/*
* Copyright (C) 2016 The Android Open Source Project
*
* Permission is hereby granted, free of charge, to any person
* obtaining a copy of this software and associated documentation
* files (the "Software"), to deal in the Software without
* restriction, including without limitation the rights to use, copy,
* modify, merge, publish, distribute, sublicense, and/or sell copies
* of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include <iostream>
#include <endian.h>
#include <inttypes.h>
#include <string.h>
#include <base/files/file_util.h>
#include <base/strings/string_split.h>
#include <base/strings/string_util.h>
#include <base/strings/stringprintf.h>
#include <libavb/avb_sha.h>
#include <libavb/libavb.h>
#include "avb_unittest_util.h"
#include "fake_avb_ops.h"
namespace avb {
class AvbToolTest : public BaseAvbToolTest {
public:
AvbToolTest() {}
virtual void SetUp() override {
BaseAvbToolTest::SetUp();
ops_.set_partition_dir(testdir_);
ops_.set_stored_rollback_indexes({{0, 0}, {1, 0}, {2, 0}, {3, 0}});
ops_.set_stored_is_device_unlocked(false);
}
void AddHashFooterTest(bool sparse_image);
void AddHashtreeFooterTest(bool sparse_image);
void AddHashtreeFooterFECTest(bool sparse_image);
void GenerateImageWithHashAndHashtreeSetup();
FakeAvbOps ops_;
};
// This test ensure that the version is increased in both
// avb_boot_image.h and the avb tool.
TEST_F(AvbToolTest, AvbVersionInSync) {
base::FilePath path = testdir_.Append("version.txt");
EXPECT_COMMAND(0, "./avbtool version > %s", path.value().c_str());
std::string printed_version;
ASSERT_TRUE(base::ReadFileToString(path, &printed_version));
base::TrimWhitespaceASCII(printed_version, base::TRIM_ALL, &printed_version);
// See comments in libavb/avb_version.c and avbtool's get_release_string()
// about being in sync.
EXPECT_EQ(printed_version,
std::string("avbtool ") + std::string(avb_version_string()));
}
TEST_F(AvbToolTest, DefaultReleaseString) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"));
// Default release string is "avbtool " + avb_version_string().
AvbVBMetaImageHeader h;
avb_vbmeta_image_header_to_host_byte_order(
reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
EXPECT_EQ(std::string("avbtool ") + std::string(avb_version_string()),
std::string((const char*)h.release_string));
}
TEST_F(AvbToolTest, ReleaseStringAppend) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--append_to_release_string \"Woot XYZ\"");
// Note that avbtool inserts the space by itself.
std::string expected_str =
std::string("avbtool ") + std::string(avb_version_string()) + " Woot XYZ";
AvbVBMetaImageHeader h;
avb_vbmeta_image_header_to_host_byte_order(
reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
EXPECT_EQ(expected_str, std::string((const char*)h.release_string));
}
TEST_F(AvbToolTest, ReleaseStringAppendTruncated) {
// Append enough text that truncation is sure to happen.
std::string append_str = "0123456789abcdef0123456789abcdef0123456789abcdef";
std::string expected_str = std::string("avbtool ") +
std::string(avb_version_string()) + " " +
append_str;
EXPECT_GT(expected_str.size(), (size_t)(AVB_RELEASE_STRING_SIZE - 1));
expected_str.resize(AVB_RELEASE_STRING_SIZE - 1);
GenerateVBMetaImage(
"vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
std::string("--append_to_release_string \"") + append_str + "\"");
// This checks that it ends with a NUL byte.
EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(
vbmeta_image_.data(), vbmeta_image_.size(), nullptr, nullptr));
// For good measure we also check here.
AvbVBMetaImageHeader h;
avb_vbmeta_image_header_to_host_byte_order(
reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
EXPECT_EQ(expected_str, std::string((const char*)h.release_string));
}
TEST_F(AvbToolTest, ExtractPublicKey) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--internal_release_string \"\"");
std::string key_data =
PublicKeyAVB(base::FilePath("test/data/testkey_rsa2048.pem"));
AvbVBMetaImageHeader h;
avb_vbmeta_image_header_to_host_byte_order(
reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
uint8_t* d = reinterpret_cast<uint8_t*>(vbmeta_image_.data());
size_t auxiliary_data_block_offset =
sizeof(AvbVBMetaImageHeader) + h.authentication_data_block_size;
EXPECT_GT(h.auxiliary_data_block_size, key_data.size());
EXPECT_EQ(0,
memcmp(key_data.data(),
d + auxiliary_data_block_offset + h.public_key_offset,
key_data.size()));
}
TEST_F(AvbToolTest, CheckDescriptors) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--prop foo:brillo "
"--prop bar:chromeos "
"--prop prisoner:24601 "
"--prop hexnumber:0xcafe "
"--prop hexnumber_capital:0xCAFE "
"--prop large_hexnumber:0xfedcba9876543210 "
"--prop larger_than_uint64:0xfedcba98765432101 "
"--prop almost_a_number:423x "
"--prop_from_file blob:test/data/small_blob.bin "
"--internal_release_string \"\"");
AvbVBMetaImageHeader h;
avb_vbmeta_image_header_to_host_byte_order(
reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(
vbmeta_image_.data(), vbmeta_image_.size(), nullptr, nullptr));
const char* s;
size_t len;
uint64_t val;
// Basic.
s = avb_property_lookup(
vbmeta_image_.data(), vbmeta_image_.size(), "foo", 0, &len);
EXPECT_EQ(0, strcmp(s, "brillo"));
EXPECT_EQ(6U, len);
s = avb_property_lookup(
vbmeta_image_.data(), vbmeta_image_.size(), "bar", 0, &len);
EXPECT_EQ(0, strcmp(s, "chromeos"));
EXPECT_EQ(8U, len);
s = avb_property_lookup(
vbmeta_image_.data(), vbmeta_image_.size(), "non-existant", 0, &len);
EXPECT_EQ(0U, len);
EXPECT_EQ(NULL, s);
// Numbers.
EXPECT_NE(
0,
avb_property_lookup_uint64(
vbmeta_image_.data(), vbmeta_image_.size(), "prisoner", 0, &val));
EXPECT_EQ(24601U, val);
EXPECT_NE(
0,
avb_property_lookup_uint64(
vbmeta_image_.data(), vbmeta_image_.size(), "hexnumber", 0, &val));
EXPECT_EQ(0xcafeU, val);
EXPECT_NE(0,
avb_property_lookup_uint64(vbmeta_image_.data(),
vbmeta_image_.size(),
"hexnumber_capital",
0,
&val));
EXPECT_EQ(0xcafeU, val);
EXPECT_NE(0,
avb_property_lookup_uint64(vbmeta_image_.data(),
vbmeta_image_.size(),
"large_hexnumber",
0,
&val));
EXPECT_EQ(0xfedcba9876543210U, val);
// We could catch overflows and return an error ... but we currently don't.
EXPECT_NE(0,
avb_property_lookup_uint64(vbmeta_image_.data(),
vbmeta_image_.size(),
"larger_than_uint64",
0,
&val));
EXPECT_EQ(0xedcba98765432101U, val);
// Number-parsing failures.
EXPECT_EQ(0,
avb_property_lookup_uint64(
vbmeta_image_.data(), vbmeta_image_.size(), "foo", 0, &val));
EXPECT_EQ(0,
avb_property_lookup_uint64(vbmeta_image_.data(),
vbmeta_image_.size(),
"almost_a_number",
0,
&val));
// Blobs.
//
// test/data/small_blob.bin is 21 byte file full of NUL-bytes except
// for the string "brillo ftw!" at index 2 and '\n' at the last
// byte.
s = avb_property_lookup(
vbmeta_image_.data(), vbmeta_image_.size(), "blob", 0, &len);
EXPECT_EQ(21U, len);
EXPECT_EQ(0, memcmp(s, "\0\0", 2));
EXPECT_EQ(0, memcmp(s + 2, "brillo ftw!", 11));
EXPECT_EQ(0, memcmp(s + 13, "\0\0\0\0\0\0\0", 7));
EXPECT_EQ('\n', s[20]);
}
TEST_F(AvbToolTest, Padding) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--internal_release_string \"\"");
GenerateVBMetaImage("vbmeta_padded.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--internal_release_string \"\" --padding_size 4096");
base::FilePath vbmeta_path = testdir_.Append("vbmeta.img");
base::FilePath vbmeta_padded_path = testdir_.Append("vbmeta_padded.img");
int64_t vbmeta_size, vbmeta_padded_size;
ASSERT_TRUE(base::GetFileSize(vbmeta_path, &vbmeta_size));
ASSERT_TRUE(base::GetFileSize(vbmeta_padded_path, &vbmeta_padded_size));
EXPECT_NE(vbmeta_size, vbmeta_padded_size);
// The padded size should be a multiple of 4096.
