diff options
8 files changed, 0 insertions, 495 deletions
diff --git a/autotest/client/firmware_VbootCrypto/control b/autotest/client/firmware_VbootCrypto/control deleted file mode 100644 index 6542ea8b..00000000 --- a/autotest/client/firmware_VbootCrypto/control +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -AUTHOR = "ChromeOS Team" -NAME = "firmware_VbootCrypto" -PURPOSE = """ -Verifies Firmware Verified Boot Reference Implementation, its components, and -crypto performance. -""" -CRITERIA = """ -This test is a benchmark. - -Errors in any of the following tests will cause a failure: - - _sha_test() - - _rsa_test() - - _image_verification_test() - - _rollback_tests() - - _splicing_tests() -""" -TIME = "LONG" -TEST_CATEGORY = "Functional" -TEST_CLASS = "firmware" -TEST_TYPE = "client" - -DOC = """ -This test implements various RSA and SHA by creating and verifying various -keys and hashes. It will generate public key signatures using sha1, sha256, -and sha512 algorithms with key lengths of 1024, 2048, 4096, and 8192. RSA -padding tests will then be run to verify them. Tests are also run to verify -the correctness of firmware and kernel image verification. -""" - -test_suites = [ - 'crypto', # RSA Signature Verification and SHA* Correctness. - 'verification', # Firmware and Kernel Image Verification. - 'benchmarks', # Crypto and Image Verification benchmarks. - 'rollback', # Firmware/Kernel Rollback Prevention. - 'splicing', # Image Splicing Attack. -] -for suite in test_suites: - job.run_test('firmware_VbootCrypto', suite=suite, tag=suite) diff --git a/autotest/client/firmware_VbootCrypto/firmware_VbootCrypto.py b/autotest/client/firmware_VbootCrypto/firmware_VbootCrypto.py deleted file mode 100644 index ff8b8e41..00000000 --- a/autotest/client/firmware_VbootCrypto/firmware_VbootCrypto.py +++ /dev/null @@ -1,190 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -import os - -from autotest_lib.client.bin import test, utils -from autotest_lib.client.common_lib import error - -class firmware_VbootCrypto(test.test): - """ - Tests for correctness of verified boot reference crypto implementation. - """ - version = 1 - preserve_srcdir = True - - # TODO(gauravsh): Disable this autotest until we have a way - # of running these in a 64-bit environment (since for x86, this - # code is run in 64-bit mode. - # - # This issue is tracked as Issue 3792 on the Chromium OS Bug Tracker. - # http://code.google.com/p/chromium-os/issues/detail?id=3792 - def setup_Disabled(self): - os.chdir(self.srcdir) - utils.make('clean all') - - - # Parses the [result] and output the key-value pairs. - def __output_result_keyvals(self, results): - for keyval in results.splitlines(): - if keyval.strip().startswith('#'): - continue - key, val = keyval.split(':') - self.keyvals[key.strip()] = float(val) - - - def __generate_test_cases(self): - gen_test_case_cmd = os.path.join(self.srcdir, "tests", - "gen_test_cases.sh") - return_code = utils.system(gen_test_case_cmd, ignore_status = True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("Couldn't generate test cases") - return True - - - def __sha_test(self): - sha_test_cmd = os.path.join(self.srcdir, "tests", "sha_tests") - return_code = utils.system(sha_test_cmd, ignore_status=True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("SHA Test Error") - return True - - - def __rsa_test(self): - os.chdir(self.srcdir) - rsa_test_cmd = os.path.join(self.srcdir, "tests", - "run_rsa_tests.sh") - return_code = utils.system(rsa_test_cmd, ignore_status=True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("RSA Test Error") - return True - - - def __image_verification_test(self): - image_verification_cmd = "cd %s && ./run_image_verification_tests.sh" \ - % os.path.join(self.srcdir, "tests") - return_code = utils.system(image_verification_cmd, - ignore_status=True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("Image Verification Test Error") - return True - - - def __sha_benchmark(self): - sha_benchmark_cmd = os.path.join(self.srcdir, "tests", - "sha_benchmark") - self.results = utils.system_output(sha_benchmark_cmd, - retain_output=True) - self.