summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--tests/common.sh5
-rw-r--r--tests/vb20_verify_fw.c13
-rwxr-xr-xtests/vb2_firmware_tests.sh107
3 files changed, 89 insertions, 36 deletions
diff --git a/tests/common.sh b/tests/common.sh
index 8cc1498d..70743fc7 100644
--- a/tests/common.sh
+++ b/tests/common.sh
@@ -6,8 +6,11 @@
# Determine script directory.
SCRIPT_DIR=$(dirname $(readlink -f "$0"))
-
ROOT_DIR="$(dirname ${SCRIPT_DIR})"
+SRCDIR="${SRCDIR:-${ROOT_DIR}}"
+BUILD="${BUILD:-${ROOT_DIR}/build}"
+BUILD_RUN="${BUILD_RUN:-${BUILD}}"
+SRC_RUN="${SRC_RUN:-${SRCDIR}}"
BUILD_DIR="${BUILD}"
BIN_DIR=${BUILD_DIR}/install_for_test/bin
FUTILITY=${BIN_DIR}/futility
diff --git a/tests/vb20_verify_fw.c b/tests/vb20_verify_fw.c
index 4e107cf1..e2a54718 100644
--- a/tests/vb20_verify_fw.c
+++ b/tests/vb20_verify_fw.c
@@ -146,7 +146,8 @@ static void print_help(const char *progname)
int main(int argc, char *argv[])
{
- uint8_t workbuf[16384] __attribute__((aligned(VB2_WORKBUF_ALIGN)));
+ uint8_t workbuf[VB2_FIRMWARE_WORKBUF_RECOMMENDED_SIZE]
+ __attribute__((aligned(VB2_WORKBUF_ALIGN)));
struct vb2_context *ctx;
struct vb2_shared_data *sd;
vb2_error_t rv;
@@ -161,6 +162,11 @@ int main(int argc, char *argv[])
vblock_fname = argv[2];
body_fname = argv[3];
+ /* Intialize workbuf with sentinel value to see how much we'll use. */
+ uint32_t *ptr = (uint32_t *)workbuf;
+ while ((uint8_t *)ptr + sizeof(*ptr) <= workbuf + sizeof(workbuf))
+ *ptr++ = 0xbeefdead;
+
/* Set up context */
if (vb2api_init(workbuf, sizeof(workbuf), &ctx)) {
printf("Failed to initialize workbuf.\n");
@@ -211,7 +217,10 @@ int main(int argc, char *argv[])
printf("Yaay!\n");
- printf("Workbuf used = %d bytes\n", sd->workbuf_used);
+ while ((uint8_t *)ptr > workbuf && *--ptr == 0xbeefdead)
+ /* find last used workbuf offset */;
+ printf("Workbuf used = %d bytes, high watermark = %zu bytes\n",
+ sd->workbuf_used, (uint8_t *)ptr + sizeof(*ptr) - workbuf);
return 0;
}
diff --git a/tests/vb2_firmware_tests.sh b/tests/vb2_firmware_tests.sh
index 00f3afdb..88b6e6a8 100755
--- a/tests/vb2_firmware_tests.sh
+++ b/tests/vb2_firmware_tests.sh
@@ -23,36 +23,77 @@ cd "$DIR"
echo 'This is a test firmware body. This is only a test. Lalalalala' \
> body.test
-# Pack keys using original vboot utilities
-${FUTILITY} vbutil_key --pack rootkey.test \
- --key ${TESTKEY_DIR}/key_rsa8192.keyb --algorithm 11
-${FUTILITY} vbutil_key --pack fwsubkey.test \
- --key ${TESTKEY_DIR}/key_rsa4096.keyb --algorithm 7
-${FUTILITY} vbutil_key --pack kernkey.test \
- --key ${TESTKEY_DIR}/key_rsa2048.keyb --algorithm 4
-
-# Create a GBB with the root key
-${FUTILITY} gbb -c 128,2400,0,0 gbb.test
-${FUTILITY} gbb gbb.test -s --hwid='Test GBB' \
- --rootkey=rootkey.test
