",
 		    "tlcl calls");
@@ -287,32 +297,55 @@ static void KernelSpaceTest(void)
 {
 	RollbackSpaceKernel rsk;
 
-	/* A read with version old version should fail */
+	/* Current version, bad perms, valid CRC, valid UID */
+	ResetMocks(0, 0);
+	mock_permissions = 0;
+	TEST_EQ(ReadSpaceKernel(&rsk), TPM_E_CORRUPTED_STATE,
+		"ReadSpaceKernel(), bad permissions");
+	TEST_STR_EQ(mock_calls,
+		    "TlclGetPermissions(0x1008)\n",
+		    "tlcl calls");
+
+	/* Old version, good perms, valid CRC, valid UID */
 	ResetMocks(0, 0);
-	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION - 1;
+	mock_rsk.struct_version -= 1;
+	mock_rsk.crc8 = vb2_crc8(&mock_rsk,
+				 offsetof(RollbackSpaceKernel, crc8));
 	TEST_EQ(ReadSpaceKernel(&rsk), TPM_E_STRUCT_VERSION,
 		"ReadSpaceKernel(), old version");
 	TEST_STR_EQ(mock_calls,
+		    "TlclGetPermissions(0x1008)\n"
 		    "TlclRead(0x1008, 13)\n",
 		    "tlcl calls");
 
-	/* A read with current version should fail on bad CRC */
+	/* Current version, good perms, bad CRC, valid UID */
 	ResetMocks(0, 0);
-	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION;
+	mock_rsk.crc8 = 0;
 	TEST_EQ(ReadSpaceKernel(&rsk), TPM_E_CORRUPTED_STATE,
-		"ReadSpaceKernel(), current version, bad CRC");
+		"ReadSpaceKernel(), bad CRC");
 	TEST_STR_EQ(mock_calls,
+		    "TlclGetPermissions(0x1008)\n"
 		    "TlclRead(0x1008, 13)\n",
 		    "tlcl calls");
 
-	/* Current version with valid CRC */
+	/* Current version, good perms, valid CRC, bad UID */
 	ResetMocks(0, 0);
-	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION;
+	mock_rsk.uid = 0;
 	mock_rsk.crc8 = vb2_crc8(&mock_rsk,
 				 offsetof(RollbackSpaceKernel, crc8));
+	TEST_EQ(ReadSpaceKernel(&rsk), TPM_E_CORRUPTED_STATE,
+		"ReadSpaceKernel(), bad UID");
+	TEST_STR_EQ(mock_calls,
+		    "TlclGetPermissions(0x1008)\n"
+		    "TlclRead(0x1008, 13)\n",
+		    "tlcl calls");
+
+	/* Current version, good perms, valid CRC, valid UID */
+	ResetMocks(0, 0);
 	TEST_EQ(ReadSpaceKernel(&rsk), 0,
-		"ReadSpaceKernel(), current version, good CRC");
+		"ReadSpaceKernel(), successful read");
 	TEST_STR_EQ(mock_calls,
+		    "TlclGetPermissions(0x1008)\n"
 		    "TlclRead(0x1008, 13)\n",
 		    "tlcl calls");
 }
@@ -364,16 +397,10 @@ static void RollbackKernelTest(void)
 
 	/* Normal read */
 	ResetMocks(0, 0);
-	mock_rsk.uid = ROLLBACK_SPACE_KERNEL_UID;
-	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION;
-	mock_rsk.kernel_versions = 0x87654321;
-	mock_rsk.crc8 = vb2_crc8(&mock_rsk,
-				 offsetof(RollbackSpaceKernel, crc8));
-	mock_permissions = TPM_NV_PER_PPWRITE;
 	TEST_EQ(RollbackKernelRead(&version), 0, "RollbackKernelRead()");
 	TEST_STR_EQ(mock_calls,
-		    "TlclRead(0x1008, 13)\n"
-		    "TlclGetPermissions(0x1008)\n",
+		    "TlclGetPermissions(0x1008)\n"
+		    "TlclRead(0x1008, 13)\n",
 		    "tlcl calls");
 	TEST_EQ(version, 0x87654321, "RollbackKernelRead() version");
 
@@ -381,34 +408,27 @@ static void RollbackKernelTest(void)
 	ResetMocks(1, TPM_E_IOERROR);
 	TEST_EQ(RollbackKernelRead(&version), TPM_E_IOERROR,
 		"RollbackKernelRead() error");
-	TEST_STR_EQ(mock_calls,
-		    "TlclRead(0x1008, 13)\n",
-		    "tlcl calls");
 
 	/* Wrong permission or UID will return error */
 	ResetMocks(0, 0);
-	mock_rsk.uid = ROLLBACK_SPACE_KERNEL_UID + 1;
-	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION;
-	mock_permissions = TPM_NV_PER_PPWRITE;
+	mock_rsk.uid = 0;
+	mock_rsk.crc8 = vb2_crc8(&mock_rsk,
+				 offsetof(RollbackSpaceKernel, crc8));
 	TEST_EQ(RollbackKernelRead(&version), TPM_E_CORRUPTED_STATE,
 		"RollbackKernelRead() bad uid");
 
 	ResetMocks(0, 0);
-	mock_rsk.uid = ROLLBACK_SPACE_KERNEL_UID;
-	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION;
-	mock_permissions = TPM_NV_PER_PPWRITE + 1;
+	mock_permissions = 0;
 	TEST_EQ(RollbackKernelRead(&version), TPM_E_CORRUPTED_STATE,
 		"RollbackKernelRead() bad permissions");
 
 	/* Test write */
 	ResetMocks(0, 0);
-	mock_rsk.struct_version = ROLLBACK_SPACE_KERNEL_VERSION;
-	mock_rsk.crc8 = vb2_crc8(&mock_rsk,
-				 offsetof(RollbackSpaceKernel, crc8));
 	TEST_EQ(RollbackKernelWrite(0xBEAD4321), 0, "RollbackKernelWrite()");
 	TEST_EQ(mock_rsk.kernel_versions, 0xBEAD4321,
 		"RollbackKernelWrite() version");
 	TEST_STR_EQ(mock_calls,
+		    "TlclGetPermissions(0x1008)\n"
 		    "TlclRead(0x1008, 13)\n"
 		    "TlclWrite(0x1008, 13)\n",
 		    "tlcl calls");
author	Joel Kitching <kitching@google.com>	2019-08-16 16:03:50 +0800
committer	Commit Bot <commit-bot@chromium.org>	2019-08-21 04:02:05 +0000
commit	4bcb8ceb90fba5b15ab5fc650fb09314ded47d63 (patch)
tree	614d6824af62e6ffd98d4f3218b0f5d2a5ff93f4 /tests
parent	687e25f025a8801a2ad615d206b95ed813ef6ccb (diff)
download	vboot-4bcb8ceb90fba5b15ab5fc650fb09314ded47d63.tar.gz