__output_result_keyvals(self.results) - - - def __rsa_benchmark(self): - rsa_benchmark_cmd = "cd %s && ./rsa_verify_benchmark" % \ - os.path.join(self.srcdir, "tests") - self.results = utils.system_output(rsa_benchmark_cmd, - retain_output=True) - self.__output_result_keyvals(self.results) - - - def __verify_image_benchmark(self): - firmware_benchmark_cmd = "cd %s && ./firmware_verify_benchmark" % \ - os.path.join(self.srcdir, "tests") - kernel_benchmark_cmd = "cd %s && ./kernel_verify_benchmark" % \ - os.path.join(self.srcdir, "tests") - self.results = utils.system_output(firmware_benchmark_cmd, - retain_output=True) - self.__output_result_keyvals(self.results) - self.results = utils.system_output(kernel_benchmark_cmd, - retain_output=True) - self.__output_result_keyvals(self.results) - - - def __rollback_tests(self): - firmware_rollback_test_cmd = "cd %s && ./firmware_rollback_tests" % \ - os.path.join(self.srcdir, "tests") - kernel_rollback_test_cmd = "cd %s && ./kernel_rollback_tests" % \ - os.path.join(self.srcdir, "tests") - return_code = utils.system(firmware_rollback_test_cmd, - ignore_status=True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("Firmware Rollback Test Error") - - return_code = utils.system(kernel_rollback_test_cmd, - ignore_status=True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("KernelRollback Test Error") - return True - - - def __splicing_tests(self): - firmware_splicing_test_cmd = "cd %s && ./firmware_splicing_tests" % \ - os.path.join(self.srcdir, "tests") - kernel_splicing_test_cmd = "cd %s && ./kernel_splicing_tests" % \ - os.path.join(self.srcdir, "tests") - return_code = utils.system(firmware_splicing_test_cmd, - ignore_status=True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("Firmware Splicing Test Error") - - return_code = utils.system(kernel_splicing_test_cmd, - ignore_status=True) - if return_code == 255: - return False - if return_code == 1: - raise error.TestError("Kernel Splicing Test Error") - return True - - - def run_crypto(self): - success = self.__sha_test() - if not success: - raise error.TestFail("SHA Test Failed") - success = self.__rsa_test() - if not success: - raise error.TestFail("RSA Test Failed") - - - def run_verification(self): - success = self.__image_verification_test() - if not success: - raise error.TestFail("Image Verification Test Failed") - - - def run_benchmarks(self): - self.keyvals = {} - self.__sha_benchmark() - self.__rsa_benchmark() - self.__verify_image_benchmark() - self.write_perf_keyval(self.keyvals) - - - def run_rollback(self): - success = self.__rollback_tests() - if not success: - raise error.TestFail("Rollback Tests Failed") - - - def run_splicing(self): - success = self.__splicing_tests() - if not success: - raise error.TestFail("Splicing Tests Failed") - - - def run_once(self, suite='crypto'): - self.__generate_test_cases() - getattr(self, 'run_' + suite)() diff --git a/autotest/client/firmware_VbootCrypto/src/Makefile b/autotest/client/firmware_VbootCrypto/src/Makefile deleted file mode 100644 index e608b983..00000000 --- a/autotest/client/firmware_VbootCrypto/src/Makefile +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -VBOOT_SRC_DIR ?