EXPECT_EQ(vbmeta_padded_size % 4096, 0);
// When rounded up the unpadded size should equal the padded size.
int64_t vbmeta_size_rounded_up = ((vbmeta_size + 4095) / 4096) * 4096;
EXPECT_EQ(vbmeta_size_rounded_up, vbmeta_padded_size);
}
TEST_F(AvbToolTest, CheckRollbackIndex) {
uint64_t rollback_index = 42;
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
rollback_index,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--internal_release_string \"\"");
AvbVBMetaImageHeader h;
avb_vbmeta_image_header_to_host_byte_order(
reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
EXPECT_EQ(rollback_index, h.rollback_index);
}
TEST_F(AvbToolTest, CheckPubkeyReturned) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--internal_release_string \"\"");
const uint8_t* pubkey = NULL;
size_t pubkey_length = 0;
EXPECT_EQ(
AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(
vbmeta_image_.data(), vbmeta_image_.size(), &pubkey, &pubkey_length));
AvbVBMetaImageHeader h;
avb_vbmeta_image_header_to_host_byte_order(
reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
EXPECT_EQ(pubkey_length, h.public_key_size);
const uint8_t* expected_pubkey =
vbmeta_image_.data() + sizeof(AvbVBMetaImageHeader) +
h.authentication_data_block_size + h.public_key_offset;
EXPECT_EQ(pubkey, expected_pubkey);
}
TEST_F(AvbToolTest, Info) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
"--prop foo:brillo "
"--prop bar:chromeos "
"--prop prisoner:24601 "
"--prop hexnumber:0xcafe "
"--prop hexnumber_capital:0xCAFE "
"--prop large_hexnumber:0xfedcba9876543210 "
"--prop larger_than_uint64:0xfedcba98765432101 "
"--prop almost_a_number:423x "
"--prop_from_file blob:test/data/small_blob.bin "
"--prop_from_file large_blob:test/data/large_blob.bin "
"--internal_release_string \"\"");
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 3200 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Prop: foo -> 'brillo'\n"
" Prop: bar -> 'chromeos'\n"
" Prop: prisoner -> '24601'\n"
" Prop: hexnumber -> '0xcafe'\n"
" Prop: hexnumber_capital -> '0xCAFE'\n"
" Prop: large_hexnumber -> '0xfedcba9876543210'\n"
" Prop: larger_than_uint64 -> '0xfedcba98765432101'\n"
" Prop: almost_a_number -> '423x'\n"
" Prop: blob -> '\\x00\\x00brillo "
"ftw!\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\n'\n"
" Prop: large_blob -> (2048 bytes)\n",
InfoImage(vbmeta_image_path_));
}
static bool collect_descriptors(const AvbDescriptor* descriptor,
void* user_data) {
std::vector<const AvbDescriptor*>* descriptors =
reinterpret_cast<std::vector<const AvbDescriptor*>*>(user_data);
descriptors->push_back(descriptor);
return true; // Keep iterating.
}
static std::string AddHashFooterGetExpectedVBMetaInfo(
const bool sparse_image, const uint64_t partition_size) {
return base::StringPrintf(
"Footer version: 1.0\n"
"Image size: %" PRIu64
" bytes\n"
"Original image size: 1052672 bytes\n"
"VBMeta offset: 1052672\n"
"VBMeta size: 1280 bytes\n"
"--\n"
"Minimum libavb version: 1.0%s\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 704 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hash descriptor:\n"
" Image Size: 1052672 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Digest: "
"9a58cc996d405e08a1e00f96dbfe9104fedf41cb83b1f"
"5e4ed357fbcf58d88d9\n"
" Flags: 0\n",
partition_size,
sparse_image ? " (Sparse)" : "");
}
void AvbToolTest::AddHashFooterTest(bool sparse_image) {
const size_t rootfs_size = 1028 * 1024;
const size_t partition_size = 1536 * 1024;
const size_t resized_partition_size = 1280 * 1024;
// Generate a 1028 KiB file with known content. Some content have
// been arranged to ensure FILL_DATA segments in the sparse file.
std::vector<uint8_t> rootfs;
rootfs.resize(rootfs_size);
for (size_t n = 0; n < rootfs_size; n++) {
if ((n >= 5 * 1000 && n < 105 * 1000) ||
(n >= 205 * 1000 && n < 305 * 1000) ||
(n >= 505 * 1000 && n < 605 * 1000)) {
rootfs[n] = uint8_t(n) & 0x03;
} else {
rootfs[n] = uint8_t(n);
}
}
base::FilePath ext_vbmeta_path = testdir_.Append("ext_vbmeta.bin");
base::FilePath rootfs_path = testdir_.Append("rootfs.bin");
EXPECT_EQ(rootfs_size,
static_cast<const size_t>(
base::WriteFile(rootfs_path,
reinterpret_cast<const char*>(rootfs.data()),
rootfs.size())));
if (sparse_image) {
EXPECT_COMMAND(0,
"mv %s %s.unsparse",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0,
"img2simg %s.unsparse %s",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0, "rm -f %s.unsparse", rootfs_path.value().c_str());
}
/* Do this twice to check that 'add_hash_footer' is idempotent. */
for (int n = 0; n < 2; n++) {
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--output_vbmeta %s "
"--internal_release_string \"\"",
rootfs_path.value().c_str(),
(int)partition_size,
ext_vbmeta_path.value().c_str());
ASSERT_EQ(AddHashFooterGetExpectedVBMetaInfo(sparse_image, partition_size),
InfoImage(rootfs_path));
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 704 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hash descriptor:\n"
" Image Size: 1052672 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Digest: "
"9a58cc996d405e08a1e00f96dbfe9104fedf41cb83b1f"
"5e4ed357fbcf58d88d9\n"
" Flags: 0\n",
InfoImage(ext_vbmeta_path));
}
// Resize the image and check that the only thing that has changed
// is where the footer is. First check that resizing to a smaller
// size than the original rootfs fails. Then resize to something
// larger than the original rootfs but smaller than the current
// partition size.
EXPECT_COMMAND(1,
"./avbtool resize_image --image %s "
"--partition_size %d",
rootfs_path.value().c_str(),
(int)(rootfs_size - 16 * 1024));
EXPECT_COMMAND(0,
"./avbtool resize_image --image %s "
"--partition_size %d",
rootfs_path.value().c_str(),
(int)resized_partition_size);
ASSERT_EQ(
AddHashFooterGetExpectedVBMetaInfo(sparse_image, resized_partition_size),
InfoImage(rootfs_path));
if (sparse_image) {
EXPECT_COMMAND(0,
"mv %s %s.sparse",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0,
"simg2img %s.sparse %s",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0, "rm -f %s.sparse", rootfs_path.value().c_str());
}
// Manually calculate the hash to check that it agrees with avbtool.
AvbSHA256Ctx hasher_ctx;
const uint8_t hasher_salt[4] = {0xd0, 0x0d, 0xf0, 0x0d};
avb_sha256_init(&hasher_ctx);
avb_sha256_update(&hasher_ctx, hasher_salt, 4);
avb_sha256_update(&hasher_ctx, rootfs.data(), rootfs_size);
uint8_t* hasher_digest = avb_sha256_final(&hasher_ctx);
EXPECT_EQ("9a58cc996d405e08a1e00f96dbfe9104fedf41cb83b1f5e4ed357fbcf58d88d9",
mem_to_hexstring(hasher_digest, AVB_SHA256_DIGEST_SIZE));
// Now check that we can find the VBMeta block again from the footer.
std::string part_data;
ASSERT_TRUE(base::ReadFileToString(rootfs_path, &part_data));
// Check footer contains correct data.
AvbFooter f;
EXPECT_NE(0,
avb_footer_validate_and_byteswap(
reinterpret_cast<const AvbFooter*>(
part_data.data() + part_data.size() - AVB_FOOTER_SIZE),
&f));
EXPECT_EQ(
std::string(reinterpret_cast<const char*>(f.magic), AVB_FOOTER_MAGIC_LEN),
AVB_FOOTER_MAGIC);
EXPECT_EQ(AVB_FOOTER_VERSION_MAJOR, (int)f.version_major);
EXPECT_EQ(AVB_FOOTER_VERSION_MINOR, (int)f.version_minor);
EXPECT_EQ(1052672UL, f.original_image_size);
EXPECT_EQ(1052672UL, f.vbmeta_offset);
EXPECT_EQ(1280UL, f.vbmeta_size);
// Check that the vbmeta image at |f.vbmeta_offset| checks out.
const uint8_t* vbmeta_data =
reinterpret_cast<const uint8_t*>(part_data.data() + f.vbmeta_offset);
EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(vbmeta_data, f.vbmeta_size, NULL, NULL));
// Collect all descriptors.
std::vector<const AvbDescriptor*> descriptors;
avb_descriptor_foreach(
vbmeta_data, f.vbmeta_size, collect_descriptors, &descriptors);
// We should only have a single descriptor and it should be a
// hash descriptor.
EXPECT_EQ(1UL, descriptors.size());
EXPECT_EQ(AVB_DESCRIPTOR_TAG_HASH, avb_be64toh(descriptors[0]->tag));
AvbHashDescriptor d;
EXPECT_NE(
0,
avb_hash_descriptor_validate_and_byteswap(
reinterpret_cast<const AvbHashDescriptor*>(descriptors[0]), &d));
EXPECT_EQ(1052672UL, d.image_size);
EXPECT_EQ(6UL, d.partition_name_len);
EXPECT_EQ(4UL, d.salt_len);
EXPECT_EQ(32UL, d.digest_len);
const uint8_t* desc_end = reinterpret_cast<const uint8_t*>(descriptors[0]) +
sizeof(AvbHashDescriptor);
uint64_t o = 0;
EXPECT_EQ("foobar",
std::string(reinterpret_cast<const char*>(desc_end + o),
d.partition_name_len));
o += d.partition_name_len;
EXPECT_EQ("d00df00d", mem_to_hexstring(desc_end + o, d.salt_len));
o += d.salt_len;
EXPECT_EQ("9a58cc996d405e08a1e00f96dbfe9104fedf41cb83b1f5e4ed357fbcf58d88d9",
mem_to_hexstring(desc_end + o, d.digest_len));
// Check that the footer is correctly erased.
EXPECT_COMMAND(
0, "./avbtool erase_footer --image %s", rootfs_path.value().c_str());
int64_t erased_footer_file_size;
ASSERT_TRUE(base::GetFileSize(rootfs_path, &erased_footer_file_size));
EXPECT_EQ(static_cast<size_t>(erased_footer_file_size), rootfs_size);
// Check that --do_not_append_vbmeta_image works as intended.