-
-# Keyblock with firmware subkey is signed by root key
-${FUTILITY} vbutil_keyblock --pack keyblock.test \
- --datapubkey fwsubkey.test \
- --signprivate ${TESTKEY_DIR}/key_rsa8192.sha512.vbprivk
-
-# Firmware preamble is signed with the firmware subkey
-${FUTILITY} vbutil_firmware \
- --vblock vblock.test \
- --keyblock keyblock.test \
- --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \
- --fv body.test \
- --version 1 \
- --kernelkey kernkey.test
-
-echo 'Verifying test firmware using vb2_verify_fw'
-
-# Verify the firmware using vboot2 checks
-${BUILD_RUN}/tests/vb20_verify_fw gbb.test vblock.test body.test
-
-happy 'vb2_verify_fw succeeded'
+algo_to_rsa()
+{
+ case $1 in
+ 0|1|2) printf "rsa1024";;
+ 3|4|5) printf "rsa2048";;
+ 6|7|8) printf "rsa4096";;
+ 9|10|11) printf "rsa8192";;
+ *) exit 1;;
+ esac
+}
+
+algo_to_sha()
+{
+ case $1 in
+ 0|3|6|9) printf "sha1";;
+ 1|4|7|10) printf "sha256";;
+ 2|5|8|11) printf "sha512";;
+ *) exit 1;;
+ esac
+}
+
+run_test()
+{
+ local root_algo=$1
+ local fw_algo=$2
+ local kern_algo=$3
+
+ local root_rsa="$(algo_to_rsa ${root_algo})"
+ local fw_rsa="$(algo_to_rsa ${fw_algo})"
+ local kern_rsa="$(algo_to_rsa ${kern_algo})"
+
+ local root_sha="$(algo_to_sha ${root_algo})"
+ local fw_sha="$(algo_to_sha ${fw_algo})"
+ local kern_sha="$(algo_to_sha ${kern_algo})"
+
+ # Pack keys using original vboot utilities
+ ${FUTILITY} vbutil_key --pack rootkey.test \
+ --key "${TESTKEY_DIR}/key_${root_rsa}.keyb" --algorithm ${root_algo}
+ ${FUTILITY} vbutil_key --pack fwsubkey.test \
+ --key "${TESTKEY_DIR}/key_${fw_rsa}.keyb" --algorithm ${fw_algo}
+ ${FUTILITY} vbutil_key --pack kernkey.test \
+ --key "${TESTKEY_DIR}/key_${kern_rsa}.keyb" --algorithm ${kern_algo}
+
+ # Create a GBB with the root key
+ ${FUTILITY} gbb -c 128,2400,0,0 gbb.test
+ ${FUTILITY} gbb gbb.test -s --hwid='Test GBB' \
+ --rootkey=rootkey.test
+
+ # Keyblock with firmware subkey is signed by root key
+ ${FUTILITY} vbutil_keyblock --pack keyblock.test \
+ --datapubkey fwsubkey.test \
+ --signprivate "${TESTKEY_DIR}/key_${root_rsa}.${root_sha}.vbprivk"
+
+ # Firmware preamble is signed with the firmware subkey
+ ${FUTILITY} vbutil_firmware \
+ --vblock vblock.test \
+ --keyblock keyblock.test \
+ --signprivate "${TESTKEY_DIR}/key_${fw_rsa}.${fw_sha}.vbprivk" \
+ --fv body.test \
+ --version 1 \
+ --kernelkey kernkey.test
+
+ echo "Verifying test firmware using vb2_verify_fw" \
+ "(root=${root_algo}, fw=${fw_algo}, kernel=${kern_algo})"
+
+ # Verify the firmware using vboot2 checks
+ ${BUILD_RUN}/tests/vb20_verify_fw gbb.test vblock.test body.test
+
+ happy 'vb2_verify_fw succeeded'
+}
+
+run_test 11 7 4
+run_test 11 11 11
+run_test 1 1 1
View Lorry Controller Status