| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 1 | # SPDX-License-Identifier: GPL-2.0+ |
| Igor Opaniuk | 29cb886 | 2024-02-09 20:20:40 +0100 | [diff] [blame] | 2 | # Copyright (c) 2018, Linaro Limited |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 3 | # |
| 4 | # Android Verified Boot 2.0 Test |
| 5 | |
| 6 | """ |
| Michal Simek | 50fa118 | 2023-05-17 09:17:16 +0200 | [diff] [blame] | 7 | This tests Android Verified Boot 2.0 support in U-Boot: |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 8 | |
| 9 | For additional details about how to build proper vbmeta partition |
| Sam Protsenko | cd43fa1 | 2020-01-24 17:53:44 +0200 | [diff] [blame] | 10 | check doc/android/avb2.rst |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 11 | |
| 12 | For configuration verification: |
| 13 | - Corrupt boot partition and check for failure |
| 14 | - Corrupt vbmeta partition and check for failure |
| 15 | """ |
| 16 | |
| 17 | import pytest |
| 18 | import u_boot_utils as util |
| 19 | |
| 20 | # defauld mmc id |
| 21 | mmc_dev = 1 |
| 22 | temp_addr = 0x90000000 |
| 23 | temp_addr2 = 0x90002000 |
| 24 | |
| Tom Rini | 1ba0781 | 2019-10-24 11:59:18 -0400 | [diff] [blame] | 25 | @pytest.mark.buildconfigspec('cmd_avb') |
| 26 | @pytest.mark.buildconfigspec('cmd_mmc') |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 27 | def test_avb_verify(u_boot_console): |
| 28 | """Run AVB 2.0 boot verification chain with avb subset of commands |
| 29 | """ |
| 30 | |
| 31 | success_str = "Verification passed successfully" |
| 32 | |
| 33 | response = u_boot_console.run_command('avb init %s' %str(mmc_dev)) |
| 34 | assert response == '' |
| 35 | response = u_boot_console.run_command('avb verify') |
| 36 | assert response.find(success_str) |
| 37 | |
| 38 | |
| Tom Rini | 1ba0781 | 2019-10-24 11:59:18 -0400 | [diff] [blame] | 39 | @pytest.mark.buildconfigspec('cmd_avb') |
| 40 | @pytest.mark.buildconfigspec('cmd_mmc') |
| Simon Glass | 461b791 | 2023-01-06 08:52:19 -0600 | [diff] [blame] | 41 | @pytest.mark.notbuildconfigspec('sandbox') |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 42 | def test_avb_mmc_uuid(u_boot_console): |
| 43 | """Check if 'avb get_uuid' works, compare results with |
| 44 | 'part list mmc 1' output |
| 45 | """ |
| 46 | |
| 47 | response = u_boot_console.run_command('avb init %s' % str(mmc_dev)) |
| 48 | assert response == '' |
| 49 | |
| 50 | response = u_boot_console.run_command('mmc rescan; mmc dev %s' % |
| 51 | str(mmc_dev)) |
| 52 | assert response.find('is current device') |
| 53 | |
| 54 | part_lines = u_boot_console.run_command('mmc part').splitlines() |
| 55 | part_list = {} |
| Simon Glass | e9f4d87 | 2018-12-27 08:11:13 -0700 | [diff] [blame] | 56 | cur_partname = '' |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 57 | |
| 58 | for line in part_lines: |
| Simon Glass | e9f4d87 | 2018-12-27 08:11:13 -0700 | [diff] [blame] | 59 | if '"' in line: |
| 60 | start_pt = line.find('"') |
| 61 | end_pt = line.find('"', start_pt + 1) |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 62 | cur_partname = line[start_pt + 1: end_pt] |
| 63 | |
| Simon Glass | e9f4d87 | 2018-12-27 08:11:13 -0700 | [diff] [blame] | 64 | if 'guid:' in line: |
| 65 | guid_to_check = line.split('guid:\t') |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 66 | part_list[cur_partname] = guid_to_check[1] |
| 67 | |
| 68 | # lets check all guids with avb get_guid |
| Simon Glass | f799076 | 2022-02-11 13:23:23 -0700 | [diff] [blame] | 69 | for part, guid in part_list.items(): |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 70 | avb_guid_resp = u_boot_console.run_command('avb get_uuid %s' % part) |