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--output_vbmeta %s_2nd_run --do_not_append_vbmeta_image "
"--internal_release_string \"\"",
rootfs_path.value().c_str(),
(int)partition_size,
ext_vbmeta_path.value().c_str());
int64_t file_size;
ASSERT_TRUE(base::GetFileSize(rootfs_path, &file_size));
EXPECT_EQ(static_cast<size_t>(file_size), rootfs_size);
EXPECT_COMMAND(0,
"diff %s %s_2nd_run",
ext_vbmeta_path.value().c_str(),
ext_vbmeta_path.value().c_str());
}
TEST_F(AvbToolTest, AddHashFooter) {
AddHashFooterTest(false);
}
TEST_F(AvbToolTest, AddHashFooterSparse) {
AddHashFooterTest(true);
}
static std::string RemoveLinesStartingWith(const std::string& str,
const std::string& prefix) {
std::vector<std::string> lines;
std::string ret;
lines = base::SplitString(
str, "\n", base::KEEP_WHITESPACE, base::SPLIT_WANT_NONEMPTY);
for (const std::string& line : lines) {
if (!base::StartsWith(line, prefix, base::CompareCase::SENSITIVE)) {
ret += line;
ret += '\n';
}
}
return ret;
}
TEST_F(AvbToolTest, AddHashFooterSparseWithHoleAtTheEnd) {
const size_t partition_size = 10 * 1024 * 1024;
const size_t metadata_size = 128 * 1024;
// It's not enough to run img2simg on a file with a lot of zeroes at
// the end since that will turn up as "Fill with value (for value =
// 0x00000000)" and not "Don't care". Instead, use make_ext4fs for
// this since it will put a big hole (e.g. "Don't care" chunk) at
// the end.
base::FilePath partition_path = testdir_.Append("partition.bin");
EXPECT_COMMAND(0,
"make_ext4fs -s -L test -l %zd %s",
partition_size - metadata_size,
partition_path.value().c_str());
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\"",
partition_path.value().c_str(),
(int)partition_size);
// Since we may be using an arbritary version of make_ext4fs
// (because of different branches) the contents of the resulting
// disk image may slightly change. It's enough to just remove the
// "Digest:" line from the output to work around this.
std::string info =
RemoveLinesStartingWith(InfoImage(partition_path), " Digest:");
ASSERT_EQ(
"Footer version: 1.0\n"
"Image size: 10485760 bytes\n"
"Original image size: 10354688 bytes\n"
"VBMeta offset: 10354688\n"
"VBMeta size: 1280 bytes\n"
"--\n"
"Minimum libavb version: 1.0 (Sparse)\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 704 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hash descriptor:\n"
" Image Size: 10354688 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Flags: 0\n",
info);
EXPECT_COMMAND(0,
"mv %s %s.sparse",
partition_path.value().c_str(),
partition_path.value().c_str());
EXPECT_COMMAND(0,
"simg2img %s.sparse %s",
partition_path.value().c_str(),
partition_path.value().c_str());
EXPECT_COMMAND(0, "rm -f %s.sparse", partition_path.value().c_str());
}
TEST_F(AvbToolTest, AddHashFooterCalcMaxImageSize) {
const size_t partition_size = 10 * 1024 * 1024;
base::FilePath output_path = testdir_.Append("max_size.txt");
EXPECT_COMMAND(0,
"./avbtool add_hash_footer "
"--partition_size %zd "
"--calc_max_image_size > %s",
partition_size,
output_path.value().c_str());
std::string max_image_size_data;
EXPECT_TRUE(base::ReadFileToString(output_path, &max_image_size_data));
EXPECT_EQ("10416128\n", max_image_size_data);
size_t max_image_size = atoll(max_image_size_data.c_str());
// Metadata takes up 68 KiB.
EXPECT_EQ(68 * 1024ULL, partition_size - max_image_size);
// Check that we can add a hash footer for an image this size for
// such a partition size.
base::FilePath boot_path = GenerateImage("boot", max_image_size);
EXPECT_COMMAND(0,
"./avbtool add_hash_footer"
" --image %s"
" --partition_name boot"
" --partition_size %zd"
" --salt deadbeef"
" --algorithm SHA512_RSA4096 "
" --key test/data/testkey_rsa4096.pem"
" --internal_release_string \"\"",
boot_path.value().c_str(),
partition_size);
}
TEST_F(AvbToolTest, AddHashFooterWithPersistentDigest) {
size_t partition_size = 1024 * 1024;
base::FilePath path = GenerateImage("digest_location", 1024);
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\" "
"--use_persistent_digest",
path.value().c_str(),
(int)partition_size);
// There are two important bits specific to these flags:
// Minimum libavb version = 1.1
// Hash descriptor -> Digest = (empty)
ASSERT_EQ(
"Footer version: 1.0\n"
"Image size: 1048576 bytes\n"
"Original image size: 1024 bytes\n"
"VBMeta offset: 4096\n"
"VBMeta size: 1280 bytes\n"
"--\n"
"Minimum libavb version: 1.1\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 704 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hash descriptor:\n"
" Image Size: 1024 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Digest: \n"
" Flags: 0\n",
InfoImage(path));
}
TEST_F(AvbToolTest, AddHashFooterWithNoAB) {
size_t partition_size = 1024 * 1024;
base::FilePath path = GenerateImage("digest_location", 1024);
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\" "
"--do_not_use_ab",
path.value().c_str(),
(int)partition_size);
// There are two important bits specific to these flags:
// Minimum libavb version = 1.1
// Hash descriptor -> Flags = 1
ASSERT_EQ(
"Footer version: 1.0\n"
"Image size: 1048576 bytes\n"
"Original image size: 1024 bytes\n"
"VBMeta offset: 4096\n"
"VBMeta size: 1280 bytes\n"
"--\n"
"Minimum libavb version: 1.1\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 704 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hash descriptor:\n"
" Image Size: 1024 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Digest: "
"91386fea3e251ad0c2cb6859e4f4772f37fdb69f17d46636ddc9e7fbfd3bf3d0\n"
" Flags: 1\n",
InfoImage(path));
}
TEST_F(AvbToolTest, AddHashFooterWithPersistentDigestAndNoAB) {
size_t partition_size = 1024 * 1024;
base::FilePath path = GenerateImage("digest_location", 1024);
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\" "
"--use_persistent_digest --do_not_use_ab",
path.value().c_str(),
(int)partition_size);
// There are three important bits specific to these flags:
// Minimum libavb version = 1.1
// Hash descriptor -> Digest = (empty)
// Hash descriptor -> Flags = 1
ASSERT_EQ(
"Footer version: 1.0\n"
"Image size: 1048576 bytes\n"
"Original image size: 1024 bytes\n"
"VBMeta offset: 4096\n"
"VBMeta size: 1280 bytes\n"
"--\n"
"Minimum libavb version: 1.1\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 704 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hash descriptor:\n"
" Image Size: 1024 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Digest: \n"
" Flags: 1\n",
InfoImage(path));
}
void AvbToolTest::AddHashtreeFooterTest(bool sparse_image) {
const size_t rootfs_size = 1028 * 1024;
const size_t partition_size = 1536 * 1024;
// Generate a 1028 KiB file with known content.
std::vector<uint8_t> rootfs;
rootfs.resize(rootfs_size);
for (size_t n = 0; n < rootfs_size; n++)
rootfs[n] = uint8_t(n);
base::FilePath ext_vbmeta_path = testdir_.Append("ext_vbmeta.bin");
base::FilePath rootfs_path = testdir_.Append("rootfs.bin");
EXPECT_EQ(rootfs_size,
static_cast<const size_t>(
base::WriteFile(rootfs_path,
reinterpret_cast<const char*>(rootfs.data()),
rootfs.size())));
if (sparse_image) {
EXPECT_COMMAND(0,
"mv %s %s.unsparse",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0,
"img2simg %s.unsparse %s",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0, "rm -f %s.unsparse", rootfs_path.value().c_str());
}
/* Do this twice to check that 'add_hashtree_footer' is idempotent. */
for (int n = 0; n < 2; n++) {
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--output_vbmeta_image %s "
"--internal_release_string \"\" "
"--do_not_generate_fec",
rootfs_path.value().c_str(),
(int)partition_size,
ext_vbmeta_path.value().c_str());
ASSERT_EQ(base::StringPrintf("Footer version: 1.0\n"
"Image size: 1572864 bytes\n"
"Original image size: 1052672 bytes\n"
"VBMeta offset: 1069056\n"
"VBMeta size: 1344 bytes\n"
"--\n"
"Minimum libavb version: 1.0%s\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 768 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hashtree descriptor:\n"
" Version of dm-verity: 1\n"
" Image Size: 1052672 bytes\n"
" Tree Offset: 1052672\n"
" Tree Size: 16384 bytes\n"
" Data Block Size: 4096 bytes\n"
" Hash Block Size: 4096 bytes\n"
" FEC num roots: 0\n"
" FEC offset: 0\n"
" FEC size: 0 bytes\n"
" Hash Algorithm: sha1\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Root Digest: "
"e811611467dcd6e8dc4324e45f706c2bdd51db67\n"
" Flags: 0\n",
sparse_image ? " (Sparse)" : ""),
InfoImage(rootfs_path));
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 768 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hashtree descriptor:\n"
" Version of dm-verity: 1\n"
" Image Size: 1052672 bytes\n"
" Tree Offset: 1052672\n"
" Tree Size: 16384 bytes\n"
" Data Block Size: 4096 bytes\n"
" Hash Block Size: 4096 bytes\n"
" FEC num roots: 0\n"
" FEC offset: 0\n"
" FEC size: 0 bytes\n"
" Hash Algorithm: sha1\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Root Digest: "
"e811611467dcd6e8dc4324e45f706c2bdd51db67\n"
" Flags: 0\n",
InfoImage(ext_vbmeta_path));
}
if (sparse_image) {
EXPECT_COMMAND(0,
"mv %s %s.sparse",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0,
"simg2img %s.sparse %s",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0, "rm -f %s.sparse", rootfs_path.value().c_str());
}
// To check that we generate the correct hashtree we can use
// veritysetup(1) - another codebase for working with dm-verity
// hashtrees - to verify it.