= ../../../.. -BUILD_TEST_DIR = vboot_tests -# Test Binaries. -TEST_BINS = \ - cgptlib_test \ - rsa_padding_test \ - rsa_verify_benchmark \ - sha_benchmark \ - sha_tests \ - vboot_common_tests \ - vboot_common2_tests \ - vboot_common3_tests -# Test Runner Scripts. -TEST_SCRIPTS = \ - common.sh \ - gen_test_cases.sh \ - gen_test_keys.sh \ - gen_test_vbpubks.sh \ - run_cgpt_tests.sh \ - run_rsa_tests.sh \ - run_vboot_common_tests.sh \ - run_vbutil_tests.sh \ - testcases \ - testkeys - -# Utility Binaries. -UTIL_BINS = \ - load_kernel_test \ - signature_digest_utility \ - vbutil_firmware \ - vbutil_kernel \ - vbutil_key \ - vbutil_keyblock \ - verify_data - -all: - # Copy test sources into a temporary directory for building. - rm -rf $(BUILD_TEST_DIR) - mkdir -p $(BUILD_TEST_DIR) - # Ignore autotest and build directory. - sh -c \ - 'for dir in $(VBOOT_SRC_DIR)/*; do \ - [ "$${dir}" != "$(VBOOT_SRC_DIR)/build" ] && \ - [ "$${dir}" != "$(VBOOT_SRC_DIR)/autotest" ] && \ - cp -r "$${dir}" "$(BUILD_TEST_DIR)"; \ - done' - # Always build from scratch. - $(MAKE) -C $(BUILD_TEST_DIR) clean all - # Move test binaries for use by the tests. - mkdir -p build/tests - set -e; for i in $(TEST_BINS); do \ - mv $(BUILD_TEST_DIR)/build/tests/$$i build/tests/ ;\ - done - # Move test scripts for use by the tests. - mkdir -p tests - set -e; for i in $(TEST_SCRIPTS); do \ - mv $(BUILD_TEST_DIR)/tests/$$i tests/ ;\ - done - # Move utility binaries used by the tests. - mkdir -p build/utility - set -e; for i in $(UTIL_BINS); do \ - mv $(BUILD_TEST_DIR)/build/utility/$$i build/utility/ ;\ - done - # Delete sources. - rm -rf $(BUILD_TEST_DIR) - -clean: - rm -rf utility/ tests/ diff --git a/autotest/client/hardware_TPMFirmware/control b/autotest/client/hardware_TPMFirmware/control deleted file mode 100644 index e59b7d20..00000000 --- a/autotest/client/hardware_TPMFirmware/control +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -AUTHOR = "Chrome OS Team" -NAME = "hardware_TPMFirmware" -PURPOSE = "Verify that system firmware is compatible with TPM device." -CRITERIA = "This will run a suite of server-side TPM tests." -TIME = "MEDIUM" -TEST_CATEGORY = "Functionality" -TEST_CLASS = "hardware" -TEST_TYPE = "client" - -DOC = """ -Hardware test for the TPM functionality needed in the firmware. -This test requires a modified BIOS that issues no commands to the TPM. -This test is driven by a server-side test (hardware_TPMFirmwareServer). -""" - -job.run_test('hardware_TPMFirmware') diff --git a/autotest/client/hardware_TPMFirmware/hardware_TPMFirmware.py b/autotest/client/hardware_TPMFirmware/hardware_TPMFirmware.py deleted file mode 100644 index 8be2b791..00000000 --- a/autotest/client/hardware_TPMFirmware/hardware_TPMFirmware.py +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -import logging, os, re, sys, shutil -from autotest_lib.client.bin import test, utils - -class hardware_TPMFirmware(test.test): - """ - Test of TPM functionality needed in firmware (client side of the test). - See also server/site_tests/hardware_TPMFirmwareServer. - """ - version = 1 - preserve_srcdir = True - - def setup(self): - utils.make('-C %s' % self.srcdir) - - # Runs a command, logs the output, and returns the exit status. - def tpm_run(self, cmd, ignore_status=False): - output = utils.run(cmd, ignore_status=ignore_status) - logging.info(output) - self.job.set_state("client_status", output.exit_status) - - - def run_once(self, subtest='None'): - logging.info("Running TPM firmware client subtest %s", subtest) - if (subtest == 'takeownership'): - output = utils.run("start tcsd", ignore_status=False) - # When TCSD is running, the system might try to take ownership as - # well. We don't care. - logging.info(output) - own_cmd = "tpm_takeownership -y -z" - self.tpm_run(own_cmd, ignore_status=True) - else: - cmd = os.path.join(self.srcdir, subtest) - self.tpm_run(cmd, ignore_status=True) diff --git a/autotest/client/hardware_TPMFirmware/src/Makefile b/autotest/client/hardware_TPMFirmware/src/Makefile deleted file mode 100644 index 0f9f35ae..00000000 --- a/autotest/client/hardware_TPMFirmware/src/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -BINDIR = . -PROGRAMS = \ - earlyextend \ - earlynvram \ - earlynvram2 \ - enable \ - fastenable \ - globallock \ - redefine_unowned \ - spaceperm \ - testsetup \ - timing \ - writelimit \ - -all: - $(MAKE) -C $(VBOOT_DIR) clean - $(MAKE) -C $(VBOOT_DIR) - set -e; \ - for i in $(PROGRAMS); do \ - cp $(VBOOT_DIR)/build/tests/tpm_lite/tpmtest_$$i $(BINDIR); \ - done diff --git a/autotest/server/hardware_TPMFirmwareServer/control b/autotest/server/hardware_TPMFirmwareServer/control deleted file mode 100644 index e5df8da3..00000000 --- a/autotest/server/hardware_TPMFirmwareServer/control +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright (c) 2009 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -AUTHOR = "Chrome OS Team" -NAME = "TPMFirmwareServer" -TIME = "SHORT" -TEST_CATEGORY = "Functional" -TEST_CLASS = "hardware" -TEST_TYPE = "server" - -DOC = """ -This test covers the required TPM functionality in the firmware (mostly -NVRAM related). -""" - -job.run_test("hardware_TPMFirmwareServer", - host=hosts.create_host(machines[0])) diff --git a/autotest/server/hardware_TPMFirmwareServer/hardware_TPMFirmwareServer.py b/autotest/server/hardware_TPMFirmwareServer/hardware_TPMFirmwareServer.py deleted file mode 100644 index 0c6203c3..00000000 --- a/autotest/server/hardware_TPMFirmwareServer/hardware_TPMFirmwareServer.py +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -import logging -import os -import shutil -import sys -from autotest_lib.server import test, autotest -from autotest_lib.client.bin import utils -from autotest_lib.client.common_lib import error - -class hardware_TPMFirmwareServer(test.test): - """ - Test of TPM functionality needed in firmware (server side of the test). - See also client/site_tests/hardware_TPMFirmware. The server side of the - test is used to coordinate the multiple reboots needed to bring the TPM to - a new state (for instance between owned and unowned). - - IMPORTANT. This can only run on a machine modified as follows. - - 1. The TCSD daemon must not be started. Otherwise the machine might try to - take ownership and who knows what else. A good way of preventing this is - to comment out 'start tcsd' in /etc/init/tpm-probe.conf. - - 2. The firmware on the machine must not send any commands to the TPM, - including TPM_Startup. - """ - version = 1 - n_client_reboots = 0 - client_at = None - test_suffix = "" - - # Run the client subtest named [subtest]. - def tpm_run(self, subtest, ignore_status=False, reboot=True): - if (reboot): - self.reboot_client() - ttag = subtest + self.test_suffix - self.client_at.run_test(self.client_test, subtest=subtest, tag=ttag) - cstatus = self.job.get_state("client_status") - logging.info("server: client status = %s", cstatus) - self.job.set_state("client_status", None) - if not ignore_status and cstatus != 0: - error.TestFail("client subtest %s failed with status %s" % - (subtest, cstatus)) - return cstatus - - - def reboot_client(self): - # Reboot the client - logging.info('TPMFirmwareServer: rebooting %s number %d' % - (self.client.hostname, self.n_client_reboots)) - self.client.reboot() - self.n_client_reboots += 1 - - - def run_unowned_only(self): - # The fastenable test is implicit in testsetup, but run it anyhow. - self.tpm_run("tpmtest_fastenable") - # The writelimit test may redundantly clear the TPM. - self.tpm_run("tpmtest_writelimit") - self.tpm_run("tpmtest_redefine_unowned") - - - def run_owned_and_unowned(self, suffix): - self.test_suffix = suffix - self.tpm_run("tpmtest_earlyextend") - self.tpm_run("tpmtest_earlynvram") - self.tpm_run("tpmtest_earlynvram2") - self.tpm_run("tpmtest_globallock") - self.tpm_run("tpmtest_spaceperm") - self.tpm_run("tpmtest_timing") - - def run_once(self, host=None): - self.client = host - self.client_at = autotest.Autotest(self.client) - self.client_test = 'hardware_TPMFirmware' - - self.job.set_state("client_status", None) - - # Set up the client in the unowned state. - # TODO(semenzato): this should be in a separate "setup" function. - self.tpm_run("tpmtest_testsetup") - - # Run these unowned only. - self.run_unowned_only() - - # Run these both owned and unowned. - self.run_owned_and_unowned("-u") - self.tpm_run("takeownership") - self.run_owned_and_unowned("-o") |