| Simon Glass | e9f4d87 | 2018-12-27 08:11:13 -0700 | [diff] [blame] | 71 | assert guid == avb_guid_resp.split('UUID: ')[1] |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 72 | |
| 73 | |
| Tom Rini | 6c03ea1 | 2018-06-18 19:04:25 -0400 | [diff] [blame] | 74 | @pytest.mark.buildconfigspec('cmd_avb') |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 75 | def test_avb_read_rb(u_boot_console): |
| 76 | """Test reading rollback indexes |
| 77 | """ |
| 78 | |
| 79 | response = u_boot_console.run_command('avb init %s' % str(mmc_dev)) |
| 80 | assert response == '' |
| 81 | |
| 82 | response = u_boot_console.run_command('avb read_rb 1') |
| Jens Wiklander | 404dee1 | 2018-09-25 16:40:21 +0200 | [diff] [blame] | 83 | assert response == 'Rollback index: 0' |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 84 | |
| 85 | |
| Tom Rini | 6c03ea1 | 2018-06-18 19:04:25 -0400 | [diff] [blame] | 86 | @pytest.mark.buildconfigspec('cmd_avb') |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 87 | def test_avb_is_unlocked(u_boot_console): |
| 88 | """Test if device is in the unlocked state |
| 89 | """ |
| 90 | |
| 91 | response = u_boot_console.run_command('avb init %s' % str(mmc_dev)) |
| 92 | assert response == '' |
| 93 | |
| 94 | response = u_boot_console.run_command('avb is_unlocked') |
| Jens Wiklander | 404dee1 | 2018-09-25 16:40:21 +0200 | [diff] [blame] | 95 | assert response == 'Unlocked = 1' |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 96 | |
| 97 | |
| Tom Rini | 1ba0781 | 2019-10-24 11:59:18 -0400 | [diff] [blame] | 98 | @pytest.mark.buildconfigspec('cmd_avb') |
| 99 | @pytest.mark.buildconfigspec('cmd_mmc') |
| Simon Glass | 461b791 | 2023-01-06 08:52:19 -0600 | [diff] [blame] | 100 | @pytest.mark.notbuildconfigspec('sandbox') |
| Igor Opaniuk | a284632 | 2018-06-03 21:56:42 +0300 | [diff] [blame] | 101 | def test_avb_mmc_read(u_boot_console): |
| 102 | """Test mmc read operation |
| 103 | """ |
| 104 | |
| 105 | response = u_boot_console.run_command('mmc rescan; mmc dev %s 0' % |
| 106 | str(mmc_dev)) |
| 107 | assert response.find('is current device') |
| 108 | |
| 109 | response = u_boot_console.run_command('mmc read 0x%x 0x100 0x1' % temp_addr) |
| 110 | assert response.find('read: OK') |
| 111 | |
| 112 | response = u_boot_console.run_command('avb init %s' % str(mmc_dev)) |
| 113 | assert response == '' |
| 114 | |
| 115 | response = u_boot_console.run_command('avb read_part xloader 0 100 0x%x' % |
| 116 | temp_addr2) |
| 117 | assert response.find('Read 512 bytes') |
| 118 | |
| 119 | # Now lets compare two buffers |
| 120 | response = u_boot_console.run_command('cmp 0x%x 0x%x 40' % |
| 121 | (temp_addr, temp_addr2)) |
| 122 | assert response.find('64 word') |
| Igor Opaniuk | 78b0b9d | 2019-04-09 15:38:14 +0200 | [diff] [blame] | 123 | |
| 124 | |
| 125 | @pytest.mark.buildconfigspec('cmd_avb') |
| 126 | @pytest.mark.buildconfigspec('optee_ta_avb') |
| 127 | def test_avb_persistent_values(u_boot_console): |
| 128 | """Test reading/writing persistent storage to avb |
| 129 | """ |
| 130 | |
| 131 | response = u_boot_console.run_command('avb init %s' % str(mmc_dev)) |
| 132 | assert response == '' |
| 133 | |
| 134 | response = u_boot_console.run_command('avb write_pvalue test value_value') |
| 135 | assert response == 'Wrote 12 bytes' |
| 136 | |
| 137 | response = u_boot_console.run_command('avb read_pvalue test 12') |
| 138 | assert response == 'Read 12 bytes, value = value_value' |