//
// If we don't want to impose the requirement of having the
// veritysetup(1) command available on builders we can comment this
// out.
EXPECT_COMMAND(0,
"veritysetup --no-superblock --format=1 --hash=sha1 "
"--data-block-size=4096 --hash-block-size=4096 "
"--salt=d00df00d "
"--data-blocks=257 "
"--hash-offset=1052672 "
"verify "
"%s %s "
"e811611467dcd6e8dc4324e45f706c2bdd51db67",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
// Now check that we can find the VBMeta block again from the footer.
std::string part_data;
ASSERT_TRUE(base::ReadFileToString(rootfs_path, &part_data));
// Check footer contains correct data.
AvbFooter f;
EXPECT_NE(0,
avb_footer_validate_and_byteswap(
reinterpret_cast<const AvbFooter*>(
part_data.data() + part_data.size() - AVB_FOOTER_SIZE),
&f));
EXPECT_EQ(
std::string(reinterpret_cast<const char*>(f.magic), AVB_FOOTER_MAGIC_LEN),
AVB_FOOTER_MAGIC);
EXPECT_EQ(AVB_FOOTER_VERSION_MAJOR, (int)f.version_major);
EXPECT_EQ(AVB_FOOTER_VERSION_MINOR, (int)f.version_minor);
EXPECT_EQ(1052672UL, f.original_image_size);
EXPECT_EQ(1069056UL, f.vbmeta_offset);
EXPECT_EQ(1344UL, f.vbmeta_size);
// Check that the vbmeta image at |f.vbmeta_offset| checks out.
const uint8_t* vbmeta_data =
reinterpret_cast<const uint8_t*>(part_data.data() + f.vbmeta_offset);
EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(vbmeta_data, f.vbmeta_size, NULL, NULL));
// Collect all descriptors.
std::vector<const AvbDescriptor*> descriptors;
avb_descriptor_foreach(
vbmeta_data, f.vbmeta_size, collect_descriptors, &descriptors);
// We should only have a single descriptor and it should be a
// hashtree descriptor.
EXPECT_EQ(1UL, descriptors.size());
EXPECT_EQ(AVB_DESCRIPTOR_TAG_HASHTREE, avb_be64toh(descriptors[0]->tag));
AvbHashtreeDescriptor d;
EXPECT_NE(
0,
avb_hashtree_descriptor_validate_and_byteswap(
reinterpret_cast<const AvbHashtreeDescriptor*>(descriptors[0]), &d));
EXPECT_EQ(1UL, d.dm_verity_version);
EXPECT_EQ(1052672UL, d.image_size);
EXPECT_EQ(1052672UL, d.tree_offset);
EXPECT_EQ(16384UL, d.tree_size);
EXPECT_EQ(4096UL, d.data_block_size);
EXPECT_EQ(4096UL, d.hash_block_size);
EXPECT_EQ(6UL, d.partition_name_len);
EXPECT_EQ(4UL, d.salt_len);
EXPECT_EQ(20UL, d.root_digest_len);
const uint8_t* desc_end = reinterpret_cast<const uint8_t*>(descriptors[0]) +
sizeof(AvbHashtreeDescriptor);
uint64_t o = 0;
EXPECT_EQ("foobar",
std::string(reinterpret_cast<const char*>(desc_end + o),
d.partition_name_len));
o += d.partition_name_len;
EXPECT_EQ("d00df00d", mem_to_hexstring(desc_end + o, d.salt_len));
o += d.salt_len;
EXPECT_EQ("e811611467dcd6e8dc4324e45f706c2bdd51db67",
mem_to_hexstring(desc_end + o, d.root_digest_len));
// Check that we correctly generate dm-verity kernel cmdline
// snippets, if requested.
base::FilePath vbmeta_dmv_path = testdir_.Append("vbmeta_dm_verity_desc.bin");
EXPECT_COMMAND(0,
"./avbtool make_vbmeta_image "
"--output %s "
"--setup_rootfs_from_kernel %s "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\"",
vbmeta_dmv_path.value().c_str(),
rootfs_path.value().c_str());
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 896 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Kernel Cmdline descriptor:\n"
" Flags: 1\n"
" Kernel Cmdline: 'dm=\"1 vroot none ro 1,0 2056 verity 1 "
"PARTUUID=$(ANDROID_SYSTEM_PARTUUID) PARTUUID=$(ANDROID_SYSTEM_PARTUUID) "
"4096 4096 257 257 sha1 e811611467dcd6e8dc4324e45f706c2bdd51db67 "
"d00df00d 2 $(ANDROID_VERITY_MODE) ignore_zero_blocks\" root=/dev/dm-0'\n"
" Kernel Cmdline descriptor:\n"
" Flags: 2\n"
" Kernel Cmdline: "
"'root=PARTUUID=$(ANDROID_SYSTEM_PARTUUID)'\n",
InfoImage(vbmeta_dmv_path));
// Check that the footer is correctly erased and the hashtree
// remains - see above for why the constant 1069056 is used.
EXPECT_COMMAND(0,
"./avbtool erase_footer --image %s --keep_hashtree",
rootfs_path.value().c_str());
int64_t erased_footer_file_size;
ASSERT_TRUE(base::GetFileSize(rootfs_path, &erased_footer_file_size));
EXPECT_EQ(static_cast<size_t>(erased_footer_file_size), 1069056UL);
// Check that --do_not_append_vbmeta_image works as intended.
//
// For this we need to reset the size of the image to the original
// size because it's not possible to identify the existing hashtree.
EXPECT_COMMAND(
0, "truncate -s %d %s", (int)rootfs_size, rootfs_path.value().c_str());
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--output_vbmeta %s_2nd_run --do_not_append_vbmeta_image "
"--internal_release_string \"\" "
"--do_not_generate_fec",
rootfs_path.value().c_str(),
(int)partition_size,
ext_vbmeta_path.value().c_str());
int64_t file_size;
ASSERT_TRUE(base::GetFileSize(rootfs_path, &file_size));
EXPECT_EQ(static_cast<size_t>(file_size), 1069056UL);
EXPECT_COMMAND(0,
"diff %s %s_2nd_run",
ext_vbmeta_path.value().c_str(),
ext_vbmeta_path.value().c_str());
}
TEST_F(AvbToolTest, AddHashtreeFooter) {
AddHashtreeFooterTest(false);
}
TEST_F(AvbToolTest, AddHashtreeFooterSparse) {
AddHashtreeFooterTest(true);
}
void AvbToolTest::AddHashtreeFooterFECTest(bool sparse_image) {
const size_t rootfs_size = 1028 * 1024;
const size_t partition_size = 1536 * 1024;
// Generate a 1028 KiB file with known content.
std::vector<uint8_t> rootfs;
rootfs.resize(rootfs_size);
for (size_t n = 0; n < rootfs_size; n++)
rootfs[n] = uint8_t(n);
base::FilePath rootfs_path = testdir_.Append("rootfs.bin");
EXPECT_EQ(rootfs_size,
static_cast<const size_t>(
base::WriteFile(rootfs_path,
reinterpret_cast<const char*>(rootfs.data()),
rootfs.size())));
if (sparse_image) {
EXPECT_COMMAND(0,
"mv %s %s.unsparse",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0,
"img2simg %s.unsparse %s",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0, "rm -f %s.unsparse", rootfs_path.value().c_str());
}
/* Do this twice to check that 'add_hashtree_footer' is idempotent. */
for (int n = 0; n < 2; n++) {
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\"",
rootfs_path.value().c_str(),
(int)partition_size);
ASSERT_EQ(base::StringPrintf("Footer version: 1.0\n"
"Image size: 1572864 bytes\n"
"Original image size: 1052672 bytes\n"
"VBMeta offset: 1085440\n"
"VBMeta size: 1344 bytes\n"
"--\n"
"Minimum libavb version: 1.0%s\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 768 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hashtree descriptor:\n"
" Version of dm-verity: 1\n"
" Image Size: 1052672 bytes\n"
" Tree Offset: 1052672\n"
" Tree Size: 16384 bytes\n"
" Data Block Size: 4096 bytes\n"
" Hash Block Size: 4096 bytes\n"
" FEC num roots: 2\n"
" FEC offset: 1069056\n"
" FEC size: 16384 bytes\n"
" Hash Algorithm: sha1\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Root Digest: "
"e811611467dcd6e8dc4324e45f706c2bdd51db67\n"
" Flags: 0\n",
sparse_image ? " (Sparse)" : ""),
InfoImage(rootfs_path));
}
if (sparse_image) {
EXPECT_COMMAND(0,
"mv %s %s.sparse",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0,
"simg2img %s.sparse %s",
rootfs_path.value().c_str(),
rootfs_path.value().c_str());
EXPECT_COMMAND(0, "rm -f %s.sparse", rootfs_path.value().c_str());
}
/* TODO: would be nice to verify that the FEC data is correct. */
// Now check that we can find the VBMeta block again from the footer.
std::string part_data;
ASSERT_TRUE(base::ReadFileToString(rootfs_path, &part_data));
// Check footer contains correct data.
AvbFooter f;
EXPECT_NE(0,
avb_footer_validate_and_byteswap(
reinterpret_cast<const AvbFooter*>(
part_data.data() + part_data.size() - AVB_FOOTER_SIZE),
&f));
EXPECT_EQ(
std::string(reinterpret_cast<const char*>(f.magic), AVB_FOOTER_MAGIC_LEN),
AVB_FOOTER_MAGIC);
EXPECT_EQ(AVB_FOOTER_VERSION_MAJOR, (int)f.version_major);
EXPECT_EQ(AVB_FOOTER_VERSION_MINOR, (int)f.version_minor);
EXPECT_EQ(1052672UL, f.original_image_size);
EXPECT_EQ(1085440UL, f.vbmeta_offset);
EXPECT_EQ(1344UL, f.vbmeta_size);
// Check that the vbmeta image at |f.vbmeta_offset| checks out.
const uint8_t* vbmeta_data =
reinterpret_cast<const uint8_t*>(part_data.data() + f.vbmeta_offset);
EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(vbmeta_data, f.vbmeta_size, NULL, NULL));
// Collect all descriptors.
std::vector<const AvbDescriptor*> descriptors;
avb_descriptor_foreach(
vbmeta_data, f.vbmeta_size, collect_descriptors, &descriptors);
// We should only have a single descriptor and it should be a
// hashtree descriptor.
EXPECT_EQ(1UL, descriptors.size());
EXPECT_EQ(AVB_DESCRIPTOR_TAG_HASHTREE, avb_be64toh(descriptors[0]->tag));
AvbHashtreeDescriptor d;
EXPECT_NE(
0,
avb_hashtree_descriptor_validate_and_byteswap(
reinterpret_cast<const AvbHashtreeDescriptor*>(descriptors[0]), &d));
EXPECT_EQ(1UL, d.dm_verity_version);
EXPECT_EQ(1052672UL, d.image_size);
EXPECT_EQ(1052672UL, d.tree_offset);
EXPECT_EQ(16384UL, d.tree_size);
EXPECT_EQ(4096UL, d.data_block_size);
EXPECT_EQ(2UL, d.fec_num_roots);
EXPECT_EQ(1069056UL, d.fec_offset);
EXPECT_EQ(16384UL, d.fec_size);
EXPECT_EQ(6UL, d.partition_name_len);
EXPECT_EQ(4UL, d.salt_len);
EXPECT_EQ(20UL, d.root_digest_len);
const uint8_t* desc_end = reinterpret_cast<const uint8_t*>(descriptors[0]) +
sizeof(AvbHashtreeDescriptor);
uint64_t o = 0;
EXPECT_EQ("foobar",
std::string(reinterpret_cast<const char*>(desc_end + o),
d.partition_name_len));
o += d.partition_name_len;
EXPECT_EQ("d00df00d", mem_to_hexstring(desc_end + o, d.salt_len));
o += d.salt_len;
EXPECT_EQ("e811611467dcd6e8dc4324e45f706c2bdd51db67",
mem_to_hexstring(desc_end + o, d.root_digest_len));
// Check that we correctly generate dm-verity kernel cmdline
// snippets, if requested.
base::FilePath vbmeta_dmv_path = testdir_.Append("vbmeta_dm_verity_desc.bin");
EXPECT_COMMAND(0,
"./avbtool make_vbmeta_image "
"--output %s "
"--setup_rootfs_from_kernel %s "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\"",
vbmeta_dmv_path.value().c_str(),
rootfs_path.value().c_str());
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 960 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Kernel Cmdline descriptor:\n"
" Flags: 1\n"
" Kernel Cmdline: 'dm=\"1 vroot none ro 1,0 2056 verity 1 "
"PARTUUID=$(ANDROID_SYSTEM_PARTUUID) PARTUUID=$(ANDROID_SYSTEM_PARTUUID) "
"4096 4096 257 257 sha1 e811611467dcd6e8dc4324e45f706c2bdd51db67 "
"d00df00d 10 $(ANDROID_VERITY_MODE) ignore_zero_blocks "
"use_fec_from_device "
"PARTUUID=$(ANDROID_SYSTEM_PARTUUID) fec_roots 2 fec_blocks 261 "
"fec_start 261\" root=/dev/dm-0'\n"
" Kernel Cmdline descriptor:\n"
" Flags: 2\n"
" Kernel Cmdline: "
"'root=PARTUUID=$(ANDROID_SYSTEM_PARTUUID)'\n",
InfoImage(vbmeta_dmv_path));
// Check that the footer is correctly erased and the hashtree and
// FEC data remains. The constant 1085440 is used because it's where
// the FEC data ends (it's at offset 1069056 and size 16384).
EXPECT_COMMAND(0,
"./avbtool erase_footer --image %s --keep_hashtree",
rootfs_path.value().c_str());
int64_t erased_footer_file_size;
ASSERT_TRUE(base::GetFileSize(rootfs_path, &erased_footer_file_size));
EXPECT_EQ(static_cast<size_t>(erased_footer_file_size), 1085440UL);
}
TEST_F(AvbToolTest, AddHashtreeFooterFEC) {
AddHashtreeFooterFECTest(false);
}
TEST_F(AvbToolTest, AddHashtreeFooterFECSparse) {
AddHashtreeFooterFECTest(true);
}
TEST_F(AvbToolTest, AddHashtreeFooterCalcMaxImageSize) {
const size_t partition_size = 10 * 1024 * 1024;
base::FilePath output_path = testdir_.Append("max_size.txt");
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer "
"--partition_size %zd --calc_max_image_size "
"--do_not_generate_fec > %s",
partition_size,
output_path.value().c_str());
std::string max_image_size_data;
EXPECT_TRUE(base::ReadFileToString(output_path, &max_image_size_data));
EXPECT_EQ("10330112\n", max_image_size_data);
size_t max_image_size = atoll(max_image_size_data.c_str());
// Hashtree and metadata takes up 152 KiB - compare to below with
// FEC which is 244 KiB.
EXPECT_EQ(152 * 1024ULL, partition_size - max_image_size);
// Check that we can add a hashtree with an image this size for such
// a partition size.
base::FilePath system_path = GenerateImage("system", max_image_size);
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer"
" --image %s"
" --partition_name system"
" --partition_size %zd"
" --salt deadbeef"
" --algorithm SHA512_RSA4096 "
" --key test/data/testkey_rsa4096.pem"
" --internal_release_string \"\" "
"--do_not_generate_fec",
system_path.value().c_str(),
partition_size);
}
TEST_F(AvbToolTest, AddHashtreeFooterCalcMaxImageSizeWithFEC) {
const size_t partition_size = 10 * 1024 * 1024;
base::FilePath output_path = testdir_.Append("max_size.txt");
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer "
"--partition_size %zd --calc_max_image_size > %s",
partition_size,
output_path.value().c_str());
std::string max_image_size_data;
EXPECT_TRUE(base::ReadFileToString(output_path, &max_image_size_data));
EXPECT_EQ("10235904\n", max_image_size_data);
size_t max_image_size = atoll(max_image_size_data.c_str());
// Hashtree, FEC codes, and metadata takes up 244 KiB - compare to
// above wihtout FEC which is 152 KiB.
EXPECT_EQ(244 * 1024ULL, partition_size - max_image_size);
// Check that we can add a hashtree with an image this size for such
// a partition size.
base::FilePath system_path = GenerateImage("system", max_image_size);
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer"
" --image %s"
" --partition_name system"
" --partition_size %zd"
" --salt deadbeef"
" --algorithm SHA512_RSA4096 "
" --key test/data/testkey_rsa4096.pem"
" --internal_release_string \"\"",
system_path.value().c_str(),
partition_size);
}
TEST_F(AvbToolTest, AddHashtreeFooterWithPersistentDigest) {
size_t partition_size = 10 * 1024 * 1024;
base::FilePath path = GenerateImage("digest_location", partition_size / 2);
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\" "
"--use_persistent_digest",
path.value().c_str(),
(int)partition_size);
// There are two important bits here specific to --use_persistent_digest:
// Minimum libavb version = 1.1
// Hashtree descriptor -> Root Digest = (empty)
ASSERT_EQ(
"Footer version: 1.0\n"
"Image size: 10485760 bytes\n"
"Original image size: 5242880 bytes\n"
"VBMeta offset: 5337088\n"
"VBMeta size: 1344 bytes\n"
"--\n"
"Minimum libavb version: 1.1\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 768 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hashtree descriptor:\n"
" Version of dm-verity: 1\n"
" Image Size: 5242880 bytes\n"
" Tree Offset: 5242880\n"
" Tree Size: 45056 bytes\n"
" Data Block Size: 4096 bytes\n"
" Hash Block Size: 4096 bytes\n"
" FEC num roots: 2\n"
" FEC offset: 5287936\n"
" FEC size: 49152 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Root Digest: \n"
" Flags: 0\n",
InfoImage(path));
}
TEST_F(AvbToolTest, AddHashtreeFooterWithNoAB) {
size_t partition_size = 10 * 1024 * 1024;
base::FilePath path = GenerateImage("digest_location", partition_size / 2);
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\" "
"--do_not_use_ab",
path.value().c_str(),
(int)partition_size);
// There are two important bits here we're expecting with --do_not_use_ab:
// Minimum libavb version = 1.1
// Hashtree descriptor -> Flags = 1
ASSERT_EQ(
"Footer version: 1.0\n"
"Image size: 10485760 bytes\n"
"Original image size: 5242880 bytes\n"
"VBMeta offset: 5337088\n"
"VBMeta size: 1344 bytes\n"
"--\n"
"Minimum libavb version: 1.1\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 768 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hashtree descriptor:\n"
" Version of dm-verity: 1\n"
" Image Size: 5242880 bytes\n"
" Tree Offset: 5242880\n"
" Tree Size: 45056 bytes\n"
" Data Block Size: 4096 bytes\n"
" Hash Block Size: 4096 bytes\n"
" FEC num roots: 2\n"
" FEC offset: 5287936\n"
" FEC size: 49152 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Root Digest: "
"d0e31526f5a3f8e3f59acf726bd31ae7861ee78f9baa9195356bf479c6f9119d\n"
" Flags: 1\n",
InfoImage(path));
}
TEST_F(AvbToolTest, AddHashtreeFooterWithPersistentDigestAndNoAB) {
size_t partition_size = 10 * 1024 * 1024;
base::FilePath path = GenerateImage("digest_location", partition_size / 2);
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\" "
"--use_persistent_digest --do_not_use_ab",
path.value().c_str(),
(int)partition_size);
// There are three important bits specific to these flags:
// Minimum libavb version = 1.1
// Hashtree descriptor -> Root Digest = (empty)
// Hashtree descriptor -> Flags = 1
ASSERT_EQ(
"Footer version: 1.0\n"
"Image size: 10485760 bytes\n"
"Original image size: 5242880 bytes\n"
"VBMeta offset: 5337088\n"
"VBMeta size: 1344 bytes\n"
"--\n"
"Minimum libavb version: 1.1\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 768 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Hashtree descriptor:\n"
" Version of dm-verity: 1\n"
" Image Size: 5242880 bytes\n"
" Tree Offset: 5242880\n"
" Tree Size: 45056 bytes\n"
" Data Block Size: 4096 bytes\n"
" Hash Block Size: 4096 bytes\n"
" FEC num roots: 2\n"
" FEC offset: 5287936\n"
" FEC size: 49152 bytes\n"
" Hash Algorithm: sha256\n"
" Partition Name: foobar\n"
" Salt: d00df00d\n"
" Root Digest: \n"
" Flags: 1\n",
InfoImage(path));
}
TEST_F(AvbToolTest, KernelCmdlineDescriptor) {
base::FilePath vbmeta_path =
testdir_.Append("vbmeta_kernel_cmdline_desc.bin");
EXPECT_COMMAND(0,
"./avbtool make_vbmeta_image "
"--output %s "
"--kernel_cmdline 'foo bar baz' "
"--kernel_cmdline 'second cmdline' "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\"",
vbmeta_path.value().c_str());
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 640 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Kernel Cmdline descriptor:\n"
" Flags: 0\n"
" Kernel Cmdline: 'foo bar baz'\n"
" Kernel Cmdline descriptor:\n"
" Flags: 0\n"
" Kernel Cmdline: 'second cmdline'\n",
InfoImage(vbmeta_path));
// Now check the VBMeta image.
std::string image_data;
ASSERT_TRUE(base::ReadFileToString(vbmeta_path, &image_data));
const uint8_t* vbmeta_data =
reinterpret_cast<const uint8_t*>(image_data.data());
const size_t vbmeta_size = image_data.length();
EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(vbmeta_data, vbmeta_size, NULL, NULL));
// Collect all descriptors.
std::vector<const AvbDescriptor*> descriptors;
avb_descriptor_foreach(
vbmeta_data, vbmeta_size, collect_descriptors, &descriptors);
// We should have two descriptors - check them.
EXPECT_EQ(2UL, descriptors.size());
AvbKernelCmdlineDescriptor d;
EXPECT_EQ(AVB_DESCRIPTOR_TAG_KERNEL_CMDLINE,
avb_be64toh(descriptors[0]->tag));
EXPECT_NE(
0,
avb_kernel_cmdline_descriptor_validate_and_byteswap(
reinterpret_cast<const AvbKernelCmdlineDescriptor*>(descriptors[0]),
&d));
EXPECT_EQ("foo bar baz",
std::string(reinterpret_cast<const char*>(descriptors[0]) +
sizeof(AvbKernelCmdlineDescriptor),
d.kernel_cmdline_length));
EXPECT_EQ(AVB_DESCRIPTOR_TAG_KERNEL_CMDLINE,
avb_be64toh(descriptors[1]->tag));
EXPECT_NE(
0,
avb_kernel_cmdline_descriptor_validate_and_byteswap(
reinterpret_cast<const AvbKernelCmdlineDescriptor*>(descriptors[1]),
&d));
EXPECT_EQ("second cmdline",
std::string(reinterpret_cast<const char*>(descriptors[1]) +
sizeof(AvbKernelCmdlineDescriptor),
d.kernel_cmdline_length));
}
TEST_F(AvbToolTest, AddHashFooterSmallImageWithExternalVbmeta) {
const size_t image_size = 37;
const size_t partition_size = 20 * 4096;
std::vector<uint8_t> image(image_size, 0);
for (size_t n = 0; n < image_size; n++) {
image[n] = uint8_t(n);
}
base::FilePath ext_vbmeta_path = testdir_.Append("ext_vbmeta.bin");
base::FilePath image_path = testdir_.Append("kernel.bin");
EXPECT_EQ(image_size,
static_cast<const size_t>(
base::WriteFile(image_path,
reinterpret_cast<const char*>(image.data()),
image.size())));
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %zu --partition_name kernel "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--output_vbmeta %s "
"--do_not_append_vbmeta_image "
"--internal_release_string \"\"",
image_path.value().c_str(),
partition_size,
ext_vbmeta_path.value().c_str());
// It is not this unit test's job to check the vbmeta content.
int64_t file_size;
ASSERT_TRUE(base::GetFileSize(image_path, &file_size));
EXPECT_EQ(static_cast<size_t>(file_size), image_size);
}
TEST_F(AvbToolTest, IncludeDescriptor) {
base::FilePath vbmeta1_path = testdir_.Append("vbmeta_id1.bin");
base::FilePath vbmeta2_path = testdir_.Append("vbmeta_id2.bin");
base::FilePath vbmeta3_path = testdir_.Append("vbmeta_id3.bin");
EXPECT_COMMAND(0,
"./avbtool make_vbmeta_image "
"--output %s "
"--kernel_cmdline 'something' "
"--prop name:value "
"--internal_release_string \"\"",
vbmeta1_path.value().c_str());
EXPECT_COMMAND(0,
"./avbtool make_vbmeta_image "
"--output %s "
"--prop name2:value2 "
"--prop name3:value3 "
"--internal_release_string \"\"",
vbmeta2_path.value().c_str());
EXPECT_COMMAND(0,
"./avbtool make_vbmeta_image "
"--output %s "
"--prop name4:value4 "
"--include_descriptors_from_image %s "
"--include_descriptors_from_image %s "
"--internal_release_string \"\"",
vbmeta3_path.value().c_str(),
vbmeta1_path.value().c_str(),
vbmeta2_path.value().c_str());
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 0 bytes\n"
"Auxiliary Block: 256 bytes\n"
"Algorithm: NONE\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Prop: name4 -> 'value4'\n"
" Prop: name -> 'value'\n"
" Kernel Cmdline descriptor:\n"
" Flags: 0\n"
" Kernel Cmdline: 'something'\n"
" Prop: name2 -> 'value2'\n"
" Prop: name3 -> 'value3'\n",
InfoImage(vbmeta3_path));
}
TEST_F(AvbToolTest, ChainedPartition) {
base::FilePath vbmeta_path = testdir_.Append("vbmeta_cp.bin");
base::FilePath pk_path = testdir_.Append("testkey_rsa2048.avbpubkey");
EXPECT_COMMAND(
0,
"./avbtool extract_public_key --key test/data/testkey_rsa2048.pem"
" --output %s",
pk_path.value().c_str());
EXPECT_COMMAND(
0,
"./avbtool make_vbmeta_image "
"--output %s "
"--chain_partition system:1:%s "
"--algorithm SHA256_RSA2048 --key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\"",
vbmeta_path.value().c_str(),
pk_path.value().c_str());
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 1152 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: ''\n"
"Descriptors:\n"
" Chain Partition descriptor:\n"
" Partition Name: system\n"
" Rollback Index Location: 1\n"
" Public key (sha1): "
"cdbb77177f731920bbe0a0f94f84d9038ae0617d\n",
InfoImage(vbmeta_path));
// Now check the VBMeta image.
std::string image_data;
ASSERT_TRUE(base::ReadFileToString(vbmeta_path, &image_data));
const uint8_t* vbmeta_data =
reinterpret_cast<const uint8_t*>(image_data.data());
const size_t vbmeta_size = image_data.length();
EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
avb_vbmeta_image_verify(vbmeta_data, vbmeta_size, NULL, NULL));
// Collect all descriptors.
std::vector<const AvbDescriptor*> descriptors;
avb_descriptor_foreach(
vbmeta_data, vbmeta_size, collect_descriptors, &descriptors);
// We should have one descriptor - check it.
EXPECT_EQ(1UL, descriptors.size());
std::string pk_data;
ASSERT_TRUE(base::ReadFileToString(pk_path, &pk_data));
AvbChainPartitionDescriptor d;
EXPECT_EQ(AVB_DESCRIPTOR_TAG_CHAIN_PARTITION,
avb_be64toh(descriptors[0]->tag));
EXPECT_NE(
0,
avb_chain_partition_descriptor_validate_and_byteswap(
reinterpret_cast<const AvbChainPartitionDescriptor*>(descriptors[0]),
&d));
const uint8_t* desc_end = reinterpret_cast<const uint8_t*>(descriptors[0]) +
sizeof(AvbChainPartitionDescriptor);
uint64_t o = 0;
EXPECT_EQ("system",
std::string(reinterpret_cast<const char*>(desc_end + o),
d.partition_name_len));
o += d.partition_name_len;
EXPECT_EQ(pk_data,
std::string(reinterpret_cast<const char*>(descriptors[0]) +
sizeof(AvbChainPartitionDescriptor) + o,
d.public_key_len));
}
TEST_F(AvbToolTest, ChainedPartitionNoLocationCollision) {
base::FilePath vbmeta_path = testdir_.Append("vbmeta_cp.bin");
base::FilePath pk_path = testdir_.Append("testkey_rsa2048.avbpubkey");
EXPECT_COMMAND(
0,
"./avbtool extract_public_key --key test/data/testkey_rsa2048.pem"
" --output %s",
pk_path.value().c_str());
// Check that avbtool bails if the same Rollback Index Location is
// used for multiple chained partitions.
EXPECT_COMMAND(
1,
"./avbtool make_vbmeta_image "
"--output %s "
"--chain_partition system:1:%s "
"--chain_partition other:1:%s "
"--algorithm SHA256_RSA2048 --key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\"",
vbmeta_path.value().c_str(),
pk_path.value().c_str(),
pk_path.value().c_str());
}
TEST_F(AvbToolTest, AppendVBMetaImage) {
size_t boot_size = 5 * 1024 * 1024;
size_t boot_partition_size = 32 * 1024 * 1024;
base::FilePath boot_path = GenerateImage("boot", boot_size);
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
std::string("--append_to_release_string \"\" "
"--kernel_cmdline foo"));
EXPECT_COMMAND(0,
"./avbtool append_vbmeta_image "
"--image %s "
"--partition_size %d "
"--vbmeta_image %s ",
boot_path.value().c_str(),
(int)boot_partition_size,
vbmeta_image_path_.value().c_str());
std::string vbmeta_contents = InfoImage(vbmeta_image_path_);
std::string boot_contents = InfoImage(boot_path);
// Check that boot.img has the same vbmeta blob as from vbmeta.img -
// we do this by inspecting 'avbtool info_image' output combined
// with the known footer location given boot.img has 5 MiB known
// content and the partition size is 32 MiB.
ASSERT_EQ(
"Minimum libavb version: 1.0\n"
"Header Block: 256 bytes\n"
"Authentication Block: 320 bytes\n"
"Auxiliary Block: 576 bytes\n"
"Algorithm: SHA256_RSA2048\n"
"Rollback Index: 0\n"
"Flags: 0\n"
"Release String: 'avbtool 1.1.0 '\n"
"Descriptors:\n"
" Kernel Cmdline descriptor:\n"
" Flags: 0\n"
" Kernel Cmdline: 'foo'\n",
vbmeta_contents);
std::string known_footer =
"Footer version: 1.0\n"
"Image size: 33554432 bytes\n"
"Original image size: 5242880 bytes\n"
"VBMeta offset: 5242880\n"
"VBMeta size: 1152 bytes\n"
"--\n";
ASSERT_EQ(known_footer + vbmeta_contents, boot_contents);
// Also verify that the blobs are the same, bit for bit.
base::File f =
base::File(boot_path, base::File::FLAG_OPEN | base::File::FLAG_READ);
std::vector<uint8_t> loaded_vbmeta;
loaded_vbmeta.resize(1152);
EXPECT_EQ(
f.Read(
5 * 1024 * 1024, reinterpret_cast<char*>(loaded_vbmeta.data()), 1152),
1152);
EXPECT_EQ(vbmeta_image_, loaded_vbmeta);
}
TEST_F(AvbToolTest, SigningHelperBasic) {
base::FilePath vbmeta_path = testdir_.Append("vbmeta.bin");
base::FilePath signing_helper_test_path =
testdir_.Append("signing_helper_test");
EXPECT_COMMAND(
0,
"SIGNING_HELPER_TEST=\"%s\" ./avbtool make_vbmeta_image "
"--output %s "
"--algorithm SHA256_RSA2048 --key test/data/testkey_rsa2048.pem "
"--signing_helper test/avbtool_signing_helper_test.py "
"--internal_release_string \"\"",
signing_helper_test_path.value().c_str(),
vbmeta_path.value().c_str());
// Now check the value in test file.
std::string value;
ASSERT_TRUE(base::ReadFileToString(signing_helper_test_path, &value));
EXPECT_EQ("DONE", value);
}
TEST_F(AvbToolTest, SigningHelperWithFilesBasic) {
base::FilePath vbmeta_path = testdir_.Append("vbmeta.bin");
base::FilePath signing_helper_test_path =
testdir_.Append("signing_helper_test");
EXPECT_COMMAND(
0,
"SIGNING_HELPER_TEST=\"%s\" ./avbtool make_vbmeta_image "
"--output %s "
"--algorithm SHA256_RSA2048 --key test/data/testkey_rsa2048.pem "
"--signing_helper_with_files "
"test/avbtool_signing_helper_with_files_test.py "
"--internal_release_string \"\"",
signing_helper_test_path.value().c_str(),
vbmeta_path.value().c_str());
// Now check the value in test file.
std::string value;
ASSERT_TRUE(base::ReadFileToString(signing_helper_test_path, &value));
EXPECT_EQ("DONE", value);
}
TEST_F(AvbToolTest, SigningHelperReturnError) {
base::FilePath vbmeta_path = testdir_.Append("vbmeta.bin");
EXPECT_COMMAND(
1,
"./avbtool make_vbmeta_image "
"--output %s "
"--algorithm SHA256_RSA2048 --key test/data/testkey_rsa2048.pem "
"--signing_helper test/avbtool_signing_helper_test.py "
"--internal_release_string \"\"",
vbmeta_path.value().c_str());
}
TEST_F(AvbToolTest, SigningHelperWithFilesReturnError) {
base::FilePath vbmeta_path = testdir_.Append("vbmeta.bin");
EXPECT_COMMAND(
1,
"./avbtool make_vbmeta_image "
"--output %s "
"--algorithm SHA256_RSA2048 --key test/data/testkey_rsa2048.pem "
"--signing_helper_with_files "
"test/avbtool_signing_helper_with_files_test.py "
"--internal_release_string \"\"",
vbmeta_path.value().c_str());
}
TEST_F(AvbToolTest, VerifyImageNoSignature) {
GenerateVBMetaImage("vbmeta.img",
"", // NONE
0,
base::FilePath());
EXPECT_COMMAND(0,
"./avbtool verify_image "
"--image %s ",
vbmeta_image_path_.value().c_str());
}
TEST_F(AvbToolTest, VerifyImageValidSignature) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"));
EXPECT_COMMAND(0,
"./avbtool verify_image "
"--image %s ",
vbmeta_image_path_.value().c_str());
}
TEST_F(AvbToolTest, VerifyImageCorruptedVBMeta) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"));
// Corrupt four bytes of data in the end of the image. Since the aux
// data is at the end and this data is signed, this will change the
// value of the computed hash.
uint8_t corrupt_data[4] = {0xff, 0xff, 0xff, 0xff};
EXPECT_EQ(AVB_IO_RESULT_OK,
ops_.avb_ops()->write_to_partition(ops_.avb_ops(),
"vbmeta",
-4, // offset from end
sizeof corrupt_data,
corrupt_data));
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s ",
vbmeta_image_path_.value().c_str());
}
TEST_F(AvbToolTest, VerifyImageOtherKeyMatching) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"));
EXPECT_COMMAND(0,
"./avbtool verify_image "
"--image %s --key test/data/testkey_rsa2048.pem",
vbmeta_image_path_.value().c_str());
}
TEST_F(AvbToolTest, VerifyImageOtherKeyNotMatching) {
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"));
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s --key test/data/testkey_rsa4096.pem",
vbmeta_image_path_.value().c_str());
}
TEST_F(AvbToolTest, VerifyImageBrokenSignature) {
base::FilePath vbmeta_path = testdir_.Append("vbmeta.bin");
base::FilePath signing_helper_test_path =
testdir_.Append("signing_helper_test");
// Intentionally make the signer generate a wrong signature.
EXPECT_COMMAND(
0,
"SIGNING_HELPER_GENERATE_WRONG_SIGNATURE=1 ./avbtool make_vbmeta_image "
"--output %s "
"--algorithm SHA256_RSA2048 --key test/data/testkey_rsa2048.pem "
"--signing_helper test/avbtool_signing_helper_test.py "
"--internal_release_string \"\"",
vbmeta_path.value().c_str());
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s ",
vbmeta_path.value().c_str());
}
// Helper to generate boot.img, unsparse system.img, and vbmeta.img.
void AvbToolTest::GenerateImageWithHashAndHashtreeSetup() {
const size_t boot_partition_size = 16 * 1024 * 1024;
const size_t boot_image_size = 5 * 1024 * 1024;
base::FilePath boot_path = GenerateImage("boot.img", boot_image_size);
EXPECT_COMMAND(0,
"./avbtool add_hash_footer"
" --image %s"
" --rollback_index 0"
" --partition_name boot"
" --partition_size %zd"
" --salt deadbeef"
" --internal_release_string \"\"",
boot_path.value().c_str(),
boot_partition_size);
const size_t system_partition_size = 10 * 1024 * 1024;
const size_t system_image_size = 8 * 1024 * 1024;
base::FilePath system_path = GenerateImage("system.img", system_image_size);
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d --image %s "
"--partition_size %zd --partition_name system "
"--internal_release_string \"\" ",
system_path.value().c_str(),
system_partition_size);
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
base::StringPrintf("--include_descriptors_from_image %s "
"--include_descriptors_from_image %s",
boot_path.value().c_str(),
system_path.value().c_str()));
}
TEST_F(AvbToolTest, VerifyImageWithHashAndHashtree) {
GenerateImageWithHashAndHashtreeSetup();
// Do two checks - one for system.img not sparse, and one where it
// is sparse.
for (int n = 0; n < 2; n++) {
EXPECT_COMMAND(0,
"./avbtool verify_image "
"--image %s ",
vbmeta_image_path_.value().c_str());
if (n == 0) {
EXPECT_COMMAND(0,
"img2simg %s %s.sparse",
testdir_.Append("system.img").value().c_str(),
testdir_.Append("system.img").value().c_str());
EXPECT_COMMAND(0,
"mv %s.sparse %s",
testdir_.Append("system.img").value().c_str(),
testdir_.Append("system.img").value().c_str());
}
}
}
TEST_F(AvbToolTest, VerifyImageWithHashAndHashtreeCorruptHash) {
GenerateImageWithHashAndHashtreeSetup();
// Corrupt four bytes of data in the middle of boot.img.
uint8_t corrupt_data[4] = {0xff, 0xff, 0xff, 0xff};
EXPECT_EQ(AVB_IO_RESULT_OK,
ops_.avb_ops()->write_to_partition(ops_.avb_ops(),
"boot",
105 * 1024, // offset from start
sizeof corrupt_data,
corrupt_data));
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s ",
vbmeta_image_path_.value().c_str());
}
TEST_F(AvbToolTest, VerifyImageWithHashAndHashtreeCorruptHashtree) {
GenerateImageWithHashAndHashtreeSetup();
// Corrupt four bytes of data in the middle of system.img.
uint8_t corrupt_data[4] = {0xff, 0xff, 0xff, 0xff};
EXPECT_EQ(AVB_IO_RESULT_OK,
ops_.avb_ops()->write_to_partition(ops_.avb_ops(),
"system",
123 * 1024, // offset from start
sizeof corrupt_data,
corrupt_data));
// Do two checks - one for system.img not sparse, and one where it
// is sparse.
for (int n = 0; n < 2; n++) {
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s ",
vbmeta_image_path_.value().c_str());
if (n == 0) {
EXPECT_COMMAND(0,
"img2simg %s %s.sparse",
testdir_.Append("system.img").value().c_str(),
testdir_.Append("system.img").value().c_str());
EXPECT_COMMAND(0,
"mv %s.sparse %s",
testdir_.Append("system.img").value().c_str(),
testdir_.Append("system.img").value().c_str());
}
}
}
TEST_F(AvbToolTest, VerifyImageChainPartition) {
base::FilePath pk4096_path = testdir_.Append("testkey_rsa4096.avbpubkey");
EXPECT_COMMAND(
0,
"./avbtool extract_public_key --key test/data/testkey_rsa4096.pem"
" --output %s",
pk4096_path.value().c_str());
base::FilePath pk8192_path = testdir_.Append("testkey_rsa8192.avbpubkey");
EXPECT_COMMAND(
0,
"./avbtool extract_public_key --key test/data/testkey_rsa8192.pem"
" --output %s",
pk8192_path.value().c_str());
GenerateVBMetaImage("vbmeta.img",
"SHA256_RSA2048",
0,
base::FilePath("test/data/testkey_rsa2048.pem"),
base::StringPrintf("--chain_partition system:1:%s ",
pk4096_path.value().c_str()));
// Should not fail (name, rollback_index, contents all correct).
EXPECT_COMMAND(0,
"./avbtool verify_image "
"--image %s "
"--expected_chain_partition system:1:%s",
vbmeta_image_path_.value().c_str(),
pk4096_path.value().c_str());
// Should fail because we didn't use --expected_chain_partition.
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s ",
vbmeta_image_path_.value().c_str());
// Should fail because partition name is wrong.
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s "
"--expected_chain_partition xyz:1:%s",
vbmeta_image_path_.value().c_str(),
pk4096_path.value().c_str());
// Should fail because rollback index location is wrong.
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s "
"--expected_chain_partition system:2:%s",
vbmeta_image_path_.value().c_str(),
pk4096_path.value().c_str());
// Should fail because public key blob is wrong.
EXPECT_COMMAND(1,
"./avbtool verify_image "
"--image %s "
"--expected_chain_partition system:1:%s",
vbmeta_image_path_.value().c_str(),
pk8192_path.value().c_str());
}
class AvbToolTest_PrintRequiredVersion : public AvbToolTest {
protected:
const char* kOutputFile = "versions.txt";
void PrintWithAddHashFooter(int target_required_minor_version) {
std::string extra_args;
if (target_required_minor_version == 1) {
// The --do_not_use_ab option will require 1.1.
extra_args = "--do_not_use_ab";
}
const size_t boot_partition_size = 16 * 1024 * 1024;
base::FilePath output_path = testdir_.Append(kOutputFile);
EXPECT_COMMAND(0,
"./avbtool add_hash_footer"
" --rollback_index 0"
" --partition_name boot"
" --partition_size %zd"
" --salt deadbeef"
" --internal_release_string \"\""
" %s"
" --print_required_libavb_version > %s",
boot_partition_size,
extra_args.c_str(),
output_path.value().c_str());
CheckVersion(target_required_minor_version);
}
void PrintWithAddHashtreeFooter(int target_required_minor_version) {
std::string extra_args;
if (target_required_minor_version == 1) {
// The --do_not_use_ab option will require 1.1.
extra_args = "--do_not_use_ab";
}
const size_t system_partition_size = 10 * 1024 * 1024;
base::FilePath output_path = testdir_.Append(kOutputFile);
EXPECT_COMMAND(0,
"./avbtool add_hashtree_footer --salt d00df00d "
"--partition_size %zd --partition_name system "
"--internal_release_string \"\""
" %s"
" --print_required_libavb_version > %s",
system_partition_size,
extra_args.c_str(),
output_path.value().c_str());
CheckVersion(target_required_minor_version);
}
void PrintWithMakeVbmetaImage(int target_required_minor_version) {
std::string extra_args;
if (target_required_minor_version == 1) {
// An included descriptor that requires 1.1 will require 1.1 for vbmeta.
const size_t boot_partition_size = 16 * 1024 * 1024;
base::FilePath image_path = GenerateImage("test_print_version", 1024);
EXPECT_COMMAND(0,
"./avbtool add_hash_footer --salt d00df00d "
"--hash_algorithm sha256 --image %s "
"--partition_size %d --partition_name foobar "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\" "
"--do_not_use_ab",
image_path.value().c_str(),
(int)boot_partition_size);
extra_args = base::StringPrintf("--include_descriptors_from_image %s",
image_path.value().c_str());
}
base::FilePath output_path = testdir_.Append(kOutputFile);
EXPECT_COMMAND(0,
"./avbtool make_vbmeta_image "
"--algorithm SHA256_RSA2048 "
"--key test/data/testkey_rsa2048.pem "
"--internal_release_string \"\""
" %s"
" --print_required_libavb_version > %s",
extra_args.c_str(),
output_path.value().c_str());
CheckVersion(target_required_minor_version);
}
void CheckVersion(int expected_required_minor_version) {
base::FilePath output_path = testdir_.Append(kOutputFile);
std::string output;
ASSERT_TRUE(base::ReadFileToString(output_path, &output));
EXPECT_EQ(output,
base::StringPrintf("1.%d\n", expected_required_minor_version));
}
};
TEST_F(AvbToolTest_PrintRequiredVersion, HashFooter_1_0) {
PrintWithAddHashFooter(0);
}
TEST_F(AvbToolTest_PrintRequiredVersion, HashFooter_1_1) {
PrintWithAddHashFooter(1);
}
TEST_F(AvbToolTest_PrintRequiredVersion, HashtreeFooter_1_0) {
PrintWithAddHashtreeFooter(0);
}
TEST_F(AvbToolTest_PrintRequiredVersion, HashtreeFooter_1_1) {
PrintWithAddHashtreeFooter(1);
}
TEST_F(AvbToolTest_PrintRequiredVersion, Vbmeta_1_0) {
PrintWithMakeVbmetaImage(0);
}
TEST_F(AvbToolTest_PrintRequiredVersion, Vbmeta_1_1) {
PrintWithMakeVbmetaImage(1);
}
TEST_F(AvbToolTest, MakeAtxPikCertificate) {
base::FilePath subject_path = testdir_.Append("tmp_subject");
ASSERT_TRUE(base::WriteFile(subject_path, "fake PIK subject", 16));
base::FilePath pubkey_path = testdir_.Append("tmp_pubkey.pem");
EXPECT_COMMAND(
0,
"openssl pkey -pubout -in test/data/testkey_atx_pik.pem -out %s",
pubkey_path.value().c_str());
base::FilePath output_path = testdir_.Append("tmp_certificate.bin");
EXPECT_COMMAND(0,
"./avbtool make_atx_certificate"
" --subject %s"
" --subject_key %s"
" --subject_key_version 42"
" --subject_is_intermediate_authority"
" --authority_key test/data/testkey_atx_prk.pem"
" --output %s",
subject_path.value().c_str(),
pubkey_path.value().c_str(),
output_path.value().c_str());
EXPECT_COMMAND(0,
"diff test/data/atx_pik_certificate.bin %s",
output_path.value().c_str());
}
TEST_F(AvbToolTest, MakeAtxPskCertificate) {
base::FilePath pubkey_path = testdir_.Append("tmp_pubkey.pem");
EXPECT_COMMAND(
0,
"openssl pkey -pubout -in test/data/testkey_atx_psk.pem -out %s",
pubkey_path.value().c_str());
base::FilePath output_path = testdir_.Append("tmp_certificate.bin");
EXPECT_COMMAND(0,
"./avbtool make_atx_certificate"
" --subject test/data/atx_product_id.bin"
" --subject_key %s"
" --subject_key_version 42"
" --authority_key test/data/testkey_atx_pik.pem"
" --output %s",
pubkey_path.value().c_str(),
output_path.value().c_str());
EXPECT_COMMAND(0,
"diff test/data/atx_psk_certificate.bin %s",
output_path.value().c_str());
}
TEST_F(AvbToolTest, MakeAtxPermanentAttributes) {
base::FilePath pubkey_path = testdir_.Append("tmp_pubkey.pem");
EXPECT_COMMAND(
0,
"openssl pkey -pubout -in test/data/testkey_atx_prk.pem -out %s",
pubkey_path.value().c_str());
base::FilePath output_path = testdir_.Append("tmp_attributes.bin");
EXPECT_COMMAND(0,
"./avbtool make_atx_permanent_attributes"
" --root_authority_key %s"
" --product_id test/data/atx_product_id.bin"
" --output %s",
pubkey_path.value().c_str(),
output_path.value().c_str());
EXPECT_COMMAND(0,
"diff test/data/atx_permanent_attributes.bin %s",
output_path.value().c_str());
}
TEST_F(AvbToolTest, MakeAtxMetadata) {
base::FilePath output_path = testdir_.Append("tmp_metadata.bin");
EXPECT_COMMAND(
0,
"./avbtool make_atx_metadata"
" --intermediate_key_certificate test/data/atx_pik_certificate.bin"
" --product_key_certificate test/data/atx_psk_certificate.bin"
" --output %s",
output_path.value().c_str());
EXPECT_COMMAND(
0, "diff test/data/atx_metadata.bin %s", output_path.value().c_str());
}
} // namespace avb